Sharing a folder in Windows XP to Everyone and giving specific permission to a particular user to a sub folder
Report abuse
Thank you.
Reported content has been submitted
Hi Dominic,
The issue you posted would be better suited in the TechNet Forums. I would recommend posting your query in the TechNet Forums.
TechNet Forum
http://social.technet.microsoft.com/Forums/en-US/category/windowsxpitpro
Hope this helps.
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
Hi Imran
Thank you for your response.
Regards
Dominic
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
Hi
I posted in TechNet Forum 5 days bfore. Till now i didnt get any reply from anybody. Any possible solutions from anyone ?
Regards
Dominic
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
The first is that there might be a local user "User1" created on the XP or Win7 machine as well as the "domain/User1" user in the domain. The local and domain "User1"s would be recognized as two different users as far as file access is concerned. So when you set the file permissions, you would need to specify "domainname\User1" or "MachineA\User1" to differentiate the user and get the correct user. You may have already done this, but it is not clear in your description.
The second is that there might be an pre-existing connection between Machine B to Machine A perhaps created by another user on Machine B. Windows will only allow a single concurrent authenticated connection between any given two machines. Before attempting the connection, you may want to verify that there are no existing connections by bringing up a command prompt window and entering the command:
net use
This will show existing connections. Make sure to close existing connections before opening a connection with the User1 authentication. Another way to show current connections is to do the following on the XP machine:
Right-Click "My Computer" -> Manage -> System Tools -> Shared Folders -> Sessions
This will show current active sessions connecting to the XP machine and the authentication. Make sure the "Guest" column does not say "Yes".
In any event, I find that generally using the command prompt window generates better errors than the GUI when connecting to another machine. From Machine B, try bringing up a command window and connect to machine A using the "net use" syntax:
net use * \\MachineA\ShareName password /user:DomainName\User1
(assuming you wish to connect with domain User credentials). If you omit the password, it should ask. If it has a problem, it should give you a descriptive error. (Caveat: I don't have much experience with Windows 7. I am assuming that the command line syntax hasn't changed much since XP)
Hopefully some of the above will be helpful.
-- JW
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
Hi Wunders
Thank you for your reply.
1. There is no local user named 'User1' in Machine A and Machine B
2. There was one pre-Existing connection from Machine B to Machine A. I cleared that connection. I used net use * /delete
3. I used net use \\machineA\ShareName /user:DomainName\User1
The command completed sucessfully. It didnt ask for any password.
4. I cleared the "inheritable from parent" checkbox for that particular sub folder. [Tried in both ways, with that check box checked and unchecked]
But still i am not able to modify the file.
Regards
Dominic
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
Wow, I duplicated your steps and was surprised when I had the same problem that you have. After a bunch of experimentation, I believe I've come up with a solution (at least it worked in my duplicated case). Apparently there are two "layers" of security at play here. One being the file/folder security level which you have correctly set to allow User1 to write/change things in the folder. The other layer is the networking security layer that is not quite so apparent. This is the layer that was set when you right-clicked on the top-level folder and selected "share this folder".
The solution that worked for me: Go to the top-level folder that you shared on your computer, right-click on it, and select:
Sharing and Security -> Sharing (Tab) -> Permissions (button)
In the screen that pops up, you probably show only "Everyone" with only Read permission. At this point, click on the "Add" button and in the screen that pops up, type in:
DomainName\User1
then "OK". You will see User1 appear on the list. Click on User1 and then select "Full Control" in the bottom window, then "OK" your way out. This will not change any file or folder security on any item in the "Security" tab, but will allow User1 to make changes if the file/folder level security allows it.
It worked for me... I hope it solves your problem, too.
-- JW
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
Hi Wunders
Thank you very much for spending your precious time. I will check it and update you the status.
Regards
Dominic
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
Hi Wunders
Sorry for this late reply. I tried your suggestions. It will work. But I have some doubts in this.
1. If i give the full permission to User1 in Share, user1 will get the full permission to all folders under this shared folder. To restrict the permission to a particular folder, i need to go to that subfolder and deny the permission to user1.
2. This will be more tedious if there are 100's of folders and more than 100 users.
3. In windows7 it is very easy. Ie. What i did is that, i shared the folder to 'Everyone' with 'Read' only permission. Now all the users have only readonly permission. But if i added one user in any subfolder and grant edit permssion, that user will get the edit permission. If i want to deny the edit permission , just to remove the user entry from security tab[ by default 'Everyone' have read permission].
But in Windows XP, it is just opposite. I need to add 100 users [or Authenticated Users] while sharing the folder and grant full permission. Then to make all folders read only, i need to go to each folder and deny all permission execpt read permission to each user.
I dont know why this difference. I thought there will be some workarounds to make it like Windows 7. Any official microsoft documentation regarding the change in Sharing Security from Windows XP to Windows 7 ?. I coudnt find anything more specific to sharing security change.
Regards
Dominic
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
Sharing and Security -> Sharing (Tab) -> Permissions ->
and then give "Everyone" Full control. This will give everyone the potential for full control, but you can easily dial that back with file/folder level security. One day you may want to add a "suggestion box" folder that everyone might need to write to and this would allow that.
After you do the above, again right-click on the top level folder and select:
Sharing and Security -> Security (Tab) -> Advanced
Then change the security such that "Everyone" has "Read Only" access. Eliminate other non-desired users/groups. Check the "Replace permission entries on all child objects...." box and click "OK". This will restrict access to everything in and under this folder to Read-only access to Everyone. Now you can go to a given lower-level folder and give a specific user added permission to that folder only. Avoid the "deny" permissions as it takes precedence over "allow" which is not usually what you want. This doesn't sound far off from what you say Win7 does.
If there is a group of users that you want to give write permission to, you can create a "maintain" Group at the domain level, add those users into the group, and simply give that Group write permission where necessary... it eliminates the need to add tens of users to the permissions if they need to write a particular directory.
"How to set, view, change, or remove special permissions for files and folders in Windows XP"
< http://support.microsoft.com/kb/308419 >
HTH,
JW
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
Question Info
Last updated December 1, 2023 Views 1,828 Applies to: