Solved

How do I make it so that no one except the Administrators can see the Security tab in the Properties window of a Directory or file?

Posted on 2008-10-05
1
172 Views
Last Modified: 2013-12-04
I want to make it so certain users cannot see the security tab or be able to edit the security permissions.  How do I do that?  
0
Comment
Question by:michaelbphillips
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 11

Accepted Solution

by:
sysreq2000 earned 250 total points
ID: 22645485
Start Active Directory Users and Computers.
 
Right-click the domain, and then click Properties.
 
Click the Group Policy tab on the domain properties dialog box to view the default domain policy.
 
Click New. New Group Policy Object should appear in the list of objects. Rename this Policy to Remove Security Tab. Make sure this policy is positioned directly under the default domain policy.
 
Click Remove Security Tab, and then click Edit to start the Group Policy Editor.
 
Expand Computer Configuration, Windows Settings, Security Settings, and then click Registry.
 
Right-click in the left pane, and then click Add Key.
 
Paste the following key in the text box, and then click OK:
CLASSES_ROOT\CLSID\{1F2E5C40-9550-11CE-99D2-00AA006E086C}

Note that there may be a delay before you can proceed to the next step, and this is normal.
 
The Database Security Editor appears. You need to add the user or group that you want the Security tab to be removed from.
 
Change the permission on this key for the users and/or groups that you added in the previous step to "Deny Read." This prevents the user from being able to instantiate the needed components to display the Security and Sharing tabs. Click OK twice to complete the settings and exit the Group Policy Editor.
 
Click New. New Group Policy Object should appear in the list of objects. Rename this Policy to Remove Sharing Tab. Make sure this policy is positioned directly under the default domain policy.
 
Click Remove Security Tab, and then click Edit to start the Group Policy Editor.
 
Expand Computer Configuration, Windows Settings, Security Settings, and then click Registry.
 
Right-click in the left pane, and then click Add Key.
 
Paste the following key in the text box, and then click OK:
CLASSES_ROOT\CLSID\{40dd6e20-7c17-11ce-a804-00aa003ca9f6}

Note that there may be a delay before you can proceed to the next step, and this is normal.
 
The Database Security Editor appears. You need to add the user or group that you want the Security tab to be removed from.
 
Change the permission on this key for the users and/or groups that you added in the previous step to "Deny Read." This prevents the user from being able to instantiate the needed components to display the Security and Sharing tabs. Click OK twice to complete the settings and exit the Group Policy Editor.

And of course, credit where credit is due:

http://www.commodore.ca/windows/remove_sharing_security_tab.htm

0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question