How to Disable NetStorage Access to Users' Files
Novell Cool Solutions: Tip
By Tony Fiore
Digg This -
Posted: 23 Mar 2006
Management has concerns that staff accounts may be hacked into via NetStorage due to weak passwords. Some staff accounts may contain confidential data such as Nurses, Social Workers, Special Education, Administrators, etc. How can you disable access to individual users files.
By default, when you install NetStorage, it works for everyone and there is nothing I have found yet to prevent that. However, by changing one setting in NetStorage, and some creative login scripts, you can manage what drives (if any) are accessible. The first thing to do is shut off Home Folder processing in NetStorage Administrator. This is done by changing the "1" to "0" in the "NetWare Storage Provider settings > HomeDirs" values. Then change your login scripts to disable all drive mappings for NetStorage on the container level.
See examples below.
I realize this isn't a very efficient way to manage login scripts, but in my situation at a school department, I only had to deal with the Staff containers. But I did however have to add the Home Directory mapping to all the other container whereas it was not processed by default anymore.
Depending on the way your Login Scripts are setup, put an entry at the top of the container login script(s) that apply:
IF <WEBACCESS>="1" THEN EXIT ELSE
I have scripts that are layered and use the INCLUDE statement. So I had to put it in the Users container script and the container above it.
This does not disallow the ability to login to NetStorage, but when you do, there are no directories to access.
Then, if individual users in that container still want access to their drives, you can manage them by their User Login Script:
IF <WEBACCESS>="1" THEN MAP H:=SERVER_VOLUME:STAFF\%CN MAP S:=SERVER_VOLUME:SHARED END
Of course at this pont you can add as many mappings as you need.
This was accomplished with NetWare 6.5 OES sp4a and any OS as far as I know.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com