The CMC allows for greater flexibility in security by allowing granular level rights for objects and sub-objects.
For example, you can use the rights settings to customize a principal's rights to a particular object or set of objects. You can use rights to deny a user or group that must not be changed if there is a modification to group memberships or folder security levels.
The following table summarizes the options that you have when you set rights.
Rights
Rights Option | Description |
---|---|
Granted | The right is granted to a principal. |
Denied | The right is denied to a principal. |
Not Specified | The right is unspecified for a principal. By default, rights set to Not Specified are denied. |
Apply to Object | The right applies to the object. This option becomes available when you choose Granted or Denied. |
Apply to Sub Objects | The right applies to sub-objects. This option becomes available when you choose Granted or Denied. |