How to associate a user account with another user account on a remote machine

2

0

I have a simple setup at home. One server running Windows 2008 R2 with TFS and SQL Server, no domain as well as a few workstation setup around the house. I have a few shared folders setup on the server, with restricted permissions, so that people visiting wouldn't be able to access those folders from their own computers. I map those folders on all desktop machines at startup, but they always ask me to enter username/password the first time I try to access them after reboot. Every time I'm trying to access TFS or Sharepoint site for TFS or SQL server, I have to login again, even though my login name/password are exactly the same on desktop and on the server. Is there a way to set up permissions in such a way that I wouldn't have to login every time I want to access restricted content on the server without setting up domain server? All desktop machines are running Windows 7.

Ilya Volodin

Posted 2010-11-08T23:23:16.797

Reputation: 73

Answers

1

Some ideas that might help.

If you do not want to re-enter the password for network shares, just map to a network drive with a drive letter and mark it as "Reconnect at logon".

For Sharepoint, this article might help:
SharePoint 2010: Create Custom Login page with persistent cookies

For Team Foundation Server see:
Managing Team Foundation Server in a Workgroup

More advice for network share login prompt from here :

  • Enable the guest account on the Server
  • Ensure in Local Group Policy that the Everyone user has the right for access this computer from the network.
  • Everyone permissions are needed for both share and ntfs permissions.
  • In the server in Local Group Policy security settings / local policies / security options : ensure the security option for "Network Access: Let everyone permissions apply to anonymous users" is set to enabled, "Network Access: Do not allow anonymous enumeration of same accounts and shares" is set to disabled.
  • Reboot server and client and try again.
  • If still no go, change the security option for "Network Access: Sharing and security model for local accounts" to be "guest only" if it is not that already.

harrymc

Posted 2010-11-08T23:23:16.797

Reputation: 306 093

Thanks, I'll check the links out. Unfortunately, reconnect at logon doesn't work for me. It's already checked, it maps the drive, but they first time I try to access it, it still prompts me for password. Even if I check "remember my credentials" it still asks for it. – Ilya Volodin – 2010-11-11T21:23:42.540

Try setting it up with a local login script. – Supercereal – 2010-11-12T00:40:55.233

Better recheck that the two user accounts have absolutely identical name and password. If nothing works, you can still add a "net use" command to the logon script with the password : http://www.cezeo.com/tips-and-tricks/net-use-command/

– harrymc – 2010-11-12T07:22:20.367

Both accounts have absolutely identical name and password, with exception of domain, one is server/ and the other one is workstation/. logon script will help with the folder mapping, but will not help with Sharepoint and TFS... There's got to be a better way of doing it. WHS is doing it somehow even without domain controller, so does homegroup. – Ilya Volodin – 2010-11-13T22:15:26.980

What do you mean by "with exception of domain"? You said you have no domains. Can you give more details about network architecture. – harrymc – 2010-11-14T09:03:32.113

I imagine he means Workgroup – Joe Taylor – 2010-11-16T19:31:49.977

I mean computer name, as in server\username vs. workstation\username. Sorry for the confusion – Ilya Volodin – 2010-11-17T04:58:17.677

I have added some more ideas. – harrymc – 2010-11-17T09:01:50.073

Thanks for the suggestions. Tried it (removed permission from share later, since I don't want visitors to have access to them). Now share doesn't require login at the first use, TFS is all good too, but Sharepoint is still asking for login.. Might have to create that login page with cookies after all (was trying to avoid it). – Ilya Volodin – 2010-11-18T01:33:32.803

0

This is the reason domains were created. In order to avoid the network prompt, you have to duplicate your account name on every single machine.

Say your account name is "SuperUser." Create that account on the appropriate machines that host your resources. All your client machines must use the same named account with the same password.

surfasb

Posted 2010-11-08T23:23:16.797

Reputation: 21 453

Asked: 2010-11-08T23:23:16.797

Viewed: 3 972 times

Active: 2011-02-12T05:00:51.760