Peer-to-peer sharing for home and business
Help Center
About BadBlue

Help >> Security >> Windows Security FAQ

BadBlue Discussion     Email support
Windows Security FAQ

Can I use Windows user accounts?

Yes. BadBlue lets you define users in one of two ways:

> Using the Manage >> Define users menu
> Letting Windows 2000, XP, etc. manage users for you

The Manage >> Define users menu lets you create user-names and passwords which you can distribute to colleagues and/or friends.

[New feature] BadBlue will also automatically recognize users defined in your Windows system. That means you can add users through your standard Windows administration tools and reference their login-names in the Password-protection management area.

How can I define users in Windows?

Depending upon the version of Windows, you can define users through:

> Control Panel >> Users (or User Accounts)
> Microsoft Management Console's Local Users and Groups snap-in
> Microsoft Management Console's Active Directory Users snap-in

BadBlue will automatically recognize Windows users as valid accounts for use of the server, if you've decided to password-protect certain folders or files.

Do certain Windows accounts have special power in BadBlue?

No. Even the Windows administrator account or other "high-powered" accounts only receives the level of access that you've defined in the Manage >> Password-protect files area. Windows accounts do not receive any extra capabilities or powers in BadBlue, other than what you define using the Manage tab.

How do I use Windows accounts in BadBlue?

  • From the Manage tab, select Password-protect files.
  • On the password-protection page, select the shared folder or file for which authentication will be required; then specify the Windows login names for users who will be permitted to access the shared area. You can specify multiple user names, separating each name with a comma, such as marcia,joe,fred. You can also leave the Specify Users area blank, in which case any authenticated user can access the content.
  • Once you've selected the shared area and specified users, press the Require user authentication button to add it to the controlled access list.

    A user attempting to access the folder or file will be required to authenticate using the appropriate user account (i.g., a user login name and password). The account will be verified against both the manually defined user list and against Windows to determine whether the login name and password are valid.

  • Why can't my users log-on using my Windows accounts?

    Windows user account integration requires Windows 2000 or higher (e.g., Windows XP, etc.). If you are running versions of Windows older than 2000, then your Windows accounts can not be used with BadBlue.

    If your users are having problems logging in using your Windows 2000 or XP accounts, follow these steps to troubleshoot the problem:

    1) Open the Windows Event Log's Application window:

    Windows XP

    Start >> Performance and Maintenance >> Administrative Tools >> Event Viewer

    Windows 2000 Start >> Settings >> Control Panel >> Administrative Tools >> Event Viewer
    Windows NT Start >> Programs >> Administrative Tools (Common) >> Event Viewer

    2) Check the messages marked BadBlue and/or EXT (BadBlue's extension library) for errors. For example, an Error 5 is a Windows error indicating Access Denied. Most problems logging on to Windows from an external program like BadBlue are related to "Access Denied" errors in which the program does not have the right privileges to even perform a log-on to Windows.

    3) To log-on to the system, the account under which you are running BadBlue must have the privilege called "Act as part of the Operating System". If you are running interactively, then your account must have this right. If you are running BadBlue as a Windows service, make sure that the services control panel is running as the proper account.

    4) To give an account the proper privileges, you can modify the local security policies; the "Act as part of the operating system" privilege is listed under "user policies" and can be granted to groups of users.

    5) Make sure that the account running BadBlue is in the proper group to receive the privilege.

    Once BadBlue is able to log-on Windows users, you should not see error messages in the Event log related to user authentication.