Different Workgroup

Status
Not open for further replies.
M

mephisto_007

Posts: 225   +1
I'm afraid I have ask this question before but the answer was not quite fully sufficient...

I've set a Workgroup for our company for staff only and now I've setup a computers service which provide internet for Clients which basically they are freely to use anything in that computer from Office to Games, Multimedia to Internet... but the question is how do I prevents those Clients computer from accessing our Computer Staff? the reason is because both Computers Staff and Clients Computer are sharing the same Internet Service Provider and in the same Workgroup. I tried using different Workgroup name (eg: SaffWorkgroup and ClientWorkgroup) but to no avail, people still can access share folder from each other and vice versa...

Is there a complete secure way to set an entire different WORKGROUP at the same time sharing the same ISP? eg: Workgroup 1 cannot talk to Workgroup 2 but both can access the same Internet.
 
I've you setup permissions? Doesn't sound like you have? Shared folder access can be limited and you can give each person limited rights for access per PC and end user.

Users
Groups

What kind of rights have you given to all end users who login? You should be the only administrator of each PC on both workgroups. Each user should be either Power User or User. There are settings in GP and SP that can limited features that will give you more control of the way the end user logon and share folders. To me this is a better method.

If you could setup a SBS 2003 would be better and you can create local.mydomain and then setup AD instead. But that would require to purchase SBS 2003.
 
the permission approach requires each and every share to be manually changed;
works well, just a lot of time if there's lots of users.

the network approach would be to put departments/groups into separate subnets and then control the routing in routers. This has problems too,
as it could get expensive, require rewiring, and the users in any specific group
may not be physically located so as to have them attached to the same router.

btw: Internet access for users is nicly controlled using a proxy.
you can force the proxy config for all browsers and, may even have a proxy
per dept/group -- again more control. Once this is setup, your lan network
will now longer need to have access to the Internet, which is a good idea too.
 
if you created the user groups properly
and have 2 diff workgroups configed the shared folders need to be set with these groups and account settings
all machines need a reboot
look up manual for W2K server admin accounts and workgroups
and ya limit admin accounts
delete the default after making a special main admin
and do this only after testing that the new admin has ownership
 
Status
Not open for further replies.

Similar threads

A
Amazon turns Fire TV Cube into a cheap cloud desktop PC for businesses
Replies
0
Views
227
Alfonso Maruccia
A
A
BitTorrent dethroned as the main source of internet's upstream traffic
Replies
11
Views
212
Axeia
Axeia
A
ExpressVPN disables security feature that was leaking DNS requests to third-party servers
Replies
2
Views
150
return
return

Latest posts

Back