Alexander Staubo wrote:
Have you given any thoughts to my comments?
Yes, sorry for the delay.
There are two aspects of the current security subsystem that bug me.
The first is the fact that only user folders are accumulative only at folder boundaries. You cannot create one UserFolder and one NTUserFolder at the same level and have them co-opt the user authentication responsibility.
I think this is a good idea, I wonder if the Generic User Folder recently prototyped (hey, who did that? I can't find any artifacts to it anywhere) does this.
The second, more serious gripe is with the security permission model. Look at NT 4.0 and the security UI that comes with SP4/SP5's Security Configuration Manager for a good example (installing it will upgrade NT's security dialogs with a new UI).
<snip good stuff> There are really deep and fundamental issues, I can see exactly what you're talking about, but implimentation could take a while, last time i looked at the security system I shuddered. Have you looked into implimentation? This is sort of a seperate issue from the user folder abstraction thing. -Michel