Re: Windows Security Question



"G.O.Varney" <garyf@xxxxxxxxxxx> wrote in message
news:5c969175-075c-4f97-bba6-75117a1c29bb@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I've been working on mainframes for 30+ years and therefore understand
their
security which basically comes donw to " If I have a userid and
password for
a mainframe system I can logon and access files that I have been
given
permission to access".

This doesn't seem to be the case for Windows Security so I am very
confused.


This is my situation. Home LAN. I am defined on all systems with
userid of
GOVARNEY with administrator authority. The passwords on all systems
are the
same. Systems are mostly XP Pro with 1 Vista Home Ultimate.


I am on system 1 and map a network drive to the C drive of system 2.
As I
understand it the userid and password of system 1 is used for
authentication
on system 2. Given they are the same I thought I should have access
to all
files and directories that GOVARNEY on system 2 has access to.


This is not the case. Why ?????
--
Regards,
G.O.Varney



I suspect that your systems are still in the default state, set to use
Simple
or Guest only security model for network sharing. In this config, once
an account has authenticated for network login (share access) the
credentials
are transitioned to those of the Guest account and then all file/directory
access is authorized against that, so access is granted only where Guest
has permissions. When set to the classic sharing model things work much
as you expect as stated in your initial paragraph.
Although the wording varies some between OS versions, if you open the
local security policy (start/run gpedit.msc) and navigate to the local
security
options (Computer node, Windows settings, Security settings, Local policy,
Security Option) look in the network access policies for such as Sharing
and security model. In XP this was also available in the Folder option
at the bottom (off the Tools menu)

Roger


.