Well with Vista out now I thought this could be usefull for some users who also run a domain at home. Vista Ultimate supports Windows Domains and Media Center and still allows fast user switching so extenders still work, so those of us with domains at home can take advantage of the added benefits of being a member of a domain and still enjoying all the features of Media Center.
One such benefit of a domain is the ability to grant computer accounts permissions like we do for regular users. The reason for allowing anonymous users access to the recorded tv share for non-domain members is becuase the Media Center services run as the local system account. The local system account, like is sounds, only has access to resources on it’s own machine, so granting anonymous access was required to allow Media Center to access the remote share. Well not so true in a domain environment, each computer in a domain is represented by a computer account, which like a user account can have permissions granted or denied to it.
So enough why, here’s the how.
- Create a new group in AD, I call mine Media Center Computers.
- Add all of the Media Center computer’s computer accounts in your domain to that group.
- Go to the Media Center that has the recorded tv you want to access from the others.
- Disable the file sharing wizard.
- Share the recorded tv folder, give everyone full control on the share.
- Go to the NTFS properties of the folder, and add the group you created in step 1 and give them whatever access you want them to have (they need at least read to be able to playback the content).
- Go to your other Media Centers, fire up regedit and go to HKLM\Software\Microsoft\Windows\CurrentVersion\Media Center\Service\Recording, either edit or create a Multi-String value called “WatchedFolders” enter the unc path (don’t use a mapped drive as it’s not available to the local system account) to the share on the remote Media Center eg. \\media\Recorded TV.
- Reboot, this is important because the local system only reads its group membership when it logs on to the domain, just like a regular user.