WinXP Home Box Administration

If you have ever owned, maintained or even looked at a WinXP Home box, you most likely noticed that it is the same OS as XP Pro. All the system guts are in place, but some of the GUI interfaces and executables were held back during installation.

For example XP Home does not have a ACL File Permissions tab when you call up Properties of some file or folder. Hardened veterans of windows tech support of course know that this feature "magically" appears when you log into Safe Mode as Administrator. Funny, eh? Our crippled little system is not as crippled as Mr. Gates would like it to be.

In fact you can control file permissions from the CMD shell without the need for gui with the cacls command. Think of it as a chmod for windows. For example to make a file private you can do:


cacls myfile.ext /g username:F


The g attribute means "grant". The letter after the colon is permission (you can use R-read, W-write, C-change, F-full). Note that this will wipe all the ACL permissions from your file. If you want to give a user Bob read permission to that file later on, you can do:


cacls myfile.ext /e /g Bob:R


The e attribute means "edit" - or in other words, add this permission to an existing ACL set. This can be annoying, especially if you are used to chmod syntax but sooner or later you will get the hang of it. One significant difference between ACL and unix file permissions is that you can't lock yourself out of a file. Ownership always overrides the ACL.

Another feature hopelessly missing from WinXP home is group management. You can't define groups from the GUI. Or can you? Once again due to a fluke or tight coupling the guts of the system are still in place. All you need to do to get to the user management console is to run this command:


control userpasswords2


Write this down! But note that the Advanced management snap in is not going to work here.

If you are a cli kind of guy, you can just use the swiss army knife of windows commands: the infamous net. For example lets create a new user Bob and put him in the group Lamers:


net users /add Bob
net localgroup /add Lamers
net localgroup /add Lamers Bob


Done! Could not be easier. Read up on the net command. All user management can be done through it. Who needs the clunky GUI.

Anyways, these are the life saving cli commands that saved my life in the past. Who needs XP pro if you can force the Home version to do allot of the same things with just a little additional work.

Tags: windows, windows xp, winxp, windows xp home, winxp home, xp home, cli, command line, administration, windows administration, acls, cacls, file permissions in xp home, groups in xp home, groups, file permissions