Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 314
  • Last Modified:

Disabling caching of file share access credentials

When users make a VPN connection into our network, they can see the file shares even though they are not logged into the domain.  To access a file share they should be prompted for user name/password.  The first time a user connects from a given computer, the usr/pwd prompt comes up but not for subsequent attempts to access to the same share.   The problem that comes up is that if a different user makes a new VPN connection for the same computer, he is able to access the share without entering usr/pwd because the first users credentials are cached and submitted.  Since the first user may have access to a share that the second user should not, this is a major problem.

I have been searching for a setting at the server level to cause all share accesses to require a password, or at least set a timeout afterwhich credentials must be reentered.  As I understand, GPO won't help in this situation becuase the users do not log into the domain.

Any know how to disable or limit this caching with a server setting?
0
dougmacgregor1
Asked:
dougmacgregor1
  • 2
1 Solution
 
johnb6767Commented:
Disable Password Caching
http://www.pctools.com/guides/registry/detail/124/

Think this one still works post XP....

Disable Storage of Credentials and .NET Passwords
http://www.pctools.com/guides/registry/detail/124/

Are these systems sharing a User account? If they are, individual user accounts would render this a moot issue, as 1 user's credentials for a share are stored in their own storage, and are not visible to another user account.....

Oh, and these are CLIENT side changes....
0
 
dougmacgregor1Author Commented:
My various researches into this indicate that there is no server-side setting outside of GPO to do what I want.  So I have an answer that I can go forward with.  johnb6767's links are right on as far as dealing with it on the client side so I am accepting his solution.
0
 
dougmacgregor1Author Commented:
Solution was as complete as possible, since only a partial solution to my original need exists.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now