Solved

Windows Server 2008 access to local drives as logged on user with admin permissions

Posted on 2010-11-17
5
1,613 Views
Last Modified: 2012-08-14
Hi,

The server is running Windows Server 2008 R2 Standard in a VMWare ESX environment.

If I log on to the server using the administrator account, there is no problem accessing local drives: C:, E:, F: and G:.

However, if I log on to the server using my account (which is in the local administrators group), I cannot access drives E:, F: and G:.  

Permissions on drives are as follow:
- CREATOR OWNER (Special permission)
- SYSTEM (Full control)
- MY_SERVER\Administrators (Full control)

In order to access the drives, I need to grant access to another group that I am member of.
Ex: Branch-Admin (Full control)

So, even though this group is in the MY_SERVER\Administrators group, this is not enough, I have to add this group directly.

How is this possible?  Is this something new with Windows 2008? This is not happening with Windows 2003.

Thanks
0
Comment
Question by:Bidonet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 85

Accepted Solution

by:
oBdA earned 500 total points
ID: 34155129
Welcome to UAC.
User Account Control
http://technet.microsoft.com/en-us/library/cc772207(WS.10).aspx

Unfortunately, since Windows Explorer is the desktop shell as well, you can't run it elevated (unless you run the desktop instance elevated as well, which defeats the purpose of UAC in a way that you can just disable it as well).
So if you want to to continue using UAC (which is somewhat recommended), I'd recommend using an Explorer clone (you can run those elevated) to access folders with administrative access only.
One of many examples:
FreeCommander
http://www.freecommander.com/
0
 
LVL 5

Author Comment

by:Bidonet
ID: 34155618
I tried disabling the UAC with the slider from User Accounts in Control panel but after logging back, I still have access denied on local drives.
0
 
LVL 85

Expert Comment

by:oBdA
ID: 34155759
Disabling or enabling UAC requires a reboot of the machine; only changing the notification level doesn't require it.
You can verify whether it's UAC by right-clicking the Notepad shortcut or exe and selecting "Run as administrator"; then use the File Open dialog to browse to the drive(s) in question. If you have access with this elevated notepad, it's definitely UAC.
How do I change the behavior of User Account Control by using the slider?
http://technet.microsoft.com/en-us/library/dd759070.aspx
0
 
LVL 5

Author Comment

by:Bidonet
ID: 34156052
I did restart the server and still access denied on the drives.

Following what you said, I did the notepad test and I can access the drive with "run as administrator" but access denied on drives with notepad without "run as administrator".

The slider is all the way to the bottom at "Never notify me".
0
 
LVL 5

Author Comment

by:Bidonet
ID: 34158051
Finally, I made it work by disabling the option: "User Account Control: Run all administrators in Admin Approval Mode" in Security Policies. (I also had to reboot)

Thanks again for pointing me in the right direction with UAC.
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question