Solved

Win 2003 Server and Active Directory with generic logon trying to access specific user network folders

Posted on 2009-07-08
3
151 Views
Last Modified: 2012-05-07
Good Morning, I have the following Server setup:
  Windows 2003 Server with Active Directory,
  15 Crew Leaders using the same PCs (4),
  Personal Folders on the network.
   Is there a way for me to use a generic logon for all crew leaders and allow them to only see their personal network folder?  I know I can setup each person on the PCs.  What I need is a way for each person to be able to "log into" only their personal folders when using the generic logon.  They will be using OWA to access their emails.
  Thank you.
0
Comment
Question by:ITGuy64
  • 2
3 Comments
 
LVL 31

Assisted Solution

by:DrUltima
DrUltima earned 100 total points
Comment Utility
Create a shortcut to each individual share on the "all users" desktop.  When the folder icon is clicked, it should challenge for a security handshake.  At that point, user A puts in her username and password and all should be green.  If user A does not have rights to the other 14 shares, the only downside is 14 extra icons on the desktop (or one that is a folder which has all 15 icons, but you get the idea).

As a side note, this process might not work if the generic user is a domain member.  Since you indicated that your want a generic user, I would suggest you create the generic only on those 4 machines, rather than a domain member.  The reason is that once the OS makes the handshake with the server, it will remember those credentials and try to use them for the next connection.  It would still require the user to log off, even if generic account is used.  This may not be the solution you are looking for. Your problem is that once the client and server make the handshake, the session security is saved until logoff.
0
 

Accepted Solution

by:
ITGuy64 earned 0 total points
Comment Utility
DrUltima,
  Thank you for the reply.  You are correct on your side note.  Since the PC session has the credentials for user 1, user X would be able to view the personal folders of all the other users before him/her that accessed their folders since the last logoff.  I was hoping someone would know of a process to reset the credentials after someone no longer needs to view their personal folder.  With 15 users throughout 3 shifts and 4 PCs, I either have to be around during all 3 shifts or reset everyone's password before I setup the PCs.  We have had several new PCs in the last 2 years.  Also, there are always new Crew Leaders every month.
0
 
LVL 31

Expert Comment

by:DrUltima
Comment Utility
The only solution I can come up with is to create a GPO on the 4 workstations that forces logoff after X minutes of idle.  It is not a great solution, though.  There may be a third party app that addresses your needs, but I am unaware of it.  I am sorry.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Learn about cloud computing and its benefits for small business owners.
Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now