I've got a windows 2008 R2 domain here in my office, fully featured with user groups, and user permissions. These permissions, folders, etc work fine. The problem is, some of my users are now being upgraded to Windows 7, i join our domain, and they're able to log in, see servers, access the internet, etc. The problem is, when they access their "private" folders, that they have permissions for, they're unable to write, only read. I double check the permissions, and they have full access rights.
Let me be clear, they're logged into the same active directory account they were on XP, just now on their new Win 7 set up.
Has anyone had similar issues, or know more than I do about the connection between servers and Windows 7? Everything was working fine for them until these users moved to Win 7.
The Error says:
ACCESS DENIED
You need permission to perform this action.
You require permission from OCC\Judith.Wilkins to make changes to this file.
SHE IS JUDITH.WILKINS
She's logged into the domain.
This is what the event log says, an Audit Failure :
A network share object was checked to see whether client can be granted desired access.
Subject:
Security ID: OCC\Judith.Wilkins
Account Name: Judith.Wilkins
Account Domain: OCC
Logon ID: 0xb8a7f1
Network Information:
Object Type: File
Source Address: 10.10.10.110
Source Port: 65174
Share Information:
Share Name: \*\OKCCWQ
Share Path: \??\E:\OKCCWQ
Relative Target Name: WQ_DIR\WQ_FILES\Users\JudithW\Public\To Do List.doc
Access Request Information:
Access Mask: 0xe0080
Accesses: READ_CONTROL
WRITE_DAC
WRITE_OWNER
ReadAttributes
Access Check Results:
READ_CONTROL: Granted by D:(A;;0x1200a9;;;BU)
WRITE_DAC: Not granted
WRITE_OWNER: Not granted
ReadAttributes: Granted by D:(A;;0x1200a9;;;BU)
I'd appreciate any advice or help.
Best Answer
OK Internet world,
I've solved my own problem, and as most IT problems - it was easy, as well as obvious.
Just to recap - my users are on XP and 7, those on XP can write/read their folders fine, but those users who are upgraded can't access folders they have AD permissions for. I noticed that another folder (for a different building) had users on Win 7 that were NOT having write issues, so I compared them. Security settings were both the same, but SHARING settings were different. The folder that worked at Change/Read selected, and the one I'm having problems with only had Read selected.
simple conflict.
What was so challenging about this is the fact that it still works for XP users, but not 7. I guess XP doesn't care if the folder is shared with read and change as long as the folder in question has security permissions for that user that let them write.
I want to thank everyone for trying so hard to help me out, and hope someone in the future stumbles across this thread and saves a week of stress from their IT lives.
Lesson to us all, it's probably something simple.