Administrative Shares on Server 2008 R2

By bguy_1986
in Microsoft (Windows)

 Share

Recommended Posts

Grand Master

bguy_1986

Posted
Posted

I swear I've done this before...

 

First of all a hidden share and administrative share is the same thing isn't it?

I want to create an administrative share on a server for all of my apps.  I've created a share with the name of apps$.  Right now I've got security on it so that IT can change it, and Authenticated users Read access.

 

I want to change it if possible.  I'd like to have IT to be able to get to it and change it no problem, and on other computers other users are logged into, prompt for a username and password.

 

I can't seem to figure out how to get it to prompt for username and password at all no matter what I set it at.  What am I doing wrong if anything?  Maybe it's not possible and I'm just loosing my mind (which is very possible)

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

So do you allow anonymous access to the servers - any shares?

I you auth to a server with guest/anon to access say a public share - your never going to be able to get to a share that you have to auth too.. Since your already authed as guest, and can not have 2 different users connected from the same source to the server.

You would have to remove the anon/guest access now when you try and connect to server you will always get prompted for auth.

Or you will have to auth specifically to that share or server before any anon/guest session has been created.

for example net use \\servers\apps$ /u:domain\user password

Link to comment
Share on other sites
Grand Master

bguy_1986

Posted
  • Author
Posted
BudMan, on 12 Sept 2013 - 15:07, said:

So do you allow anonymous access to the servers - any shares?

I you auth to a server with guest/anon to access say a public share - your never going to be able to get to a share that you have to auth too.. Since your already authed as guest, and can not have 2 different users connected from the same source to the server.

You would have to remove the anon/guest access now when you try and connect to server you will always get prompted for auth.

Or you will have to auth specifically to that share or server before any anon/guest session has been created.

for example net use \\servers\apps$ /u:domain\user password

That's what I've kind of been finding out with my research, but I swear I've done it in the past.  I'm going to leave this open for a little while and then mark it as the answer just in case somebody else has anything to add.

 

Thanks

Link to comment
Share on other sites
Grand Master

sc302 Veteran

Posted
  • Veteran
Posted

 

I can't seem to figure out how to get it to prompt for username and password at all no matter what I set it at.  What am I doing wrong if anything?  Maybe it's not possible and I'm just loosing my mind (which is very possible)

With active directory it will never prompt unless the user is currently not logged into that server.  ie. server1 has all of my data (user data, public data, special share that you just created), I want users to connect to a share on server1 but prompted to access...this will not happen at all, ever as they are already connected to server1 as the user to access other files. 

 

The way it would work is if they connected to another server/workstation that only had this share on it, then they would be prompted for a username and password, if they didn't have access to it to begin with.  ie, you try to connect to a hidden share on a random computer, \\computername\c$ for instance by default a standard user does not have access to this share, it will then prompt them for credentials to gain access. 

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

"\\computername\c$ for instance by default a standard user does not have access to this share, it will then prompt them for credentials to gain access. "

Unless as mentioned your already authed with some account, say anon/guest or your user name that does have say access to IPC$ through being a domain user, etc.

The only way you will get prompted is if the accounts your machine automatically tries to auth with denied. guest/logged in user account. If they get denied then you will get prompted. If you guest or your username allows you to connect - even if your not really allowed access to anything other than say public folder your not going to get prompted again.

Link to comment
Share on other sites
Grand Master

sc302 Veteran

Posted
  • Veteran
Posted

basically any computer that you do not have access to and connect to the share, whether it be on a different domain or the same domain, it will prompt for credentials.  If you are currently connected to a computer through a logon script or by browsing to it, it will not prompt you for credentials as it will use the current logged on credentials to access that computer and all shares on that computer.

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing