Different Workgroup

By mephisto_007
Sep 27, 2006
Topic Status:
Not open for further replies.
  1. I'm afraid I have ask this question before but the answer was not quite fully sufficient...

    I've set a Workgroup for our company for staff only and now I've setup a computers service which provide internet for Clients which basically they are freely to use anything in that computer from Office to Games, Multimedia to Internet... but the question is how do I prevents those Clients computer from accessing our Computer Staff? the reason is because both Computers Staff and Clients Computer are sharing the same Internet Service Provider and in the same Workgroup. I tried using different Workgroup name (eg: SaffWorkgroup and ClientWorkgroup) but to no avail, people still can access share folder from each other and vice versa...

    Is there a complete secure way to set an entire different WORKGROUP at the same time sharing the same ISP? eg: Workgroup 1 cannot talk to Workgroup 2 but both can access the same Internet.
  2. tipstir

    tipstir TS Ambassador Posts: 4,492   +73

    I've you setup permissions? Doesn't sound like you have? Shared folder access can be limited and you can give each person limited rights for access per PC and end user.

    Users
    Groups

    What kind of rights have you given to all end users who login? You should be the only administrator of each PC on both workgroups. Each user should be either Power User or User. There are settings in GP and SP that can limited features that will give you more control of the way the end user logon and share folders. To me this is a better method.

    If you could setup a SBS 2003 would be better and you can create local.mydomain and then setup AD instead. But that would require to purchase SBS 2003.
  3. jobeard

    jobeard TS Ambassador Posts: 13,031   +222

    the permission approach requires each and every share to be manually changed;
    works well, just a lot of time if there's lots of users.

    the network approach would be to put departments/groups into separate subnets and then control the routing in routers. This has problems too,
    as it could get expensive, require rewiring, and the users in any specific group
    may not be physically located so as to have them attached to the same router.

    btw: Internet access for users is nicly controlled using a proxy.
    you can force the proxy config for all browsers and, may even have a proxy
    per dept/group -- again more control. Once this is setup, your lan network
    will now longer need to have access to the Internet, which is a good idea too.
  4. Samstoned

    Samstoned TechSpot Paladin Posts: 2,582

    if you created the user groups properly
    and have 2 diff workgroups configed the shared folders need to be set with these groups and account settings
    all machines need a reboot
    look up manual for W2K server admin accounts and workgroups
    and ya limit admin accounts
    delete the default after making a special main admin
    and do this only after testing that the new admin has ownership
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.