+ Post New Thread
Results 1 to 5 of 5
Windows Thread, Standard Domain user needs folder permission rights in Technical; Hi, I have one particular user that needs to be able to add/remove other domain users to a series of ...
  1. #1
    Ben_Stanton's Avatar
    Join Date
    Jan 2007
    Location
    Hertfordshire
    Posts
    448
    Thank Post
    9
    Thanked 15 Times in 14 Posts
    Rep Power
    18

    Standard Domain user needs folder permission rights

    Hi,

    I have one particular user that needs to be able to add/remove other domain users to a series of folders (these folders can all be within one dedicated folder). What is the best way of doing this? Obviously, I don't want that user to have domain admin rights. Can it be done?

    Cheers

  2. #2

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,157
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124
    Do you have exchange?

    If so, create a universal security group. Give that group the rights you need and make the person the manager of the group and tick the box saying "manager can update membership"

    When that person wants to update who has access to the folder they just go into Outlook address book and update the address list. Because it's also a security group they change the effective permissions on the folder.

    This can be quite a nice way of working - you often have a situation where a group of people are working together - this gives you a group email and a group folder.

    If you don't have Exchange then you can give the person full control over that folder and they can add/remove users but this is a nightmare to maintain

  3. #3
    Ryan's Avatar
    Join Date
    Jan 2008
    Location
    Scotland
    Posts
    537
    Thank Post
    12
    Thanked 16 Times in 15 Posts
    Blog Entries
    1
    Rep Power
    29
    You can be very specific about who gets what for folders and files.

    Right click on a folder and choose Properties. Click on Security tab then hit Advanced. Choose an entry (either user or group) and hit Edit. In here, you can allow them more (and very specific) control over what they can do, and the setting of permissions etc.

    Test with a test account first perhaps, and be careful not to allow too many rights, just the ones they need.

    @Steve: Interesting. Do you find this method of delegation works ok? Do people remember to update as and when req'd?

  4. #4
    Ben_Stanton's Avatar
    Join Date
    Jan 2007
    Location
    Hertfordshire
    Posts
    448
    Thank Post
    9
    Thanked 15 Times in 14 Posts
    Rep Power
    18
    Yeah, shjould have looked before creating a topic. Already done it using 'advanced' in secuirty. Knew I had seen it somewhere.

    Thanks - good idea with exchange too.

  5. #5

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,157
    Thank Post
    116
    Thanked 529 Times in 452 Posts
    Blog Entries
    2
    Rep Power
    124
    Quote Originally Posted by Ryan View Post

    @Steve: Interesting. Do you find this method of delegation works ok? Do people remember to update as and when req'd?
    It's all they get :-)

    We do get people who haven't got a clue; we have an intranet page with pictures of what to do which they can use. In general it works well and the biggest benefit is that you don't get "orphaned sids" (Joe Bloggs leaves and a folder still has their SID attached - there's no way of easily tracking down which folders Joe Bloggs was allowed to access).

    it's also much easier to have people in groups - Joe Bloggs leaves and is replaced by Jenny Bloggs. All you have to do to make sure that Jenny has the same rights as Joe is to put her in the same groups as Joe - none of the "Oh, I think he used to be able to do xxxx" type stuff :-)

SHARE:
+ Post New Thread

Similar Threads

  1. FileSystemObject Folder why permission denied
    By NetworkGeezer in forum Coding
    Replies: 16
    Last Post: 2nd September 2011, 05:10 PM
  2. adding folder security permission on all PCs
    By edie209 in forum Windows
    Replies: 7
    Last Post: 7th December 2007, 11:39 AM
  3. Granting Permission: Task Mgr, Admin rights for install
    By lemonstar in forum Network and Classroom Management
    Replies: 4
    Last Post: 29th August 2007, 01:53 PM
  4. Folder Redirection and Permission problem
    By ArchersIT in forum Windows
    Replies: 8
    Last Post: 24th July 2007, 09:02 AM
  5. Replies: 15
    Last Post: 12th October 2006, 09:37 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •