|
Posted by Arek Iskra [MVP] on September 24, 2005, 4:26 am
If you were Registered and logged in, you could reply and use other advanced thread options
> My HD has two partitions: C: (operating system and programs) and D:
> (data).
>
> The Operating System is Windows 2000 Pro.
>
> While checking the PROPERTIES --> SECURITY settings, I found that:
>
> For Drive C, User “EVERYONE” has “FULL ACCESS CONTROL”.
>
> For Drive D, there are three users with “FULL ACCESS CONTROL”:
>
> Administrator,
> UserA (that me),
> S-1-5-21-121…(long string)
>
> Since there is no network, both drives are set to “Don’t share”.
>
> Questions:
>
> 1. What is the proper security setting for Drive C and Drive D?
>
> 2. What is the third mysterious user that has control of Drive D? Should I
> remove it?
>
> 3. Should I change the security setting if I install an external hard
> drive
> for back-up?
>
> Thank you for your help.
>
>
I would recommend the following:
SYSTEM - Full Control
Administrators - Full Control
CREATOR OWNER - Full Control
Everyone - Read & Execute
Users - Read & Execute
You could probably get away with Everyone, if you really want to feel more
secure ;)
As for the long string (SID), have you imported the hard disk from another
computer? Or, have you used it before as a secondary HDD while primary was
reformatted? My guess is that this SID belongs to account which no longer
exist (was part of the "old" operating system or the system where the HDD
was previously installed). Hence, you could get rid of it.
If you want to use the HDD as a backup, I would suggest to assign similar
permissions as above, just to keep it clean.
--
Arek Iskra
MVP for Windows Server - Software Distribution
| 
XML site map