global local security group question
- From: "Mike Brearley" <nospam@xxxxxxxx>
- Date: Tue, 12 Apr 2005 13:15:31 -0400
What's the proper way to setup security for a shared data directory?
Say I have the following directories:
Accounting
Engineering
Human Resources
Manufacturing
Marketing
Purchasing
Shared
In AD, there are global groups, i.e. Accounting_Read, Accounting_Full,
All_Users, Engineering_Read, etc . . . which the appropriate user accounts
are members of. Now, should I create local groups in AD and assign the
global group as a member of the local group and then assign the local group
access to the directories on the file server? Or should I leave out the
local groups and just assign the global groups permissions to the
directories? Or should I create groups on the file server itself and assign
the global groups as members of the file server level groups and assign the
file server level groups access to the directories?
I know it works any way I do it, but what is the proper (Microsoft) way of
doing it?
--
Posted 'as is'. If there are any spelling and/or grammar mistakes, they
were a direct result of my fingers and brain not being synchronized or my
lack of caffeine.
Mike Brearley
.
- Follow-Ups:
- RE: global local security group question
- From: Tor H.
- Re: global local security group question
- From: ptwilliams
- Re: global local security group question
- From: Chriss3 [MVP]
- RE: global local security group question
- Prev by Date: RE: Raising the Domain Functional level to Windows 2003
- Next by Date: Re: ADAM Foreign Principal Group Membership.
- Previous by thread: Site Links?
- Next by thread: Re: global local security group question
- Index(es):
Relevant Pages
|
