On Server 2003 and above, the only difference between Everyone and AuthUsers is the presence of Guest - which is always disabled.
Anonymous Users were removed from Everyone as of Server 2003. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Monitoring Exchange w/OpsMgr now available http://snurl.com/45ppf ________________________________ From: Scott Kaufman at HQ [[email protected]] Sent: Wednesday, April 01, 2009 11:59 AM To: NT System Admin Issues Subject: RE: File Server Security; Best Practice. +1 on not using Everyone & replacing it with Authenticated Users Scott Kaufman Lead Network Analyst ITT ESI, Inc. From: James Rankin [mailto:[email protected]] Sent: Wednesday, April 01, 2009 10:51 AM To: NT System Admin Issues Subject: Re: File Server Security; Best Practice. I must be extra anal - I set the share permissions to Authenticated Users/Full Control :-) 2009/4/1 Ben Scott <[email protected]<mailto:[email protected]>> On Wed, Apr 1, 2009 at 7:32 AM, Stephen Wimberly <[email protected]<mailto:[email protected]>> wrote: > I now have two coworkers that insist on adding user objects rather than > security groups directly to the file shares as well as specific folders > under the file share. As everyone else said, they're wrong. Microsoft's best practices documentation says this, somewhere. Also, in general, it's recommended not to use share permissions at all. Use NTFS permissions for access control, and set the shares to Everyone/Full Control. There are exceptions, but this is the good rule. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
