Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: Windows 2003R2 users/groups

Windows 2003R2 users/groups 12 years 2 months ago #15576

  • beexo
  • beexo's Avatar Topic Author
  • Offline
  • Frequent Member
  • Frequent Member
  • Posts: 78
  • Thank you received: 0
When I create a user inside an OU, it is automaticaly assigned various groups. One of them is the "Domain Users" group. What happens is that the users have no access to any folders, not even the home folder.

If I than add the group "users" from the built-in groups, all users have access to every one's folders and files.

My objective is to give all access to the user's home folder only, and not let him have access to any other folders (not ever see them).

Windows in too complicated. I am used to netware and some linux.

Groups 12 years 2 months ago #15594

Basic approach is:
1) Set up your folder structure
2) Create suitable group for the purpose
3) Give the group the required permissions in the folder(s)
4) Add users into the group
For your scenario you could give Domain Users the rights to access folders everybody needs to use but explicitly deny that group access to the home directory folder tree. Then you can grant access in that tree for each individual users or by other groups for department perhaps

Re: Windows 2003R2 users/groups 12 years 2 months ago #15650

  • beexo
  • beexo's Avatar Topic Author
  • Offline
  • Frequent Member
  • Frequent Member
  • Posts: 78
  • Thank you received: 0
Would it be correct or wise to delete some of the groups automaticaly assigned to the users (if you can, because if there are inheritances, windows will not let you delete), and then create a customized goup?

After studying mane books, I still don't know what is the best method to deny access to users other them the one(s) you want to.

Re: Windows 2003R2 users/groups 12 years 1 month ago #15766

Another rule of thumb is to only give users what they need - allowing access to other drives and folders will only encourage then to see what's there and perhaps use them as another filestore which then might not get backed up etc. If your needs are best served by your custom groups then use those in preference to the supplied ones. I wouldn't delete the supplied ones though; just remove the user(s) from membership and the group won't apply to them. I also would advise against customising the supplied groups, tempting as it may be. Sometimes it can save your bacon by having the defaults to go back to!

Re: Windows 2003R2 users/groups 12 years 1 month ago #15793

Wise words indeed Bishop, and the voice of experience as well !!!

Re: Windows 2003R2 users/groups 12 years 1 week ago #16745

  • beexo
  • beexo's Avatar Topic Author
  • Offline
  • Frequent Member
  • Frequent Member
  • Posts: 78
  • Thank you received: 0
just to say Thankyou.
  • Page:
  • 1
Time to create page: 0.161 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup