Hi everyone,

It has been a while, but I am still updating this website with know-hows and other things about Computer stuff and the like.

I have had encountered the following issue:
A quick understanding of the environment:
Server 2012 R2 File Server
Server 2012 R2 Remote Desktop Session Host

Shares on the file server were distributed using DFS.
DFS Shares:

\\domain.ext\shares\FinalShare

FileServer Share:

\\fs.domain.ext\FinalShare

The following was occurring:
Users logging in on the Remote Desktop Server were getting red crosses in their disks but at those moments still accessible, strange disconnects of the disks and other situations.

What was discovered is that with using PSTools we discovered that the disks were for some reason bound by the local system account.
You can start a CMD promt using the following command from the directory you installed PSTools:

C:\PStools> PsExec.exe -s cmd

When you have done that you can net use to see if there are network bindings. Normally it should look like this:

C:\Windows\system32>net use
New connections will be remembered.

There are no entries in the list.

Only now it looked like this:

C:\Windows\system32>net use
Status               Local                  Remote                          Network

——————————————————————————-
OK                  z:                          \\domain.ext\shares\FinalShare            Microsoft Windows Network
The command completed successfully.

The strangest thing is, that if you are using direct shares to the file server (thus \\fs.domain.ext\FinalShare), it did not happen. It only happened while using DFS shares.

After some debugging it was clear it was the issue of a registry item within windows.
The following registry item will make it so that under server 2008 R2 domain administrators (not the administrator) had network shares and could use it.

If you have the same problem please delete or set following the registry key to 0:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLinkedConnections

Warning! editing the registry might damage your system, do not do this unless you know what you are doing!

Once you have changed the registry, reboot the system and users do not bind their network disks as local system any more.

 

Leave a Reply

Your e-mail address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.