GeoffO
asked on
Windows XP: Security
We have a number of stand-alone (ie non-networked) machines running Windows XP in an open access centre.
We need to be able to let visitors use Microsoft Office XP and other programs, but want all of us on the staff to be able to protect our own documents and data files, as well as the system files, from being tampered with.
My plan is to have one Administrator login, eight separate staff logins and one common login for all guests (there may be hundreds of guests).
I plan to let the guests use ‘My Documents’, ‘My Pictures’ and ‘My everything else’, while staff have a new folder called ‘Documents’ with named sub-folders, sub-sub folders etc.
(a) Is this a sensible way of doing it?
(b) How do we protect our files?
Have studied XP’s Help on this for hours and not been able to see a clear and direct picture of what to do or even a clear explanation of the various different ways on offer.
I would like the answer to be given in the simplest and most explicit terms please.
Regards, GeoffO
We need to be able to let visitors use Microsoft Office XP and other programs, but want all of us on the staff to be able to protect our own documents and data files, as well as the system files, from being tampered with.
My plan is to have one Administrator login, eight separate staff logins and one common login for all guests (there may be hundreds of guests).
I plan to let the guests use ‘My Documents’, ‘My Pictures’ and ‘My everything else’, while staff have a new folder called ‘Documents’ with named sub-folders, sub-sub folders etc.
(a) Is this a sensible way of doing it?
(b) How do we protect our files?
Have studied XP’s Help on this for hours and not been able to see a clear and direct picture of what to do or even a clear explanation of the various different ways on offer.
I would like the answer to be given in the simplest and most explicit terms please.
Regards, GeoffO
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Ok :>)
ASKER
Hello again,
Managed to get on the machine for about one fractured hour today and have made positive progress. It is XP Pro, btw.
May I take a rain check on further developments pending the possibility of getting stuck further along the line? You will not go unrewarded for your help so far in any case.
All the best,
Geoff
Managed to get on the machine for about one fractured hour today and have made positive progress. It is XP Pro, btw.
May I take a rain check on further developments pending the possibility of getting stuck further along the line? You will not go unrewarded for your help so far in any case.
All the best,
Geoff
Geoffo,
Thats cool with me security is a complex issue. The comments made by CrazyOne are good suggestions that I failed to mention. Be careful of taking sole ownership of to many files though. If you arent you could end up getting some odd error messages because a program or another user may need to access files that are locked down because somebody took ownership.
Here is a link that will be helpful to you.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/howto/winxpHOW.ASP
Best of luck,
Gregoree
Thats cool with me security is a complex issue. The comments made by CrazyOne are good suggestions that I failed to mention. Be careful of taking sole ownership of to many files though. If you arent you could end up getting some odd error messages because a program or another user may need to access files that are locked down because somebody took ownership.
Here is a link that will be helpful to you.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/howto/winxpHOW.ASP
Best of luck,
Gregoree
ASKER
Thanks for the Windows XP How-Tos, Gregoree.
Will be back on Monday or Tuesday evening.
All the best,
Geoff
Will be back on Monday or Tuesday evening.
All the best,
Geoff
Ok
ASKER
Hi CrazyOne and gregoree,
One unexpected problem, then general guidance please:
THE PROBLEM
Have set up three machines with Administrator, Staff and Guest logins. Administrator and Staff logins work fine, but on one of the machines when Guest is selected the message comes up “Loading your personal settings”, then after a short pause all three login icons come back again. I can log in as Administrator or Staff, but logging in as Guest causes this endless loop over and over again.
THE GUIDANCE
How/where do I find the facility which defines who shall have access to what?
(Incidentally I have been on an iMac today. Everything you need is in the same window!)
All the best,
Geoff
One unexpected problem, then general guidance please:
THE PROBLEM
Have set up three machines with Administrator, Staff and Guest logins. Administrator and Staff logins work fine, but on one of the machines when Guest is selected the message comes up “Loading your personal settings”, then after a short pause all three login icons come back again. I can log in as Administrator or Staff, but logging in as Guest causes this endless loop over and over again.
THE GUIDANCE
How/where do I find the facility which defines who shall have access to what?
(Incidentally I have been on an iMac today. Everything you need is in the same window!)
All the best,
Geoff
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
>>>> How/where do I find the facility which defines who shall have access to what?
You define who has access to individual files and folders by right-clicking on the object in question and selecting security. You are able to control access for specific users or groups of users. The Groups (both the default built-in groups and groups you create) and Group membership are administered through Control Panel/Administrative Tools/Computer Management/Local Users and Groups.
Using the guest account can be problematic and you may find that you have other issues (some applications may not run etc).
You define who has access to individual files and folders by right-clicking on the object in question and selecting security. You are able to control access for specific users or groups of users. The Groups (both the default built-in groups and groups you create) and Group membership are administered through Control Panel/Administrative Tools/Computer Management/Local Users and Groups.
Using the guest account can be problematic and you may find that you have other issues (some applications may not run etc).
ASKER
Hi gregoree, CrazyOne, gidds99 and hotsextoy,
I am now where I want to be, with all machines having Administrator, Team member and Guest accounts.
How about 100 points each? Total raised to 400 and split four ways.
If you all agree to this, will someone please remind me how to do it?
Regards,
Geoff
I am now where I want to be, with all machines having Administrator, Team member and Guest accounts.
How about 100 points each? Total raised to 400 and split four ways.
If you all agree to this, will someone please remind me how to do it?
Regards,
Geoff
Sounds ok with me. :>)
Geoff,
Hey I am glad to hear you received solutions to your problems. However you would like to distribute points sounds fine with me.
Hey I am glad to hear you received solutions to your problems. However you would like to distribute points sounds fine with me.
Sounds great.
You can reduce the points on this Q to 100 and accept someones comment as the answer. Then you can post another 3 Q's (i.e. Subject: Question for CrazyOne, Question for hotsextoy, etc) each for 100 points and we can each post a comment in the Q and you can then accept as an answer.
I think thats how to do it. The other guys can correct me if I'm wrong.
You can reduce the points on this Q to 100 and accept someones comment as the answer. Then you can post another 3 Q's (i.e. Subject: Question for CrazyOne, Question for hotsextoy, etc) each for 100 points and we can each post a comment in the Q and you can then accept as an answer.
I think thats how to do it. The other guys can correct me if I'm wrong.
This person has been suspended for multiple violations of the Member Agreement, and will reject the proposed answer, and return your question to the Active Questions List. The Moderator Group is deleting all 388 locked questions.
These were posted by three persons:
quirkyquirky
EliteKiller
liloXwin
Thank you,
ComTech
CS Admin @ EE
These were posted by three persons:
quirkyquirky
EliteKiller
liloXwin
Thank you,
ComTech
CS Admin @ EE
yes, and you guys think you're experts - sheesh :-(
sharing is caring...
anythings a okay with me
btw...what did u end up doing? so someone can look back and see what u did to solve this problem...
anythings a okay with me
btw...what did u end up doing? so someone can look back and see what u did to solve this problem...
ASKER
The main thing was to go into Control Panel’s Administrative Tools and, later, into User Accounts.
I don’t think you have had your 100 points – it was all so long ago! Will put them up for you now.
Regards,
GeoffO
I don’t think you have had your 100 points – it was all so long ago! Will put them up for you now.
Regards,
GeoffO
GeoffO:
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
ASKER
Thanks to gregoree, CrazyOne, gidds99 and hotsextoy. I am trying to get you 100 points each as promised, but the split points hasn't recognised the increase from 200 to 400. Hoping that this will do the trick.
ASKER
I think we’re using Windows XP Pro. Will have to confirm this at work today (where we’re not on line yet).
In the meantime will print out your answers and take them with me.
Talk to you again this evening.
Regards, GeoffO