Restrict network share to specific computers

How do I set access permissions to a shared drive on Windows 2003 Server using computer name rather than users? I'm trying to restrict access to the shared drive to specific computers, regardless of the username.

I have added an entry to 'Share Permissions' under 'Group or user names' for the share on SERVER1 to permit access from SERVER2 - 'SERVER2$ (DOMAIN\SERVER2$)' - but when I try to access the network share from SERVER2 I get an error 'Windows cannot access \\SERVER1\sharename'.

What am I doing wrong?
markservAsked:
Who is Participating?
 
McKnifeCommented:
Yes, 2008 fw can do what you need.
0
 
dekkarCommented:
Have you added it both the security tab and the share\permissions?
0
 
markservAuthor Commented:
Thanks for the reply. No, I had only added it to share\permission, but just added 'SERVER2$ (DOMAIN\SERVER2$)' to security tab and get access error - "sharename" is available but the user account you are logged on with was denied access.
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

 
Sekar ChinnakannuStaff EngineerCommented:
we can share to users but not to computer Markserv
0
 
McKnifeCommented:
Of course we can share to computers. But don't get me wrong, this does not mean all users of that computer may access that share but that the system account can. And that's not what you are looking for.

Use firewall rules.
0
 
markservAuthor Commented:
Thanks McKnife, but can you please explain how to configure Windows 2003 firewall to block/allow access from specific computers.
0
 
McKnifeCommented:
Never configured 2003 firewall - it looks as if turning it on closes all connections but those you define as exceptopns.
This could mean a lot of work finding out all exceptions you need. Maybe use a 3rd party firewall or (better) configure it at your router if possible.
0
 
markservAuthor Commented:
Advice from our SonicWall supplier is - 'If you want certain computers to only view the shares and no one else can view any shares on the servers is to put them on a vlan and firewall them. Your sonicwall will do it. But you will be limited on the firewalls throughput.' - which does not sound like an ideal solution.

Does anyone know if the Windows 2008 firewall can do what I'm after? It appears to be a much more sophisticated firewall than 2003.
0
 
markservAuthor Commented:
No detail privided on how to configure firewall.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.