Re: can this be done easily
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Wed, 2 Aug 2006 12:17:15 -0700
This apparently has nothing to do with topic of this newsgroup.
Apparently the folders to which the account does have access
but should not have grants to more than just Domain Users but
you did not say to what those shares are granted.
"OM" <om@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:eQ8$yMatGHA.3240@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
I have a AD network with 3 2003 DCs. Most of our workstations are attached
to the domain while only 40 PCs are non-domain machines.
What I would like to do is to allow all non-domain PCs to be able to
access one shared folder in one of the member server within the domain
using one particular user account.
I created a group called nondomainuser and put a newly created user
account into the group. I removed this user from the domain users group so
it only belong to the nondomainuser group. On the shared folder, I setup
the Share/NTFS permission so that only the nondomainuser group have read
access to it. With this setup, the user is able to access the shared
folder without problem. However, this account is also able to access
shared folders that are accessible by the members in the domain users
group which is something I don't want. The thing that I don't understand
is this user account is not a member of the domain users, but he is still
able to access shared folders that are for members of the domain users.
Can someone advice me if there is any simple solution for such problem?
Thanks
OM
.
- References:
- can this be done easily
- From: OM
- can this be done easily
- Prev by Date: How do you restrict access to directory below parent dir with anon access?
- Next by Date: Re: How do you restrict access to directory below parent dir with anon access?
- Previous by thread: can this be done easily
- Next by thread: Re: Domain Guests
- Index(es):
Relevant Pages
|
