Setting permissions on network directories is a routine work of system administrators. understanding the process of configuring permissions properly is crucial, otherwise you might end up giving access to the wrong users.
Permissions on Windows Server 2003 are controlled by two steps, on Sharing Permissions and NTFS Security. Most of the time everyone is added to the sharing permissions with full control, and then access is controlled to the directory using the security option. this practice does not need to be necessarily this way, you could create an active directory group to add on the sharing permissions, or use the authenticated built-in group:
Refrain from giving Full Control access to the group from here. is not necessary, and avoid getting into the habit of granting regular users full control in any directory, unless necessary. you will avoid a lot of headaches, I bet.
After you add the authenticated group from on the shared permissions, click on OK, and then go to the Security Tab, and add the specific group or users you want to access the directory:
The highest access level a user should get is Modify that is good enough to change, create, or delete files from the directory. and preferably only the specific group or user, and the administrator should have access to the directory, remove everything else. do not use inherent permissions on top directories.
Configuring permissions on Windows is a simple process, but getting it right is important.
1 Comment Already
Pingback & Trackback
Please Leave Your Comments Below