0

We have a windows server 2008 box at my work place. I want to map a drive from the server to my laptop. I use windows vista home premium x64.

I am connected to my workplace through VPN. i can map the drive when I use the administrator account on the server. But the log on is unsuccessful if I use my personal account on the server to map the drive. My personal account on the server is part of Administrators group.

Can any one help me with this?

rboorgapally
  • 233
  • 2
  • 5
  • 18

2 Answers2

1

Make sure that you're passing the credentials with either the server\username or the domain\username or the username@UPN convention instead of simply typing [username]. I suspect that if you're only putting the username in, it is automatically prepending the local computer's name.

Wesley
  • 32,690
  • 9
  • 82
  • 117
  • I am using server\username to connect. I use these credentials in the __connect using a different username__ dialog box that pops out. – rboorgapally Sep 23 '09 at 16:32
  • While connected to the VPN, try mapping the drive with the "net use" command just to see if we can get some different behavior. At an elevated command prompt, type "net use [drive letter of your choice]: \\server\sharefolder password /USER:domain\username /PERSISTENT:YES" and see what if any errors are returned. Try the same thing with the administrator account and see if it is successful or not. – Wesley Sep 23 '09 at 16:46
  • It says system error 5 occurred. Access is denied. But it is successful for Administrator account. – rboorgapally Sep 23 '09 at 22:03
  • What happens when you try "net use" with no options - this should give you a list of mapped network resources; if you've already got a drive mapped (or attempted to map) with the admin credentials, that may interfere with mapping as your username, so you could delete it (net use /delete ) and try the mapping again. – RainyRat Oct 09 '09 at 08:08
1

If you are trying to connect to one of the administrative shares (e.g. \servername\C$, \servername\d$ etc) then UAC is preventing this. By default only the explicit local Administrator user account or an account that is a member of the Domain Admins Group has the automatic elevation privileges required to connect to administrative shares remotely. An account that is a member of the local Administrators group does not have these rights.

This can be disabled\changed by GPO but this is a fundamental principle of the behaviour of UAC with regard to remotely accessing administrative functions on a Vista\Win7\W2K8 target system. The relevant UAC security settings are detailed in this MSDN article.. This refers to Vista but the same rules apply to W2K8.

Helvick
  • 20,019
  • 4
  • 38
  • 55