home *** CD-ROM | disk | FTP | other *** search
- DOCUMENT:Q101234 09-JUL-1993 [W_NT]
- TITLE :INF: How to Set Up Share Level Security with Windows NT
- PRODUCT :Windows NT
- PROD/VER:3.10
- OPER/SYS:WINDOWS
- KEYWORDS:
-
- --------------------------------------------------------------------
- The information in this article applies to:
-
- - Microsoft Windows NT operating system version 3.1
- - Microsoft Windows NT Advanced Server version 3.1
- --------------------------------------------------------------------
-
- It is possible to make Windows NT user level security act somewhat
- like share level security by creating a user account that is intended
- to be shared by many users. To do so, use the following procedure:
-
- 1. Create a user account in User Manager.
-
- 2. Choose User Cannot Change Password and Password Never Expires.
-
- 3. Make sure User Must Change Password at Next Logon is not checked.
-
- 4. Add this account to any groups as desired or grant access directly
- to resources as appropriate.
-
- When you want to give someone access a share, inform them that they
- may use this special user account and password when connecting to the
- resource.
-
- To access this shared resource from File Manager and Print Manager,
- enter in the Connect As field the account name you created in the
- procedure. You will be prompted for the correct password.
-
- To access a shared resource from the command line use the NET USE
- command with the following switches:
-
- /User:<account> <password>
-
- For connecting to other resources such as named pipes or for programs
- that do not allow entry of the user name or password, make a
- connection to the computer before running the program from a command
- prompt using the following command:
-
- NET USE \\<computer>\IPC$ /User: <account> <password>
-
- Note: Once a connection is established to a computer using a
- particular account, the connection must be deleted before another
- connection to the same computer can be established using a different
- account. For example, if a user wants to use the shared user account
- to access a computer, they will have to first disconnect any
- connection they already have under their own user account.
-
- Background on Share Level vs. User Level Security
- -------------------------------------------------
-
- Share level security provides a password controlled gate to protected
- resources. The advantages of this security paradigm is that it allows
- granting access to a broad range of people with very little effort. It
- is not very secure, since the password is widely distributed and there
- is no notion of personal accountability. Windows NT's security
- paradigm is based upon granting access to individuals each of whom has
- an account. This allows fine-grained control over per-user access and
- allows individual accountability. The disadvantage is that you must
- create a user account for each user you want to grant access to and
- you must grant that user the access (either directly or by adding to
- an appropriate group).
-
- Additional reference words: 3.10 netsrv scrty
-
- =============================================================================
-
- THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS
- PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS
- ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES
- OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO
- EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR
- ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL,
- CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF
- MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE
- POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION
- OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES
- SO THE FOREGOING LIMITATION MAY NOT APPLY.
-
- Copyright Microsoft Corporation 1993.
