Posted On March 28, 2019

Restricting Access to Directory in Windows Shares

kimconnect 0 comments
blog.KimConnect.com >> Windows >> Restricting Access to Directory in Windows Shares
March 28, 2019March 28, 2019 kimconnectkimconnect 0 Comments

– Only allow Admins write access to root folders
– NTFS permissions at root directory for the “Everyone” group: Traverse Folder, List Folder
– Enable access based enumeration on the share to allow users to view ONLY folders in which they can access
– Create and apply security domain local groups with explicit permission semantics such as:
— FILESERVER1_Global_Accounting_ReadOnly or SHAREPOINT_Accounting_ReadOnly
FILESERVER1 _Global_Accounting_Modify
FILESERVER1 _Global_Accounting_FullControl
– Create a Global Deny group and add all disabled accounts into it
– Apply Global Deny group to root directory with Deny Full control permissions

Categories:

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Post Image

Read More

PowerShell: Quick Exercise On Disks Operations

# View disks on the system get-disk Number Friendly Name Serial Number HealthStatus OperationalStatus Total…
Post Image

Read More

Install PBX in a Flash

Download and install FreePBX version 13Set static IPsifconfig <= to find interface namevim /etc/sysconfig/network-scripts/ifcfg-eth0---------ADD-----------BOOTPROTO="static"IPADDR=192.168.139.139NETMASK=255.255.255.0BROADCAST=192.168.139.255NM_CONTROLLED=noONBOOT="yes"-----------------------vim /etc/sysconfig/network-scripts/ifcfg-eth1---------ADD-----------BOOTPROTO="dhcp"ONBOOT="yes"-----------------------vim…
Post Image

Read More

WordPress Multi-site with Single Sign On (SSO)

Step 1: Login Access the correct environment using wp_admin login with the DevOps standard password:…