Solved

Folder permissions on peer to peer windows 7

Posted on 2016-10-25
5
58 Views
Last Modified: 2016-10-26
I have a peer to peer environment on Windows 7 Pro.

\\Braille-Server   is the PC to be used as a file server
\\Brialle-Server\shared  is the folder to hold all user folders (I will prob relocate their My Documents to this folder)
In the shared folder are the following folders

Braille1, Braille2 Braille3 and so on.  SO it would be something like this:
\\Brialle-Server\shared\Braille1
\\Brialle-Server\shared\Braille2
\\Brialle-Server\shared\Braille3

Other computers on the network are named
\\Braille1   \\Braille2  and so on.

Example

On \\Braille-Server\Shared\Braille10 -the ONLY user that should be able to see read/write/delete/modify(full controll)  is the user from the the pc  \\Braille10\USERNAME    I do not want users on the other computers to access this guys folders and files that are stored on the system we are using as a "file server" so to speak.

Any help ASAP would be nice. I need this up by AM.
0
Comment
Question by:Tim Berry
5 Comments
 
LVL 1

Author Comment

by:Tim Berry
ID: 41859527
I could create a user name on the server that is the same as the other users on each pc... but hate to create 40 profiles.....unless this is the only way.

I know a Domain Controller would be best but that is a no go.
0
 
LVL 7

Expert Comment

by:No More
ID: 41859537
You need proper windows server with Active Directory Domain, where you would make groups of users and set different permissions.

It's same, as with your Group policy issue, Microsoft made it this way for a reason
0
 
LVL 22

Expert Comment

by:yo_bee
ID: 41859631
This is a tough one.  If you can stall this project and get trial addition of Windows Server.  You can run it for 180 days until it is running in a inactive mode. I think that will buy you enough time to sell them on Windows Server. Is this even an option?  The authentication process allow will annoy the most patient person.
0
 
LVL 24

Accepted Solution

by:
NVIT earned 500 total points
ID: 41859722
I haven't fully tested this, but i think it should work. Review the steps below. Then do 1 client and 1 server share to confirm that it works. If so, then do the remaining accounts and shares.

On the server, make your shared folders.
c:\folder\Braille1
c:\folder\Braille2
etc.

On each client user's station...
- Go to Control Panel, Network and Sharing Center and make sure the Network card is attached to Home/Work and NOT Public.

- Go to Advanced Sharing Settings and check / set the following settings:
  * Network Discovery: On
  * File and Printer Sharing: On
  * Public Folder Sharing: Off (for security and disallows HomeGroup)
  * Media Streaming is Off
  * File sharing connections: Use 128-bit encryption.
  * Password protected sharing: On (do NOT avoid passwords)
  * Use User accounts and passwords to connect to other computers (for security and turns HomeGroup Off).

Make file adduser.bat with code below. Save it to a thumb drive.
Notes:
  * As needed, add a line for each user account.
  * I would add just the users needed to each station.
  * But, the server needs all accounts added since it hosts each user's shares.
  * Still, if you add all the users via adduser.bat, you can manually delete unwanted users when you're done.

net user Braille1User password /ADD
net user Braille2User password /ADD
net user Braille3User password /ADD

Open in new window


Logon each station, open a CMD window and run adduser.bat. This creates the user accounts.

On the server, use ICACLS to adjust permissions...

- Open a CMD window.

Replace ACLs with default inherited ACLs - also affects specified folder:
icacls "c:\folder\Braille1" /reset /t

Open in new window


Disable inheritance and copy the existing ACEs:
icacls "c:\folder\Braille1" /inheritance:d /t

Open in new window


If the folders have the Users group, remove them, including sub-folders.
Else they would still be able to see the folders:
icacls "c:\folder\Braille1" /remove:g "Users" /t

Open in new window


Repeat last 3 steps for each Braille* folder/user.

Grant users modify rights to their server's shared folders:
- Run each line below.
- Add a line for each folder/user
icacls "c:\folder\Braille1" /t /inheritance:d /grant Braille1User:M Braille1User:(OI)(CI)(IO)M
icacls "c:\folder\Braille2" /t /inheritance:d /grant Braille2User:M Braille2User:(OI)(CI)(IO)M
icacls "c:\folder\Braille3" /t /inheritance:d /grant Braille3User:M Braille3User:(OI)(CI)(IO)M

Open in new window

0
 
LVL 1

Author Closing Comment

by:Tim Berry
ID: 41860721
Had to do some additional changes but this was the best work around.  Thank you.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question