Solved

Folder permissions on peer to peer windows 7

Posted on 2016-10-25
5
34 Views
Last Modified: 2016-10-26
I have a peer to peer environment on Windows 7 Pro.

\\Braille-Server   is the PC to be used as a file server
\\Brialle-Server\shared  is the folder to hold all user folders (I will prob relocate their My Documents to this folder)
In the shared folder are the following folders

Braille1, Braille2 Braille3 and so on.  SO it would be something like this:
\\Brialle-Server\shared\Braille1
\\Brialle-Server\shared\Braille2
\\Brialle-Server\shared\Braille3

Other computers on the network are named
\\Braille1   \\Braille2  and so on.

Example

On \\Braille-Server\Shared\Braille10 -the ONLY user that should be able to see read/write/delete/modify(full controll)  is the user from the the pc  \\Braille10\USERNAME    I do not want users on the other computers to access this guys folders and files that are stored on the system we are using as a "file server" so to speak.

Any help ASAP would be nice. I need this up by AM.
0
Comment
Question by:Tim Berry
5 Comments
 
LVL 1

Author Comment

by:Tim Berry
Comment Utility
I could create a user name on the server that is the same as the other users on each pc... but hate to create 40 profiles.....unless this is the only way.

I know a Domain Controller would be best but that is a no go.
0
 
LVL 6

Expert Comment

by:No More
Comment Utility
You need proper windows server with Active Directory Domain, where you would make groups of users and set different permissions.

It's same, as with your Group policy issue, Microsoft made it this way for a reason
0
 
LVL 21

Expert Comment

by:yo_bee
Comment Utility
This is a tough one.  If you can stall this project and get trial addition of Windows Server.  You can run it for 180 days until it is running in a inactive mode. I think that will buy you enough time to sell them on Windows Server. Is this even an option?  The authentication process allow will annoy the most patient person.
0
 
LVL 23

Accepted Solution

by:
NVIT earned 500 total points
Comment Utility
I haven't fully tested this, but i think it should work. Review the steps below. Then do 1 client and 1 server share to confirm that it works. If so, then do the remaining accounts and shares.

On the server, make your shared folders.
c:\folder\Braille1
c:\folder\Braille2
etc.

On each client user's station...
- Go to Control Panel, Network and Sharing Center and make sure the Network card is attached to Home/Work and NOT Public.

- Go to Advanced Sharing Settings and check / set the following settings:
  * Network Discovery: On
  * File and Printer Sharing: On
  * Public Folder Sharing: Off (for security and disallows HomeGroup)
  * Media Streaming is Off
  * File sharing connections: Use 128-bit encryption.
  * Password protected sharing: On (do NOT avoid passwords)
  * Use User accounts and passwords to connect to other computers (for security and turns HomeGroup Off).

Make file adduser.bat with code below. Save it to a thumb drive.
Notes:
  * As needed, add a line for each user account.
  * I would add just the users needed to each station.
  * But, the server needs all accounts added since it hosts each user's shares.
  * Still, if you add all the users via adduser.bat, you can manually delete unwanted users when you're done.

net user Braille1User password /ADD
net user Braille2User password /ADD
net user Braille3User password /ADD

Open in new window


Logon each station, open a CMD window and run adduser.bat. This creates the user accounts.

On the server, use ICACLS to adjust permissions...

- Open a CMD window.

Replace ACLs with default inherited ACLs - also affects specified folder:
icacls "c:\folder\Braille1" /reset /t

Open in new window


Disable inheritance and copy the existing ACEs:
icacls "c:\folder\Braille1" /inheritance:d /t

Open in new window


If the folders have the Users group, remove them, including sub-folders.
Else they would still be able to see the folders:
icacls "c:\folder\Braille1" /remove:g "Users" /t

Open in new window


Repeat last 3 steps for each Braille* folder/user.

Grant users modify rights to their server's shared folders:
- Run each line below.
- Add a line for each folder/user
icacls "c:\folder\Braille1" /t /inheritance:d /grant Braille1User:M Braille1User:(OI)(CI)(IO)M
icacls "c:\folder\Braille2" /t /inheritance:d /grant Braille2User:M Braille2User:(OI)(CI)(IO)M
icacls "c:\folder\Braille3" /t /inheritance:d /grant Braille3User:M Braille3User:(OI)(CI)(IO)M

Open in new window

0
 
LVL 1

Author Closing Comment

by:Tim Berry
Comment Utility
Had to do some additional changes but this was the best work around.  Thank you.
0

Featured Post

Want to promote your upcoming event?

Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

Join & Write a Comment

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now