New
#1
Local Security Policies vs NTFS Permissions
Hi All.
What exactly is the difference between Local Security Policies and NTFS permissions.
Scenario: I want to add a power user to my computer with the following do's and don'ts:
Do's:
- Can Do all the things a Power user can such as: Installing programs and devices, drivers, access command prompt
Don'ts
- No Administrative Privileges, especially NOT to be able to use the 'Take Ownership' permission
- Cannot delete anything except things he has Ownership of(created himself)
- Cannot Uninstall Any programs, except the Ones he installed
- Cannot access unauthorized folders and files as set up by permissions
I can add him to Power Users group, but then he won't be able to add devices right...
As I understand, NTFS permissions:
Enable you to set Modify, Execute, Read and Write permissions on files, folders and programs right...(since a program is just a file)
and
Local Security Policies:
Enables you to do specific things such as: Deny a user access to command prompt, or regedit. Allow a user to install programs but not drivers etc...
Or am I wrong here?
Thank you