We want to limit the current system administrator tasks. For example, we don't want users to be able to delete some files locally, even if that user has administrator's rights. Can Windows Server 2003 support this?
You can explicitly limit any administrator's rights to read, modify or delete files just by setting standard NTFS security. For example, you can set the DENY permission on a file or folder to the Administrator account or the Administrators group.
However, be aware that administrators will always have the ability to take ownership of a file or folder and modify...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
permissions as they see fit, thus granting themselves the privilege that was originally denied. (You can enable auditing on folders so at least this type of action will be recorded in the Security log.)