NIST's guidance for a Zero Trust Architecture

Active Directory Objects

Active Directory User properties – Security tab

The security tab of the computer properties window allows you to configure access permissions on the user object.

Active Directory User properties Security tab

The security tab allows you to grant or deny permissions to other groups and users over the user object.

  • In the “group or user names” section you can choose the group or the user to whom you would like to deny or allow permission.
  • You can use the check boxes available in the “permissions” section to configure (allow or deny) the permissions the other users and groups will have over the user object.

Advanced button (security tab)

Clicking on the advanced tab opens another window with the following tabs

  • Permissions – using this tab you can view the other permissions that were assigned to the user by inheritance and also which of the object’s permissions are inheritable. This tab also allows you add permissions or edit existing permissions.
  • Auditing – using this tab you can view and configure the types of object accesses to be audited(or in other words for what types of accesses a log has to be maintained)
  • Owner – using this tab you can view and configure ownership rights over the user object
  • Effective permissions – This tab displays a list of permissions, each permission has a check box to its left indicating whether it’s effective or not.
Related posts
Active Directory Objects

Active Directory User properties – General tab

Active Directory Objects

AD computer object security tab

Active Directory Objects

Active Directory Computer Objects Tabs

Active Directory Objects

Active Directory Computer Object Management

Leave a Reply

Your email address will not be published. Required fields are marked *