Permissions

I have one external TeraStation which is used to backup things on my network.  It is setup on the Domain and managed by Active Directory.  How can I prevent users registered on our domain from accessing this external TeraServer on the network?

Running SBS2003
jrpellegrinAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Aj8787Commented:
Goto the Terastation instance in AD users n computers, It should be in domain controllers class.

Right click goto properties- security

There you can manage users who can read/write/none permission to the terastation.

This should work.
0
Chris DentPowerShell DeveloperCommented:

> There you can manage users who can read/write/none permission to the terastation.

That controls read/write permission to the account object in Active Directory. It has no effect on TeraServer as a network device.

Does the TeraServer have any local firewall capabilities?

What kind of access are you trying to prevent?

Chris
0
jrpellegrinAuthor Commented:
Chris,

  Our TeraServer does not have any local firewall capabilities.  This TeraServer was once used as Network Storage Device but now it holds our backup data so I do not want any/everyone to have access to this informatioin.  The only people I would like to have access is our Domain Administrators.

  I went to the location referenced above and the only group listed under our TeraServer Properties/Member of is "Domain Computers".  I added the "Administrators Group" to this list and tried to remove the "Domain Computers Group" but when I tried this, I receive an error message stating that In order to remove the "Domain Computers Group" I would first need to set the "Administrators Group" as the Primary Group, which is greyed out and not an option for me to do.

  I know this should not be rocket science here but for the life of me, I am not able to figure this one out...........lol

Thanks,

JRP
0
Chris DentPowerShell DeveloperCommented:

It almost is rocket science you know...

Nothing you do in AD will secure this system.

You either need to look at your network, or on the TeraServer for a way to secure it... options are pretty limited really:

1. Firewall it
2. Isolate it (as in don't put it on your production LAN)
3. Do "something" on the TeraServer that will prevent access

Chris
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.