Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Enforce share permissions on a shared computer

Posted on 2016-07-30
5
Medium Priority
?
40 Views
Last Modified: 2016-08-22
Scenario:

- One Windows 10 Workstation having a single user name and password. Not on a domain. One profile, meaning 4 employees log into this computer using the same user name and password.

- One Synology NAS set up (for now) only as a file server. On the server we set up 4 user accounts. Each employee has his own login and password for the NAS. And user permissions on the NAS dictate who sees what (on the NAS).

The Problem:

The FIRST windows user that tries to connect to the NAS, will be prompted for his login. He enters his login and password, does NOT check the box 'remember my login info' and clicks OK.

As long as this Windows computer is running (no one has restarted or logged out), Windows will remember the login info for that connection to the NAS.

I want to provide an option that allows the user to DISCONNECT from the NAS folder:
- without deleting the mapped drive
- without making them log out of windows

Is there a script I can write, or a command I can run, that will
- disconnect from the NAS
- allow the next person to walk up to that same shared computer
- when he double-clicks on the mapped drive to the NAS, he is prompted for HIS login and password

So to recap - while the 4 users can log into and share one windows 10 computer, and they all use the same user name and password, it's the NAS I want to control access to, through separate logins. So, one password for the windows computer, but 4 passwords for the NAS. Windows is remembering the user name entered by the previous user. The only way around it is to log out of windows. I am looking for a way to get windows to 'forget' the active session's connection to the nas without having to log out and log back into windows.
0
Comment
Question by:Eric C
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 25

Accepted Solution

by:
NVIT earned 2000 total points (awarded by participants)
ID: 41736157
The following does "...get windows to 'forget' the active session's connection to the nas without having to log out and log back in". Contrary to what you want, it does delete the mapped drive to the NAS. Each time a user connects via Explorer or NET USE, the map is saved. There's no way around that:

1. Logon the admin and connect to the NAS share.

2. Open a CMD prompt

3. Note: You said the user does NOT pick the 'Remember my credentials' box. But, in case he does, this next required step removes the credential.

Find out the cmdkey target=NASservername line you need to put in your .bat file:
cmdkey /list

Open in new window


Note the server you need to disconnect from. It's the line that looks like: Target: Domain:target=NASservername

4. The next step removes the mapped drive.

Find out the NET USE Remote servername you need to put in your .bat file. It should be similar to the  NASservername in the prior step but looks like \\NASservername\sharename:
net use

Open in new window


5. Make a .bat file containing this:
cmdkey /del:Domain:target=NASservername
net use \\NASservername\sharename /del

Open in new window


6. Save the .bat in a protected folder to prevent deletion by users.

7. On user's Desktop or Start menu, make a shortcut to the .bat file.

8. When user is done working, he picks the shortcut to run the .bat to disconnect from the share.""
0
 
LVL 5

Author Comment

by:Eric C
ID: 41738150
NVIT, that looks promising and I will try that and report back.  Is there another batch file I can create, that will re-map the shared folder?

In other words:
1. User double-clicks on the icon
2. Windows prompts user for login (if they're not already authenticated)
3. shared folder is mapped to drive 'M'
0
 
LVL 25

Expert Comment

by:NVIT
ID: 41738306
Please close the original question and award points first.
0
 
LVL 5

Author Comment

by:Eric C
ID: 41738358
Agreed, that is fair. Let me try this and get back to you.
0
 
LVL 25

Expert Comment

by:NVIT
ID: 41763495
Working solution by NVIT has not been followed up on by asker.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When asking a question in a forum or creating documentation, screenshots are vital tools that can convey a lot more information and save you and your reader a lot of time
This article shows how to use a free utility called 'Parkdale' to easily test the performance and benchmark any Hard Drive(s) installed in your computer. We also look at RAM Disks and their speed comparisons.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question