When creating new Users in Windows 2000, you define their rights/privileges by defining
the users to be a member of a group.
The rights/privileges of a user are based on the rights/privileges of the groups,
so a right/privilege is assigned to a user by make the user a member of a group,
which has the required right/privilege.
To view/modify these rights/privileges, view the “Administrative Tools“:
then: “Computer Management“:
“Computer Management” allows also User-Management (add/delete users), but offers
some advanced options not available in the more simple User-Applet, for example:
it shows in the overview, that the user-account for “GUEST” is de-activated:
It allows to view the predefined Groups and to add custom-groups:
|While creating a new group,|
users can be added immedialety to
be a member of the group.
But users can be added later
to become a member of a group.
But to see in detail the permission/rights/provileges of a group, you need to “drill down”
in the “Group – Policies” 4 levels down:
Here you find the list of rights/privileges for all the jobs on your system, from:
– Accessing this computer from the Network
– Backup files and directories
– Restore files and directories (yes, it is a different right/privilege)
– Load and unload device drivers –> Configure hardware, reserved for Administrators.
You can view in detail the list of groups with each right/privilege:
For example: “regular users” do not have the right/permission/privilege to make backups.
To enable another group (one of the predefined or our own-defined groups) to have a
right/privilege (like: make a backup), you need to add your group to the list:
Select from the list of defined groups your group and “add” it:
In summary: everytime, when you are rejected by the system, check here for the groups,
which have the right/privilege.
You should check for sure for the “Access this computer from the network”, if you intend
to use your system as a network server:
A user can be member of MULTIPLE groups, which will give him the combined