I've got a problem with a certain number of machines within our Active Directory. The Domain controllers are running Server 2008 R2, as is the NAS drive.
There are 1200 users and each user is split into 5 year groups:
Year 07.
Year 08.
Year 09.
Year 10.
Year 11.
Each user has a home folder on the NAS server which the profile path for the user points to. So when a year 09 user logs on, it directs to \\nas-a\year 09\$username...
Each user's home folder has a parent folder which corrisponds with the year group of the user. So a Year 09 user has a home folder which is inside a parent folder called 'Year 09'.
Each user is a member of a year group. So a Year 09 user is a member of 'Year 09' user group, a year 08 user is a member of 'year 08' user group etc.
The permissions for the folder are set accordingly so that a 'Year 08' user can't access the Year 09 parent folder and vice versa.
This works flawlessly on 99% of the workstations but occasionally there are workstations which don't play ball. When a user logs on they are unable to access their home folder.
In this example it is a Year 11 user. If I log on (as the domain administrator) to the workstation and manually navigate to the year 11 parent folder I get the following error message: Windows cannot access \\Nas-a\Year11 You do not have permission to access....... (But I'm the domain administrator??)
However, I can navigate to all the user Year group parent folders (year 07, year 08 etc...). If I get a Year 07, Year 08, Year 09 or Year 10 user to log on all is fine and the users can access their document folders.
The workstation in question is nearly always a laptop which connects to the domain via a wireless access point.
I understand that it may be difficult for me to explain the situation exactly.
How can I resolve the problem?
I hope you can help.
There are 1200 users and each user is split into 5 year groups:
Year 07.
Year 08.
Year 09.
Year 10.
Year 11.
Each user has a home folder on the NAS server which the profile path for the user points to. So when a year 09 user logs on, it directs to \\nas-a\year 09\$username...
Each user's home folder has a parent folder which corrisponds with the year group of the user. So a Year 09 user has a home folder which is inside a parent folder called 'Year 09'.
Each user is a member of a year group. So a Year 09 user is a member of 'Year 09' user group, a year 08 user is a member of 'year 08' user group etc.
The permissions for the folder are set accordingly so that a 'Year 08' user can't access the Year 09 parent folder and vice versa.
This works flawlessly on 99% of the workstations but occasionally there are workstations which don't play ball. When a user logs on they are unable to access their home folder.
In this example it is a Year 11 user. If I log on (as the domain administrator) to the workstation and manually navigate to the year 11 parent folder I get the following error message: Windows cannot access \\Nas-a\Year11 You do not have permission to access....... (But I'm the domain administrator??)
However, I can navigate to all the user Year group parent folders (year 07, year 08 etc...). If I get a Year 07, Year 08, Year 09 or Year 10 user to log on all is fine and the users can access their document folders.
The workstation in question is nearly always a laptop which connects to the domain via a wireless access point.
I understand that it may be difficult for me to explain the situation exactly.
How can I resolve the problem?
I hope you can help.
yet I can view all the other year groups.