Solved

Windows 2003 single domain- Best practice user grouping for folder access

Posted on 2009-07-01
2
374 Views
Last Modified: 2012-05-07
I'm trying to get an easy and clean idea how to group users for folder access permission in Windows 2003 mixed mode single domain.

For example,
F:\(Data)
|-Accounting
       |-Client Billing Info
           |-Reports
           |-Client Scores
       |-Promotion
           |-Client Billing Info
|-Reservation
|-Management      

Let's say under Accounting folder, I want to give different access permissions for different sub folders.
I have;

UserA
UserB
UserC
UserD

I want to give UserA and UserB modify permission to Client Scores folder and Reports
I want to give UserC read permission to Client Report only
I want to give all read permission to Reservation
I want to deny all to Management.


0
Comment
Question by:crcsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 1

Author Comment

by:crcsupport
ID: 24755720
I can't add Global group to Global group or Local to Local, but only Global to Local, which makes difficult to group users in inheritance for access permissions.
I don't know it's because the functional level of the domain is windows 2000 mixed mode. I can raise the domain to native mode, but wonder how other big companies do user groupings with large mixed mode....
0
 
LVL 1

Accepted Solution

by:
crcsupport earned 0 total points
ID: 24757744

In Windows 2000 mixed mode, Global to Global is not allowed. Domain needs to be raised to Windows 2000 native or Windows 2003 native mode.

Windows 2000 mixed mode: AGDLP (Account to Global to Local to Permission)
Windows 2000/2003 native: AGGUUDLP(Account to Global, Global to Universal, Global/Universal to Local, Local to permission)
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question