Adding a W2K computer to access network share

I have created a network share on a windows 2000 server. I am trying to add a computer from active directory to have access to the share, is this possible?

Meaning I only want that one workstation to have access to the share on the server.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Yes it is possible and it is very easy.  As long as you have formated your drives in NTFS.  Just right click the file you have shared.  Click on Sharing. In the Profiles Properties box click on the Security Tab. Unclick "Allow inheritable permissions from parent to propagate to this object" box at the bottom of the security screen.  It will prompt you asking if you want to copy or remove.  You can just click remove and then you will click the add button.  Make sure in "Look in" you have your domain listed.  Scroll down and find your computer name, it will also have an icon of a computer not a person. Click the computer name, click add, and then click ok.  YOu've done it.  If your server isn't formated in NTFS you do the same things except under the Sharing tab of the Profiles Properties.  
mmurfmisAuthor Commented:
The server is formatted NTFS and I have added the computer the the share and the security to Everyone Full Control and it says access denied from that machine.
mmurfmisAuthor Commented:
I am very familiar with Windows 2000 and security, the problem is I have never tried resticting access to a computer on a network share
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

Well I thought you wre crazy for a moment... but then I did it and you were right.  Since I need to do this in the future I'm going to try to play with it.  If I end up figuring it out I will be sure to write again.
Well I figured out a way to do it.  It's sort of easy but its a run about way to do it.  You set up a new user... how many ever you want in active directory.  Then go to that users properties and under the account tab click on "Log on To" and then click "The following Computers" add the computer you want them to only sign onto (the computer that you want to only access the share).  Then add these new users to the network share.  That way only these users can sign on to that one computer and only these users can access the share.  Thus you have to be signed onto that computer to access the share.  Whew.
mmurfmisAuthor Commented:
Ok I figured it out, the way your doing it only gives certain users rights to access a share from a certain computer. Thats not what I want. I want any user logging into a certain machine be the only way to access this share.

So heres what I did, since the server is a member server I created a local user group and added the computer needing access to this share to the local group I created, don't add them to the default local users or everyone for some reason can access the share. By heres where it gets tricky, you also have to add to that user group "NT Authortive\Authenticated Users" to it.

Now when any other machine trys to access the share they cannot, but from the machine specified it works.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ah, you found out you can only restrict users, and not machines
it is the users that have the SID that is checked against the ACL, and not the machine :~)
Dear expert(s),

A request has been made to close this Q in CS:

Without a response in 72 hrs, a moderator will finalize this question by:

 - Saving this Q as a PAQ and refunding the points to the questionner

When you agree or disagree, please add a comment here.

Thank you.


Community Support Moderator
Experts Exchange
Question closed and placed in PAQ

E-E Admin
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.