On Sunday, February 13, 2011 03:38 AM, Natxo Asenjo wrote: > On Sat, Feb 12, 2011 at 2:09 PM, Christopher Chan > <christopher.chan at bradbury.edu.hk> wrote: >> On Saturday, February 12, 2011 09:02 PM, Natxo Asenjo wrote: > >>> Anyway, neither in windows nor in unix/linux you want to specify >>> permissions on a per user level. Always groups. If the user leaves the >>> company and the permissions are on a per user level you need to start >>> all over again. If on a per group level, just disable/remove the user >>> from the group and it keeps working for the rest of members. >> >> And what do you do when you have cases that a user needs access to these >> set of files/directories but not all the files/directories the group has >> access to? > > If you are in such a scenario, then you have not planned your folder > structure well enough :-) > > What do you do when you have thousands of users in your company? Do > you keep individual permissions or do you use group permissions? > > I know what I'd rather do, specially if I need to audit that folder > structure. > You are assuming that company structure is somehow sensible. Just saying that 'always groups' may not work everywhere.