Registrations are now open. Join us today!
There is still a lot of work to do on the wiki yet! More information about editing can be found here.
Already have an account?

Microsoft KB Archive/172520

From BetaArchive Wiki

Article ID: 172520

Article Last Modified on 11/1/2006



APPLIES TO

  • Microsoft Windows NT Workstation 3.5
  • Microsoft Windows NT Workstation 3.51
  • Microsoft Windows NT Workstation 4.0 Developer Edition
  • Microsoft Windows NT Server 3.5
  • Microsoft Windows NT Server 3.51
  • Microsoft Windows NT Server 4.0 Standard Edition



This article was previously published under Q172520

SYMPTOMS

When you share a CD-ROM (IDE or SCSI) or floppy disk drive but then try to access it over the network (either remotely or locally through UNC or NET USE) the following error message is displayed:

Access Denied

Additionally, the directory \\<machinename>\<sharename> remotely or locally will cause the following error message to appear:

File Not Found

Sharing and accessing a hard drive remotely or locally in the same manner will work fine.

CAUSE

There are 2 registry entries in the HKEY_LOCAL_MACHINE\Software\Microsoft\ WindowsNT\CurrentVersion\Winlogon subkey:

AllocateCDRoms:REG_SZ
AllocateFloppies:REG_SZ
                


One or both of these entries has been added and/or set to 1, thus disabling access to everyone but the locally logged on user.

AllocateCDRoms REG_SZ 0 | 1

Default: 0

Determines whether data in the CD-ROM drive is accessible to other users. This value entry satisfies, in part, the C2 security requirement that you must be able to secure removable media.

Value Meanings:

0 Compact discs in the CD-ROM drive can be accessed by all administrators in the domain.

1 Only the user logged on locally can access data on the compact discs in the CD-ROM drive.

Because the CD-ROM drive is a volume, by default, it is shared as an administrative share on the network. If the value of this entry is 1, the CD-ROM drive is allocated to the user as part of the interactive logon process and, therefore, only the current user can access it. This prevents administrators and remote users (and even the same user at a different workstation) from accessing the drive while the current user is logged on to the computer. The drive is shared again when the current user logs off the computer.

Windows NT does not add this value entry to the registry. You can add it by editing the registry or by using a program that edits the registry.

AllocateFloppies REG_SZ 0 | 1

Default: 0

Determines whether data in the floppy disk drive is accessible to other users. This value entry satisfies, in part, the C2 security requirement that you must be able to secure removable media.

Value Meanings:

0 Floppy disks in the floppy disk drive can be accessed by all administrators in the domain.

1 Only the user logged on locally can access data on the floppy disks in the floppy disk drive.

Because the floppy disk drive is a volume, by default it is shared as an administrative share on the network. If the value of this entry is 1, the floppy disk drive is allocated to the user as part of the interactive logon process and, therefore, only the current user can access it. This prevents administrators and remote users (and even the same user at a different workstation) from accessing the drive while the current user is logged on. The drive is shared again when the current user logs off.

Windows NT does not add this value entry to the registry. You can add it by editing the Registry or by using a program that edits the registry.

RESOLUTION

WARNING: Using Registry Editor incorrectly can cause serious, system-wide problems that may require you to reinstall Windows NT to correct them. Microsoft cannot guarantee that any problems resulting from the use of Registry Editor can be solved. Use this tool at your own risk.

  1. Start Registry Editor (Regedt32.exe) and select the following subkey:

       HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\ 
       CurrentVersion\Winlogon
    
       AllocateCDRoms:REG_SZ
       AllocateFloppies:REG_SZ
                            
  2. Change the value for these entries to 0 or remove the entry.



Additional query words: c2 cd-rom

Keywords: kbenv KB172520