I have folder that will be accessed by two groups.
First group: can make changes to the files inside the folder.
Second group can view and print only.
Should I create two security groups within AD? or just one containing the users that can make changes?
What is the best practice to accomplish this?
By the way, I'm still operating in a mix environment: win2k and win2003 servers. The DC's are Win2003 standard edition.