Solved

Disabling caching of file share access credentials

Posted on 2011-09-19

1 solution

301 Views

Last Modified: 2012-05-12

When users make a VPN connection into our network, they can see the file shares even though they are not logged into the domain. To access a file share they should be prompted for user name/password. The first time a user connects from a given computer, the usr/pwd prompt comes up but not for subsequent attempts to access to the same share. The problem that comes up is that if a different user makes a new VPN connection for the same computer, he is able to access the share without entering usr/pwd because the first users credentials are cached and submitted. Since the first user may have access to a share that the second user should not, this is a major problem.

I have been searching for a setting at the server level to cause all share accesses to require a password, or at least set a timeout afterwhich credentials must be reentered. As I understand, GPO won't help in this situation becuase the users do not log into the domain.

Any know how to disable or limit this caching with a server setting?

Comment

Question by:dougmacgregor1

[X]

Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

Help others & share knowledge
Earn cash & points
Learn & ask questions

Join The Community

3 Comments

LVL 66

Accepted Solution

by:johnb6767

johnb6767 earned 500 total points

ID: 365677142011-09-20

Disable Password Caching
http://www.pctools.com/guides/registry/detail/124/

Think this one still works post XP....

Disable Storage of Credentials and .NET Passwords
http://www.pctools.com/guides/registry/detail/124/

Are these systems sharing a User account? If they are, individual user accounts would render this a moot issue, as 1 user's credentials for a share are stored in their own storage, and are not visible to another user account.....

Oh, and these are CLIENT side changes....

Author Comment

by:dougmacgregor1

ID: 365893752011-09-23

My various researches into this indicate that there is no server-side setting outside of GPO to do what I want. So I have an answer that I can go forward with. johnb6767's links are right on as far as dealing with it on the client side so I am accepting his solution.

Author Closing Comment

by:dougmacgregor1

ID: 365893882011-09-23

Solution was as complete as possible, since only a partial solution to my original need exists.

Featured Post

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using Tools To Find What is Using Your Disk Space

Article by: Lee

Sometimes drives fill up and we don't know why. If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left! Here's how you can find out...

Clever Gmail Targeting Phishing Email Discovered

Article by: Dermot

It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…

Configuring Windows Server 2008 Volume Shadow Copies

Video by: Rodney

This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

Installing and Configuring Windows Server Backup Utility

Video by: Rodney

This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…