|
Posted by Roger Abell [MVP] on November 7, 2005, 2:26 pm
Please log in for more thread options No. Will is confusing a couple of different things.
The Restricted you are mentioning is a sid used to limited
the abilities of certain accounts when this sid is stuffed into
their user token. Steve has filled you in on this.
This is not related to the protected groups nor to the
Restricted Groups that can be defined in group policy.
> So you are saying that when I bring up a list of users and groups in a
> permission list, that the entity with the name "Restricted" is actual a
> shorthand notation for *all* of the groups that are listed in the
> "Restricted Groups" Group Policy folder?
>
> What possible reason would there ever be to assign an ACL against all such
> groups? As I understand the Restricted Groups concept, this is just a
> way
> to prevent users from trying to override the contents of some key groups.
> Aside from their all being important groups, what common thread would
> require you to join them together in a single ACL reference?
>
> --
> Will
>
> message
>> Will,
>>
>> have a look here
> this
>> talks about Windows 2000 it also applies to 2003. Purpose is to procted
> you
>> as an Admin from making mistakes and limiting the membership of a group
>> to
>> preselected users.
>> --
>> Hope this helps
>>
>> Ralph D. Worgul
>>
>>
>> "Will" wrote:
>>
>> > On one of my computers I see a group in the list of users named
>> > "Restricted". When I go to the domain controller the Active Users
>> > application does not show this group.
>> >
>> > What is the meaning of this group, and how does one populate it?
>> >
>> > --
>> > Will
>
>
| 
XML Sitemap