Re: Access Control to Drives
From: Arek Iskra [MVP] (NoSpam_arek_at_arekiskra.com)
Date: 09/25/05
- Next message: Steven L Umbach: "Re: Firewall Security"
- Previous message: Galen: "Re: Firewall Security"
- In reply to: Steven L Umbach: "Re: Access Control to Drives"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 25 Sep 2005 18:52:30 +0800
"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:OWwinhRwFHA.624@TK2MSFTNGP11.phx.gbl...
> Just to clarify in Windows 2000 if you dig further you should see that
> everyone has full control only to the root/drive folder for the system
> drive. If you look under the \winnt folder for instance that should not be
> the case. MS did change that behavior in XP/2003 and I agree with what
> Arek suggests though you may want to remove everyone and users and replace
> with authenticated users for read/list/execute. The mysterious sid is a
> user or group that the operating system no longer has a name to map to.
> For a non domain computer you could safely remove the sid from permissions
> lists. Usually this happens when a user or group was created and then
> deleted from users and groups but still remains in permissions and/or user
> rights lists. The link below is to a KB article that discusses the root
> folder excessive permissions in Windows 2000. --- Steve
>
> http://support.microsoft.com/?scid=327522
>
Thanks a lot Steve for clarification. Yup, adding Authenticated Users is yet
another way to deal with this scenario.
-- Arek Iskra MVP for Windows Server - Software Distribution
- Next message: Steven L Umbach: "Re: Firewall Security"
- Previous message: Galen: "Re: Firewall Security"
- In reply to: Steven L Umbach: "Re: Access Control to Drives"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
