Re: Windows Security Question



"G.O.Varney" <garyf@xxxxxxxxxxx> wrote in message
news:5c969175-075c-4f97-bba6-75117a1c29bb@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I've been working on mainframes for 30+ years and therefore understand
their
security which basically comes donw to " If I have a userid and
password for
a mainframe system I can logon and access files that I have been
given
permission to access".

This doesn't seem to be the case for Windows Security so I am very
confused.


This is my situation. Home LAN. I am defined on all systems with
userid of
GOVARNEY with administrator authority. The passwords on all systems
are the
same. Systems are mostly XP Pro with 1 Vista Home Ultimate.


I am on system 1 and map a network drive to the C drive of system 2.
As I
understand it the userid and password of system 1 is used for
authentication
on system 2. Given they are the same I thought I should have access
to all
files and directories that GOVARNEY on system 2 has access to.


This is not the case. Why ?????
--
Regards,
G.O.Varney



I suspect that your systems are still in the default state, set to use
Simple
or Guest only security model for network sharing. In this config, once
an account has authenticated for network login (share access) the
credentials
are transitioned to those of the Guest account and then all file/directory
access is authorized against that, so access is granted only where Guest
has permissions. When set to the classic sharing model things work much
as you expect as stated in your initial paragraph.
Although the wording varies some between OS versions, if you open the
local security policy (start/run gpedit.msc) and navigate to the local
security
options (Computer node, Windows settings, Security settings, Local policy,
Security Option) look in the network access policies for such as Sharing
and security model. In XP this was also available in the Folder option
at the bottom (off the Tools menu)

Roger


.



Relevant Pages

  • RE: How to restrict users to see data in a mutiuser environment?
    ... interested setting up workgroup security. ... ' Gets the userid of the current user. ... Dim Length As Long ... which you open the form you want to filter. ...
    (microsoft.public.access.modulesdaovba)
  • Re: References for Brivo Systems Door Access Controls?
    ... I don't like the security ... happens when someone steals my userid and password? ... The panel is Internet connected and they connect to it ... you'd have to find some access control panels and some ...
    (alt.security.alarms)
  • RE: How to restrict users to see data in a mutiuser environment?
    ... ' Gets the userid of the current user. ... Dim Length As Long ... If you plan to use workgroup security, you could assign users to groups by ... which you open the form you want to filter. ...
    (microsoft.public.access.modulesdaovba)
  • Re: Off-the-wall Auditor Requests (was RE: Hardware Alerts)
    ... What I am hinting here is that account locking COULD be a security *risk* rather than a security enhancement to a system - because although brute force cracking of account credentials is possible, abusing a userid lockout is far easier and accessible to implement! ... Access to the RACF DB, and its backups, was tightly controlled so that a brute-force approach, by unloading the RACF DB, wasn't possible outside the Security Administration staff. ... If any DOS attempt was made for production userid's, the Operations staff had instructions to "Run this Started Task" and notify the ENTIRE security admin staff ASAP. ...
    (bit.listserv.ibm-main)
  • Re: Finding Records
    ... > login point forward that this user created. ... in the table to store the UserID, and the form whereby records are added ... security, rather than using Access's built-in user-level security (which ... UserID is an administrator. ...
    (microsoft.public.access.formscoding)