avoid storing omv credentials in windows

  • Good morning,
    I have created shared folders on my omv.
    When the windows user logs in to the omv network resource, he is first asked to enter his omv user credentials.
    Depending on the privileges of the omv user, it can only access certain shared folders.
    But there is a problem: when entering the credentials, if the user ticks "remember password", even the user who subsequently accesses windows will have access to folders which he should not have access to. Is there any way to avoid storing omv credentials in windows?

  • I would assume that Windows store the credentials as part of the user settings and that it is unique for each Windows user.


    Did you logout in Windows and then login to Windows as a different user?


    In that case Windows is broken...

    Be smart - be lazy. Clone your rootfs.
    OMV 5: 9 x Odroid HC2 + 1 x Odroid HC1 + 1 x Raspberry Pi 4

    Edited once, last by Adoby ().

  • I would assume that Windows store the credentials as part of the browser cache and that it is unique for each Windows user.


    Did you logout in Windows and then login to Windows as a different user?


    In that case Windows is broken...

    it's not about web credentials. these are windows credentials. That I log in with user x, rather than user y, the credentials remain stored in any case, it is completely normal. my question is: is there a way, by administering omv, not to allow credentials to be stored by windows or other systems?

  • You are correct. I changed web cache into user settings. Should still be unique to the user.


    No. You can't prevent clients from remembering passwords. Unless you change them.


    However there are different security levels.


    Share security requiring a password but not a user.
    User security requiring a user and a password.


    If you use user security, can user Y still access a share remembered by user X?

    Be smart - be lazy. Clone your rootfs.
    OMV 5: 9 x Odroid HC2 + 1 x Odroid HC1 + 1 x Raspberry Pi 4

    Edited once, last by Adoby ().

  • You are correct. I changed web cache into user settings. Should still be unique to the user.


    No. You can't prevent clients from remembering passwords. Unless you change them.


    Do you say that if user X have Windows remember the password and logout, and later user Y login and can access the share using X's password?

    I do a test..

  • I yield. I don't know enough about SMB and Windows to really help.


    Hopefully someone else can help.

    Be smart - be lazy. Clone your rootfs.
    OMV 5: 9 x Odroid HC2 + 1 x Odroid HC1 + 1 x Raspberry Pi 4

  • @Adoby No, fortunately this does not happen. But multiple people log in with the same windows account. Here is the reason why I ask myself the problem covered by this thread.

  • Good morning,
    I have created shared folders on my omv.
    When the windows user logs in to the omv network resource, he is first asked to enter his omv user credentials.
    Depending on the privileges of the omv user, it can only access certain shared folders.
    But there is a problem: when entering the credentials, if the user ticks "remember password", even the user who subsequently accesses windows will have access to folders which he should not have access to. Is there any way to avoid storing omv credentials in windows?

    this is a windows problem not a OMV


    lots of responses on google, you need to use policies to change behaviour:


    https://www.top-password.com/b…d-credentials-windows-10/



    https://answers.microsoft.com/…4c-4c75-af6f-8b77f83aa649


    https://support.microsoft.com/…-on-a-computer-that-is-no


    https://www.youtube.com/watch?v=DkSidI6hYV8

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!