Solved

USER RIGHTS ON WIN XP SP2

Posted on 2008-06-10
7
459 Views
Last Modified: 2008-08-26
Hello

I have WIN XP SP2.

I have created 4 accounts on the PC. One is administrator, one is super user with admin rights
and two are limited user.

I want to give full rights on one particular folder to one user but not to the other user.
However under Share  & Security options, the authorisations are given to everyone. That means
all users can access the Fluidyn folder.

However, I want only user1, admin & super user to access the Fluidyn folder and not user2.

How do I change authorisations.

Thanks for a quick answer

0
Comment
Question by:fluidyn
  • 2
  • 2
7 Comments
 
LVL 32

Accepted Solution

by:
r-k earned 250 total points
ID: 21752250
Go to Properties -> Security for that folder.

Click on "Add" and type in the username you don't want having acvcess to that folder (i.e. user2)

Click on OK

Next, click highlight "user2" in the "Group or User names" sub-window, then click on the checkbox for "Full Control" -> Deny. It should automaticaly check all the other Deny boxes.

Click on OK

After this all users should have access to that folder, but user2 should not.
0
 
LVL 6

Expert Comment

by:DaMaestro
ID: 21756738
XP Pro or Home?
0
 

Author Comment

by:fluidyn
ID: 21828948
thanks

I have win xp pro. actually I want to give access to only user1 & deny access to everyone else
execept user1 & administrator

I am not able to define the access rights



0
 
LVL 32

Expert Comment

by:r-k
ID: 21831871
"I am not able to define the access rights"

Can you explain in more detail? What exactly happens when you try to change permissions in the Security dialog?
0
 
LVL 6

Assisted Solution

by:DaMaestro
DaMaestro earned 250 total points
ID: 21833558
I would advise against using the deny permission and instead just change the group permission. I would create a  group such as "SEC-FolderName", adding access for that group, and then add the users you want to that group. Then remove any guests or other groups from the security of that folder (except administrators and system). If you want to use deny, only use it on individual non privleged user accounts. Use the computer management snapin from administrative tools on the start menu and go to users and groups to create groups and add group members.

Regarding not being able to change permissions, it sounds like one of two issues.

1) The system may not be on a domain and it is using simple file sharing. Follow the steps at <http://support.microsoft.com/KB/307874> or <http://support.microsoft.com/kb/304040/en-us> to turn off simple file sharing.

2) The folder is not on a drive formatted with the NTFS file system. Right click the drive in windows explorer. On the first tab verify file system is NTFS. If it is not, consider performing the converstion process if no other operating systems (such as Win98, Win95) need to be supported. Follow the steps at <http://support.microsoft.com/kb/314097/en-us> if you need to convert to NTFS.

If none of the above is applicable use calcs.exe to change the permissions.  Type calcs /? for more information about the command.
In this example I edit the existing ACL on the Test1 (aka .) folder and add grant (/g) full access permission for BUILTIN\Users, which was previously read only. 
 

D:\DropBox\Test1>cacls .

D:\DropBox\Test1 BUILTIN\Administrators:F

                 BUILTIN\Administrators:(OI)(CI)(IO)F

                 NT AUTHORITY\SYSTEM:F

                 NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F

                 NT AUTHORITY\Authenticated Users:C

                 NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)C

                 BUILTIN\Users:R

D:\DropBox\Test1>cacls . /E /T /G "BUILTIN\Users":F

processed dir: D:\DropBox\Test1
 

D:\DropBox\Test1>cacls .

D:\DropBox\Test1 BUILTIN\Administrators:F

                 BUILTIN\Administrators:(OI)(CI)(IO)F

                 NT AUTHORITY\SYSTEM:F

                 NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F

                 NT AUTHORITY\Authenticated Users:C

                 NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)C

                 BUILTIN\Users:F

Open in new window

0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

In Africa (and potentially where you live…), reliability of ISPs is questionable.  With the increased reliance on e-mail as one of the primary forms of communication, the costs to business are significant based on interuption of ISP Connectivity.  T…
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now