Announcement

Collapse
No announcement yet.

Networking: Sharing/Access rights

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Networking: Sharing/Access rights

    I`ll skip right to the point.

    We have 2 MS workgroups at my workplace (2 companies) and we`re all networked because there`s a need for sharing files and internet connection.

    All of our computers now have win2000, because we accidentally noticed that through an old win98 PC the others could access all of our drives and data on them. (The reason was simple: We all have shortcuts to eachothers drives on the Desktop, so they were able to get to the desktop of the win98 and subsequently to all of our drives using the shortcuts )

    The question is this:
    How can i make our drives only accessible by members of our workgroup (ex MEDIA), and deny access rights to ANY user on of the other workgroup (ex NET).

    I`m really not into networking, but you understand if i`m a bit paranoid after a few important files dissapeared...
    Seth, are you ok? I`m peachy Kate. The world is my oyster. - Seth Gecko
    Tags: None
  • #2
    hello Omega

    How many desktops are we talking about?

    It makes a difference.

    You might want to consider a small server (dedicated), if you have more than perhaps 8 PC's. you van get 'out of the box' solutions nowadays, allowing straight connection for file sharing, fire wallls etc....

    RedRed
    Dont just swallow the blue pill.

    Comment

    • #3
      I think you need to create two user groups, one for each workgroup, and put all the users into one or the other group. You then need to deny access to the Everyone group for all computers, and then allow it for the correct user group.

      It's not as complicated as it sounds!
      It's easy to die in the past. Staying alive is much more difficult!

      Comment

      • #4
        RedRed, we`re talking about 4 (maybe 5 in the near future) PCs.

        MJA, i already tried something similar: I allowed access only to the local Admin account (which denies access to anybody else) and then tried to grant access to the other computers (or Admins of those computers). Problem is, when i select the MEDIA workgroup, i see the 4 PCs, but i dont see any users or user groups of those computers, and if i select just the computer (ex. MEDIA\PC1) i get an error saying that Win2000 cant display the names... weird... i thought it`d be pretty straightforward...

        Anyways, thanks... i look forward to more replies.
        Seth, are you ok? I`m peachy Kate. The world is my oyster. - Seth Gecko

        Comment

        • #5
          Ok, I may be way off, but here goes.

          You cannot grant rights to workgroups. Groups in win2k, yes. If you had a Domain with a domain controller, then you could. Workgroups have no security.


          Short of putting in a domain controller, you could create local accounts on each machine and have the users log into those.

          Are you mapping drives? how are you sharing the info?
          "I dream of a better world where chickens can cross the road without having their motives questioned."

          Comment

          • #6
            Thanks for the info Byock...

            Could you elaborate more on the second suggestion (local accounts)?

            The idea is to provide fast/no hassle access between our 4 computers, and not allowing the other PCs from just opening Network Neighborhood/Computers near me and be able to see and mess with the data on our drives. This DOESNT have to be bullet-proof, IE not hackable at all, just not all that transparent and easy to do for the regular MS Word user Joe...

            Yes we`re mapping drives... How much a difference is there between:
            1. Just browsing through Network Neighborhood to another PC and making a shortcut to a drive on your Desktop and
            2. Mapping a network drive?
            Seth, are you ok? I`m peachy Kate. The world is my oyster. - Seth Gecko

            Comment

            • #7
              There is not a whole lot of difference. If you map a network drive to the other machine, it will show in My Computer. Then they would have to go there to get the information, so people using word would not see a shortcut and be tempted to play with it. Other than that, getting back to the accounts, have the people who use the other drives, log in with a different username, Password, and have the shortcut just on their desktop. Then other people would not see it. And have a generic Username and password for anyone else. This is more of a hassle however.


              Let me think about this, ( I think I will play with it on my test boxes here), and I will get back to you.
              "I dream of a better world where chickens can cross the road without having their motives questioned."

              Comment

              • #8
                Remember there's two lots of access rights under WinNT/2K/XP, share rights and file rights, (assuming the drive is formated as NTFS). File rights overide share rights i.e. if under permissions for the share you allowed Everyone Full Control but set the file rights for the directory so that only Admininstrator had write rights then everyone would be able to read all the files but only the Administrator could change them. Share rights are easier to set up but file rights are more secure.
                When you own your own business you only have to work half a day. You can do anything you want with the other twelve hours.

                Comment

                • #9
                  Ok, i think i figured an easy solution...

                  I`ve just setup all the PCs to login as an Adminstrator and with the same pw on all the computers, so there`s no need to type the User/Password when you try to access the network drive the first time in a session, while on the other hand, anyone else that tries to access the drive will be asked for a User/Pass... i might set different pw on each computer if need be...

                  This seems to work ok... But if there are possible risks or disadvantages, i look forward to hearing them...

                  Thanks all!
                  Seth, are you ok? I`m peachy Kate. The world is my oyster. - Seth Gecko

                  Comment

                  • #10
                    hi

                    having everyone set up their username and pass word on each machine would accomplish the same thing and help with log file sorting, time use. ( only four people right)

                    can you segregate the user groups by a hub/switch/router, if so you could dual nic one machine and use it as a server. for 5 machines you should be able to find a cheep router.

                    sorry just guessing
                    cal

                    i have 5 machines at home one wireless nic to the net. big headache
                    another dawg basking in the sun

                    iwill xp333-r, xp2500@ 340ddr :need better ram

                    Comment

                    • #11
                      cant you just change the subnet on the NET group then tweak the ICS software so you can just share the internet instead of everything with MEDIA?
                      Better to let one think you are a fool, than speak and prove it


                      Comment

                      Previous template Next
                      Working...
                      X