From: Martin Plechsmid on
Thank you for the link. Though still very unclear, it is a better document
than any I have found.


"John Wunderlich" <jwunderlich(a)> p�e v diskusn�m p��sp�vku
> "Martin Plechsmid" <Send(a)No.Mail> wrote in
> news:OFqYOvhMLHA.2232(a)TK2MSFTNGP02.phx.gbl:
>> Look, for instance, at "C:\Windows" and choose Properties -
>> Security - Advanced. There you'll see permissions for
>> Administrators, System, Owner, Users and PowerUsers, all
>> non-inherited. No privilege for Guests (nor Everyone), though
>> users in Guests group see the folder and file content without any
>> problem. That's what I'm talking about. So, where the privileges
>> for Guests come from?
> Martin,
> That makes your question much clearer.
> The best answer I have found comes from the article:
> "Managing Authorization and Access Control"
> <>
> It seems to indicate that with a couple of exceptions the "Groups" and
> "Users" groups are essentially one-in-the-same:
> <quote>
> Guests
> By default, members of the Guests group are denied access to the
> application and system event logs. Otherwise, members of the Guests
> group have the same access rights as members of the Users group. This
> allows occasional or one-time users to log on to a workstation�s built-
> in Guest account and be granted limited abilities. Members of the
> Guests group can also shut down the system.
> Note: The Guest account, which is a member of the Guests group by
> default, is not an authenticated user. When logged on interactively,
> the Guest account is a member of both the Guests group and the Users
> group. However, when logged on over the network, the Guest account is
> not a member of the Users group.
> </quote>
> Hope this helps,
> John

First  |  Prev  | 
Pages: 1 2
Prev: list of certificates from cmd
Next: Security av 2009