# 2008 Server access UNC work but Mapped doesn't



## christop_snow (Feb 3, 2009)

I have a 2003 server and 2008 server. The 2008 was recently installed. I have now moved all my users from the 2003 server to the 2008 server. Before the move I had access to all drive mapping in 2003 server. Currently I have 4 mapped drives (H: home, P: public, O: Office, S: Scanned). I can get (P, O, H and S) mapped but when I try to access S: Scanned it will only be able to access for 2 Domain users but not anyone else. I can access by the UNC path on all system but not form a mapped drive. I was able to give right to all the users in my domain and administrators. I also set the share and security right to exactly the same as the other 3 mapping (P, O and H). I have tried to map a drive on the server and I can’t even access the drive mapping on the local server or remote server as administrator. If the 2 pc have it mapped and can access it, no one else will be able to access S: Scanned drive. I can’t think of anything that would be blocking this from not accessing the mapping.
Has anyone seen this before?
Chris


----------



## bilbus (Aug 29, 2006)

what users can access it? Are they domain admins?

What error do you get?


----------



## christop_snow (Feb 3, 2009)

Each user could be form a domain admin to a domain user. I have put right to access for everyone to domain admin to domain users.

The error that I get if I try mapping on the server is

Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item,

This is mapping on the server and I get that and I am logged in as administrator

On a workstation 

Access is denied

Thanks
Chris


----------



## bilbus (Aug 29, 2006)

So even domain admins cant access it?

sounds like you did not do permisions correctly .. check security and sharing permisions .. but it sounds like share permisions are not correct.

What about \\server\C$ ?


----------



## christop_snow (Feb 3, 2009)

In Sharing I have everyone, domain admin, domain users and I have individuals. Full Rights

In Security I have everyone, domain admin, domain users and I have individuals. Full Rights

I can use the UNC path just fine on all workstation and administrator but when I map it and then try to use it, it will not work. If you are the first 5 to use the mapping it will allow you to use it but will not allow the any other user to use it until everyone restart for the morning.

All the other mapping are working fine it is just this one mapping. If I change the name reshare it or recreate the folder, do anything with this mapping it will do the same thing. Like is said before it is only doing this when I map to my 2008 server. If I point it back to my old 2003 server it doesn't do this. MY 2003 and 2008 share permissions with DFS so my 2003 has the same privileges as my 2008 server.

Thanks
Chris


----------



## bilbus (Aug 29, 2006)

So you are using dfs?

Does the problem happen when you map via dfs or server?

\\domain\share 
\\server08\share ?


that is untrue, dfs won't replecate share permisions. Each target maintains its own share permsmisions. Check the share permisions on the dfs targets.

You have a bunch of permisions to deal with.

In my example (picture) i have a 2 node DFS root, with 1 folder with 2 hosts being replecated.

In the picture the share permsions screen is covered by one of the boxes.

server 1 file permsions (folder security)
server 1 share permsions (windows shared file permisions)
server 1 dfs share permsions (dfs share permisions inside dfs app)

server 2 file permsions (folder security)
server 2 share permsions (windows shared file permisions)
server 2 dfs share permsions (dfs share permisions inside dfs app)


----------



## christop_snow (Feb 3, 2009)

I see what you are doing with DFS and file sharing.

This is the way that I have my namespaces setup 

I have a file called SERVER_DATA
I share that file with Administrator, Everyone, System, and More
Inside SERVER_DATA I have Files
Public = P
Office = O
Home = H
Scanned = S 
I do not replicate individual sub folder in my namespace I just replicate 1 main folder. So my DFS Managment looks like this
I am using NAMESPACE SERVER ONLY

DFS Management
-Namespaces
- \\Servername\SERVER_DATA

Inside the SERVER_DATA I put shares and security for P, O, H, and S with the same permissions. P, O, H can map and access but Not S in the same SERVER_DATA. I am trying to replicate from a 2003 to a 2008 server. I don't know it that will cause a problem?

You were right I can't replicate shares but I set them up to access them.

I double check both server 1- 2003 server 
Share-domain admin and domain users, system
File permission- domain admin and domain user, system 
DFS - domain admin and domain user, system EXPLICIT

Server 2 - 2008 server
Share-domain admin and domain users, system
Security- domain admin and domain user, system 
DFS - domain admin and domain user, system EXPLICIT

This problem will only happen when I map to Server 2 - 2008 server not 2003 server.

Direct Path Q:\SERVER_DATA\scanned
SERVER_DATA - is shared and SCANNED is shared 

\\server2\scanned - I can connect using UNC 
But not map Using - net user S: \\server2\scanned

Thanks
Chris


----------



## bilbus (Aug 29, 2006)

can you post a pic?


----------



## christop_snow (Feb 3, 2009)

Attached is the the 2008 server and 2003 server 

Thanks
Chris


----------



## bilbus (Aug 29, 2006)

Are these domain based DFS or stand alone DFS?

do you type \\server\serverdata or \\domainanme\serverdata?

Does your event log on either server say anything about frs or dfs errors?


----------



## christop_snow (Feb 3, 2009)

I was gonig to \\servername\Serverdata
I have now tried to go to \\domainname\serverdata

net use s: \\domainname\serverdata\scanned

come up with 

scanned on domainname\serverdata

After I did that I was able to get the dfs tab on the share properties. In the dfs tab I was able to give specific server to the mapping. I am currently trying this out to see if all my employee can access all the drive mappings.

Thanks


----------



## bilbus (Aug 29, 2006)

if you do \\servername its not dfs .. its a stand alone server

if you do \\domainname its dfs.

You do need to test both targets via \\servername\share .. to make sure both are reachable.


----------



## christop_snow (Feb 3, 2009)

I am able to reach it using the \\servername\serverdata sometimes and \\domainname\serverdata all the time.

If I go to \\servername\serverdata sometime access is limited.

But if I go to \\domainname\serverdata then access is shared between 4 servers that I am replicating in DFS.

I think it is working with the \\domainname\serverdata when I point to 2008 server in dfs properites but I will not always access it with \\servername\serverdata on the 2008 server.


----------



## bilbus (Aug 29, 2006)

well, right click on \\domainname\serverdata and look for the dfs tab. Test all the nameservers .. make sure they are accessable.

Turn off all but one server and test access. then switch servers.


----------

