NTFS ownership queestion

Toggle sidebar Toggle sidebar
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

When a user creates a file who is a member of the administrators group, thet
administrators group becomes the owner of the file. Why isn't it the actually
user account? Is there anyway to change it the way it works for power users,
where, if a user is a member of the power users group, the account becomes
the owner rather than the power users group.

Thanks
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

GCCC wrote:
> When a user creates a file who is a member of the administrators
> group, thet administrators group becomes the owner of the file. Why
> isn't it the actually user account?

This behavior can be changed by "Security Options" -> "System Objects:
Default Owner for objects created by members of the Administrators group"
option in local security policy (or group policy computer settings, if you
are a member of a domain).

A good reason to use this option in a business setting is that there may be
several administrators (IT staff) who may come and go over time, who install
programs and create shared resources that may outlast them and their
accounts (when they leave). Having things owned by a built-in group insures
all administrators have equal access and helps avoid "abandoned" ownership.

--
Chris Priede (priede@panix.com)
 
G

Guest

Guest
Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Chris - thanks for the info

"Chris Priede" wrote:

> GCCC wrote:
> > When a user creates a file who is a member of the administrators
> > group, thet administrators group becomes the owner of the file. Why
> > isn't it the actually user account?
>
> This behavior can be changed by "Security Options" -> "System Objects:
> Default Owner for objects created by members of the Administrators group"
> option in local security policy (or group policy computer settings, if you
> are a member of a domain).
>
> A good reason to use this option in a business setting is that there may be
> several administrators (IT staff) who may come and go over time, who install
> programs and create shared resources that may outlast them and their
> accounts (when they leave). Having things owned by a built-in group insures
> all administrators have equal access and helps avoid "abandoned" ownership.
>
> --
> Chris Priede (priede@panix.com)
>
>
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom