What is the purpose of the EVERYONE user on server 2000? Does it truly grant access to everyone? When i try to remove it i had to go back in and change the owner then fix the sharing on each of what seemed to be thousands of folders... Is the "EVERYONE" user a security risk?
"Everyone" is a security group, not a user. A more sensible approach would have been to grant permissions to "Authenticated Users" instead of "Everyone".
How do you authenciate a user...i know there's a security group for that...but how do you add the specific users i want in this security group? Thanks frank
so just replace the "everyone" security group with the "authenticated users" group and i should be much safer with regards to hacker attacks etc? as far as permissions in the security section of a folder i mean...
If you don't have shares that have access permissions using the 'everyone' group, there is no problem. There is no reason to remove the group, and more than a few things won't work without it (distributed AD shares across non-trusted domains, for example). If you described exactly what you're doing, better advice can be given.
i've set up a rudimentary active directory and a domain...i have three users in my office i have granted access to and blocked on certain folders.. I think i have active directory set up properly...i was just concerned about people getting their hands on one folder if there was a hacker trying to get in...we have certain ports closed that are used for remote dial ins, but i didn't know if my being on the internet on it could also pose a risk...
I am much more used to unix but.. what rights does the group "Everyone" have? If you're interested you should read a tutorial about security, don't do things you don't understand.
'Everyone' is a group of users...it doesn't have any inherent rights (at least none that are specific to the object....there are a few default permissions that include 'Everyone'). Jeff, if you have 3 users, what in the HELL could you possibly want with an AD structure? Talk about yer overkill... 1. Do _not_ browse the net from your server...that's terrible. 2. Scrap AD...you have no use for it. Simlpe file permissions and a workgroup structure is more than sufficient for an office with 3 people, if local office stuff is all you're dealing with. 3. If you don't have an understanding of what it means to secure your network from a networking/connectivity as well as permissions perspective, find someone who does to set up your office network...unless your office computing environment isn't very important to you. Can you learn on your own? Absolutely, but learn at home, or at work in a sandbox you can play in...not on the production network.
