i have provided full access to some users, i.e Read,write and modify but not RDP. But they are not able to delete the files. They can delete the files only if they are added into Domain Admin group which also means that they RDP into that Particular machine. Can anyone help?
Asked
Active
Viewed 44 times
-1
-
Make sure users have appropriate not only NTFS permissions, but Share permissions as well. – Volodymyr Molodets Mar 12 '13 at 13:53
1 Answers
0
I highly suggest reading up on NTFS permissions.
You would need to give each user(or add them to a group) explicit DELETE permissions on the files and folders, along with Modify, Write, Read & Execute on the objects within the folders.(or Full Control, which will give them the ability to do anything with the files/folder). Adding those users to the Domain Admins group is a huge security risk.
I would strongly consider analyzing exactly what the user needs, instead of just giving them full control on everything and the ability to really screw things up.
colealtdelete
- 6,017
- 2
- 30
- 34