Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
Mr. Anderson2020-11-06 04:57:14
Windows
Mr. Anderson, 2020-11-06 04:57:14

Description of security group rights?

Good day.

We deployed a new server and filled it with a huge ball consisting of 25 folders and a lot of nested ones.
It is necessary to differentiate rights and create security groups. Please tell me briefly how to organize it wisely, or even better, point your finger at articles on the Internet (apparently, I’m writing a request and I can’t find anything worthwhile).

The structure is something like this:

  • The root of the folder
  • one.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.

It is clear that the root of the folder only RO on this folder without subfolders. But for example, in the root of this folder there is a file that the personnel officer should edit. How to organize all this? Ask for help from knowledgeable people.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
A
Alexey Dmitriev, 2020-11-06
@roman_tonkoshkurov

Yes, you can give Read and Execute to the root folder for Authenticated Users.
Share rights - Full Control for Authenticated Users.
Create three types of groups for each folder with a certain approach to their naming (prefix suffix and folder name in the middle for example):
1. List and traverse ("Traverse folder/execute file and List folder/read data") to "This folder only" . (so you can "fall through" into a folder)
2. read and execute to This folder, subfolder and files" (read access)
3. Modify to This folder, subfolder and files" (edit access).
Group 1 must be a member of group 1 of the parent folder, group 2 and 3 with permissions on the folder must be a member of group 1 of the parent folder (so that you can go down in the folder structure to groups with access rights).
And 4 types of groups - for confidential folders (when inheritance of rights from the parent folder is disabled))
And then just add accounts to the groups you need and notify that access will appear in a maximum of 10 hours (the default TGT lifetime)

Report
D
Dmitry, 2020-11-06
@Tabletko

The directory structure tree must be in RO. At the root, only structural directories. On them also we hang the rights through groups.

Report
N
noZero, 2020-11-09
@noZero

In general, by hand, this is all very long. Read up on GPOs and how they apply to file servers.
First, it will come in handy in the future.
Secondly, you automate processes.

Similar questions
A
Alexander Shapoval2016-08-21 10:28:09
Duplicate compound key error in MySQL. How to ignore these situations? 4Reply
L
Larry_Flint2020-09-22 15:58:06
Strange Windows 10 behavior? 2Reply
D
Denis Kotov2016-06-20 05:41:49
How to configure file autoload with certain parameters? 1Reply
N
NotDedicated2020-09-22 18:33:39
How to change the title of the context menu item to the correct one? 0Reply
S
Spooky 20202022-01-19 16:54:32
How can I set VS Code to open an external terminal in the current folder? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question