Re: Windows Server 2003 caches UNC Password
From: CDARS (cdars_at_hotmail.com)
Date: 04/27/04
- Previous message: Sten Westerback: "Re: Windows Server 2003 caches UNC Password"
- In reply to: Sten Westerback: "Re: Windows Server 2003 caches UNC Password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 26 Apr 2004 19:06:34 -0700
Hi,
Thanks for the advice. I wanna review more of my situation and see
what you may suggest.
>>>>>>>>>>
2 Server. 1 Win2K, 1 Win2K3.
Win2K at WORKGROUP. W2K3 at AD Domain. (Strange but don't ask why.)
To copy files in daily schedule from Win2K3 to Win2K.
As you know, scheduled task cannot see mapped drive. Obviously I don't
want to code the password in the "net use" command in clear text.
>>>>>>>>>>
Current Solution:
There is a operator account in the Win2K server. I create an entry at
the "Stored User Names and Passwords" for that account. Then at the
scheduled task I just code \\<win2k3_hostname>. It logon automatically
using the stored ID and password.
>>>>>>>>>>
What would be the best practice for this situation?
Thanks.
"Sten Westerback" <sten.westerback@NO_SPAMnokia.com> wrote in message news:<Cm5jc.14773$k4.299468@news1.nokia.com>...
> "CDARS" <cdars@hotmail.com> wrote in message
> news:97ec88b8.0404252321.715d1213@posting.google.com...
> > Hi,
> >
> > Thanks for your advice. Now I understand that I am a beginner in
> > Win2k3 server...
> >
> > Start => Control Panel => Stored User Names and Passwords
> >
> > You can see a list of stored password by site. Just delete or edit as
> > you like.
> > As soon as there is a console controlling it, it is ok. Imagine you
> > have a server will some unknown passwords to other servers. Your
> > server can be the start-point for an attack.
> Well.. many things are possibly possible.... but in this case the hacker
> would first have to impersonate yourself and then happen to find out
> which drive is connected to somewhere else with some specific account
> and then find out what do to with the information on that share...
>
> > Now a follow-up question:
> > I map a network drive and select "re-connect at logon". After logging
> > off the mapped drive is always disconnected. It prompts for a valid
> > password when you click on it, which of course the password I entered
> > was correct at the time I mapped the drive.
> >
> > The problem is solved when I added the logon information at "Stored
> > User Names and Passwords". But I wonder should it be a correct
> > practice.
>
> No.. correct practice would be to have domain policy disable that
> checkbox and you use an account that has the needed remote share
> permissions by default. In addtion you "may" use Start->Run
> \\server\share and have it ask for password for that session.
> Such connections you can remove using
> net use \\server\share /d
>
> - Sten
- Previous message: Sten Westerback: "Re: Windows Server 2003 caches UNC Password"
- In reply to: Sten Westerback: "Re: Windows Server 2003 caches UNC Password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
