I've working on develop MSB for the servers on our company and we have based most of the work on the "Security Templates" and "Security Configuration and Analisys" add-ins of the Microsoft's MMC console. When we configure Application Services through this templates we define permissions for each service (something like this: Administrators & System :Full Control; an remove every other user.) From the tests we made we have detected some troubles with this settings, for example a user can't browse the network if he (or his group) doesn't have read access over the workstation service. I'm trying to find a document that show us which are the minimal recommendation setting for the permissions of the default Windows 2000 services. Does anyone has such a document or knows where can I find that information? Thanks in advance.