Hello everyone,
I have 2 pcs running win2k8 in a network without domain, and i have a windows service in pc1 that runs under the account system and this service writes come files in pc2 network share. If they were in a domain i could solve it easily but as they aren't i only can manage to have pc1 writing in pc2 if "everyone" permisions is set.
Can you please help me on this? Security wise is very importante only pc1 has access to pc2
Thank you very much!
Br, byte_slave
From serverfault
byte_slave
-
Make a new account on both machines - same name, same password. Run the service on pc1 as that account, and share the folder on pc2 with full rights given to that account, both on the share and the NTFS permissions.
byte_slave : It works like that out of the box? I thought the SID of the account is what really makes permissions be valid and assure accounts integrity not the name. Anyways i will try that and i give feedbaxk!mfinni : The stuff about SIDs is valid for machines in a domain. Your machines are not in domains. I do this all the time for application-tier servers in a DMZ. They're non-domain, so I make sure that the service account names and passwords are identical, and then have scheduled-task copy jobs that keep config files in sync between them.byte_slave : Thanks for the input! Very helpfullFrom mfinni
0 comments:
Post a Comment