Announcement

Collapse
No announcement yet.

Disconnect mapped drives and authentication

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Disconnect mapped drives and authentication

    Hello,

    Im hoping i may get a respose here, as i have posted on another forum and have had no help/reply's.

    My problem started as so:

    ****** This Part Now Sorted ******
    I have recently started a task to secure a breakout area PC, the idea is to have the machine available to staff and visitors. For this reason, I denied access to the network, created a local user which it logs in with, and just kept internet access. this is all great and working how i want it to. I then needed to give the staff a way to access network drives from the machine if they needed to. For this i created a batch file which prompts for their username and password then maps the network drives (batchfile below). What I am now struggling with is, I would like to be able to make the maped drives automatically disconnet after 15mins so that if its left and another person uses the machine, they cant access the network unless they run the batch file and log in. Its an XP Pro SP2 machine.
    ^^^^^^^^^^^^^^^^^^^^^^^^
    ****** This Part Now Sorted ******

    I have now got to this stage:

    Thanks to all that have taken a look at my problem, I have now solved the first issue but now have another. I can now make the drives disconnect after a chosen period (for those of you who are interested how, the code is below) my issue now is that once the drives have been disconnected, the authentication is still there, therefore if you type the UNc path in to the share you can still access it. Does anyone know if there is a way to remove the authentication aswell as the drives???

    I would really appreciate any help, i realise the chances of a visitor coming and know how to get to the share through UNC path is quite slim, but its still a security flaw that I would like to be able to stop.

    Thanks

    D

    Code for adding network drives - copy text into notepad change share paths and save as "whatever.bat":
    Code:
    @echo off
    setlocal
    setlocal enableextensions
    set usr=
    set pwd=
    
    :start
    cls
    set /p usr="Please enter your Username: "
    if not defined usr goto :error1
    goto :map
    
    :error1
    cls
    echo You have not entered a valid username
    pause
    goto :start
    
    :error2
    cls
    echo You have not entered a valid password
    pause
    goto :start
    
    :map
    net use \\servername /user:%usr% *
    
    net use s: \\servername\data
    if %errorlevel% NEQ 0 goto :error3
    
    
    net use t: \\servername\drawings
    if %errorlevel% NEQ 0 goto :error3
    goto :disconnect
    
    
    :error3
    cls
    Echo Your username and/or password were incorrect
    goto :start (if you wish to prompt again) or goto :end (if you wish to exit without mapping)
    
    :disconnect
    start wscript unmap_all.vbs
    echo ***********************************************
    echo Network Drives now connected. 
    echo ------------------------------------------------- 
    echo All drives will be disconnected in 15 minutes.
    echo ***********************************************
    echo
    pause
    wait
    goto :end
    
    :end
    cls
    Echo Exiting script
    set usr=
    set pwd=
    endlocal
    Then copy this into notepad change the sleep time (in milliseconds, currnetly one minute) and save as "whatever.vbs" put it in the same directory as the batch file:
    Code:
    On Error Resume Next
    
    WScript.Sleep 60000
    
    DIM objNetwork,colDrives,i
    
    Set objNetwork = CreateObject("Wscript.Network")
    
    Set colDrives = objNetwork.EnumNetworkDrives
    
    For i = 0 to colDrives.Count-1 Step 2
    	' Force Removal of network drive and remove from user profile 
    	' objNetwork.RemoveNetworkDrive strName, [bForce], [bUpdateProfile]
    	objNetwork.RemoveNetworkDrive colDrives.Item(i),TRUE,TRUE
    Next
    Last edited by westwater; 9th April 2008, 12:19.

  • #2
    Re: Disconnect mapped drives and authentication

    I would try net stop workstation then net start workstation.

    that should basically unload the workstation services from the pc, and I think clear the authentication..I have not tested this others may say I am wrong.
    Stacey Smith
    Sr. Systems Engineer

    The rule is perfect: in all matters of opinion our adversaries are insane --Samuel Clemens

    Comment


    • #3
      Re: Disconnect mapped drives and authentication

      Thanks for the reply,

      Im going to give it a try now!

      Three forums.... and you are the only one to reply to my question!!

      Will let you know if it works.

      Thanks!

      D

      Comment


      • #4
        Re: Disconnect mapped drives and authentication

        Just tryed it and it works!!

        Thanks very much!

        D

        (also if anyone shows interest, i can post the whole thing finnished when its done.)

        Comment


        • #5
          Re: Disconnect mapped drives and authentication

          of course post it back.
          It could always be useful to others.

          Thanks for the update
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment

          Working...
          X