**Weird** issue accessing server share from laptop

[seedubya]

The server is 2012 R2, fully updated. The laptop is Windows 7 Pro, fully updated.

I created a new user, call him John. I made him part of the "Management" AD group. I took an existing laptop, PC1, not re-imaged as it had been very lightly used, and logged him in on that laptop. He is a local admin as there is some older software on there that requires it. There are 2 server folders that the Management group have access to called DMS and Works. Using PC1

• John can access DMS just fine but cannot access Works either by name or by IP.
• Another user, Frank, with the same rights can access CAN access Works

Using PC2, however, John CAN access Works.

I'd prefer not to re-image as I don't have a laptop for him and there's loads of post imaging work to be done as his role is quite specialist. Can anyone point me in the right direction?

 

[jbartlett323]

Have you verified that John has access on both the Share and the NTFS security? I usually set my share to "Everyone", and then lock it down to specific users or groups via NTFS Security tab in folder properties....

 

[Moltuae]

Using PC2, however, John CAN access Works.

Are the laptop and PC2 members of the same groups and in the same OU?

 

[TurricanII]

On the problematic laptop logged in as the problematic user, open Win 7 credential manager and delete the cached credentials for the shares. Reconnect to the shares and re-add and the username and password and it might work

 

[seedubya]

Have you verified that John has access on both the Share and the NTFS security? I usually set my share to "Everyone", and then lock it down to specific users or groups via NTFS Security tab in folder properties....

Yes he has access via the share and via NTFS - I have verified his rights using the AD tool and visually.

Are the laptop and PC2 members of the same groups and in the same OU?

Yes, both machines are part of the same OU and groups.

On the problematic laptop logged in as the problematic user, open Win 7 credential manager and delete the cached credentials for the shares. Reconnect to the shares and re-add and the username and password and it might work

Tried this also to no effect but nice catch

Thanks to all for the pointers. No joy I'm afraid with anything including deleting both the user and the PC from the AD and re-creating them. It's bizarre!

Anyway one of my lads has gone to re-image it this morning - hopefully that exorcises any resident ghosts in the machine!

 

[YeOldeStonecat]

Curious if behavioral differences on the laptop....between logging in via the wireless NIC, versus booting up with an ethernet cable plugged into her and logging in that way.

Does logging in as domain administrator give all the access?
Try blowing away the problematic user profile..entirely..on the laptop..log in and create a fresh one.

 

[seedubya]

Didn't

Curious if behavioral differences on the laptop....between logging in via the wireless NIC, versus booting up with an ethernet cable plugged into her and logging in that way.

Does logging in as domain administrator give all the access?
Try blowing away the problematic user profile..entirely..on the laptop..log in and create a fresh one.

Didn't check network medium, tbh. Logging in any other domain user gave correct access and logging in as this user on any other machine gave correct access. When I left the domain, I delted the user profile and all folders from the machine and deleted the user and machine accounts from AD also. It's imaging as we speak so we'll see afterwards.

 

[FishingAddict24]

Have you tried rejoining PC1 to the domain and doing a gppolicy update on it? I've seen issues like that with users before. Sometimes the fix is rejoining the PC to the domain.

 

[seedubya]

Have you tried rejoining PC1 to the domain and doing a gppolicy update on it? I've seen issues like that with users before. Sometimes the fix is rejoining the PC to the domain.

Yes indeed, one of the first step I tried - thought it might be one of those "trust relationship" issues that crop up so often with laptop users but no dice.