?
Solved

What is this type of access/configuration policy?

Posted on 2015-01-07
9
Medium Priority
?
193 Views
Last Modified: 2015-01-08
Heyas,

A rather odd question if you have 3 configuration files;
Domain config (Top)
Computer config (Middle)
User config (Bottom)

And your access policy states that configuration in the User can override any matching permissions/blocks in the computer config and domain config. Whilst the computer config and override any matching permission/block in the domain config. What is the name of an access/configuration policy structure?

Thank you
0
Comment
Question by:Zack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 80

Expert Comment

by:arnold
ID: 40537173
Is this an assignment?

a policy where the domain has unequivocal authority over the computer which has it over user would likely be called centralized/concentrated type.
0
 

Author Comment

by:Zack
ID: 40537229
No I'm not doing an assignment I am writing a report. What your saying is correct however a user config would override a computer config if their no equivalent policy in the computer config.  Is their any term for that?
0
 
LVL 80

Accepted Solution

by:
arnold earned 2000 total points
ID: 40537237
The opposite, I think it would be decentralized.
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 

Author Comment

by:Zack
ID: 40537304
Can you provide any whitepapers or links that describe this type of access control structure?
0
 
LVL 80

Expert Comment

by:arnold
ID: 40537320
What is the context of your report?  I simply reformulated your access control to come up with initially a clue in the event this was an assignment.

You can have it defined as a weighted access where domain has the highest weight least preferred to user that has the lowest weight highest preference.

In different schemes it can be interested from least specific to most specific .

I am trying to understand what it is you are trying to get to, to properly formulate the issue at hand in order to determine what the answer is.
0
 
LVL 83

Expert Comment

by:David Johnson, CD, MVP
ID: 40537598
lsdou  local,site, domain,org unit are the orders of precedence in group policy

http://technet.microsoft.com/en-us/library/cc785665%28v=ws.10%29.aspx
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40537798
That's the first thing that came to mind for me too, David - Group Policy.
0
 
LVL 80

Expert Comment

by:arnold
ID: 40537892
GPO is centralized where settings set in a domain can not be overridden by anything unless another policy is enforced.  While he ordered them domain, computer, user the dominant is the user not the domain.
0
 

Author Closing Comment

by:Zack
ID: 40539657
That's fine I will leave it at that, as I am still learning about the system myself I don't have any information as this stage.

Thanks for the help.
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question