Shulou(Shulou.com)06/01 Report--

Hello, everyone!

We take on the file permission operation in the previous article, and then analyze the operation method of file sharing with our partners.

We first enter the server2016 system as an administrator, and then set the abc folder we created on disk E, right-click to select properties, security, edit, add zhangsan account, and only give it read permission (write unchecked)

At this point, the zhangsan account has permissions for the directory abc folder and corresponding permissions for the 111.txt under the directory (here, because we previously set the subdirectory mandatory inheritance at the directory folder abc)

Next, we are ready to start sharing. Let's first think about what elements we should have.

Interconnection between two hosts (network card binding is set to host-only mode) the IP address is the same network segment (example: server2016:192.168.100.100/win10:192.168.100.99) because the next step is to use the ping command to detect whether the two are interconnected, so we need to turn off each other's server2016 firewall. When we enter the win10 system, call out cmd, enter: ping 192.168.100.100 and hit enter.

After confirming that it is available, we can turn on server2016's firewall at this time.

Authenticated access (you can access the specified folder only if you know the user name and password, otherwise you cannot)

Enter the server2016 system, computer, E disk, abc folder, right-click and select share.

two。 Select the added user: zhangsan, click add, select the permission level only read permission, click share, and the prompt box will pop up. At this time, we choose to enable network discovery and file sharing on all public networks (as shown in the following figure):

The established sharing interface pops up, and the file path displayed is the share access path, also known as the UNC path. The format is generally:\ hostname or IP\ shared folder name. For example, the folder share access path we set can be written as follows:\ 192.168.100.100\ abc

4 at this time, we enter the win10x system for verification: right-click the Windows icon in the lower left corner of the desktop, select run, enter the UNC path, and then jump out and enter the user identity access (the specific operation and results are as follows):

At this point, we enter the user name zhangsa password 123123, hit enter to access the shared abc folder!

If access is restricted after entering, it will generally be the following points. After I have listed it, you can rule out your own operations like this:

①. Click Network, Network sharing Center, Advanced sharing Settings in server2016, and all corresponding items in it should be enabled.

② Click to run, enter: secpol.msc to open the local security policy, select the local policy, user rights assignment check the following two points, 1. Denying access to this computer from the network should be blank, which means that the set user has access; 2. Access this computer from the network. If there is a Users after double-clicking, it means that the zhangsan account has access rights.

The specific interface for the above inspection is shown below:

At this time, we go back to the 111.txt document under the abc folder in the win10 system. After opening it, we try to modify the content. We change "this is aaa" to "this is abc" and click Save, whether to replace the original file or not. Choose Yes, and still pop out of the prompt box at this time: access denied. (because there is only read permission at this time)

We enter the server2016 system, right-click the abc folder properties, security, select full control of the zhangsan account, and determine the application. At this time, we go back to verify and find that the content can be saved directly after the content has been changed. At this time, we think carefully about why we can save it directly. We go back to the abc folder in the server2016 system, right-click the properties, sharing, advanced sharing, permissions (at this point we will find that there is an option in the permissions Everyone that literally means everyone and can be completely controlled, which is very unsafe, and we can choose to delete him directly from the list), then we re-share the folder and go back to check the permissions in the advanced share. Found that everyone is still available, at this time we delete, go back to the win10 system after making changes to the shared document and then want to save the file will prompt us to save the file, so it will become impossible to modify.

If we add zhangsan and read permission to the sharing permissions of the abc folder, then zhangsan has full control over the folder permissions and shares the reading rights to the folders. The result we summarize is that the final permissions of the share are the intersection of the file permissions and the sharing permissions.

Next, we will find that there is a history record that has been entered in the running interface, because the password has already been entered when you log in for the first time, and when you enter again, you can directly enter without entering the password for authentication. In fact, this is not safe, because there is a caching mechanism in Microsoft system, and what we need to do at this time is to clear the cache, as follows:

Anonymous access operation:

Go back to the server2016 server, select the abc folder, right click share, select specific user, drop down the small triangle, select everyone, click add, click share. At this time, what guest identity is our everyone used to access, and how do we check whether it can be accessed:

Right-click on this computer, click manage, select computer management, select users and groups, select users, select Guest (guest users) to disable in the properties, and then when we enter the advanced sharing settings in the network we mentioned earlier, we will find that password-protected sharing is automatically turned off.

Then, in the security options in the local policy, network access: the sharing and security model of the local account. After double-clicking to open it, the drop-down selects guests only, so that guest users can access the shared files.

Go back to the server2016 server, select the abc folder, right-click Properties, click share, click Advanced share, click add: abc$ ($this symbol represents hidden share), at this time we delete the previous abc share name, then we go back to win10 to verify.

Also click run to enter\ 192.168.100.100\. At this time, you cannot see the abc folder after entering. If you want to access it, add abc$ to the previous run instruction and click enter to enter the abc shared folder to see the documents:

So the above are several ways to access file sharing, thank you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.