The Active Directory security tab of the computer properties window allows you to configure access permissions on the user object.
The security tab allows you to grant or deny permissions to other groups and users over the user object.
- In the “group or user names” section you can choose the group or the user to whom you would like to deny or allow permission.
- You can use the check boxes available in the “permissions” section to configure (allow or deny) the permissions the other users and groups will have over the user object.
Advanced button (security tab)
Clicking on the advanced tab opens another window with the following tabs
- Permissions – using this tab you can view the other permissions that were assigned to the user by inheritance and also which of the object’s permissions are inheritable. This tab also allows you add permissions or edit existing permissions.
- Auditing – using this tab you can view and configure the types of object accesses to be audited(or in other words for what types of accesses a log has to be maintained)
- Owner – using this tab you can view and configure ownership rights over the user object
- Effective permissions – This tab displays a list of permissions, each permission has a check box to its left indicating whether it’s effective or not.
Active Directory computer object security tab missing
If the Security tab is missing when you open a users’ Properties in Active Directory Users and Computers, follow the steps below to retrieve it.
To enable the Security tab from dialog box of the User Name Properties:
- Open the Microsoft Management Console (MMC) snap-in from the ADUC.
- Check the Advanced Features items from the View menu
- The Security tab will be there if you open the user properties.
If you want to take a look at the overview of the Active Directory objects, visit this link.