Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Win 2003 Server and Active Directory with generic logon trying to access specific user network folders

Posted on 2009-07-08
3
Medium Priority
?
197 Views
Last Modified: 2012-05-07
Good Morning, I have the following Server setup:
  Windows 2003 Server with Active Directory,
  15 Crew Leaders using the same PCs (4),
  Personal Folders on the network.
   Is there a way for me to use a generic logon for all crew leaders and allow them to only see their personal network folder?  I know I can setup each person on the PCs.  What I need is a way for each person to be able to "log into" only their personal folders when using the generic logon.  They will be using OWA to access their emails.
  Thank you.
0
Comment
Question by:ITGuy64
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 31

Assisted Solution

by:Justin Owens
Justin Owens earned 400 total points
ID: 24805376
Create a shortcut to each individual share on the "all users" desktop.  When the folder icon is clicked, it should challenge for a security handshake.  At that point, user A puts in her username and password and all should be green.  If user A does not have rights to the other 14 shares, the only downside is 14 extra icons on the desktop (or one that is a folder which has all 15 icons, but you get the idea).

As a side note, this process might not work if the generic user is a domain member.  Since you indicated that your want a generic user, I would suggest you create the generic only on those 4 machines, rather than a domain member.  The reason is that once the OS makes the handshake with the server, it will remember those credentials and try to use them for the next connection.  It would still require the user to log off, even if generic account is used.  This may not be the solution you are looking for. Your problem is that once the client and server make the handshake, the session security is saved until logoff.
0
 

Accepted Solution

by:
ITGuy64 earned 0 total points
ID: 24806022
DrUltima,
  Thank you for the reply.  You are correct on your side note.  Since the PC session has the credentials for user 1, user X would be able to view the personal folders of all the other users before him/her that accessed their folders since the last logoff.  I was hoping someone would know of a process to reset the credentials after someone no longer needs to view their personal folder.  With 15 users throughout 3 shifts and 4 PCs, I either have to be around during all 3 shifts or reset everyone's password before I setup the PCs.  We have had several new PCs in the last 2 years.  Also, there are always new Crew Leaders every month.
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 24806126
The only solution I can come up with is to create a GPO on the 4 workstations that forces logoff after X minutes of idle.  It is not a great solution, though.  There may be a third party app that addresses your needs, but I am unaware of it.  I am sorry.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question