Re: Users accessing C$
From: Chris Hagon (ChrisHagon_at_discussions.microsoft.com)
Date: 07/15/05
- Next message: The Poster: "Re: Any IDS Recommendations?"
- Previous message: The Poster: "Re: Any IDS Recommendations?"
- In reply to: Steven L Umbach: "Re: Users accessing C$"
- Next in thread: Chris Hagon: "Re: Users accessing C$"
- Reply: Chris Hagon: "Re: Users accessing C$"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 15 Jul 2005 01:17:03 -0700
Thanks for your help Steven; I feel I should have known this, but we learn by
asking I believe. I am beginning to put your advice into practise, thanks
once again
-------
Tech Admin
West Midlands, England
Stressed and Tired!
--------
"Steven L Umbach" wrote:
> A user will not need write/modify/full control permissions to logon to a TS
> or other computer with the possible exception of their user profile if they
> are allowed to save and manage files there. So what I would do is to make
> sure that users have no more then read/list/execute permissions to any
> folder where you do not want them to store files to. Other then the system
> folders, root folder, user profiles, and folders that they need to write to
> or run applications from they need no permissions on other folders. The link
> below may help. --- Steve
>
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;308419
> http://support.microsoft.com/?scid=327522
>
> WORKAROUND
> To work around this issue, reset the permissions for the root directory on
> the system drive. The default permissions for Windows XP can serve as a
> guide for a set of permissions that have been thoroughly designed and
> tested. The following are the default permissions for the root directory on
> the system drive for Windows XP: . Administrators: Full (This Folder,
> Subfolders, and Files)
> . Creators Owners: Full (Subfolders and Files)
> . System: Full (This Folder, Subfolders, and Files)
> . Everyone: Read and Execute (This Folder Only)
>
>
> "Chris Hagon" <ChrisHagon@discussions.microsoft.com> wrote in message
> news:A15D2BDF-11E0-4C37-9E38-9E4759E0B070@microsoft.com...
> > I've recently discovered one user saving files while in a Terminal Server
> > session to the 'C:' drive - which is the server root. Obviously users
> > have
> > files on other servers but should not be saving anything to our Terminal
> > Server.
> >
> > I'm a little hazy on how the permissions should be set-up to allow people
> > to
> > log in but not access the actual server HDD itself
> >
> > Any ideas? Thanks!
> >
> > -------
> > Tech Admin
> > West Midlands, England
> > Stressed and Tired!
> > --------
>
>
>
- Next message: The Poster: "Re: Any IDS Recommendations?"
- Previous message: The Poster: "Re: Any IDS Recommendations?"
- In reply to: Steven L Umbach: "Re: Users accessing C$"
- Next in thread: Chris Hagon: "Re: Users accessing C$"
- Reply: Chris Hagon: "Re: Users accessing C$"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
