How can I force a re-login to another win2k system's share

[Dave]

Given:
- peer-to-peer network of Win2k systems
- system-1 system shares a folder with the others
- that share has only two unique userw permissions
- eg: user1w1(r-only) and user2w2(r/w)
- no 'everyone' access
- the userw are not in common with any system
- first-time system-2 access to that share requires a login
- eg: login as user1w1
- which is successful, but now that login is "stuck"

1 - How can system-2 force a "fresh" login to that same
share on system-1 only as 'user2w2' without re-booting
system-2 ?
2 - Is there a URL for a list of the Win2k authentication
and access rules ? I'm used to unix.

Thanks for any help.

 

[Herb Martin]

1 - How can system-2 force a "fresh" login to that same

share on system-1 only as 'user2w2' without re-booting
system-2 ?

In the Computer Manager\SystemTools\SharedFolders\Session
disconnect all users or specific users session.

I wonder if there is a command line equivalent?

2 - Is there a URL for a list of the Win2k authentication
and access rules ? I'm used to unix.

Someone else will need to post those, they are spread throughout
the Resource Kit books, Technet (books there too), and the
Support Knowledge Base (on Technet too.)

TechNet...see a theme there?

 

[Dave]

Thanks, but to be more precise, since system-2 can't
control system-1's sessions, I'd hoped that system-2 could
be told to "forget" it had previously "logged-in" to
system-1 -- since I'd guessed that was the effect of
re-booting system-2. That is why I'd guessed that system-2
should be able to tell system-1 it want's a fresh connect.

Interestingly, the 'sessions list' on system-2 was empty
but system-1 showed a connect ... yet deleting that connect
from system-1 did not force a new login for system-2 --
system-2 continued to see the shares on system-1 as if
nothing had changed ... hmmmm.

Thanks for the comments.

 

[Herb Martin]

Thanks, but to be more precise, since system-2 can't
control system-1's sessions, I'd hoped that system-2 could
be told to "forget" it had previously "logged-in" to
system-1 -- since I'd guessed that was the effect of
re-booting system-2. That is why I'd guessed that system-2
should be able to tell system-1 it want's a fresh connect.

What are you really trying to accomplish?

Kicking the user, will cause them to re-authenticate to regain
access.

(There is not logon from system 1 to system 2 in your scenario.
Just authentication.)

Interestingly, the 'sessions list' on system-2 was empty
but system-1 showed a connect ... yet deleting that connect
from system-1 did not force a new login for system-2 --
system-2 continued to see the shares on system-1 as if
nothing had changed ... hmmmm.

Sure, because auto-reconnect probably hooked them backup
OR it hasn't noticed yet.

 

[Herb Martin]

In my specific case, there is no 'user' for system-1 .. it

is a stand-alone "server" (common file sharing) with a lot
of file which other users access. If I "login" to a share
on the 'server' using a read-only account name and then
later want to "login" via a R/W account name (different
account, different priveledges, same share -- all perfectly
legal with Win2k) my system remembers my first login (since
boot) to that share. I'm looking for how to reset that
access so I can re-login to that share under a new name.
I'd write a tiny util and distribute it if I knew where the
data was stored. MS should have provided a menu option (at
least I cannot fine one).

Ah, you aren't trying to "kick a user" you are trying
to disconnect yourself from one authentication and
use another.

Ok, two choices if this is your issue.

Presumably you authenticated the first time explicitly and
will do so again (either at the command line or in Explorer
but the following will show the command line...)

If you map (net use) the D: drive on Other
net use G: \\Other\DDrive * /user:Other\youUser

Then later want the C: drive without disconnecting then do
this -- first get the IPAddress of "Other" (e.g., 192.168.2.1),
then use that in net use to map the drive:

net use H: \\192.168.2.1\CDrive * /user:Other\notYouAdmin

If you want to reuse the mapped drive letter OR you don't
want to use the IP address then first disconnect YOURSELF:

net use G: /d
net use G: \\Other\CDrive * /user:Other\notYouAdmin

I have no idea why the "IP address" trick works, but it does --
years I have not understood the whole set of weird rules for
this behavior but I can make it work.

Note: The second trick requires you /D deleting the map for
EVERY connection to that server, IF you have more than
one. This includes any "automatic" ones based on the UNC
name (like from your applications using \\Other\CDrive)

 

[Dave]

Herb,
Thanks! I've not explored all of this approach, but the
parameters for 'net use' do show and control the
authentication 'memory' of the 'client' system.

I did the simple experiment:
- start with no client access to server share
- 'login' to server share via explorer access to the share
- c:\>net use ... to get list of connections; 1 listed
- close explorer so no access is kept alive
- c:\>net use /delete \\server-name ... to kill connect
- c:\>net use ... to verify
- re-start explorer to locate the system
- share access again requires a fresh 'login'
- there is no memory of the last share 'login'

I can now semi-automate this with a script but it would
have been nice for MS to have added a menu option
'connection clear' for the user ease.

Thanks for the help !

 

[Herb Martin]

Herb,
Thanks! I've not explored all of this approach, but the
parameters for 'net use' do show and control the
authentication 'memory' of the 'client' system.

I did the simple experiment:
- start with no client access to server share
- 'login' to server share via explorer access to the share

It concerns me that you insist on saying "logon" when you
are (likely) merely authenticating. In tough troubleshooting
it is essential to be picky.

- c:\>net use ... to get list of connections; 1 listed
- close explorer so no access is kept alive

You likely didn't "close Explorer", rather just a Window.
Event he Taskbar and the Start menu are "Explorer" -- it
pretty much runs all the time.

- c:\>net use /delete \\server-name ... to kill connect
- c:\>net use ... to verify
- re-start explorer to locate the system
- share access again requires a fresh 'login'
- there is no memory of the last share 'login'

I can now semi-automate this with a script but it would
have been nice for MS to have added a menu option
'connection clear' for the user ease.

Batch file -- shortcut.

You have all the tools you need to automate it.