Having major permissions problems

[Joseph]

Deny permissions outwiegh grant permissions.  When a user logs onto the 
local machine, they are considered (by that computer) to be a local 
user.  Try granting permissions to only the users/groups that should run 
the application and don't use the deny permission.  Anyone not in the 
allow list still cannot access it.

David Mair wrote:

> Hello:
> 
> I sent a note a few days ago slightly related to this topic.  We're running
> Samba 2.2.1a on RH 7.1 as a PDC.  I've been attempting to setup a
> customized security template and group policy objects for W2K clients.  As
> I was configuring these I began to notice that whenever I denied
> local_machine\users permissions _all_ of my administrative ID's (local and
> domain) also became subject to the same permissions.
> 
> For example:  I deny read&execute permission for (local_machine\users) on a
> particular application.  When applied, NO ONE can run the application
> including administrators.  Fortunately, administrator still retains the
> right to change permissions.  Am I doing something wrong here?  Anyone else
> experienced this same problem?
> 
> Specifics:
> 
> Samba 2.2.1a on RH 7.1 PDC
> Clients are running W2K SP1.
> 
> Thanks,
> 
> Dave
> 
> Consultant, n.:  [From con "to defraud, dupe, swindle," or, possibly,
> French con (vulgar) "a person of little merit" + sult elliptical form of
> "insult."]  A tipster disguised as an oracle, especially one who has
> learned to decamp at high speed in spite of a large briefcase and heavy
> wallet.
> 
> 
>