What should be the permissions at the root level of W2K and W2K3 Servers?

It is frustrating to me that I can not get a clear answer from Microsoft on what the default permissions should be at the root volume of any of there OS's. After a volume is formatted as NTFS, the everyone group is given full rights. I know this is not good security. What should it be? I have added the Administrator's group and given them full rights and reduce the Everyone Group to Read & Execute, List Folder Contents and Read. Should this group be removed and replaced with Authenticated Users group, or Users or Domain Users. What is the BEST Practice?
LVL 1
habanagoldAsked:
Who is Participating?
 
joedoe58Connect With a Mentor Commented:
To make changes in security is always a tricky thing since there are so many things that can play a role in what you do. As I said earlier I try to eliminate permissions for the everyone group wherever possible, but I would not remove the group. As you suggested to put Authenticated users instead of everyone is a good choice unless it is an area where you know you want to be more restrictive.
0
 
joedoe58Commented:
Personally i do what you have done. I do try to eliminate the everyone group.
0
 
habanagoldAuthor Commented:
Do you know of a best practice for this. Would you remove the everyone group and use the Authenticated Users?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.