No announcement yet.

Rights Issue

  • Filter
  • Time
  • Show
Clear All
new posts

  • Rights Issue

    I think most of security officers could be asked to deny permissions according to each IT employee task. Well, that's what I'm being asked.
    What I mean is the following: we have people working at IT but we don't want everyone to have domain admin rights.
    As they need to do some specific tasks and because of not delaying everydays work all IT staff was given domain admin rights.
    I'd like to restrict these rights but I'm not sure if they'll be able to keep on with there activities without any problem.

    I'd like to know what rights should I give them according to their task profiles:

    IT Supportist 1: He needs to have rights to install any program on any network computer or laptop.

    IT Supportist 2: He needs to change information at Exchange User profile.

    IT Supportist 3: He needs to change information at Active Directory User profile.

    Security Officer: He must have all rights available.

    Network administrator: He must have all rights available but to change ISA Server rules or change Security Officer rights.

    Do you know if there's a profile for each user to accomplish with this?

    Thanks in advance, Marcelo

  • #2
    Before someone asks, I think this person is asking about how to define user rights in a Microsoft Server 2003 system using ISA. Maybe someone like sectrainer knows.

    At least, I hope he's asking about the CSO, because a regular contract security officer does not need "root access" to a Windows Server 2003 system.
    Some Kind of Commando Leader

    "Every time I see another crazy Florida post, I'm glad I don't work there." ~ Minneapolis Security on Florida Security Law