Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Software can't create folder on windows 2012 shared folder

Posted on 2013-01-07
8
Medium Priority
?
625 Views
Last Modified: 2013-01-29
there's a shared folder on windows 2012 server. We have a customized software which accesses the folder and create folders under the shared folder. But it can't. there's no error message because it's compiled software and can't show the error detail.

I checked permission on the shared folder and tried to create/delete folder using Windows Explorer and CMD from the trouble machine and others, it goes through. So, I don't think it's the permission problem to the folder and domain users. Something has to do with the software can't create the folder on it.
We just replaced the server from windows 2003 to windows 2012, and the software vender keeps saying something has to do with windows permission. could it be UAC thing?
0
Comment
Question by:crcsupport
  • 6
8 Comments
 
LVL 1

Author Comment

by:crcsupport
ID: 38752222
I don't know but it seems like the software keeps trying to use guest account in event viewer. Does anyone have any similar problem like this? software accesses as guest account to the shared folder in windows 2008/2012???
0
 
LVL 1

Author Comment

by:crcsupport
ID: 38752597
Below is the log matches with the error in event viewer/security, I guess.

Event ID 4625
====================================================


An account failed to log on.

Subject:
      Security ID:            Domain\user1
      Account Name:            xxxxx
      Account Domain:            Domain
      Logon ID:            0x6CD4A

Logon Type:                  3

Account For Which Logon Failed:
      Security ID:            NULL SID
      Account Name:            Guest
      Account Domain:            SERVER-A

Failure Information:
      Failure Reason:            Account currently disabled.
      Status:                  0xC000006E
      Sub Status:            0xC0000072

Process Information:
      Caller Process ID:      0x11b0
      Caller Process Name:      C:\Windows\explorer.exe

Network Information:
      Workstation Name:      SERVER-A
      Source Network Address:      -
      Source Port:            -

Detailed Authentication Information:
      Logon Process:            Advapi  
      Authentication Package:      Negotiate
      Transited Services:      -
      Package Name (NTLM only):      -
      Key Length:            0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
      - Transited services indicate which intermediate services have participated in this logon request.
      - Package name indicates which sub-protocol was used among the NTLM protocols.
      - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
0
 
LVL 1

Author Comment

by:crcsupport
ID: 38753403
the server rejects the application accessing the shared folder because the application or any service on the workstation  accessing the shared folder on behalf  of the application doesn't even have 'everyone' permission. What could it be??? is there any level of user group denied where everyone is allowed?  Maybe, if the account used by the application is disabled. But how the hell do I find what user it uses to access the folder and how do I change it?

By the way, the shared folder on server A is mapped to K drive on workstation.
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
LVL 1

Author Comment

by:crcsupport
ID: 38753442
didnt' mention that the domain is windows 2003 still..
0
 
LVL 84

Accepted Solution

by:
David Johnson, CD, MVP earned 1200 total points
ID: 38754571
go back to the vendor and inquire why it opens files using the guest account.. since the guest account is disabled on the server it will always fail unless you enable the guest account (a poor work-around), try it and see if that fixes your problem.

Don't forget that there are 'share permissions' and 'file permissions' the most restrictive one wins.

The application should be using the user account of the user that is running the program or the 'service account' if it is a service.
0
 
LVL 1

Author Comment

by:crcsupport
ID: 38755595
I think it's not the application's fault using the guest account of the server to create folder. Because the old server which was replaced, also have guest account was already disabled and it worked fine. My guess is new Windows 2012 assigns its account(guest or whatever) to whoever tries to access the local resource.
Do you know what service is related to giving access to shared folder? Network Location Awareness doesn't seem it is.

I'm totally fine with share/file permission.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 800 total points
ID: 38766965
Hi,

Does the application run on the Client PCs or the server?

Does the applicaiton access the share via UNC paths or via theMapped drive letter on the clients?

does the application run by user interation or is it run via a service or scheduled task?
0
 
LVL 1

Author Comment

by:crcsupport
ID: 38832758
The application runs on client PC.
It accesses through mapped drive.
it runs by user interaction. User logs onto the application. Once the user clicks a button to scan images, the application checks if the mapped drive/folder has sub folder to store the image, then if the folder doesn't exists, it creates it.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Securing your business data in current era should be your biggest priority. Numerous people are unaware of the fact that insiders commit more than 60 percent of security breaches. You need to figure out the underlying cause and invoke your potential…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question