local user account access to another machine?

Posted on 2012-09-20
Last Modified: 2012-09-26
this actually seems like a obvious answer now i write it out,
the situation: windows server 2008 r2

serverA - has local account user: accountx

serverB(same network) has a shared folder,

am i correct there is no way to give accountx permissions on this folder on serverB?

meaning i would need to have a domain account to do this?

many thanks!
Question by:weaverk
    LVL 13

    Expert Comment

    Well because they are both servers, I'm not sure, however it seems like you could go to the Sharing + Security option on the shared folder on serverB (right click the shared folder and choose "Sharing & Security"), and add the user from serverA with permission.  

    When adding the user, you can use DOMAIN\Username if the user is on another domain, or COMPUTERNAME\Username if it is a local username to that computer.
    LVL 11

    Expert Comment

    Or just go to serverB and add a user the same way: same username / same password.
    LVL 70

    Assisted Solution

    Yes - and No

    You could (should) do this with a domain account, however, if you create a user account with the same name on both severs - with the same password, it will work seamlessly (until you change one of the passwords).

    Alternativly when you connect to the share, just use the username/password of an account on the machine where the share is located
    LVL 9

    Expert Comment


    You have serverA\accountx which your process is running under.
    On ServerA in a CMD prompt run:
      getsid.exe \\. accountX \\. accountx
      to get the SID of accountX
    On serverB create or use an account solely for the purpose for logging into serverB from serverA, call it accountY
    On ServerB create a local group that will be used to control access to the share and its folder, call it groupY.
    Add serverB\accountY to groupY
    Use this vbs script to force the SID to be a member of groupY, modify it with proper name and SID
    On Error Resume Next 
    Const ERR_ALREADY_MEMBER=&h80070562 
    strComputer = "." 
    strGroup = "groupY"
    'replace SID below with SID of user to add 
    strSID = "S-1-5-21-979129171-3499849554-561687685-1011" 
    Set objUser=GetObject("WinNT://" & strSID) 
    If Err Then 
        WScript.StdErr.Write "ERROR: Invalid SID " & strSID & VbCrLf 
        WScript.Quit 1 
    End If 
    Set objGroup=GetObject("WinNT://" & strComputer & "/" & strGroup & ",group") 
    If Err Then 
        WScript.StdErr.Write "ERROR: Can't open group " & strComputer & "\" & strGroup & ": 0x" & Hex(Err.Number) & vbCrLf 
        WScript.Quit 1 
    End If 
    objGroup.Add objUser.ADsPath 
    If Err Then 
        If Err.Number = ERR_ALREADY_MEMBER Then 
            WScript.StdErr.Write "ERROR: SID " & strSID & " is already a member of " & strComputer & "\" & strGroup & VbCrLf 
            WScript.StdErr.Write "ERROR: Can't add SID " & strSID & ":  0x" & Hex(Err.Number) & VbCrLf 
        End If 
        WScript.StdErr.Write "Success: Added " & strSID & " to " & strComputer & "\" & strGroup & VbCrLf 
    End If 

    Open in new window

    Save this as ForceSid.vbs on serverB and run it.
      cscript ForceSid.vbs
    Open the members of groupY to verify that the SID is now in there.
    On serverB add groupY to both the share permissions and the folder permissions as desired.
    On serverA open a cmd prompt with RunAs serverA\accountX
    On serverA establish a network login to serverB with this cmd line:
      net use \\serverB\sharename /user:serverB\accountY <password>
    Now you can access the files.
    LVL 10

    Accepted Solution

    When you create accountx as local account on ServerB with the same password the access will be possible. This is workgroup-style access. ServerB authenticates with the username and password to serverA.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Suggested Solutions

    Read about achieving the basic levels of HRIS security in the workplace.
    When the confidentiality and security of your data is a must, trust the highly encrypted cloud fax portfolio used by 12 million businesses worldwide, including nearly half of the Fortune 500.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now