Solved

Non Domain system writing to domain shared folder

Posted on 2012-03-20
2
346 Views
Last Modified: 2012-06-22
I have 3 locked down Windows 7 embedded systems (non-domain systems) that need to write to a domain system folder. I have been able to write to the domain folder if I give it EVERYONE access. This looks un-secure. What is the best way to secure this folder so that only the 3 kiosk system systems can write to this folder but no one else (and the domain admin also of course).
0
Comment
Question by:allenkent
2 Comments
 
LVL 4

Accepted Solution

by:
Paul-B earned 500 total points
ID: 37743421
You could create a user account on the server for them to authenticate with like "Kiosk" and then add that user to the share with read/write access. You could then also remove the other non system and admin accounts from the share.  Then go each Kiosk box and open file explorer and in the address bar type \\SERVERNAME and hit enter. You should see a list of the shares after you are prompted for login. Enter the Kiosk account info and be cure to check Save Password option. If it was me I would even map the share to a drive letter.
0
 
LVL 16

Expert Comment

by:R. Andrew Koffron
ID: 37743500
you can authenticate to a domain server, with a valid domain ID in a script on the non domain computer, just map a drive in a script ussing the /USERNAME: switch. in the script use a highly restricted domain account, and qualifie hte username <DOMAINNAME>\<USERNAME>.  just make damn sure the account it denied on anything except the exact folder you want them to write to. and test throughly before putting it live.

I've used similar scripts when a client has a rented office and they don't want the tenant in their files, but the tenant just can't seem to handle authenticating once a day to print and so on.

the script command would look something like

Net use z: \\ServerName\ShareName /USERNAME:DomainName\UserName /password|pooky'spassword

I can never rember the exact passowrd switch syntax but it's not hard to figure out while testing.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question