Solved

Folder permissions on peer to peer windows 7

Posted on 2016-10-25
5
71 Views
Last Modified: 2016-10-26
I have a peer to peer environment on Windows 7 Pro.

\\Braille-Server   is the PC to be used as a file server
\\Brialle-Server\shared  is the folder to hold all user folders (I will prob relocate their My Documents to this folder)
In the shared folder are the following folders

Braille1, Braille2 Braille3 and so on.  SO it would be something like this:
\\Brialle-Server\shared\Braille1
\\Brialle-Server\shared\Braille2
\\Brialle-Server\shared\Braille3

Other computers on the network are named
\\Braille1   \\Braille2  and so on.

Example

On \\Braille-Server\Shared\Braille10 -the ONLY user that should be able to see read/write/delete/modify(full controll)  is the user from the the pc  \\Braille10\USERNAME    I do not want users on the other computers to access this guys folders and files that are stored on the system we are using as a "file server" so to speak.

Any help ASAP would be nice. I need this up by AM.
0
Comment
Question by:Tim Berry
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 1

Author Comment

by:Tim Berry
ID: 41859527
I could create a user name on the server that is the same as the other users on each pc... but hate to create 40 profiles.....unless this is the only way.

I know a Domain Controller would be best but that is a no go.
0
 
LVL 7

Expert Comment

by:No More
ID: 41859537
You need proper windows server with Active Directory Domain, where you would make groups of users and set different permissions.

It's same, as with your Group policy issue, Microsoft made it this way for a reason
0
 
LVL 23

Expert Comment

by:yo_bee
ID: 41859631
This is a tough one.  If you can stall this project and get trial addition of Windows Server.  You can run it for 180 days until it is running in a inactive mode. I think that will buy you enough time to sell them on Windows Server. Is this even an option?  The authentication process allow will annoy the most patient person.
0
 
LVL 24

Accepted Solution

by:
NVIT earned 500 total points
ID: 41859722
I haven't fully tested this, but i think it should work. Review the steps below. Then do 1 client and 1 server share to confirm that it works. If so, then do the remaining accounts and shares.

On the server, make your shared folders.
c:\folder\Braille1
c:\folder\Braille2
etc.

On each client user's station...
- Go to Control Panel, Network and Sharing Center and make sure the Network card is attached to Home/Work and NOT Public.

- Go to Advanced Sharing Settings and check / set the following settings:
  * Network Discovery: On
  * File and Printer Sharing: On
  * Public Folder Sharing: Off (for security and disallows HomeGroup)
  * Media Streaming is Off
  * File sharing connections: Use 128-bit encryption.
  * Password protected sharing: On (do NOT avoid passwords)
  * Use User accounts and passwords to connect to other computers (for security and turns HomeGroup Off).

Make file adduser.bat with code below. Save it to a thumb drive.
Notes:
  * As needed, add a line for each user account.
  * I would add just the users needed to each station.
  * But, the server needs all accounts added since it hosts each user's shares.
  * Still, if you add all the users via adduser.bat, you can manually delete unwanted users when you're done.

net user Braille1User password /ADD
net user Braille2User password /ADD
net user Braille3User password /ADD

Open in new window


Logon each station, open a CMD window and run adduser.bat. This creates the user accounts.

On the server, use ICACLS to adjust permissions...

- Open a CMD window.

Replace ACLs with default inherited ACLs - also affects specified folder:
icacls "c:\folder\Braille1" /reset /t

Open in new window


Disable inheritance and copy the existing ACEs:
icacls "c:\folder\Braille1" /inheritance:d /t

Open in new window


If the folders have the Users group, remove them, including sub-folders.
Else they would still be able to see the folders:
icacls "c:\folder\Braille1" /remove:g "Users" /t

Open in new window


Repeat last 3 steps for each Braille* folder/user.

Grant users modify rights to their server's shared folders:
- Run each line below.
- Add a line for each folder/user
icacls "c:\folder\Braille1" /t /inheritance:d /grant Braille1User:M Braille1User:(OI)(CI)(IO)M
icacls "c:\folder\Braille2" /t /inheritance:d /grant Braille2User:M Braille2User:(OI)(CI)(IO)M
icacls "c:\folder\Braille3" /t /inheritance:d /grant Braille3User:M Braille3User:(OI)(CI)(IO)M

Open in new window

0
 
LVL 1

Author Closing Comment

by:Tim Berry
ID: 41860721
Had to do some additional changes but this was the best work around.  Thank you.
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question