Shared folders authinication

Posted on 2009-04-19
Last Modified: 2012-05-06

is there a way to ask for authentication when a user clicks on a shared folder.

im working in a hospital. we have given the nurses common account  in the wards/ Clinics PCs.

lots of doctors & nurses use these PCs for checking their emails through OWA.

some of them have their own shared folders. and to access them , they are required to log off the common account, then log on with their accounts, check their mapped folders and then log off again and log on with the common account to allow others to use the PCs.

this floods the PCs , sometimes, with more than 30 profiles .

is there a way to re ask for authentication on the folder level.

 that is , when a user logged on using a common account , and clicks on  a mapped shared folder, an authentication window should pop up and if he puts the correct credentials of the folder privileged users/groups  , the folder should open.

all of these folders are on windows 2003 R2 server.

hope the point is clear, thanks a lot in advance.

Question by:sketbi
    LVL 58

    Accepted Solution


    Unfortunately not. Windows works on a single-sign on model, whereby if the currently logged in user's account does not have permissions to the resource they are accessing, the request will be automatically denied. Logon/Logoff to the user's main account is the most appropriate way to do this.

    If you are using Roaming Profiles, you can configure these such that the copy of the profile is removed from the machine at logoff:

    LVL 14

    Assisted Solution

    I agree; Windows doesn't work that way.  There is probably some 3rd party software solutions that could do this, but I have no idea.
    Now depending on how much you really want this to work, here's some ideas:

    You could create a public folder in Exchange and move the necessary files to there.
    You could move the files to a WORKGROUP or NAS that doesn't attach to the domain.
    You could move the files to new shares on a workgroup computer.
    You could create a Remote Desktop solution using Windows Remote Desktop, or plenty of 3rd party ones to let the user remote onto which server/computer these shares are on.
    Create a VMWare Server with a VM to behave like the workgroup one above, or heck even just to act like a machine on the other domain, then remote into it as your other login name.
    -- All of these options would allow/require the user to enter a logon at that time.
    You could try using a runas script like this:
    runas /u:otherdomain\otheruser explorer
    This will open Windows explorer, but under the identity of the local user account chosen.  Then try typing the UNC name into the address bar.  I haven't got the facility to test this at the mo, but it's possible it'll work.  I did this frequently with local accounts, but not with domains.
    LVL 14

    Expert Comment

    I support that too.  I think tiger answered it and then I offered workarounds.  So #4 split between 1st 2 posts.
    LVL 58

    Expert Comment

    Thanks for returning, I appreciate it. Concur - #4 split between http:#a24180192 and http:#a24180280

    Author Closing Comment

    thanks alot i will try one of these tips

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
    ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now