Re: recurrent drive mappings fail
- From: DaveMills <DaveMills@xxxxxxxxxxxxxxxx>
- Date: Tue, 06 Oct 2009 23:49:44 +0100
On Tue, 6 Oct 2009 11:45:02 -0700, JT <JT@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
We are running XP workstations on a Windows 2003 domain (domain A).
We have a close working relationship with a separate domain (domain B) and
all of domain A users have accounts in domain B. All domain A users have
routinely mapped drives to a domain B share using their domain B credentials.
We recently completed a two way trust between domains. As soon as the trust
was in place domain A users had problems with their recurrent drive mappings
to domain B. Currently, they can map a drive to the resource on domain B,
but the drive mapping will not hold. Sometimes it will last through their
Windows session and sometimes it will fail withing a few hours ('access
denied'). Domain A users can disconnect and then remap to the domain B
resource but the recurrent mapping will never hold.
Obviously, putting the trust in place caused a problem. It seems that the
recurrent drives should still work. I am assuming that the domains are
somehow getting 'confused' about which domains credentials are getting
passed?
Has anyone seen this before or can you suggest a fix?
Since the trust is in place, we can created cross domain groups to fix the
issue but I am wondering what is happening to block the drive mappings.
thanks for any suggestions.
JT
By "Recurrent" I assume you mean "persistent", i.e. you tick the box reconnect
at logon.
When you Map the drive do you use "domain\user" or just "user". If the latter
which domain account will be used? It is ambiguous.
I have seen similar issues. You have two domains with no trust, A and B.
Each user has an identically named account in both domains with the same
password.
Before the trust: user in A access a resource in B. The B domain says "Who the
heck are you, I don't know A\Fred" and challenges for the credentials. A\Fred's
PC supplies "Fred/password=x". Domain B says "Oh! Hi Fred nice to see you" and
lets him connect, thinking it is B\Fred as the credential match those of B\Fred
even though A\Fred issued them. Everything works well.
Now you add a trust and the effect is that when the connection comes, domain B
says "Hi A\Fred, nice to see you but I am sorry you do not have permissions to
access that resource", only B\Fred can go there. You must change the resource
permissions to now allow A\Fred access.
As you have discovered this is best done using Domain Local groups to access the
resource and adding "A\Global Group" and "B\Global Group" to the "Domain Local"
group. Add users to their Global Groups to grant access.
--
Dave Mills
There are 10 types of people, those that understand binary and those that don't.
.
- Follow-Ups:
- Re: recurrent drive mappings fail
- From: JT
- Re: recurrent drive mappings fail
- References:
- recurrent drive mappings fail
- From: JT
- recurrent drive mappings fail
- Prev by Date: Re: NTFS modify but not delete
- Next by Date: Re: Printer Managment
- Previous by thread: recurrent drive mappings fail
- Next by thread: Re: recurrent drive mappings fail
- Index(es):
Relevant Pages
|
