Permissions for file share used by PC on same domain

0

I have created a script that runs on \\Server and writes to \\BackupServer\BackupShare. It works as expected when I run it myself.

I then setup a job in Windows Task Scheduler to run as SYSTEM and the same script fails with error 0x00000005 permission denied. How to fix this?

The share is located as X:\BackupShare on BackupServer with "inherited" permissions. I am sure I need to set share permissions as well but don't know how. Both machines are on same domain.

windows
permissions
network-shares
windows-server-2012
asked on Super User Dec 30, 2019 by user1125446

2 Answers

0

As mentioned the System account is a local account (see https://docs.microsoft.com/en-us/windows/security/identity-protection/access-control/local-accounts#default-local-system-accounts).

The SYSTEM account is used by the operating system and by services that run under Windows. There are many services and processes in the Windows operating system that need the capability to sign in internally, such as during a Windows installation. The SYSTEM account was designed for that purpose, and Windows manages the SYSTEM account’s user rights. It is an internal account that does not show up in User Manager, and it cannot be added to any groups.

On the other hand, the SYSTEM account does appear on an NTFS file system volume in File Manager in the Permissions portion of the Security menu. By default, the SYSTEM account is granted Full Control permissions to all files on an NTFS volume. Here the SYSTEM account has the same functional rights and permissions as the Administrator account.

The best way to solve this issue is create a seperate backup account with the least amount of rights needed.

answered on Super User Dec 30, 2019 by RS Finance
0

I found that I could add permissions for Server$ user in the active directory to that folder.

answered on Super User Dec 30, 2019 by user1125446

User contributions licensed under CC BY-SA 3.0