Re: Server 2008: You don't currently have permission to access thi
- From: da crusher <dacrusher@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 27 Jan 2009 10:08:03 -0800
I have been researching the same 'features'. I don't mind being prompted for
performing administrative functions, but it doesn't appear that the Local
System Policy or anything else provides enough granularity to where you can
exempt just the folder/file structure access - it's either all or none.
"HAL07" wrote:
Thanks for the info anyways..
Meinolf Weber [MVP-DS] wrote:
Hello HAL07,
IE shows it correct.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
That page seemed to render incorrectly in Firefox
Meinolf Weber [MVP-DS] wrote:
Hello HAL07,
Maybe this gives you more infos, how UAC works:
http://technet.microsoft.com/en-us/library/cc505883.aspx
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Thanks, however I wonder why traversing a directory triggers UAC,
even if one has access to it. Especially on a server.
Meinolf Weber [MVP-DS] wrote:
Hello HAL07,
When an administrator logs on to a computer running Windows Vista
or Windows Server 2008, the user is assigned two separate access
tokens. Access tokens, which contain a user's group membership and
authorization and access control data, are used by Windows® to
control what resources and tasks the user can access.
The only account that has the FULL control is the administrator
account.
All other admins are prompted with UAC. You have the following
options:
- disable UAC - run all with the "Run as Administrator..." option.
-
check out and TEST the GPO, Computer configuration, windows
settings,
security settings, local policies, security options, "User account
control: Behavior of the elevation prompt for administrators in
Admin
Approval Mode", choose "Elevate without prompting".
In my opinion you should NOT use that policy. It lowers the
security
tremendous.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
I get this popup all the time when logging in to a server as a
member of the Domain admins (not administrator) and try to go into
directories I've not been in before.
I then have to Click Continue and I get a UAC popup that edits the
security ACLs on the folder.
After, I see that my username is added with the new permissions:
- Read & Execute
- List folder contents
- Read
However I am a member of Domain Admins. How can Windows then still
ask
me for access to a folder? Doesn't Windows Server 2008 file
explorer
support nested groups?
--
-- HAL07, Engineering Services, Norway
- References:
- Server 2008: You don't currently have permission to access this folder
- From: HAL07
- Re: Server 2008: You don't currently have permission to access this folder
- From: Meinolf Weber [MVP-DS]
- Re: Server 2008: You don't currently have permission to access this folder
- From: HAL07
- Re: Server 2008: You don't currently have permission to access thisfolder
- From: Meinolf Weber [MVP-DS]
- Re: Server 2008: You don't currently have permission to access thisfolder
- From: HAL07
- Re: Server 2008: You don't currently have permission to access thisfolder
- From: Meinolf Weber [MVP-DS]
- Re: Server 2008: You don't currently have permission to access thisfolder
- From: HAL07
- Server 2008: You don't currently have permission to access this folder
- Prev by Date: Re: NT folder compression on Windows Server 2003
- Next by Date: insufficient system resources exist to complete the requested serv
- Previous by thread: Re: Server 2008: You don't currently have permission to access thisfolder
- Next by thread: Allow domain users to be local admins..
- Index(es):
Relevant Pages
|
Loading
