Solved

Windows Server 2008 access to local drives as logged on user with admin permissions

Posted on 2010-11-17
5
1,606 Views
Last Modified: 2012-08-14
Hi,

The server is running Windows Server 2008 R2 Standard in a VMWare ESX environment.

If I log on to the server using the administrator account, there is no problem accessing local drives: C:, E:, F: and G:.

However, if I log on to the server using my account (which is in the local administrators group), I cannot access drives E:, F: and G:.  

Permissions on drives are as follow:
- CREATOR OWNER (Special permission)
- SYSTEM (Full control)
- MY_SERVER\Administrators (Full control)

In order to access the drives, I need to grant access to another group that I am member of.
Ex: Branch-Admin (Full control)

So, even though this group is in the MY_SERVER\Administrators group, this is not enough, I have to add this group directly.

How is this possible?  Is this something new with Windows 2008? This is not happening with Windows 2003.

Thanks
0
Comment
Question by:Bidonet
  • 3
  • 2
5 Comments
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 34155129
Welcome to UAC.
User Account Control
http://technet.microsoft.com/en-us/library/cc772207(WS.10).aspx

Unfortunately, since Windows Explorer is the desktop shell as well, you can't run it elevated (unless you run the desktop instance elevated as well, which defeats the purpose of UAC in a way that you can just disable it as well).
So if you want to to continue using UAC (which is somewhat recommended), I'd recommend using an Explorer clone (you can run those elevated) to access folders with administrative access only.
One of many examples:
FreeCommander
http://www.freecommander.com/
0
 
LVL 5

Author Comment

by:Bidonet
ID: 34155618
I tried disabling the UAC with the slider from User Accounts in Control panel but after logging back, I still have access denied on local drives.
0
 
LVL 84

Expert Comment

by:oBdA
ID: 34155759
Disabling or enabling UAC requires a reboot of the machine; only changing the notification level doesn't require it.
You can verify whether it's UAC by right-clicking the Notepad shortcut or exe and selecting "Run as administrator"; then use the File Open dialog to browse to the drive(s) in question. If you have access with this elevated notepad, it's definitely UAC.
How do I change the behavior of User Account Control by using the slider?
http://technet.microsoft.com/en-us/library/dd759070.aspx
0
 
LVL 5

Author Comment

by:Bidonet
ID: 34156052
I did restart the server and still access denied on the drives.

Following what you said, I did the notepad test and I can access the drive with "run as administrator" but access denied on drives with notepad without "run as administrator".

The slider is all the way to the bottom at "Never notify me".
0
 
LVL 5

Author Comment

by:Bidonet
ID: 34158051
Finally, I made it work by disabling the option: "User Account Control: Run all administrators in Admin Approval Mode" in Security Policies. (I also had to reboot)

Thanks again for pointing me in the right direction with UAC.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question