Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
How to allow standard domain user to create folders in C:\ drive RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    I recently migrated my company infrastructure to domain.

    Domain members have problem working with one of the corporate applications, while working on it, which is on mapped disk on other server, the application is creating folders and files in C:\ drive. The application is asking for admin approval even if user is administrator, and after providing admin credentials, there is a message that access is denied.

    I am here asking for suggestions, what should I do so users can work freely and they will have full access to C:\ drive.

    Best solution will be if they wont be asked for credentials, but creating folders and files in C:\ without ani warnings.

    Thanks in advance.

    • Moved by Bill_Stewart Wednesday, November 29, 2017 6:37 PM User should not be doing this
    Sunday, October 15, 2017 8:24 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    This is not a scripting issue.  You are asking to permanently bypass system security.  Contact the vendor of the application for a fix or guidance. and post questions in the correct forum.    AS of Windows Vista vendors and developers were notified that they should not create folders at the root of system drive.  Ongoing Windows management and security moves and changes will likely conflict with any changes you make.

    This kind of question belongs in the "Deployment" forum.

    User folders should always be created in the users profile (Documents or AppData).  The prompt allows you to move the folder location when it is created.

    For many applications the choice of root is due to a lack of a user home folder setting.  Be sure the home folder is set correctly via Group Policy.  For all other issues check with the vendor.

    \_(ツ)_/

    Sunday, October 15, 2017 12:28 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You can check UAC level. If UAC is at top, make it down to medium or low.  These are domain computers so you can apply group policy to modify settings.

    If UAC level is down then check domain users permission on the C drive. Domain users should have sufficient permissions on C drive.

    Monday, October 16, 2017 5:28 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You can check UAC level. If UAC is at top, make it down to medium or low.  These are domain computers so you can apply group policy to modify settings.

    If UAC level is down then check domain users permission on the C drive. Domain users should have sufficient permissions on C drive.

    That is a very, very bad idea.  It will reduce the security of the system and it will not allow a user to create a file  in root.

    \_(ツ)_/

    Monday, October 16, 2017 12:09 PM