Jump to content

restrict access to file share by computer

Guest lansvcs

By Guest lansvcs
in Windows 2003 Server

 Share

Recommended Posts

Guest lansvcs

Guest lansvcs

Posted
Posted

We are using W2K3 Standard R2 SP2 as a file server. We grant access to the

share using share permissions and NTFS permissions and all works as it

should. We would also like to restrict which computers a user can access the

share from. User A has access to the share from Compter A but User A is

denied access to the share from Computer B. So far we have been unable to do

this. Any ideas would be appreciated.

  • Replies 2
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Meinolf Weber

Guest Meinolf Weber

Posted
Posted

Re: restrict access to file share by computer

 

Hello lansvcs,

 

What's the reason for this kind of configuration? If the user has access

to his files, he should have it on all machines. Creating a domain gives

you the big advantage that users can work from any workstation without configuring

a lot of local accounts.

 

Best regards

 

Meinolf Weber

Disclaimer: This posting is provided "AS IS" with no warranties, and confers

no rights.

** Please do NOT email, only reply to Newsgroups

** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

> We are using W2K3 Standard R2 SP2 as a file server. We grant access

> to the share using share permissions and NTFS permissions and all

> works as it should. We would also like to restrict which computers a

> user can access the share from. User A has access to the share from

> Compter A but User A is denied access to the share from Computer B.

> So far we have been unable to do this. Any ideas would be

> appreciated.

>

Guest lforbes

Guest lforbes

Posted
Posted

RE: restrict access to file share by computer

 

Yes, that is by design. NTFS permissions are set via user account not via

what computer they are logged into. Group Policies don't affect NTFS

permissions.

 

For those computers you can use the loopback policy for that Computer OU

(where restricted computers are) and when a user logs into that computer it

sets severe group policies on the workstation including hiding access to My

network places, restricting access to map drives, hiding all drives in My

Computer etc.

 

This won't "prevent" users from accessing the server shares but will make it

pretty difficult especially if you block access to command or cmd (batch

files).

 

For the loopback policy search MS for more info. Basically you create an OU

for those restricted computers and a group policy for that OU. In the

computer configuration you enable the loopback policy and choose "merge" or

"override" and then in the User Configuration of the same policy set the

severe restrictions.

 

Cheers,

Lara

 

"lansvcs" wrote:

> We are using W2K3 Standard R2 SP2 as a file server. We grant access to the

> share using share permissions and NTFS permissions and all works as it

> should. We would also like to restrict which computers a user can access the

> share from. User A has access to the share from Compter A but User A is

> denied access to the share from Computer B. So far we have been unable to do

> this. Any ideas would be appreciated.

 Share
Go to topic listing
×
×
  • Create New...