I have a folder on my Windows Server 2003 that I'd like to share with all computers on the network, but I want to force people to input a password (at least initially) to connect to the share. I tried adding a password to the "Guest" account, but it never asks for a password. I've tried setting up a separate account with a password, but I get "Windows cannot access \server\" message. What's the best way to accomplish what I'm trying to do?
Windows Server 2003 Shared File Permissions
network-sharewindows-server-2003
Best Answer
(I am assuming you are doing this with a standalone server and clients that aren't members of a domain.)
Disable the "Guest" account on the server.
After you've done that, create an account on the server computer with the username / password that you want users to use.
Set the "Share Permissions" on the shared folder to "Everyone / Full Control" (assuming that you're sharing folders on an NTFS volume). There's no reason to use "Share Permissions" if the underlying filesystem is NTFS-- it will just complicate things. (If I could somehow influence Microsoft to do anything I'd have them remove this functionality.)
Modify the NTFS permission on the shared folder to allow the user you created above to have the type of access you require (Read, Full-Control, etc). (Don't name "Everyone" unless you mean "Everyone in the world".)
Finally, when you "connect" from the client computer and are prompted for credentials, be sure you enter the credential as "SERVERNAME\Username".
The behavior of Windows Explorer, in my experience, has been spotty. I'd try the following from a command-prompt on client computer just to be sure:
NET USE * \servername\sharename /USER:severname\username password
If that works, but Windows Explorer isn't prompting for credentials, you probably have credentials saved by Explorer that need to be cleared.
The "Guest" account's enabled / disabled status is interpreted by the OS as a "flag" that says "Allow unauthenticated users to connect..." versus "Do not allow authenticated users to connect..." (I am glossing over some details here, but this is basically true.)