Taking Ownership and Changing Permissions

C

cyanide00

I am having a problem with our file management plans. I want to be able
to restrict users from changing their own security settings. I've made
a great amount of progress but I am still missing one vital thing. When
a user tries to right click and go to properties --> Security tab. They
first receive a security popup that says "they can neither view nor
change security settings on the particular folder, but they can still
take ownership using the advanced settings. All a user has to do is go
into advanced --> Owner tab and replace the original owner with their
name. WHY? I have already denied the user the ability to change
ownership so what am I missing? Thanks for any help....

Jacob Espinoza
Network Admin
Richfield Inc.
 
S

Steven L Umbach

If the user happens to be a local administrator he will always be able to
take ownership via the user right to take ownership of files that you see
local security policy/local policies/user rights. If the user is not a local
administrator then that would be highly unusual that they could take
ownership if they were not the owner unless they have full control
permissions and/or take ownership permissions to the file that creator owner
would give to an owner by default but can be changed to whatever you want.
It may also be helpful [not foolproof] to use Group Policy to hide the
security tab which would probably stop most users from trying to change file
permissions. --- Steve
 
C

cyanide00

Ok. So I make sure they are not a local administrator. Now I didn't
mention this before but they are logging into a domain. When I log them
into their computer locally they are not able to change the ownership.
(its a folder within a shared networl folder) But as soon as they log
on to the domain and access the folder they can still right click and
change owner. I've tried going into user rights assignment and setting
the take file ownership to only administrator instead of administrators
but it doesnt change anything. Do i have to restart the server for this
to take affect or should it work immediately? Any other ideas or
suggestions? Thanks in advance..
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Folder ownership/permissions 2
How to prevent ownership change by users with admin rights? 3
Changing HKCU registry permissions for other user, as Admin. 0
Take file ownership. 2
How to automatically assign permissions 1
Returning to Take Ownership 3
Taking ownership of files. (SP2 to SP1 revert) 2
Determining File/Folder ownership WITHOUT taking ownership 4

Top