Windows XP Permission/s ...
Results 1 to 10 of 10

Thread: Windows XP Permission/s ...

  1. #1
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683

    Windows XP Permission/s ...

    Hey Guys,

    We run a domain here with basically no GPO polices besides a password complexity one.

    On my PC which connects to the domain I am running some virtual machines which I do not connect to the domain, they all run under workgroup.

    If I share a folder on my computer I generally give everyone read on sharing and then set security with ntfs permissions to lock it down. Works great. However jsut a few questions.

    1) For sharing , is the read permission sufficient or must i grant full control and then lock it down with NTFS?
    2) From my VM or any PC on the lan that connects locally and not to the domain, I cant seem to connect to the shares? What permissions do I give to the shared folder on my PC in order for the workgroup machines to access it? Which account do I add as I can only add domain accounts?
    3) If I navigate via UNC to my PC via a workgroup PC (\\PCname\Sharename or \\PCname to view the shares) I recieve a the trust issue between the workgroup PC and the domain controller failed. However we dont have any policies that I know of in place.
    4) However if I try to connect to our server from a workgroup PC then a username / password dialog box pops up which is what I am looking for.

    Any shares on my network regardless if a domain PC or workgroup PC is connecting, I would love the pop-up dialog box.

    Could the windows fundis shed some light on this?

    Is it totally different in Vista?q

    Thanks
    Last edited by Cider; August 5th, 2009 at 09:08 AM.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  2. #2
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Full control on Shares....then lock down on NTFS.

    User will need to connect to a local account...with permissions to access the share...a dialog box should pop up asking for username and password

    use machinename\username and password to connect.

    There are default GPOs created with a domain...

    MLF
    Last edited by morganlefay; August 5th, 2009 at 03:17 PM.
    How people treat you is their karma- how you react is yours-Wayne Dyer

  3. #3
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Hey MLF, thanks for the reply.

    User will need to connect to a local account...with permissions to access the share
    If they are not on the domain?? A dialog box does not pop up at all.

    I can either give them NTFS permission which then they will be allowed through, if they do not have NTFS permission it will disallow it, no pop-up dialog box

    Think im abit confused here.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  4. #4
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    Create local accounts on the machine hosting the shares...and give EVERYONE full contol access to the share...and then give NTFS permissions to lock down...read\write\fullcontrol using the machines local accounts...

    Check your firewall settings...file and print sharing allowed??

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  5. #5
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Hey MLF ,

    I have done so with the same results.

    If I try to access my c$ from another machine, I recieve a dialog popup box asking for username / password.

    Firewall is off and conenctivity is fine. Is it even possible to have a pop-up box or is it allowed or denied on NTFS? Surely you can add a generic account "where they have to put in details" or am I offcourse here.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  6. #6
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    You need an admin account to access the C$

    I dont understand your issue or question???

    I thought you had created shares for a workgroup to access??

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  7. #7
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Hey MLF,

    sorry for the confusion.

    Okay , if I access c$ on my PC from another PC without any admin privledge , I get the prompt for username / password before continuing.

    How can I do that for a normal folder share? The only options I have with folder sharing is either denied or allow. If they are allowed with my NTFS permissions they can access the folder, if not then they recive a not accessible message.

    I would like it to popup , regardless of what user is trying to access teh share and ask for a username / password. And then upon enterning the credentials it must auth against my NTFS permissions.

    I.E the user is allowed or denied access.

    Hope this makes sense ...

    Lets leave the Workgroup out for now, just work on a domain.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  8. #8
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,252
    I get what you are saying.

    You have a workgroup share lets say "dino"
    You want to connect to "dino" but first want to be prompted for a userid and pass.

    Add a user to the local machine say "MLF"
    give the local "MLF" account access to the share, Remove all other accounts.

    When ever someone wants to connect to "dino" they will have to enter the userID "MLF" and it's password.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  9. #9
    AOs Resident Troll
    Join Date
    Nov 2003
    Posts
    3,152
    ahhh yeap ...thats what I said.

    In a domain the credential are passed automatically...thats the way domains work..I am sure you can create a GPO that prompts for password for accessing a share.............but why.??

    Now my understanding was you had a domain and a workgroup and the workgroup computers want access to a share residing on a member of the domain??? When the workgroup user wants to access the share....it should get prompted for a username and password where you can use a domain account or a local account (local of the machine hosting the share).

    What exactly are you trying to do???

    MLF
    How people treat you is their karma- how you react is yours-Wayne Dyer

  10. #10
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Guys MLF,

    Basically I would like a pop-up dialog box whether it is inside the domain that the request is coming from or from a workgroup on the same lan? Is this possible as I understand people on the domain have been cleared of auth and only use the NTFS security to check ACL's.

    Thanks
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

Similar Threads

  1. Windows and lack of Email and Media clients
    By gore in forum Operating Systems
    Replies: 13
    Last Post: May 29th, 2009, 06:11 PM
  2. May 06 security patches
    By mohaughn in forum Microsoft Security Discussions
    Replies: 9
    Last Post: May 13th, 2006, 11:17 PM
  3. Replies: 6
    Last Post: October 5th, 2004, 09:26 AM
  4. Windows 2003 Server Vulnerability
    By warl0ck7 in forum Microsoft Security Discussions
    Replies: 7
    Last Post: August 14th, 2003, 01:23 PM
  5. OS History and other info.
    By Remote_Access_ in forum Security Archives
    Replies: 9
    Last Post: January 12th, 2002, 03:02 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •