Solved

USER RIGHTS ON WIN XP SP2

Posted on 2008-06-10
7
466 Views
Last Modified: 2008-08-26
Hello

I have WIN XP SP2.

I have created 4 accounts on the PC. One is administrator, one is super user with admin rights
and two are limited user.

I want to give full rights on one particular folder to one user but not to the other user.
However under Share  & Security options, the authorisations are given to everyone. That means
all users can access the Fluidyn folder.

However, I want only user1, admin & super user to access the Fluidyn folder and not user2.

How do I change authorisations.

Thanks for a quick answer

0
Comment
Question by:fluidyn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
7 Comments
 
LVL 32

Accepted Solution

by:
r-k earned 250 total points
ID: 21752250
Go to Properties -> Security for that folder.

Click on "Add" and type in the username you don't want having acvcess to that folder (i.e. user2)

Click on OK

Next, click highlight "user2" in the "Group or User names" sub-window, then click on the checkbox for "Full Control" -> Deny. It should automaticaly check all the other Deny boxes.

Click on OK

After this all users should have access to that folder, but user2 should not.
0
 
LVL 6

Expert Comment

by:DaMaestro
ID: 21756738
XP Pro or Home?
0
 

Author Comment

by:fluidyn
ID: 21828948
thanks

I have win xp pro. actually I want to give access to only user1 & deny access to everyone else
execept user1 & administrator

I am not able to define the access rights



0
 
LVL 32

Expert Comment

by:r-k
ID: 21831871
"I am not able to define the access rights"

Can you explain in more detail? What exactly happens when you try to change permissions in the Security dialog?
0
 
LVL 6

Assisted Solution

by:DaMaestro
DaMaestro earned 250 total points
ID: 21833558
I would advise against using the deny permission and instead just change the group permission. I would create a  group such as "SEC-FolderName", adding access for that group, and then add the users you want to that group. Then remove any guests or other groups from the security of that folder (except administrators and system). If you want to use deny, only use it on individual non privleged user accounts. Use the computer management snapin from administrative tools on the start menu and go to users and groups to create groups and add group members.

Regarding not being able to change permissions, it sounds like one of two issues.

1) The system may not be on a domain and it is using simple file sharing. Follow the steps at <http://support.microsoft.com/KB/307874> or <http://support.microsoft.com/kb/304040/en-us> to turn off simple file sharing.

2) The folder is not on a drive formatted with the NTFS file system. Right click the drive in windows explorer. On the first tab verify file system is NTFS. If it is not, consider performing the converstion process if no other operating systems (such as Win98, Win95) need to be supported. Follow the steps at <http://support.microsoft.com/kb/314097/en-us> if you need to convert to NTFS.

If none of the above is applicable use calcs.exe to change the permissions.  Type calcs /? for more information about the command.
In this example I edit the existing ACL on the Test1 (aka .) folder and add grant (/g) full access permission for BUILTIN\Users, which was previously read only. 
 
D:\DropBox\Test1>cacls .
D:\DropBox\Test1 BUILTIN\Administrators:F
                 BUILTIN\Administrators:(OI)(CI)(IO)F
                 NT AUTHORITY\SYSTEM:F
                 NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F
                 NT AUTHORITY\Authenticated Users:C
                 NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)C
                 BUILTIN\Users:R
D:\DropBox\Test1>cacls . /E /T /G "BUILTIN\Users":F
processed dir: D:\DropBox\Test1
 
D:\DropBox\Test1>cacls .
D:\DropBox\Test1 BUILTIN\Administrators:F
                 BUILTIN\Administrators:(OI)(CI)(IO)F
                 NT AUTHORITY\SYSTEM:F
                 NT AUTHORITY\SYSTEM:(OI)(CI)(IO)F
                 NT AUTHORITY\Authenticated Users:C
                 NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)C
                 BUILTIN\Users:F

Open in new window

0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
So the following errors occurs in 2 ways that I am aware of at this stage, and you receive one of the following error messages: ERROR 1. When trying to save a rule: No Web listener is specified for the Web publishing rule Autodiscovery Publishin…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question