SOLVED One Machine Can Access All CIFS Shares Without Login

Status
Not open for further replies.

xRazoo

Cadet
Joined
Oct 11, 2014
Messages
4
My FreeNAS box is currently setup with 3 CIFS Shares each with their own paths that go to their own ZFS Dataset. Each Dataset has a different set of permissions giving access to Owner (User): Root and Owner (Group): Group Authorized for that Dataset.

There are multiple machines (Windows 7) and users on my network and each user has a User account for the FreeNAS that is tied to one of the three groups with permissions for the three datasets. Either you are group #1 that can only access the #1 Share, Group #2 can access Shares #2 and #1, and Group #3 can access Share #3, #2, and #1. When going to a share on a machine a user is prompted to login with their FreeNAS user account.

The problem is one machine stopped being prompted for a login. Upon startup it can access any CIFS share it pleases while all the other machines upon Log Off or Shut Down must re-login. Any idea why this has started happening or how I can fix it?



Side Question: Is there any way to prompt for a login to a CIFS Share after so many minutes of non-use? Say after 15 minutes of not moving a file to or from the FreeNAS box to require a re-login so a Log Off or Shut Down of the machine is not needed for different users to use different machines.

Thanks for any input on this issue.
 

Mlovelace

Guru
Joined
Aug 19, 2014
Messages
1,111
Are the FN login credentials cached on the Windows box (network passwords) that doesn't prompt after start-up?
 

xRazoo

Cadet
Joined
Oct 11, 2014
Messages
4
They very well might be. What is the best way to check and if the case, make it so it doesn't cache it again?
 

Mlovelace

Guru
Joined
Aug 19, 2014
Messages
1,111
They very well might be. What is the best way to check and if the case, make it so it doesn't cache it again?

You can remove the cached credentials from:

Control Panel\All Control Panel Items\User Accounts

click the username

  1. To the left you will see Manage your credentials. From that select the share name and remove

    Once the above is done, delete using net use
  2. Start > Run > cmd > net use * /DELETE
 

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,194
They very well might be. What is the best way to check and if the case, make it so it doesn't cache it again?
Search for "Credential Manager" in Windows. Next time, don't have it save the password.

Note that Windows automatically tries the current user credentials when logging on to a server, but I believe this can be controlled in the credential manager as well.
 

xRazoo

Cadet
Joined
Oct 11, 2014
Messages
4
I went into Credential Manager and removed the FreeNAS login... Can't believe it was something so simple. Is there anyway to remove the option to remember credentials?
 

cyberjock

Inactive Account
Joined
Mar 25, 2012
Messages
19,526
No, but you can choose not to check the box to save them. ;)
 

rogerh

Guru
Joined
Apr 18, 2014
Messages
1,111
The XP system was safer: offer a dialogue box for share login credentials, and then totally fail to use the information supplied. The only place you could enter them was hidden under a rock somewhere. At least they didn't get remembered unintentionally.
 

gpsguy

Active Member
Joined
Jan 22, 2012
Messages
4,472
Enabling "Network access: Do not allow storage of credentials or .NET Passports for network authentication" should disable the ability to save the credentials.

The option is located here: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\

Create a group policy to enable it. You'd probably have to delete any that were saved, before you implemented a group policy.

Is there anyway to remove the option to remember credentials?
 

xRazoo

Cadet
Joined
Oct 11, 2014
Messages
4
Thanks for the info and links. That is all taken care of now.

So final question, is there anyway to do a time-out for the CIFS shares?
 
Status
Not open for further replies.
Top