Default permissions level in Windows Server 2008
Posted on 2011-05-07
I was working to enhance the security level of my server and wanted to remove the "Users" group all permissions so that only the system and admins could do anything to the server.
To do that i had to take ownership of the c: drive and remove the "Users" group from the list. I also added a deny rule to the "Users" group that denied the users from taking ownership and changing permissions.Then i used the "Replace on all child objects" option and clicked apply.
What then happened (which i should have foreseen) was that all custom permissions to all folders was completely replaced by this. For instance the iis_iusr user was removed from the root of my webfolder so that my site went down. The server manager application also gave me "access denied" messages when i tried to access it. I think this message was regarding the logs as all the logs there were gone.
I have managed to get everything working again, but i fear that i now have a level of security that is lower than it was before, so i want to make everything as it was before, but i am unable to find out what was the default permissions levels. Can anyone help me?