Click here to get back home

Re: server 2008 questions

 HomeNewsGroups | Search

microsoft.public.windows.server.security - Supporting MS Windows network? Read here before it's too late! 

get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Re: server 2008 questions PA Bear [MS MVP] 03-05-2009
Posted by PA Bear [MS MVP] on March 5, 2009, 8:37 pm
Please log in for more thread options
[Forwarded to Server General and Server Security newsgroups for broader
exposure.]

Kim K wrote:
show/hide quoted text


Posted by Isaac Oben [MCITP,MCSE] on March 5, 2009, 10:16 pm
Please log in for more thread options
Kim,
Is your Windows Server 2008 a domain controller or it is in a workgroup.

If it is in a workgroup, then go to start, Administrative Tools, Local
security policy, and on Account Policies, you will see password policy. If
you are in a domain, then you may want to look into your default domain
policy in GPO by going to start, administrative tools, Group policy
management, and select your domain and choose default domain policy, right
click and edit. Go to computer configurations, policies, windows settings,
account policies, password policy.



--
Isaac Oben [MCTIP:EA, MCSE]
show/hide quoted text


Posted by Meinolf Weber [MVP-DS] on March 6, 2009, 1:52 am
Please log in for more thread options
Hello Kim,

Password policy has to be configured in a GPO in the domain policy under
computer configuration, windows settings, security settings, Password policy.

If you have forest/domain functional level windows server 2008 you can also
use the "fine grained password policy" to have different settings based on
OU's:
http://technet.microsoft.com/en-us/library/cc770394.aspx

http://technet.microsoft.com/en-us/library/cc770842.aspx

Have a look here abolut folder redirection:
http://technet.microsoft.com/en-us/library/cc732275.aspx

http://technet.microsoft.com/en-us/library/cc778976.aspx

http://technet.microsoft.com/en-us/library/cc785925.aspx

When you use Group policy preferences you can map a network drive to the
users. For OS versions earlier then Vista/2008 you have to install the Client
side extensions on the machines.

CSE XP 32bit:
http://www.microsoft.com/downloads/details.aspx?FamilyID=e60b5c8f-d7dc-4b27-a261-247ce3f6c4f8&displaylang=en

CSE XP 64bit:
http://www.microsoft.com/downloads/details.aspx?familyid=249C1AED-C1F1-4A0B-872E-EF0A32170625&displaylang=en

CSE 2003 32 bit:
http://www.microsoft.com/downloads/details.aspx?familyid=BFE775F9-5C34-44D0-8A94-44E47DB35ADD&displaylang=en

CSE 2003 64bit:
http://www.microsoft.com/downloads/details.aspx?familyid=29E83503-7686-49F3-B42D-8E5ED23D5D79&displaylang=en

CSE Vista 32bit:
http://www.microsoft.com/downloads/details.aspx?FamilyID=ab60dc87-884c-46d5-82cd-f3c299dac7cc&displaylang=en

CSE Vista 64bit:
http://www.microsoft.com/downloads/details.aspx?familyid=B10A7AF4-8BEE-4ADC-8BBE-9949DF77A3CF&displaylang=en


If they should have the permissions to modify, they also need the delete
permission, modifying is deleting the old file and saving the new file, but
you will not see this in reality.

I assume you like to prevent users from deleting folders you created in the
structure, so you can use the "Advanced" permission and configure in detail
the different levels of folder/file structure for the users/groups. Try it
out with a test share for yourself first. If you edit here a user/group you
can see the "Apply to" field, here you can set the level where your permissions
will apply.

Keep in mind as deep as you configure it, as much work in case of problems
you will have, especially if you do not document it!!!

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


show/hide quoted text



Posted by Kim K on March 6, 2009, 7:59 am
Please log in for more thread options
Thank you so much for your help! After a long day trying to figure out what
is wrong with a login script at work I came home to find that server 2008 was
a bit different adn my patience had worn quite thin.

I managed to find the advanced setting for NTFS permissions, I am glad as
with your help I can function now.

My ONLY other question is that when I set up a folder and share it out, and
I am specifying/wanting one user for a home directory, is this correct? And
do I no longer or maybe its not even necessary to hide it?

Thank you again!
--
Thanks,,
Kim


"Meinolf Weber [MVP-DS]" wrote:

show/hide quoted text
http://www.microsoft.com/downloads/details.aspx?FamilyID=e60b5c8f-d7dc-4b27-a261-247ce3f6c4f8&displaylang=en
show/hide quoted text
http://www.microsoft.com/downloads/details.aspx?familyid=249C1AED-C1F1-4A0B-872E-EF0A32170625&displaylang=en
show/hide quoted text
http://www.microsoft.com/downloads/details.aspx?familyid=BFE775F9-5C34-44D0-8A94-44E47DB35ADD&displaylang=en
show/hide quoted text
http://www.microsoft.com/downloads/details.aspx?familyid=29E83503-7686-49F3-B42D-8E5ED23D5D79&displaylang=en
show/hide quoted text
http://www.microsoft.com/downloads/details.aspx?FamilyID=ab60dc87-884c-46d5-82cd-f3c299dac7cc&displaylang=en
show/hide quoted text
http://www.microsoft.com/downloads/details.aspx?familyid=B10A7AF4-8BEE-4ADC-8BBE-9949DF77A3CF&displaylang=en
show/hide quoted text
permissions
show/hide quoted text

Posted by Meinolf Weber [MVP-DS] on March 6, 2009, 3:54 pm
Please log in for more thread options
Hello Kim,

Hiding or not for the folders depends on you. On the ADUC user account
properties
you can point the to the home folder.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


show/hide quoted text



Similar ThreadsPosted
Re: Upgrading of 2003 domain to 2008 domain, checklist, questions? January 1, 2009, 6:43 am
2003/R2 certificate server questions March 13, 2007, 10:27 am
2003/R2 certificate server questions March 12, 2007, 10:24 pm
Questions about the artical "DCOM Security Enhancements" for Windows Server 2003 SP1 January 15, 2006, 9:47 pm
AV for 2008 server January 17, 2010, 7:50 am
Server 2008 Cluster September 11, 2008, 3:05 am
httpcertcfg for server 2008 September 22, 2008, 1:02 pm
failsafe PKI (Server 2008) October 28, 2008, 9:53 am
Server 2008 RAS/NPS setup October 29, 2008, 4:15 pm
RDP over VPN to Windows Server 2008 November 5, 2008, 11:46 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Driving a better car - Fuelzilla.com

Cabling site for homeowners and pros alike - Cabling-Design.com

Friends:

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap
Privacy Policy