Re: Web Server 2003 File Sharing
From: Scott Napolitan [MSFT] (scottnap_at_online.microsoft.com)
Date: 02/03/05
- Next message: Sabo, Eric: "Windows 2003 Service Pack 1"
- Previous message: Devin M.: "VPN HELP HELP HELP!!!"
- In reply to: Dominic Messenger: "Web Server 2003 File Sharing"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 03 Feb 2005 08:47:30 -0800 To: Dominic Messenger <dmessenger@verdantsys.com>
Dominic Messenger wrote:
> I've tried removing Deny Everyone, but this doesn't seem to help.
>
> Although I made several changes to the Security Policy, the main
> change was to disable several old accounts and change the
> Administrator account name.
> I then went into a previous file share and tried to replace it with
> the new administrator credentials (new name, old password) and now I
> can't connect.
>
> Any pointers ? Is there a specific set of policies I need to set on
> the Admin account to get this to work ? I am pulling my hair out.
>
> Dominic Messenger wrote:
>
>>I have a Web Server on the internet, firewalled so that only Port
>>80/443 are available, but everything is available to known IP ranges.
>>
>>Up until recently, we could share a drive on the server with machines
>>in the known IP ranges. Then, we applied some policy changes to lock
>>down IIS, and the shares stopped working.
>>
>>Can anyone give me any pointers as to what Local Security Policy
>>settings I need to enable to get file sharing working again. We can
>>create accounts on the server for each user, and apply specific
>>policies, but it is just knowing which ones.
>>
>>We have denied Everyone access on the share. Is this important ?
>>
>>Regards
>>
>>Dominic
>
> The Deny Everyone is probably your problem. Deny overrides any
> explicit
> permission granted so the only one that should be able to access this
> is
> the administrator. What you might want to consider instead is denying
> access to the IUSR_COMPUTERNAME account where COMPUTERNAME is the name
> of the server. This will effectively restrict any anonymous access.
> The best bet is to consider simply not granting access to whomever you
> don't want to get at the share. This way you don't have to explicitly
> deny anyone.
In general you should be able to connect as the Administrator no matter
what, assuming of course that that account is not disabled and that you
are typing the correct password. Are you unable to connect to the share
as an administrator? Can you access the share locally (at the console)?
-- Legal Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. Use of included script samples are subject to the terms specified at http://www.microsoft.com/info/cpyright.htm Please do not send e-mail directly to this alias. This alias is for newsgroup purposes only.
- Next message: Sabo, Eric: "Windows 2003 Service Pack 1"
- Previous message: Devin M.: "VPN HELP HELP HELP!!!"
- In reply to: Dominic Messenger: "Web Server 2003 File Sharing"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
