This post is part of the Hands On With the GP Power Tools (GPPT) – Administrator Tools series in which I am taking a hands on look at the various tools offered by GPPT.
When I heard David discussing Deny Based Security I was a little apprehensive. It is adding another layer of complexity and one which sounded like it would be complex to configure and maintain. However, once I got my hands on GP Power Tools, it appears to be easy to configure and copy configuration between users, so this part of my concern was unfounded.
The Security Denied/Hidden windows allow you to view either an individual user or all users which allows you to easily review the whole configuration of Deny Based Security.
One important point to remember about Deny Based Security, is that the Security Denied functionality, once applied, works whether GP Power Tools is installed or not, but the Security Hidden functionality requires the GP Power Tools to remain installed (which is the recommended configuration anyway).
This point would be especially important if for some reason you are planning to remove GP Power Tools entirely, you need to ensure all Security Denied configuration is removed.