User rights becoming a Headache

Account Information

Reset password

An email has been sent to you with instructions on how to reset your password.

Back to TechRepublic

Welcome to TechRepublic!

By registering, you agree to the Terms of Use and acknowledge the data practices outlined in the Privacy Policy.

You will also receive a complimentary subscription to TechRepublic's News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.

Username must be unique. Password must be a minimum of 6 characters and have any 3 of the 4 items: a number (0 through 9), a special character (such as !, $, #, %), an uppercase character (A through Z) or a lowercase (a through z) character (no spaces).

General discussion

Creator

Topic
November 4, 2004 at 7:13 am #2276587

User rights becoming a Headache

Locked

by rapell · about 17 years, 6 months ago

Am the systems admin of a WinNT 4 domain amd at the software we run is on a files server. Now, clients are windows 98 and windows 2000, but am having trouble mapping drives as a user. Everytime i map the drive as Admin then the user logs on using their credentials, the network drive becomes unavailable or denies access. I dont want to increase their rights for that drive only as it contains other sensitive info, I have now given all users admin rights so they can reconnect at logon, since its a small domain and most of them are advanced PC users so am not so scared of dangerous deletions, but am feeling weak, am supposed to be the only god here-in charge. How can I reduce their rights but keep the mapping accessible when they logon? and they need this drive since equinox is based on it and environment variables have been cfgd to point to that drive. Thank you.

This conversation is currently closed to new comments.
Creator

Topic

All Comments

Author

Replies
- November 4, 2004 at 9:22 am #3295394
  
  NT 4.0 Huh ?
  
  by cogtek · about 17 years, 6 months ago
  
  In reply to User rights becoming a Headache
  
  You have come upon an age old problem with Administering a Microsoft Domain.
  
  It is called cumulative rights syndrome.
  CRM is the result of having rights applied to a Share as well as NTFS rights applied to the same Directory.
  Microsoft “combines” these rights and allows for the most restrictive.
  In other words, if you setup a directory with NTFS rights for Domain Users set to “Full Access” And you limit the Share to Everyone “Read Access” Guess what? Everybody can see the folder but nobody can save to it.
  
  What I usually do, is to create the folder.
  Share the Folder. (Sharing Tab in Properties)
  Set the Share Rights to allow Everyone “Full Access”
  Then use NTFS rights to “lock down” the directory. (Security Tab in Properties)
  
  Understanding the Security Rights in NTFS can be a lesson in itself.
  - November 4, 2004 at 10:12 pm #3295214
    
    Thanks mate
    
    by rapell · about 17 years, 6 months ago
    
    In reply to NT 4.0 Huh ?
    
    Well well well, what do you know, and if I had known it was that simple. Thanks alot, i have tested this on one user and the drive is available at logon, which solves my problem. I am now going to trim some wings…..
  - November 5, 2004 at 3:04 am #3295152
    
    Re: NT 4.0 Huh
    
    by jermaine.oldham@tempurped · about 17 years, 6 months ago
    
    In reply to NT 4.0 Huh ?
    
    Great advice, I can tell you understand your NTFS permissions!
    
    Jermaine C. Oldham
- November 5, 2004 at 3:02 am #3295153
  
  Re: user rights
  
  by jermaine.oldham@tempurped · about 17 years, 6 months ago
  
  In reply to User rights becoming a Headache
  
  I suggest you try downgrading each user’s rights to Power Users and see if they are able to connect. If that doesn’t work, just grant them local admin rights…they won’t be able to do too much damage, because on a domain level they are still bound by the security implications you make applicable to them…
  
  Jermaine C. Oldham
Author

Replies

Viewing 1 reply thread

Procuring software packages for an organization is a complicated process that involves more than just technological knowledge. There are financial and support aspects to consider, proof of concepts to evaluate and vendor negotiations to handle. Navigating through the details of an RFP alone can be challenging, so use TechRepublic Premium’s Software Procurement Policy to establish ...

Recruiting a Security Analyst with the right combination of technical expertise and experience will require a comprehensive screening process. This hiring kit from TechRepublic Premium includes a job description, sample interview questions and a basic want ad that you can customize for your business to find, interview, recruit and hire the best candidates for a ...

Recruiting a DevOps engineer with the right combination of technical expertise and experience will require a comprehensive screening process. This hiring kit from TechRepublic Premium includes a job description, sample interview questions and a basic want ad that you can customize for your business to find, interview, recruit and hire the best candidates for a ...

IT Employment

General discussion

User rights becoming a Headache

All Comments

NT 4.0 Huh ?

Thanks mate

Re: NT 4.0 Huh

Re: user rights

Software Procurement Policy

How to recruit and hire a Security Analyst

How to recruit and hire a DevOps engineer

How to recruit and hire a video game quest writer