Re: Limited Access
- From: mchjr01 <mchjr01@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 13 May 2006 08:04:02 -0700
Steve,
Thanks again for your quick reply. Let me give you my actual scenario:
Within my LAN:
I have a desktop that I use as my fax server, running Win XP-Pro SP2. I also
have 2 - laptops, one I am using as a desktop hard wired to my router and the
other one is my portable that I use when I travel. Again both laptops are
running Win XP Pro SP2. On my desktop and wired laptop the hard drives are
partitioned with my data separated from the C drives. Moreover, on my wired
laptop, I attached a 300GB hard drive through a firewire for my data storage.
None of my C - drives on these workstations are shared but all the other
drives are shared. I changed the permissions on these shared drives showing
me as the only one who can access the folders through remote desktop. My ISP
is DSL with static IP.
After changing the permissions, I am being prompted for a userid and a
password to access the hard drive on the wired laptop from my portable
laptop. What I would like to accomplish is being able to add my userid from
my portable laptop to access my data drivers on my desktop and wired laptop
without being prompted for a password. That is the reason why I want to know
on how to change the Loacation on the permissions. Examples: On my desktop, I
would like to add my userid from my portable laptop to read as vaio\userid.
From my wired laptop, I would like to add my userid on my desktop to readdell\userid.
Outside of my LAN:
I opened Port 3389 on my router for remote desktop connection. From anywhere
I just type my IP address of which is forwarded to my desktop's IP (which I
made it static as well) to login and access my files on my desktop (like
retrieving my faxes). Moreover, from my desktop remotely connected, I can
access the external hard drive connected to my wired laptop. By the way
access to my desktop and wired laptop are all accessible through a userid and
a password.
With the above scenario, on my desktop, I would like to have my children and
friends to be able to login to my desktop with limited access to only the
shared directory on my desktop. As I mentioned earlier, I created a userid
with a password on my desktop, as limited user, for them to be able to login
remotely and that is when I was getting the error mesage. To remote connect
from the login screen they will type the IP address of my ISP then the
desktop login screen comes up and that where they are supposed to type in the
id I created.
Again , you have been very helpful and I hope you'll never get tired of my
dumbness on this. Your help is very much appreciated.
Mike
"Steven L Umbach" wrote:
First off I will make the assumption that by remote connect you mean access.
to a network share through My Network Places and not Remote Desktop. If that
is not the case then make sure you let me know exactly what you are
attempting to do.
You want to use the computer's name that you are logged onto with the share
to add a user account to the permissions list. The computer name will be the
only location unless the computer is a member of an Active Directory domain
which is not your case. You simply want to add the user name that has the
same name as used by users logging onto your other computers. For instance
if user Bob wants to access your share you will need to create a user Bob on
your computer with the share and give it the same password as user Bob users
to logon to his computer and a password must be use as by default XP Pro
will not allow user account with blank passwords to access the computer over
the network. You can go to Control Panel - users or enter lusrmgr.msc in the
run box to manage user accounts.
The local policy of this system does not permit to login interactively means
that the user does not have the user right for logon locally on the
computer. You can mange user rights in Local Security Policy under local
policies/user rights. Enter secpol.msc in the run box to easily open Local
Security Policy. The user must either explicitly or by group membership have
the user right for logon locally and NOT either explicitly or by group
membership have the user right for deny logon locally. Generally I have
authenticated users and administrators listed for the user right for logon
locally and only have the support_... account listed in deny logon
ocally. --- Steve
"mchjr01" <mchjr01@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:DF489691-D18D-4FBF-8787-3E178D0A133B@xxxxxxxxxxxxxxxx
Steve,
Thanks for your help and I followed the link you gave me and was able to
restrict the shared drives and folders. However, I have another question,
if
I may:
First off is when I remote connect to my desktop from my laptop within my
LAN, I cannot access the shared dirve and folders, for my remote id coming
from my laptop is not recognized. When I try add it to the list I cannot
change the location name to my laptop and the only name on the list is my
desktop. I cannot add any id's from my two laptops to my desktop because I
cannot change the location.
Secondly, when I use the limited user id I created on my desktop for
remote
users to connect to my desktop, it does not work and a message saying "The
local policy of this system does not permit to login interactively". I
tried
to navigate through the Administrative Tools from the Control Panel but I
cannot find the place to edit or to alter the permission to allow the
limited
user id - enable to remotely login. Would you be kind enough to help me
again
and direct me where to go.
Again, thanks for your help.
Mike
"Steven L Umbach" wrote:
First you need to disable simple file sharing on your XP Pro computer
with
the share by going to Windows Explorer/tools/folder options - view and
uncheck the last option for use simple file sharing. That will make sure
that users need to authenticate to your computer. Then create a user
account
[Control Panel/user accounts] on that computer that is NOT a local
administrator or power user and make sure that only the shares that you
want
that user account to access includes that user account and that other
shares
do not include users or everyone. Then you can also access the security
tab
in the properties of any folder such as the one you share and grant the
user
the needed access to that folder. For instance you might want to give the
user read/list/execute permissions if you want them to see and copy files
from that folder only. If you want tem to be able to write to it also
grant
them write permissions. Modify permission allows the user to also delete
files in the folder so be careful with that. The link below explains more
on
setting folder permissions. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;308418
"mchjr01" <mchjr01@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1D651E69-FFC0-4FCB-93B4-09919851D8FC@xxxxxxxxxxxxxxxx
I have a Home Network with 2 - laptops and 1 - desktop all running Win
XP-Pro
SP2. My ISP is DSL with static IP. I have file and printer sharing
enabled
and be able to connect among my laptops and desktop within my LAN. I
have
my
static IP port forwarded to my desktop for remote connection.
I am using my desktop as a fax server and a partition as shared drive
for
my
children for them to download pictures and whatnot. My question and
please
help me is how do I create a user id and password with limited access
only
to
my desktop without the capabilty of accessing the other drives in my
network.
My current id, for remote connect on my desktop, has the capability of
accessing the other workstations within my network. My ultimate wish is
only
for anybody - just to have access into my shared drive in my desktop.
Your help on this will be very much appreciated.
Thanks,
Mike
- Follow-Ups:
- Re: Limited Access
- From: Steven L Umbach
- Re: Limited Access
- References:
- Re: Limited Access
- From: Steven L Umbach
- Re: Limited Access
- From: mchjr01
- Re: Limited Access
- From: Steven L Umbach
- Re: Limited Access
- Prev by Date: Re: Adding a Program
- Next by Date: Re: Adding a Program
- Previous by thread: Re: Limited Access
- Next by thread: Re: Limited Access
- Index(es):
Relevant Pages
|
