Configure Mapped Drives for Terminal Sessions
Mapped drives apply to terminal sessions.
By default, when a client user starts a terminal session, the user has access to local folders that are allowed for that user account. If the user authenticates without entering a Windows password (for example using public key authentication), that user needs to enter his or her credentials in order to access remote network resources (for example using net use).
You can use mapped drives to:
- Provide easy access to network locations that are not on the server.
- Provide users who authenticate without entering their Windows credentials with access to network resources using their own credentials. By configuring mapped drives, you enable users who authenticate using public key authentication to access remote resources without having to enter their Windows password.
- Provide users with access to network resources based on the rights associated with an alternate user.
To customize folder access for terminal sessions using mapped drives
- From the server console, click Configuration > Mapped Drives.
- Click Add.
- For Drive, select an available drive letter from the drop-down list.
Note: In some cases, drive letters that are available from this drop-down list may conflict with drives that are already mapped for a particular client user. When this occurs, the drive you map on the Reflection for Secure IT server won't be available to that user.
- For Network path, enter a value in UNC format (for example, \\computername\path\folder).
Note: In most cases the network path identifies a location on a remote server. You can also specify a shared folder on the local drive. This might be useful if you are using mapped drives to grant access based on an alternate user credential.
- (Optional) By default Use the credential of the client user is selected. With this default option, the drive you specify is available to the client user if he or she has access rights to that network location. To grant access rights based on the rights associated with an alternate user, select Use a specific credential. The user you select must be joined to the same domain as the server or to a domain that is trusted by the server's domain.
Caution: Be careful when configuring access with any credential other than the client user's own credential. When you configure an alternate credential to provide access to any folder on a server, Windows will allow access to other folders on the same server that are accessible to the alternate credential. For more information about this risk and how to handle it securely, see Best Practices for Using Cached Credentials.
- Click OK.
- Save your settings (File > Save Settings).