locked
Second new user account gives permission error. RRS feed

  • Question

  • For some reason, when I try to add a second new user at one sitting, the second user account requires a reboot of the WHS in order to view that Personal folder. When I click on the Shared Folders icon, I can see and navigate to the second new user, but clicking on the second new account, will give a lack of permission warning.

     

    Simply rebooting the WHS, cures the problem and I can access the folder just fine after that. The first new user and all the others, (4) do not give this message, even prior to the reboot. All proper folder permissons are set under the properties section for said account.

     

    Everything else works perfectly, I can even access the server from the net and upload files to it. Then I can even view the files if they are in say, Public. But, if they are in the Personal file folder, it is not allowed until a reboot. Once I do this, the account works fine.

     

    I did a search and could not find a reference, but perhaps I used the wrong keywords.

     

    Is this a known issue or should I submit a bug? I was able to repeat the behavior several times, by removing and adding users.

     

    I am using the CTP version.

    Monday, May 21, 2007 4:10 AM

Answers

  • For the new permissions to be seen, the client or server needs to be restarted (unfortunately). This is due to a limitation in the underlying technology.

     

    If you want to know the details, this is what must be happening in your case:

     

    1. You created user#1, browsed to user#1's personal share from your client machine. Now the client machine authenticated as whoever you logged in as (on your client machine), and ofcourse you must have given permissions to the share. When the authentication happens for the first time, the access permissions are cached. (Please note that the second share is not created yet, when the caching happens)

     

    2. Now you create user#2, and try to browse to the personal share for user#2. But since your client machine is already authenticated, and the permissions are cached, and that cache does not include the share for user#2, you are unable to access the second share.

     

    The same thing repeats for any subsequent user(s), until you restart the server (or client), at which point the cache is cleared and a fresh connection is made with the new permissions.

     

    This is, unfortunately, an artifact of how the underlying technology (SMB) works.

    Monday, May 21, 2007 4:34 AM
    Moderator
  • You can purge cached network credentials using the NET command:
    • Open a command prompt.
    • Type "net use" (without quotes) and press return.
    • For each connection shown to your server (whether it is displayed as disconnected or not), type "net use /delete <remote path>" and press return.
    Once all connections to the server have been removed, you should be able to connect as the new user. However, it's often easier to log off and back on. Smile
    Monday, May 21, 2007 11:41 AM
    Moderator

All replies

  • For the new permissions to be seen, the client or server needs to be restarted (unfortunately). This is due to a limitation in the underlying technology.

     

    If you want to know the details, this is what must be happening in your case:

     

    1. You created user#1, browsed to user#1's personal share from your client machine. Now the client machine authenticated as whoever you logged in as (on your client machine), and ofcourse you must have given permissions to the share. When the authentication happens for the first time, the access permissions are cached. (Please note that the second share is not created yet, when the caching happens)

     

    2. Now you create user#2, and try to browse to the personal share for user#2. But since your client machine is already authenticated, and the permissions are cached, and that cache does not include the share for user#2, you are unable to access the second share.

     

    The same thing repeats for any subsequent user(s), until you restart the server (or client), at which point the cache is cleared and a fresh connection is made with the new permissions.

     

    This is, unfortunately, an artifact of how the underlying technology (SMB) works.

    Monday, May 21, 2007 4:34 AM
    Moderator
  • You can purge cached network credentials using the NET command:
    • Open a command prompt.
    • Type "net use" (without quotes) and press return.
    • For each connection shown to your server (whether it is displayed as disconnected or not), type "net use /delete <remote path>" and press return.
    Once all connections to the server have been removed, you should be able to connect as the new user. However, it's often easier to log off and back on. Smile
    Monday, May 21, 2007 11:41 AM
    Moderator
  • Thanks very much for the info, both of you. At least now I understand what is going on. (Yes, I like to know these things)
    Monday, May 21, 2007 1:09 PM