Copy file FROM domain joined Windows 11 TO Windows Server mapped drive: "location is not available".

Copper Contributor

Hi Folks,

 

After much searching, I've found an adjacent issue but nothing that describes my problem.  Any help is appreciated.

 

Description:

  • The AD user has a GPO-mapped network drive
  • The user successfully creates and modifies files on the network share.
  • When the user attempts to copy a file from the local AD joined workstation to the server, receives error:  "Location is not available"
    <Drive Letter> is unavailable. If the location is on this PC make sure the device or drive is connected or the disc is inserted, and then try again, If the location is on a network, make sure you're connected to the network or Internet, and then try again. If the I

 

Environment:

  • Server: Windows Server 2016 Standard  (AD + File Server Roles)
  • Workstation: Windows 11 Pro (Domain Joined)
  • User Account:  AD Standard User (non-Admin)
  • Drive Map:  GPO, Fixed Drive Letter, Reconnect Enabled, Item Level Targeted to Security Group
  • Folder/File Share Permissions:
    - File Share ACL:  "Everyone" -> Full Control
    - NTFS ACL:  User/Group has Modify access for "This folder, subfolders and files"
       Full directory structure/permissions will be outlined at the bottom of the post.

The NTFS/GPO/Share configuration has been in production for several years.  This is a new user, first introduction of Windows 11 Pro in the environment.  Aside from Admins, this is the only user with this share.

 

Testing/Resolution Attempts:

  • Re-applied the group ACL to the directory (recursive)
  • Verified that issue is not occurring on Windows 10 Pro domain joined workstation using test account.
  • There is a known potential UAC issue when copying From Server To Workstation (the opposite of my issue and my user is not escalating privileges).  The recommended solution is using EnableLinkedConnections = 1 registry change.  Tried for the heck of it, no change.

 

Additional Information:
We allow granular permissions 1-folder level deep.

IE:

  • The root share lists departmental folders.
  • Departmental folders have custom group permissions
  • NO Departmental sub-folders have custom permissions.

Example Mapped Drive Details

\\Server\RootShare\1-LevelSubFolder

"RootShare" NTFS Permission:

  • Group:  DrvMap_<ShareName>
    Used for GPO Item Level Targeting
  • ACL:  List Folder / read data -> This Folder Only

"1-LevelSubFolder"

  • Group:  staff_<Department>
  • ACL: Modify -> This folder, subfolders and files

 

I hope that provides enough context.  We have US holidays coming up so my replies may be a bit slow, but I'd appreciate any advice you can give.

3 Replies
Hi JFish1,

What is the result when you apply a logon script to reset the driveletter?
net use z: /delete
net use z: \\Server\RootShare
Hi Mathieu,

I appreciate the assistance. I've reached out to the end user to schedule time for testing. I'll hopefully be able to post an update by Friday.

I was finally able to gain access to the user (busy guy!)

Interesting (if not problematic) findings. . .

 

Windows 10 vs Windows 11

  1. Using his profile on multiple machines, I can confirm that this is not OS or machine specific.
    Windows 11 box exhibited the issue, as did a Windows 10 machine with a fresh profile (first-time login for this user).

  2. An attempt to remap the drive outside of the GPO (dropping and re-adding via net use) failed to resolve the issue.
  3. Confirmed, using my Admin account (with Full permissions to the folder), the issue did not occur.

I cannot have other active/live users test as this is the only user with access to this share.

I'm open to any advice on how to chase this one. I'm stumped!