Announcement

Collapse
No announcement yet.

Quest. about local users in P2P Lan

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Quest. about local users in P2P Lan

    Setup:
    2 XP Pro PC's in P2P Lan, named WS1 and WS2
    User1 has an account on WS1, with user level privileges.
    User1 does NOT have an account on WS2.

    WS2 is setup so that:
    *share level and filesystem permission ons \\WS2\SharedDocs are Everyone/FullControl
    *in GPO
    -let everyone permissions apply to anonymous enabled
    -donot allow anonymous enumeration of SAM account/shares is disabled
    -Acces this computer from a Network is set to Everyone
    -Shares that can be accessed anonymously...SharedDocs has been added on WS2
    -Sharing and Security Model for local accounts:Windows Classic--Local users authenticate as themselves.


    Symptoms.
    *When User1 logs on, it takes about a minute to open "My Computer" for the first time. In my experience this usually means it's looking for some network resource it's not finding and then giving up.
    *When User1 is browsing to "My Network Places", when trying to connect to WS2 he gets a prompt for a user name before he can connect.
    *If a user who has an account on BOTH Workstations logs on, he can browse the network instantly

    Questions
    Should User1 who has an account on WS1 be able to access \\WS2\SharedDocs?
    User1 does not have an account on WS2.
    I'm thinking that "Access this computer from a network:Everyone" should allow this. What am I missing.

    My goal
    I want a user who does not have a local account on another workstation to be able to access some resources on that other workstation including:
    *browse that computer for available shares
    *see shared printers
    *write to and read from designated shares.

  • #2
    Re: Quest. about local users in P2P Lan

    Originally posted by TimeTraveller
    Setup:
    2 XP Pro PC's in P2P Lan, named WS1 and WS2
    User1 has an account on WS1, with user level privileges.
    User1 does NOT have an account on WS2.

    WS2 is setup so that:
    *share level and filesystem permission ons \\WS2\SharedDocs are Everyone/FullControl
    *in GPO
    -let everyone permissions apply to anonymous enabled
    -donot allow anonymous enumeration of SAM account/shares is disabled
    -Acces this computer from a Network is set to Everyone
    -Shares that can be accessed anonymously...SharedDocs has been added on WS2
    -Sharing and Security Model for local accounts:Windows Classic--Local users authenticate as themselves.


    Symptoms.
    *When User1 logs on, it takes about a minute to open "My Computer" for the first time. In my experience this usually means it's looking for some network resource it's not finding and then giving up.
    *When User1 is browsing to "My Network Places", when trying to connect to WS2 he gets a prompt for a user name before he can connect.
    *If a user who has an account on BOTH Workstations logs on, he can browse the network instantly

    Questions
    Should User1 who has an account on WS1 be able to access \\WS2\SharedDocs?
    User1 does not have an account on WS2.
    I'm thinking that "Access this computer from a network:Everyone" should allow this. What am I missing.

    My goal
    I want a user who does not have a local account on another workstation to be able to access some resources on that other workstation including:
    *browse that computer for available shares
    *see shared printers
    *write to and read from designated shares.
    Answers

    1. No. As this is a peer to peer network each user is authenticated on the LOCAL machine. There is no central authentication for the types of network.

    2. From memory i think the Everyone permission is for everyone on the local machine. I could be wrong though.

    In a real world you would need to add each individual user account onto each machine. As you only have 2 machines then this is less hassle.

    Comment

    Working...
    X