|
Posted by Kurt on March 10, 2008, 6:13 pm
Please log in for more thread options Adrian;
I don't think that's possible, I think it's a power inherent to being a
member of the Administrators group. The only user rights I can think of
which might allow it are so powerful that anyone who has them is effectively
an administrator or only a couple of steps away from being one (Act as
Operating System, Debug Programs).
Lets step back a bit, what are you ultimately trying to achieve? Do you want
your helpdesk staff to be able to close files that end users have opened on
the server via a network share? Why can't the users be trusted to close
their own? What does the helpdesk need to do that requires closing open
files?
--
Regards,
Kurt Dillard
Want some good security information? Check out some of my recent work...
. NIST Special Publication 800-28 Version 2, Guidelines on Active Content
and Mobile Code (reviewer):
http://csrc.nist.gov/publications/PubsSPs.html#800-28_Version2
. Windows Server 2008 Security Resource Kit (coauthor):
http://www.microsoft.com/MSPress/books/11841.aspx
. Windows Server 2008 Security Guide on TechNet (coauthor):
www.microsoft.com/wssg
>>
>>
>> > What rights does a user require to close files, that have been opened
>> > by another user?
>>
>> > Thanks
>>
>> I would seriously hope that they can't!!
>> If a file is being kept open then there should be a reason for it.
>>
>> Neil..
>
> I need to give my helpdesk staff these rights, without granting them
> full admin rights.
| 
XML Sitemap