avoid storing omv credentials in windows

1. offizieller Beitrag

    Good morning,
    I have created shared folders on my omv.
    When the windows user logs in to the omv network resource, he is first asked to enter his omv user credentials.
    Depending on the privileges of the omv user, it can only access certain shared folders.
    But there is a problem: when entering the credentials, if the user ticks "remember password", even the user who subsequently accesses windows will have access to folders which he should not have access to. Is there any way to avoid storing omv credentials in windows?

    • Offizieller Beitrag

    I would assume that Windows store the credentials as part of the user settings and that it is unique for each Windows user.


    Did you logout in Windows and then login to Windows as a different user?


    In that case Windows is broken...

    Zitat von Adoby

    I would assume that Windows store the credentials as part of the browser cache and that it is unique for each Windows user.


    Did you logout in Windows and then login to Windows as a different user?


    In that case Windows is broken...

    it's not about web credentials. these are windows credentials. That I log in with user x, rather than user y, the credentials remain stored in any case, it is completely normal. my question is: is there a way, by administering omv, not to allow credentials to be stored by windows or other systems?

    • Offizieller Beitrag

    You are correct. I changed web cache into user settings. Should still be unique to the user.


    No. You can't prevent clients from remembering passwords. Unless you change them.


    However there are different security levels.


    Share security requiring a password but not a user.
    User security requiring a user and a password.


    If you use user security, can user Y still access a share remembered by user X?

    Zitat von Adoby

    You are correct. I changed web cache into user settings. Should still be unique to the user.


    No. You can't prevent clients from remembering passwords. Unless you change them.


    Do you say that if user X have Windows remember the password and logout, and later user Y login and can access the share using X's password?

    I do a test..

    Zitat von nicovon

    Good morning,
    I have created shared folders on my omv.
    When the windows user logs in to the omv network resource, he is first asked to enter his omv user credentials.
    Depending on the privileges of the omv user, it can only access certain shared folders.
    But there is a problem: when entering the credentials, if the user ticks "remember password", even the user who subsequently accesses windows will have access to folders which he should not have access to. Is there any way to avoid storing omv credentials in windows?

    this is a windows problem not a OMV


    lots of responses on google, you need to use policies to change behaviour:


    https://www.top-password.com/b…d-credentials-windows-10/



    https://answers.microsoft.com/…4c-4c75-af6f-8b77f83aa649


    https://support.microsoft.com/…-on-a-computer-that-is-no


    https://www.youtube.com/watch?v=DkSidI6hYV8

    Hi everybody,

    I'm new in this forum


    Found raulfg3 comments helpful and thank him

    Also did some more research on that, sharing below:


    I found this info useful:


    Externer Inhalt gist.github.com
    Inhalte von externen Seiten werden ohne Ihre Zustimmung nicht automatisch geladen und angezeigt.
    Durch die Aktivierung der externen Inhalte erklären Sie sich damit einverstanden, dass personenbezogene Daten an Drittplattformen übermittelt werden. Mehr Informationen dazu haben wir in unserer Datenschutzerklärung zur Verfügung gestellt.


    Code
    @echo off
cmdkey.exe /list > "%TEMP%\List.txt"
findstr.exe Target "%TEMP%\List.txt" > "%TEMP%\tokensonly.txt"
FOR /F "tokens=1,2 delims= " %%G IN (%TEMP%\tokensonly.txt) DO cmdkey.exe /delete:%%H
del "%TEMP%\List.txt" /s /f /q
del "%TEMP%\tokensonly.txt" /s /f /q
echo All done
pause


    and updated the script with command exit instead of pause at the end.


    Then:


    a. in a folder put the .txt file and via command line make a copy of .txt to .bat file

    b. in the same folder where you put the .bat file create a shortcut pointing to that .bat file

    c. copy this shortcut to the startup folder by running shell:startup after pressing windows key + R


    Even though the profile is of a standard user on windows 10 pro this script can delete the saved credentials via a sign out and in both manually and also caused by a task scheduled such could be a simple logout and log in or a restart


    Hope this helps

    Zitat von nicovon

    @Adoby No, fortunately this does not happen. But multiple people log in with the same windows account. Here is the reason why I ask myself the problem covered by this thread.

    I do not think it is a problem of windows, but of the user. having settings per account is totally ok and once you start to use some MS 365 / Microsoft Online stuff it is not easy to not store these things.

    If you got help in the forum and want to give something back to the project click here (omv) or here (scroll down) (plugins) and write up your solution for others.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden