Domain Users versus Power Users - TechRepublic
Question
October 12, 2007 at 01:12 AM
redhat

Domain Users versus Power Users

by redhat . Updated 17 years ago

A company has 2 types of employees, regular and accounting. They both store their files in folders labelled by customer name “ABC Co” etc. The accounting employees don’t want the regular employees to access their files, but accounting also needs to access files created by the regulars.

I think I can restrict access to certain files that the accounting group “owns”, simply by selecting the security settings of those files and removing the regular group from the ACL (permissions list).

But how would I make sure the accounting group had access to the regular groups files? Do I simply make the regular security group a member of the accounting security group, or does that open a hole for the regular users to access accounting files?

And is there a way to set the security class of new files created by the accounting security group, if they are saved in the common folder, i.e. since they are a member of the regular group, it seems the files they create are open to anyone in the regular group.

Or should I have them put their files in a separate folder and set security on that folder and child files inherit the permission, so only accounting can access within that folder? They would rather have only 1 folder per customer, instead of regular/customers/abc and accounting/customers/abc, etc…

thanks for your suggestions

This discussion is locked

All Comments