|
Posted by Roger Abell [MVP] on November 16, 2007, 5:59 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Authenticated Users or Interactive or both. Either of those
will make an admin account that has logged in locally a
member of Users.
Roger
> Fair enough, but the question remains... why does setting Deny all on the
> local Users group affect the local Administrator account? I've got a
> similar
> situation where the Administrator user is not part of Users group,
> directly
> or indirectly, yet applying Deny permissions to the latter affect the
> former.
>
> Thanks in advance,
>
> --
> dima
>
> "Shenan Stanley" wrote:
>
>> ThomasAJ wrote:
>> > I'm a newbie to W2003.
>> >
>> > I want to stop ALL users (except me the Administrator) from even
>> > looking at the contents of a folder.
>> >
>> > I set the 'Users' group permissions to Deny/Full Control. This
>> > ticks ALL the deny boxes. Fine.
>> >
>> > BUT as the admin guy I also cannot look at the folder. I look at the
>> > folder's permissions for Administrators and the ALLOW column has
>> > all the boxes ticked but in grey. What am I doing wrong?
>>
>> Just eliminate the "users" group from the permissions at all and give
>> administrators full.
>> No reason to start diving into the Deny permissions.
>>
>> In other words - for the folder permissions in questions - the only
>> users/groups listed at all should be administrators with Allow FULL
>> permissions and it should be in effect for that folder and all
>> sub-folders.
>>
>> --
>> Shenan Stanley
>> MS-MVP
>> --
>> How To Ask Questions The Smart Way
>> http://www.catb.org/~esr/faqs/smart-questions.html
>>
>>
>>
| 
XML site map