Tip

Understand what Everyone really means

No matter how much you know, it is always good to revisit the basics every now and then. That said, I'd like to submit a follow up to Adesh Rampat's tip, Plan before you assign permissions.

Regarding

    Requires Free Membership to View

the tip, one explicit comment was not made that can be easily overlooked. That is, assigning "Everyone" to a resource means assigning everyone. To clarify, Everyone includes users like IUSR_computername and members of a foreign domain in a trust relationship with the local domain. (The IUSR_computername is the account that NT uses to authenticate web users accessing the system via IIS and trust relationships allow users from one NT 4 domain to access resources in another NT 4 domain. Win2k handles things differently).

The moral of the story is to strongly consider the use of the Everyone group and keep in mind exactly who all it includes, and consider explicitly denying these users, IUSR and trusted domains if using the Everyone group is necessary.


This was first published in September 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.