General discussion

  • Creator
    Topic
  • #2074458

    NT 4.0 Root Folder Security

    Locked

    by aascunce ·

    (I have access as admin on server)How can I prevent other administrators from viewing my home folder while they are logged in as admin on the server. I know I can remove the admin account from the NTFS security. However, my files will not be backed up. Any suggestions?

All Comments

  • Author
    Replies
    • #3771149

      NT 4.0 Root Folder Security

      by mcse109 ·

      In reply to NT 4.0 Root Folder Security

      1-creat a user account for each with admin rights.
      2-creat a new policy to be applied to this admin group or for each user “user Profile”.

    • #3684183

      NT 4.0 Root Folder Security

      by dlw6 ·

      In reply to NT 4.0 Root Folder Security

      Given that you even want or need to do this, my guess is that you don’t trust you admins and/or want additional security in your strucure.

      It’s never good security practice for multiple people to have access to one account — if someone does something bad you don’t know who to blame. The “Administrator” account (which you should rename to something else) should have a random password in a sealed envelope. The rest of the admins should have their own accounts, all members of the Domain Admins group (which is a member of the Administrators local group). The admin accounts should not, by the way, be their regular user accounts. You log in as admin when you need to do admin things, and you log in as a mere user when you have to do mortal thigns (such as e-mail and web, both of which are dangerous these days).

      If you inmplement the structure I just described, you can then go into the NTFS permissions and give yourself Full Control, Domain Admins Read-Only, and all the individual admin accounts (besides yours) No Access. Caution: do not give the Domain Admins No Access because you’ll lock yourself out too. You gave the Domain Admins the permission of Read-only to prevent them from taking ownership of the files, but with the individual accounts at No Access they won’t be able to get in anyway.

      Good fortune,
      Don

    • #3702197

      NT 4.0 Root Folder Security

      by aascunce ·

      In reply to NT 4.0 Root Folder Security

      This question was auto closed due to inactivity

Viewing 2 reply threads