?
Solved

Windows Server 2008 network share - security rights assigned to a computer only

Posted on 2014-09-10
4
Medium Priority
?
188 Views
Last Modified: 2014-09-11
So I have a windows 2008 network share...
I need to map this drive to a computers only.
All computers are in the correct  OU.
I need to grant only those computers full access to that share.
User account access doesn't matter, but they have to be on only the computes in the specified OU.

Is this doable?

I'm attaching the GPO that I currently setup. It maps the drive via computer, but doesn't take the user account I plugged into the "map drives" connect as option. It pops up asking for the password for the digiphoto account, which should pass through the GPO? (it works when I manually type in the password, but I want this to be automatic) What I'm missing?
That account does have full rights to the share. Is this how I should be doing it or can I assign computer accounts to network shares?
Thanks Experts!
Capture.JPG
Capture1.JPG
0
Comment
Question by:PapaSmurff
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 56

Accepted Solution

by:
McKnife earned 2000 total points
ID: 40315627
You can of course fill share- and NTFS-ACLs with Computer accounts, but that wouldn't mean, anyone logged on to that computer would have access. It would only mean, the computer's system account would have access.
To limit access to certain computers, you would need to setup firewall rules. But firewall rules don't care about shares, they only care about port. So what you want is indeed not possible.
0
 

Author Comment

by:PapaSmurff
ID: 40315941
Fair enough. So currently using gp to map a drive and use the connect as user option. Add the user that has rights. However when I login as a generic user it says not all network drives are available,  puts up the user I'm put in the gpo and is asking for the password.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 40315962
The feature you are using (deploy network drives using different credentials) is being shut down by patching. Microsoft has decided to abandon it for security reasons, maybe that is why it is not working.
0
 

Author Comment

by:PapaSmurff
ID: 40316650
Back to the drawing board! Thank-you!
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses
Course of the Month10 days, 13 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question