What should be the permissions at the root level of W2K and W2K3 Servers?

It is frustrating to me that I can not get a clear answer from Microsoft on what the default permissions should be at the root volume of any of there OS's. After a volume is formatted as NTFS, the everyone group is given full rights. I know this is not good security. What should it be? I have added the Administrator's group and given them full rights and reduce the Everyone Group to Read & Execute, List Folder Contents and Read. Should this group be removed and replaced with Authenticated Users group, or Users or Domain Users. What is the BEST Practice?
Who is Participating?
joedoe58Connect With a Mentor Commented:
To make changes in security is always a tricky thing since there are so many things that can play a role in what you do. As I said earlier I try to eliminate permissions for the everyone group wherever possible, but I would not remove the group. As you suggested to put Authenticated users instead of everyone is a good choice unless it is an area where you know you want to be more restrictive.
Personally i do what you have done. I do try to eliminate the everyone group.
habanagoldAuthor Commented:
Do you know of a best practice for this. Would you remove the everyone group and use the Authenticated Users?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.