Forum Discussion
Simple network file sharing authentication
Hi - I have several computers on a home network. I want one other user share a folder on my computer, without allowing anyone else, and without creating a login for this user on my PC. How do I do this?
In more detail:
PC1 ... PC5 are on a home network. I wish only user U2 on PC2 to access my drive F: . I turn on Sharing for F: . However, I don't want to give U2 a login on my PC1. I cant use 'Everybody' in the permissions list because that would allow U3 and U4 and U5 to access F: . So I enter PC2\U2 in the shared permission list for F: . But it does not accept PC2\U2. How do I make this work?
Thanks to all!
9 Replies
- Brom I respect your deep thinking regarding this simple file share but if your not "sharing the folder" then its already as secure as your environment will get. In conclusion if i understand your post your only making a folder for you/your username not some other user/name that belongs to another user. You dont strike me as a person who doesnt have a password so I wont waste your time asking if you do.
- I have a folder X on my PC1. I want user U2 or U3 on PC2 to be able to access X. But deny access to user U4 on PC2.
- Brom your gonna want to run "MMC" If you press windows key+r then type mmc in the box then press enter a console while pop up. in the console click "file" then "add snap in" the snap in you want is labeled "local users and groups" In your small environment i would then create your own group and name it whatever makes most sense to you and then add these few users with there computer name into the group you created. After this is complete go to the folder you are trying to share and right click it then click "sharing" next click "share" and in the drop down box select the custom group you just created in MMC. You could go as far as only allowing a certain number of users to access the folder or files at the same time. A good security measure would be to not allow anymore users access simultaneously then you are wanting to allow in total to start with. I just dont want to give and more loop holes then a home network outside of a Domain controlled active directory already has. Im sure this will work perfectly for you but if not shout back at me and we will square it away. there are plenty of ways to achieve what your after here.
I believe you are using 'local account', in view of this we may consider 'deny logon locally' for U2 in PC1
- Not sure what you mean. Is there such a thing as a 'remote account'? And are you saying by using a remote account, I can achieve what I need? How?
Thanks
- Just because you make a login on your PC doesn't mean that the user has to use it to actually log on to your PC. It can just be used for sharing if you don't tell the user what the password is to prevent them logging on to your computer with it.
Using the command netplwiz.exe & choosing "without a Microsoft account" & then "Local account" will let you simply create a name & password. Then use yourPCname\U2 from their end to access the shared drive. Tick the remember password box. π
It's a lot safer to share a folder on F: drive than the whole drive even if you put everything on that drive in a single folder. That way, the only damage that can be done is inside that one folder (possibly named "Shared" so you don't forget in several years).Thanks! If I understand correctly, I first create a login for U2 on PC1, without giving out the password.
Instead of adding a user account PC1/U2, I can use netplwiz.exe to create said account without the usual overhead and desktop etc. What if U2 discovers the password and tries to login. What happens if I use netplwiz?A hacker on PC3 can rename the PC to PC2 and create a U2 account and get access to the folder?
I am surprised that MS is delinquent in offering an intelligent solution to this very common problem. For example - no account to be created, but if I add PC2\U2 to the permission list, I will have to assign a password to it. When PC2/U2 wishes to access the folder, s/he will have to enter that password.
I get a little unnerved creating an account on my PC and hoping another user will not discover or guess his/her password. There is always a non-zero probability that may happen. And the login screen now has 5 people listed besides me.
