Re: "Is it possible to make it impossible for a domain admin to take ownership of a folder and it's contents?"

From: Scott Harding - MS MVP (scrockel_at_**NO_SPAM**hotmail.com)
Date: 03/31/04 

Date: Wed, 31 Mar 2004 09:08:05 -0700

You are correct. The domain admin have all powers and can change a users
password, take ownership, change permissions etc. to get access to this file
if they want. Believe me this is what we all want becuase you know that
'fred' is going to forget his password, or get fired, etc and then what
would happen to the data then? No one would get it and the President of the
company would blame the domain admins for not being able to recover the
file. 

-- 
Scott Harding
MCSE, MCSA, A+, Network+
Microsoft MVP - Windows NT Server
"Russell White" <rwhite@cascodev.com> wrote in message
news:O95pElzFEHA.4044@TK2MSFTNGP10.phx.gbl...
> Greetings.
>
> "Is it possible to make it impossible for a domain admin to take ownership
> of a folder and it's contents?"
>
> this question can also be phrased as...
>
> "is it possible to make something accessible only to one user and no one
> else (including domain admin) can either change permissions, take
ownership,
> etc."?  It seems to me this is not possible - that domain admin can always
> take ownership of these files.
>
> The powers that be want one directory on our win2ksbs server to be
> accessible only by a user, "fred".  The domain admin should not have
access
> to this file nor should he be able to change permissions nor should he be
> able to take ownership (thus allowing him to change permissions).
>
> So it would appear to me that it is impossible (and for good reason I
would
> think) to make it impossible for domain admin to access a certain
directory
> because he could always take ownership of this directory and then change
> permissions and then access the file.
>
> Is this true?  Is it possible to make it impossible for a domain admin to
> take ownership of a folder and it's contents?
>
>
> Thanks in advance,
>
> Russ White
>
>
>

Relevant Pages