SSL VPN with NetExtender access to Mapped drives without exposing credentials in a batch file?
I'm connecting from a Windows 10 PC to Win2019 server through SonicWall TZ 300 wireless-AC. The drives are shared/mapped via Group Policy on the server. I have been successful (for a long time) in getting my shared drives via the NXConnect.bat. However, this requires putting user credentials in that batch file that then lives on the user PC and is a security risk. Is there a ore secure way to do this? Any help would be greatly appreciated.
Category: SSL VPN
Tagged:
0
Answers
If the drives are mapped via GPO why do you need to 'get your shared drives via NXConnect.bat'?
The mappings are present in the environment for local users, but not on the PC on the other end of the SSL VPN. The NXConnect was the way I was advised to do it a few years ago - e.g. below:
net use L: \\192.168.0.xxx\PApproach password /user:domain.com\John.Smith /persistent:yes
I'm looking for a better way to do it.
Do you know a better way?
Speaking of security risks... I dont map drives as drive letters can be parsed and attacked by malicious actors. Also company policies (should) state that remote users not using company devices cannot create shared drive connections to any devices inside the network. If remote users are using their personal devices they have to RDP into a secure server for access.
If I were to risk shared drive connections from non-company devices, I'd say have the user create a new Windows credential in Credential Manager that matches their domain credentials and the server they are connecting to, then you should be able to just map the drive however you want (aka a simpler net use command).
But none of this is really related to Sonicwalls.
This might seem a bit too obvious a question, but why are you putting the credentials in here? If the user of the PC is a domain user then surely 'net use' is sufficient?