Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1545 posts

Uber Geek
+1 received by user: 38

Trusted

Topic # 88517 17-Aug-2011 13:53 Send private message

A company we contract for has asked us for advice of this as one of the employees laid a complaint against their technician who they believe has changed settings just for that person.


Basically here is the story,

User1 (Who Laid Complaint) couldn't access a shared software network share,

User1 went to user 2 who could see it and went into folder permissions & saw user1 username listed with all denied security permissions. User2 tried to remove these buy got access denied.

User1 went to user3 who like user2 could see the folder and could see user1 had been locked out of that folder, he also couldn't change the permissions.

User1 complains to manager (First line of contact for company), Who gives user 1 a long speech about not pointing the blame etc.

Within an hour after that meeting, User1 Could view the folder again AND could now edit his own user permission to the folder. Whereas previously the only user who had access to change permissions was the administrator.


Basically what we have been asked is wither or not it is possible for the technician to change the security policy for that one user so that he now had permission to edit the folder permissions for himself.


The way I see it is that it is possible via active directory, Making the user a part of a security policy then changing that policy to allow this.

I am not 100% sure this is possible that is why I wanted to ask here for confirmation before I report back to the company.


For obvious reasons I have used USER1,2,2 and COMPANY :)

Create new topic
Professional yak shaver
1552 posts

Uber Geek
+1 received by user: 4

Trusted
BitSignal
Subscriber

  Reply # 507930 17-Aug-2011 13:55 Send private message

Yes, that's easily doable. Deny permissions take precedence over Allow.




"Roads? Where we're going, we don't need roads." - Doc Emmet Brown



1545 posts

Uber Geek
+1 received by user: 38

Trusted

  Reply # 507934 17-Aug-2011 14:01 Send private message

That's what I thought. :)

Cheers for your help.

132 posts

Master Geek
+1 received by user: 2


  Reply # 507971 17-Aug-2011 14:55 Send private message

Seems a bit petty doesn't it?

But yes as already said, very easy and very possible.



1545 posts

Uber Geek
+1 received by user: 38

Trusted

  Reply # 507979 17-Aug-2011 15:06 Send private message

Privoxy: Seems a bit petty doesn't it?

But yes as already said, very easy and very possible.


Trust me, From what I've been told, This is behavior I would expect between 2 10 year olds

2418 posts

Uber Geek
+1 received by user: 23


  Reply # 509901 22-Aug-2011 12:41 Send private message

Also worth noting, that this doesn't really have anything to do with group policy/security policy type things.. It's just simple folder permissions :) 




This is a signature.

Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:




News »

Trending now »
Hot discussions in our forums right now:

CGA. Is it fair?
Created by BTR, last reply by bazzer on 22-Aug-2014 11:02 (86 replies)
Pages... 4 5 6


Vodafone TV multicast settings on pfSense?
Created by kenkeniff, last reply by hio77 on 23-Aug-2014 23:15 (134 replies)
Pages... 7 8 9


Warning about Pure Hosting
Created by LostBoyNZ, last reply by MichaelNZ on 23-Aug-2014 23:06 (48 replies)
Pages... 2 3 4


Lightbox press event release
Created by freitasm, last reply by Lightbox on 22-Aug-2014 17:04 (469 replies)
Pages... 30 31 32


It was hardly 'hacking' was it?
Created by CB_24, last reply by gzt on 21-Aug-2014 22:26 (97 replies)
Pages... 5 6 7


Why is there no right to compensation for wrongful imprisonment in NZ?
Created by Geektastic, last reply by networkn on 23-Aug-2014 22:40 (18 replies)
Pages... 2


Free: Smart Button for your Android device
Created by freitasm, last reply by BigHammer on 23-Aug-2014 19:04 (111 replies)
Pages... 6 7 8


Vodafone now charging you to receive a bill via post
Created by stocksp, last reply by Linuxluver on 22-Aug-2014 19:45 (86 replies)
Pages... 4 5 6



Geekzone Live »
Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.