ok, heres a run down on how the computer is setup...

im a student at greenwich highschool in 11th grade. in
the computer graphics classroom that iam in, there are
multiple computers. only one of them has windows xp at
the moment, so im trying to figure out how to setup the
security on that computer so we can set it up on all the
rest of the computers when XP is put on them.

now on the one computer with windows xp, there will be a
total of 5 users. 1 admin, and 4 (limited access) users
with different levels of access to specific programs in
specific folders. there are 5 different programs, and
each level of user has a different level of access to each
program. 3 users might have access to program A while 2
users have no access at all.

i have setup all the accounts, and created dummy program
folders for testing the security. so i set permissions
for all the different users for the programs. everything
from there works fine, but there is a problem. if i go
into the user with the lowest level of access, i can still
goto the security tab and change access for all the other
users. i do not want anyone to be able to change
permissions but the admin. the users are only being
denyed/allowed access to 5 different folders all shared in
the shared documents folder. the ONLY problem i have is
that anyone can go in and add/remove and alter the
permissions for any of the users. i want only the admin
to have those rights. how do i change it so that no other
user can change any of the permissions. when i use
advanced permission editing from the admin account, i set
it so that the other user is not able to read/change/take
ownership of the folder. but when i go into the other
user, i try to view security on the folder and something
pops up saying that i cant change anything about the
permissions, but it says that i can "take ownership or
edit the auditing". so i go in as the limited user, make
myself the owner and now i can add/change/remove/edit the
permissions and security. now obviously most people wont
go this far to try to do all this, but if there is 1
person that will, then they can screw it up for everyone
else. how do i prevent this from happening. help me
again ---GHS-Apathy

Normally only a user that is a member of the administrators group has the
"take ownership" right. Are you certain that this user is only a member of
the the one limited access group you created? or are you assigning rights
based on username?

"GHS-Apathy" > wrote in message
...
> ok, heres a run down on how the computer is setup...
>
> im a student at greenwich highschool in 11th grade. in
> the computer graphics classroom that iam in, there are
> multiple computers. only one of them has windows xp at
> the moment, so im trying to figure out how to setup the
> security on that computer so we can set it up on all the
> rest of the computers when XP is put on them.
>
> now on the one computer with windows xp, there will be a
> total of 5 users. 1 admin, and 4 (limited access) users
> with different levels of access to specific programs in
> specific folders. there are 5 different programs, and
> each level of user has a different level of access to each
> program. 3 users might have access to program A while 2
> users have no access at all.
>
> i have setup all the accounts, and created dummy program
> folders for testing the security. so i set permissions
> for all the different users for the programs. everything
> from there works fine, but there is a problem. if i go
> into the user with the lowest level of access, i can still
> goto the security tab and change access for all the other
> users. i do not want anyone to be able to change
> permissions but the admin. the users are only being
> denyed/allowed access to 5 different folders all shared in
> the shared documents folder. the ONLY problem i have is
> that anyone can go in and add/remove and alter the
> permissions for any of the users. i want only the admin
> to have those rights. how do i change it so that no other
> user can change any of the permissions. when i use
> advanced permission editing from the admin account, i set
> it so that the other user is not able to read/change/take
> ownership of the folder. but when i go into the other
> user, i try to view security on the folder and something
> pops up saying that i cant change anything about the
> permissions, but it says that i can "take ownership or
> edit the auditing". so i go in as the limited user, make
> myself the owner and now i can add/change/remove/edit the
> permissions and security. now obviously most people wont
> go this far to try to do all this, but if there is 1
> person that will, then they can screw it up for everyone
> else. how do i prevent this from happening. help me
> again ---GHS-Apathy
>