Re: "access denied" for members of Administrators, stand-alone server


"Larry" <nobody@xxxxxxxx> wrote in message
news:137lu2cd1vtvt78@xxxxxxxxxxxxxxxxxxxxx
I got this working: 1) uncheck "Allow inheritable permissions from parent
to propagate to this object." under Advanced and choosing to remove all
permissions from that directory structure, 2) Add Full Control to
Administrators.

But I am still mystified as to why the first approach did not work...

On my XP box, the local "users" group includes "authenticated users", which
would, in turn, include administrators.

Using "deny" access is fraught with surprises - it is usually better to
grant the required access and simply not grant access to those who are not
to have it. Or, in your case, remove the specific accesses previously
granted to "users".

/Al


.

Relevant Pages

  • Re: Oracle memory allocation on Linux 2.6
    ... direct I/O should lower memory consumption simply because it ... bypasses buffer cache over which we have no control. ... With Linux, I really have a problem with the ... as well as system administrators are ...
    (comp.databases.oracle.server)
  • Re: Delegation dilemma
    ... That will spread the security control over a group of people ... your SMS and MOM servers are going to be member servers. ... SMSAdmins in the local administrators group of the SMS Primary and Secondary ...
    (microsoft.public.windows.server.active_directory)
  • Re: Restricting Certain Binaries - Steve?
    ... ntfs/share permissions, eliminating unnecessary services, etc. ... administrators group from the "access this computer from the network" user right ... I don't know exactly how an attacker or worm gets system control. ... > execute any of these binaries from my desktop. ...
    (microsoft.public.win2000.security)
  • RE: software to control domain administrators
    ... "Does anyone know any software to control, audit, or restrict access or privileges to domain administrators." ... I will restate my mantra differently, If you can not trust someone to be in a position of complete un-adulterated control of your network, then they should not be in that position. ... >(assuming we are talking about NT/AD Domain Admins) ...
    (Security-Basics)
  • Re: What Would Deactivate Hosts File?
    ... Administrators: Full Control ... The file is owned by the administrators group. ... then reboot, then hosts mysteriously ... Users group affect this feature, which should be implemented by a SYSTEM ...
    (microsoft.public.windows.server.networking)