Non-simple File Sharing absurdity #2 2

[msocks]

There is now a new problem with non-simple file sharing.

Once you establish authentication, then it seems to be IMPOSSIBLE to turn it off !! Thus creating a huge security hole.

Assume there is a public machine with many users all the same password (or no passwd).

Assume a private machine (passwords are different) with non-simple file sharing (Guest account turned off).

Once a user on public machine attempts to accesses a shared file on the private machine, he will have to logon over the network into an account on the private machine. There is a "remember password" check box, and the user checks this.

It turns out that this link is now permanent. Even if both machines are restarted, the link remains. Therefore, anyone on the public machine can login as that user on the public machine, and then access the private shared (network) files on the private machine.

Is there a way to unremember the logon, or delete the password, and force a per-session logon by the private machine? It seems absurd that locally you have to log on each time. But over the network once you check "remember", it is impossible to force a logon.

Any and all suggestions are appreciated.

thanks

 

[smah]

Have a look at Start, Run, control userpasswords2, OK, Advanced tab, Manage passwords button.

 

[msocks]

Wow ! ... that sure works. Thanks smah

Can I ask you where do you find such nifty hidden stuff?

Like is there an index or website somewhere titled "all the good stuff that the so-called M$ engineers try hard for you not to know"?

 

[linney]

You could have a look at the FAQ's written by members of Tek-Tips for some common and some unusual problems concerning XP.

http://www.tek-tips.com/faq.cfm?pid=779

Then be aware of exceptional sites like these.

Windows XP Professional How-to Resources

http://www.microsoft.com/technet/itsolutions/howto/winxphow.mspx

http://www.kellys-korner-xp.com

http://www.dougknox.com/

Not to forget the Help and Support Center program with all its leads to Microsoft Knowledge Base articles if checked while online.

306992 - HOW TO: Manage Stored User Names and Passwords on a Computer in a Domain in Windows XP

http://support.microsoft.com/default.aspx?scid=kb;en-us;306992&FR=1&PA=1&SD=HSCH

306541 - HOW TO: Manage Stored User Names and Passwords on a Computer That Is Not in a Domain in Windows XP

http://support.microsoft.com/default.aspx?scid=kb;en-us;306541&FR=1&PA=1&SD=HSCH

 

[smah]

linney's the keeper of all the nifty hidden stuff.

Seriously though, the kellys-korner & dougknox links are excellent resources, as well as the MS knowledgebase and of course

http://www.tek-tips.com

 

[guitarzan]

Nice one smah! I had forgotten about that! Very useful to know.

I did some searching, and (apparently) there is no other way to get to that besides typing start --> run, control userpasswords2... amazing

 

[msocks]

linney - thanks for all the valuable pointers.

The last link on MS.com (manage passwd on non-domain XPP), includes the following instructions:

2. Click Start, and then click Control Panel.
3. In Control Panel, click User Accounts under Pick a category to open the User Accounts dialog box.
4. Open the <b>Stored User Names</b> and Passwords dialog box; to do so, use the appropriate method:

BUT - there is no such thing as "Stored User Names" in "User Accounts" which is just a goofey dialox box. I am on XPP SP2.

 

[linney]

Go to the User Accounts via Control Panel. "Pick an Account to change", it MUST be the account that you are logged in to.

Under "Related Tasks" you will have access to "Manage my network passwords