password protected individual folders with in a common share

You cannot, natively, password protect files and/or folders in Windows.  Instead, rights are used to control access to files and/or folders.

Ultimately, it would make more sense to use individual users.

-saige-

ok that is what i thought.  i was going to give proper permissions for the individual folders but couldn't figure out how to easily teach the users how to enter their un/pw and then not allow saving the creds.
Sounds like I need a sharepoint server, i think it can do what i want.

Couldn't i use windows digital rights management for the prompting of user creds?

sorry meant, Active Directory Rights Management Services

Google NTFS and you will be enlightened.

@SneekCo - Encryption is not password protection.  It is protection (don't get me wrong).  What the author is after is file/folder level *authenticated* access where potentially one (or more) users will have access to the same resources.

-saige-

If you insist on using a folder password however, please look at folderguard http://www.winability.com/folderguard/

Please be aware that normally, your scenario is not encountered. Why is that? Because we should not share accounts - as simple as that. It bears many risks.

NTFS is not encryption. NTFS is all about authentication and authorization. You are probably confusing NTFS with EFS, Encrypted File System.

Your shared account is what is called an anonymous account, or in NTFS security settings, (not encryption), that account is the "everyone" account (which should not be used), or the "Domain/all users" account, or in your case, "local machine\user account".

So set up your root folder, (share it on the network if need be), and grant everyone access. The subfolders under that "root" folder can then have individual and granular security (access) via the NTFS file system.

Again, this is Computer Science 101. Google is you best friend on this. Here are a few links that may help. Check them out before you Google it.

http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Understanding-Windows-NTFS-Permissions.html

http://www.ntfs.com/ntfs-permissions.htm

Hope that helps

@SneekCo - Agreed, however, when you post something as non-descript as "Google NTFS and you will be enlightened", it's hard to determine if your intention was "Google NTFS password protect folders"; which results in this as the top link (they discuss using NTFS encryption to secure your files/folders); or something else.

Your second post is much more descriptive and more inline with what the author has requested and what has already been recommended.

-saige-

NTFS was not mentioned before my post. And that is the correct approach. The difference between the two post is one during the day when time is limited and one after work. I think "Google NTFS" is very helpful, especially in this case. Might have been in the middle of the posters day also, so a short answer might have been appreciated.

Main point, hope it helped the poster. Don't care about points, just care about helping.

No worries mate.  I guess (to me at least) NTFS was implied when the author posted:

I have server 2012 r2 available, no sharepoint and an AD domain.

-saige-

Just hope we helped him one way or the other. I will take a little longer next time on answers, even during the busy day :-)

I agree that each user should have their own logon--without that you cannot hold users accountable for actions on systems they use--they could simply blame others. Regardless you wanted a solution for your sebnario and as mentioned above encryption or password protecting files and folders are possible. There are many options--check this one out and the editors review on CNET http://download.cnet.com/I-Folder-Locker/3000-2092_4-75450069.html. Here is list of many more arranged by highest editor reviews

There is no need for a third party tool. Yes, as mentioned each user should have their own login, but using the built in security settings for files and folders, based on the NTFS (out of the box) file system, it is available to use, with no addition cost. Again, this is basic Windows Server Operating System stuff. If there is not a how-to article on this site, Google is your best friend.

Hope that helps,

thanks for all the answers but they point is being missed.  The main account is a shared account and it has access to list a folders contents but no read/write access to the folders contained within.  There are 5 users and each users has a folder in the main folder.  I wanted to know if I can natively have windows explorer prompt for user and password each time the individual folders are accessed. I don't want third party tools and don't need a lecture on best practice.

ok thank you.  that is what i thought but i was hopeful i was missing/overlooking something.

You can use Windows explorer in the context of a different user. That means, find the windows explorer in the start menu of on your desktop or in the task bar, or wherever, Then with the mouse hovering over the icon, press and hold one of the shift keys, then right mouse click, a menu will open and among the list of things one of them will be "Run as different user". When you click on that, a window will open that will allow your users to enter their credentials. (User name and password). The windows explorer will be running with that users permissions.

thanks and i understand that but the creds will be stored until the generic account is logged off.  I was hoping for an apache/iis  logon/logoff mechanism within explorer.

When the windows explorer window is closed, the sessions with those credentials is also closed. Good luck.