Potentialy due to all problems with connecting XP to win7 people are already glad to be able to connect to WIN7, but there seems to be a huge scurity hole in the process: [note] As I examin shares on win7 (controll panel shares) ACL's require a full grant on Everyone// it's unclear what read and change and full mean... As previous inter connections connections are made effects are less clear restriction seem to be less strickt what makes the shares ACL tricky to handle and test for security problems!!!!! [/note] The ACL Everyone: FULL seems to be required for all shares to work ???!!!! [note] but everyone is rather LARGE: "The Everyone group encompasses": well everyone. That is, it includes all the built it users and groups that come with Windows XP/win7 as well as any administrator defined users and groups. It also includes the service and system accounts that are created and any anonymous accounts that connect to the computer without providing any login credentials. Lastly, it includes the Guest account. [/note] As an acl GROUP grant is placed on the share ( a group of users(NOT individual users,but this is unmanagable)) the statement seems to be ignored !! The requirement of an EVERYONE:FULL is IMPLICITELY A SECURITY BREACH.... Relying on the file security restriction is a different matter. The SHARED security is the first security protection setting it: The need to use EVERYONE:FULL is killing the security purpose [/note] User/password all username passwords are synced by batch process and used on ALL machines files access to the files is granted by group but for the sake of the exercise a grant to authenticated users is added to ensure the file's protection is not the problem (implicit security breach but this is a test) what is a problem is the need to reboot.... since(clear credentials) all gets confused by first opening another share by that user then the state of the share switches virtually to authenticated user instead of everyone (first refused/then allowed(once logged in guest plays less in the game) UGLY to reproduce Basical settings and tests: Where can I find more on this, links to more professional security setup please.