C
Chris Cowles
I have two home computers both running XPP SP2. They're connected by a
relatively secure wireless network. One is hardwired to a switch which is in
turn connected to a DSL modem and a WAP. (WEP enabled, administrator
password changed, mac addresses specified. The other (my kids') has only a
USB wireless network adapter. Simple sharing is disabled. I have an
administrator account ("Dad") and the others are limited.
Passwords and user IDs match on both machines. Shared folders appear and are
accessible as expected. I shared all individual 'my documents' folders but
revised security to allow "Parents" to access all and "Kids" to access only
their own and "Shared Documents". That works as intended.
Now comes the stupidity: I wanted to prevent the kids from messing around
with the 'all users' menus and 'Documents'. Not thinking in terms of group
policies, I edited permissions directly on the directories and restricted
rights to change. I applied that to all children. Now I can't save anything
to \all users\documents. In effect I saved my kids the trouble of messing it
up because I did that for them.
Is there a document somewhere that describes the default rights of users and
administrators to the 'all users' directories? If I'm really lucky, is there
a script somewhere that resets them?
Through this forum I found a reference to Doug Knox's XP security tool. I'll
probably license that and do what I should have done in the first place.
All well-intended suggestions or help is appreciated.
relatively secure wireless network. One is hardwired to a switch which is in
turn connected to a DSL modem and a WAP. (WEP enabled, administrator
password changed, mac addresses specified. The other (my kids') has only a
USB wireless network adapter. Simple sharing is disabled. I have an
administrator account ("Dad") and the others are limited.
Passwords and user IDs match on both machines. Shared folders appear and are
accessible as expected. I shared all individual 'my documents' folders but
revised security to allow "Parents" to access all and "Kids" to access only
their own and "Shared Documents". That works as intended.
Now comes the stupidity: I wanted to prevent the kids from messing around
with the 'all users' menus and 'Documents'. Not thinking in terms of group
policies, I edited permissions directly on the directories and restricted
rights to change. I applied that to all children. Now I can't save anything
to \all users\documents. In effect I saved my kids the trouble of messing it
up because I did that for them.
Is there a document somewhere that describes the default rights of users and
administrators to the 'all users' directories? If I'm really lucky, is there
a script somewhere that resets them?
Through this forum I found a reference to Doug Knox's XP security tool. I'll
probably license that and do what I should have done in the first place.
All well-intended suggestions or help is appreciated.