Solved

Win 2003 Server and Active Directory with generic logon trying to access specific user network folders

Posted on 2009-07-08
3
186 Views
Last Modified: 2012-05-07
Good Morning, I have the following Server setup:
  Windows 2003 Server with Active Directory,
  15 Crew Leaders using the same PCs (4),
  Personal Folders on the network.
   Is there a way for me to use a generic logon for all crew leaders and allow them to only see their personal network folder?  I know I can setup each person on the PCs.  What I need is a way for each person to be able to "log into" only their personal folders when using the generic logon.  They will be using OWA to access their emails.
  Thank you.
0
Comment
Question by:ITGuy64
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 31

Assisted Solution

by:Justin Owens
Justin Owens earned 100 total points
ID: 24805376
Create a shortcut to each individual share on the "all users" desktop.  When the folder icon is clicked, it should challenge for a security handshake.  At that point, user A puts in her username and password and all should be green.  If user A does not have rights to the other 14 shares, the only downside is 14 extra icons on the desktop (or one that is a folder which has all 15 icons, but you get the idea).

As a side note, this process might not work if the generic user is a domain member.  Since you indicated that your want a generic user, I would suggest you create the generic only on those 4 machines, rather than a domain member.  The reason is that once the OS makes the handshake with the server, it will remember those credentials and try to use them for the next connection.  It would still require the user to log off, even if generic account is used.  This may not be the solution you are looking for. Your problem is that once the client and server make the handshake, the session security is saved until logoff.
0
 

Accepted Solution

by:
ITGuy64 earned 0 total points
ID: 24806022
DrUltima,
  Thank you for the reply.  You are correct on your side note.  Since the PC session has the credentials for user 1, user X would be able to view the personal folders of all the other users before him/her that accessed their folders since the last logoff.  I was hoping someone would know of a process to reset the credentials after someone no longer needs to view their personal folder.  With 15 users throughout 3 shifts and 4 PCs, I either have to be around during all 3 shifts or reset everyone's password before I setup the PCs.  We have had several new PCs in the last 2 years.  Also, there are always new Crew Leaders every month.
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 24806126
The only solution I can come up with is to create a GPO on the 4 workstations that forces logoff after X minutes of idle.  It is not a great solution, though.  There may be a third party app that addresses your needs, but I am unaware of it.  I am sorry.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question