Inshii asked:
I have a domain setup with MS Server2000 that all of the computers in our company are part of. I need to have a certain number of computers removed from the domain so that everything within the domain is unaccessable from those computers while they still work within the building.
I created a separate workgroup and added those few computers to it so that they can share files between them but not with the rest of the company and not with the domain. The problem is is that because they are within the building and on the same lan - when they are on the workgroup they can still access the folders on the domain through My Network Places and map drives to those folders (some are shared).
How can I set the server/domain so that everybody outside of the domain cannot access any folder or file residing on the domain itself? So… how do i make DOMAIN-A unaccessble by any computer outside of DOMAIN-A or at least by any computer on WORKGROUP-B?
Purchase a Domain name
I have a domain setup with MS Server2000 that all of the computers in our company are part of. I need to have a certain number of computers removed from the domain so that everything within the domain is unaccessable from those computers while they still work within the building.
I created a separate workgroup and added those few computers to it so that they can share files between them but not with the rest of the company and not with the domain. The problem is is that because they are within the building and on the same lan - when they are on the workgroup they can still access the folders on the domain through My Network Places and map drives to those folders (some are shared).
How can I set the server/domain so that everybody outside of the domain cannot access any folder or file residing on the domain itself? So… how do i make DOMAIN-A unaccessble by any computer outside of DOMAIN-A or at least by any computer on WORKGROUP-B?
Purchase a Domain name
Tags: Domain Setup, Server Domain, Server2000
Register a domain name
When you set up the directories to be saved on the server, look at the permissions for each share. If you give any permissions to the Everyone group, anyone able to access the LAN will be able to see and manipulate the files in the share.
You are going to have to set up the groups you want to use the share, and disable any permissions on the Everyone group.
WARNING!!!! you must be very careful to make sure you have admin rights and access to the share prior to removing the Everyone permissions or you may loose access to everything in the folder.
This is something you want to test on an empty folder, or a test folder first. Failure to do so will cause much pain and anguish.
If you do this right, you will be able to have said computers as a part of the domain, and still have the access rights, or lack there of, that you require. Also, you can do this on a computer to computer basis, or better yet, a user basis, so no matter what computer said user is logged into, he will only have the rights you assign him.
Domain Registration
For a start you can use security to control who can access what. From the sound of it your security is non-existant or anyone outside the domain would have no access. If you restrict access to domain groups or users you then have full control over what is accessible. As you are if one machine suffers a break-in your server is compromised.
Purchase a Domain name
1. Create user groups for your users. eg. Finance, Production, Sales, etc.. Don’t forget the SysAdmin group with administrator rights
2. Assign users to the individual groups.
3. For the folders that are to be shared, make sure the sharing assigns only those user groups that have rights to those folders.
4. Create user accounts for even those people who are not supposed to access the domain shares, but do not assign them to any user group that has rights to access any of the domain folders.
5. Remove ‘Everyone’ user group from the folder shares.
You now have valid users assigned to user groups that are able to access folders they are supposed to. You also have invalid users who are not assigned to user groups, but belong to the ‘Everyone’ group, and they cannot access any folders within the domain. You now also have a way to log all the users (valid or invalid) when they login to the domain.
Buy:Cialis Soft Tabs.Super Active ED Pack.Cialis Professional.Tramadol.Viagra Super Active+.Maxaman.Zithromax.Soma.Viagra Soft Tabs.Cialis Super Active+.Cialis.Propecia.Viagra Super Force.Viagra Professional.Viagra.VPXL.Levitra….