Active Directly User Account Permissions

Giganews Newsgroups
Subject: Active Directly User Account Permissions
Posted by:  John L
Date: Tue, 10 Aug 2010

We are looking to add a particular user to our Active Directory with limited
permissions to certain designated folder locations on the network.  We are
having some issues getting this configured correctly, however.

The main issue is that I have been unable to restrict this said user account
from being able to access root level network paths and I suspect that this
may be the result of having applied the standard “Everyone” permission to
some of the Root level folders.

Is there a way to remove *certain* users from the “Everyone” category?  Or
is that the point of having that “Everyone” category; that being that
“Everyone” means every user account on the domain, regardless of the other
security settings which may have been applied.

In my attempt to get this configured correctly, I have removed this user
from the standard “Users” group, hoping that this would produce the results
that I need (I basically created a secondary group which does not yet have
permissions to any network locations and added this user account to that
group.  Then, I removed this user from the standard “Users group).  However,
this user account can still access root level network locations that I need
to restrict the account from accessing.

I sincerely appreciate the help and suggestions.

Replies