XP/2003 Permissions

eLinux

Member
Mar 6, 2003
191
0
0
I know these might be some stupid questions, but I guess I might as well ask...

What is the "everyone" group? Is it literally everyone or just those who DO NOT belong to another group?

I'm trying to set up permissions to all of my important directories on my 2003 server, and also on my Windows XP Pro machine... There are some really confusing things about the way it works. For example, I want one of my computers to share a "downloaded data" directory... When I click "permissions" under the sharing tab, I get only one group that's already there: "Everyone." Further confusing, there's only three options: Full Control, Change, or Read...

I was under the impression that there were *far* more diferent sets of permissiosn: this included read, write, look, "Full Control," modify, and even "Special Permissions."

However, I do see these permissions when I'm in the "securities" tab. Why can't I see them in the sharing tab?

*sigh* I've looked for a "guide" or "howto" on the web but have been unable to find out.

One final question: when I set a certain permission on my Windows 2003 rig, and then I go to access it via the My Network Places on my XP Pro box, an authentication dialogue pops up -- this is good (the way I wanted it). But the problem is that the username is greyed out and set by default to "Guest", and of course that won't work b/c I want to have to type in my own username and password to gain access...

What gives?
 

ITJunkie

Platinum Member
Apr 17, 2003
2,512
0
76
www.techange.com
Originally posted by: eLinux

One final question: when I set a certain permission on my Windows 2003 rig, and then I go to access it via the My Network Places on my XP Pro box, an authentication dialogue pops up -- this is good (the way I wanted it). But the problem is that the username is greyed out and set by default to "Guest", and of course that won't work b/c I want to have to type in my own username and password to gain access...

What gives?

I've ran into this too. Try this: On the Win2003 rig open up Local Security Settings under Administrative Tools. Under "Local Policies" click on Security Options. Scroll down the list until you see: Network Access: Sharing and Security model for Local Accounts. Double click it and you will have a drop down menu where you can change it from "Guest Only" to "Classic - Local users authenticate as themselves".

See if that solves the problem for you.
 

NogginBoink

Diamond Member
Feb 17, 2002
5,322
0
0
Everyone is indeed everyone.

Share permissions are only read, write, and full control.

File permissions get more granular. Share permissions do not. Remeber these are two totally different mechanisms here. The file security permissions are applied by the NTFS filesystem. The share permissions are a function of the server service, not the filesystem.

The effective permissions for a user are the most restrictive of share plus file permissions.
 

stash

Diamond Member
Jun 22, 2000
5,468
0
0
To add to NogginBoink's spot on reply:

Everyone is everyone. This is distinguished from the Authenticated Users group, since it includes the guest account.

Generally, you will want to leave the share permissions at the defaults of Everyone full control. Set the file permissions to limit access to whoever you want. So if you have everyone full control on the share, but only administrators full control on the file permissions, then only users that are members of the administrators group will have access.

 

eLinux

Member
Mar 6, 2003
191
0
0
Awesome!

Your posts have been truly helpful!

Thank you kindly to those who replied. :)