?
Solved

REgistry value to restrict access in drive ...

Posted on 2006-06-08
8
Medium Priority
?
1,235 Views
Last Modified: 2008-01-09
Hi! is there anyway in the registry that will disable access to drive c:? or to a particular folder?
0
Comment
Question by:JackOfPH
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16867430
Not that I know of but if you right click on a folder you should be able to change the security settings to prevent users from accessing it (assuming XP or 2000+ with NTFS parts)

eb
0
 
LVL 3

Accepted Solution

by:
Tony Gimenez earned 800 total points
ID: 16868107
Use CACLS from the command line

Start -> Run
or
Hold down the Windows key + R
or
Start -> All Programs -> Accessories -> Command Prompt
and type "cmd" without quotes and press enter

Type the following:

cacls "Type the Path in here, example: C:\Documents and Settings\Admin" /E /R (Enter the Username Here Without Parenthesis)

Remember to keep the quotes in the path name.

Example:

cacls "C:\Documents and Settings" /E /R Admin

Hope this helps
0
 
LVL 15

Author Comment

by:JackOfPH
ID: 16868357
its working great! although it is not in the registry but who cares its what i need.

*Now how can I limit the access only to one person for example the administrator?

*one thing why users who do not have access to the files can still change the permission if they type:
cacls "C:\Documents and Settings" /E /P Admin:F ?

thanks

0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
LVL 23

Assisted Solution

by:Erik Bjers
Erik Bjers earned 600 total points
ID: 16869366
Why use the command prompt, it is much easier if you use the GUI.

What OS do you have?

Win XP Home or MC
Log in with the user you want to beable to access the folder
Navigate to the folder in my computer
Right click and go to properties
Go to the sharing tab
Click the box next to 'Make this file private'

This will set it so that only the currently logged in user can access the folder


Win 2000 or XP Pro
Log in with the admin account
Navigate to the folder in my computer
Right click and go to properties
Go to the Securirt tab
You can add or remove users and groups from the list
     Users and groups on the list can be granted or denied permissions
     A deny will always trump an allow (Bob is a member of Finance group, Finance group has deny full control on c:\test, bob has allow full control on the folder; AS A RESULT BOB WILL HAVE DENY FULL CONTROL BECAUSE OF THE GROUP)

NOTE: You may need to disable inharintence to change permissions.  Do this by;
     WIN 2000: Uncheck the inharitance box under security Tab
     WIN XP PRO: I beleive you need to go to the advanced settings under security tab

eb
0
 
LVL 10

Assisted Solution

by:Sorenson
Sorenson earned 600 total points
ID: 16871104
Command prompt will let you edit (instead of replacing) using the /e switch.  You will need to take ownership of a file/folder to prevent others from changing it directly, however they can take ownership back if they are members of the administrators group.  Make sure that the other users are not members of the adminstrator group on the local computer.
0
 
LVL 3

Expert Comment

by:Tony Gimenez
ID: 16873094
Disable Command Prompt and Registry Editor after implementing these restrictions on the user accounts.

The Registy edit for disabling Command Prompt is
http://windowsxp.mvps.org/disablecmd.htm

The Registry edit for disabling Registry Editor is
http://www.winguides.com/registry/display.php/190/
0
 
LVL 15

Author Comment

by:JackOfPH
ID: 16875082
thanks for all the help... I am pleased with the answers... thanks.
0
 
LVL 23

Expert Comment

by:Erik Bjers
ID: 16875103
Thanks for the points, I hope it all works out for you.

eb
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The Windows Firewall provides an important layer of protection and a rich interface to configure it. Unfortunately, it lacks item level filtering. This article details my process of implementing firewall-as-code to reduce GPO bloat.
Data security in the cloud is very much like a security in an on-premises data center - only without costs for maintaining facilities and computer hardware.
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question