0

What credentials does Windows 7 use to access network shares by default?

The context: I have a Synology Diskstation in my network, that provides some network shares. These shares (and their sub-folders) are access restricted to user accounts on the Diskstation.

Expected behavior: I expected to be prompted for login credentials whenever I try to access those shares from a network computer.

Observed behavior: I can access any and all shares without login from any network computer?!! I can even inspect the security details of each share and see that the rights are set to the expected Diskstaion-users, but I can access them nevertheless?!

I have read somewhere that windows uses "guest" as default login, when accessing network shares. But I tried disabling the guest profile on the Diskstaion: no change. I do however have some network-drives connected to the Diskstation (with the appropriate login credentials). Could Windows "reuse" those credentials to login to other shares on the same device? That seems strange to me.

EDIT: All logins are local, i.e. not domain-logins. Also the computer and Diskstation accounts do not have the same usernames/passwords.

Improve this question
3
  • Try running the following command "net use" from cmd. It will tell you all open sessions to different shares along with the credentials used for each. Also AFAIK, even the least restrictive group "Everyone" doesn't include the Guest account. So you can't access using Guest credentials.
    – Dhiwakar Ravikumar
    Commented Apr 2, 2015 at 11:28
  • How many computers are we talking about? You can have 5 computers, 5 local users, all with the same username and password, and all 5 are basically unique users.
    – Ramhound
    Commented Apr 2, 2015 at 11:42
  • @Ramhound: see my edit. The accounts are local everywhere and do not share login credentials.
    – PeterE
    Commented Apr 2, 2015 at 11:48

1 Answer 1

Reset to default
2

By default, Windows will pass the currently logged in users id/password to the remote server.

So if your local Windows login (assuming you are not using a Domain login) ID and password is the same as the NAS, it will log in seamlessly.

Windows will retain login credentials if you ask it to but it stores those credentials against specific endpoints and it will not reuse them.

If this is not the case, then something is superseding the access restrictions.

Improve this answer
5
  • See my edit. So basically your last sentence applies. Any idea as to what that could be?
    – PeterE
    Commented Apr 2, 2015 at 11:35
  • Just for clarification: when you say 'specific endpoint' do you mean a specific network share/folder or the device that happens to serve that share?
    – PeterE
    Commented Apr 2, 2015 at 13:07
  • It is specific either to the IP address/name or to the Domain depending on the authentication being used.
    – Julian Knight
    Commented Apr 2, 2015 at 13:09
  • So, if I'm logged in on one share at a specific device, than I can access all other shares that have the same login on that device?
    – PeterE
    Commented Apr 2, 2015 at 13:16
  • That should work. Have a look in Credential Manager and you will see all of your saved credentials.
    – Julian Knight
    Commented Apr 2, 2015 at 13:50

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .