File Server Permissions

[Guest]

Hello,

I posted this in Active directory also earlier but I think it might be
better answered here.


I have two mail servers and they are presently operating individually. I
want to setup a file server so I can put the mailboxes on it and point both
the mailservers to that location (UNC) to share the same mailboxes and hence
provide redundency for my network.. However in the past I was unable to
accomplish this without AD DC because I suppose file permissions that only
DC's allow. Could you direct me in the best way to handle this configuration
please? So that apps/programs can access folders/ can access another
machines folders.

Thanks very much
Joe

 

[Pegasus \(MVP\)]

Hello,

I posted this in Active directory also earlier but I think it might be
better answered here.


I have two mail servers and they are presently operating individually. I
want to setup a file server so I can put the mailboxes on it and point both
the mailservers to that location (UNC) to share the same mailboxes and hence
provide redundency for my network.. However in the past I was unable to
accomplish this without AD DC because I suppose file permissions that only
DC's allow. Could you direct me in the best way to handle this configuration
please? So that apps/programs can access folders/ can access another
machines folders.

Thanks very much
Joe

You can access files & folders on other machines if you
have suitable credentials. In a workgroup environment
this means that your logon account name / password must
also be defined on the machine where the shared folders
reside.

If you need more specific information then you should
provide full details about your mail servers (Exchange?)
and your mail clients (Outlook?).

 

[Guest]

Hello Pegasus,
Thank you very much for your reply,

My mailservers are not Exchange they are third party with webmail. A very
robust full featured mail system from Merak www.icewarp.com you may visit if
you would like a quick peek/overview.

However in the past working with the mailserver tech support I was advised
that in order to get the permissions in Windows Server I would have to use an
AD DC well this worked fine.

At that time I had only two servers and I was sharing/UNC/mailboxes on one
server. It occurred to me that this was a waste of time to a point because
even if the server that had the mailboxes on it went down the remaining mail
server would not be able to deposit the incoming mail anyhow.

This prompted me to look for another way. Hence I needed a third server for
the UNC/mailboxes so no matter which server was offline I could still recieve
mail.

This brings me to this point today. I am trying to use the mail servers and
let them access the mailboxes (which are actually folders) but I have never
seen a way to do this without implementing AD. I would think that there is?
This is also a problem in other cases too like IIS when the root folder is on
another machine.

Thanks very much
Joe

 

[Pegasus \(MVP\)]

The answer is the same as before: Make sure that the credentials
of the account requiring access to the mail boxes are acceptable
to the machine hosting the mail boxes.

 

[Guest]

Hello Pegasus,

In this mail server the mail server accounts are NOT machine accounts they
are exclusive to the mail server. So how is this going to work? e.g when an
account is created for mail it is not created in Windows.

How can you get the program NOT the user to access the folders?In AD DC I
can do this. How can you do this without an AD DC I don't think you can?

Thanks
Joe

 

[Pegasus \(MVP\)]

The mail server runs as a service or as an application. In either
case it is launched under a specific account, same as every other
application or service in Windows. You need to give access
rights to this specific account.

 

[Guest]

Hello Pegasus,
Thank you for your reply.

How would you set the permissions on a machine that doesn't have that
mailservers service running on it to select from?

Thanks
Joe

 

[Pegasus \(MVP\)]

1. Find out what account is used to run your mail server
application or service.

2. Create that same account & password on the other
machine.

 

[Guest]

Thanks Pegasus,

I will give it a try. Most appreciated

 

[Guest]

Hello Pegasus,

I went to the services and found Merak Service and there were about 5 of them.
However I opened them up and clicked the lgon tab and each of them logon as
Local Service and the hardware profile is Profile 1.

What should I do from here please?

Thank you
Joe

 

[Guest]

Hello Pegasus

I wanted to take the time to thank you very much for helping me.

I have succeeded thanks to you. It took me six months to get someone to
understand my question and answer it. So,you might say I was both worn out
and frustrated.

Thanks Again
Joe

 

[Pegasus \(MVP\)]

Thanks for the feedbac - glad you could resolve it. At the
same time I'm puzzled: The System account does not have
any privileges to access networked resources, so how did
you manage to do it?

 

[Guest]

Hello Pegasus,

Yes I was puzzled too for about six months until I realized something you
said.

"the folders can be accessed if the right credentials are there" well to
that affect

What hit was this service can logon as a user so I modified the logon from
LOCAL ACCOUNT to an administrator account I created just for this
application/service

I named it MerakMailServer and then gave it a password I had to restart the
service and it logged right back on without hitch. Ok now for the test?

Go to the file server and duplicate the MerakMailServer account and copy the
mailboxes to the file server. As we knew in the beginning.

Thanks a ton

 

[Pegasus \(MVP\)]

OK, this makes sense. Thanks for the feedback.

Hello Pegasus,

Yes I was puzzled too for about six months until I realized something you
said.

"the folders can be accessed if the right credentials are there" well to
that affect

What hit was this service can logon as a user so I modified the logon from
LOCAL ACCOUNT to an administrator account I created just for this
application/service

I named it MerakMailServer and then gave it a password I had to restart the
service and it logged right back on without hitch. Ok now for the test?

Go to the file server and duplicate the MerakMailServer account and copy the
mailboxes to the file server. As we knew in the beginning.

Thanks a ton