Solved

Windows Server 2008 network share - security rights assigned to a computer only

Posted on 2014-09-10
4
183 Views
Last Modified: 2014-09-11
So I have a windows 2008 network share...
I need to map this drive to a computers only.
All computers are in the correct  OU.
I need to grant only those computers full access to that share.
User account access doesn't matter, but they have to be on only the computes in the specified OU.

Is this doable?

I'm attaching the GPO that I currently setup. It maps the drive via computer, but doesn't take the user account I plugged into the "map drives" connect as option. It pops up asking for the password for the digiphoto account, which should pass through the GPO? (it works when I manually type in the password, but I want this to be automatic) What I'm missing?
That account does have full rights to the share. Is this how I should be doing it or can I assign computer accounts to network shares?
Thanks Experts!
Capture.JPG
Capture1.JPG
0
Comment
Question by:PapaSmurff
  • 2
  • 2
4 Comments
 
LVL 53

Accepted Solution

by:
McKnife earned 500 total points
ID: 40315627
You can of course fill share- and NTFS-ACLs with Computer accounts, but that wouldn't mean, anyone logged on to that computer would have access. It would only mean, the computer's system account would have access.
To limit access to certain computers, you would need to setup firewall rules. But firewall rules don't care about shares, they only care about port. So what you want is indeed not possible.
0
 

Author Comment

by:PapaSmurff
ID: 40315941
Fair enough. So currently using gp to map a drive and use the connect as user option. Add the user that has rights. However when I login as a generic user it says not all network drives are available,  puts up the user I'm put in the gpo and is asking for the password.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 40315962
The feature you are using (deploy network drives using different credentials) is being shut down by patching. Microsoft has decided to abandon it for security reasons, maybe that is why it is not working.
0
 

Author Comment

by:PapaSmurff
ID: 40316650
Back to the drawing board! Thank-you!
0

Featured Post

The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

Join & Write a Comment

A procedure for exporting installed hotfix details of remote computers using powershell
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now