Solved

What's the most efficent way to deploy workgroup network share?

Posted on 2008-10-24
8
241 Views
Last Modified: 2012-05-05
I have a small office running 20 windows xp. All of them are in same workgoup and each user use same computer, they don't move around. So only one user account is created in each computer and those user accounts are different and require password to log on.
For example:
computer1 - Mary/password
computer2- James/password
so on...

Now the problem is when James need to access Mary's share folder over the network, it prompts for Mary's user name and password. But for security reason, Mary is not supposed to tell James her credentials. I know some other way can make this work by creating James's account (same user name and password) on Mary's PC. But there are 20 PCs, it's not efficient to do this. Or other way around by creating a share account, so when it prompt, the share account credential can be used.

I am wondering that if there is any other efficient way to do this and no user name and password prompt. (I know by installing a DC will work, but the company doesn't have the budget)
0
Comment
Question by:bubuko
8 Comments
 
LVL 25

Accepted Solution

by:
Ron M earned 100 total points
Comment Utility
0
 

Author Comment

by:bubuko
Comment Utility
Thanx!! it works! But do you know what's the theory behind this? Why it doesn't even need to verify account on the sharing pc?

2nd question, I noticed that either with simple sharing or advanced sharing, even I am not in the same group, I can still access share folders. So what's the point of workgroup?

0
 
LVL 4

Assisted Solution

by:spidey23
spidey23 earned 100 total points
Comment Utility
1 - When you enable simple file sharing it uses general permisions for EVERYONE.

essentially opening up that shared folder to anyone, be careful.

You may want to check if users can "accidentally" delete other users shared files.

2 - workgroups served a purpose in the past when domains weren't around yet and/or not adopted yet; it was a way to make it easier for computers to see only the designated workgroup computers; basically it was a way to organize them

Note: for my small business clients with a non-server budget, I use the following, it works great and is 10 times more affordable:

http://www.synology.com/enu/index.php

Check it out and see if it may work for you.

If you are on an even tighter budget, you can also designate one of your PCs as the "server" and place all files on that, the only problem with that is it limits the total number of simultaneous users; I think it's 10, can anyone confirm that?
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
To add to spidey23's comments, have you considered moving from a workgroup to a domain? You would need to purchase the operating system and user licenses, but this is exactly the purpose of a domain. Currently you have several issues:
-you need to create multiple accounts on multiple computers
-you have no central storage location making proper backups near impossible
-you must soon be approaching the XP connection limits. XPpro will only let a maximum of 10 simultaneous connections to a resource (share or printer), and XPhome is limited to 5

A domain allows you to store all files in one place, create the user account once on the server (never on a PC) and then grant read and write privileges to those users. Far easier to manage, much more secure, and not connection limits.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 

Author Comment

by:bubuko
Comment Utility
definitely, a domain is efficient. The problem is the cost. As Spidey23 said, the simple sharing enable permission for everyone. But i think I still don't get it. With advanced sharing, I also make sure the sharing and the permission is open for everyone. But still the network user still need to log on if they don't happen has the same account as in the sharing pc. I think for simple sharing, there is no file permission on it, it only use the share permission. But the everyone here means all the account on this pc or any? I am pretty sure that for the file permission part, everyone means all account on this pc.
0
 
LVL 77

Expert Comment

by:Rob Williams
Comment Utility
Assuming you are using NTFS drive formating, the default for XPpro, you have sharing permissions and security permissions. Generally you set sharing permissions as full control for everyone, and then use the security permissions to control access. The everyone (security/NTFS) account should allow any person even those not authenticated, which is a security risk. As you mentioned you can add each user's name/account to the computer hosting the share, or an easier method would be to create an account for that purpose such as Share1. When the user connects they use that user name and password. At least this way you only have to 1 account on the computer hosting the share.

As for the cost of setting up a domain. Most find that over the 3 year life of the server there is actually a savings if you consider management time.
How are you backing up all of these shares on different computers?
0
 

Author Comment

by:bubuko
Comment Utility
"The everyone (security/NTFS) account should allow any person even those not authenticated, which is a security risk"

Computer 1 : Mary/ password (only this accoutn in this pc)
Computer 2: James/password (only this accoutn in this pc)

I tried to share a folder on Mary's pc with advanced sharing, sharing permissions (everyone/read) and security permissions (everyone/read)

So as you said, James is supposed to be able to access the folder without username/password prompt? But I tested, he is still required to log on.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 100 total points
Comment Utility
You are correct. My apologies. Apparently anonymous access with the Everyone account changed with XP. According to the following you should be able to do so by enabling the Group Policy item in the following link:
http://technet.microsoft.com/en-us/library/cc755781.aspx
Again keep in mind doing so allows any stranger coming into your office to plug into the network and access the share. This is especially critical if you have wireless network.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Let’s list some of the technologies that enable smooth teleworking. 
For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now