Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

What's the most efficent way to deploy workgroup network share?

Posted on 2008-10-24
8
Medium Priority
?
304 Views
Last Modified: 2012-05-05
I have a small office running 20 windows xp. All of them are in same workgoup and each user use same computer, they don't move around. So only one user account is created in each computer and those user accounts are different and require password to log on.
For example:
computer1 - Mary/password
computer2- James/password
so on...

Now the problem is when James need to access Mary's share folder over the network, it prompts for Mary's user name and password. But for security reason, Mary is not supposed to tell James her credentials. I know some other way can make this work by creating James's account (same user name and password) on Mary's PC. But there are 20 PCs, it's not efficient to do this. Or other way around by creating a share account, so when it prompt, the share account credential can be used.

I am wondering that if there is any other efficient way to do this and no user name and password prompt. (I know by installing a DC will work, but the company doesn't have the budget)
0
Comment
Question by:bubuko
8 Comments
 
LVL 25

Accepted Solution

by:
Ron Malmstead earned 400 total points
ID: 22802015
0
 

Author Comment

by:bubuko
ID: 22802063
Thanx!! it works! But do you know what's the theory behind this? Why it doesn't even need to verify account on the sharing pc?

2nd question, I noticed that either with simple sharing or advanced sharing, even I am not in the same group, I can still access share folders. So what's the point of workgroup?

0
 
LVL 4

Assisted Solution

by:spidey23
spidey23 earned 400 total points
ID: 22802238
1 - When you enable simple file sharing it uses general permisions for EVERYONE.

essentially opening up that shared folder to anyone, be careful.

You may want to check if users can "accidentally" delete other users shared files.

2 - workgroups served a purpose in the past when domains weren't around yet and/or not adopted yet; it was a way to make it easier for computers to see only the designated workgroup computers; basically it was a way to organize them

Note: for my small business clients with a non-server budget, I use the following, it works great and is 10 times more affordable:

http://www.synology.com/enu/index.php

Check it out and see if it may work for you.

If you are on an even tighter budget, you can also designate one of your PCs as the "server" and place all files on that, the only problem with that is it limits the total number of simultaneous users; I think it's 10, can anyone confirm that?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 77

Expert Comment

by:Rob Williams
ID: 22803089
To add to spidey23's comments, have you considered moving from a workgroup to a domain? You would need to purchase the operating system and user licenses, but this is exactly the purpose of a domain. Currently you have several issues:
-you need to create multiple accounts on multiple computers
-you have no central storage location making proper backups near impossible
-you must soon be approaching the XP connection limits. XPpro will only let a maximum of 10 simultaneous connections to a resource (share or printer), and XPhome is limited to 5

A domain allows you to store all files in one place, create the user account once on the server (never on a PC) and then grant read and write privileges to those users. Far easier to manage, much more secure, and not connection limits.
0
 

Author Comment

by:bubuko
ID: 22803934
definitely, a domain is efficient. The problem is the cost. As Spidey23 said, the simple sharing enable permission for everyone. But i think I still don't get it. With advanced sharing, I also make sure the sharing and the permission is open for everyone. But still the network user still need to log on if they don't happen has the same account as in the sharing pc. I think for simple sharing, there is no file permission on it, it only use the share permission. But the everyone here means all the account on this pc or any? I am pretty sure that for the file permission part, everyone means all account on this pc.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 22804226
Assuming you are using NTFS drive formating, the default for XPpro, you have sharing permissions and security permissions. Generally you set sharing permissions as full control for everyone, and then use the security permissions to control access. The everyone (security/NTFS) account should allow any person even those not authenticated, which is a security risk. As you mentioned you can add each user's name/account to the computer hosting the share, or an easier method would be to create an account for that purpose such as Share1. When the user connects they use that user name and password. At least this way you only have to 1 account on the computer hosting the share.

As for the cost of setting up a domain. Most find that over the 3 year life of the server there is actually a savings if you consider management time.
How are you backing up all of these shares on different computers?
0
 

Author Comment

by:bubuko
ID: 22804273
"The everyone (security/NTFS) account should allow any person even those not authenticated, which is a security risk"

Computer 1 : Mary/ password (only this accoutn in this pc)
Computer 2: James/password (only this accoutn in this pc)

I tried to share a folder on Mary's pc with advanced sharing, sharing permissions (everyone/read) and security permissions (everyone/read)

So as you said, James is supposed to be able to access the folder without username/password prompt? But I tested, he is still required to log on.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 400 total points
ID: 22804443
You are correct. My apologies. Apparently anonymous access with the Everyone account changed with XP. According to the following you should be able to do so by enabling the Group Policy item in the following link:
http://technet.microsoft.com/en-us/library/cc755781.aspx
Again keep in mind doing so allows any stranger coming into your office to plug into the network and access the share. This is especially critical if you have wireless network.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question