windows server 2003 and folders

windows server 2003 and folders
Secure Home | Search | About
Login Password
Register Now! Lost Password?

Microsoft Applications Security - Microsoft's general security discussions and announcements 

Bookmark this page:  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
windows server 2003 and folders shawn 12-27-2005
Posted by =?Utf-8?B?c2hhd24=?= on December 27, 2005, 7:01 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
I have the following shared folders created:

\<server>\FB Share
\<server>\Users\<username>

What permissions should the above folders have in this domain environment?

Posted by Steven L Umbach on December 28, 2005, 12:09 am
If you were  Registered and logged in, you could reply and use other advanced thread options
It depends. You want to follow the principle of least privilege and it
depends on if you want administrators to also have full control access to a
users folder or not. The two links serve as guideline for redirected or home
folders and the assumption is that you don't want users to access each
others folders. Group Policy can also be configured to give administrators
full control to a user's roaming profile and redirected folders and you
would want to implement such before you start configuring the users
olders. --- Steve

http://support.microsoft.com/kb/274443
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/a1b7ce04-708b-4145-830a-cadfc003acd3.mspx

>I have the following shared folders created:
>
> \<server>\FB Share
> \<server>\Users\<username>
>
> What permissions should the above folders have in this domain environment?



Posted by Roger Abell [MVP] on December 29, 2005, 9:42 am
If you were  Registered and logged in, you could reply and use other advanced thread options
As was said, it depends on the intended usage.
I tend to advocate, as a general practice, not granting
Administrators higher than read (if that much). This is
in environment where control of Administrators members
is less than strong, where use of those accounts is excessive,
and possibly on more than a few well-tended machines.
In such an environment the potential for an account to be
used in presence of infection/malware dramatically increases,
so not granting network write access to published shares is
one means to limit accidental or malware driven change to
content of network share content.

>I have the following shared folders created:
>
> \<server>\FB Share
> \<server>\Users\<username>
>
> What permissions should the above folders have in this domain environment?



Similar ThreadsPosted
Strange Windows 2000 / 2003 behavior found with ASPNET permissions on MachineKeys folders?!? July 5, 2005, 11:29 am
Can not use UNC path in Windows server 2003 server 64 bit OS September 30, 2005, 4:19 pm
Re: Windows Firewall fails to start on Windows Server 2003 October 11, 2009, 10:24 pm
Windows Update fails on Windows 2003 server June 23, 2005, 7:27 pm
Windows 2003 domain with Windows 2008 CA server July 30, 2009, 3:22 pm
RE: WIndows Server 2003 July 29, 2005, 12:16 am
Windows 2003 server SP1 September 16, 2005, 12:06 am
How do i use windows server 2003 to only allow certain IP and IP r June 3, 2009, 6:03 am
Windows Update v6 on 2003 server going nowhere June 28, 2005, 7:42 pm
Windows Server 2003 autolock August 15, 2005, 12:03 am

The site map in XML format XML site map

Contact Us | Privacy Policy