Re: User Rights

From: andy smart (anonymus_at_discussions.microsoft.com)
Date: 10/04/04 

Date: Mon, 04 Oct 2004 12:30:18 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Carl Hilton wrote:
| I want them controlling THEIR folders NOT everyones'.
|
|
|
| "andy smart" <anonymus@discussions.microsoft.com> wrote in message
| news:cjqv6b$30e$1@newsfeed.th.ifl.net...
|
| Carl Hilton wrote:
| | I have a user who I have given FULL control rights to her network
|
|> folder.
|
| | She tells me she can not add permission for other folks to specific
| | subdirectories. I have propogated the FULL control to all her sub
| objects. I
| | have gone in to one of her sub folders and checked EFFECTIVE
|
|> PERMISSIONS,
|
| | and she has full control... I have turned on Auditing and only note a
| | failure for her with:
| |
| | Event Type: Failure Audit
| | Event Source: Security
| | Event Category: Object Access
| | Event ID: 560
| | Date: 9/30/2004
| | Time: 1:49:31 PM
| | User: DOMAIN1\IBW
| | Computer: FILESSERVER
| | Description:
| | Object Open:
| | Object Server: Security
| | Object Type: File
| | Object Name: D:\Users\IBW\DataWork
| | Handle ID: -
| | Operation ID: {0,32716122}
| | Process ID: 4
| | Image File Name:
| | Primary User Name: FILESSERVER$
| | Primary Domain: SAD
| | Primary Logon ID: (0x0,0x3E7)
| | Client User Name: IBW
| | Client Domain: DOMAIN1
| | Client Logon ID: (0x0,0x1EFB976)
| | Accesses: ACCESS_SYS_SEC
| | ReadAttributes
| |
| | Privileges: -
| | Restricted Sid Count: 0
| | Access Mask: 0x1000080
| |
| |
| | For more information, see Help and Support Center at
| | http://go.microsoft.com/fwlink/events.asp.
| |
| |
| And you want a user controlling who has access rights on the network,
| why? Exactly? :-)

I know, but what would worry me is to whom they are giving access, and
who will ultimaely manage (aka 'be responsible for' that access.

Does she need to provide access to people from within the organization?
The way we do things here is to create shared areas for access by people
with specific needs - and make people members or not as the need arises.
This doesnt' need a lot of tweaking and seems to work for us here.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBYTRKqmlxlf41jHgRAhwJAKCC2rGba1UEuaC89rGyPyM25VBFsgCfZaQy
65RNVVaGfTNMDoUphyAHdHs=
=XK9z
-----END PGP SIGNATURE-----

Relevant Pages

  • Re: Dont Administrators have access to everything?
    ... returning the folders to the Shared Documents folder, ... NO owner and no one has access to the files (not ... account had been granted Full Control, ... Owner's and Administrators' permissions. ...
    (microsoft.public.windowsxp.security_admin)
  • RE: Cant delete files.... constant permission popups!
    ... Administrator from taking Full Control of the entire folder and its contents, ... turn off UAC and try to copy or move folders. ... wants to master the full potential of Vista, such as UAC, that user will have ...
    (microsoft.public.windows.vista.administration_accounts_passwords)
  • Re: Dont Administrators have access to everything?
    ... returning the folders to the Shared Documents folder, ... NO owner and no one has access to the files (not ... account had been granted Full Control, ... Owner's and Administrators' permissions. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: GetDirectories Performance
    ... Tom Scales wrote: ... I am having a major problem with performance. ... Instead of populating the whole treeview control on startup, only add the nodes on the first level and check if the folders contain subfolders. ...
    (microsoft.public.dotnet.languages.vb)
  • Re: (CStringList)...folder_list.Find(...) problem.
    ... I am trying to create a basic app with a treeview control that displays just ... the folders of the hard drive... ... Your "c_" prefix often means a member variable that is an MFC control, ...
    (microsoft.public.vc.mfc)