Thread: network access question
View Single Post
  #6  
Old 01-05-2006, 04:04 AM
Steve Winograd [MVP]
 
Posts: n/a
Default Re: network access question
In article <C39CBE99-6B2E-4E9D-8249-6C7B6734ABF1@microsoft.com>,
"nodoz" <nodoz@discussions.microsoft.com> wrote:
>> >> >I want to be clear about this password to access workgroup computers and
>> >> >folders/files.
>> >> >
>> >> >My understanding is this:
>> >> >
>> >> >I create a user for the workgroup computers that exists on the computer
>> >> >trying to acess these files......this profile name has the SAME password or
>> >> >am i not able to duplicate passwords?
>> >> >
>> >> >For example, if userone wants to access computers 2 and 3 in the workgroup,
>> >> >does username need the same name (userone) on all other machines and have the
>> >> >same password or same name but different password?
>> >> >
>> >> >I'm not 100% clear on this and want to get the right advice. Thanks.
>> >>
>> >> If a computer runs Windows XP Home Edition, it automatically grants
>> >> networked access to all users on all computers. There's no need to do
>> >> anything with user names and passwords to access shares on an XP Home
>> >> computer.
>> >>
>> >> If a computer runs Windows XP Professional, the default behavior is
>> >> the same as for XP Home: it automatically grants networked access to
>> >> all users on all computers.
>> >>
>> >> In Windows XP Professional, you can disable simple file sharing and
>> >> control access based on user names and passwords. That requires
>> >> matching user names and passwords on the computer that owns the shares
>> >> and on the computers that access the shares. Ron Lowe and I have
>> >> written a web page with full details:
>> >
>> >thanks Steve I came across that article before you posted back.
>>
>> You're welcome, "nodoz". XP Pro's access control in a workgroup is
>> confusing (it's simpler in a domain), and we did our best to explain
>> it in the article. If you have questions, you know where to find me.
>> :-)
>
>If network users can also login locally to each machine they access on the
>workgroup what does this say about local security or security at all? In a
>workgroup no one's data is safe unless extreme extra measures are taken. Am i
>understanding this right?

You can deny local login rights to a specific user on an XP Pro
machine:

1. Go to Start | Run | secpol.msc.
2. Double click "User Rights Assignment".
3. Double click "Deny logon locally".
4. Click "Add User or Group".
5. Type the user name.
6. Click OK.

The user's name won't appear on the XP Pro machine's Welcome screen.
That user will be able to log onto other computers on the network and
access the XP Pro machine over the network.
--
Best Wishes,
Steve Winograd, MS-MVP (Windows Networking)

Please post any reply as a follow-up message in the news group
for everyone to see. I'm sorry, but I don't answer questions
addressed directly to me in E-mail or news groups.

Microsoft Most Valuable Professional Program
http://mvp.support.microsoft.com
Reply With Quote