Solved

Grant access to Open Files via Computer Management Console

Posted on 2008-06-11
15
1,693 Views
Last Modified: 2013-12-04
Windows 2003 Server Standard R2.
I have some users which are not Domain or local Admin.
I need them to be able to view the "Open Files" of a File and Print server via a remote session of the Computer Management console.
Currently when they connect and click on the Open Files icon they get Access Denied error messages.
Please can someone tell me how I can delegate admin of the Open Files function for either View Only or Full control.
0
Comment
Question by:naifyboy123
  • 8
  • 3
  • 2
  • +2
15 Comments
 
LVL 14

Expert Comment

by:Ehab Salem
ID: 21758602
How do you open a file from computer Management?
0
 

Author Comment

by:naifyboy123
ID: 21760538
What?
I shall ignore that and wait for someone with some more experience to help.
Thanks anyway
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 21763555
It sounds like you have enough computer savy to set up NTFS and Sharing permissions. So, unless you need help with that, I going to see if I can point you in another direction as to what your problem may be.

Internet explorer enhanced security will not allow folks, even domain administrators, to open files from remote sites, including intranet nodes, if they are OS intrusive files. OS intrusive is defined as (.REG, .EXE, .MSI, .BAT, and some database files). This may sound odd. As a test, go into internet explorer>>tools>>internet options>> security>>sites and put the UNC path in as a trusted site.

My point is, you may have permissions straight, but something is blocking you from accessing these files. I think that's were ehabsalem was going with this.



0
 

Author Comment

by:naifyboy123
ID: 21766999
I dont think we are talking about the same thing here.
I am domain admin. I go into Computer Management console and I can list Open Files in the Open Files section of the console either local or remote.

I have other users who have no form of Admin trying to do the same to the same servers local and remote and they get Access Denied errors.

The issue must be to do with rights for those users on the servers. I need someone to tell me how I can give these guys the required rights to use the "Open Files" section of the Computer Management Console without giving them Admin rights.
0
 
LVL 14

Expert Comment

by:Ehab Salem
ID: 21767023
So you want people to only see which files are open, you do not want to open those files?
0
 

Author Comment

by:naifyboy123
ID: 21767200
Yes....
Can I suggest you and take a look on local machine.
Go to Computer Maangement\Shared Folders\Open Files
Here you can disconnect users and do some other stuff.
My users get the Access Denied message when trying to access this icon.
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 21783575
Computer management is a GUI shell to see the shares and view the permissions of the share. It's not really designed to view the files within the shares. Computer management was meant as a means to provide the administrators a centralized location to manage typical functions on a machine, (like defrag and disk utilities and file share permissions). Computer Management is also used to work with the managed computers snapin in MMC console for 2003 server.

Bottom line is, the local Computer Management "snapin" is not really made to do what you what you wish.

If you want a GUI shell to see an interact with file shares, use Network Neighborhood.
0
 

Author Comment

by:naifyboy123
ID: 21784379
You obviously don't understand what I am trying to do.
I want certain users who are not Admin to go into the comsole and view the Open Files.
I want them to be to see who has what files open etc.


0
 

Author Comment

by:naifyboy123
ID: 21784404
Let me try and explain this again.....
I DO NOT want my nominated users to VIEW files within a share using Comp Management Console.
I want then to view the "Open Files" on a server.
I am getting rather frustrated here. How clearer can I make this?
My original question describes exactl what I am trying to do very clearly. Suggest you read it again please.
0
 

Author Comment

by:naifyboy123
ID: 21784407
.....typo......
I DO NOT want my nominated users to VIEW files within a share using Comp Management Console.
I want then to view the "Open Files" on a server.

Should Read...

I DO NOT want my nominated users to USE files within a share using Comp Management Console.
I want then to VIEW the "Open Files" on a server.
0
 
LVL 38

Expert Comment

by:ChiefIT
ID: 21801458
I haven't located anything to do what you want except MAYBE allow them access to an mmc console with the computer management system as the only assigned snapin for the server.
0
 

Accepted Solution

by:
naifyboy123 earned 0 total points
ID: 21959325
can't find solution from EE - dead question
0
 

Expert Comment

by:GCPSlanops
ID: 23558778
naifyboy123 - I am also wanting to allow certain users to read the open files on a server and also allow them to close them for application maintanence but not give them any other access to the server.  This would be very helpful for our helpdesk staff.  Did you ever find a solution?
0
 

Author Comment

by:naifyboy123
ID: 23565010
no i didnt find an answer unfortunately and whilst i am here, it seems EE does not appear to be as useful as it was a few years ago. many answers get ignored, just refer you to url and pdfs etc, but mostly the lack of reposnse to questions is the concern.
0
 

Expert Comment

by:microIT
ID: 23646977
I'm looking for the same solution.  You have to be an administrator or power user on the server you are trying to view the open files from in order for it to work is what i've found.  power user is not a good solution since that would still allow users to restart services and that is not what we want.

i think the next best solution is to find another application that will do the same function.  Or do some workaround like schedule a task to run a bat file "net files" and export that to a text file on an open share every 10 minutes so the users can read the text file.  That is a clunky workaround, i know.
0

Join & Write a Comment

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now