Re: "Everyone group"
From: sgopus (fredd@hotmail.com)
Date: 02/25/03
- Next message: Mike Schinkel: "Cannot access TS machine from Internet"
- Previous message: sgopus: "Re: Access is denied forever"
- In reply to: Daniel Billingsley: "Re: "Everyone group""
- Next in thread: Daniel Billingsley: "Re: "Everyone group""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "sgopus" <fredd@hotmail.com> Date: Mon, 24 Feb 2003 19:40:40 -0800
Thanks dan, I'm having a homer week DOH!
>-----Original Message-----
>I think a little clarification is in order between these
two posts. sgopus,
>I think you may have misunderstood a couple things the
previous poster said
>(or at least you interpreted them differently than I did)
and I think your
>post could be slightly misleading.
>
>If you're suggesting that the Everyone group itself
should not be deleted,
>that doesn't mean it needs to be used for a particular
folder's share or
>ntfs permissions. Two separate things.
>
>Share permissions don't really mean squat on an NTFS
volume. Everyone with
>full permissions on the share isn't going to allow
anything the ntfs
>permissions don't. And I think this is one of the basic
principles that
>every administrator should understand and follow with
religious fervor -
>ALWAYS use ntfs permissions to control access, including
on shares.
>
>"sgopus" <fredd@hotmail.com> wrote in message
>news:016601c2db95$25e3a080$a301280a@phx.gbl...
>> Chill my man, the everyone group is necessary.
>> However a better definition of FULL permissions is in
>> order. it already sounds as if this person is not
familiar
>> with groups/permissions.
>>
>> If you have checked that all users must enter a password
>> to use this computer, (W2K) then everyone is still
needed
>> for group control and policies.
>>
>>
>>
>>
>> >-----Original Message-----
>> >First of all : Never, for the love of God, ever leave
>> >every one in a security or sharing with full access.
This
>> >only tells Win2k that anybody, who is either on your
>> >network or the net, has access to the computer/folder
>> >shared.
>> >
>> >2nd, to remedy this situation, remove Everyone from the
>> >security window, then add DomainUsers and DomainAdmins;
>> >doing so will only let those 2 groups to access the
>> >network ressources, and prevent people from freely
coming
>> >in.
>> >
>> >>-----Original Message-----
>> >>Hello,
>> >>
>> >>Is it necessary to leave the Everyone group with full
>> >>permissions? What exactly is this group's function,
and
>> >>can it be removed entirely?
>> >>
>> >>Thank you,
>> >>
>> >>Shelton
>> >>.
>> >>
>> >.
>> >
>
>
>.
>
- Next message: Mike Schinkel: "Cannot access TS machine from Internet"
- Previous message: sgopus: "Re: Access is denied forever"
- In reply to: Daniel Billingsley: "Re: "Everyone group""
- Next in thread: Daniel Billingsley: "Re: "Everyone group""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
