I use a standard list for share permissions on our 34+ servers. Each office location has an operators account “OP1” and a group account “PITUSERS”. The permissions are as follows:
Domain Admins: FULL CONTROL
OP1: FULL CONTROL
PITUSERS: CHANGE
Note that the EVERYONE group is removed. Other NT admins have told me that I need to add the SYSTEM account with full control. I am not having any problems – that I know of. What ramifications will I have by not adding the SYSTEM account?
