Server

[lost]

Archived from groups: microsoft.public.win2000.security (More info?)

I have 2 questions here.

a) I would like to know how can we change the password at
the next log on at the user own PC without going to the
server to change it. The problem now is that if we tick
to change password on the next log on box, we are unable
to log in unless we untick it first to enable us to log
into the appropriate folder at our own PC. Therefore we
will not be able to change the new password.

b) In a folder there will be many sub-folders with different
authorize user-(shares and permissions settings.) This
means that only certain folder can be viewed by the
authorized user. So how can we need not let the
unauthorized user to view the folder which does not
belong to them? It can be quite confusing to view so many
folders which does not belongs to the authorize user.

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Lost wrote:
> I have 2 questions here.
>
> a) I would like to know how can we change the password at
> the next log on at the user own PC without going to the
> server to change it. The problem now is that if we tick
> to change password on the next log on box, we are unable
> to log in unless we untick it first to enable us to log
> into the appropriate folder at our own PC.

I don't know what you mean. Are all users using WinNT-based OSes, joined to
the domain, with all users logging in only to the domain (not the local
computer)? If so, you should be able to tick the "change password at next
login" on the domain controller and it should work fine. Unless you've
mistakenly changed a policy to disable users' ability to change their own
passwords, or "user cannot change password is ticked in their ADUC
properties.

> Therefore we
> will not be able to change the new password.
>
> b) In a folder there will be many sub-folders with different
> authorize user-(shares and permissions settings.) This
> means that only certain folder can be viewed by the
> authorized user. So how can we need not let the
> unauthorized user to view the folder which does not
> belong to them? It can be quite confusing to view so many
> folders which does not belongs to the authorize user.

No easy way unless you're using NetWare. Perhaps you need to re-organize
your parent/share folders to divide up your data into shares that only
certain groups need access to, and apply the NTFS permissions appropriately.
You can hide a share (name it share$) so people can't browse it....use login
scripts to map drives.

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Have you tried doing a ctrl alt delete at workstation and changing the
password there?


"Lost" <Lost@discussions.microsoft.com> wrote in message
news:E531E155-10D9-4AA8-9661-E918AF51EF23@microsoft.com...
>I have 2 questions here.
>
> a) I would like to know how can we change the password at
> the next log on at the user own PC without going to the
> server to change it. The problem now is that if we tick
> to change password on the next log on box, we are unable
> to log in unless we untick it first to enable us to log
> into the appropriate folder at our own PC. Therefore we
> will not be able to change the new password.
>
> b) In a folder there will be many sub-folders with different
> authorize user-(shares and permissions settings.) This
> means that only certain folder can be viewed by the
> authorized user. So how can we need not let the
> unauthorized user to view the folder which does not
> belong to them? It can be quite confusing to view so many
> folders which does not belongs to the authorize user.
>