|From MS 70-293|
"Configuring Permissions Using a GPO
One of the most important security measures for a file and print server is protection for the user data stored on the server drives. You create this protection by using the NTFS file system on your drives and by using NTFS permissions to control access to the server drives. You can specify the permissions for your NTFS drives in a GPO by browsing to the File System container in the Group Policy Object Editor console and, from the Action menu, selecting Add File. In the series of dialog boxes that appear, you perform the following tasks:
1. Specify the files or folders for which you want to configure file system permissions.
2. Specify the permissions you want to assign to the selected files or folders.
3. Specify whether you want the permissions to be inherited by subfolders.
By default, all the NTFS drives on a computer running Windows Server 2003, except the system drive, have Full Control permission assigned to the Everyone group. Therefore, it is up to you to design a directory structure and a system of permissions for your drives that gives users only the access they need to the files stored there."
Playing to the angels
Les Paul (1915-2009)