Prevent Users Mapping to Network Drives in a XP Workgroup

We have a workgroup where security has not been an issue until now.  A new PC has been added to the workgroup, it has two shared folders which the other PC's need to access.  This access has been setup and is all OK but I do not want the users on the new PC to be able to map to/view/delete folders on the existing PCs.
I cannot disable the guest account on the existing PC's as there is ESKO prepress software involved which is fairly specific in its requirements and has many shared folders across all existing PC's.

I thought if I could restrict access to the network for the new PC this may overcome the problem.
I have:
1.  Set NoNetDrives on HKEY_CURENT_SUER\SOFTWARE\Microsoft\Windows\CurrentVersion\Polocies\Explorer. to 1.
2.  Cleared out the Map Network Drive MRU list in HKEY_CURENT_SUER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer.

Now the user cannot map to a network drive, cannot view the network via Network Neighbourhood.  But if they know the computer/fodler name they can map to it anyway.
Is there some way of preventing users from doing this?
Jenny CoulthardInformation Technology ManagerAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Jenny CoulthardInformation Technology ManagerAuthor Commented:
Wow, that will work.  Would also require some good documentation for down the track if the situation changed.  Would you recomend setting no access to net1.exe and net.exe or does this sound dangerous?
0
 
Jenny CoulthardInformation Technology ManagerAuthor Commented:
Plus when it says no permissions - does that mean turning off all the allow options for the user under the security tab of the properties for the files mentioned.
0
 
rsimseeCommented:
I'm assuming that since you are using a workgroup rather than a domain that you're not talking about a lot of users / pc's?

Why can't you just use NTFS / Share permissions to restrict access to the folders as you normally would?  I realize it's a little more complilcated to do in a workgroup, but as long as you define everyone's account on each machine, and each users password is consistent among all of the pc's, it essentially would let you control access to whatever resrouces you needed to, sort of like a poor man's domain...

0
 
Jenny CoulthardInformation Technology ManagerAuthor Commented:
Yes it is a workgroup, a domain would be easy.  I know what you mean but dont want to as this would also require disabling the guest account, and their are some process PC's which are in German which I wouldnt even know where to begin (and not XP) , plus a RIP server which is very fussy about permissions I dont want to risk stopping the prepress from producing plates etc.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.