1.3 Compare user-level security with access permission assigned to a shared directory on a server.
User-level security assigns read, write and full control rights on a user-by-user basis. It provides a higher level of control and requires more administration, which is preferred to deploy in larger organizations.
Share-level security sometimes is referred to as password-protected shares. It assigns certain rights on a password basis. With an appropriate password, you are granted to access the corresponding shared resource. If you are a system administrator with a small network, and you dislike the administration work to maintain the user account, share-level security should be a good solution for you.
Generally, Windows 95 and Windows for Workgroup support share-level security while Windows NT Server and Windows NT Workstation provide user-level security. However, you can also implement user-level security on Windows 95 if you let Window 95 to join Windows NT domain.
Suppose that you have a pure Windows 95 network or your Windows 95 doesnt join any Windows NT domain, follow following steps to share a network resource in Windows 95.
1. Open Windows Explorer.
2. Select the directory you want to share.
3. Right clicks the mouse.
4. Click Sharing. (Now you will see the figure similar to figure 1.11)
5. Click Shared As and provides the share name and the password for the sharing.
You can only provide the password here while have nothing to do with the user name. Therefore, any user who knows the password can access this shared directory, which examples a typical share-level security.
Figure 1.11 Share a folder in Windows 95
In Windows NT, the procedure of sharing a directory is almost the same as in Windows 95, however, it assigns which group or a specific user can access this directory, which examples a typical user-level security. Please remember that neither Windows NT Server nor Windows NT Workstation supports share-level security.
Workgroup is a collection of computers that implement share-level security in Microsoft's network. Each workgroup is identified by a unique name.
Domain is a collection of computers that implement user-level security. A domain provides access to the centralized user accounts and group accounts maintained by the domain administrator.
Only Windows NT can work as a domain controller, however as we previous mentioned, you can let a Windows 95 machine join the domain. After and only after that, user-level security can be implemented in Windows 95 system.