Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[benn600]

Is there a way to require a special username/password when users try to manipulate folders on my server?  I currently have the four main users setup for full control on the entire drive.  They don't need that.  I just think it would be nice if, especially for some folders, it would simply ask for a user account without the ability to remember the username/password.

Obviously the user's my documents folder would not require these but the Video folder, for instance, would not be editable without a password.  I don't like the idea that the Video folder could be deleted with a few clicks.  But there needs to be an easy way to gain access because I want to be locked out by default as well.  That way, nothing could happen in the background without explicit permission.

[horse]

I think I understand what you're after. (Also I think you where running XP and are now running Vista on the server)
This is what I have, which I think is what you want to do -

When the client machines maps drive M: they do so with their user credentials and get Read only access to music, photos and video. I have a 7 and 9 year old that know enough to be dangerous for the collection :-)
In fact, by default my user login is also restricted to read only on the media folders. I need to be Administrator to delete, create or modify anything, this stops me accidently damaging anything due to lack of sleep or not enough coffee.

With a server OS, my users are all part of the Everyone group (local or domain) and that is assigned Read Only access to the Media Network Drive M: . However any user that is in the administrators group has full access.
If I map a drive with my normal account I get RO, If I login as the Domain administrator (Or just Administrator) I get full access to M:

This is achieved using the "Users and Groups" or "Domain Users and Groups"
You can configure users and groups on the local machine under XP (I guess UAC in Vista has the same) by using MMC
but unless you have server you cannot be more granular (AFAIK) on network shares. All users either have read only access or all have full access.

I think you just found one of the main differences between desktop and server OS's

[benn600]

At least you understand what I'm after very well.  I'm afraid of myself--as you are!  I don't want to accidentally wipe out my terabytes of data that has taken months to rip and years to create (papers, documents, etc.)  Even if I have backups, there is always a mistake around every few corners.

I would like to get some kind of server OS but Server 2003 is SO expensive!  I'm seriously considering Windows Home Server but it's a few months away.

I have my main drive shared, titanium.  I don't even map the drive I use access it via //chenbro/titanium .  But I have the Share Permissions set to my four users and admin can do everything.  Then, there is a security tab.  It says that deny permissions take precedence.  So I was thinking of denying write access to the important folders.  The problem is that I do not want to have to log off and on to make a change.  I was hoping it would popup a username/password dialog and then if I enter it, let me complete one action--whatever prompted the box.  Or give me a minute to complete actions.  But then it should lose the right and ask for credentials next time an action is attempted.

[benn600]

I have setup some granular rights now.  I have the video folder only writable by me and other folders only accessible by the owner.

I have a question, though.  Why can't I make a folder readable but not editable?  With the checkboxes, if I uncheck the modify attribute to DENY it, all the read, list folder contents, and other readable attributes are reset to deny!

So right now, my video folder can be read by everyone but people cannot create new folders/files, etc.  However, they are able to rename files!  So they can modify!  I want absolutely only read-only access on folders like this.  And for me I obviously get full access.

Another issue: I would like my music folder to be similar.  However, when we update our ratings in the actual files, this is a modification.  Is there a way to allow modifications but not deletions?  This is complicated and wouldn't really be very useful but we really need modification rights for the ratings.