Password protecting folder

[ascotta]

Pulling my hair out a bit here.

Here is my scenario.

Windows 2000 server DC with a shared folder. Some users connect to this. It is permissioned for them and only them.

So far so good.

However this data is extremly sensitive.

Other users in the company need to be able to use these users computers at times, whilst the user is logged in, is there any way to protect this data at a "time of access" as opposed to "pass through". Run as and getting them to login as another user etc is not an option. Time of access passwords is what I want. These files can be office and drawings and all sorts of stuff.

I have tried lock folder and universal shield and it is not what I am looking for.

Any ideas would be much appreciated, or am i asking a lot ? Or potentially am I not seeing the wood for the trees.

[blue] A perspective from the other side!![/blue]

Cheers
Scott

 

[WhoKilledKenny]

Our policy is not to allow users to share the same username. Users are required to lock or logoff a workstation when they leave. We have a GPO that uses a password protected screen save should the user walk away and forget to logg off. It there a requirement for users to use other user accounts when using the same workstation?

 

[ascotta]

I had given a really tart reply but thought better of it. I have been through all the pro's and con's of locking workstations and users etc. My policy would be as such, but the powers at be wish it so. It also needs to be on the network. I would go efs but 5 users need access to the folder.

[blue] A perspective from the other side!![/blue]

Cheers
Scott

 

[WhoKilledKenny]

Here is an Idea then... I understand the powers that be. On the file server, set up a local account (not domain) that has access to the files. When the logged on user attempts to connect, the file server should prompt for username and password, as it would not recognize the account that is being passed through. This is in theory, but I bet it would work. The downside - the user would have to remember the username and password for the resource.

 

[ascotta]

Thanks whokilledkenny.

I had a quick think about that, problem would be that pass through would then be in place, as the logon ticket would be granted once the user had given that username and password. Good effort, the kind of thinking I am looking for. I have tried the locking stuff, but again pass through kills it stone dead. It needs to be per access. I don't mind users seeing the files, just not able to read em.

But heck I am going to give it a try anyway.

[blue] A perspective from the other side!![/blue]

Cheers
Scott

 

[WhoKilledKenny]

OK... good point. How about IIS FTP server at the folder level with a local user account and a session timeout. Access the files via IE???

 

[WhoKilledKenny]

Above post... poor-mans sharepoint services.

 

[ascotta]

ROFL points above. It think that is where I am going. Or write my own damned application to do it. Jeez and I thought I was dun coding years ago.

[blue] A perspective from the other side!![/blue]

Cheers
Scott

 

[WhoKilledKenny]

Whatever direction you go... please post outcome. Would like to know what you used for a solution.