General discussion

Locked

NT 4.0 Root Folder Security

By aascunce ·
(I have access as admin on server)How can I prevent other administrators from viewing my home folder while they are logged in as admin on the server. I know I can remove the admin account from the NTFS security. However, my files will not be backed up. Any suggestions?

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

NT 4.0 Root Folder Security

by mcse109 In reply to NT 4.0 Root Folder Securi ...

1-creat a user account for each with admin rights.
2-creat a new policy to be applied to this admin group or for each user "user Profile".

Collapse -

NT 4.0 Root Folder Security

by aascunce In reply to NT 4.0 Root Folder Securi ...

The question was auto-closed by TechRepublic

Collapse -

NT 4.0 Root Folder Security

by dlw6 In reply to NT 4.0 Root Folder Securi ...

Given that you even want or need to do this, my guess is that you don't trust you admins and/or want additional security in your strucure.

It's never good security practice for multiple people to have access to one account -- if someone does something bad you don't know who to blame. The "Administrator" account (which you should rename to something else) should have a random password in a sealed envelope. The rest of the admins should have their own accounts, all members of the Domain Admins group (which is a member of the Administrators local group). The admin accounts should not, by the way, be their regular user accounts. You log in as admin when you need to do admin things, and you log in as a mere user when you have to do mortal thigns (such as e-mail and web, both of which are dangerous these days).

If you inmplement the structure I just described, you can then go into the NTFS permissions and give yourself Full Control, Domain Admins Read-Only, and all the individual admin accounts (besides yours) No Access. Caution: do not give the Domain Admins No Access because you'll lock yourself out too. You gave the Domain Admins the permission of Read-only to prevent them from taking ownership of the files, but with the individual accounts at No Access they won't be able to get in anyway.

Good fortune,
Don

Collapse -

NT 4.0 Root Folder Security

by aascunce In reply to NT 4.0 Root Folder Securi ...

The question was auto-closed by TechRepublic

Collapse -

NT 4.0 Root Folder Security

by aascunce In reply to NT 4.0 Root Folder Securi ...

This question was auto closed due to inactivity

Back to Windows Forum
5 total posts (Page 1 of 1)  

Related Discussions

Related Forums