Re: Users with ADMIN profile



=?Utf-8?B?bWFobWFk?= <mahmad@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
news:42B5B845-6896-4496-9E79-973793A8B20A@xxxxxxxxxxxxx:

> Hi Adam,
>
> Thanks for your reply, how do i go about doing what u suggest,
> does it have to be on local machines, or on the server etc.

You would do this from their workstation, running the applications
having permission issues. Using Regmon and Filemon, you discover what
permissions need to be opened up. You would then go back to the server
and input these changes into Group Policy so they propagate throughout
the whole enterprise. If you have a lot of applications, this could
take quite a while, but no one ever said security was easy. :)

Adam


.



Relevant Pages

  • Re: Access Control Best Practices for shared hosting seem at odds with Web Site Starters
    ... the full context of the bullet I quoted appears to be the HTTP POST ... Do not allow anonymous user to have write permission. ... content to the server, then they can write anything onto the server. ... More secure alternatives are applications that store ...
    (microsoft.public.inetserver.iis.security)
  • Re: Active Directory/HIPPA Question
    ... The only ones still running NT 4.0 Server are literally ... >> I'm probably correct in my assumption that ADAM will not support home ... >> applications? ...
    (microsoft.public.win2000.general)
  • Re: Creating a Computer Object in ADAM
    ... I've never replicated an ADAM ... Win 2003 server down to my instance, but fails from my XP instance ... 'The attempt to establish a replication link for the following writable ... Source directory service address: ...
    (microsoft.public.windows.server.active_directory)
  • Re: Creating a Computer Object in ADAM
    ... I'm going to guess and say that the ADAM service account doesn't have the ... the name changed server and its partners to see status. ... Starting test: CrossRefValidation ... Running partition tests on: Schema ...
    (microsoft.public.windows.server.active_directory)