Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Folder permissions on peer to peer windows 7

Posted on 2016-10-25
5
Medium Priority
?
92 Views
Last Modified: 2016-10-26
I have a peer to peer environment on Windows 7 Pro.

\\Braille-Server   is the PC to be used as a file server
\\Brialle-Server\shared  is the folder to hold all user folders (I will prob relocate their My Documents to this folder)
In the shared folder are the following folders

Braille1, Braille2 Braille3 and so on.  SO it would be something like this:
\\Brialle-Server\shared\Braille1
\\Brialle-Server\shared\Braille2
\\Brialle-Server\shared\Braille3

Other computers on the network are named
\\Braille1   \\Braille2  and so on.

Example

On \\Braille-Server\Shared\Braille10 -the ONLY user that should be able to see read/write/delete/modify(full controll)  is the user from the the pc  \\Braille10\USERNAME    I do not want users on the other computers to access this guys folders and files that are stored on the system we are using as a "file server" so to speak.

Any help ASAP would be nice. I need this up by AM.
0
Comment
Question by:Tim Berry
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 1

Author Comment

by:Tim Berry
ID: 41859527
I could create a user name on the server that is the same as the other users on each pc... but hate to create 40 profiles.....unless this is the only way.

I know a Domain Controller would be best but that is a no go.
0
 
LVL 7

Expert Comment

by:No More
ID: 41859537
You need proper windows server with Active Directory Domain, where you would make groups of users and set different permissions.

It's same, as with your Group policy issue, Microsoft made it this way for a reason
0
 
LVL 23

Expert Comment

by:yo_bee
ID: 41859631
This is a tough one.  If you can stall this project and get trial addition of Windows Server.  You can run it for 180 days until it is running in a inactive mode. I think that will buy you enough time to sell them on Windows Server. Is this even an option?  The authentication process allow will annoy the most patient person.
0
 
LVL 25

Accepted Solution

by:
NVIT earned 2000 total points
ID: 41859722
I haven't fully tested this, but i think it should work. Review the steps below. Then do 1 client and 1 server share to confirm that it works. If so, then do the remaining accounts and shares.

On the server, make your shared folders.
c:\folder\Braille1
c:\folder\Braille2
etc.

On each client user's station...
- Go to Control Panel, Network and Sharing Center and make sure the Network card is attached to Home/Work and NOT Public.

- Go to Advanced Sharing Settings and check / set the following settings:
  * Network Discovery: On
  * File and Printer Sharing: On
  * Public Folder Sharing: Off (for security and disallows HomeGroup)
  * Media Streaming is Off
  * File sharing connections: Use 128-bit encryption.
  * Password protected sharing: On (do NOT avoid passwords)
  * Use User accounts and passwords to connect to other computers (for security and turns HomeGroup Off).

Make file adduser.bat with code below. Save it to a thumb drive.
Notes:
  * As needed, add a line for each user account.
  * I would add just the users needed to each station.
  * But, the server needs all accounts added since it hosts each user's shares.
  * Still, if you add all the users via adduser.bat, you can manually delete unwanted users when you're done.

net user Braille1User password /ADD
net user Braille2User password /ADD
net user Braille3User password /ADD

Open in new window


Logon each station, open a CMD window and run adduser.bat. This creates the user accounts.

On the server, use ICACLS to adjust permissions...

- Open a CMD window.

Replace ACLs with default inherited ACLs - also affects specified folder:
icacls "c:\folder\Braille1" /reset /t

Open in new window


Disable inheritance and copy the existing ACEs:
icacls "c:\folder\Braille1" /inheritance:d /t

Open in new window


If the folders have the Users group, remove them, including sub-folders.
Else they would still be able to see the folders:
icacls "c:\folder\Braille1" /remove:g "Users" /t

Open in new window


Repeat last 3 steps for each Braille* folder/user.

Grant users modify rights to their server's shared folders:
- Run each line below.
- Add a line for each folder/user
icacls "c:\folder\Braille1" /t /inheritance:d /grant Braille1User:M Braille1User:(OI)(CI)(IO)M
icacls "c:\folder\Braille2" /t /inheritance:d /grant Braille2User:M Braille2User:(OI)(CI)(IO)M
icacls "c:\folder\Braille3" /t /inheritance:d /grant Braille3User:M Braille3User:(OI)(CI)(IO)M

Open in new window

0
 
LVL 1

Author Closing Comment

by:Tim Berry
ID: 41860721
Had to do some additional changes but this was the best work around.  Thank you.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question