Appendix E. File System and Registry Security Primer
Access Control Lists and Entries
To successfully implement a secure Terminal Server, you must have a clear understanding of both the Windows NTFS and registry security. As with all objects in the Windows 2003/2000 operating system, security is managed through the object’s security descriptor. Access to view or manipulate the object is controlled through a special data structure in the security descriptor called the Discretionary Access Control List (DACL). The entries in this list determine who has what type of access to the object. Each entry in the DACL is known as an access control entry (ACE). Each ACE contains the following information:
The security identifier (SID) of the person or group ...
Get Windows® Server™ 2003/2000 Terminal Server Solutions, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.