Active Drectory

I have a question about a mixed Edirectory / Active Directory environment.

I am the administrator of a Netware 6 server that has very sensitive
information on it, and it’s in it’s own tree in the DMZ. Only about a dozen
people have the access to it and even they need firewall rules setup for
them.

In the last year or so, the rest of the production environment has shifted
to an A.D. (Microsoft) environment, although it is still mixed as well.

My problem is, when a person reboots their machine and logs into the
production environment, if they were able to login to the restricted server
before, it no longer prompts them to login to it, they just have an
automatic connection and access. This concerns me, especially since I don’t
have control over the desktop and the clients.

Is there a way to force control from the server/tree side to require a
manual authentication? I want to superceed any deployed policy packages on
the desktops.

If this is not the right group for this discussion, can you kindly point me
to the right one?

Thanks.

It depends on how they are authenticating to the eDirectory environment,
but if they have access then it is almost certainly just the client
(Novell) that is sending the same username/password to eDirectory, which
then (as it should) lets them in. If you are not using the Novell client
but have mounts to SMB shares on NetWare/OES, the same applies, but with
the windows client restoring saved shares/drives. In this case you can
force a manual login (and anger your users very quickly) by changing
passwords so they are different.

Try the OES forums for anything else as it starts getting technically, and
support-y, and outside the scope of this non-technical forum.

–
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…