The following technique can be used to make use of the permissions and help diagnose how well permissions are working from the local service on which Onboard360 is installed. As a Scheduled Task in Windows, the user can be changed to suit the circumstances, whether you have used public access or matching user accounts.
This sequence will not be effective unless Full Control, Change, and Read permissions have been assigned to the user or group making the access.
The technique uses the following batch file (with edits) to create a log file in the remote data directory. The contents of the log file will confirm that access is working, without running Onboard360.
@echo off whoami > %~dp0output.log net use D:\Onboard_Data pushd x: dir >> %~dp0output.log popd net use x: /Delete |
1. Copy the above text to a text editor, and save the file to the system with the shared data directory, using a file extension of .bat, for example, Onboard_Share.bat.
2. Edit the batch file in the text editor and change the first net use command ("D:\Onboard_Data") to point to the uniform resource name of the network share you just created above.
3. Save the edited batch file.
4. In Control Panel, open the Task Scheduler and create a new Basic Task.
5. Select Start a program as the Action.
6. Browse to the location of the batch file you just saved when prompted.
All other options can be left at their default settings.
7. Save the task.
Now you need to edit the properties of the Task.
8. Right-click on the task and click Properties.
9. Under Security Options on the General tab, click the Change User or Group button.
10. Type the user whose permissions you are diagnosing in the Enter the object name to select text entry field.
If you are using public access, the user would be SYSTEM. If you are using a matching user account such as OnboardShare, type in the name of the matching user account.
11. Click Check Names.
12. Click OK to close the dialog boxes.
13. Repeat this process for any other remote data directory Onboard needs access to.
To run the Task:
1. Reboot both the remote and local systems.
This step ensures that the latest changes to permissions are implemented in the operating systems.
2. Check that the remote PC with the shared directory is online.
3. Run the task you just created.
4. Check that there is a new file named output.log in the same directory as the batch file.
5. Open output.log in a text editor.
6. Check that output.log contains the name of the user profile that is running the script (i.e.: nt authority/system or OnboardShare).
7. Check that output.log contains a directory listing of the remote shared directory.
8. Repeat this process for any other remote data directory Onboard needs access to.