Link to home
Start Free TrialLog in
Avatar of allenkent
allenkentFlag for United States of America

asked on

Non Domain system writing to domain shared folder

I have 3 locked down Windows 7 embedded systems (non-domain systems) that need to write to a domain system folder. I have been able to write to the domain folder if I give it EVERYONE access. This looks un-secure. What is the best way to secure this folder so that only the 3 kiosk system systems can write to this folder but no one else (and the domain admin also of course).
ASKER CERTIFIED SOLUTION
Avatar of Paul-B
Paul-B
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of R. Andrew Koffron
R. Andrew Koffron
Flag of United States of America image
you can authenticate to a domain server, with a valid domain ID in a script on the non domain computer, just map a drive in a script ussing the /USERNAME: switch. in the script use a highly restricted domain account, and qualifie hte username <DOMAINNAME>\<USERNAME>.  just make damn sure the account it denied on anything except the exact folder you want them to write to. and test throughly before putting it live.

I've used similar scripts when a client has a rented office and they don't want the tenant in their files, but the tenant just can't seem to handle authenticating once a day to print and so on.

the script command would look something like

Net use z: \\ServerName\ShareName /USERNAME:DomainName\UserName /password|pooky'spassword

I can never rember the exact passowrd switch syntax but it's not hard to figure out while testing.