managing permissions

[norrland]

Hi, this is my scenario:
I have win2000server on my computer that is a domaincontroller, i log on as a administrator and create a folder directly under c:, I rightclick the folder and choose properties - security and removes the everyone group and adds administrators that I give full control and user1 that I only give read permissions. I then add user1 to the printoperators group so that the user1 can log on interactively on my domaincontroller. I log on as user1 and then am being very surprised because i can delete the folder. How is that possible?, i have only readperm for that folder, the filesystem is ofcourse NTFS.

Many thanks
Andreas /Sweden

 

[tlcscousin]

Is user 1 given permissions in another group?(ieower users od admin equivalency)

 

[tlcscousin]

Is user 1 given permissions in another group?(ieower users or admin equivalency)

 

[norrland]

No user1 is only member of domain users and print operators (print operators isn´t member of another group).

/Andreas

 

[jrdebug]

andreas, are you sure that you have set the permission for Local Security? maybe the Read-only permission you set for User1 is for the Network Share. please bear in mind that when a user logs on locally on a machine, it is using the local security on the files and not the network security.


Jeffrey Rebong
Computer Engineer/Network Administrator
jrdebug@yahoo.com

 

[m1ckey]

Have you checked the Advanced user rights on the file.

Dan

 

[Jpoandl]

Make sure that the ENHERITABLE permissions check mark is removed from the SECURITY tab. The root may have FULL CONTROL to ALL USERS. Joseph L. Poandl
MCSE 2000