Windows client attempts to open a file (via CREATE) with certain flags (Access Mask) then the server allows or denies the request based on the permission. Some application like (MS Office) tries the C...Windows client attempts to open a file (via CREATE) with certain flags (Access Mask) then the server allows or denies the request based on the permission. Some application like (MS Office) tries the CREATE call with more permissions and gradually decrease the Access Mask in case of Access Denied response until access is granted. This whole procedure is usually very quick and the user might not notice any impact but a packet trace or a security trace will show the calls as Access Denied.
