Sharing folders is essential on a network. And permissions helps the admin to control who has access to what.
A share is the basic foundation for allowing users to access a folder. If a folder is not shared it cannot be accessed by other computers. There are some basic and primitive rules in sharing which allow someone to give privileges to certain people. These are generally read, change and full. Certain users can be given these rights by adding them to the share, highlighting them and then assigning the rights to them. A user with full permissions can do anything to that folder BASED on the share permissions. When a user or computer cannot access a folder, the first thing one should do is look at the share. Generally, there will be a hand icon or a couple of small people icons under or to the side of the folder if it is shared. I would recommend that you never use Everyone as a list of users.
After sharing a folder, you then set permissions. Permissions are based on NTFS and are much more granular than share permissions. You can set a lot more permissions or access to a folder using permissions. Again, you must decide who to include in the permission field and set his or her permissions. On a server, you can use group policy to make groups that have certain permissions. For instance, you may have 10 doctors, 4 mid-levels, 5 MAs and 5 clerical staff. It would be a pain to set policies for each individual. So, you may have a physician group, an MA group, etc. The physician group may have full permissions while your MAs only change.
