Hello,

At the moment we are trying to optimize Windows security settings for a network installation of Adagio on Windows Server 2016 Standard. The network environment is domain based with active directory services. We are running about 10 Adagio modules with 15 user licenses (Lanpak).

The administrator at the company, where the installation is being completed, is concerned that the requirement to give all Adagio users "full control" on the "\softrak\" root folder undermines all file system security for the directory. Now any user can access the shared folder [which they have mapped] and inadvertently [or otherwise] delete/copy/corrupt files.

Other software systems we are familiar with use services, elevated permissions, or other mechanisms to prevent this type of situation.

Is there a suggested security mechanism to protect the data files under the "\softrak\" folders, while still allowing the software to function correctly?

The only people that have access to the Adagio file structure are those that actually must use the software to perform the jobs.

Files in the "\sofrak\" folder should still be protected even if these users are trusted to use the software.

For example, an order entry clerk requires access to the "\softrak\data" directory, however they should not be able to access files pertaining to AP. Likewise files pertaining to AP can be accidentally destroyed by employees working in that functions\ [outside the confines of the software]. My main concern is that usres can view these files and may (unintentionally) move or delete data files.

Please provide a solution to this issue.

Thank you,
Sam and Jason