Cant access shares locally on Server 2003.

Posted on 2008-10-06
Medium Priority
Last Modified: 2013-12-04
I have a problem which looks like it may be related to this question:

The difference is that I can access the shares and run programs from the shares when this is done over the network but not when logged on locally to the server. I need to be able to do this as we have a database application that needs to access a specific drive letter (X:) and this is to be used by Terminal Services clients. I can run the application direct from the hard drive but as soon as I map the drive as X: and try to run it through the share I get the following: "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item". I have tried copying the location, creating the share from scratch and setting up permissions every way I can think of but no joy.

As per the other question I thought it might be a Security Policy issue but I cant see anything which might be stopping me doing this here either. I have also tried taking ownership and explicitly granting permission to myself and this does not work so I think it must be share related and NTFS permission related. Help!
Question by:plokij5006
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3

Author Comment

ID: 22657561
I have now found that this behaviour only seems to apply to .exe and .bat files or similar. For example, if i create a .txt file and put it in the same location and check it has same share and file/folder permissions, I can open it with no problem. exe and bat files in the same folder give me the message described above.

I am beginning to think even more that this may be to do with group policy, any ideas anyone?


Author Comment

ID: 22657575
If I try the same with a zip file I get the message "Your current security settings do not allow this action".
LVL 11

Accepted Solution

snoopfrogg earned 2000 total points
ID: 22660424
Regarding the "You may not have the appropriate permissions to access the item" message, I've seen something similar when launching an executable from a network drive.  Uninstalling Internet Explorer Enhanced Security Configuration (Add/Remove Programs -> Windows Components) took care of the issue.  

I believe this will take care of the message you're seeing related to the .zip file.  If it doesn't try this:  (in IE) tools, options, security tab. select the Local Intranet zone.  Click Sites Add file://servername.  This adds all file connections to that server to the local intranet zone, including mapped drives to that server.  
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.


Author Comment

ID: 22661175
I think that may be it Snoopfrogg, I added \\servername to the Trusted Sites list and now the .exe runs albeit with a Security Warning. I am presuming that if I un-install IE Enhanced Security Configuration this will get rid of the Security Warning also. problem is, this server is going to have around a dozen users all accessing the application over Terminal Services - I dont know if I want to give them the ability to use IE without the Enhanced Security for obvious reasons. Any idea how to tacklle this so they don't get the Security Warning every time they run the .exe but the server still has IE locked down?
LVL 11

Expert Comment

ID: 22661621
Ah, valid point.

What is the specific security warning you're seeing?

Author Comment

ID: 22676710
Sorry for the delay in responding, the warning is: "Open File - Security Warning - The Publisher could not be verified, are you sure you want to run this software?" I assume this is because ESC is still installed on this server.
LVL 11

Expert Comment

ID: 22702316
Here are a couple of suggestions:  http://techarold.blogspot.com/2006/06/open-file-security-warning-publisher.html.  Notice that the article references the Local Intranet Zone.

Control Panel, Internet Options, Security tab, Local Intranet, Sites, Advanced, add \\Server\share as a website to the "zone".

There is also this option that may help with programs on a local drive:  Control Panel, System, Advanced, Performance Settings, Data Execution Prevention.  You can turn DEP on for everything "except those I select", and manually add them to the list.  Changing the DEP setting requires a reboot.

Author Comment

ID: 22709541
Thanks Snoopfrogg, that seems to work. I will accept both your responses as the solution.

Thanks again!

Featured Post

WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses
Course of the Month9 days, 9 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question