| < Day Day Up > |
|
Permissions allow users and groups to access resources. Permissions are configured though access control lists (ACLs). ACLs can be configured for user or group objects. Often a user will be a member of more than one group that is assigned permissions to a resource. Working out the permissions for a user in such a situation can be accomplished by using the effective permissions tools. Permissions can be assigned at a share level, in addition to NTFS permissions. Share level permissions are not as detailed as file and folder permissions. When users access a resource by means of a share, they are assigned whichever of the share and the NTFS permissions are more restrictive.
Rights allow users to perform tasks. Rights are configured by means of local policy or Group Policy objects applied at the domain, site, or organizational unit (OU) level. Rights enable users to perform actions, such as logging on locally to a computer. By using Group Policy settings, you can prevent a particular group of users from logging on to a particular set of computers. Because there are many rights, the actions that different groups of users can and cannot perform on a network can be controlled with precision.
| < Day Day Up > |
|