[gptalk] Confused - folder permissions

  • From: "Shane Williford" <shane.williford@xxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Fri, 18 Apr 2008 11:02:36 -0500

Hello All...

I'm trying to figure out a folder permissions problem. This is the
situation: I'm not sure if you any of you experienced this last year or
a bit longer ago, but there was an Excel spreadsheet email attachment
going around that had Flash-embedded games in it -> Pac Man, Dig Dug,
etc. Some of our users were playing these games during work...not good
of course. So, we implemented a policy to disable Flash Player on our
domain. I created a GPO (Computer Config -> Windows Settings -> Security
Settings -> File System) that denies access to the Flash folder in
C:\%systemroot%\System32\Macromed\Flash to everyone, EXCEPT a few AD
groups (admins, etc.). I gave these few AD groups access, but 1 of my
groups isn't showing up as having the necessary permissions when I check
the local PCs folder permissions. I ran GP Modeling wizard on the
affected PC(s) and the GPO did indeed apply, but in checking the
permissions of the Flash folder, this 1 group doesn't show up. Note that
all the groups I have in this GPO are AD groups, including the 1 that
isn't showing up. Why are all of my groups showing up except this one?
It seems the issue is solely on my W2K boxes (yuk...I know, I know...we
hope to finish upgrading these to XP later in the year; most of our PCs
are XP thankfully!). Obviously, I can't run RSoP because of the W2K PCs.

Thanks in advance for your assistance.


Shane M. Williford

Systems Administrator

MCSE, MCSA Sec, Sec+, Net+, A+

Mazuma Credit Union

9300 Troost

Kansas City, MO 64131

shane.williford@xxxxxxxxxx <mailto:shane.williford@xxxxxxxxxx> 

816-361-4194 x6012

NOTICE: The information transmitted in this e-mail may contain confidential 
and/or legally privileged information intended only for the use of the 
individual(s) named above. Review, use, disclosure, distribution, or forwarding 
of this information by persons or entities other than the intended recipient(s) 
is prohibited by law and may subject them to criminal or civil liabilities. 
Statements and opinion expressed in this e-mail may not represent those of 
Mazuma Credit Union. All e-mail communications through Mazuma's corporate email 
system are subject to archiving and review by someone other than the recipient. 
If you have received this communication in error, please notify the sender 
immediately and delete/destroy any and all copies of the original message from 
any computer or network system.

Other related posts: