Exercise 11

Creating And Sharing

Resources
Exercise 11 : Creating And Sharing Resources
One important aspect of a Windows Domain is the ability to share applications, files, printers
and other resources on the network. Resources created on Windows Server computers are
available to all users in the domain, and it is a simple administration task to allocate permissions
to users.

Preliminary Setup

Add zul.akmal, ocah.blue and ain.syahmi to the Intranet Users group.

1. Log on server as Administrator (Figure 0312).

Figure 0312 : Administrator Login

2. Launch Active Directory Users and Computers. Click Start ► Administrative Tools ►
Active Directory Users and Computers (Figure 0313).

Figure 0313 : Launch Active Directory Users and Computers

3. Click myserver.com (your domain.com) and double-click the Intranet Users group from
the list (Figure 0314).

Figure 0314 : Active Directory Users and Computers – Intranet Users Group

4. Click the Members tab (Figure 0315).

Figure 0315 : Active Directory Users and Computers – Intranet Users Properties

5. Add Ocah Blue as a member of Intranet Users.

5.1 Click Add … button (Figure 0316).

Figure 0316 : Add button

5.2 Click Advanced … button (Figure 0317).

Figure 0317 : Select Users, Contacts, Computers, or Group box

5.3 Click Find Now button (Figure 0318).

Figure 0318 : Select Users, Contacts, Computers, or Group - Advanced

5.4 Select Ocah Blue user account (Figure 0319).

Figure 0319 : Select Users, Contacts, Computers, or Group – Find Now

5.5 Cick OK (Figure 0319).

5.6 Cick OK (Figure 0320).

Figure 0320 : Select Users, Contacts, Computers, or Group

 5.7 You can see Ocah Blue is added as a member of Intranet Users group (Figure
0321).

Figure 0321 : Intranet Users Properties

6. Now repeat steps 5 to add zul.akmal and ain.syahmi as a member of Intranet Users
group.

7. After finish adding all the user to Intranet Users group, your Intranet Users properties
should be same as figure below (Figure 0322).

Figure 0322 : Active Directory Users and Computers – Intranet Users Properties

8. Cick OK to finish added members to Intranet Users group (Figure 0322).

EXERCISE 11.1

Creating and Sharing a Resource Using Windows Explorer

In this exercise, you will use Windows Explorer to create a folder and verify the NTFS file
permissions. The folder will then be shared and permissions assigned. You will then access this
shared resource from the client computer.

1. Log on to the server as Administrator (Figure 0323).

Figure 0323 : Administrator Login

2. Launch Windows Explorer. Click Start ► Right-click Computer ► select Explore

(Figure 0324).

Figure 0324 : Launch Windows Explorer

3. Access D: drive (Figure 0325).
(Make sure your D drive are NTFS formatted. If not, you have to convert or format it to
NTFS)

Figure 0325 : Windows Explorer – D Drive

4. Create a folder named tempSN (SN represents you’re Station Number).

In previous exercise I use number 21 as my Station Number. So in this exercise my

folder named will be temp21.

4.1. Right-click D drive ► select New ► Folder (Figure 0326).

Figure 0326 : Windows Explorer – Create New Folder

 4.2. Rename the folder as temp21 (Figure 0327).

Figure 0327 : Rename Folder

5. Open the temp21 folder properties. Right-click temp21 folder ► select Properties
(Figure 0328).

Figure 0328 : Open the temp21 folder properties

6. Click the Security tab. A list of security permissions is displayed. Note that the group
Administrators is given Full Control access at the folder level (Figure 0329).

Figure 0329 : temp21 Folder Properties

 When users access a folder across the network, both the share and NTFS permission
lists define the user permissions.

7. Click the Sharing tab (Figure 0330).

Figure 0330 : temp21 Folder Properties - Sharing

8. Click Advanced Sharing… button (Figure 0331).

Figure 0331 : Advanced Sharing… button

9. Enable the Share this folder option (Figure 0332).

Figure 0332 : Advanced Sharing

10. Specify the share name as Common (Figure 0333).

Figure 0333 : Advanced Sharing – Share name

11. Click the Permissions button (Figure 0334).

Figure 0334 : Permissions button

Now you will restrict permissions at the share level. Remember that user permissions to a
network resource are made up of the share permissions and the NTFS permissions.

12. Remove the Everyone group.

12.1. Select the Everyone group from the list (Figure 0335).

Figure 0335 : Permissions for Common

12.2. Click the Remove button (Figure 0336).

 Figure 0336 : Remove button

13. Click the Add… button (Figure 0337).

Figure 0337 : Add… button

14. Add the Tech Support group with permissions of Full Control.

14.1. Click the Advanced… button (Figure 0338).

Figure 0338 : Advanced… button

14.2. Click the Find Now button (Figure 0339).

Figure 0339 : Find Now button

14.3. Select the Technical Support from the list of Search results (Figure 0340).

Figure 0340 : Search Results

14.4. Click OK button (Figure 0340).

14.5. Click OK button to add Technical Support (Figure 0341).

 Figure 0341 : Select Users, Contacts, Computers, or Group

14.6. Click the Full Control allow box to enable the Full Control permission (Figure
0342).

Figure 0342 : Permission for Common – Full Control

15. Repeat steps 13 to 14 to add the Intranet Users group with Read permissions.

16. The share permissions should look like same as figure below (Figure 0343).

Figure 0343 : Permission for Common

17. Once you have set the permissions as describe, click OK button to close the dialog box
(Figure 0343).

18. Click OK to close the advanced sharing dialog box for folder temp21 (Figure 0344).

Figure 0344 : Advanced Sharing

19. Click Close button to close temp21 properties (Figure 0345).

Figure 0345 : temp21 Properties

20. In the Explorer window you will note a small double head icon on the folder
D:\temp21, which indicates the folder is now shared (Figure 0346).
 Figure 0346 : Windows Explorer – temp21 Folder

21. Log off the server.

22. Log on the client computer as ali.zul and ali as password (Figure 0347).

Figure 0347 : Log On To Server Using Client Workstation

23. Launch My Computer. Start  My Computer (Figure 0348).

 Figure 0348 : Launch My Computer

24. Click the My Network Places (Figure 0349).

Figure 0349 : My Computer

25. Click the Entire Network (Figure 0350).

 Figure 0350 : Entire Network Link

26. Double-click the Microsoft Windows Network (Figure 0351).

Figure 0351 : Entire Network

27. Double-click the Myserver workgroup (Figure 0352).

Figure 0352 : Microsoft Windows Network

28. Double-click the Server21 and view the available resources (Figure 0353).
 Figure 0353 : Myserver Workgroup

29. You should see the Common resource listed (Figure 0354).

Figure 0354 : Server21 Resources

30. Double-click the Common resources so that you are connected to it (Figure 0354).

31. A new window will open up and display the contents of the folder (it will be empty as
there are no files in the folder) (Figure 0355).

Figure 0355 : Common Folder on Server21

32. Attempt to create a new text file.

 32.1. Right-click in the windows and select New  Text Document (Figure 0356).

Figure 0356 : Create New Text Document

32.2. Could you create the file? YES / NO

32.3. Log off the client computer.

33. Log on the client computer as ocah.blue (Figure 0357).

Figure 0357 : Log On To Server Using Client Workstation

34. Launch My Computer. Start  My Computer (Figure 0358).

 Figure 0358 : Launch My Computer

35. Click the My Network Places (Figure 0359).

Figure 0359 : My Computer

36. Click the Entire Network (Figure 0360).

 Figure 0360 : Entire Network Link

37. Double-click the Microsoft Windows Network (Figure 0361).

Figure 0361 : Entire Network

38. Double-click the Myserver workgroup (Figure 0362).

Figure 0362 : Microsoft Windows Network

39. Double-click the Server21 and view the available resources (Figure 0363).
 Figure 0363 : Myserver Workgroup

40. You should see the Common resource listed (Figure 0364).

Figure 0364 : Server21 Resources

41. Double-click the Common resources so that you are connected to it (Figure 0364).

42. A new window will open up and display the contents of the folder (Figure 0365).

Figure 0365 : Common Folder on Server21

43. Attempt to create a new text file.

 43.1. Right-click in the windows and select New  Text Document (Figure 0366).

Figure 0366 : Create New Text Document

43.2. Could you create the file?

YES / NO

If NO, why do you think this happened?

Before we begin this exercise, we have done some preliminary setup. We add
mad.akmal, ocah.blue and ain.syahmi to the Intranet Users group and we set
permissions to the folder temp21 as Read only for Intranet Users. But for Tech
Support group, we set Full Control permissions.

In the earlier exercise, we add ali.zul as member of the Tech Support group.
That’s why user ali.zul can create new text document in the Common folder on
the Server21.

44. Log off the client computer.

EXERCISE 11.2
Creating Network Drive Mapping

Instead of using My Network Places, you can map a drive letter to the resource. This is an
alternative way of accessing the resource, but requires that you know the location of the
resource (you can use My Network Places to view the available resources, so you don’t really
need to know the location)

45. Log on the client computer as ali.zul and ali as password (Figure 0367).

Figure 0367 : Log On To Server Using Client Workstation

46. Launch Map Network Drive wizard.

Start  right-click My Computer  Map Network Drive… (Figure 0368).

Figure 0368 : Launch Map Network Drive Wizard

47. Select Z as drive and enter the location of the network resource in the Folder: box
(Figure 0369).

You must specify the name of the server and the share name.

In this exercise, it is \\Server21\Common.

Figure 0369 : Map Network Drive Wizard

48. Click Finish button to apply.

49. A new window will open up and display the contents of the Common folder (Figure
0370).

Figure 0370 : Common Folder on ‘Server 21’

 50. Attempt to create a new test file (Figure 0371).

50.1. Right-click in the windows and select New  Text Document (Figure 0371).

Figure 0371 : Create New Text Document

50.2. Could you create the file?

YES / NO

51. Log off the client computer.

EXERCISE 11.3
Publishing a Shared Resource in Active Directory

One of the problems of publishing shares in the way you have just done (which is the way they
done in NT 4 or 98) is that you have to browse the network or know which server the resource is
located on in order to find it. This can be time-consuming and frustrating for users.

Resources can be published in Active Directory, making them easy to find. In the next exercise
you will publish the resource into Active Directory.

52. Log on to the server as Administrator (Figure 0372).

Figure 0372 : Administrator Login

53. Launch Active Directory Users and Computers. Click Start ► Administrative Tools ►
Active Directory Users and Computers (Figure 0373).

Figure 0373 : Launch Active Directory Users and Computers

54. Right-click domain (myserver.com) and select New ► Shared Folder (Figure 0374).
 Figure 0374 : Launch Shared Folder Wizard

55. Enter the name as Common Files and the Network path as your server name and
share name – in this exercise it is \\Server21\Common (Figure 0375).

Figure 0375 : Shared Folder Wizard

56. Click OK button to finish.

57. The new shared folder appears in the right windows pane of Active Directory (Figure
0376).

Figure 0376 : Active Directory Users and Computer

58. Close Active Directory Users and Computer windows.

EXERCISE 11.4
Locating a Shared Resource in Active Directory

Now that the shared folder is published in Active Directory, it is easy for users to locate and
connect to the resource.

59. Log on to the client computer as ocah.blue (Figure 0377).

Figure 0377 : Log On To Server Using Client Workstation

60. Launch My Computer. Start  My Computer (Figure 0378).

Figure 0378 : Launch My Computer

61. Click the My Network Places (Figure 0379).

 Figure 0379 : My Computer

62. Click the Search Active Directory (Figure 0380).

Figure 0380 : My Network Places

63. In the Find drop box, select Shared Folders and in the In drop box, select you domain
- myserver (Figure 0381).
 Figure 0381 : Find Shared Folders

64. Click Find Now button (Figure 0382).

Figure 0382 : Find Now button

65. A list of shared folders available is displayed (Figure 0383).

Figure 0383 : Find Shared Folders – Find Now

66. Right-slick the Common Files shared folder from the list and select Map Network
Drive (Figure 0384).
 Figure 0384 : Find Shared Folders - Map Network Drive

67. Select U as drive and enter the location of the network resource in the Folder: box
(Figure 0385).

Note how the location for the server share is filled in automatically.

Figure 0385 : Map Network Drive Wizard

68. Click Finish button to apply.

69. Close all remaining windows.

70. Launch My Computer. Start  My Computer (Figure 0386).

 Figure 0386 : Launch My Computer

71. There are now one additional drive appears at the bottom (Figure 0387).

Figure 0387 : Network Drive

 72. Log off the client computer.

Summary

Permissions are assigned at the SHARE and at the File system level. By default, Windows
Server 2003 places every use created into the group EVERYONE, and, when creating a new
directory or share, automatically assigns rights to that resource so the group EVERYONE can
access it.

If you want to secure any resources by restricting access, you should ensure that the
appropriate permissions have been set at both the share and file system level.

Publishing shared folders in Active Directory simplifies the task of locating resources.