Solved

REgistry value to restrict access in drive ...

Posted on 2006-06-08
8
1,211 Views
Last Modified: 2008-01-09
Hi! is there anyway in the registry that will disable access to drive c:? or to a particular folder?
0
Comment
Question by:JackOfPH
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16867430
Not that I know of but if you right click on a folder you should be able to change the security settings to prevent users from accessing it (assuming XP or 2000+ with NTFS parts)

eb
0
 
LVL 3

Accepted Solution

by:
Tony Gimenez earned 200 total points
ID: 16868107
Use CACLS from the command line

Start -> Run
or
Hold down the Windows key + R
or
Start -> All Programs -> Accessories -> Command Prompt
and type "cmd" without quotes and press enter

Type the following:

cacls "Type the Path in here, example: C:\Documents and Settings\Admin" /E /R (Enter the Username Here Without Parenthesis)

Remember to keep the quotes in the path name.

Example:

cacls "C:\Documents and Settings" /E /R Admin

Hope this helps
0
 
LVL 15

Author Comment

by:JackOfPH
ID: 16868357
its working great! although it is not in the registry but who cares its what i need.

*Now how can I limit the access only to one person for example the administrator?

*one thing why users who do not have access to the files can still change the permission if they type:
cacls "C:\Documents and Settings" /E /P Admin:F ?

thanks

0
Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

 
LVL 23

Assisted Solution

by:Erik Bjers
Erik Bjers earned 150 total points
ID: 16869366
Why use the command prompt, it is much easier if you use the GUI.

What OS do you have?

Win XP Home or MC
Log in with the user you want to beable to access the folder
Navigate to the folder in my computer
Right click and go to properties
Go to the sharing tab
Click the box next to 'Make this file private'

This will set it so that only the currently logged in user can access the folder


Win 2000 or XP Pro
Log in with the admin account
Navigate to the folder in my computer
Right click and go to properties
Go to the Securirt tab
You can add or remove users and groups from the list
     Users and groups on the list can be granted or denied permissions
     A deny will always trump an allow (Bob is a member of Finance group, Finance group has deny full control on c:\test, bob has allow full control on the folder; AS A RESULT BOB WILL HAVE DENY FULL CONTROL BECAUSE OF THE GROUP)

NOTE: You may need to disable inharintence to change permissions.  Do this by;
     WIN 2000: Uncheck the inharitance box under security Tab
     WIN XP PRO: I beleive you need to go to the advanced settings under security tab

eb
0
 
LVL 10

Assisted Solution

by:Sorenson
Sorenson earned 150 total points
ID: 16871104
Command prompt will let you edit (instead of replacing) using the /e switch.  You will need to take ownership of a file/folder to prevent others from changing it directly, however they can take ownership back if they are members of the administrators group.  Make sure that the other users are not members of the adminstrator group on the local computer.
0
 
LVL 3

Expert Comment

by:Tony Gimenez
ID: 16873094
Disable Command Prompt and Registry Editor after implementing these restrictions on the user accounts.

The Registy edit for disabling Command Prompt is
http://windowsxp.mvps.org/disablecmd.htm

The Registry edit for disabling Registry Editor is
http://www.winguides.com/registry/display.php/190/
0
 
LVL 15

Author Comment

by:JackOfPH
ID: 16875082
thanks for all the help... I am pleased with the answers... thanks.
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16875103
Thanks for the points, I hope it all works out for you.

eb
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question