Please register or login. There are 0 registered and 1356 anonymous users currently online. Current bandwidth usage: 326.30 kbit/s December 14 - 11:38pm EST 
Hardware Analysis
      
Forums Product Prices
  Contents 
 
 

  Latest Topics 
 

More >>
 

    
 
 

  You Are Here: 
 
/ Forums / Windows Server 2000, 2003, 2008 /
 

  Server 2003 x64 Edition - Sharing/Protecting User-specific folders 
 
 Author 
 Date Written 
 Tools 
FordGT90Concept May 04, 2008, 11:50am EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List Replies: 10 - Views: 2556
I've been trying to sort this for days now and I'm not really getting anywhere. Basically, I want to make user accounts in my server and make virtual directories on the LAN that, when a user tries to access the files, is prompted for a password. The only way another computer can access those files that I have seen is to be added to the Administrators group. I'm clearly missing something but I don't know what.

What I do know:
-Active Directory is installed with it's own domain name (LLLHOME).
-All the other computers are still on a workgroup (HOME).
-User accounts are made in Active Directory. They are members of "Domain User" group.
-Group Policy settings are default except for password requirements (not so strict).
-I shared the folders manually and gave permissions only to the member that is suppsoed to have access.
-I tried modifying the security settings of the folders as well...didn't seem to do anything.
-I made "Shared Folders" in Active Directory that should point to the network folders (e.g. \\server\<name>).
-I tried remote connection into those accounts but I can't log in as those users because of local policy settings (I believe this is good because I do not want users to remote connect--just access to their files on their own computer).

What am I doing wrong? :~


________________________
If I remember what I forgot, I have not forgotten it.
Want to enjoy fewer advertisements and more features? Click here to become a Hardware Analysis registered user.
Beavis Khan May 04, 2008, 12:22pm EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List  
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
Have you checked the inheritance and effective permissions of the share? (Properties -> Security -> Advanced to check inheritance, Effective Permissions tab is in the same dialog) Often times stuff like this is a result of permission inheritance (or lack thereof); I find looking at these two sections is the only reasonable way to sort it out.

____
"For every complex problem, there is a solution that is simple, neat, and wrong."

- H.L. Mencken
FordGT90Concept May 05, 2008, 12:25am EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List  
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
I didn't turn the server back on today...I'll check what you suggested as soon as possible.

________________________
If I remember what I forgot, I have not forgotten it.
FordGT90Concept May 06, 2008, 02:20pm EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List  
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
I think I'll have to format all the computers on the domain and set them up with a remote desktop connection. Apparently, that's the only way for Windows to authenticate a user and provide access to the necessary data. For the time being, users will have to log in as the administrator in order to access their files that are shared via NTFS.

________________________
If I remember what I forgot, I have not forgotten it.
Beavis Khan May 06, 2008, 03:17pm EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List  
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
???

I don't know precisely what you're trying to accomplish, but I think something is either wrong configuration-wise, or you're making this more complicated than it needs to be.

I have an AD domain and a fileserver in my test environment. The fileserver has a share, and all Domain Users are allowed to read/write files on that share. I can connect (Run -> "\\fileserver\share") from any computer in my house, whether joined to the domain or not. You'll be prompted to authenticate with domain credentials, and then you'll gain access to the share. Is this essentially what you're after, or have I missed something (not sure how literally you mean things like home directory)? FWIW, you cannot save an AD password to remap between reboots/disconnects, but otherwise it all works fine.

____
"For every complex problem, there is a solution that is simple, neat, and wrong."

- H.L. Mencken
FordGT90Concept May 07, 2008, 10:13pm EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List

Edited: May 08, 2008, 12:24am EDT

 
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
Ah, I never looked in the File Server role stuff. I installed it and assumed it was all under Active Directory. I'll dig around there soon. :D


Edit: Um, does the File Server stuff require domain and active directory still? I assume yes, just wanted to be sure. I'd rather get rid of the domain if I don't need it.


Edit: Edit: So far, it hasn't worked. The workgroup and domain name are the same name so I'm going to demote/promote it so I can make sure they are different. If that doesn't work. I'm out of ideas again. :(

________________________
If I remember what I forgot, I have not forgotten it.
FordGT90Concept May 08, 2008, 01:10am EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List

Edited: May 08, 2008, 01:15am EDT

 
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
Nope, that didn't help. When I try to login to that share from a workgroup (HOME) computer (BY-2005) to the domain (HORNET) server (SERVER), I always get a "Login unsuccessful" message. It doesn't matter what I put in the password box--it is like it has no idea what to make of the user name.

I should also note that the server is using itself as the DNS. The DNS settings are default (mostly blank). Maybe that has something to do with it.


Edit: It looks and sounds like it is what I need but there is a hurdle to be crossed that is not apparent to me. :(

________________________
If I remember what I forgot, I have not forgotten it.
Beavis Khan May 08, 2008, 08:05am EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List  
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
FordGT90Concept said:
Edit: Um, does the File Server stuff require domain and active directory still? I assume yes, just wanted to be sure. I'd rather get rid of the domain if I don't need it.


Definitely does not require AD to use the File Server role. Obviously you would still need user accounts, but these would be managed via local users and groups instead.

FordGT90Concept said:
Nope, that didn't help. When I try to login to that share from a workgroup (HOME) computer (BY-2005) to the domain (HORNET) server (SERVER), I always get a "Login unsuccessful" message. It doesn't matter what I put in the password box--it is like it has no idea what to make of the user name.


Are you using the fully qualified domain login? Username = HORNET\username, password = whatever?


I should also note that the server is using itself as the DNS. The DNS settings are default (mostly blank). Maybe that has something to do with it.


The only DNS entries should really be for computers joined to AD. Question, though - is the AD server listed as a DNS server for your client computers? Honestly I would expect a different error message if this were the problem, but you should try it - Windows error messages are not always helpful. Make the AD server your client's primary DNS server, move your regular DNS servers to secondary/tertiary, and give it another try.

____
"For every complex problem, there is a solution that is simple, neat, and wrong."

- H.L. Mencken
FordGT90Concept May 08, 2008, 08:55am EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List

Edited: May 08, 2008, 09:01am EDT

 
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
Big Beavis said:
Are you using the fully qualified domain login? Username = HORNET\username, password = whatever?

Yes. I've tried HORNET\username and username@hornet.com--neither work. I've been setting the password to password and requiring the user to change on first login. I think I only saw the change password thing once and that was the Administrative account, not one of the ones I made.


Big Beavis said:
The only DNS entries should really be for computers joined to AD. Question, though - is the AD server listed as a DNS server for your client computers? Honestly I would expect a different error message if this were the problem, but you should try it - Windows error messages are not always helpful. Make the AD server your client's primary DNS server, move your regular DNS servers to secondary/tertiary, and give it another try.

I'll try that. The default DNS being used now is the gateway (router) IP.


Edit: No change. Same login unsuccessful behavior. :(

________________________
If I remember what I forgot, I have not forgotten it.
Beavis Khan May 08, 2008, 09:48am EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List  
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
FordGT90Concept said:
Big Beavis said:
Are you using the fully qualified domain login? Username = HORNET\username, password = whatever?

Yes. I've tried HORNET\username and username@hornet.com--neither work. I've been setting the password to password and requiring the user to change on first login. I think I only saw the change password thing once and that was the Administrative account, not one of the ones I made.


Authenticating to connect to a network share is not the same as a login - you will never be prompted to change your password except via interactive (console or remote desktop) login as far as I know. I don't know if this would make the password effectively invalid for other uses (like connecting to file share), but this could definitely be a problem. Have you tried using an account where the password has either been changed on first login already, or one where the password does not require a change on login?

Kind of figured the DNS thing wouldn't work, but it's good practice to have the AD server listed as a DNS server if it's really running DNS.

____
"For every complex problem, there is a solution that is simple, neat, and wrong."

- H.L. Mencken
FordGT90Concept May 08, 2008, 12:40pm EDT Reply - Quote - Report Abuse
Private Message - Add to Buddy List  
>> Re: Server 2003 x64 Edition - Sharing/Protecting User-specific folders
Pwnage! I set the password to never expire, changed the password to something more secure than "password," and it worked. :D

FordGT90Concept does a happy dance.

________________________
If I remember what I forgot, I have not forgotten it.

Write a Reply >>


 

    
 
 

  Topic Tools 
 
RSS UpdatesRSS Updates
 

  Related Articles 
 
 

  Newsletter 
 
A weekly newsletter featuring an editorial and a roundup of the latest articles, news and other interesting topics.

Please enter your email address below and click Subscribe.