Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Software can't create folder on windows 2012 shared folder

Posted on 2013-01-07
8
Medium Priority
?
624 Views
Last Modified: 2013-01-29
there's a shared folder on windows 2012 server. We have a customized software which accesses the folder and create folders under the shared folder. But it can't. there's no error message because it's compiled software and can't show the error detail.

I checked permission on the shared folder and tried to create/delete folder using Windows Explorer and CMD from the trouble machine and others, it goes through. So, I don't think it's the permission problem to the folder and domain users. Something has to do with the software can't create the folder on it.
We just replaced the server from windows 2003 to windows 2012, and the software vender keeps saying something has to do with windows permission. could it be UAC thing?
0
Comment
Question by:crcsupport
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
8 Comments
 
LVL 1

Author Comment

by:crcsupport
ID: 38752222
I don't know but it seems like the software keeps trying to use guest account in event viewer. Does anyone have any similar problem like this? software accesses as guest account to the shared folder in windows 2008/2012???
0
 
LVL 1

Author Comment

by:crcsupport
ID: 38752597
Below is the log matches with the error in event viewer/security, I guess.

Event ID 4625
====================================================


An account failed to log on.

Subject:
      Security ID:            Domain\user1
      Account Name:            xxxxx
      Account Domain:            Domain
      Logon ID:            0x6CD4A

Logon Type:                  3

Account For Which Logon Failed:
      Security ID:            NULL SID
      Account Name:            Guest
      Account Domain:            SERVER-A

Failure Information:
      Failure Reason:            Account currently disabled.
      Status:                  0xC000006E
      Sub Status:            0xC0000072

Process Information:
      Caller Process ID:      0x11b0
      Caller Process Name:      C:\Windows\explorer.exe

Network Information:
      Workstation Name:      SERVER-A
      Source Network Address:      -
      Source Port:            -

Detailed Authentication Information:
      Logon Process:            Advapi  
      Authentication Package:      Negotiate
      Transited Services:      -
      Package Name (NTLM only):      -
      Key Length:            0

This event is generated when a logon request fails. It is generated on the computer where access was attempted.

The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on the system requested the logon.

The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
      - Transited services indicate which intermediate services have participated in this logon request.
      - Package name indicates which sub-protocol was used among the NTLM protocols.
      - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
0
 
LVL 1

Author Comment

by:crcsupport
ID: 38753403
the server rejects the application accessing the shared folder because the application or any service on the workstation  accessing the shared folder on behalf  of the application doesn't even have 'everyone' permission. What could it be??? is there any level of user group denied where everyone is allowed?  Maybe, if the account used by the application is disabled. But how the hell do I find what user it uses to access the folder and how do I change it?

By the way, the shared folder on server A is mapped to K drive on workstation.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 1

Author Comment

by:crcsupport
ID: 38753442
didnt' mention that the domain is windows 2003 still..
0
 
LVL 83

Accepted Solution

by:
David Johnson, CD, MVP earned 1200 total points
ID: 38754571
go back to the vendor and inquire why it opens files using the guest account.. since the guest account is disabled on the server it will always fail unless you enable the guest account (a poor work-around), try it and see if that fixes your problem.

Don't forget that there are 'share permissions' and 'file permissions' the most restrictive one wins.

The application should be using the user account of the user that is running the program or the 'service account' if it is a service.
0
 
LVL 1

Author Comment

by:crcsupport
ID: 38755595
I think it's not the application's fault using the guest account of the server to create folder. Because the old server which was replaced, also have guest account was already disabled and it worked fine. My guess is new Windows 2012 assigns its account(guest or whatever) to whoever tries to access the local resource.
Do you know what service is related to giving access to shared folder? Network Location Awareness doesn't seem it is.

I'm totally fine with share/file permission.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 800 total points
ID: 38766965
Hi,

Does the application run on the Client PCs or the server?

Does the applicaiton access the share via UNC paths or via theMapped drive letter on the clients?

does the application run by user interation or is it run via a service or scheduled task?
0
 
LVL 1

Author Comment

by:crcsupport
ID: 38832758
The application runs on client PC.
It accesses through mapped drive.
it runs by user interaction. User logs onto the application. Once the user clicks a button to scan images, the application checks if the mapped drive/folder has sub folder to store the image, then if the folder doesn't exists, it creates it.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question