Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


creating  network drive that asks for a password every time someone accesses it

Posted on 2010-01-11
Medium Priority
Last Modified: 2012-05-08
Hi, I have a client that wants to have a network drive for two users that asks for a password each and every time the two users access it.  So no one else can access it.  They didn't go for the screen saver password thing.

Question, can this be done in a domain, or is there separate software for this?

Question by:SlickTech
  • 3
  • 3
LVL 12

Expert Comment

ID: 26290033
Im just trying to understand what you are trying to achevie.

So im guessing that all your users map that drive, but you only allow the two users to access it?
Is it something like a public computer, with a general logon, and you only want two users to see the network drive?

A couple of questions...

Why cant you script something to map the drive based on the two users, and it will disconnect it once  logged off? There are many great restrictions you can apply here locally and/or domain level

You could disable storage of network passwords on that computers local policy / domain policy:

 Follow "Control Panel > Administrative Tools" Double click "Local Security Policy" mmc snap-in Shortcut.

Now in "Local Security Policy" management console open "Local Policies > Security Options" on your left.

You will see a Policy list to your right. Browse to the Policy "Network access: Do not allow storage of credentials or .NET Passports for network authentication". Double click it, select Enabled, click Apply and then OK.

You will have to restart

Author Comment

ID: 26290117
Thanks Naykam, I should have explained more.  All users connect through the domain and get their drives mapped, just these users want the special drive T: drive.  They don't want to put their passwords in on any of the other network drives, just the t: drive, and they want to have to put it in each time they access it, not each time they map it (i.e. rebooting).  

hope this helps and thanks for the quick responce.
LVL 12

Expert Comment

ID: 26290215
Thanks SlickTech,

Its kind of an odd ask, because usually you would either not allow the drive to map, or restrict access to that share based on file permissions.

I think no matter what you do with the map drive, once you access it, windows will store that password until that session is over (or its forces manually or via a script). The only way you can prevent storage of those passwords is via a policy like i mentioned above, cant say I have tested this.

Im assuming your users are atimate that they want to enter a password, would that be the correct assumption? Can I ask why, maybe there is another solution to what they are trying to achieve?
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.


Author Comment

ID: 26290416
I dont know what "atimate" means, but I think you are correct.

I think they want this network drive to be like a little safe, they open it, check the files, then lock it again.  Their fear is that they will walk away from their computer and someone will immediately steal their precious files.  The only thing I could suggest is locking their computers when they take off.
LVL 12

Accepted Solution

naykam earned 2000 total points
ID: 26290531
Yes, I would just reassure them that they are they only two people with access to that drive, and no one can access it. Don't even allow other users to map it, that way they wont walk past and see other "T" drives and freak out.

Its kind of the way windows was released, so when you walk away, you CTRL + ALT + DELETE + ENTER and your desktop is secure until you walk back.

You could use some kind of file encrypter, that will prompt for a password every time you open them, but, it would be a pain to manage from your point of view, and if they forget their password, well...you in deep water.

You could also map a FTP share/server, and have a short timeout on the FTP server, and that will prompt them for a password to browse again.

The use of smart cards? when the user leaves they take there smart card and there computer locks until their smart card unlocks it? They are secure and will give your users a great sense of security.

There is also some high end enterprise stuff that you could lock out folders to users, but its based on the same idea of "a user" and once "that user" is authenticated they have access to what they need.

In my opinion, its not really justified to go down the paths to make this happen for two users. Just model things right, show them the levels of permissions, explain how the security of a user works!

Hope this helps!!

Expert Comment

ID: 26306940
I would agree with a few of the other responses that you need to get your users to focus on workstation security instead of coming up with some off the wall solution to a problem that is only a problem if the users are lazy. To lock your workstation is simple. Either CTRL+ALT+DEL and then Enter or just Windows Key+L will lock it as well. Also, you could implement a 1 minute timeout on the screen saver and make the screen saver lock the workstation. These security measures will help to prevent the loss/theft of any data, not just this super secret stuff.

There are also some smart card and bluetooth solutions out there that will automatically lock a workstation when the user walks away from it (i.e. the user w/ the bluetooth dongle/card in their pocket walks out of range of the receiver connected to the computer, the computer locks). This might be something you would want to look into. Here is a link to an article that uses a bluetooth connection to your phone and auto-locks your workstation when your phone isn't in range of the computer.

Hope this helps.

Author Closing Comment

ID: 31675919
perfect, I have a mouthfull to say, thanks again to all

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes you might need to configure routing based not only on destination IP address, but also on a combination of destination IP address (or hostname) and destination port number. I will describe a method how to accomplish this with free tools. …
Greetings, Experts! First let me state that this website is top notch. I thoroughly enjoy the community that is shared here; those seeking help and those willing to sacrifice their time to help. It is fantastic. I am writing this article at th…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question