Archiv Windows XP 25.916 Themen, 128.567 Beiträge

How to rectify messed up Share permissions?

ainstein am 04.09.2009, 23:52 / 9 Antworten / Baumansicht

Dear all, I tried to set up user permissions to share a partition with my main user account (administrative rights, use only for system operations) and with a limited account (primarily use for access to Internet and work). My intention was to allow Full Control to both on my Data-partition. Initially the setup was ok, just that any files created by my Computer Administrator account could not be shifted (when tidying up my folders) by my limited account.

Now I am left with Full Control of my Computer Administrator account, when I am logged in there. I have added the limited account to the User names section in the Security tab for the partition, and given Full Control. In Advanced it tells me: "Apply to: This folder, subfolders and files", which is the same as for the Computer Administrator account, and should be ok.

However, logged in on the limited account, I can view the subfolders of the partition but for their content I get an "Access denied" message. Whatever I did wrong with playing with the "Replace Permission on all child objects..." I now just want to get back to the original setting, which was cumbersome, but worked.

I thought of two options:
1) Change the limited account to a Computer Administrator account, and after a restart back to a limited account.
2) Create another limited account and shift or access the data, then delete the old limited account.

Whilst the latter might be the "easier" option, could someone explain, whether the first option would work, or wether the second option might not work.

Thanks very much in anticipation.

ainstein

    
        Jonny 9 ainstein „How to rectify messed up Share permissions?“
      
        05.09.2009, 02:48 Optionen
      
          Dieser Beitrag ist gelöscht!

          Dieses Posting wurde gelöscht, weil es gegen die Boardregeln verstoßen hat. Die Regeln zum Mitmachen können in den Nickles Regeln nachgelesen werden. Mehr Information warum das Posting gelöscht wurde, gibt es hier.
        
        Synthetic_codes ainstein „How to rectify messed up Share permissions?“
      
        05.09.2009, 16:40 Optionen
      
          Hi ainstein,

          Your problem is most likely due to the fact that the File system of your data partition is NTFS, which in fact saves "owner information" with the files stored in it.

          That means if you create a file with your admin account, the filesystem stores the information that the file is owned by this account, further disallowing unpriviledged users(such as your limited account) to access them. So what you can do is to either "reset" the owner after creating a file, allowing limited accounts to access them, or reformat the partition with the FAT32 file system which does not save owner information for files/folders. Note however that there are some limits, for instance, FAT32 file systems cannot store files larger than 4 gigabyte. Note also that you will need a third party tool to create a FAT formatted partition larger than 30 gigabyte. In general, mostly any partitioning software not created by microsoft should do the job. My recommendations for that would be GParted or PartitionMagic.

          Please save your files before reformatting the partition, as the process of formatting the partition will erase all data on it.

          NOTE: If you are using a professional version of Windows XP (Win Xp corporate or professional) it might also be possible to allow a limited account access to files owned by an administrator using a group policy. But I am not sure about the special group policy rule for this.

          Thus, if you have any problems or further questions, please do not hesitate to post here again.
        
        ainstein Synthetic_codes „Hi ainstein, Your problem is most likely due to the fact that the File system of...“
      
        06.09.2009, 14:00 Optionen
      
          Thanks for your response. I tried changing the limited account to computer administrator, which worked, and I could access all files as in my main administrator account. But when I switched it back to the limited account, it had the old permission settings again.

          Now I try to set up a new limited account and access the partition through this and delete the 1st limited account. Hope that works then.
        
        Synthetic_codes ainstein „Thanks for your response. I tried changing the limited account to computer...“
      
        06.09.2009, 23:58 Optionen
      
          hell, dont delete the first limited account you created. From my own experience, I can tell you that it may be possible that you will be unable to access some of your files(the ones that were created under the ltd account), until you decide to manually delete and recreate permissions for those files.
        
        peterson Synthetic_codes „hell, dont delete the first limited account you created. From my own experience,...“
      
        07.09.2009, 01:05 Optionen
      
          Ich denke mal, der kann richtig deutsch.

        Synthetic_codes peterson „Ich denke mal, der kann richtig deutsch. “
      
        07.09.2009, 01:08 Optionen
      
          jop aber es ist auch ok auf englisch support zu geben. mal was anderes
        
        ainstein peterson „Ich denke mal, der kann richtig deutsch. “
      
        25.09.2009, 10:08 Optionen
      
          Für's verstehen hast du ja recht, aber ich bin so ins Englische eingewachsen, dass mir das computer specifische Vocabular aus dem Deutschen nicht so gelaeufig ist.

          Ausserdem, kann ich mich im Englischen besser ausdrücken.

          Mit bezug auf die erste antwort zu deinem Comment, nehme ich halt an, dass die meisten Leser hier genug Englisch verstehen um antworten zu koennen.

          ainstein
        
        Lemon5 ainstein „How to rectify messed up Share permissions?“
      
        25.09.2009, 14:17 Optionen
      
          since you dont have problems with english, take a look

          http://www.tek-tips.com/viewthread.cfm?qid=1569808&page=1
        
        ainstein Lemon5 „since you dont have problems with english, take a look...“
      
        25.09.2009, 15:50 Optionen
      
          Thanks for your suggestion.

          In the mean time ... I gave the ltd account Full Control in the Share permissions, after removing the Everyone. This however, didn't seem to make a difference.

          I also created a second ltd account and added it in Security and Shared Permissions and gave Full Control, however this time without checking the tick box at "Apply these permissions to objects and/or containers within this container only" in Advanced Security / edit Special Permissions. I also did not tick the "Replace Permission on all child objects with entries shown here that apply to child objects." in the Advanced Security Settings.

          Don't know how and why, but I now can access the folder that I needed in the 1st limited account.

          To explain: although I would have preferred to have FC on the whole partition, the most important folder was "My Documents" to be accessed from both accounts and the data folder for my Thunderbird email account.

          Interestingly throughout the whole trouble not being able to access any others than the folders in the root of the partition, I could download my emails to the Thunderbird folder structure within the limited account.

          In any case, I'm still somewhat and end-user (i.e. as long as it works, it's fine by me), therefore:

          Thanks very much to all who provided help and thoughts for my problem.

          ainstein