
	Home > Ask the Windows Security Experts > Questions & Answers > Manage administrator rights in Windows Server 2003

Ask The Windows Security Expert: Questions & Answers

EMAIL THIS

Manage administrator rights in Windows Server 2003

EXPERT RESPONSE FROM: Bradley Dinerman

		Pose a Question

		Other Windows Security Categories

		Meet all Windows Security Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 11 February 2008
We want to limit the current system administrator tasks. For example, we don't want users to be able to delete some files locally, even if that user has administrator's rights. Can Windows Server 2003 support this?

EXPERT RESPONSE
You can explicitly limit any administrator's rights to read, modify or delete files just by setting standard NTFS security. For example, you can set the DENY permission on a file or folder to the Administrator account or the Administrators group.

However, be aware that administrators will always have the ability to take ownership of a file or folder and modify permissions as they see fit, thus granting themselves the privilege that was originally denied. (You can enable auditing on folders so at least this type of action will be recorded in the Security log.)

Sound Off! -

Be the first to post a message to Sound Off!

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Authentication
	DHCP Client Service error affects network security
	Correct improperly assigned user rights in Windows XP
	Do old certificates pose a Windows security threat?
	What's hot in Windows security: Ins and outs of Windows Server 2008
	Windows Server 2008 security aided by NAP and IPsec
	Security tools that limit user logon in Windows
	Have I experienced a Windows security breach?
	Windows security management: Ask the security expert roundup
	Set write permissions in Windows network folders
	Password cracking, network rights and Windows Firewall expert advice
	Authentication Research

Authentication

Windows Server 2008 security aided by NAP and IPsec

Why don't I have proper Windows Server 2003 rights to open a GPO?

How can I prevent Internet access with Windows SBS?

Windows server security management: Security expert roundup

Windows server management with Remote Desktop

File management on a Windows Server 2003 NAS system

Windows Small Business Server 2003 access management

How to grant Microsoft Windows network permissions

Intrusion prevention for Windows network security

NTFS permissions control: Who will watch the watcher?

Authentication Research

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

SEARCH

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2004 - 2008, TechTarget \| Read our Privacy Policy