Everyone group in Windows 2003 server

Hello there,

I have a Windows 2003 file server that has a shared folder for users' access.
We have multiple users and they login to their local Windows with the same name ( HRUser) and password.
Each window(XP) has a mapped network drive to the shared folder of the server.
We do not have a Domain Controller.

My question is regarding 'Everyone' Group.
If I remove Everyone group from the share permission of the shared folder in the server, will it be safer?

Thanks for your time.
Who is Participating?
though saying that, yes its more secure, as you can just add users you want   - best practice is share permissions = everyone full control then narrow down the NTFS permissions on sub folders
your life will get extremely hard!
JOSHUABTAuthor Commented:
May I ask why my life will get extremely hard?
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

May I ask why you haven't made the Windows 2003 server a DC and then have everyone log into it?
Kevin HaysIT AnalystCommented:
Oh boy, amen on that Jay!

What Jay means is that if you take away the everyone group then you will have to have the users on the clients with passwords and the same clients on the server with the same passwords essentialy.  That is way too much overhead IMHO.  You could possibly use the "guest" account, but I still wouldn't do that.  My philosophy is that if people are not in my domain then I don't want them to get any network access to my main network.  This is a totally different situation though.

If you have more than 10 workstations then I would suggest moving to a domain if possible.
JOSHUABTAuthor Commented:
To ResourcePc : We don't have a Domain Controller because of the extra cost for the license. We do have CAL for all 50 users but I think Domain User License is more expensive than regular Windows CAL. Please correct me if I'm wrong.

TO kshays : All the client PCs use the same user name to login their Windows. So I don't have to create so many user accounts in the server.

Now, will my life be still extremely hard if I remove "Everyone" group from the share permission?

Thanks for your responses.
Kevin HaysIT AnalystCommented:

I would just test it and see.  For what may be hard or easy for me might be different for you.  Honestly I would just remove the group from the share and put in authenticated users instead and then lock them down or modify the ntfs permissions then test, test test :)

Thanks kev,

you should still be able to just add the one user to that share, but honestly, i would leave as is, security obviously isnt a huge thing for you or you would have a domain
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.