Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setting permissions 2

Status
Not open for further replies.
doubleJ

doubleJ

Technical User
Sep 20, 2000
48
US
Setting permissions


NT4.0 Server Service pack6a.

Can anyone direct me in the right direction! I would to get white papers or a good link to information pertaining the "Hierarchy" of permission setting on a PDC. I know how to do it but I would like to clean up what exists. As the co. grew permissions are lousily used. I have read some things on how different "User groups" should be set up. Example: "Administrator" shouldn’t be used to logon to anything only as last resort. "Developers" should develop at a "User" level. Looking forward to your help
 
Sort by date Sort by votes
Welcome to the wonderful world of NT administration! I've never known a company in which the file/permissions structure didn't become ever more complex and almost unmanagable.
One of the places I go to for white papers on various subjects is
In general permissions should be managed at the NTFS rather than the share level and permissions should be assigned to groups rather than to individual users.
Ideally none of us should log in with Admin rights when we're just performing routine work, as a practical matter most admins do log in with an account granting them admin rights. However, it is unquestionably bad practise to log in under the user name "Administrator".

- Kevin -
 
Upvote 0 Downvote
HI.

All that was mentioned here is correct. Here are some additions:

* The shared folders structure should match as much as possible the security structure, so you can set permissions at the highest level possible in the folder tree.
For example, this can be the structure of your data drive:

SOFTWARE (USERS=READ, ADMINISTRATORS=FC) (Put here shared installation files and drivers)

DATA (ADMINISTRATORS=FC, USERS=?) - Under the data folder create subfolders to match departments, projects, or whatever needed, and set permissions for departments or whatever suits your organization.

USERS (ADMINISTRATORS=FC) - Under this create home folders for users giving each users FC to his own folder only.

For implementing the new permissions, you can use the free utility called Permiter from my signature.

Bye
Yizhar Hurwitz
 
Upvote 0 Downvote
Thanks to you both. This gives me a good start

doubleJ
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Scparks
  • Locked
  • Question
Trouble with setting up a SMTP Relay to Office 365
Replies
0
Views
93
Scparks
Scparks
ADB100
  • Locked
  • Question
Single Windows 7 Ultimate workstation not applying Registry, Drive Map or Printers GPO settings
Replies
1
Views
144
technome
technome
kurio71
  • Locked
  • Question
Clean Install of 2016 - NTFS permissions
Replies
1
Views
79
hairlessupportmonkey
hairlessupportmonkey
gbaughma
  • Locked
  • Question
Shared folder permissions
Replies
0
Views
50
gbaughma
gbaughma
froyed05
  • Locked
  • Question
DFSR local setting
Replies
0
Views
55
froyed05
froyed05

Part and Inventory Search

Sponsor

Back
Top