70-290, properly answering access permission questions

I had a headache today after failing the exam with a 678 (missing only one or
two questions).

How are you supposed to answer permission access questions? should you
explicitely deny write permissions when a person is only allowed to read from
a file or folder, or should you just leave it blank and simply allow the read
permission?

I am a thorough person, when someone should only be allowed to read from a
file I prefer to deny him write permissions so that he doesn't get access if
he is moved into a group or inherits from a containing folder. What is the
proper approach?

I think these were the questions that killed me, I must have had about 7
questions like this. If I got them all wrong, then I know why I failed
today. Thank you for your assistance.

Jon
Thu Apr 07 12:26:58 CDT 2005

DENY HAS PRIORITY over Allow.
If all they need to do is read, then just give the read permission, (NTFS if
applicable)

You NEVER deny unless absolutely neccessary as it always powers over any
Allow permission....


"Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
> I had a headache today after failing the exam with a 678 (missing only one
or
> two questions).
>
> How are you supposed to answer permission access questions? should you
> explicitely deny write permissions when a person is only allowed to read
from
> a file or folder, or should you just leave it blank and simply allow the
read
> permission?
>
> I am a thorough person, when someone should only be allowed to read from a
> file I prefer to deny him write permissions so that he doesn't get access
if
> he is moved into a group or inherits from a containing folder. What is
the
> proper approach?
>
> I think these were the questions that killed me, I must have had about 7
> questions like this. If I got them all wrong, then I know why I failed
> today. Thank you for your assistance.
>
>

noob
Thu Apr 07 12:30:20 CDT 2005

I am preparing for this exam at the moment. What format
was the exam in and how do you know it was 2 questions,
are Microsoft now displaying itemised marks?
>-----Original Message-----
>I had a headache today after failing the exam with a 678
(missing only one or
>two questions).
>
>How are you supposed to answer permission access
questions? should you
>explicitely deny write permissions when a person is only
allowed to read from
>a file or folder, or should you just leave it blank and
simply allow the read
>permission?
>
>I am a thorough person, when someone should only be
allowed to read from a
>file I prefer to deny him write permissions so that he
doesn't get access if
>he is moved into a group or inherits from a containing
folder. What is the
>proper approach?
>
>I think these were the questions that killed me, I must
have had about 7
>questions like this. If I got them all wrong, then I
know why I failed
>today. Thank you for your assistance.
>
>
>.
>

Jon
Thu Apr 07 12:39:03 CDT 2005

He doesnt know its 2 questions. I think you took it too literal....

You basically assume the closer your score is to a passing score, the fewer
items you'd assume you got wrong. Just like if i said i got a 985 on my
70-271 (which is true), i'd assume i'd only missed 1 question

for the format, seek microsoft.com

As usual, multiple choice and variable # of simulations


"noob" <anonymous@discussions.microsoft.com> wrote in message
news:0d9601c53b97$78fc0550$a401280a@phx.gbl...
> I am preparing for this exam at the moment. What format
> was the exam in and how do you know it was 2 questions,
> are Microsoft now displaying itemised marks?
> >-----Original Message-----
> >I had a headache today after failing the exam with a 678
> (missing only one or
> >two questions).
> >
> >How are you supposed to answer permission access
> questions? should you
> >explicitely deny write permissions when a person is only
> allowed to read from
> >a file or folder, or should you just leave it blank and
> simply allow the read
> >permission?
> >
> >I am a thorough person, when someone should only be
> allowed to read from a
> >file I prefer to deny him write permissions so that he
> doesn't get access if
> >he is moved into a group or inherits from a containing
> folder. What is the
> >proper approach?
> >
> >I think these were the questions that killed me, I must
> have had about 7
> >questions like this. If I got them all wrong, then I
> know why I failed
> >today. Thank you for your assistance.
> >
> >
> >.
> >

Seshouan
Thu Apr 07 12:43:03 CDT 2005

I am quite aware about permissions, that wasn't my question. What I want to
know is what does the test want. So I'm looking for someone who took the
exam and did well, who could then let me know which approach he used.
Because, frankly, denying the perms works just fine for me, I don't see why
that would make a bad answer.

So did you take the exam? and do well on it?

Thanks

"Jon" wrote:

> DENY HAS PRIORITY over Allow.
> If all they need to do is read, then just give the read permission, (NTFS if
> applicable)
>
> You NEVER deny unless absolutely neccessary as it always powers over any
> Allow permission....
>
>
> "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
> > I had a headache today after failing the exam with a 678 (missing only one
> or
> > two questions).
> >
> > How are you supposed to answer permission access questions? should you
> > explicitely deny write permissions when a person is only allowed to read
> from
> > a file or folder, or should you just leave it blank and simply allow the
> read
> > permission?
> >
> > I am a thorough person, when someone should only be allowed to read from a
> > file I prefer to deny him write permissions so that he doesn't get access
> if
> > he is moved into a group or inherits from a containing folder. What is
> the
> > proper approach?
> >
> > I think these were the questions that killed me, I must have had about 7
> > questions like this. If I got them all wrong, then I know why I failed
> > today. Thank you for your assistance.
> >
> >
>
>
>
>

Seshouan
Thu Apr 07 12:51:03 CDT 2005

The exam consists of multiple choices, some combined choices, and about 10
simulations (where you click on things, move things around, ...).

I don't know what you mean by 2 questions. I said that I had about 7
questions related to permissions, and that I may have gotten them wrong by
choosing to deny write permissions.

"noob" wrote:

> I am preparing for this exam at the moment. What format
> was the exam in and how do you know it was 2 questions,
> are Microsoft now displaying itemised marks?
> >-----Original Message-----
> >I had a headache today after failing the exam with a 678
> (missing only one or
> >two questions).
> >
> >How are you supposed to answer permission access
> questions? should you
> >explicitely deny write permissions when a person is only
> allowed to read from
> >a file or folder, or should you just leave it blank and
> simply allow the read
> >permission?
> >
> >I am a thorough person, when someone should only be
> allowed to read from a
> >file I prefer to deny him write permissions so that he
> doesn't get access if
> >he is moved into a group or inherits from a containing
> folder. What is the
> >proper approach?
> >
> >I think these were the questions that killed me, I must
> have had about 7
> >questions like this. If I got them all wrong, then I
> know why I failed
> >today. Thank you for your assistance.
> >
> >
> >.
> >
>

Jon
Thu Apr 07 13:04:37 CDT 2005

I got a 900 on it when i took it.
As i was always told, dont do the unneccessary, do just enough to get the
job done.

Prime example... a user needs to install sofware, but is only a local user
to the machine. Of course adding them to the adminstrators group would get
the job done, but its unneccsary positions. You could simply put them in
Power users to allow software additions, but not the full power of Admins

Do only what you need to get the job done. If the user only needs read,
only give read. Theres no point in denying them if all they can do in the
first palce is read....


"Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
news:355FE129-64AA-4080-9BDB-D977A48DB106@microsoft.com...
> I am quite aware about permissions, that wasn't my question. What I want
to
> know is what does the test want. So I'm looking for someone who took the
> exam and did well, who could then let me know which approach he used.
> Because, frankly, denying the perms works just fine for me, I don't see
why
> that would make a bad answer.
>
> So did you take the exam? and do well on it?
>
> Thanks
>
> "Jon" wrote:
>
> > DENY HAS PRIORITY over Allow.
> > If all they need to do is read, then just give the read permission,
(NTFS if
> > applicable)
> >
> > You NEVER deny unless absolutely neccessary as it always powers over any
> > Allow permission....
> >
> >
> > "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> > news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
> > > I had a headache today after failing the exam with a 678 (missing only
one
> > or
> > > two questions).
> > >
> > > How are you supposed to answer permission access questions? should
you
> > > explicitely deny write permissions when a person is only allowed to
read
> > from
> > > a file or folder, or should you just leave it blank and simply allow
the
> > read
> > > permission?
> > >
> > > I am a thorough person, when someone should only be allowed to read
from a
> > > file I prefer to deny him write permissions so that he doesn't get
access
> > if
> > > he is moved into a group or inherits from a containing folder. What
is
> > the
> > > proper approach?
> > >
> > > I think these were the questions that killed me, I must have had about
7
> > > questions like this. If I got them all wrong, then I know why I
failed
> > > today. Thank you for your assistance.
> > >
> > >
> >
> >
> >
> >

Steven
Thu Apr 07 13:13:53 CDT 2005

I agree with you that you should refrain from using deny permissions
wherever possible as no permission is an implicit deny. Just keep in mind
that an explicit allow will override an inherited deny permission. ---
Steve


"Jon" <j@j.com> wrote in message
news:C3e5e.464$qF5.460@fe48.usenetserver.com...
> DENY HAS PRIORITY over Allow.
> If all they need to do is read, then just give the read permission, (NTFS
> if
> applicable)
>
> You NEVER deny unless absolutely neccessary as it always powers over any
> Allow permission....
>
>
> "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
>> I had a headache today after failing the exam with a 678 (missing only
>> one
> or
>> two questions).
>>
>> How are you supposed to answer permission access questions? should you
>> explicitely deny write permissions when a person is only allowed to read
> from
>> a file or folder, or should you just leave it blank and simply allow the
> read
>> permission?
>>
>> I am a thorough person, when someone should only be allowed to read from
>> a
>> file I prefer to deny him write permissions so that he doesn't get access
> if
>> he is moved into a group or inherits from a containing folder. What is
> the
>> proper approach?
>>
>> I think these were the questions that killed me, I must have had about 7
>> questions like this. If I got them all wrong, then I know why I failed
>> today. Thank you for your assistance.
>>
>>
>
>
>

Jon
Thu Apr 07 13:13:37 CDT 2005

Yes explicit allow as opposed to implicit allow...

Boy this terminogy is a beyotch, lol

"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:e6FrL05OFHA.3408@TK2MSFTNGP14.phx.gbl...
> I agree with you that you should refrain from using deny permissions
> wherever possible as no permission is an implicit deny. Just keep in mind
> that an explicit allow will override an inherited deny permission. ---
> Steve
>
>
> "Jon" <j@j.com> wrote in message
> news:C3e5e.464$qF5.460@fe48.usenetserver.com...
> > DENY HAS PRIORITY over Allow.
> > If all they need to do is read, then just give the read permission,
(NTFS
> > if
> > applicable)
> >
> > You NEVER deny unless absolutely neccessary as it always powers over any
> > Allow permission....
> >
> >
> > "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> > news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
> >> I had a headache today after failing the exam with a 678 (missing only
> >> one
> > or
> >> two questions).
> >>
> >> How are you supposed to answer permission access questions? should you
> >> explicitely deny write permissions when a person is only allowed to
read
> > from
> >> a file or folder, or should you just leave it blank and simply allow
the
> > read
> >> permission?
> >>
> >> I am a thorough person, when someone should only be allowed to read
from
> >> a
> >> file I prefer to deny him write permissions so that he doesn't get
access
> > if
> >> he is moved into a group or inherits from a containing folder. What is
> > the
> >> proper approach?
> >>
> >> I think these were the questions that killed me, I must have had about
7
> >> questions like this. If I got them all wrong, then I know why I failed
> >> today. Thank you for your assistance.
> >>
> >>
> >
> >
> >
>
>

Seshouan
Thu Apr 07 13:31:07 CDT 2005

ok, I'll use your advice when I retake the exam. I understand your point of
view, but I wouldn't compare setting deny permissions to putting users in the
admin group. Setting deny permissions doesn't have undesired effects. I can
understand that some would preffer not having them, but it's just my style to
be as secure consciencious as possible. I really think that they should
review these questions, because both approaches will do the job without
causing any unwanted sideeffects. Also, take into account that I am venting
for having failed by only one question, and I had about 7 permission related
questions that I know I answered in my fashion of administration
(aaaarghh!!!). I can't believe it!!!

Thanks for the tips.

Cheers,



"Jon" wrote:

> I got a 900 on it when i took it.
> As i was always told, dont do the unneccessary, do just enough to get the
> job done.
>
> Prime example... a user needs to install sofware, but is only a local user
> to the machine. Of course adding them to the adminstrators group would get
> the job done, but its unneccsary positions. You could simply put them in
> Power users to allow software additions, but not the full power of Admins
>
> Do only what you need to get the job done. If the user only needs read,
> only give read. Theres no point in denying them if all they can do in the
> first palce is read....
>
>
> "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> news:355FE129-64AA-4080-9BDB-D977A48DB106@microsoft.com...
> > I am quite aware about permissions, that wasn't my question. What I want
> to
> > know is what does the test want. So I'm looking for someone who took the
> > exam and did well, who could then let me know which approach he used.
> > Because, frankly, denying the perms works just fine for me, I don't see
> why
> > that would make a bad answer.
> >
> > So did you take the exam? and do well on it?
> >
> > Thanks
> >
> > "Jon" wrote:
> >
> > > DENY HAS PRIORITY over Allow.
> > > If all they need to do is read, then just give the read permission,
> (NTFS if
> > > applicable)
> > >
> > > You NEVER deny unless absolutely neccessary as it always powers over any
> > > Allow permission....
> > >
> > >
> > > "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> > > news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
> > > > I had a headache today after failing the exam with a 678 (missing only
> one
> > > or
> > > > two questions).
> > > >
> > > > How are you supposed to answer permission access questions? should
> you
> > > > explicitely deny write permissions when a person is only allowed to
> read
> > > from
> > > > a file or folder, or should you just leave it blank and simply allow
> the
> > > read
> > > > permission?
> > > >
> > > > I am a thorough person, when someone should only be allowed to read
> from a
> > > > file I prefer to deny him write permissions so that he doesn't get
> access
> > > if
> > > > he is moved into a group or inherits from a containing folder. What
> is
> > > the
> > > > proper approach?
> > > >
> > > > I think these were the questions that killed me, I must have had about
> 7
> > > > questions like this. If I got them all wrong, then I know why I
> failed
> > > > today. Thank you for your assistance.
> > > >
> > > >
> > >
> > >
> > >
> > >
>
>
>
>

Jon
Thu Apr 07 13:47:11 CDT 2005

Trust me, i know the paining a failing by only 1 question or so
BUT TRY ONE POINT

I got 699 on the 70-291!!! Talked about someone pissed....

"Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
news:89C4D880-3B41-4B73-B94F-E6FCF23F3A8F@microsoft.com...
> ok, I'll use your advice when I retake the exam. I understand your point
of
> view, but I wouldn't compare setting deny permissions to putting users in
the
> admin group. Setting deny permissions doesn't have undesired effects. I
can
> understand that some would preffer not having them, but it's just my style
to
> be as secure consciencious as possible. I really think that they should
> review these questions, because both approaches will do the job without
> causing any unwanted sideeffects. Also, take into account that I am
venting
> for having failed by only one question, and I had about 7 permission
related
> questions that I know I answered in my fashion of administration
> (aaaarghh!!!). I can't believe it!!!
>
> Thanks for the tips.
>
> Cheers,
>
>
>
> "Jon" wrote:
>
> > I got a 900 on it when i took it.
> > As i was always told, dont do the unneccessary, do just enough to get
the
> > job done.
> >
> > Prime example... a user needs to install sofware, but is only a local
user
> > to the machine. Of course adding them to the adminstrators group would
get
> > the job done, but its unneccsary positions. You could simply put them
in
> > Power users to allow software additions, but not the full power of
Admins
> >
> > Do only what you need to get the job done. If the user only needs read,
> > only give read. Theres no point in denying them if all they can do in
the
> > first palce is read....
> >
> >
> > "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> > news:355FE129-64AA-4080-9BDB-D977A48DB106@microsoft.com...
> > > I am quite aware about permissions, that wasn't my question. What I
want
> > to
> > > know is what does the test want. So I'm looking for someone who took
the
> > > exam and did well, who could then let me know which approach he used.
> > > Because, frankly, denying the perms works just fine for me, I don't
see
> > why
> > > that would make a bad answer.
> > >
> > > So did you take the exam? and do well on it?
> > >
> > > Thanks
> > >
> > > "Jon" wrote:
> > >
> > > > DENY HAS PRIORITY over Allow.
> > > > If all they need to do is read, then just give the read permission,
> > (NTFS if
> > > > applicable)
> > > >
> > > > You NEVER deny unless absolutely neccessary as it always powers over
any
> > > > Allow permission....
> > > >
> > > >
> > > > "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> > > > news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
> > > > > I had a headache today after failing the exam with a 678 (missing
only
> > one
> > > > or
> > > > > two questions).
> > > > >
> > > > > How are you supposed to answer permission access questions?
should
> > you
> > > > > explicitely deny write permissions when a person is only allowed
to
> > read
> > > > from
> > > > > a file or folder, or should you just leave it blank and simply
allow
> > the
> > > > read
> > > > > permission?
> > > > >
> > > > > I am a thorough person, when someone should only be allowed to
read
> > from a
> > > > > file I prefer to deny him write permissions so that he doesn't get
> > access
> > > > if
> > > > > he is moved into a group or inherits from a containing folder.
What
> > is
> > > > the
> > > > > proper approach?
> > > > >
> > > > > I think these were the questions that killed me, I must have had
about
> > 7
> > > > > questions like this. If I got them all wrong, then I know why I
> > failed
> > > > > today. Thank you for your assistance.
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > >
> >
> >
> >
> >

Seshouan
Thu Apr 07 15:21:01 CDT 2005

Once again, folks, I am very aware of what permissions are and what they do.
I just needed some input on how the exam wanted us to apply them. Because
either way it works and doesn't involve any unwanted sideeffects, and I don't
see it as wrong or impractical because that's the way I've been doing it for
ever.

By the way, Steven, an explicit allow doesn't override an inherited deny,
nothing overrides a deny. You'll need to do some reviewing


"Steven L Umbach" wrote:

> I agree with you that you should refrain from using deny permissions
> wherever possible as no permission is an implicit deny. Just keep in mind
> that an explicit allow will override an inherited deny permission. ---
> Steve
>
>
> "Jon" <j@j.com> wrote in message
> news:C3e5e.464$qF5.460@fe48.usenetserver.com...
> > DENY HAS PRIORITY over Allow.
> > If all they need to do is read, then just give the read permission, (NTFS
> > if
> > applicable)
> >
> > You NEVER deny unless absolutely neccessary as it always powers over any
> > Allow permission....
> >
> >
> > "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> > news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
> >> I had a headache today after failing the exam with a 678 (missing only
> >> one
> > or
> >> two questions).
> >>
> >> How are you supposed to answer permission access questions? should you
> >> explicitely deny write permissions when a person is only allowed to read
> > from
> >> a file or folder, or should you just leave it blank and simply allow the
> > read
> >> permission?
> >>
> >> I am a thorough person, when someone should only be allowed to read from
> >> a
> >> file I prefer to deny him write permissions so that he doesn't get access
> > if
> >> he is moved into a group or inherits from a containing folder. What is
> > the
> >> proper approach?
> >>
> >> I think these were the questions that killed me, I must have had about 7
> >> questions like this. If I got them all wrong, then I know why I failed
> >> today. Thank you for your assistance.
> >>
> >>
> >
> >
> >
>
>
>

catwalker63
Thu Apr 07 18:24:20 CDT 2005

"=?Utf-8?B?U2VzaG91YW4=?=" <Seshouan@discussions.microsoft.com> prattled
ceaslessly in news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com:

> How are you supposed to answer permission access questions? should
> you explicitely deny write permissions when a person is only allowed
> to read from a file or folder, or should you just leave it blank and
> simply allow the read permission?
>
> I am a thorough person, when someone should only be allowed to read
> from a file I prefer to deny him write permissions so that he doesn't
> get access if he is moved into a group or inherits from a containing
> folder. What is the proper approach?

The recommendation is that you allow only the permissions the person
needs to do their job and avoid explicit deny permissions. Deny is for
when you haven't planned your group structure properly and have to
explicitly deny permissions for a specific user that they are allowed
through group membership. In the real world you should never have to use
it if you plan your group structure properly. If you don't allow a
permission you never have to deny it. Most of the time I set up the
share permissions to be open and then use ntfs permissions to allow only
the level of access I want the users/groups to have and I think that's
the way most people do it. The exam has convoluted permisssion scenarios
to test your understanding of the way share and ntfs permissions work
together, not as an example of what you should really do.

As for the questions on the exam, the best way to answer them is to
create a table with the ntfs (file and folder) permissions in one column
and the share permissions in the other. Fill in the permissions
specified for the user and for each group the user is a member of in the
appropriate columns. Determine the effective permissions for ntfs by
adding all the permissions together -- the effective permission is the
least restrictive. The same is true for share permissions. Then you
compare the share and the ntfs permissions and the effective permissions
for the user are the combined, most restrictive permissions of share and
ntfs. If there are any deny permissions, they override any allowed
permissions. Your best bet to really nail this home is to set up some
shares and users and try different combinations of permissions on a
server or professional machine. You can use practice exam scenarios. I
remember really struggling with this when I first started using NT until
I actually tried it.

--
Catwalker
aka Pu$$y Feet
BS, MCP, MCSA
MCNGP #43
www.mcngp.com
faq.mcngp.com

?If man could be crossed with the cat, it would improve man, but it would
deteriorate the cat.? Mark Twain

blastingfonda
Thu Apr 07 18:37:05 CDT 2005


Seshouan wrote:
> Once again, folks, I am very aware of what permissions are and what
they do.
> I just needed some input on how the exam wanted us to apply them.
Because
> either way it works and doesn't involve any unwanted sideeffects, and
I don't
> see it as wrong or impractical because that's the way I've been doing
it for
> ever.
>
> By the way, Steven, an explicit allow doesn't override an inherited
deny,
> nothing overrides a deny. You'll need to do some reviewing

I can see why you got a 678. He was absolutely right - an explicit
Allow DOES override an inheritted Deny.

All explicit permissions override implicit permissions, regardless of
what they are.

Nothing overrides an EXPLICIT Deny. And that rule really only makes
sense when you're discussing a user who belongs to multiple groups - if
they have a Deny permission from one group, that overrides all Allows
from any other group(s).

Furthermore, you were also off in stating that no bad could come from
issuing Denys. In fact, it is generally regarded as poor practice to
hand out Deny permissions in every situation. It complicates the
permissions tree in general and makes it more difficult to troubleshoot
permissions headaches down the road. This from the MS Press Book:
Managing and Maintaining a Windows Server 2003 Environment, page
Chapter 6, Lesson 2, Page 21:

"Note: Best practice dictates that you minimize the use of Deny
permissions and focus instead on allowing the minimal resources
permissions required to achieve the business task. Deny permissions add
a level of complexity to the administration of ACLs, and should be used
only where absolutely necessary to exclude access to a user who has
been granted permissions to the resource through other group
memberships."

Now, my suggestion to you -- since you don't seem keen on hearing the
CORRECT way permissions operate from others, is that you go see for
yourself. Fire up a Win 2k3 Server box, create a test user and assign
him Deny permissions at the folder level and explicit Allow permissions
to files within the folder.

Then come back here and tell us what you've learned.

JaR
Thu Apr 07 19:00:46 CDT 2005

In microsoft.public.cert.exam.mcse, blastingfonda climbed on a soapbox &
opined:

> Now, my suggestion to you -- since you don't seem keen on hearing the
> CORRECT way permissions operate from others, is that you go see for
> yourself. Fire up a Win 2k3 Server box, create a test user and assign
> him Deny permissions at the folder level and explicit Allow permissions
> to files within the folder.
>

*What!*

But that would require actually using the software!

HeeHee

--
JaR
Thug 10110
Click on MCNGP.com and learn other amusing facts!

catwalker63
Thu Apr 07 20:06:28 CDT 2005

"=?Utf-8?B?U2VzaG91YW4=?=" <Seshouan@discussions.microsoft.com> prattled
ceaslessly in news:812D971A-3927-46A2-B960-64D956488A7D@microsoft.com:

> The exam consists of multiple choices, some combined choices, and
> about 10 simulations (where you click on things, move things around,
> ...).
>
> I don't know what you mean by 2 questions. I said that I had about 7
> questions related to permissions, and that I may have gotten them
> wrong by choosing to deny write permissions.
>

Bottom line is that what we are telling you about deny permissions is the
way MS will test you. Whatever crazy ideas you use in real-world
practice are irrelevant to the test. If you are advocating deny
permissions on the exam, you will be wrong on the exam. If you are
trying to figure out what the effective permissions are, you will assume
deny overrides allow except when the deny is inherited and the allow is
explicit. Which explains how deny can make the confusion of permissions
even more confusing.

--
Catwalker
aka Pu$$y Feet
BS, MCP, MCSA
MCNGP #43
www.mcngp.com
faq.mcngp.com

?If man could be crossed with the cat, it would improve man, but it would
deteriorate the cat.? Mark Twain

catwalker63
Thu Apr 07 20:15:29 CDT 2005

JaR <plente@spamsuxsofthome.net> prattled ceaslessly in
news:Xns9631AD129FC98plentespamsuxsofthom@207.46.248.16:

> In microsoft.public.cert.exam.mcse, blastingfonda climbed on a soapbox
> & opined:
>
>> Now, my suggestion to you -- since you don't seem keen on hearing the
>> CORRECT way permissions operate from others, is that you go see for
>> yourself. Fire up a Win 2k3 Server box, create a test user and assign
>> him Deny permissions at the folder level and explicit Allow
>> permissions to files within the folder.
>>
>
> *What!*
>
> But that would require actually using the software!
>
> HeeHee
>

That's just crazy talk!

--
Catwalker
aka Pu$$y Feet
BS, MCP, MCSA
MCNGP #43
www.mcngp.com
faq.mcngp.com

?If man could be crossed with the cat, it would improve man, but it
would deteriorate the cat.? Mark Twain

Seshouan
Thu Apr 07 21:01:02 CDT 2005

Thanks for the tips catwalker, I'll make use of them.

"catwalker63" wrote:

> "=?Utf-8?B?U2VzaG91YW4=?=" <Seshouan@discussions.microsoft.com> prattled
> ceaslessly in news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com:
>
> > How are you supposed to answer permission access questions? should
> > you explicitely deny write permissions when a person is only allowed
> > to read from a file or folder, or should you just leave it blank and
> > simply allow the read permission?
> >
> > I am a thorough person, when someone should only be allowed to read
> > from a file I prefer to deny him write permissions so that he doesn't
> > get access if he is moved into a group or inherits from a containing
> > folder. What is the proper approach?
>
> The recommendation is that you allow only the permissions the person
> needs to do their job and avoid explicit deny permissions. Deny is for
> when you haven't planned your group structure properly and have to
> explicitly deny permissions for a specific user that they are allowed
> through group membership. In the real world you should never have to use
> it if you plan your group structure properly. If you don't allow a
> permission you never have to deny it. Most of the time I set up the
> share permissions to be open and then use ntfs permissions to allow only
> the level of access I want the users/groups to have and I think that's
> the way most people do it. The exam has convoluted permisssion scenarios
> to test your understanding of the way share and ntfs permissions work
> together, not as an example of what you should really do.
>
> As for the questions on the exam, the best way to answer them is to
> create a table with the ntfs (file and folder) permissions in one column
> and the share permissions in the other. Fill in the permissions
> specified for the user and for each group the user is a member of in the
> appropriate columns. Determine the effective permissions for ntfs by
> adding all the permissions together -- the effective permission is the
> least restrictive. The same is true for share permissions. Then you
> compare the share and the ntfs permissions and the effective permissions
> for the user are the combined, most restrictive permissions of share and
> ntfs. If there are any deny permissions, they override any allowed
> permissions. Your best bet to really nail this home is to set up some
> shares and users and try different combinations of permissions on a
> server or professional machine. You can use practice exam scenarios. I
> remember really struggling with this when I first started using NT until
> I actually tried it.
>
> --
> Catwalker
> aka Pu$$y Feet
> BS, MCP, MCSA
> MCNGP #43
> www.mcngp.com
> faq.mcngp.com
>
> â??If man could be crossed with the cat, it would improve man, but it would
> deteriorate the cat.â?? Mark Twain
>

Seshouan
Thu Apr 07 21:09:03 CDT 2005

You're a morron JaR, and the worse kind, for you're proud of it

"JaR" wrote:

> In microsoft.public.cert.exam.mcse, blastingfonda climbed on a soapbox &
> opined:
>
> > Now, my suggestion to you -- since you don't seem keen on hearing the
> > CORRECT way permissions operate from others, is that you go see for
> > yourself. Fire up a Win 2k3 Server box, create a test user and assign
> > him Deny permissions at the folder level and explicit Allow permissions
> > to files within the folder.
> >
>
> *What!*
>
> But that would require actually using the software!
>
> HeeHee
>
> --
> JaR
> Thug 10110
> Click on MCNGP.com and learn other amusing facts!
>

catwalker63
Thu Apr 07 21:39:32 CDT 2005

"=?Utf-8?B?U2VzaG91YW4=?=" <Seshouan@discussions.microsoft.com> prattled
ceaslessly in news:1FDEB87C-232E-4CA3-9DAC-BA12474EDB63@microsoft.com:

> You're a morron JaR, and the worse kind, for you're proud of it
>

That's maroon to you fella!

--
Catwalker
aka Pu$$y Feet
BS, MCP, MCSA
MCNGP #43
www.mcngp.com
faq.mcngp.com
"If man could be crossed with the cat, it would improve man, but it would
deteriorate the cat." Mark Twain

blastingfonda
Thu Apr 07 22:06:30 CDT 2005

Seshouan wrote:
> You're a morron JaR, and the worse kind, for you're proud of it

Maybe, but I think he's at least passed the 70-290. ;-)

Jon
Fri Apr 08 05:29:08 CDT 2005

Like i said

DENY POWERS ALL

"Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
news:7E537CE2-02BA-4C53-82E9-909A72307F29@microsoft.com...
> Once again, folks, I am very aware of what permissions are and what they
do.
> I just needed some input on how the exam wanted us to apply them. Because
> either way it works and doesn't involve any unwanted sideeffects, and I
don't
> see it as wrong or impractical because that's the way I've been doing it
for
> ever.
>
> By the way, Steven, an explicit allow doesn't override an inherited deny,
> nothing overrides a deny. You'll need to do some reviewing
>
>
> "Steven L Umbach" wrote:
>
> > I agree with you that you should refrain from using deny permissions
> > wherever possible as no permission is an implicit deny. Just keep in
mind
> > that an explicit allow will override an inherited deny permission. ---
> > Steve
> >
> >
> > "Jon" <j@j.com> wrote in message
> > news:C3e5e.464$qF5.460@fe48.usenetserver.com...
> > > DENY HAS PRIORITY over Allow.
> > > If all they need to do is read, then just give the read permission,
(NTFS
> > > if
> > > applicable)
> > >
> > > You NEVER deny unless absolutely neccessary as it always powers over
any
> > > Allow permission....
> > >
> > >
> > > "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
> > > news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
> > >> I had a headache today after failing the exam with a 678 (missing
only
> > >> one
> > > or
> > >> two questions).
> > >>
> > >> How are you supposed to answer permission access questions? should
you
> > >> explicitely deny write permissions when a person is only allowed to
read
> > > from
> > >> a file or folder, or should you just leave it blank and simply allow
the
> > > read
> > >> permission?
> > >>
> > >> I am a thorough person, when someone should only be allowed to read
from
> > >> a
> > >> file I prefer to deny him write permissions so that he doesn't get
access
> > > if
> > >> he is moved into a group or inherits from a containing folder. What
is
> > > the
> > >> proper approach?
> > >>
> > >> I think these were the questions that killed me, I must have had
about 7
> > >> questions like this. If I got them all wrong, then I know why I
failed
> > >> today. Thank you for your assistance.
> > >>
> > >>
> > >
> > >
> > >
> >
> >
> >

Jon
Fri Apr 08 05:29:40 CDT 2005

Explicity
"blastingfonda" <blastingfonda@gmail.com> wrote in message
news:1112917025.365519.248220@z14g2000cwz.googlegroups.com...
>
> Seshouan wrote:
> > Once again, folks, I am very aware of what permissions are and what
> they do.
> > I just needed some input on how the exam wanted us to apply them.
> Because
> > either way it works and doesn't involve any unwanted sideeffects, and
> I don't
> > see it as wrong or impractical because that's the way I've been doing
> it for
> > ever.
> >
> > By the way, Steven, an explicit allow doesn't override an inherited
> deny,
> > nothing overrides a deny. You'll need to do some reviewing
>
> I can see why you got a 678. He was absolutely right - an explicit
> Allow DOES override an inheritted Deny.
>
> All explicit permissions override implicit permissions, regardless of
> what they are.
>
> Nothing overrides an EXPLICIT Deny. And that rule really only makes
> sense when you're discussing a user who belongs to multiple groups - if
> they have a Deny permission from one group, that overrides all Allows
> from any other group(s).
>
> Furthermore, you were also off in stating that no bad could come from
> issuing Denys. In fact, it is generally regarded as poor practice to
> hand out Deny permissions in every situation. It complicates the
> permissions tree in general and makes it more difficult to troubleshoot
> permissions headaches down the road. This from the MS Press Book:
> Managing and Maintaining a Windows Server 2003 Environment, page
> Chapter 6, Lesson 2, Page 21:
>
> "Note: Best practice dictates that you minimize the use of Deny
> permissions and focus instead on allowing the minimal resources
> permissions required to achieve the business task. Deny permissions add
> a level of complexity to the administration of ACLs, and should be used
> only where absolutely necessary to exclude access to a user who has
> been granted permissions to the resource through other group
> memberships."
>
> Now, my suggestion to you -- since you don't seem keen on hearing the
> CORRECT way permissions operate from others, is that you go see for
> yourself. Fire up a Win 2k3 Server box, create a test user and assign
> him Deny permissions at the folder level and explicit Allow permissions
> to files within the folder.
>
> Then come back here and tell us what you've learned.
>

Jon
Fri Apr 08 05:31:48 CDT 2005

No one's a moron,
Seshouan, you just need to realize you don't issue deny unless it
neccessary, i was always told MINIMIZE PERMISSION ISSUED

and someone else once said "If you remove a permission and it has no effect
on their overall permission, then it is unneccessary...."
"blastingfonda" <blastingfonda@gmail.com> wrote in message
news:1112929590.025446.23680@g14g2000cwa.googlegroups.com...
> Seshouan wrote:
> > You're a morron JaR, and the worse kind, for you're proud of it
>
> Maybe, but I think he's at least passed the 70-290. ;-)
>

JaR
Fri Apr 08 10:22:20 CDT 2005

In microsoft.public.cert.exam.mcse, =?Utf-8?B?U2VzaG91YW4=?= climbed on a
soapbox & opined:

> You're a morron JaR, and the worse kind, for you're proud of it
>

Out-freaking-standing! A goofball shows up in here looking for advice,
won't listen when it's given, argues with those who would try to help it,
and then calls someone else a moron! If you take bf's advice and play
with permissions a while, see how they work, it will make total sense to
you very quickly. Like a lot of this stuff, if you simply read the book
and take a couple of practice exams, you never really understand the
concepts. Set the damn things up a few times, break them, fix them, then
blow it all away and re-do it differently, lather, rinse, repeat and the
next thing you know it just makes sense.

But no, you just go ahead and do it your way.

ROFL! Thanks, you just made my day, fsckwit.

Oh, and that's *Mister* Moron to you!

--
JaR
Thug 10110
Click on MCNGP.com when you're tired of all the bs!

Steven
Fri Apr 08 10:23:57 CDT 2005

In Windows 2000/XP Pro/2003 an explicit allow does indeed override and
inherited deny. This behavior was changed from Windows NT4.0. Try it
yourself and you will see. This is explained in the Microsoft Press book for
the 70-298 exam - designing security in chapter 9 page 12 and in the links
below. Maybe this is not something covered in the core exams. I don't know
as I took the upgrade exams. I guess you need to do some reviewing and
practicing.. --- Steve

http://www.pcguide.com/ref/hdd/file/ntfs/secRes-c.html
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/005ea897-f26f-4223-9af6-49540a945102.mspx

Notes

. Inherited Deny permissions do not prevent access to an object if the
object has an explicit Allow permission entry.

. Explicit permissions take precedence over inherited permissions,
even inherited Deny permissions.


For more information on inherited permissions, see How inheritance affects
file and folder permissions.



"Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
news:7E537CE2-02BA-4C53-82E9-909A72307F29@microsoft.com...
> Once again, folks, I am very aware of what permissions are and what they
> do.
> I just needed some input on how the exam wanted us to apply them. Because
> either way it works and doesn't involve any unwanted sideeffects, and I
> don't
> see it as wrong or impractical because that's the way I've been doing it
> for
> ever.
>
> By the way, Steven, an explicit allow doesn't override an inherited deny,
> nothing overrides a deny. You'll need to do some reviewing
>
>
> "Steven L Umbach" wrote:
>
>> I agree with you that you should refrain from using deny permissions
>> wherever possible as no permission is an implicit deny. Just keep in mind
>> that an explicit allow will override an inherited deny permission. ---
>> Steve
>>
>>
>> "Jon" <j@j.com> wrote in message
>> news:C3e5e.464$qF5.460@fe48.usenetserver.com...
>> > DENY HAS PRIORITY over Allow.
>> > If all they need to do is read, then just give the read permission,
>> > (NTFS
>> > if
>> > applicable)
>> >
>> > You NEVER deny unless absolutely neccessary as it always powers over
>> > any
>> > Allow permission....
>> >
>> >
>> > "Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
>> > news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
>> >> I had a headache today after failing the exam with a 678 (missing only
>> >> one
>> > or
>> >> two questions).
>> >>
>> >> How are you supposed to answer permission access questions? should
>> >> you
>> >> explicitely deny write permissions when a person is only allowed to
>> >> read
>> > from
>> >> a file or folder, or should you just leave it blank and simply allow
>> >> the
>> > read
>> >> permission?
>> >>
>> >> I am a thorough person, when someone should only be allowed to read
>> >> from
>> >> a
>> >> file I prefer to deny him write permissions so that he doesn't get
>> >> access
>> > if
>> >> he is moved into a group or inherits from a containing folder. What
>> >> is
>> > the
>> >> proper approach?
>> >>
>> >> I think these were the questions that killed me, I must have had about
>> >> 7
>> >> questions like this. If I got them all wrong, then I know why I
>> >> failed
>> >> today. Thank you for your assistance.
>> >>
>> >>
>> >
>> >
>> >
>>
>>
>>

Neil
Fri Apr 08 15:05:22 CDT 2005

did you hear "Jon" <j@j.com> say in news:U1t5e.18761$AL1.2646
@fe54.usenetserver.com:

> DENY POWERS ALL

maybe this is why my walkman isn't working. huh, I thought I needed
batteries...

--
Neil MCNGP#30

- Why do scientists call it research when looking for something new?

SJ
Fri Apr 08 17:11:19 CDT 2005

Seshouan how did you study for this?

"Seshouan" <Seshouan@discussions.microsoft.com> wrote in message
news:3864CE16-1E6C-4F5A-A125-6A8976E2A875@microsoft.com...
>I had a headache today after failing the exam with a 678 (missing only one
>or
> two questions).
>
> How are you supposed to answer permission access questions? should you
> explicitely deny write permissions when a person is only allowed to read
> from
> a file or folder, or should you just leave it blank and simply allow the
> read
> permission?
>
> I am a thorough person, when someone should only be allowed to read from a
> file I prefer to deny him write permissions so that he doesn't get access
> if
> he is moved into a group or inherits from a containing folder. What is
> the
> proper approach?
>
> I think these were the questions that killed me, I must have had about 7
> questions like this. If I got them all wrong, then I know why I failed
> today. Thank you for your assistance.
>
>

billLASTINIT
Mon Apr 11 07:24:49 CDT 2005

SJ wrote:
> Seshouan how did you study for this?

What is this "study" of which you speak?

Jon
Mon Apr 11 07:33:03 CDT 2005

LMAO

They dont sell DENY around my area, how about yours, LMAO

"Neil" <guess!!!@gmail.com> wrote in message
news:Xns9632A3A9C9E9Bneilmcsegmailcom@207.46.248.16...
> did you hear "Jon" <j@j.com> say in news:U1t5e.18761$AL1.2646
> @fe54.usenetserver.com:
>
> > DENY POWERS ALL
>
> maybe this is why my walkman isn't working. huh, I thought I needed
> batteries...
>
> --
> Neil MCNGP#30
>
> - Why do scientists call it research when looking for something new?

Neil
Mon Apr 11 07:46:14 CDT 2005

did you hear "Jon" <j@j.com> say in news:38u6e.7050$6o1.1894
@fe80.usenetserver.com:

> They dont sell DENY around my area, how about yours,

of course not or I would be listening to my tunes right now...

--
Neil MCNGP#30

- Programmers get overlaid.

kpg
Mon Apr 11 08:58:56 CDT 2005


> - Programmers get overlaid.

How many of today's programmers even know what
an overlay is?

kp "but it's true" g

billLASTINIT
Mon Apr 11 09:11:47 CDT 2005

kpg wrote:
>> - Programmers get overlaid.
>
> How many of today's programmers even know what
> an overlay is?
>
> kp "but it's true" g

I used overlays in my TSR's.

How many people even know what a TSR is anymore?

Briscobar
Mon Apr 11 09:16:31 CDT 2005

In news:uNE4nBqPFHA.508@TK2MSFTNGP12.phx.gbl,
Frisbee® <billLASTINIT@dasi-software.com> rambled:
> kpg wrote:
>>> - Programmers get overlaid.
>>
>> How many of today's programmers even know what
>> an overlay is?
>>
>> kp "but it's true" g
>
> I used overlays in my TSR's.
>
> How many people even know what a TSR is anymore?

We're using the new covers on all the TPS reports??????

--

KB - MCNGP "silent thug" #26

Briscobar AT gmail DOT com

www.mcngp.com has explored Antarctica. Nude.

Neil
Mon Apr 11 10:00:49 CDT 2005

did you hear "kpg" <ipost@thereforeiam.com> say in news:uRJ1S6pPFHA.576
@TK2MSFTNGP15.phx.gbl:

>
>> - Programmers get overlaid.
>
> How many of today's programmers even know what
> an overlay is?
>
> kp "but it's true" g
>

*raises hand*
though I'm not a programmer

--
Neil MCNGP#30

- A moderator should be moderate.....

Neil
Mon Apr 11 10:01:31 CDT 2005

did you hear Frisbee® <billLASTINIT@dasi-software.com> say in
news:uNE4nBqPFHA.508@TK2MSFTNGP12.phx.gbl:

> kpg wrote:
>>> - Programmers get overlaid.
>>
>> How many of today's programmers even know what
>> an overlay is?
>>
>> kp "but it's true" g
>
> I used overlays in my TSR's.
>
> How many people even know what a TSR is anymore?

*raises hand*
it's cuase I'm old (I've hit Doug Adam's number today)

--
Neil MCNGP#30

- The 4 Food Groups: Frozen, Instant, Take-out & Dominos!

Neil
Mon Apr 11 10:02:13 CDT 2005

did you hear "Briscobar" <youcant@sendmespam.com> say in
news:uY7r2DqPFHA.3292@TK2MSFTNGP12.phx.gbl:

> We're using the new covers on all the TPS reports??????
>

kids, probably thinks SideKick is Robin in the Batman cartoon

--
Neil MCNGP#30

- "I'm bored," he said lumberingly.

CBIC
Mon Apr 11 10:06:27 CDT 2005

> How many people even know what a TSR is anymore?

Turd Smelled Righteous?
Tommy Spoke Religiously?
Turtle Sank Remotely?
--
aka
Doom MCNGP #38
How in the hell did you get access to a computer?
Please do not be to sending email to spam.thisbiotch@gmail.com
I am to be thanking you muchly.

kpg
Mon Apr 11 10:08:26 CDT 2005


> kids, probably thinks SideKick is Robin in the Batman cartoon
>
> --

Remember DOS menu programs?

Everyone had their favorite. I guess that's one good thing
about Windows - standardization.

Briscobar
Mon Apr 11 10:09:59 CDT 2005

In news:Xns963570273BAADneilmcsegmailcom@207.46.248.16,
Neil <guess!!!@gmail.com> rambled:
>
> *raises hand*
> it's cuase I'm old (I've hit Doug Adam's number today)

Happy Birthday, gramps!

On another note:

http://www.planetmagrathea.com/shortreview.html

(it's been down a bit, so try this mirror:
http://mirrordot.org/stories/b8019cb81f6b3807c945fba1b07d0362/index.html)

Looks like the movie's gonna be awful. I think I'll probably see it, seeing
as I haven't actually gotten through the book. I've tried, but I always end
up abandoning it for one reason or another...but it sucks that the sucky
movie is going to suck.

--

KB - MCNGP "silent thug" #26

Briscobar AT gmail DOT com

www.mcngp.com worked as a stripper to pay for college.

kpg
Mon Apr 11 10:18:36 CDT 2005


> How many people even know what a TSR is anymore?

sure - you just hook the keyboard vector and end with a call
to function 31h of INT 21h

JaR
Mon Apr 11 10:44:14 CDT 2005

In microsoft.public.cert.exam.mcse, Neil climbed on a soapbox & opined:

> *raises hand*
> it's cuase I'm old (I've hit Doug Adam's number today)
>
> --

Happy birthday, puppy. Hey, you're catching up to me!

--
JaR
Thug 10110
Click on MCNGP.com from the hot spot at the retirement center!

Neil
Mon Apr 11 10:55:37 CDT 2005

did you hear "Briscobar" <youcant@sendmespam.com> say in
news:ej6guhqPFHA.3380@TK2MSFTNGP15.phx.gbl:

> Looks like the movie's gonna be awful

no surprise there. The books were great. I'm gonna hafta re-read them one
of these days. I need the laughs

--
Neil MCNGP#30

- Lottery: a tax on people who are bad at math.

Neil
Mon Apr 11 10:57:21 CDT 2005

did you hear "Briscobar" <youcant@sendmespam.com> say in
news:ej6guhqPFHA.3380@TK2MSFTNGP15.phx.gbl:

> Happy Birthday, gramps!

bastig...thanks

--
Neil MCNGP#30

- Why are they called buildings, when they're already finished? Shouldn't
they be called builts?

Neil
Mon Apr 11 10:57:48 CDT 2005

did you hear JaR <plente@spamsuxsofthome.net> say in
news:Xns963558E551F3Bplentespamsuxsofthom@207.46.248.16:

> Happy birthday, puppy. Hey, you're catching up to me!

thanks...if I catch you, you're in trouble...

--
Neil MCNGP#30

- Why are they called buildings, when they're already finished? Shouldn't
they be called builts?

Neil
Mon Apr 11 10:58:52 CDT 2005

did you hear "kpg" <ipost@thereforeiam.com> say in news:eYvEIhqPFHA.3076
@tk2msftngp13.phx.gbl:

> Remember DOS menu programs?

you mean like this
C:\> copy con autoexec.bat
echo off
echo ------------------------------------------
echo press 1 for WP4.2
echo press 2 for 1-2-3
echo press 3 for Harvard Graphics
echo -------------------------------------------
^Z
c:\>copy con 1.bat
cd\wp
wp.exe
^Z
etc.....

--
Neil MCNGP#30

- Diplomacy - the art of letting someone have your way.

CBIC
Mon Apr 11 11:03:34 CDT 2005


> *raises hand*
> it's cuase I'm old (I've hit Doug Adam's number today)

Hey happy B-day. Just remember to keep age in perspective. I'm sure you're
not older than EVERYONE you know. You are still younger than dirt and not as
old as some trees. Have a good day.
--
aka
Doom MCNGP #38
How in the hell did you get access to a computer?
Please do not be to sending email to spam.thisbiotch@gmail.com
I am to be thanking you muchly.

Neil
Mon Apr 11 11:11:59 CDT 2005

did you hear "CBIC" <spam.thisbiotch@gmail.com> say in news:qcqdndcn8
_dLAsffRVn-gQ@prairiewave.com:

> You are still younger than dirt

some dirt anyway...punk...

--
Neil MCNGP#30

- Abandon the search for truth: settle on a good fantasy.

kpg
Mon Apr 11 11:12:46 CDT 2005

> it's cuase I'm old (I've hit Doug Adam's number today)


http://www.boowakwala.com/happy/happy-birthday-song.html