Solved

Non Domain system writing to domain shared folder

Posted on 2012-03-20
2
344 Views
Last Modified: 2012-06-22
I have 3 locked down Windows 7 embedded systems (non-domain systems) that need to write to a domain system folder. I have been able to write to the domain folder if I give it EVERYONE access. This looks un-secure. What is the best way to secure this folder so that only the 3 kiosk system systems can write to this folder but no one else (and the domain admin also of course).
0
Comment
Question by:allenkent
2 Comments
 
LVL 4

Accepted Solution

by:
Paul-B earned 500 total points
ID: 37743421
You could create a user account on the server for them to authenticate with like "Kiosk" and then add that user to the share with read/write access. You could then also remove the other non system and admin accounts from the share.  Then go each Kiosk box and open file explorer and in the address bar type \\SERVERNAME and hit enter. You should see a list of the shares after you are prompted for login. Enter the Kiosk account info and be cure to check Save Password option. If it was me I would even map the share to a drive letter.
0
 
LVL 16

Expert Comment

by:R. Andrew Koffron
ID: 37743500
you can authenticate to a domain server, with a valid domain ID in a script on the non domain computer, just map a drive in a script ussing the /USERNAME: switch. in the script use a highly restricted domain account, and qualifie hte username <DOMAINNAME>\<USERNAME>.  just make damn sure the account it denied on anything except the exact folder you want them to write to. and test throughly before putting it live.

I've used similar scripts when a client has a rented office and they don't want the tenant in their files, but the tenant just can't seem to handle authenticating once a day to print and so on.

the script command would look something like

Net use z: \\ServerName\ShareName /USERNAME:DomainName\UserName /password|pooky'spassword

I can never rember the exact passowrd switch syntax but it's not hard to figure out while testing.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
WLC 5508 controller configuration 4 80
RDS2012 vs RDS2008 4 39
TLS/SSL Diable 3DES ciper suites 4 30
Windows Password recovery 7 36
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question