Solved

Login Prompt required to access subfolder in Domain User's own Profile

Posted on 2014-02-24
3
253 Views
Last Modified: 2014-03-18
This is so crazy I didn't know what to "name" the request.

I'm working with an end user named:  xxxxuser

In our domain we have redirected (via Group Policy) the "My Documents" folder so that end user's documents get saved to their own profile on our File Server.  Path is:
     \\xxx.local\users\xxxxuser\My Documents

On their client PC, they can save documents, create subfolders, etc.  All changes are saved to their redirected "My Documents" folder on the File Server.  

For xxxxuser access is complete to all "My Documents" folders except one buried subfolder.  Let's call it:  CantOpen.

So, the path to the needed files becomes:
     \\xxx.local\users\xxxxuser\Documents\SubFolder1\Sub2\Sub3\CantOpen.

I've created a shortcut on the desktop of the client PC to the "My Documents" folder that resides on the File Server.  If you drill through that folder to the "CantOpen" folder, you can actually get into the folder and open all the documents contained therein.  This requires several double clicks on the different subfolders to get to the desired file and is cumbersome.  

So, I decided to place a shortcut to the "CantOpen" folder directly on the xxxxuser desktop.   If you double click on it, you don't gain immediate access as expected.  You're presented with a prompt for domain credentials.  This requires entry of the end user's Username and Password.  After entering the correct credentials, you're presented with "Access is Denied".

Now, how is it possible that "CantOpen" is accessible when drilling through the "My Documents" folder, but cannot be opened at all when using the shortcut to the "CantOpen" folder?
0
Comment
Question by:baleman2
3 Comments
 
LVL 20

Accepted Solution

by:
CompProbSolv earned 250 total points
ID: 39884238
Are you sure that the shortcut points to "CantOpen" as accessed through "My Documents" rather than some other share closer to the root?  Windows can give you different rights to the same folder depending on how you get there.
0
 

Author Comment

by:baleman2
ID: 39884286
I just deleted the exiting shortcut to "CantOpen" from the xxxxuser desktop.  

1) Clicked on the "My Documents" shortcut on the xxxxuser desktop and all subfolders are displayed.  
2) Drilled through Sub1, Sub2, Sub3 to reach the "CantOpen" subfolder.  
3) Double clicked on "CantOpen" and all files are displayed.  
4) Opened several of the files.  
5) Went "back" one level and right clicked on the "CantOpen" folder and sent a shortcut to the desktop.  
6) Closed all windows.  The new shortcut to "CantOpen" is on the xxxxuser desktop.
7) Double Clicked on it and was presented with Login window.  
8) Entered Domain Credentials.  Access is Denied.
0
 
LVL 9

Assisted Solution

by:VirastaR
VirastaR earned 250 total points
ID: 39885583
Hi,

Shortcut_TEST Properties
Can you try this?

Check the "Target location" whether it is pointing to local user\My Documents or redirected  \\xxx.local\users\xxxxuser\My Documents ??

When you click on "Open File Location" do you see a file or "Access Denied"

Keep me posted.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Resolve DNS query failed errors for Exchange
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now