AD permissions

[Igor Derbyshev]

Hello. I want to restrict permissions on some of AD OU containers
by removing Authenticated Users (Read) permission.
Will everything be ok, or it will produce any unexpected side effect?

 

[Gene]

Hello Igor,
Can you please help me out this one time. I really do
need this computer. I beg you to please try to help me. I
am totally lost and am making things worse.
Anything that you can help me with I will be indebted to
you.
Pleaser Help
Gerrie
(e-mail address removed)

 

[Steven L Umbach]

It could. For instance I believe read is needed for user to domain, domain
controllers, and users container in order to be able to change passwords and if the
users are in a container that they do not have read permissions then Group Policy
settings for that container will not apply. However if the container is not a default
OU and the user is not in that container nor needs access to anything in that
container via AD search, I believe it will work [assuming you give permissions to
needed groups] but test it out first. You may also want to post in the
win2000.active_directory newsgroup. --- Steve