[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 98
  • Last Modified:

Folder permissions on peer to peer windows 7

I have a peer to peer environment on Windows 7 Pro.

\\Braille-Server   is the PC to be used as a file server
\\Brialle-Server\shared  is the folder to hold all user folders (I will prob relocate their My Documents to this folder)
In the shared folder are the following folders

Braille1, Braille2 Braille3 and so on.  SO it would be something like this:
\\Brialle-Server\shared\Braille1
\\Brialle-Server\shared\Braille2
\\Brialle-Server\shared\Braille3

Other computers on the network are named
\\Braille1   \\Braille2  and so on.

Example

On \\Braille-Server\Shared\Braille10 -the ONLY user that should be able to see read/write/delete/modify(full controll)  is the user from the the pc  \\Braille10\USERNAME    I do not want users on the other computers to access this guys folders and files that are stored on the system we are using as a "file server" so to speak.

Any help ASAP would be nice. I need this up by AM.
0
Tim Berry
Asked:
Tim Berry
1 Solution
 
Tim BerryAuthor Commented:
I could create a user name on the server that is the same as the other users on each pc... but hate to create 40 profiles.....unless this is the only way.

I know a Domain Controller would be best but that is a no go.
0
 
No MoreCommented:
You need proper windows server with Active Directory Domain, where you would make groups of users and set different permissions.

It's same, as with your Group policy issue, Microsoft made it this way for a reason
0
 
yo_beeDirector of ITCommented:
This is a tough one.  If you can stall this project and get trial addition of Windows Server.  You can run it for 180 days until it is running in a inactive mode. I think that will buy you enough time to sell them on Windows Server. Is this even an option?  The authentication process allow will annoy the most patient person.
0
 
NVITCommented:
I haven't fully tested this, but i think it should work. Review the steps below. Then do 1 client and 1 server share to confirm that it works. If so, then do the remaining accounts and shares.

On the server, make your shared folders.
c:\folder\Braille1
c:\folder\Braille2
etc.

On each client user's station...
- Go to Control Panel, Network and Sharing Center and make sure the Network card is attached to Home/Work and NOT Public.

- Go to Advanced Sharing Settings and check / set the following settings:
  * Network Discovery: On
  * File and Printer Sharing: On
  * Public Folder Sharing: Off (for security and disallows HomeGroup)
  * Media Streaming is Off
  * File sharing connections: Use 128-bit encryption.
  * Password protected sharing: On (do NOT avoid passwords)
  * Use User accounts and passwords to connect to other computers (for security and turns HomeGroup Off).

Make file adduser.bat with code below. Save it to a thumb drive.
Notes:
  * As needed, add a line for each user account.
  * I would add just the users needed to each station.
  * But, the server needs all accounts added since it hosts each user's shares.
  * Still, if you add all the users via adduser.bat, you can manually delete unwanted users when you're done.

net user Braille1User password /ADD
net user Braille2User password /ADD
net user Braille3User password /ADD

Open in new window


Logon each station, open a CMD window and run adduser.bat. This creates the user accounts.

On the server, use ICACLS to adjust permissions...

- Open a CMD window.

Replace ACLs with default inherited ACLs - also affects specified folder:
icacls "c:\folder\Braille1" /reset /t

Open in new window


Disable inheritance and copy the existing ACEs:
icacls "c:\folder\Braille1" /inheritance:d /t

Open in new window


If the folders have the Users group, remove them, including sub-folders.
Else they would still be able to see the folders:
icacls "c:\folder\Braille1" /remove:g "Users" /t

Open in new window


Repeat last 3 steps for each Braille* folder/user.

Grant users modify rights to their server's shared folders:
- Run each line below.
- Add a line for each folder/user
icacls "c:\folder\Braille1" /t /inheritance:d /grant Braille1User:M Braille1User:(OI)(CI)(IO)M
icacls "c:\folder\Braille2" /t /inheritance:d /grant Braille2User:M Braille2User:(OI)(CI)(IO)M
icacls "c:\folder\Braille3" /t /inheritance:d /grant Braille3User:M Braille3User:(OI)(CI)(IO)M

Open in new window

0
 
Tim BerryAuthor Commented:
Had to do some additional changes but this was the best work around.  Thank you.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now