Avoid giving users the Full Control permission. People (user accounts) -> Role (AD global group) -> Permissions (AD domain local group) -> Asset (file or folder on a file server) As you expand your network and add different assets and areas of access to the role, you'll be able to easily see what assets a role can access. What you have now done is tied an asset to a permission, and the permissions to a role. Add this global group to the domain local group fileserver1_HR_read, and then add user accounts to the global group HR.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |