Solved

What does W2K Everyone account do and can I remove it?

Posted on 2006-11-17
1
587 Views
Last Modified: 2012-06-21
Hi, I'm putting up a web server and will host a web site for experience and fun. I use Windows 2000 Advance Server, IIS 5 and Access database on my C drive. Now I have 2 questions about security:
1. it is said that you should store your database on a different drive for security. Is it really helpful? (My D drive has no OS installed).
2: I went to the properties of both my c and d drive. On the security tab. There's only one user: Everyone. And he is given full control. If I remove this user, does it mean IUSR_computerName can't access my web page even if I add him on the security tab and assign him read & Execute permission. And will administrator be able to do his job if I add him and give him full control.

In fact, what exactly is this Everyone thing?

Thank you
0
Comment
Question by:causewaybay
1 Comment
 
LVL 16

Accepted Solution

by:
Brian Pringle earned 250 total points
ID: 17970078
Database:

A separate drive is recommended, but at a minimum, put it in a folder that is not under "C:\Inetpub".  Put is somewhere else, like "C:\WebDatabase".  


Permissions:

Do *NOT* use the "Everyone" group for any of your folders.  At the root of the C: drive, change the permissions as follows.  Propagate the settings down to subfolders.

Remove -- Everyone
Add --
    Administrators          Full Control
    SYSTEM                   Read Only
    Users                       Read Only

Then, change the permissions of the C:\Inetpub folder as follows.

Add --
    Administrators          Full Control
    SYSTEM                   Read Only
    Users                       Read Only
    IUSR_compname       Read and execute
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OnPage: Incident management and secure messaging on your smartphone
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

837 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question