• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1553
  • Last Modified:

Access denied on Share, rights are all OK.

A user in our AD domain cannot access a share on a server. He just got a new laptop. No user groups have been changed, laptop is in the correct OU. NTFS and share level rights have been checked and are alright.
Is there anything else I can be missing here? Possible policy settings? "Deny access" somewhere?
0
philipcom
Asked:
philipcom
  • 4
  • 3
1 Solution
 
ManicDCommented:
log on with an admins username and see if they can access it
0
 
TheCapedPlodderCommented:
Can the user access all other shares and therefore is only having an issue with this one share?

Can you the user connect OK to your domains netlogon shares? e.g. dir \\domain.com\netlogon

If the user logs onto another machine can he/she access the share in question correctly?  If so, then it is down to the laptop in some way, shape or form.

What error does the user get when they attempt to connect to the share?  Can you try to map to the share from the command line:

net use * \\server\sharename

If this doesn't work, try it with an administrator account that you are 100% certain has rights e.g.:

net use * \\server\sharename /user:username password

Let me know how you get on.

Cheers,

TCP
0
 
philipcomAuthor Commented:
Thx for the advices. TheCapedPlodder: I tried giving the user local admin on the server (!) before, this did not help either. Gave him local administrator rights: no help.
So finally I added this drive in his logon script which seems to solve the problem (I logged to Citrix with his user name and this worked - user did not test it yet on his laptop). However, this seems to work around the problem rather than solve it.
I'll keep you informed when he tested this.
0
Granular recovery for Microsoft Exchange

With Veeam Explorer for Microsoft Exchange you can choose the Exchange Servers and restore points you’re interested in, and Veeam Explorer will present the contents of those mailbox stores for browsing, searching and exporting.

 
philipcomAuthor Commented:
Tested: user has mapped drives alright, but trying to access any share by using a UNC path does not work with this account. Strange.
0
 
TheCapedPlodderCommented:
Try using a FQDN e.g.:

\\server.domain.local\share

Just a test...
0
 
philipcomAuthor Commented:
Good test, but:
"Access to the resource \\server.domain.local\share has been disallowed"

BTW: User's original problem (unable to install a software from a network share) has been solved by mapping a drive letter to the share using his logon script. As I am still dying to know how to solve the above issue, I'm still letting this question open.
0
 
TheCapedPlodderCommented:
That would suggest that you have a group policy object that prevents browsing UNC paths.

I believe that if you prevent access to Start - Run this have the same effect.
0
 
philipcomAuthor Commented:
Thanks for the hints. Not completely solved, however. Workaround helped user - for the moment that works for me.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now