I want to set a user account to 'limited', but grant that user full access rights to a directory of the root of c:
This is XP Pro, attached to Novell server, but not to a Windows Server, so no "domain".
If you are granting the user full access from the root onwards of a drive, what purpose is there in making them a "limited user"?
Likely the only thing you are denying them is the ability to write to the registry.
Most software installations will require this.
Under Windows the option exists for the user to logon as either the Domain (or Netware) user, with Full policies applied, or as a local console user.
Make them local Administrators, if they need to install/ mess around, let them do that as a local console logon as Administrator. As a Netware or Windows Server Domain user, restrict their rights as you see fit.
This is the most common way of handling laptop/notebook users who need to go between Home and Office settings. Let them do what they want as a local console logon, (under Netware, they click the little box to act as a Workstation), but your Netware and/or Domain is fine no matter what they do.
I made a typo mistake in the original message. It should say
"full access rights to a directory ON the root of c:\" not "directory OF the root of C:
Just full rights to only one program folder on the C:\drive. Not all of C: and onwards. That's my problem. Just one folder. Limited user rights apply elsewhere.
If you give full access to c:that is the root of the drive.
There are no previous permission levels.
For any folder, the NTFS permission would allow, for a fully defined user, the setting of 14 different permission levels in combination.
If in a workgroup setting, you need to add the local username/password to allow their entry as NTFS permissions on a local drive. In a Domain setting you can register the machine Account, and both local and Domain Groups, or users, and accomplish the same task.
bcastner:
Boy, I've read some of your FAQ's and you sound real nice and willing to help, but I've seen some of your postings and you can be real condescending.
I know all about C: being the root of the drive. I've been at this for 23 years. Sorry, I 'puzzled' you.
There's lots I don't know and am not ashamed to admit it. Just don't talk down to me.
Now, it appears that what I'm after is your comment as follows:
<If in a workgroup setting, you need to add the local <username/password to allow their entry as NTFS <permissions on a local drive.
"bcastner:
Boy, I've read some of your FAQ's and you sound real nice and willing to help, but I've seen some of your postings and you can be real condescending."
Tone and intention are difficult things to show in a post or e-mail. I have no reason to be, nor intend to be, condescending in these Forums. Until now, I thought I had done a fairly decent job of it.
In any case, my posts above were to remind you that you had three levels of security available:
. Share level Security. You can control by user who can and cannot access any share;
. NTFS permissions; in which you can richly combine what is allowed or denied on 14 permission principles to any user;
. Netware security, which on Netware volumes provides an even richer combination of #1 and #2 above.
If you are combining a Microsoft Workgroup Model with a Netware Server, and not using any form of Directory Services for either, you follow the Microsoft Workgroup model and add all users to all workstations as local users; then you refine their access by Share and by NTFS permissions. The refinements in security for the Netware server I am confident you already know.
Dough Knox has a usefull tool to help with this, as I mentioned a little time ago: thread779-685048
If my posts above seemed less than usefull, I was frankly trying to figure out your question. I apologize if it appeared condescending, I intended no such attitude.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.