When users make a VPN connection into our network, they can see the file shares even though they are not logged into the domain. To access a file share they should be prompted for user name/password. The first time a user connects from a given computer, the usr/pwd prompt comes up but not for subsequent attempts to access to the same share. The problem that comes up is that if a different user makes a new VPN connection for the same computer, he is able to access the share without entering usr/pwd because the first users credentials are cached and submitted. Since the first user may have access to a share that the second user should not, this is a major problem.
I have been searching for a setting at the server level to cause all share accesses to require a password, or at least set a timeout afterwhich credentials must be reentered. As I understand, GPO won't help in this situation becuase the users do not log into the domain.
Any know how to disable or limit this caching with a server setting?