Solved

What's the most efficent way to deploy workgroup network share?

Posted on 2008-10-24
8
265 Views
Last Modified: 2012-05-05
I have a small office running 20 windows xp. All of them are in same workgoup and each user use same computer, they don't move around. So only one user account is created in each computer and those user accounts are different and require password to log on.
For example:
computer1 - Mary/password
computer2- James/password
so on...

Now the problem is when James need to access Mary's share folder over the network, it prompts for Mary's user name and password. But for security reason, Mary is not supposed to tell James her credentials. I know some other way can make this work by creating James's account (same user name and password) on Mary's PC. But there are 20 PCs, it's not efficient to do this. Or other way around by creating a share account, so when it prompt, the share account credential can be used.

I am wondering that if there is any other efficient way to do this and no user name and password prompt. (I know by installing a DC will work, but the company doesn't have the budget)
0
Comment
Question by:bubuko
8 Comments
 
LVL 25

Accepted Solution

by:
Ron Malmstead earned 100 total points
ID: 22802015
0
 

Author Comment

by:bubuko
ID: 22802063
Thanx!! it works! But do you know what's the theory behind this? Why it doesn't even need to verify account on the sharing pc?

2nd question, I noticed that either with simple sharing or advanced sharing, even I am not in the same group, I can still access share folders. So what's the point of workgroup?

0
 
LVL 4

Assisted Solution

by:spidey23
spidey23 earned 100 total points
ID: 22802238
1 - When you enable simple file sharing it uses general permisions for EVERYONE.

essentially opening up that shared folder to anyone, be careful.

You may want to check if users can "accidentally" delete other users shared files.

2 - workgroups served a purpose in the past when domains weren't around yet and/or not adopted yet; it was a way to make it easier for computers to see only the designated workgroup computers; basically it was a way to organize them

Note: for my small business clients with a non-server budget, I use the following, it works great and is 10 times more affordable:

http://www.synology.com/enu/index.php

Check it out and see if it may work for you.

If you are on an even tighter budget, you can also designate one of your PCs as the "server" and place all files on that, the only problem with that is it limits the total number of simultaneous users; I think it's 10, can anyone confirm that?
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 77

Expert Comment

by:Rob Williams
ID: 22803089
To add to spidey23's comments, have you considered moving from a workgroup to a domain? You would need to purchase the operating system and user licenses, but this is exactly the purpose of a domain. Currently you have several issues:
-you need to create multiple accounts on multiple computers
-you have no central storage location making proper backups near impossible
-you must soon be approaching the XP connection limits. XPpro will only let a maximum of 10 simultaneous connections to a resource (share or printer), and XPhome is limited to 5

A domain allows you to store all files in one place, create the user account once on the server (never on a PC) and then grant read and write privileges to those users. Far easier to manage, much more secure, and not connection limits.
0
 

Author Comment

by:bubuko
ID: 22803934
definitely, a domain is efficient. The problem is the cost. As Spidey23 said, the simple sharing enable permission for everyone. But i think I still don't get it. With advanced sharing, I also make sure the sharing and the permission is open for everyone. But still the network user still need to log on if they don't happen has the same account as in the sharing pc. I think for simple sharing, there is no file permission on it, it only use the share permission. But the everyone here means all the account on this pc or any? I am pretty sure that for the file permission part, everyone means all account on this pc.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 22804226
Assuming you are using NTFS drive formating, the default for XPpro, you have sharing permissions and security permissions. Generally you set sharing permissions as full control for everyone, and then use the security permissions to control access. The everyone (security/NTFS) account should allow any person even those not authenticated, which is a security risk. As you mentioned you can add each user's name/account to the computer hosting the share, or an easier method would be to create an account for that purpose such as Share1. When the user connects they use that user name and password. At least this way you only have to 1 account on the computer hosting the share.

As for the cost of setting up a domain. Most find that over the 3 year life of the server there is actually a savings if you consider management time.
How are you backing up all of these shares on different computers?
0
 

Author Comment

by:bubuko
ID: 22804273
"The everyone (security/NTFS) account should allow any person even those not authenticated, which is a security risk"

Computer 1 : Mary/ password (only this accoutn in this pc)
Computer 2: James/password (only this accoutn in this pc)

I tried to share a folder on Mary's pc with advanced sharing, sharing permissions (everyone/read) and security permissions (everyone/read)

So as you said, James is supposed to be able to access the folder without username/password prompt? But I tested, he is still required to log on.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 100 total points
ID: 22804443
You are correct. My apologies. Apparently anonymous access with the Everyone account changed with XP. According to the following you should be able to do so by enabling the Group Policy item in the following link:
http://technet.microsoft.com/en-us/library/cc755781.aspx
Again keep in mind doing so allows any stranger coming into your office to plug into the network and access the share. This is especially critical if you have wireless network.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Port forwarding 14 153
nexus filter logs 3 44
How do I determine past ip addresses of multiple computers logged onto my network? 5 74
windows explorer default details view 10 58
Resolve DNS query failed errors for Exchange
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question