Access denied to network share for all users on a specific client machine only

Hi all,

I have a single Windows 7 Pro 32b laptop being denied access to a specific share on a specific SBS server.

If any authenticated domain user account (including members of Domain Admins) attempts to access this specific network share from the device, they get the "You do not have permissions to access this share, please contact network admin" etc error.

All other shares on the server are accessible from this laptop and the problem share is accessible from any other computer on the domain.

I have:

1) gone through the permissions with a fine tooth-comb (Share permissions set to "everyone: Full control" and NTFS set to "Domain Users: Modify") as well as sharing/unsharing the folder, adding "Everyone: full control" to the NTFS permissions. Checking the "Effective permissions" for any given user seems to check out fine.

2) Removed and re-added the client machine to the domain

3) Checked for cached local machine passwords for the share/specific users

4) Checked for any GPs or other controls which may be denying access to a given resource for a given machine - can't find anything!

and I still can't fathom this one out!

Any ideas
Iain_ParityAsked:
Who is Participating?
 
arnoldConnect With a Mentor Commented:
Check the server where the share is for stale sessions.  The issue could be in the sync/offline caching database.

Double check to make sure there are no unsynchronized files.

The issue often applies to one user rather than to every user.
See whether the issue is limited to accessing \\server\sharename where  \\ipaddress\sharename works.

The other issue could be that the shares are persistently mapped, and this is a replacement server where the credentials do not match and access is denied.  You could use GPO login script to detach net use <driveletter>: /delete
net use <driveletter>: \\server\sharename
And see if that corrects the issue.

Resetting netcache/disabling offline access might be another way to fix.

Using sysinternals process monitor
http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx
You could try using the tool while you try to access the share.
0
 
tomcahillCommented:
When I get stumped like this I will often try downloading and running ComboFix.

http://www.bleepingcomputer.com/download/combofix/

Often there is some malware causing the craziness.
0
 
Iain_ParityAuthor Commented:
Hi Tom,

I have already run Malware Bytes and the machine has an active, current version of ESET NOD32 as well, but I will certainly give this a go...I am running out of ideas!

Additional info for this issue:

1) It is interesting to note that trying to browse or map to this share doesn't prompt for authentication as it would/does for other shares to which a logged on account doesn't have permissions - it just defaults to "You do not have access"

2) I have tried net use /delete * to clear down any residual connections to the share - it does clear down but makes no difference to the issue

3) The only other thing that stands out as slightly different/odd about this share is that, when you look at the "Sharing" tab from the folder in Explorer, the top "Share" option is greyed out, but the "ADvanced share" options are available???

Weird..
0
 
Iain_ParityAuthor Commented:
Hi Arnold,

Thanks for the response - you put me on the right track to finally solve this one!

It was something in the local offline folders/files DB causing the issues.

I turned off off-line folders and restarted - the problem went away.

If I turned it back on again, the problem returned.

Finally I forced a reset/trash of the off-line DB using the regkey method here which solved the issue and allowed me to turn Off-line folders back on.

Thanks all.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.