• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 293
  • Last Modified:

Accessing a non-windows network share and forcing prompt for password

I'm trying to access a network share that sits on a NAS.  The share is read only for some people but I have write access to it.  When I access the share however it doesn't prompt me to log in with the account that has write permissions on it.  Are there any switches and ways that I can make is prompt me for a log in to determine if I have write permissions on that share?
0
wannabecraig
Asked:
wannabecraig
  • 6
  • 5
  • 2
  • +1
1 Solution
 
PerarduaadastraCommented:
Have you tried logging in as a user who definitely does not have write access, and trying to write to the share? Presumably you will get an access denied error or something similar, thus showing that the permissions are what you expect.

What OS are you using?
0
 
rindiCommented:
It probably depends on the NAS and how you set it up. They all are a bit different and use different OS's. Apart from that, it is possible if the username you are logged on to the PC as is the same as that which has been setup on the NAS, along with the same password, you don't have to logon separately. But also that depends on the NAS.
0
 
wannabecraigAuthor Commented:
The problem is that it' not prompting me for the 'write' user.  It just assumes I'm not in a group which has write access.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
PerarduaadastraCommented:
But if you already have write permissions it will know that from the ACL or its equivalent, and so it won't ask because it already knows.
0
 
wannabecraigAuthor Commented:
ok, but say there are two different accounts, how can I get it to switch to the one I want to use?  Is there any way to force a particular user?
0
 
PerarduaadastraCommented:
That's a function of the OS, and you haven't said which one you're using.
0
 
rindiCommented:
As I said, it depends on how you have set up the NAS and what functions it actually offers. Their setup is normally specific to each manufacturer. Usually you do the setup via a web-browser. Also check it's manual.

You might also just need to log off from your PC, then log-on to a different account on that PC, and then you may have other rights on the NAS.
0
 
wannabecraigAuthor Commented:
I'm connecting from a Windows 7 machine to a netgear ready NAS with some linux distrib on it.
0
 
PerarduaadastraCommented:
Were the permissions set on the Netgear device, or in Windows? Are the NAS and Windows box in a domain or a workgroup/homegroup?
0
 
wannabecraigAuthor Commented:
NAS not in the domain, just a standalone Box. The permissions are set in the share on the NAS admin interface.
0
 
PerarduaadastraCommented:
In that case the access is managed by the NAS. It will have a list of users along with the permissions and rights of each, and will grant or deny access as appropriate .

You could try browsing to a share using Run As to invoke Windows Explorer with a different user account on the Windows 7 computer, but I'd be surprised if it worked...

If you're the administrator then you should already know the user rights for every share on the NAS, and if you aren't then what are you trying to achieve?
0
 
wannabecraigAuthor Commented:
I know the username and password, but they share is read-only to everybody and then read/write to an admin group. I set these shares up but Windows seems to access using the everybody account.  I'm trying to get to access it under the read/write account.
0
 
PerarduaadastraCommented:
I'm not quite understanding you. Are you saying that everybody has read-only access, or that everybody has read-write access?

Are you using Windows 7 Home or Professional?
0
 
BobintheNocCommented:
Windows has and maintains a list of credentials that it can call upon whenever a resource is accessed, Credential Manager in the Windows Vault.  From your START button, type in "Manage Network Passwords".  Look through your list on your Win7 Box to see if you have ANY entries for either the name or the IP address of your Netgear NAS unit.  If so, either delete or modify them if you want to change things up.

If you've ever entered credentials and had that little checkbox that "Saves" your credentials, Windows will save it to the vault.

Also, if the local accounts on the NAS unit happen to match your username and password on your Windows Machine, you could be automatically passing your currently logged on credentials automatically.  This was an old method we'd use in the old days when we didn't have Domain joined resources.

How do you access the NAS?  Via web browser?  Or via Windows Explorer?  If via Web browser and the web page you use is considered Intranet Zone, Windows will automatically send your credentials for you, if your current Windows logged on account name and passwords match up with a username stored on the NAS, along with the password, Voila, you get access--if it's an intranet zoned page.

It doesn't take much to put a page into the Intranet zone, simply NOT having a period in the name will usually do it.  Example:  http://mynas   will be an Intranet Zone automatically, and IE will automatically send your current credentials to that page.  Simply changing the address entry to http://mynas.  will put it into the INTERNET ZONE which will then prompt for credentials, IF the NAS requires them.  Same pretty much happens when accessing via UNC, example:  \\mynas\myshare  will be considered intranet  while \\mynas.\myshare  or \\mynas.mydomain.local\myshare will behave similarly.  If really stuck, you can always ADD the site/location to the RESTRICTED sites zone in IE to make sure it's not considered INTRANET.  Get to the RESTRICTED SITES zone list from InternetExplorer, Tools, Options, Security---Restricted Sites tab, then click the SITES button.

In the end, if you can't figure it out, look to the NAS administrative interface for any kind of logging or Auditing settings.  If it's got decent CIFS sharing and supports NTFS, there'll likely be some AUDIT entries that you can set so that when you access, read, modify, delete, etc., the log file will list FAILURE and SUCCESS audits with the username used.  A lot more complex but still valid method would be to use something like Wireshark or other network packet capture tool.  Start a capture, do something to the NAS files, then stop the capture and examine the list of packets.  Usually, you'll see some sort of authentication attempts via NTLM/LanMan and then more sophisticated methods like NTLM2 or even Kerberos.  Usually, with a tool like Wireshark, it'll dissect the packet and give you pretty readable information, possibly even the USERNAME used.

The last thing I thought I'd mention--some systems, in their amazing logic, if a credential is presented that matches up with a stored username, you get the restrictions/permissions that are listed to that account.  In some instances, if you supply a username that doesn't exist, you're considered UNAUTHENTICATED or even ANONYMOUS--if the rights for UNAUTHENTICATED or ANONYMOUS are set to allow WRITE, that may be your lead.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 6
  • 5
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now