Re: Permissions for shared folders

From: tech (myitsoft@yahoo.co)
Date: 10/29/02

• Next message: Jon Marchant: "Windows 2000 password"
• Previous message: Karl Levinson [x y] mvp: "Re: IPSEC from behind dumb NAT. How?"
• In reply to: Karl Levinson [x y] mvp: "Re: Permissions for shared folders"
• Next in thread: Karl Levinson [x y] mvp: "Re: Permissions for shared folders"
• Reply: Karl Levinson [x y] mvp: "Re: Permissions for shared folders"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "tech" <myitsoft@yahoo.co>
Date: Tue, 29 Oct 2002 11:12:21 -0800

The advise sounds good. However, What about inheratable
rights? Propagation?

It seems like the top groups still have access to the
bottom folders, since the propagation occurrs.

Be aware of such of tricky securty settings..
>-----Original Message-----
>
>"niza" <niza09_06@epatra.com> wrote in message
>news:53c301c27f69$e7d19180$35ef2ecf@TKMSFTNGXA11...
>> Hi,
>> How can i assign access rights(permissions) to
>> different users for a shared folder on Win 2000 ? Also,
is
>> it possible to track the list of users who have
accessed a
>> certain shared folder(present on my machine) in the
>> network?
>
>You right-click on a file or folder and select
properties, security to
>change NTFS permissions, as long as the disk partition
has been converted to
>NTFS or was formatted using NTFS. info on doing this is
available at places
>like www.iisfaq.com and also www.microsoft.com/technet,
>www.microsoft.com/technet/security,
www.microsoft.com/support, etc
>
>You would enable Auditing to track file access. Info on
enabling auditing
>is below:
>
>=========
>
>Note that to enable logging of access to files or
registry settings, you
>must both enable logging in the overall computer policy
AND also add
>auditing settings on individual folders or registry keys
in the NTFS
>security properties in Windows Explorer or the REGEDT32
registry editor.
>[Using REGEDIT will not work.] To log file access, the
files must be on an
>NTFS-formatted partition.
>
>Note also that to enable logging of security events on a
Windows domain, you
>must change the auditing policy on all domain
controllers. Changing the
>auditing policy on the computers in the domain enables
logging of failed
>logins to the computers using local accounts and would
not necessarily log
>attempts to log into the domain.
>
>Consider changing the Windows event log settings to be
appropriate for your
>environment. Consider increasing the maximum log size to
retain more
>information. Be careful not to log too much, or you
might find that your
>logs contain only a few minutes or hours worth of data.
Finally, check the
>logs to be sure logs are really being captured.
>
>For more information on enabling and configuring
auditing, see the articles
>below:
>
>http://nsa1.www.conxion.com/win2k/download.htm a.k.a.
http://www.nsa.gov
> [look for the NSA Security Recommendation Guides for
Windows 2000 and
>also Group Policy]
>http://www.microsoft.com/technet/prodtechnol/windows2000se
rv/deploy/confeat/
>13w2kadc.asp
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;Q310399 - XP
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;Q300549 - 2000
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;Q248260 - 2000
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;Q301640 - 2000, file
>access settings
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;Q300958 - 2000,
>monitoring for unauthorized user access
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;Q157238 - NT
>http://www.labmice.net/troubleshooting/EventLog.htm
>
>[Thanks to Thomas Deml and others]
>
>
>.
>

---

• Next message: Jon Marchant: "Windows 2000 password"
• Previous message: Karl Levinson [x y] mvp: "Re: IPSEC from behind dumb NAT. How?"
• In reply to: Karl Levinson [x y] mvp: "Re: Permissions for shared folders"
• Next in thread: Karl Levinson [x y] mvp: "Re: Permissions for shared folders"
• Reply: Karl Levinson [x y] mvp: "Re: Permissions for shared folders"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Problems configuring security for services ... Note that to enable logging of access to files or registry settings, ... auditing settings on individual folders or registry keys in the NTFS ... (microsoft.public.win2000.security) Re: Hard Drive Space Disappeared ... I am not sure whether you are seeing all files and folders. ... It is likely that an allocation of 12% has been made to System Restore ... Place the cursor on your C drive select Settings but this ... Select Start, All Programs, Accessories, System Tools, Disk CleanUp to ... (microsoft.public.windowsxp.hardware) Re: User Management Question ... I have primarily used the "Admin" login for my general computing - ... > and my "Bob" account for administration purposes. ... > much time customizing the software, documents and settings in my "Admin" ... > folders in the folder. ... (microsoft.public.windowsxp.customize) Re: No Accessories in WinXP Pro MCE ... I need to figure out how to later RESTORE my data in M$ Outlook - I use it ... Everyone should see a combination of two start Menu folders. ... Is the Common Start Menu, it appears for anyone who logs on. ... Documents and Settings folder on whatever drive it is located on for the ... (microsoft.public.windowsxp.general) Re: How can I get Create/Insert attachment dialog box to open in Detai ... show/hide hidden and similar settings. ... These are the global defaults for all folders. ... Quick Launch and Open dialogs. ... people to use Windows the way it was meant to be used. ... (microsoft.public.win2000.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)