Windows 2000/NT Server NTFS Permission Question

[SDK]

I'm more worried about the fact is those Nt server are PDC and BDC. I don't know the file touch by those service.

I know the file touch by changing file permission for a print server, exchange and IIS.

[Draco980172]

There are several problems tha you will run into. I can't think of all of them off the top of my head but here are a few:

The print spooler (as you mentioned) needs to have athenticated users group with change perms I think.

The netlogon share needs to have authenticated users group with read perms.

IIS requires many changes depending on what kind of content you are serving and whether you allow annon. access. Look for the knowledge base article 271071 - HOW TO Set Basic NTFS Permissions for IIS 5_0.htm or look for the one on the version of IIS that you are running.

If this is a production environment... be very careful. If you have the hardware, build yourself a test environment that mirrors you production one and test these changes out ahead of time. Otherwise be prepared to pick up the pieces afterword.

Do some searches on Google on the minimum settings required to run your apps. You should be able to find what you need. Just don't believe the first doc you find though. Find several and compare them. There are several documents out there on how to secure IIS and most of them leave out some critical items.