Hello Everyone I am a previous XP user trying to switch over to 7. Below is the explanation of the scenario that I am working on: I have connected two Windows 7 Ultimate editions in a Work-group. The names are workstation01 and workstation02. I am trying to test the relationship between the shared and NTFS permissions. I created a folder named "Test" and shared it on workstation01. The default share permissions apply to this folder (Everyone has read permission). However on the NTFS permissions I remove the "Authenticated Users" and "Users" groups. So now on the NTFS permission list I only have the local administrators group and the SYSTEM account with both of them having full control over the folder. I also have a local user account on both computers "admin" which is identical in password on both systems and is the member of the local administrators group. Here is the big problem that I am facing: I am able to see both computers in the network. I am even able to open the network path \\workstation01 from workstation02 and see the "Test" folder being shared. However whenever I click the Test folder to see its content I receive an Access Denied message. I am logged on using the "admin" account on workstation02. My Question is: Shouldn't the admin account (member of the administrators group) be able to at-least perform a read on the folder. Previously in XP the combination between shared permissions and NTFS permissions was that the lower set of permissions would apply. In this case Everyone has read, administrators have full so admin should be able to only perform a read on the folder. To my surprise once I add the authenticated users account back it suddenly starts to work. What I have done until now: I have searched the web and I saw people with quite the same problem suggesting to insert the following registry entry: HKLM\Software\Microsoft\Windows\Current Version\Policies\System\ (D_WORD) LocalAccountTokenFilterPolicy = 1 I have done this and have also disabled UAC. It still does not work. Would really appreciate if someone could clarify what is going on and why 7 is so restrictive when it comes to sharing data over a workgroup. PS: The reason I remove authenticated users is that I would like to add my own custome users and group and would be able to fully control who has or has not access to the shared folder. Thanks

You need to turn on Password Protected Sharing. Otherwise, although you log on workstation2 with admin account, it will access the workstation1 with the Guest account. Additionally, please make sure that the username/password of the admin account of the two computers are the same.Arthur Xie - MSFT

Thanks Arthur for the reply. Let me set it up and test it again, I will let this forum know of the result. However as far as I can remember without further testing, password protected sharing was on with the previous test environment. Another interesting thing that happened in the meantime is that while I was waiting for a response, I started accessing the test folder and it was working. I am not sure whether it is unstable because I am using Virtual Machines... Anyhow I will test again and let know..