Limit logins on workstation to a specific file on Netware drive

We have a workstation, in our lab, that we want to only allow only certain users to be able to login and then to have access to one specific folder on Netware.  I have set up a user for all of them to log into Windows with. I want to limit it so when they login to Netware, as their own user on that one machine, it only maps to one specific folder for instance  H:\DataWork\TECHS\STUDY\Soil.  It is a Windows XP machine running Novell client 4.9 sp2.  
JornadaRangeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ShineOnCommented:
Is there a Windoze domain too, or is it a local Windoze user account?  Are they logging in to Windoze first, and NetWare as an afterthought, or NetWare first and then Windoze?  Any reason why they should use their own NetWare login for this specific-function limited-access workstation, and not a special user ID?  Is it a modern NetWare server (5.1 or 6.x or OES, with eDirectory) or an obsolete NetWare server (5.0 or prior, with NDS, or 3.2 or prior, with Bindery)?

One thing you could do is add logic to the login script to see if they're logging into this particular workstation, and if so, to bypass all drive mappings except the one you listed.  If you really want to tighten it up, map it root so the datawork\techs\studu\soil doesn't even show.  H:\ would be all they'd see.

Of course, you'd use a normal NetWare MAP command for the version you're running - the only place "H" would show would be to the right of the equals sign, and you'd preferably use the volume's object on the left side of the equals sign, provided it's modern NetWare.

If you want to try the login script logic workaround, let us know - there's more than one way to skin this cat, and we'd need more info from you to be specific.  Generally, you'd use an "if .. then" type construct.

It's so much easier if you use a generic "test user" NetWare login ID, with the profile/container/system login script bypassed and a user login script with only that single drive/path mapped.  That way, you can also limit the filesystem access rights to only that directory as well.  To enforce not logging in as themselves, you can set up the workstation to do AutoAdminLogin and bypass the GINA altogether.
0
JornadaRangeAuthor Commented:
There is a Windows domain, but we did not add this computer to the domain.  They will probably log into NetWare and then Windows.  The  NetWare server is 6.5 and it has eDirectory.  How do I set up what you suggested in your last paragraph, it sounds exactly what we want?
0
ShineOnCommented:
http://support.novell.com/cgi-bin/search/searchtid.cgi?10087621.htm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10088082.htm

Alternative workaround to the 2nd TID (this is a guess) is install the client without NMAS, and make sure NMAS is disabled in the client properties, Advanced Login tab.

If you need help understanding either or both TIDs, let me know.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JornadaRangeAuthor Commented:
Got it.  Thanks for the help.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Novell Netware

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.