This is so crazy I didn't know what to "name" the request.
I'm working with an end user named: xxxxuser
In our domain we have redirected (via Group Policy) the "My Documents" folder so that end user's documents get saved to their own profile on our File Server. Path is:
On their client PC, they can save documents, create subfolders, etc. All changes are saved to their redirected "My Documents" folder on the File Server.
For xxxxuser access is complete to all "My Documents" folders except one buried subfolder. Let's call it: CantOpen.
So, the path to the needed files becomes:
I've created a shortcut on the desktop of the client PC to the "My Documents" folder that resides on the File Server. If you drill through that folder to the "CantOpen" folder, you can actually get into the folder and open all the documents contained therein. This requires several double clicks on the different subfolders to get to the desired file and is cumbersome.
So, I decided to place a shortcut to the "CantOpen" folder directly on the xxxxuser desktop. If you double click on it, you don't gain immediate access as expected. You're presented with a prompt for domain credentials. This requires entry of the end user's Username and Password. After entering the correct credentials, you're presented with "Access is Denied".
Now, how is it possible that "CantOpen" is accessible when drilling through the "My Documents" folder, but cannot be opened at all when using the shortcut to the "CantOpen" folder?