Full control also allows deleting subfolders & files, taking ownership and changing permissions.
@roydenheimdal2 жыл бұрын
Couple questions. Wouldn't it be better to use "Authenticated Users" "Domain Users" or "Local Users" vs "Everyone" so as not to include "Guest" or "Anonymous" accounts? Most people have those accounts disabled, but I was told best practice was to not use the ""Everyone" group for assigning permissions. Also should "Local System" always be given rights to all files on the entire volume as many windows and other services (backup software for example) require that account to operate properly?
@WillieHowe2 жыл бұрын
Great questions and I'm glad you have them. This video was supposed to evoke these types of conversations.
@WillieHowe2 жыл бұрын
I typically create service accounts for backups. They aren't admins but have the proper permissions for backup. The passphrases are 20+ characters and generated when needed and not written down. If we have a problem we generate a new passphrase.
@roydenheimdal2 жыл бұрын
@@WillieHowe Yep, totally agree with having separate service accounts with correct permissions for each software/process (backup, virus scanning, etc) Thought I read somewhere that the local "system" account performed OS level responsibilities such as setting ntfs attributes (compressed directories, backup flags, ownership, etc.) I see that account is given full permissions by default on new OS installs, and have personally had directories exhibit odd behavior if removed.
@Red1Wollip2 жыл бұрын
My old friend, I am getting along better since my back surgery. Looking forward to the Saturday sessions buddy.
@WillieHowe2 жыл бұрын
I'm glad you're getting better!!
@kellygordon87432 жыл бұрын
Full control allows read/execute/write/delete folders/files within the share I believe
@jordynewithawhy2 жыл бұрын
Hey Man, just came across your Chanel and you seem like just the guy to make the video I need. I’m looking to connect waiters and guests via bracelets and was thinking your nfc’s chips could play a good role in that, any thoughts?
@juanbaggins2 жыл бұрын
Definitely groups over users when at all possible. Or you end up with a bunch of SIDs in your permissions over time as employees are terminated.