I encountered an interesting bug with Windows 7 workstations with Access Based Enumeration enabled on a SMB Share and DFS Namespace running on Windows Server 2012 R2.
When a user tries to create a file or folder under a location which they have "Full Modify Rights" in Windows Explorer they receive the following error:
Drive Mapping refers to a location that is unavailable. It could be a hard drive on this computer, or on a network. Check to make sure that the disk is properly inserted, or that you are connected to the Internet on your network, and then try again. If it still cannot be located, the information might have been moved to a different location.
This issue occurs under the following circumstances:
The Windows 7 client works under the following circumstances:
When setting up Access Based Enumeration, the root folder should have:
The root level permissions are shown below. All sub folders are provided with full modify permissions for the respective security groups.
This works with 2008 R2, Windows 8.1 and Windows 10.
When a user tries to create a file or folder under a location which they have "Full Modify Rights" in Windows Explorer they receive the following error:
Drive Mapping refers to a location that is unavailable. It could be a hard drive on this computer, or on a network. Check to make sure that the disk is properly inserted, or that you are connected to the Internet on your network, and then try again. If it still cannot be located, the information might have been moved to a different location.
This issue occurs under the following circumstances:
- Access Based Enumeration is enabled on a Network Share or DFS Namespace
- If a Mapped Network Drive is created to the Share
- The user is connecting from a Windows 7 workstation.
The Windows 7 client works under the following circumstances:
- If the user creates a file from an application such as Microsoft Word (not Windows Explorer) using a mapped network drive to the folder share, it works corrctly.
- If the user opens the UNC Path of the share \\server\share\folder, not via the mapped network drive it works correctly.
When setting up Access Based Enumeration, the root folder should have:
- List Folder / Read Data
- Applies to "This Folder Only"
The root level permissions are shown below. All sub folders are provided with full modify permissions for the respective security groups.
This works with 2008 R2, Windows 8.1 and Windows 10.
With Windows 7 clients they need additional permissions granted at the root level folder including:
- Transverse folder / execute file
- List folder / read data
- Read Attributes
- Read extended attributes
- Read permissions
These extra permissions at the root level folder are only required if:
- You run Access Based Enumeration
- You have Windows 7 Clients on the network
Is it really workable on Window 7 with "Read Extended Attributes"?
ReplyDeleteMoreover, I tried this "If the user creates a file from an application such as Microsoft Word (not Windows Explorer) using a mapped network drive to the folder share, it works correctly." But it didn't work.
To Do List Template