Jump to content

User account and security

Guest Al

By Guest Al
in Techno Babble

 Share

Recommended Posts

Guest Al

Guest Al

Posted
Posted

On Vista, in order for a system to see another machine's share, it asks for

the user's credentials. I know this can be tuned off using Password

protection for shares. However, regardless, if both the systems have the same

user account with the same password (not necessarily logged in as that user

but just if they have it), then things become very simple and the other user

can see and open the shares.

 

So here is the question: I am thinking of automatically creating a user

account with a GUID like password on these systems using standard Win32

API's. However, I am afraid that by creating user accounts automatically

(albeit with a GUID like password), I maybe opening up the user system

inadvertently to some security risk beyond what I am trying to achieve.

 

Does anyone have an opinion on this or see any major issues in doing this?

 

Thanks.

  • Replies 1
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Paul Montgumdrop

Guest Paul Montgumdrop

Posted
Posted

Al wrote:<span style="color:blue">

> On Vista, in order for a system to see another machine's share, it asks for

> the user's credentials. I know this can be tuned off using Password

> protection for shares. However, regardless, if both the systems have the same

> user account with the same password (not necessarily logged in as that user

> but just if they have it), then things become very simple and the other user

> can see and open the shares.

>

> So here is the question: I am thinking of automatically creating a user

> account with a GUID like password on these systems using standard Win32

> API's. However, I am afraid that by creating user accounts automatically

> (albeit with a GUID like password), I maybe opening up the user system

> inadvertently to some security risk beyond what I am trying to achieve.

>

> Does anyone have an opinion on this or see any major issues in doing this?

>

> Thanks.

> </span>

 

This is my outlook on what user account group to use on file share.

 

<http://windowsitpro.com/article/articleid/23581/should-you-use-the-authenticated-users-group.html>

 

It works on a p2p level as well for anyone like a remote user or a

local user that is using a valid user account on the machine that is

hosting the file share.

 

For me, I delete all accounts of the folder of the file share, and I

also delete all accounts of the Share's permissions, leaving only the

Authenticated users group and set permissions for the group on the

folder and the share.

 

Authenticated users group tightens security on the file share, so that

only authenticated users can access the share with an existing user

account on the file share hosting machine.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...