UNC Permissions issue
Posted on 2012-04-09
Ok. Very unique and frustrating issue here. I'll try to set this up from the beginning.
We have a COLD storage server. We have an application that exports a TIF image to this server that everyone uses. The TIF image is a voucher with a signature from the customer. This server then stores that TIF image in what we call "Volumes", but basically they are nothing more that a shared folder on the server. The voucher is exported to these volumes in a real-time invironment. Everyone on our domain has full read/write permissions to this shared folder for obvious reasons.
Once the volumes reach a specified limit, they must be archived off of the server. We archive them to CD. However, if a user wants to call up that archived document the COLD server will prompt for the volume to be inserted. This was starting to become a fairly involved task for the IT Department as more and more users were requesting archived documents that we needed to retrieve and take to them.
So, I recently added a NAS server to the domain for the purpose of creating a "Jukebox" of these archived documents for a online retrieval. Even better, I had the vendor of the COLD storage software automatically use the NAS as a mass storage device during the export process. Therefore, now the exported documents are stored BOTH at the orginal location as well as on the NAS, real time and whereas the NAS would be stated as unlimited for volumes.
On the IOMEGA NAS I created a Shared Storage that holds these documents and I am using Active Directory for authentication. I set up the share with all Domain Users given full read/write access. Should be simple right?? Oh my.
Here is the issue. All domain users seem to be writing to the NAS just fine EXCEPT users outside a certain subnet. Now, everyone is blaming something in my network routing, but this just can't be the case as these same users have access to everything else except the NAS. Also, they can login to the NAS console using their AD credentials through a browser,
If I type the UNC path on the troubled machine (\\NAS1\ONBASEPLATTERS\), I can not get to it. But I can typing the IP address in a browser and logging into the NAS dashboard.
I have 7 subnets on my network. 6 of them can not access the NAS this way. The local one can.