Folder permissions based on computer name instead of user name

Everyone knows that you can set security permissions for a file or
folder (in NTFS) based on specific user accounts or groups. But can
you set the permissions based on a computer account or group?

I want to be able to deny access to specific folders or files based on
the computer account that is being used to access the server, rather
than the user account. I know how to use a loopback policy, that lets
me apply a user policy based on the computer account in the OU, but I
don't know if there is any policy (or preference) relating to
permissions on a specific folder on the server.

The scenario: we have a shared file resource and multiple versions of
different software that use that resource. Some versions of the
software use incompatible file formats. The software is installed on
various PCs. All I want to be able to do is block a person who is on a
specific computer from being able to access that file. I don't want to
block that person if they are on a computer that has the right
software version installed.

We can easily determine which PCs by user account name have the
correct software installed. Problem is how to translate that into GPO
settings when folder permissions in general aren't based around these.

Best I can think of, off the top of my head, is some of the security
policies like Restricted Groups etc. Maybe able to deny access to the
local installed applications on that machine? I don't know enough
about the local security policies to be able to work this one out by
myself.
.

Relevant Pages

  • Re: How do I add a network user to the security permissions on a shared XP folder?
    ... can't figure out what way to setup the permissions. ... user account on the fileserver computer with the same name as my own ... allowed them to list folder contents only. ... Next I allowed the NETWORK ...
    (microsoft.public.windows.server.networking)
  • Re: List View: Calculate all sizes Default?
    ... writable by your user account, view setting changes you make for that ... That would only happen if the ownership and permissions of the .DS_Store ... ..DS_Store files in a given folder with this command line: ...
    (comp.sys.mac.system)
  • Re: Limited Access
    ... uncheck the last option for use simple file sharing. ... that user account to access includes that user account and that other shares ... the needed access to that folder. ... user read/list/execute permissions if you want them to see and copy files ...
    (microsoft.public.windowsxp.security_admin)
  • Re: permissions/inheritance question
    ... | recreate the folder with the ... | | prior permissions. ... | | published or moved the uploads folder. ... In your case, the user account may be IUSER_, or ...
    (microsoft.public.frontpage.client)
  • Re: Elevated Permissions on Vista Workstation!!
    ... I'm sorry for not responding sooner about the permissions issue that I was ... You can access the shared folder with a domain user account that does not ... have the explicit ALLOW access permission on a Windows Vista client. ...
    (microsoft.public.windows.server.sbs)
Loading