question

JeremiahMercier-3136 avatar image
0 Votes"
JeremiahMercier-3136 asked ·

How do I access a file share on a Windows 10 PC using a domain user when I'm not in the domain?

I have two Windows 10 laptops. One is a work laptop and one is my personal laptop. I work from home and both laptops are connected to the same network at my house. From time to time I need to access files on my work laptop from my personal laptop, so I've tried to connect to the administrative file share on my work laptop using \\COMPUTERNAME\c$ but no matter what credentials I use, I get "The user name or password is incorrect." This has nothing to do with the administrative share; the same thing happens when I simply try to connect to the computer using \\COMPUTERNAME.

I log into my personal laptop with my personal Microsoft account. I log into my work laptop with my company email address, and I can also log in using DOMAIN\USERNAME. Windows Settings on my work laptop shows it is connected to my company's Azure AD, but it is not joined to the domain. (It is a member of WORKGROUP.) Local Users and Groups does not show my user account listed as a local account, but it is listed as a member of the local Administrators group as DOMAIN\USERNAME. I am able to VPN to my company network as needed, but most of the time I do not use the VPN. My work laptop has never been physically connected to my company network. (I work from home in a different state.)

How do I access file shares on my work laptop from my personal laptop? When I try to connect using \\COMPUTERNAME I am prompted for credentials. No matter what I use, I get the error "The user name or password is incorrect." I've tried all of the following:

username@domain.com

DOMAIN\USERNAME

domain.com\username

MicrosoftAccount\username@domain.com

PCNAME\USERNAME

.\USERNAME

I've verified that I can log on locally to my work laptop with username@domain.com or DOMAIN\USERNAME, so I know I'm using the correct password. I've also verified that my account is not duplicated in Azure AD and I am not locked out. I am not trying to connect to anything on premises. This is a connection between two laptops on a private network using Azure AD.

azure-active-directoryazure-ad-authentication
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JeremiahMercier-3136 avatar image
0 Votes"
JeremiahMercier-3136 answered ·

After posting variations of this question on two different sites, no one has provided any solution to the question as stated. Based on feedback from @amanpreetsingh-msft in the comments, it appears that it is not possible to connect to a target computer with credentials for a domain account (even if it is not joined to the domain) unless the source computer is also connected to Azure AD. So the first workaround is to join the source computer to Azure AD (Settings -> Accounts -> Access work or school -> Connect).

Since this is a personal laptop, I don't wish to connect it to my work Azure AD. So the other workaround would be to create a local (non-domain) account on the target (work) computer, grant access to the file share, and connect using this account. I don't like that it requires creating an additional account that I will never use to log in locally, but it seems to be the better of the two undesirable choices.

Thanks to @amanpreetsingh-msft for his assistance.

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered ·

@JeremiahMercier-3136 In this scenario, both of your machines should be joined to same Azure AD tenant. Once your home laptop is joined to same Azure AD Tenant, you need to login using the same Azure AD user account on your personal laptop to access the shares of your work laptop. That way you would be using Azure AD only and you won't need to connect to VPN for connectivity to your on-prem environment.


Please "Accept as answer" wherever the information provided helps you to help others in the community.

· 9 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@amanpreetsingh-msft I cannot join my personal laptop to the Azure AD tenant because it is a personal laptop. I'm not doing anything on-prem. This is entirely remote. I'm simply trying to connect from one laptop to the other at my house.

Are you saying it's impossible for another machine to connect to a file share on my work laptop and authenticate successfully without it first being joined to the same Azure AD tenant?

0 Votes 0 · ·

@JeremiahMercier-3136 In that case the only option is to share the drive/folder and grant access to everyone group.

0 Votes 0 · ·

@amanpreetsingh-msft Ok, if I do that, how do I connect to the laptop? It still asks me for credentials, since Everyone means everyone that is authenticated and the whole problem is that I can't authenticate. It's prompting me for credentials and failing regardless of the share I access when I simply try to connect using \\COMPUTERNAME.

0 Votes 0 · ·
Show more comments
marcobrizi avatar image
0 Votes"
marcobrizi answered ·

Even though I'm not a network expert to give you a response, I can propose a workaround.
Why don't you use a OneDrive synchronized folder to share the contents? Configuring on both the laptops the same OneDrive account, you have the possibility to access and edit all the contents you want maintaining them synchronized between the two (or even more) devices.
Ciao!

· 1 · Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@marcobrizi Thank you for taking the time to comment; however, this doesn't really address the question. I could also use a USB thumb drive to transfer the data, but neither of these solutions are really "workarounds." They are just completely different methods of transferring the data, of which there are many. I prefer to use a file share when possible because it doesn't (or at least shouldn't) rely on an internet connection, transferring the data to a third party, using a physical medium, etc.

0 Votes 0 · ·