NTFS Permissions Question

Archived from groups: microsoft.public.win2000.security (More info?)

I have a D drive on the server, with a few subfolders for user shares,
Quickbooks share, etc..

I blocked inheritance , and created appropriate permissions, ex. Quickbooks
share - Administrators full control, Quickbooks users full control.

My question is: What about the SYSTEM group? The default D share gave it
and all subfolders permissions to the folders by default. However, I blocked
inheritance, and am not sure if I should add the SYSTEM group to my shares or
not! What does the SYSTEM group mean, and what is its purpose?
2 answers Last reply
More about ntfs permissions question
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    You should be OK without this grant to SYSTEM, particularly
    given that you do have a grant of FULL to Administrators group.
    The Local System account that the core of the OS runs as is in
    fact a hidden member of the Administrators group.
    Grants to SYSTEM can become particularly important where
    Adminsitrators have no access by specific services running
    in the OS will be attempting file accesses.

    --
    Roger Abell
    Microsoft MVP (Windows Security)
    MCSE (W2k3,W2k,Nt4) MCDBA
    "PM" <PM@discussions.microsoft.com> wrote in message
    news:0D2C39F4-FB0D-471A-889F-B7C423B19DB2@microsoft.com...
    > I have a D drive on the server, with a few subfolders for user shares,
    > Quickbooks share, etc..
    >
    > I blocked inheritance , and created appropriate permissions, ex.
    Quickbooks
    > share - Administrators full control, Quickbooks users full control.
    >
    > My question is: What about the SYSTEM group? The default D share gave it
    > and all subfolders permissions to the folders by default. However, I
    blocked
    > inheritance, and am not sure if I should add the SYSTEM group to my shares
    or
    > not! What does the SYSTEM group mean, and what is its purpose?
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    On Fri, 18 Mar 2005 05:33:03 -0800, "PM"
    <PM@discussions.microsoft.com> wrote:

    >I have a D drive on the server, with a few subfolders for user shares,
    >Quickbooks share, etc..
    >
    >I blocked inheritance , and created appropriate permissions, ex. Quickbooks
    >share - Administrators full control, Quickbooks users full control.
    >
    >My question is: What about the SYSTEM group? The default D share gave it
    >and all subfolders permissions to the folders by default. However, I blocked
    >inheritance, and am not sure if I should add the SYSTEM group to my shares or
    >not! What does the SYSTEM group mean, and what is its purpose?

    There are a number of programs that can/will use the SYSTEM account
    for access. Backup software is the first that comes to mind, but it
    could be you have other software that may.

    Jeff
Ask a new question

Read More

Default NTFS Microsoft Permissions Windows