?
Solved

creating  network drive that asks for a password every time someone accesses it

Posted on 2010-01-11
7
Medium Priority
?
557 Views
Last Modified: 2012-05-08
Hi, I have a client that wants to have a network drive for two users that asks for a password each and every time the two users access it.  So no one else can access it.  They didn't go for the screen saver password thing.

Question, can this be done in a domain, or is there separate software for this?

Thanks
0
Comment
Question by:SlickTech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 12

Expert Comment

by:naykam
ID: 26290033
Im just trying to understand what you are trying to achevie.

So im guessing that all your users map that drive, but you only allow the two users to access it?
or
Is it something like a public computer, with a general logon, and you only want two users to see the network drive?

A couple of questions...

Why cant you script something to map the drive based on the two users, and it will disconnect it once  logged off? There are many great restrictions you can apply here locally and/or domain level

You could disable storage of network passwords on that computers local policy / domain policy:

 Follow "Control Panel > Administrative Tools" Double click "Local Security Policy" mmc snap-in Shortcut.

Now in "Local Security Policy" management console open "Local Policies > Security Options" on your left.

You will see a Policy list to your right. Browse to the Policy "Network access: Do not allow storage of credentials or .NET Passports for network authentication". Double click it, select Enabled, click Apply and then OK.

You will have to restart
0
 
LVL 2

Author Comment

by:SlickTech
ID: 26290117
Thanks Naykam, I should have explained more.  All users connect through the domain and get their drives mapped, just these users want the special drive T: drive.  They don't want to put their passwords in on any of the other network drives, just the t: drive, and they want to have to put it in each time they access it, not each time they map it (i.e. rebooting).  

hope this helps and thanks for the quick responce.
0
 
LVL 12

Expert Comment

by:naykam
ID: 26290215
Thanks SlickTech,

Its kind of an odd ask, because usually you would either not allow the drive to map, or restrict access to that share based on file permissions.

I think no matter what you do with the map drive, once you access it, windows will store that password until that session is over (or its forces manually or via a script). The only way you can prevent storage of those passwords is via a policy like i mentioned above, cant say I have tested this.

Im assuming your users are atimate that they want to enter a password, would that be the correct assumption? Can I ask why, maybe there is another solution to what they are trying to achieve?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 2

Author Comment

by:SlickTech
ID: 26290416
I dont know what "atimate" means, but I think you are correct.

I think they want this network drive to be like a little safe, they open it, check the files, then lock it again.  Their fear is that they will walk away from their computer and someone will immediately steal their precious files.  The only thing I could suggest is locking their computers when they take off.
0
 
LVL 12

Accepted Solution

by:
naykam earned 2000 total points
ID: 26290531
Yes, I would just reassure them that they are they only two people with access to that drive, and no one can access it. Don't even allow other users to map it, that way they wont walk past and see other "T" drives and freak out.

Its kind of the way windows was released, so when you walk away, you CTRL + ALT + DELETE + ENTER and your desktop is secure until you walk back.

You could use some kind of file encrypter, that will prompt for a password every time you open them, but, it would be a pain to manage from your point of view, and if they forget their password, well...you in deep water.

You could also map a FTP share/server, and have a short timeout on the FTP server, and that will prompt them for a password to browse again.

The use of smart cards? when the user leaves they take there smart card and there computer locks until their smart card unlocks it? They are secure and will give your users a great sense of security.

There is also some high end enterprise stuff that you could lock out folders to users, but its based on the same idea of "a user" and once "that user" is authenticated they have access to what they need.

In my opinion, its not really justified to go down the paths to make this happen for two users. Just model things right, show them the levels of permissions, explain how the security of a user works!

Hope this helps!!
0
 
LVL 6

Expert Comment

by:junior15
ID: 26306940
I would agree with a few of the other responses that you need to get your users to focus on workstation security instead of coming up with some off the wall solution to a problem that is only a problem if the users are lazy. To lock your workstation is simple. Either CTRL+ALT+DEL and then Enter or just Windows Key+L will lock it as well. Also, you could implement a 1 minute timeout on the screen saver and make the screen saver lock the workstation. These security measures will help to prevent the loss/theft of any data, not just this super secret stuff.

There are also some smart card and bluetooth solutions out there that will automatically lock a workstation when the user walks away from it (i.e. the user w/ the bluetooth dongle/card in their pocket walks out of range of the receiver connected to the computer, the computer locks). This might be something you would want to look into. Here is a link to an article that uses a bluetooth connection to your phone and auto-locks your workstation when your phone isn't in range of the computer.
http://lifehacker.com/367100/automatically-lock-your-computer-when-you-walk-away-with-blue-lock

Hope this helps.
0
 
LVL 2

Author Closing Comment

by:SlickTech
ID: 31675919
perfect, I have a mouthfull to say, thanks again to all
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question