Solved Selective workgroup sharing, and other problems

paul1149

Member
I'm trying to set up a workgroup share so that only certain users can read, write, and create. And I'm having no success.

I have the same account login across Vista Biz, Win7 h-p, and XP Pro. I have:
  • broken upstream inherited permissions,
  • taken ownership,
  • opened permissions up to that common account, including descendant folders,
  • under Sharing I have deleted Everyone and added the account with the common login, with Writing rights.
There are several fatal problems.
  • First, the other machines can see, but cannot access the share at all, and don't even get the chance to log in for it. It just says access denied.
  • Second, there is no way to apply Share status to all descendants. They are not transferred along with Permissions. One must go through each folder manually.
  • Third, the Share settings I made last night - and reopened the Properties sheet to verify - were completely gone this morning. It was as if I had never been there.
I've been up against these problems before in Win7, but it's coming to a head now. If I can't get this to work, I can only conclude that Windows sharing on the workgroup level is horribly broken and deficient, and one must either open up to Everyone, or no one can gain access, or use a level of Windows that supports domains.
 

My Computer

System One

  • Manufacturer/Model
    dell precision
    Memory
    2G ddr2
    Graphics Card(s)
    matrox
I won't pretend I know much about sharing, but are all the accounts on the computers that are trying to access each other administrators? Try doing it with UAC off on both (or all) computers (Vista and 7 only). Other than that, I didn't even know it was possible to customize permissions on a per-account basis, I always though it was a per-computer basis. But I'll stick around and help as best I can until someone more knowledgeable comes along :)
 

My Computer

System One

  • Manufacturer/Model
    Dell Inspiron 1545
    CPU
    Intel Core 2 Duo T6400 @ 2.00 GHz
    Motherboard
    DELL - 27d90219 Phoenix ROM BIOS PLUS Version 1.10 A05
    Memory
    4 GB
    Graphics Card(s)
    Mobile Intel(R) 4 Series Express Chipset Family
    Sound Card
    IDT High Definition Audio CODEC
    Monitor(s) Displays
    Generic PnP Monitor (DPMS), 15.3" (34cm x 19cm)
    Screen Resolution
    1366x768
    Hard Drives
    Internal 320 GB
    Portable 320 GB used for separate storage of media, plugged into USB port as needed.
    Cooling
    Single built in fan
    Keyboard
    Built in
    Mouse
    Touchpad, + Logitech wireless mouse (USB)
    Internet Speed
    ~150 kilobytes/sec DL
    Other Info
    Usually have low HD free space left (<10 GB), often left on overnight. I really push its capabilities.
Thank you, Slammer. All the common-login accounts are administrative, and UAC is turned off on both the boxes.

Workgroup selective sharing is supposed to be possible. The best detailed instructions I've seen are from MS, with regard to sharing user files of their defunct Office Accounting program.

I just reread them, and went and turned ON password-enabled sharing, thinking maybe I needed that support for the logins to happen. But I don't see any difference:

Windows cannot access \\.......
You do not have permission to acess \\.... Contact your network admin...


I think I could live with a per-machine basis, but I see no way to get even that going.

p.
 

My Computer

System One

  • Manufacturer/Model
    dell precision
    Memory
    2G ddr2
    Graphics Card(s)
    matrox
Oooh that's actually something completely different from what I was thinking of. Are you using this for your home on personal computers, or in a work setting like that article says? If it's just for home use, you could consider simple network sharing. (I'm not sure what the technical name for it is) Basically, you enable sharing in folders on you computer (the most common and default is Shared Documents; C:\Users\Public\Documents in Vista and 7, not sure about XP) but you can set it up on any folder on your computer. Then you just view the computers on your network, and there should be that folder visible and accessible from you other computers. Access to these folders can also be locked by requiring the login info for an account on the computer. If you think this is something that might work, I'll give you more detail on setting it up that way. Otherwise, you'll probably just have to wait for someone familiar with what you're trying to do, since I know nothing about it :)

Other than that, the only simple issue I can think of is maybe a problem with routing ports on your router/modem that might be causing problems, or a firewall of antivirus that interfering.
 

My Computer

System One

  • Manufacturer/Model
    Dell Inspiron 1545
    CPU
    Intel Core 2 Duo T6400 @ 2.00 GHz
    Motherboard
    DELL - 27d90219 Phoenix ROM BIOS PLUS Version 1.10 A05
    Memory
    4 GB
    Graphics Card(s)
    Mobile Intel(R) 4 Series Express Chipset Family
    Sound Card
    IDT High Definition Audio CODEC
    Monitor(s) Displays
    Generic PnP Monitor (DPMS), 15.3" (34cm x 19cm)
    Screen Resolution
    1366x768
    Hard Drives
    Internal 320 GB
    Portable 320 GB used for separate storage of media, plugged into USB port as needed.
    Cooling
    Single built in fan
    Keyboard
    Built in
    Mouse
    Touchpad, + Logitech wireless mouse (USB)
    Internet Speed
    ~150 kilobytes/sec DL
    Other Info
    Usually have low HD free space left (<10 GB), often left on overnight. I really push its capabilities.
Yes, it is for home use at this point. As for simple file sharing, I came across THIS from MS, which seems to entail turning on password sharing, and then adding Everyone to Sharing permissions.

Is that the key? Opening it up to Everyone, but then requiring passwords? And only including the desired access accounts on the "server"? Because if that works, it's pretty simple and doable.
 

My Computer

System One

  • Manufacturer/Model
    dell precision
    Memory
    2G ddr2
    Graphics Card(s)
    matrox
Yup, that's pretty much it, as far as my experience goes :)
 

My Computer

System One

  • Manufacturer/Model
    Dell Inspiron 1545
    CPU
    Intel Core 2 Duo T6400 @ 2.00 GHz
    Motherboard
    DELL - 27d90219 Phoenix ROM BIOS PLUS Version 1.10 A05
    Memory
    4 GB
    Graphics Card(s)
    Mobile Intel(R) 4 Series Express Chipset Family
    Sound Card
    IDT High Definition Audio CODEC
    Monitor(s) Displays
    Generic PnP Monitor (DPMS), 15.3" (34cm x 19cm)
    Screen Resolution
    1366x768
    Hard Drives
    Internal 320 GB
    Portable 320 GB used for separate storage of media, plugged into USB port as needed.
    Cooling
    Single built in fan
    Keyboard
    Built in
    Mouse
    Touchpad, + Logitech wireless mouse (USB)
    Internet Speed
    ~150 kilobytes/sec DL
    Other Info
    Usually have low HD free space left (<10 GB), often left on overnight. I really push its capabilities.
Wow. If that works, I nominate myself for dunce of the year, for wasting way too much time not getting it.

Let me run that through some testing, and get back. This wouldn't solve my other two problems, but it would be a major step forward. I'll get back..

Thanks,
p.
 

My Computer

System One

  • Manufacturer/Model
    dell precision
    Memory
    2G ddr2
    Graphics Card(s)
    matrox
No problem, take your time.
 

My Computer

System One

  • Manufacturer/Model
    Dell Inspiron 1545
    CPU
    Intel Core 2 Duo T6400 @ 2.00 GHz
    Motherboard
    DELL - 27d90219 Phoenix ROM BIOS PLUS Version 1.10 A05
    Memory
    4 GB
    Graphics Card(s)
    Mobile Intel(R) 4 Series Express Chipset Family
    Sound Card
    IDT High Definition Audio CODEC
    Monitor(s) Displays
    Generic PnP Monitor (DPMS), 15.3" (34cm x 19cm)
    Screen Resolution
    1366x768
    Hard Drives
    Internal 320 GB
    Portable 320 GB used for separate storage of media, plugged into USB port as needed.
    Cooling
    Single built in fan
    Keyboard
    Built in
    Mouse
    Touchpad, + Logitech wireless mouse (USB)
    Internet Speed
    ~150 kilobytes/sec DL
    Other Info
    Usually have low HD free space left (<10 GB), often left on overnight. I really push its capabilities.
Wow. This is the simple answer for sharing. But there are drawbacks.

  • Finally, the shares are opened up to anyone who can log in with an account local to the "server".
  • But, that means that all shares on the server are open to that user. The only selection is per user, not per share.
  • Also, I guess my concept of Share status is different from MS'es. When I accessed the share remotely, the subfolder were indeed shared. I have no idea why MS does not visibly carry Share status over to descendants on the server. This means, I believe, that no subfolder of a share can be excluded from being shared; it's automatically set to Shared.
  • Lastly, I have no idea why my settings were not persistent. I've had this happen before, on my Win7 machine. I'm on an external drive, USB, but that shouldn't matter. The drive is NTFS, so it should be well able to store ADS info.

Slammer, I nominate you for VistaX64 Network Person of the Day! Thank you for your input.

Paul
 

My Computer

System One

  • Manufacturer/Model
    dell precision
    Memory
    2G ddr2
    Graphics Card(s)
    matrox
Haha thanks, maybe I'll mention that to one of the admins :) Did you mess with the Advanced Sharing Settings? There might be more options in there. And thanks for the rep!

Glad to hear you got it all figured out. :)
 

My Computer

System One

  • Manufacturer/Model
    Dell Inspiron 1545
    CPU
    Intel Core 2 Duo T6400 @ 2.00 GHz
    Motherboard
    DELL - 27d90219 Phoenix ROM BIOS PLUS Version 1.10 A05
    Memory
    4 GB
    Graphics Card(s)
    Mobile Intel(R) 4 Series Express Chipset Family
    Sound Card
    IDT High Definition Audio CODEC
    Monitor(s) Displays
    Generic PnP Monitor (DPMS), 15.3" (34cm x 19cm)
    Screen Resolution
    1366x768
    Hard Drives
    Internal 320 GB
    Portable 320 GB used for separate storage of media, plugged into USB port as needed.
    Cooling
    Single built in fan
    Keyboard
    Built in
    Mouse
    Touchpad, + Logitech wireless mouse (USB)
    Internet Speed
    ~150 kilobytes/sec DL
    Other Info
    Usually have low HD free space left (<10 GB), often left on overnight. I really push its capabilities.
Ok, I've been studying this thing more closely. And it appears that it is possible to share on a per-group and even per-user basis

The basic setup is this:
  • Enable network discovery and password sharing
  • Clone desired remote accounts on the "server" machine.
  • Enable suitable permissions in both the file system and sharing.
These two sets of permissions work in series - either one will block acess. The NTFS permissions allow for much greater granularity than the sharing permissions.

I don't understand why I haven't had success in this before, as I've tried this so many times - or at least I think I did.

Note that this is still a fairly clunky system. Prepare to have your Welcome Screen peppered with LAN accounts, depending on how many different users you need to authorize. And I can see the NTFS permissions dialog getting messy indeed.

Descendants are automatically shared. Even if they say they aren't. Maybe MS could come up with a somewhat better system than that?

The other problem I still have is disappearing permissions. I thought I broke inherited upstream permissions yesterday, but I'm not certain. But it's broken for sure now. If these permissions disappear, I've got file system corruption. In fact, I've scheduled a chkdsk /f at the next boot.

Thanks again, Slammer. You got me going on the right road.

p.
 

My Computer

System One

  • Manufacturer/Model
    dell precision
    Memory
    2G ddr2
    Graphics Card(s)
    matrox
One last postscript. It turns out the sharing status of the drive not being remember is due to a faulty external enclosure. As soon as I tethered the drive via some wires, all the shares I had established were recognized, including multiples on the same location. I actually had to delete some.

So for some reason, the enclosure established the shares, but then did not recognize them after a boot. Looks like it's time for a new enclosure.

Be well,
p.
 

My Computer

System One

  • Manufacturer/Model
    dell precision
    Memory
    2G ddr2
    Graphics Card(s)
    matrox
I'll admit a lot of that went over my head, but I'm sure someone will find this information very useful at some point, you seem to have invested a lot of research and time into this. Thanks for posting it :)
 

My Computer

System One

  • Manufacturer/Model
    Dell Inspiron 1545
    CPU
    Intel Core 2 Duo T6400 @ 2.00 GHz
    Motherboard
    DELL - 27d90219 Phoenix ROM BIOS PLUS Version 1.10 A05
    Memory
    4 GB
    Graphics Card(s)
    Mobile Intel(R) 4 Series Express Chipset Family
    Sound Card
    IDT High Definition Audio CODEC
    Monitor(s) Displays
    Generic PnP Monitor (DPMS), 15.3" (34cm x 19cm)
    Screen Resolution
    1366x768
    Hard Drives
    Internal 320 GB
    Portable 320 GB used for separate storage of media, plugged into USB port as needed.
    Cooling
    Single built in fan
    Keyboard
    Built in
    Mouse
    Touchpad, + Logitech wireless mouse (USB)
    Internet Speed
    ~150 kilobytes/sec DL
    Other Info
    Usually have low HD free space left (<10 GB), often left on overnight. I really push its capabilities.
A lot of it went over my head too! But I did learn a bunch. The permissions and such are stored in Alternate Data streams - which are reserved portions of each sector, under the NTFS scheme. This is why you can take a flash drive to another computer, and its permissions will be respected. Why this enclosure isn't reading the Sharing status afresh each time it boots up is beyond me (maybe it has the ability to break into permissions as well? That could be valuable.)

The multiples thing I mentioned is under Vista/7 Advanced Sharing for containers, where one can designate multiple share names for the same container, and give each one independent properties. I'm not sure what that's good for, but in all my repetitive testing I had accumulated a couple of profiles for the drive, neither of which showed when it was in the enclosure, but both of which showed when I used a loose wire adapter to tether the drive.

This certainly has been a learning experience. Seems like I have many of them on my plate these days!

Be well,
p.
 

My Computer

System One

  • Manufacturer/Model
    dell precision
    Memory
    2G ddr2
    Graphics Card(s)
    matrox
Another addendum. The external drive's sharing problem was solved by doing a chkdsk. I couldn't do one in Vista (since fixed, I think), but XP had no problem and that's where I fixed it. Some bad sector business was tying up the ADSes.

Be well,
p.
 

My Computer

System One

  • Manufacturer/Model
    dell precision
    Memory
    2G ddr2
    Graphics Card(s)
    matrox
Back
Top