[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Various Windows computers logon script to Synology NAS

Posted on 2014-09-04
7
Medium Priority
?
1,854 Views
Last Modified: 2014-10-11
G'day guys,

I have a client (old people's home) who is a not for profit organization. They have a variety of computers that have passed through multiple hands (Windows Vista, 7 and 8.1 Pro)

Now the issue is that I convinced them to put in a NAS for all there critical data and backups. Which setup fine and works great. However when it comes to sharing the data across multiple computers it becomes problematic.

So I made multiple users:

USER 1 - (Admin user gets to see everything, can backup)
USER 2 - (Limited user gets to see just Physio documents)
USER 3 - (Backup only user)

I made multiple documents folders:

Admin Documents, Physio Documents

I thought that I could on each computer set a mapped network drive to the user accounts previously mentioned. This works for some, but if the NAS is off or not contactable the mapped drive would stop working.

Also if multiple users on one system were to access the NAS only the first user permissions apply, unless a restart is provided.

You can imagine what a pain this is. Even logging out doesn't release the access to the NAS.

Another thing is that the Synology Backup requires a specific Admin user to run the backup (makes sense) but then conflicts if the user logging onto the computer is User 2 (Limited Access)

I guess what I'm asking is there a way without using a Server to give each user (Multiple user accounts on one computer) access to the NAS and backup functions?

I'm thinking that the main issue is with the Synology Backup conflicting with the mapped network drive. Seeing that for whatever reason you can't have two user account access to the NAS at any given time.

Also I would like to know what is the Best Practice in this environment to deal with Mapped Network drives and attributing that to Logon scripts in GPO.

regards,

Steven Swarts
TechCare
0
Comment
Question by:sjswarts
  • 3
  • 3
7 Comments
 
LVL 3

Accepted Solution

by:
MIRSYS earned 2000 total points
ID: 40305332
Well I guess you could use a script to map the drive with the correct usernames

net use x: \\yournas\share /user:"username" "password"

save as batch file

Run this file at login , if this is a workgroup computer you can do the following to add a logon script.

Computer Management\System Tools\Local Users and Groups\Users
Right-click the user account that you want, and then click Properties .
On the Profile tab, in Logon script , type the file name and relative path of the script.
0
 
LVL 23

Expert Comment

by:rhandels
ID: 40305428
Even though MIRSYS option is the neatest one wthout a doubt you could also manually create the mappings on all machines using Windows Explorer and just tick the box "Reconnect at logon". This way the connection will be reconnected at logon and credentials will be saved. I also use this at home with my own Synology.
0
 

Author Comment

by:sjswarts
ID: 40305521
@MIRSYS - thanks mate, that is exactly what I'm looking for. Didn't realize the option was there.

@rhandels - I've tried this, but when the network isn't active it doesn't map the network share.

Is there anyway that I can cause the batch file to wait? get it to ping 127.0.0.1 for 10 secs or so? This way if the network hasn't turned on yet I have time.

I did remember reading somewhere that in Group Policy you can put a time limit on the user accounts for logon scripts
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
LVL 23

Expert Comment

by:rhandels
ID: 40305525
<< I've tried this, but when the network isn't active it doesn't map the network share.>>

It's not entirely true. The mapping is being created because it was there in the first place, the only issue is that users can't access it until network is up and running. If a user clicks on the link when network is not there it would ask you if you would like to delete the mapping and that is the biggest issue (seeing users only click yes these days :)).

I believe you have 2 option. Either enable Synchronous login. This means Windows waits until network is active before it logs in (will take more time for the CTRL+ALT+DEL screen to pop up) or just add a WAIT command into the batch file, this should achieve the exact same result. Only issue is how long do you want to wait?? This heavily depends on Computer speed and user's patience to wait a few secs before logging in :)
0
 

Author Comment

by:sjswarts
ID: 40305536
Yes that is exactly the issue. Patience in the IT world is virtually non-existent. Plus nobody after calling IT will admit to clicking yes to the dialogue saying remove network mapping.

Is there a way using GPO to prevent them from having permission to remove it or to even show that pop up? Seems unwise to have that as a default response to someone clicking on it. The best would be to say "This network share is unavailable, please wait till it comes online or contact your IT Admin".

Synchronous login sounds like a good idea, that way they are forced to wait without any interruption that they can make. Not a bad solution.
0
 
LVL 23

Expert Comment

by:rhandels
ID: 40305631
<<Is there a way using GPO to prevent them from having permission to remove it or to even show that pop up? Seems unwise to have that as a default response to someone clicking on it. The best would be to say "This network share is unavailable, please wait till it comes online or contact your IT Admin".>>

For as far as i know, No. Because this is user driven (user creates the mapping) Microsoft assumes that the user knows what to do with it. You could try and remove the disconnect drive mappings setting in a policy but i'm not 100% sure if this does the trick.. Because technically speaking your not clicking the button to disconnect.
0
 

Author Closing Comment

by:sjswarts
ID: 40374752
Appears to work just fine, thank you
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Among the most obnoxious of Exchange errors is error 1216 – Attached Database Mismatch error of the Jet Database Engine. When faced with this error, users may have to suffer from mailbox inaccessibility and in worst situations, permanent data loss.
Organisation is organized in a pattern to flow the day to day business, every application and system is interdepended on each other and when very important “Exchange Server downtime” happened.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

640 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question