How do I put a password on a folder? Windows Server 2003

[BrunoPuntzJones]

Sounds simple I know, but I guess the specifics are where I'm getting thrown off.

Have 20 employees, 4 directors.

Everyone can see everything on the network. Not a big deal, a lot of folks don't even have computers at home. The only thing users ever need are client spreadsheets, etc. on a folder on the server.

The directors are wanting a folder for them, that only the 4 of them will know how to access. Can't set the permission to only let "User1, User8,..." because the login name and passwords are very basic. Or someone could just wait until a director left, then use their computer.

So there needs to be some sort of way to let a director access the folder (with stuff like salary, expenses, etc.) from any computer. But only they know the password.

Would be nice to just double click on the folder a pop-up asks for the password.

Donkey shame

 

[MrChad]

I suppose you could create a user on the server with permissions to the folder(s) in question, then distribute that user's name and password to the appropriate people.

I'm very confused by your setup, however. Why not set up an Active Directory and manage your users that way? Everyone has their own login, and you can set permissions on file shares for specific logins. Wouldn't that be about 1000 times easier to manage?

 

[BrunoPuntzJones]

Main reason was we were running Novell 3.x up until January of last year. One of the directors wanted to switch to Windows Server 2003. For what reason...other than to say we had a new server with Windows, I don't know. Novell had worked fine the last 15 years...

Is there some sort of way to recover deleted files? What we miss most about Novell. Someone deletes a file by accident, poof, it's gone. Used to just go into the console and undelete, dunno if there is a way to do that now.

Also makes it easier to let everyone have access to everything so the computer guys (me and another guy) don't have to log out and back in under a different name to fix something. Can access anything on the network we need. Handy for when calling tech support, and doesn't interfere with the user's work as much.

 

[MrChad]

Originally posted by: BrunoPuntzJones
Main reason was we were running Novell 3.x up until January of last year. One of the directors wanted to switch to Windows Server 2003. For what reason...other than to say we had a new server with Windows, I don't know. Novell had worked fine the last 15 years...

Is there some sort of way to recover deleted files? What we miss most about Novell. Someone deletes a file by accident, poof, it's gone. Used to just go into the console and undelete, dunno if there is a way to do that now.

Also makes it easier to let everyone have access to everything so the computer guys (me and another guy) don't have to log out and back in under a different name to fix something. Can access anything on the network we need. Handy for when calling tech support, and doesn't interfere with the user's work as much.

Well, one of the reasons may be that NetWare 3.x support has long expired.

You should have a backup plan in place for your servers (preferrably nightly). Beyond that, you can use software such as SharePoint for document management, which will allow you to prevent users from deleting files and let you track changes and manage document versions.

While it may be easier now to just "let everyone access everything," you are opening yourself up to a host of potential problems (not to mention management headaches) as your business continues to grow. I would seriously consider revisiting your network policies now before changing them becomes a lot more complicated.

 

[BrunoPuntzJones]

Well the thing with 3.x was that it run. And it run and run and run. Never a problem. Did what we needed it to, and didn't need anything else.

There is no designated IT guy. Me and the other guy are both tax/audit accountants. He's been here 25 years, and doesn't like that change thing. I've only been here a couple of years. Toss in ideas that would improve things, and folks agree that they are better, but it's usually just kept the same.

We run tape backups, but it's really for a catastrophic failure. Time consuming and a pain to do.

There just isn't the time to make changes now anyway, with it being tax season. Furthermore, they'd much rather us keep things as they are and spend our time charging $125 an hour, than spend it converting users and setting up network stuff and not billing.

And I certainly agree it's not the best way to run things. I run a tighter ship on my home PC and I'm the only one that uses them. But I'm not the captain of this ship. Just following orders.

Sounds like it would be easiest to just make a new user that has access to those folders, give them the login info, and let it accept multiple connections for the same user.

 

[bsobel]

because the login name and passwords are very basic.

Weak passwords are not only a risk from your employees but to attacks from the outside (including worms, some of which look for accounts with simple pw'ds). Assign strong passwords and tell the directors to suck it up.

Or someone could just wait until a director left, then use their computer.

Thats what a usage policy is for. You then fire the person who did this.

Is there some sort of way to recover deleted files?

Check out the 'previous versions' functionality in 2003. It not only lets you recover deleted files, you can recover previous versions of files. Here is a quick intro.

Bill

 

[Nothinman]

Also makes it easier to let everyone have access to everything so the computer guys (me and another guy) don't have to log out and back in under a different name to fix something. Can access anything on the network we need. Handy for when calling tech support, and doesn't interfere with the user's work as much.

And what happens when one of the employees gets pissed off, deletes everything on the network and then quits?

 

[BrunoPuntzJones]

Well by basic, I mean just the method used to determine them. It's a mix of letters and numbers. So to outsiders or hax0rz, it's just as good as anything else. You have to know specific internal firm information.

We do nightly back ups, and will be getting a external hard drive which will ghost the server's drive. So if anyone gets mad and deletes everything, just restore it the next day.

And you can't always tell who is on someone's computer. You may be coming in at 5 am is someone else is going home. Not a set time where you can keep track of everyone.

I read up on the VSS recovery, but doesn't seem to help us much. It's normally a case of "well I worked on this file for an hour. saved it, then came back from lunch and now it's not there" Uh huh...we used to just be able to recover it, but even with the VSS, it looks like you can only do it once an hour, and it'd be a resource hog.

I don't want it to sound like I'm crapping on ideas, just not a whole like I can do. And can't make it transparent since the other tech guy wouldn't like the changes.

Even encrypting a file lets me still access it as the same user. True I can create another user, make the file, and encrypt it. But the director wouldn't want to have to log onto another name to get to the protected file.

Could just make it a hidden file, but we know how to make it show those.

Probably just have to use some 3rd party software

 

[MrChad]

Did you look into Sharepoint?