Creating a shared directory on the network using the command prompt


  1. Posts : 307
    Windows 10
       #1

    Creating a shared directory on the network using the command prompt


    Hi

    I have Windows 10 v1703 Enterprise 64 bit with the Microsoft accounts.

    Wanting to create a shared directory on the network using the command prompt, in an administrative account I ran the Command Prompt (as administrator) and I run the following commands:

    Code:
    md C:\Users\Public\Documents\WIM_file
    net share WIM_file="C:\Users\Public\Documents\WIM_file" /grant:"Balubeto Balubeto (xxx@yyy.zz)",read /grant:"Balubeto Balubeto (xxx@yyy.zz)",write /cache:none
    System error  1332.
    
    No mapping between account names and security IDs (SIDs) has been made.
    Where am I wrong?

    Thanks

    Bye
    Last edited by balubeto; 16 Jul 2017 at 02:19.
      My Computer


  2. Posts : 17,661
    Windows 10 Pro
       #2

    warning   Warning
    Please edit you post and remove the email address. It is never a good idea to post your email or street address, phone number or other personal informatiom. It can (and often will!) be misused and lead to serious complications.


    Regardless if you are signing in to Windows using a local account, Microsoft account or workplace Azure AD account, in networking your username is your user profile name, not the email address.

    For instance, I sign in to Windows with a Microsoft account kari@An_Imaginary_Email_Provider.com, but in all networking purposes my user name to access shares on this machine is just Kari, or using the long form \\ComputerName\Kari.

    Second, you don't need to grant read and write access separately. Granting full access rights takes care of both.

    In screenshot I created a folder on my H: drive, naming it ShareDemo, then shared it granting myself full access:

    Creating a shared directory on the network using the command prompt-image.png

    Checking the folder properties I can see everything is as expected, I will have full access rights to this shared folder:

    Creating a shared directory on the network using the command prompt-image.png

    Kari
      My Computer


  3. Posts : 5,478
    2004
       #3

    balubeto said:
    Where am I wrong?
    Problem 1
    You have entered email address in this format "Your name (YourName@hotmail.com)". Doing this, putting in an email address that is not linked to an account on your system or entering an account that doesn't exist on your system will give System error 1332.

    If you want to use an email address then it muct be in YourName@hotmail.com format and it must be linked to an account on your system - it is mapped automatically to PC_NAME\UserName format.
    Code:
    C:\WINDOWS\system32>net share Downloads="C:\Users\Hali\Downloads" /grant:my.email@hotmail.com,full
    Downloads2 was shared successfully.
    
    
    C:\WINDOWS\system32>net share downloads
    Share name        Downloads
    Path              C:\Users\Hali\Downloads
    Remark
    Maximum users     No limit
    Users
    Caching           Manual caching of documents
    Permission        X201\Hali, FULL
    
    The command completed successfully.
    Problem 2
    Kari said:
    you don't need to grant read and write access separately.
    In fact you can't - write is not an option. The options you have for net share are READ, CHANGE and FULL.
    Code:
    C:\WINDOWS\system32>net share /?
    The syntax of this command is:
    
    NET SHARE
    sharename
              sharename=drive:path [/GRANT:user,[READ | CHANGE | FULL]]
    If you want read and write you likely want the CHANGE permission (CHANGE allows modify, create, delete, FULL allows user to change permissions also).


    In summary you need to fix your account name/email address and drop trying to grant write.

    Replace thisnet share WIM_file="C:\Users\Public\Documents\WIM_file" /grant:"Balubeto Balubeto (xxxxxxx@hotmail.com)",read /grant:"Balubeto Balubeto (xxxxxxxx@hotmail.com)",write /cache:none
    with
    net share WIM_file="C:\Users\Public\Documents\WIM_file" /grant:xxxxxxx@hotmail.com,change /cache:none


    Setting permission on share and NTFS means you have duplication and you also can't change the permissions on the share. To add another user for example you would have to delete it and add it again.
    A little something about Share vs NTFS permissions

    A better option is to grant everyone full authority and then deal with access using NTFS permissions - so set the share
    net share WIM_file="C:\Users\Public\Documents\WIM_file" /grant:everyone,full /cache:none
      My Computer


  4. Posts : 17,661
    Windows 10 Pro
       #4

    lx07 said:
    If you want to use an email address then it muct be in YourName@hotmail.com format and it must be linked to an account on your system - it is mapped automatically to PC_NAME\UserName format.[code]C:\WINDOWS\system32>net share Downloads="C:\Users\Hali\Downloads" /grant:my.email@hotmail.com,full
    There really is no need to use a Microsoft account email in networking and network sharing like in this case. Never.
      My Computer


  5. Posts : 307
    Windows 10
    Thread Starter
       #5

    I tried the net share WIM_file="C:\Users\Public\Documents\WIM_file" /grant:xxx@yyy.zz,change /cache:none command and it works.

    Now, from the Command Prompt, how do I delete a user (with its share permissions) from a shared directory?

    Thanks

    Bye
      My Computer


  6. Posts : 5,478
    2004
       #6

    By default you can't. You have to delete the share and reado it or you get the error "the name has already been shared".
    Code:
    C:\>net share Downloads2="C:\Users\Hali\Downloads" /grant:administrators,full  /grant:users,read
    Downloads2 was shared successfully.
    
    
    C:\>net share Downloads2
    Share name        Downloads2
    Path              C:\Users\Hali\Downloads
    Remark
    Maximum users     No limit
    Users
    Caching           Manual caching of documents
    Permission        BUILTIN\Administrators, FULL
                      BUILTIN\Users, READ
    
    The command completed successfully.
    
    
    C:\>net share Downloads2="C:\Users\Hali\Downloads" /grant:everyone,full
    The name has already been shared.
    
    More help is available by typing NET HELPMSG 2118.
    
    
    C:\WINDOWS\system32>net share Downloads2 /delete
    Downloads2 was deleted successfully.
    
    
    C:\>net share Downloads2="C:\Users\Hali\Downloads" /grant:administrators,full  /grant:users,read /grant:everyone,full
    Downloads2 was shared successfully.
    
    
    C:\>net share Downloads2
    Share name        Downloads2
    Path              C:\Users\Hali\Downloads
    Remark
    Maximum users     No limit
    Users
    Caching           Manual caching of documents
    Permission        BUILTIN\Administrators, FULL
                      BUILTIN\Users, READ
                      Everyone, FULL
                      
    The command completed successfully.

    You could download SetACL.exe and use that as described here.

    For example to add then remove "Everyone":

    Code:
    C:\>SetACL.exe -on "Downloads2"  -ot shr -actn ace -ace "n:everyone;p:change"
    Processing ACL of: <Downloads2>
    
    SetACL finished successfully.
    
    C:\>net share downloads2
    Share name        Downloads2
    Path              C:\Users\Hali\Downloads
    Remark
    Maximum users     No limit
    Users
    Caching           Manual caching of documents
    Permission        BUILTIN\Administrators, FULL
                      BUILTIN\Users, READ
                      Everyone, CHANGE
    
    The command completed successfully.
    
    C:\>SetACL.exe -on "Downloads2"  -ot shr -actn trustee -trst "n1:Everyone;ta:remtrst"
    Processing ACL of: <Downloads2>
    
    SetACL finished successfully.
    
    C:\>net share downloads2
    Share name        Downloads2
    Path              C:\Users\Hali\Downloads
    Remark
    Maximum users     No limit
    Users
    Caching           Manual caching of documents
    Permission        BUILTIN\Administrators, FULL
                      BUILTIN\Users, READ
    
    The command completed successfully.


    The syntax of SetACL command is not particularly intuitive but is described well in their documentation here: SetACL Command Line-Version (SetACL.exe) - Syntax and Description if you want to play with share permissions (I don't )

    This is another reason to set the share to everyone,full and control access through NTFS - you are just making an administrative headache for no benefit (that I can see) as access is granted on the most restrictive of NTFS and share permission anyway.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 11:03.
Find Us




Windows 10 Forums