Creating Custom Group Roles
To successfully develop and use custom groups for role-based access control, you should thoroughly understand the following:
Predefined user rights
Predefined access permissions associated with specific object types
Windows access control mechanisms
Default operating system roles—the default user groups and users
How to create custom roles by directly assigning rights to groups and giving these groups access to objects
How to use tools that provide another way to grant authority, including the Delegation of Control wizard and Authorization Manager
How to audit user and group use of rights and access
Using custom groups to provide role-based access control is as much a function of administrative and programmer understanding ...
Get Windows Server 2003 Security: A Technical Reference now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.