• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 167
  • Last Modified:

Allowing all users Full Control to just one folder... associated risks?

I need to give all users Full Control to a directory on their local machines.  Let's say this folder is C:\MyFiles.
Does this pose a risk to:
1. the rest of the PC?
2. the network?
0
Sigh_Man
Asked:
Sigh_Man
  • 6
  • 6
1 Solution
 
bradleys40Commented:
you should use authenticated users rather than everyone this will ensure that domain authentication is required prior to access
0
 
Sigh_ManAuthor Commented:
Thanks for your speedy response!
If I give Full Control to Authenticated Users, does that mean that they will have FULL control over that particular folder - or will they inherit only those rights afforded to them by the network administrator?
I need users to be able to create/delete/read/write/overwrite etc in relation to this one folder.
0
 
bradleys40Commented:
you can specify what access you give as long as you have ntfs you can use advanced permisions and choose whatever you want the access to be, is the file on a server or on their local machines
permissions.JPG
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
Sigh_ManAuthor Commented:
on their local machines
0
 
Sigh_ManAuthor Commented:
Sorry -- it is an entire DIRECTORY - not just a specific file
0
 
bradleys40Commented:
you can specify the access to a folder/directory in the same way as at file level.
the permissions will need setting up on the top level folder and the pushing to the "children" objects ensure that that option is selected "replace permissions on child objects"
folder.JPG
0
 
bradleys40Commented:
Oh!! turn off inherit from parent too
0
 
Sigh_ManAuthor Commented:
So if full permissions are given to a directory in this way, would this compromise security for the whole PC or, worse still, the entire network?  (I appreciate that might seem obvious! this is the last posting!)
0
 
bradleys40Commented:
no it would only assign access to that folder and the underlying folders using authenticated users will ensure that domain security was applied so only people logging on with a valid domain account could access the data.
this will not effect the rest of the network just the local directory
0
 
Sigh_ManAuthor Commented:
Great.  thank you for your help  :)
0
 
Sigh_ManAuthor Commented:
Swift response - thank you.
0
 
bradleys40Commented:
you welcome
0

Featured Post

2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

  • 6
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now