Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Grant access to Open Files via Computer Management Console

Posted on 2008-06-11
15
Medium Priority
?
1,867 Views
Last Modified: 2013-12-04
Windows 2003 Server Standard R2.
I have some users which are not Domain or local Admin.
I need them to be able to view the "Open Files" of a File and Print server via a remote session of the Computer Management console.
Currently when they connect and click on the Open Files icon they get Access Denied error messages.
Please can someone tell me how I can delegate admin of the Open Files function for either View Only or Full control.
0
Comment
Question by:naifyboy123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 3
  • 2
  • +2
15 Comments
 
LVL 14

Expert Comment

by:Ehab Salem
ID: 21758602
How do you open a file from computer Management?
0
 

Author Comment

by:naifyboy123
ID: 21760538
What?
I shall ignore that and wait for someone with some more experience to help.
Thanks anyway
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 21763555
It sounds like you have enough computer savy to set up NTFS and Sharing permissions. So, unless you need help with that, I going to see if I can point you in another direction as to what your problem may be.

Internet explorer enhanced security will not allow folks, even domain administrators, to open files from remote sites, including intranet nodes, if they are OS intrusive files. OS intrusive is defined as (.REG, .EXE, .MSI, .BAT, and some database files). This may sound odd. As a test, go into internet explorer>>tools>>internet options>> security>>sites and put the UNC path in as a trusted site.

My point is, you may have permissions straight, but something is blocking you from accessing these files. I think that's were ehabsalem was going with this.



0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:naifyboy123
ID: 21766999
I dont think we are talking about the same thing here.
I am domain admin. I go into Computer Management console and I can list Open Files in the Open Files section of the console either local or remote.

I have other users who have no form of Admin trying to do the same to the same servers local and remote and they get Access Denied errors.

The issue must be to do with rights for those users on the servers. I need someone to tell me how I can give these guys the required rights to use the "Open Files" section of the Computer Management Console without giving them Admin rights.
0
 
LVL 14

Expert Comment

by:Ehab Salem
ID: 21767023
So you want people to only see which files are open, you do not want to open those files?
0
 

Author Comment

by:naifyboy123
ID: 21767200
Yes....
Can I suggest you and take a look on local machine.
Go to Computer Maangement\Shared Folders\Open Files
Here you can disconnect users and do some other stuff.
My users get the Access Denied message when trying to access this icon.
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 21783575
Computer management is a GUI shell to see the shares and view the permissions of the share. It's not really designed to view the files within the shares. Computer management was meant as a means to provide the administrators a centralized location to manage typical functions on a machine, (like defrag and disk utilities and file share permissions). Computer Management is also used to work with the managed computers snapin in MMC console for 2003 server.

Bottom line is, the local Computer Management "snapin" is not really made to do what you what you wish.

If you want a GUI shell to see an interact with file shares, use Network Neighborhood.
0
 

Author Comment

by:naifyboy123
ID: 21784379
You obviously don't understand what I am trying to do.
I want certain users who are not Admin to go into the comsole and view the Open Files.
I want them to be to see who has what files open etc.


0
 

Author Comment

by:naifyboy123
ID: 21784404
Let me try and explain this again.....
I DO NOT want my nominated users to VIEW files within a share using Comp Management Console.
I want then to view the "Open Files" on a server.
I am getting rather frustrated here. How clearer can I make this?
My original question describes exactl what I am trying to do very clearly. Suggest you read it again please.
0
 

Author Comment

by:naifyboy123
ID: 21784407
.....typo......
I DO NOT want my nominated users to VIEW files within a share using Comp Management Console.
I want then to view the "Open Files" on a server.

Should Read...

I DO NOT want my nominated users to USE files within a share using Comp Management Console.
I want then to VIEW the "Open Files" on a server.
0
 
LVL 39

Expert Comment

by:ChiefIT
ID: 21801458
I haven't located anything to do what you want except MAYBE allow them access to an mmc console with the computer management system as the only assigned snapin for the server.
0
 

Accepted Solution

by:
naifyboy123 earned 0 total points
ID: 21959325
can't find solution from EE - dead question
0
 

Expert Comment

by:GCPSlanops
ID: 23558778
naifyboy123 - I am also wanting to allow certain users to read the open files on a server and also allow them to close them for application maintanence but not give them any other access to the server.  This would be very helpful for our helpdesk staff.  Did you ever find a solution?
0
 

Author Comment

by:naifyboy123
ID: 23565010
no i didnt find an answer unfortunately and whilst i am here, it seems EE does not appear to be as useful as it was a few years ago. many answers get ignored, just refer you to url and pdfs etc, but mostly the lack of reposnse to questions is the concern.
0
 

Expert Comment

by:microIT
ID: 23646977
I'm looking for the same solution.  You have to be an administrator or power user on the server you are trying to view the open files from in order for it to work is what i've found.  power user is not a good solution since that would still allow users to restart services and that is not what we want.

i think the next best solution is to find another application that will do the same function.  Or do some workaround like schedule a task to run a bat file "net files" and export that to a text file on an open share every 10 minutes so the users can read the text file.  That is a clunky workaround, i know.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question