Re: Restricting Access to certain files
From: Richard (anonymous_at_discussions.microsoft.com)
Date: 07/12/04
- Next message: Carey Frisch [MVP]: "Re: Can't get WinXP working again"
- Previous message: titaniumgiant: "RE: Firewall"
- In reply to: Doug Knox MS-MVP: "Re: Restricting Access to certain files"
- Next in thread: Doug Knox MS-MVP: "Re: Restricting Access to certain files"
- Reply: Doug Knox MS-MVP: "Re: Restricting Access to certain files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 12 Jul 2004 13:44:16 -0700
>From reading the original post, it sounds like he doesn't
want to block other users from viewing the document. He
wants to, for example, let them view the document but not
print it. Or, users can view and edit the document, but
not attach it to an e-mail. XP is pretty granular, but its
not THAT granular.
>-----Original Message-----
>Uh, Chris, what about this scenario?
>
>3 users
>1) Doug (Administrator)
>2) Bob (Limited User)
>3) Administrator (Administrator)
>
>Folder C:\Customer Information
>
>Security Properties for the above folder:
>1) User - Doug (has full control)
>2) User - System (has full control)
>
>All other Users and Groups are removed from this folder's
Security properties page.
>
>Why would Bob be able to access anything in the
C:\Customer Information folder? Bob can see that the
folder exists, but when he tries to open it, he gets
access denied. Apply this same methodology, and allow
inheritance of permissions, to the root directory of a
drive and Bob can't even open the drive.
>
>An Adminstrator can always adjust the permissions and
security settings, but Bob is pretty well out of the
picture.
>
>The only thing you really need to be cautious of is the
use of the Deny option, particularly when applying it to
Groups (Deny Users denies everyone on the machine).
>
>Windows XP Pro provides VERY granular control over who
can access what on any physical disk.
>
>--
>Doug Knox, MS-MVP Windows Media Center\Windows Powered
Smart Display
>Win 95/98/Me/XP Tweaks and Fixes
>http://www.dougknox.com
>--------------------------------
>Per user Group Policy Restrictions for XP Home and XP Pro
>http://www.dougknox.com/xp/utils/xp_securityconsole.htm
>--------------------------------
>Please reply only to the newsgroup so all may benefit.
>Unsolicited e-mail is not answered.
>
>""Chris Ard [MSFT]"" <ChrisArd@online.microsoft.com>
wrote in message
news:SkZpPpEaEHA.3748@cpmsftngxa06.phx.gbl...
>> Not natively in XP no. XP is not that granular. You
can do things such as
>> limit a user so they can only read a file but not
modify it or delete it.
>> What you are referring to is known as Digital Rights
Management (DMR).
>> This is available as part of Office 2003 and Windows
Server 2003.
>>
>>
http://www.microsoft.com/windowsserver2003/technologies/rig
htsmgmt/default.m
>> spx
>>
>> Chris Ard
>> Security Support
>> Microsoft Corporation
>>
>> This posting is provided "AS IS" with no warranties,
and confers no rights.
>>
>.
>
- Next message: Carey Frisch [MVP]: "Re: Can't get WinXP working again"
- Previous message: titaniumgiant: "RE: Firewall"
- In reply to: Doug Knox MS-MVP: "Re: Restricting Access to certain files"
- Next in thread: Doug Knox MS-MVP: "Re: Restricting Access to certain files"
- Reply: Doug Knox MS-MVP: "Re: Restricting Access to certain files"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
