I am the DIrector of a small consultancy company. As such I am storing certain sensitive information on my SBS2003 Server. This currently resides in a Sharepoint Site which can only be accessed by certain key users (the Company Directors) and these are assigned as yusers to the SHarepoint Site. I do not want any other users to access the site at all.
I would also like to setup certain users (non-Directors) with Adminsitrative Accounts to allow them to performed configuration of VPNs, Exchange, and much of the networking as well as remote access to the Server from outside our internal LAN via RWW.
At present I can only seem to create a user as an Admin Account which means they get full rights to the Server and access to the sensitive data Folder or conversely as a Mobile User in which case they get no rights to performing network configuration (running Server Manageent) nor accessing the Server console from a remote location.
Having read a little around the subject, I think there must be a way to limit the Adminsitrative rights of a user perhaps using Group Policies or Security Groups. However, none of the literature seems to be very clear on what permissions I need to set and what not and whether i need to sue policies or not.
Would be grateful for any help in this area.