|
-
September 7th, 2006, 05:15 PM
#5
It's share and file perms!
Sorry you have trouble. But I think it is the result of not setting
perms correctly on your shares. I think this is a matter of
needing to manage the combination of share and file perms,
to be able to achieve the desired access.
YES your settings can cause you to be prompted to enter
username and password every time you access a share.
In fact, that is preferable for an environment where
security is important.
But if your environment consists of trusted users, and you
don't want to impose additional login burden for users,
it should be possible to configure access without login
prompt to the shares.
In your example, I wonder why you should need to login as
another user?
Whatever username and password you are logged into on the
system in your example, that is the username and password
you need to use in configuring the perms on your server, for
share A and B.
Please read that again, it's an important answer for non-critical
peer-to-peer networks with trusted users.
I am assuming you are using NTFS for the server file system.
I understand yours is not a domain environment, and that you
have set up the user accounts and passwords on your server
that are also set up on the workstations. That is a very
important phase and you should double-check that.
Once that's done, you also have to contend with both the
share and file perms. Many people set share perms to show
Full Control for the Everyone group, on the share perms.
Then they set granular controls for the NTFS perms. I do
recommend this in the case where you have trusted users
and a small network. However, if this is not your situation,
you can increase the stringency on your share perms.
But the most important thing is to learn how share perms
and NTFS perms combine to produce the final, actual perms
for your users. This may be the problem....
I think the short summary I found at
http://www.velocityreviews.com/forum...ermission.html
may be useful (if others find any problem with this, please
provide correction so we can all learn):
"deny takes precedence over
allow and that the least restrictive from share and least
restrictive from NTFS will give two results which then
you will take the most restrictive even it has a full
deny control"
The other thing mentioned on the page referenced above,
is the effect of your users belonging to multiple groups.
That can be REALLY important in domains, but should not
be something for you to worry about, if I understand your
situation correctly.
If you don't understand this, you need to refer to some
sources that explain it in detail. A web search should provide
multiple good free tutorials.
Look, if you give Full Control for the Everyone group with the
Share perms, then you just need to be sure the relevant user
accounts and passwords are set up on the server, then set
the NTFS perms on the shares. That's the best specific
answer I can give to you.... and I hope that helps.
Dr. David
--
Get Your "Treasure Chest" of Security Tools!
http://wealthfunnel.com/securitybook
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
