Granting Rights and Permissions Using Groups
In Windows Server 2003, Windows 2000, and Windows XP, the capabilities granted to accounts comprise two areas: rights and permissions. Rights are actions or operations that an account can or cannot perform. Permissions define which resources accounts can access and the level of access they have. Resources include Active Directory objects, file system objects, and registry keys. Although accounts are the central unit of security in the Windows operating system, assigning rights and permissions directly to accounts is difficult to manage and troubleshoot and frequently leads to misapplication of rights and permissions. Consequently, rights and permissions should not be assigned directly to accounts; ...
Get Microsoft® Windows® Security Resource Kit, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
