So at my work we bought a sweet new printer/file/license sharing rig to sit in the corner and make our lives easier (rather than relying on off-site solutions - it's state government so we're quite limited). There's about 10 PC's, 2 different printers (with Fiery components) and a few different license servers that would need to use the machine, plus a few other machines elswhere in the building accessing files. So we figured Windows Server 2k3 would be the best solution, since it's pretty sturdy and has some nifty features we can take advantage of (like rolling out updates etc).

We basically want to have 2 user types: Guests and users from our floor. So for example, we've added the usernames of all the people on our floor (taken from their names, so for example jbob01) and added them to a group (in this case, let's just say coolteam) that has read + write access. We have a Guest group too for people who we want to allow read access to the files without them messing anything up. All the people on our floor will log into Novell on their XP machines, which will then in turn log them into their Windows account (so in this example, jbob01). Now, we've followed the same setup as we have on our existing XP file server, but we're having a few problems.

At the moment, when anybody accesses shared files over the network, instead of their username showing up in the sessions window, it just shows up as 'guest'. This results in the user only having guest user rights. Why is the server running 2k3 not picking up the usernames on the XP machines? I even tried mapped a drive using a net use bat that included my username, but I still only showed up as a guest when I accessed the resource. This is driving me bonkers... does anybody have a solution? Is there a problem with the setup or is there something I have overlooked? I can provide further clarification if needed.

are you on a domain? are the usernames "domain\username"?

Ahh why don't you turn CIFS on and use Novell to log them into their file shares? Sorry I'm not seeing the need for a 2k3 box. Are these new printers setup in Novell ?

The reason why 2k3 isnt picking the usernames up is probably because they arent setup on the server. Is the server on a domain? Sorry please clarify.

There's no domain setup. The usernames just come up as "CUB\username" (CUB is the name of the Win 2k3 machine). Will we have to use a domain setup? We don't use a domain on the current XP based file server and it works fine.

We wanted to give 2k3 (over XP) a go mainly for things like rolling out updates, and we want it to stay on 24/7. XP would probably make do, but we wanted to give 2k3 a crack to see if it's usefull.

I don't think you're going to have the ability to do the things you want to do - like "rolling out updates" without setting up a DC

I am with skitza here. I don't see any need for a windows server.

Otherwise you are going to have to set up a proper Active directory and then sync edirectory and active directory, using Novell IDM or whatever.


ps. we roll out updates just fine without a domain controller.

Hm, figured out the problem. The server checks the windows username AND password. When we shared the folder on XP, it seemd to only check username. We update passwords every month through novel (and this updates the Windows password), so manual updating is not an option. I guess I'll have to get the Server 2003 to update passwords from the LDAP server, or disable password checking.

You can roll out updates without a DC, no worries there. But I still don;t see why you need a 2k3 box :) You are actually complicating things trying to add that in there :)

Hehe, yeah true. If I'd known 2 weeks ago what I knew now I would have just put XP on the thing. But everything is set up and ready to go except the shared folders. Can I just tell 2k3 to not check for passwords when somebody accesses the shared folder over the network? So like, if old mate jbob01 is signed into his xp desktop and navigates the shared folder, make it so 2k3 accepts that this person is indeed jbob01 without having to check a password? If so, that would make my life a lot easier than having to reinstall and reactivate everything, setup a domain and active directory or arrange synchronisation with the Novell ID server (and since the ID server is controlled offsite by somebody else, it would be a bitch).

How many users we talking here? And how big of an issue is security?

Coz if it was me, I'd probably just create a fileshare user for each user that required access on the 2k3 box (for example, filejbob1) and then add a network drive mapping to their login script. So when jbob1 logs in, his login script maps a drive using the credentials of filejbob1.

Of course, if you have to strictly maintain a password policy (monthly pass changes or such) then you'd have to go through and edit the scripts every time, which would be a pain in the arse. And if you didn't change the passwords (which would just be sitting in plain text in the script :/) then it'd be a pretty big security risk, so I guess it just depends how sensitive the data on the box will be.

Messy I guess, but it avoids having to muck around with active directory :o

Skitza gave you the answer. Turn on CIFS domain emulation, add the 2003 server as a member server then the novell authentication will control your shares. This will probably mean you are going to have to deal with the off-site admins but only needs to be done once and you're set