Solved

Windows Server 2008 network share - security rights assigned to a computer only

Posted on 2014-09-10
4
187 Views
Last Modified: 2014-09-11
So I have a windows 2008 network share...
I need to map this drive to a computers only.
All computers are in the correct  OU.
I need to grant only those computers full access to that share.
User account access doesn't matter, but they have to be on only the computes in the specified OU.

Is this doable?

I'm attaching the GPO that I currently setup. It maps the drive via computer, but doesn't take the user account I plugged into the "map drives" connect as option. It pops up asking for the password for the digiphoto account, which should pass through the GPO? (it works when I manually type in the password, but I want this to be automatic) What I'm missing?
That account does have full rights to the share. Is this how I should be doing it or can I assign computer accounts to network shares?
Thanks Experts!
Capture.JPG
Capture1.JPG
0
Comment
Question by:PapaSmurff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 55

Accepted Solution

by:
McKnife earned 500 total points
ID: 40315627
You can of course fill share- and NTFS-ACLs with Computer accounts, but that wouldn't mean, anyone logged on to that computer would have access. It would only mean, the computer's system account would have access.
To limit access to certain computers, you would need to setup firewall rules. But firewall rules don't care about shares, they only care about port. So what you want is indeed not possible.
0
 

Author Comment

by:PapaSmurff
ID: 40315941
Fair enough. So currently using gp to map a drive and use the connect as user option. Add the user that has rights. However when I login as a generic user it says not all network drives are available,  puts up the user I'm put in the gpo and is asking for the password.
0
 
LVL 55

Expert Comment

by:McKnife
ID: 40315962
The feature you are using (deploy network drives using different credentials) is being shut down by patching. Microsoft has decided to abandon it for security reasons, maybe that is why it is not working.
0
 

Author Comment

by:PapaSmurff
ID: 40316650
Back to the drawing board! Thank-you!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question