Domain Controller: BDC01 (192.168.9.2)
Storage Server: BrightonSAN1 (192.168.9.3)
Domain: brighton.local
Last night I moved our users home directories off of our Domain Controller onto a storage server using the MS FSMT. I'm getting a mixed bag of errors. The first being some users cannot logon properly, they can't access the logon.vbs in the sysvol folder on the DC and consequently cannot map their drives. I've narrowed that down to a DNS issue as we there was a remnant of our previous DNS server in the DHCP server options and scope options. I'm able to get their drives remapped by browsing to the sysvol folder by IP address as opposed to Computer Name and manually running the logon.vbs script.
The other error I'm getting is Access Denied on a few of the users home directories. The top level folder (Home) is shared as normal and I've removed and re-added the NTFS security a number of times now including making the user the owner with full control. I've checked each and every individual file and folder in said users home directory and they are indeed the owner but I'm unable to write but I can read the contents.
I'm stumped. This isn't happening to all clients. I'm considering removing their AD accounts, backing up their folders and readding them as a last resort but obviously I'd like to know why the above errors are happening.
Best Answer
Presumably you have checked sharing permissions as well as ntfs security? The strictest of the two will take effect. Eg. Have you shared a homedirs folder to a domain group but some users are not members of that group? Also, do you have any deny permissions set on either of these as they can combine unintuatively?