|
midrange.com
Snip
"That is why many admin's suggest you have individual profiles own their own
objects when they are created."
End Snip
I respectfully and whole-heartedly disagree with this statement. The fact
that individual user profiles own objects quite often caused MUCH grief to
administrators, most notably when BOB leaves the company (or gets hit by the
beer truck). I see this all the time (and I'm at a different client site
practically every week). They try to delete his profile, but it owns bunches
of objects, including device descriptions and who knows what else. So... they
leave it there (hopefully *DISABLED with password of *NONE) because they can't
get rid of it.
The owner of newly created objects should be set to the user's primary group
profile and this should be coupled with group profile entries within
authorization lists to facilitate access to the application programs and files.
Of course, if you can avoid getting too deep into supplemental groups, that's
always better (as someone already mentioned).
Best regards,
Steven W. Martinson, CISSP, CISM
Consultant - Servique, LLC
Cell 281.546.9836
www.servique.com
4801 Woodway Drive, Suite 300E
Houston, TX 77056
"Uniquely Qualified"
---------------------------------
Yahoo! Autos. Looking for a sweet ride? Get pricing, reviews, & more on new
and used cars.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
