Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 189
  • Last Modified:

Windows Server 2008 network share - security rights assigned to a computer only

So I have a windows 2008 network share...
I need to map this drive to a computers only.
All computers are in the correct  OU.
I need to grant only those computers full access to that share.
User account access doesn't matter, but they have to be on only the computes in the specified OU.

Is this doable?

I'm attaching the GPO that I currently setup. It maps the drive via computer, but doesn't take the user account I plugged into the "map drives" connect as option. It pops up asking for the password for the digiphoto account, which should pass through the GPO? (it works when I manually type in the password, but I want this to be automatic) What I'm missing?
That account does have full rights to the share. Is this how I should be doing it or can I assign computer accounts to network shares?
Thanks Experts!
Capture.JPG
Capture1.JPG
0
PapaSmurff
Asked:
PapaSmurff
  • 2
  • 2
1 Solution
 
McKnifeCommented:
You can of course fill share- and NTFS-ACLs with Computer accounts, but that wouldn't mean, anyone logged on to that computer would have access. It would only mean, the computer's system account would have access.
To limit access to certain computers, you would need to setup firewall rules. But firewall rules don't care about shares, they only care about port. So what you want is indeed not possible.
0
 
PapaSmurffAuthor Commented:
Fair enough. So currently using gp to map a drive and use the connect as user option. Add the user that has rights. However when I login as a generic user it says not all network drives are available,  puts up the user I'm put in the gpo and is asking for the password.
0
 
McKnifeCommented:
The feature you are using (deploy network drives using different credentials) is being shut down by patching. Microsoft has decided to abandon it for security reasons, maybe that is why it is not working.
0
 
PapaSmurffAuthor Commented:
Back to the drawing board! Thank-you!
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now