I am trying to achieve an force prompt solution to network shares in a domain for security.
I tried setting share permissions and ntfs permissions for users in a domain
But when a user has no access in opening a network share on the network it doesnt prompt for an alternative credential.But instead with an error that the user doesnt have enough rights.
I tried writing a bat file to go through this issue:
runas /user:domain\administrator "%windir%\explorer.exe /separate/e, "\\server\share\""
The bat file prompts for the password and opens the explorer as administrator and opens the share.
The problem with this solution: User can access any folder since its in admin account.
I am unable to create a user account with admin privileges only on the computer but not on the server.
So my question is can anyone get me a solution to this:
- If it can be configured through windows the force prompt of credentials ?
OR
2. Explain me how to set up an account with admin priviledge only on domain computers so the user can run explorer.exe with admin rights and not get higher access to server files and other shared folders.
OR
3. Or any other workaround to get it achieved.