Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 283
  • Last Modified:

Adding a W2K computer to access network share

I have created a network share on a windows 2000 server. I am trying to add a computer from active directory to have access to the share, is this possible?

Meaning I only want that one workstation to have access to the share on the server.
0
mmurfmis
Asked:
mmurfmis
1 Solution
 
chefboy4Commented:
Yes it is possible and it is very easy.  As long as you have formated your drives in NTFS.  Just right click the file you have shared.  Click on Sharing. In the Profiles Properties box click on the Security Tab. Unclick "Allow inheritable permissions from parent to propagate to this object" box at the bottom of the security screen.  It will prompt you asking if you want to copy or remove.  You can just click remove and then you will click the add button.  Make sure in "Look in" you have your domain listed.  Scroll down and find your computer name, it will also have an icon of a computer not a person. Click the computer name, click add, and then click ok.  YOu've done it.  If your server isn't formated in NTFS you do the same things except under the Sharing tab of the Profiles Properties.  
0
 
mmurfmisAuthor Commented:
The server is formatted NTFS and I have added the computer the the share and the security to Everyone Full Control and it says access denied from that machine.
0
 
mmurfmisAuthor Commented:
I am very familiar with Windows 2000 and security, the problem is I have never tried resticting access to a computer on a network share
0
Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

 
chefboy4Commented:
Well I thought you wre crazy for a moment... but then I did it and you were right.  Since I need to do this in the future I'm going to try to play with it.  If I end up figuring it out I will be sure to write again.
0
 
chefboy4Commented:
Well I figured out a way to do it.  It's sort of easy but its a run about way to do it.  You set up a new user... how many ever you want in active directory.  Then go to that users properties and under the account tab click on "Log on To" and then click "The following Computers" add the computer you want them to only sign onto (the computer that you want to only access the share).  Then add these new users to the network share.  That way only these users can sign on to that one computer and only these users can access the share.  Thus you have to be signed onto that computer to access the share.  Whew.
0
 
mmurfmisAuthor Commented:
Ok I figured it out, the way your doing it only gives certain users rights to access a share from a certain computer. Thats not what I want. I want any user logging into a certain machine be the only way to access this share.

So heres what I did, since the server is a member server I created a local user group and added the computer needing access to this share to the local group I created, don't add them to the default local users or everyone for some reason can access the share. By heres where it gets tricky, you also have to add to that user group "NT Authortive\Authenticated Users" to it.

Now when any other machine trys to access the share they cannot, but from the machine specified it works.
0
 
stevenlewisCommented:
Ah, you found out you can only restrict users, and not machines
it is the users that have the SID that is checked against the ACL, and not the machine :~)
0
 
moduloCommented:
Dear expert(s),

A request has been made to close this Q in CS:
http://www3.experts-exchange.com/Community_Support/Q_20613861.html

Without a response in 72 hrs, a moderator will finalize this question by:

 - Saving this Q as a PAQ and refunding the points to the questionner

When you agree or disagree, please add a comment here.

Thank you.

modulo

Community Support Moderator
Experts Exchange
0
 
Computer101Commented:
Question closed and placed in PAQ

Computer101
E-E Admin
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now