I've done some extensive research on this and I've tried every suggestion I have seen. I am troubleshooting an application that runs a "scheduler" service to periodically export *.txt files to a network share. I've changed the service to launch as a network service, and gave the network service account full NTFS access and share access. Both machines are on the same domain, and I am using the UNC path as input for the export function. I've also given the network service account some extra permissions under the Local Security Policy such as "Take ownership of files".
The application is running on Windows Server 2008 R2 and exporting to a box also running Server 2008 R2. These permissions I mentioned above were mirrored on both machines. Does anyone have any extra suggestions I might want to try?
Best Answer
If I understand what you've done correctly, on the network share you've granted write access to
NT AUTHORITY\NETWORK SERVICE. This is a local account only and granting this user write access on a folder/share will not allow remote computers to write to the folder.When a service running as
NETWORK SERVICEgoes across the network, the source username is the computers Active Directory object (i.eSOURCECOMPUTERNAME$). To allow your source computer to write to a share on the destination machine, you need to grant write access toSOURCECOMPUTERNAME$(the computer object). The other permissions you granted are superfluous and should be removed.