Re: Allow ONLY "Administrator" and "System" groups full control to

Before I can tell you what is wrong with it in detail tell me what you plan
on using this server for?

"Ed Flecko" <EdFlecko@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:3D71E849-A6A8-413D-B721-9A1013CDB313@xxxxxxxxxxxxxxxx
Hi Allen,
Thanks for your input. :-)

Forgive me; I'm not trying to sound flippant. What's wrong with doing
this?
When you say "it's not a godd idea"...why not? Do you think I will
encounter
some form of difficulties?

I'm, of course, just "thinking out loud", but I can't see why anyone other
than these two groups would need ANY access (even read permissions) to the
default directories and their subdirectories.

Ed

"AllenM" wrote:

Well you will accomplish what you're trying to do and that is it will be
secured. However no one will be able to use it other than the
Administrator.
Not a good idea. Leave the root permissions alone and apply your NTFS
permissions at the folder level.


"Ed Flecko" <EdFlecko@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:6BA55846-612C-494B-9B6D-95485031FDEC@xxxxxxxxxxxxxxxx
Hi folks,
I'm setting up a new Server 2003-R2 server. I have added the
Administrators
and System groups full control of the C:\ drive, and removed everyone
else. I
see, by default, the C:\ drive has a few other directories and
subdirectories, i.e., "Windows", "Program Files", etc.

Since I'm setting this server up from scratch, in an effort to be as
secure
as possible, is there's anything wrong with selecting the little check
box
"Replace permission entries on all child objects with entries shown
here
that
apply to child objects." I know this will reset all pemissions from the
root
of C:\ down through all directories, I'm just wondering if I can expect
headaches or if this might be smart to do? I think it sounds like a
smart
idea.

Comments? Suggestions?

Thank you,
Ed





.

Relevant Pages

  • RE: Windows 2003 Server - Everyone Group
    ... this folder only accessable by the users in the "special" group. ... Configure User and Group Access on an Intranet in Windows Server ... NTFS files system permissions control ... group that you want to set permissions for, click Check Names to verify the ...
    (microsoft.public.win2000.networking)
  • Fail DBD::Mysql 4.003 installation
    ... This test requires a running server and write permissions. ... permissions, then retry. ... Failed 9/9 tests, 0.00% okay ...
    (perl.dbi.users)
  • Re: Virtual Directory - Permission Denied with fso CopyFile
    ... TestUser (normal user account with same credentials on all machines). ... I created a share on a remote server. ... reviewing it's sharing permissions and security tab permissions "everyone" ... "directory security" tab on the vdir and selecting, edit, edit and manually ...
    (microsoft.public.inetserver.iis)
  • RE: SBS 2003 Outoging Fax Problem w/Error 32028 (Cannot send - fatal error)
    ... 1.Reduce the baud rate of the incoming fax modem and see how it goes. ... Click Permissions and verify that the user attempting to fax has at ... 3.If you have configured the fax client on the Windows XP computer ... On the "Additional Server Types" page, ...
    (microsoft.public.windows.server.sbs)
  • Re: Baffelling RWW problem
    ... "special permissions" and all is good in RWW land. ... Check the configuration on SBS server and client computer as following: ... your ISP DNS server IP should be ...
    (microsoft.public.windows.server.sbs)