• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 251
  • Last Modified:

Best practice for locking down application shared drive

We are in the process of locking down and organizing our network shares. We've gotten them all organized and locked down except for the one houses all the program files.

How do you go about this as some programs require write access to certain folders where flat files are kept and local access DB are edited. There programs don't usually run as a service.
1 Solution
we do the same for our applications share as we do for our users/file server shares. Create a group for each application and apply it to the folder. Add the users to the group that require access to this particular system and hey presto.

You may need to experiment with permissions levels eg what needs just write permissions or full control permissions.
Justin OwensITIL Problem ManagerCommented:
This article describes the thought processes and philosophies you need to adopt when deploying new security policies and templates.


Your issue is going to be several fold.  First, you will need to identify what type of access is needed on what folders, files, and registry keys (yes, sometimes programs need administrative rights to the HKLM hive).  You can go about this via the trial and error method or by contacting the vendor/developer of the application(s).  You can also use various monitoring tools to "discover" changes made to your system while that/those program(s) is/are in use.  You can use things like ProcMon and ProcExp from the SysInternals Suite.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now