CVdh wrote: » Dear, Can somebody help me? My initial admin account (made with the installation of windows7) is Marie. When I look at the Local Users and Groups snap-in of MMC, she's member of the group administrators but not of the group Users. BUT then I made a folder "Test". I disabled the inheritance. Then I gave the group Users deny permissions of this folder. The administrators group I gave full control permissions. The strange thing is that Marie gets also deny permissions though she's not a member of the local group Users but she's member of the group Administrators. Can somebody give me an anwser on this problem? Thanks in advance!! Kind Regards.
undomiel wrote: » Run "whomai /groups" and you'll see what the default group membership looks for a user. You'll most likely find that the user is showing as a member of the Users group. Run a "net localgroup users" and you should find that Authenticated Users are a member of the Users group. That would be where the membership in the Users group is coming from. As for the original task of denying Users group members access to a folder I would recommend just removing their permissions to the folder. Deny is a very dangerous permission as it overrides allow. In most cases it is much better, safer and easier to just remove the allow permission. It will make your troubleshooting a whole lot easier as well.