System-wide mapped drive

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I want to map a drive letter to a network share at boot time so it is
accessable by services and started processes. KB article 149984 shows how to
make map a drive on NT that is available to services and started processes.
This also works on Win2000 AS.

This does not work on Win2003sp1. I cannot get a drive map to complete and
be permanent. I use a scheduled task to run at boot time to perform "net use
R: \\server\share". Win2000 will make this a system-wide share; Win2003 does
not.

Another symptom: Login as Administrator, start a command prompt using RunAs
/user:xxx (not Administrator) and then map the drive at the command prompt.
Now open another window using RunAs /user:xxx. On Win2000 you will see the
drive; on Win2003 you will not.

How can I get Win2003 to support this as in Win2000?
 
Always better to use UNC paths instead of trying to map drives when no one
is logged on.

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
|I want to map a drive letter to a network share at boot time so it is
| accessable by services and started processes. KB article 149984 shows how
to
| make map a drive on NT that is available to services and started
processes.
| This also works on Win2000 AS.
|
| This does not work on Win2003sp1. I cannot get a drive map to complete and
| be permanent. I use a scheduled task to run at boot time to perform "net
use
| R: \\server\share". Win2000 will make this a system-wide share; Win2003
does
| not.
|
| Another symptom: Login as Administrator, start a command prompt using
RunAs
| /user:xxx (not Administrator) and then map the drive at the command
prompt.
| Now open another window using RunAs /user:xxx. On Win2000 you will see the
| drive; on Win2003 you will not.
|
| How can I get Win2003 to support this as in Win2000?
 
Already considered that. Unfortunately, these applications can only use drive
letters; UNC names are not allowed.

Thanks anyway, Keith.
 
You might want to get in touch with the developer. Seems a design flaw to
create a service that must rely on mapped drives.

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| Already considered that. Unfortunately, these applications can only use
drive
| letters; UNC names are not allowed.
|
| Thanks anyway, Keith.
 
I would like to stay on topic and understand why this no longer works in
Win2003. This feature has a KB article that shows how to make it work;
Win2003 appears to have changed or broken some underlying dependent function.
This is a useful feature and I'd like to get it back. :-)
 
Does the account the service starts with have permissions to the resource?
On the server-side also make sure the account is added to Control
Panel|Admin Tools|Local Security Policy\Local Policies\User Rights
Assignments
"Log on as a service"

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
|I would like to stay on topic and understand why this no longer works in
| Win2003. This feature has a KB article that shows how to make it work;
| Win2003 appears to have changed or broken some underlying dependent
function.
| This is a useful feature and I'd like to get it back. :-)
 
The account does have "Log on as a service" rights. The same account that is
used by the boot time task to map the drive is used by the service.

In fact, on Win2000, once the drive is mapped, any user can see the drive,
not just the user who originally mapped it. My first post describes a test
scenario using just cmd and runas to show the difference between Win2000 and
Win2003.

Regards,
Keith
 
I don't know how that was accomplished. Users wouldn't normally share any
part of another's desktop heap. Either case maybe this one helps.

http://support.microsoft.com/default.aspx?scid=kb;[LN];243486

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| The account does have "Log on as a service" rights. The same account that
is
| used by the boot time task to map the drive is used by the service.
|
| In fact, on Win2000, once the drive is mapped, any user can see the drive,
| not just the user who originally mapped it. My first post describes a test
| scenario using just cmd and runas to show the difference between Win2000
and
| Win2003.
|
| Regards,
| Keith
 
No joy. The effect of putting a net use in the autoexnt.bat is the same as
putting it in a boot time scheduled task. The net use completes, but the
drive is not visible to the same user in a different task.

When I used the /persistent:yes option, the drives could be seen by the same
user with a Net Use, but the drives are not accessible (drive not found) when
trying to switch to the drive.

There seems to be something fundamental about contexts that is different in
Win2003 than Win2000.
 
When you logon as that user is the drive mapped and available? Does the user
have logon locally rights? I still think the concept of trying to use
network resources via map drives when no one is logged on is a bad idea.

You might take a look through these as well.
http://support.microsoft.com/kb/823659

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| No joy. The effect of putting a net use in the autoexnt.bat is the same as
| putting it in a boot time scheduled task. The net use completes, but the
| drive is not visible to the same user in a different task.
|
| When I used the /persistent:yes option, the drives could be seen by the
same
| user with a Net Use, but the drives are not accessible (drive not found)
when
| trying to switch to the drive.
|
| There seems to be something fundamental about contexts that is different
in
| Win2003 than Win2000.
 
Yes, when that user logs on to the machine, they can see the drives. They do
have logon locally permission.

I agree that using a common drive letter available across services and users
of the machine is not good. However, these are server role machines that have
a single use and will be in a computer room. I just want it to work as it has
in
http://support.microsoft.com/kb/149984

Dave, thanks for the responses. You have been very helpful.
 
That's a great article you found. Thanks for sharing it here. If I read it
correctly then what you're trying to do is not possible. The only way it can
work is if the service mapped the drive within it's own logon session.

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| FYI, here is an article that describes what I want. Last paragraph, last
| sentence, under "Redirected Drives on Microsoft Windows XP". (Also applies
to
| 2003).
|
| http://support.microsoft.com/kb/180362
|
 
Hmm...I came to the opposite conclusion. The last sentence saying "...drive
letters that are mapped from a service that is running under the local System
account are visible to all logon sessions" gives me the impression it would
work. Of course, now I have to find a way to do this. My fear is that this
option is mutally exclusive with network access.

The software needing the drive letter is DB2. When you create a database, it
is cataloged on a specific drive. It's the only way.
 
If I understand correctly you're mapping a drive within one user account
session then trying to access the mapped resource from another session for
the same account started by the service.

Yes the local system account does not have access to network resources. You
might look at defining a system DSN for the db2 database and pointing the
service to that.

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| Hmm...I came to the opposite conclusion. The last sentence saying
"...drive
| letters that are mapped from a service that is running under the local
System
| account are visible to all logon sessions" gives me the impression it
would
| work. Of course, now I have to find a way to do this. My fear is that this
| option is mutally exclusive with network access.
|
| The software needing the drive letter is DB2. When you create a database,
it
| is cataloged on a specific drive. It's the only way.
 
Back
Top