Chip Levinson
asked on
Problems with Mapped Drives After Windows 10 Upgrade
Hello,
So I just upgraded my desktop PC from Windows 7 Pro to Windows 10 Pro. My PC is on a network with a 2012 Server and a Synology network attached storage device. I have three folders on my server and four folders on my NAS mapped as drives on my desktop.
No matter what I seem to try, every time I reboot my PC my server mapped drives show up fine but I cannot access my NAS mapped drives. All mapped drives show in in Explorer, but when I click on one from the NAS Explorer spins for a while then says it cannot connect to the device. I need to go to "Disconnect Mapped Drives", wait for all my mapped drives to show, then select and disconnect the NAS drives, then remap them.
On my NAS itself, I still have the default admin account (which I would like to disable for security reasons), and a login tied to my Windows security credentials. I logged into the NAS over the web on the admin account and created a new account, lets call it ChipNew, and added it to the administrator group. When I go to map the network drives on my desktop, I select "use other credentials" and try to use the new account. Here is where the problem lies. The drive will map fine with the ChipNew account. Explorer will not allow me to check the box that says "remember these credentials". I check it and Windows unchecks it. So it does not save the credentials and that is why I believe I have problems on reboot.
I tried running Explorer with admin rights, I still cannot check the box to remember credentials. I very much want to use ChipNew so I can disable admin. Any advice? I am pretty sure admin does not save either, but will double-check this.
So I just upgraded my desktop PC from Windows 7 Pro to Windows 10 Pro. My PC is on a network with a 2012 Server and a Synology network attached storage device. I have three folders on my server and four folders on my NAS mapped as drives on my desktop.
No matter what I seem to try, every time I reboot my PC my server mapped drives show up fine but I cannot access my NAS mapped drives. All mapped drives show in in Explorer, but when I click on one from the NAS Explorer spins for a while then says it cannot connect to the device. I need to go to "Disconnect Mapped Drives", wait for all my mapped drives to show, then select and disconnect the NAS drives, then remap them.
On my NAS itself, I still have the default admin account (which I would like to disable for security reasons), and a login tied to my Windows security credentials. I logged into the NAS over the web on the admin account and created a new account, lets call it ChipNew, and added it to the administrator group. When I go to map the network drives on my desktop, I select "use other credentials" and try to use the new account. Here is where the problem lies. The drive will map fine with the ChipNew account. Explorer will not allow me to check the box that says "remember these credentials". I check it and Windows unchecks it. So it does not save the credentials and that is why I believe I have problems on reboot.
I tried running Explorer with admin rights, I still cannot check the box to remember credentials. I very much want to use ChipNew so I can disable admin. Any advice? I am pretty sure admin does not save either, but will double-check this.
Hi Chip,
Do you see specific errors in any of the Windows Event Viewer sections or the log files at the time of this issue?
I wonder if Process Explorer or Process Monitor would help you capture or pinpoint whats triggering it to be unchecked on the backend or pertaining to the reboot.
Have you also checked Windows Credential Manager, what's being stored there, perhaps there is a conflicting entry? Or removing and re-adding the credentials there if present?
Do you see specific errors in any of the Windows Event Viewer sections or the log files at the time of this issue?
I wonder if Process Explorer or Process Monitor would help you capture or pinpoint whats triggering it to be unchecked on the backend or pertaining to the reboot.
Have you also checked Windows Credential Manager, what's being stored there, perhaps there is a conflicting entry? Or removing and re-adding the credentials there if present?
ASKER
Thank you both for your ideas. It has been a few years since I did any work on AD, I would need a bit of a refresher course. I had an IT consultant set up my domain. I opened Credential Manager and looked at Windows Credentials. Under the NAS entry which was modified today it said username was "XXXXX_NAS\NewChip" and the password only had 8 dots (my true password has 12 characters. I tried saving my true password, bit the hidden length stayed the same. Now I edited my username to be just NewChip and not "XXXXX_Nas\NewChip". I am going to reboot and see what happens.
ASKER
Jazz,
Which EventID log should I check? I found one error in the System log that was repeated many times. Not sure if this is relevant but the EventID was 10016 and the message was essentially:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-5 0F6B8EA6B5 4}
and APPID
{15C20B67-12E7-4BB6-92BB-7 AFF0799740 2}
to the user ########\#### SID (S-1-5-21-2494368010-28496 03923-8376 21751-1117 ) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
The user address I blocked is my user account to sign into my computer, not one of the NAS users.
Do I need to run Credentials Manager in Admin mode for changes to stick? I have never used it before. What should I be looking for? Going to bed rn, will look for your answers tomorrow. Good night.
Which EventID log should I check? I found one error in the System log that was repeated many times. Not sure if this is relevant but the EventID was 10016 and the message was essentially:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-5
and APPID
{15C20B67-12E7-4BB6-92BB-7
to the user ########\#### SID (S-1-5-21-2494368010-28496
The user address I blocked is my user account to sign into my computer, not one of the NAS users.
Do I need to run Credentials Manager in Admin mode for changes to stick? I have never used it before. What should I be looking for? Going to bed rn, will look for your answers tomorrow. Good night.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
i had the same problem & managed to fix it after following the advice in this article:
How to Fix NAS Device Not Visible On Windows 10?
ASKER
Arnold, thank you for your comments. As I mentioned, I am extremely rusty on dealing with Active Directory issues. The NAS serves two purposes. One volume on the NAS is a backup of the server files. The other volumes are primary storage for family photos, videos, and other multimedia files.
I logged into the NAS using a browser and its local 192.168 IP address and checked its settings. It is a member of my domain which is set to trusted domain. Is that bad for security? Does that mean if someone hacks my server they have direct access to it? My whole network does sit behind a Netscreen hardware firewall, if that helps.
Looking at my NAS control panel there are 6 entries under "Domain Users":
The admin account for my server/domain and guest accounts are both disabled
The Key Distribution Service Center account, krbtgt account in my domain is also disabled
A domain account for the IT specialist I hired 8 years ago to set it up. I have not hired him in years and should probably disable his account (do I do that from my server)?
Two domain accounts that were set up for me
Both of my domain accounts are different than the accounts I have been trying to use to log in and save credentials.
Maybe the first big question is should the NAS be part of the AD domain? If not, I will probably need to change how the server accesses it to save backups, correct?
Sorry for rambling - working on little sleep and am trying to remember how all this stuff works.
I logged into the NAS using a browser and its local 192.168 IP address and checked its settings. It is a member of my domain which is set to trusted domain. Is that bad for security? Does that mean if someone hacks my server they have direct access to it? My whole network does sit behind a Netscreen hardware firewall, if that helps.
Looking at my NAS control panel there are 6 entries under "Domain Users":
The admin account for my server/domain and guest accounts are both disabled
The Key Distribution Service Center account, krbtgt account in my domain is also disabled
A domain account for the IT specialist I hired 8 years ago to set it up. I have not hired him in years and should probably disable his account (do I do that from my server)?
Two domain accounts that were set up for me
Both of my domain accounts are different than the accounts I have been trying to use to log in and save credentials.
Maybe the first big question is should the NAS be part of the AD domain? If not, I will probably need to change how the server accesses it to save backups, correct?
Sorry for rambling - working on little sleep and am trying to remember how all this stuff works.
ASKER
Paul I am reading your suggested article right now and will let you know in a bit if it solved my issue
ASKER
Quick update. I just mapped all 4 NAS drives to my W10 desktop using my domain credentials. I checked the box and said use different credentials and typed in my user as DOMAIN\CHIP then typed in my password and said save settings. For each drive I had to enter the info twice, then all 4 drives were mapped. Rebooted and I saw all four drives. When I clicked on the P drive on the NAS in Explorer nothing happened, Explorer started doing a search then said that the drive is not accessible. The specified network name is no longer available. My W and V drives on the NAS now have a red x but my M drive on the NAS does not.
I did some quick research into the question about having the NAS in the domain. I am now leaning towards taking it out of the domain. I do use the NAS as remote storage that I access on a regular basis. I can simplify the task of connecting to it by moving all of my folders into a single share, as opposed to 4 shares. Ransomware scares the heck out of me - a close friend's company was nearly driven out of business not too long ago. It would be far, far more devastating if my NAS was encrypted then my server. I can start backing the server up to external HDDs (and do the same for the NAS).
If I take the NAS out of the domain, can I use robocopy to back it up to an external HDD? I prefer to not have my backups stored in a prorietary format that is tied to backup software.
I did some quick research into the question about having the NAS in the domain. I am now leaning towards taking it out of the domain. I do use the NAS as remote storage that I access on a regular basis. I can simplify the task of connecting to it by moving all of my folders into a single share, as opposed to 4 shares. Ransomware scares the heck out of me - a close friend's company was nearly driven out of business not too long ago. It would be far, far more devastating if my NAS was encrypted then my server. I can start backing the server up to external HDDs (and do the same for the NAS).
If I take the NAS out of the domain, can I use robocopy to back it up to an external HDD? I prefer to not have my backups stored in a prorietary format that is tied to backup software.
You could, though robocopy transfers the data to the system and then to destination.
The synology backup tools are and do provide the better option as the attached USB to the NAS
That includes versioning that mitigates ...
clearly separating sections of nas to limit its exposure.
Robocopy might mess up as it will overwrite good data with encrypted
The synology backup tools are and do provide the better option as the attached USB to the NAS
That includes versioning that mitigates ...
clearly separating sections of nas to limit its exposure.
Robocopy might mess up as it will overwrite good data with encrypted
ASKER
Arnold, I just tried your bat file suggestion with my P drive. Right before rebooting I checked and non of my NAS drives were mapped. I rebooted and opened explorer and did not see the P drive, then a few seconds later a CMD window popped up and so did the P Drive! I checked and I have 4 things running on Startup which may have delayed the bat file (several Startup programs can be deleted).
So I could modify your bat file so it has all 4 NAS drives in it, 4 lines of code to delete share then 4 lines to establish. I will do that next and am guessing my problem will be solved. Is it OK to rely on this bat file as a solution?
So I could modify your bat file so it has all 4 NAS drives in it, 4 lines of code to delete share then 4 lines to establish. I will do that next and am guessing my problem will be solved. Is it OK to rely on this bat file as a solution?
Yes.
Do you need a similar set of drives shared/accessed by other users?
You could use GPO and push either a user login doing the same for users, or use group policy preferences to achieve the same goal.
Note, the startup bat files will run for any user logging into the system, as that is the all user rules.
%userprofile%\appdata\roam ing\micros oft\window s\start menu\programs\startup shoukd be the individual, personal on login run bat file.
Do you need a similar set of drives shared/accessed by other users?
You could use GPO and push either a user login doing the same for users, or use group policy preferences to achieve the same goal.
Note, the startup bat files will run for any user logging into the system, as that is the all user rules.
%userprofile%\appdata\roam
ASKER
thank you everyone. Arnold's bat file suggestion has worked flawlessly for several days.
other option, check control keymgr.dll and whether you save the login credentials to access the NAS shared resources?