[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 910
  • Last Modified:

How to grant access to a shared folder on Server 2008 DC

Recently I installed a new Windows Server 2008 machine in a network and then joined 3 computers to the domain.  I would like for each computer that is connected to the domain to be able to access a shared folder called Public on the server.  Everytime I try to connect to this server I am prompted for administrator credentials.  Is there a way that I can make this folder available for any computer that is a member of the new domain?
0
Gary Gordon
Asked:
Gary Gordon
  • 6
  • 3
  • 3
  • +3
4 Solutions
 
nutwooCommented:
have you added share and ntfs permissions on the share for the users trying to connect ?
0
 
sirocco87Commented:
-Create a user or multiple user accounts in the AD.
-Create a folder on the server
-Edit sharing and security settings to allow read/write access for the accounts you created earlier.
0
 
myhcCommented:
have you infact added the PC's to the domain. in My computer.  Sounds like you havn't .
Sorry to ask but i don't know your level of knowledge.

If your PC's are on the domain you should just get access denied, not a prompt.

 
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
myhcCommented:
Do your users exist in active directory only or have you added them to the PC as well?
0
 
Gary GordonSolution IntegratorAuthor Commented:
ALL:  The client computers in question have been added to the domain sucesfully.  When I go to Active Directory Users and Computers, there they all are.  Now the windows user profiles on these machines are strictly local.  We are not using domain based accounts or domain based user profiles.

Here's what I did so far.  I shared the folder (\\CBNO\Public).  Created a User Group called "CBNO-PCs" and then added all the domain connected PCs to it.  Then I gave this group "Co-ownership" of the \Public folder on the server.  When I attempt to map the share or connect via run command, I get a username/password prompt.

Can I access this share based on computer membership to the domain or will I have to use a domain based user account for access?  
0
 
myhcCommented:
thats because you can't do it like that. you need to add the users into AD. or create one user that everyone knows. then you could a a mapping presetup to allow access without prompt.
0
 
myhcCommented:
mapping will be

net use z: \\cbno\public /user:username password
0
 
myhcCommented:
you need to create a user called "serveruser" or something, set a password, set user never to expire. then add it to your new group.
If you only use the one user then you can drop the group.

I would recommend creating all users in AD and making people login using them. Otherwise you might as well drop the domain controller and just get a network storage box. £200.

If users logi to the domain you can do the mapping as a global change, and even add icons to the desktop automaticly pointing to the folder required
0
 
ChiefITCommented:
Just use the built in AUTHENTICATED USERS GROUP on the file share for permissions. When they logon to the Active Directory computer, with thier AD user credentials, they will be granted access to the share that has Authenticated users on the share.

0
 
kmalteCommented:
During my 12 odd years in NT Domain/AD Iäve never used this scenario. The only thing that would work is using Everyone for permissions (enabling anonymous access) which is like leaving your front door open at all times.

Is there a reason for not using domain user accounts?

ChiefIT, its local accounts used, not domain accounts.
0
 
ChiefITCommented:
I agree, not using the Everyone account.

Logging on with local users is like having a cadilac setting in your garage and not driving it.

AD is used specifically for sharing and authentication for a group of people. If uses are logging on as a local user when you have a domain, it defeats the purpose of having a domain in the first place. Since these are domain computers, give your users domain user access and then give them domain priveleged access to the file shares.
0
 
Gary GordonSolution IntegratorAuthor Commented:
Well, the server only came with 5 user accounts and this non-proffit can not afford more.  I was under the impression that I could add all the pcs to the domain and then just use local profiles.  To get into shared folders on the server I guese I will need a logon script that supplies credentials of a domain user account with rights to the share.  Can I create more than 5 domain user profiles if I have only 5 licenses that come with the server OS?  Can I create a startup script on the PC that connects to a server share and supplies a domain un/pw?  
0
 
kmalteCommented:
"Can I create more than 5 domain user profiles if I have only 5 licenses that come with the server OS?"
Yes you can but It is probably in breach of the license agreement.

"Can I create a startup script on the PC that connects to a server share and supplies a domain un/pw?"
Absolutely.
0
 
kmalteCommented:
For startup scripts this small tutorial might be helpful: http://www.tutorial5.com/content/view/157/47/

myhc has previously shown how to map the drive so just create a batch file containing something like this:
@echo off
net use X: \\server\share /user:domain\username password /per:no
0
 
myhcCommented:
how is this going ??
0
 
Gary GordonSolution IntegratorAuthor Commented:
Thanks all!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 6
  • 3
  • 3
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now