Windows 2003 security setting for network shared folder problems ,issue ?

[J.H]

Hi there,

I have very strange problem on Windows 2003 Std Edition for security
setting.
I have installed stand-alone Windows 2003 with IIS. Nothing much have
changed
from the default setting of security , local policy on this box.

Scenario:
- Shared 'test' on Windows 2003, security setting in NTFS for only system &
Admin
with full control
- On the workstation XP Pro, access to the Win2K3 std's shared folder by
\\computername\test.
-W2K3 does not ask the password pop-up window to authenticate before browse
to the list of sharing folder on the server
- the workstations, (mean) every one can access to server's shared folder
without authentication
- the workstations, (mean) everyone can access to server's shared folders
even the 'test'
folder's NTFS permission restricted only System & Admin have the access to
it.

Any one idea why ?

J.H

 

[J.H]

Hi there,

I think I found the reason. When we access the shared folder, the 1st time
authentication
will stay forever (such as I authenticated as administrator and pwd), it
will be gone only
when I log off the computer. Otherwise it will use the previous
authentication username & pwd
to access to the next opening explorer windows. It is different than in
Windows 2000, in
windows 2000, we just need to close the explorer & reopen it, it will ask
again the username
and pwd to access to the server and its shared folders.

Wonder why MSFT changed it, it is kinda not secured like the way W2K3 does
right now.
Example of an admin use his own username & pwd to make sure the current
logged on user
have the access to certain shared folder, after testing, HE WILL NEED TO ASK
USER
LOG OFF/LOGON AGAIN TO CLEAR THE CACHE IN EXPLORER ?, FUNNY EHH )). BUT
MSFT did that )

J.H