Mac OS Can't Access Windows Server share - Only Administrator Account Can Access

MacOS unable to access shares on Windows server. 

Mac OS Can't Access Windows Server share except only by an Administrator account.

Try this fix you will never find anywhere else.  It's original. Please share so fellow Mac users and Admins can find it faster. The method I used to access a Windows server share from a stubborn Mac is further down in this post, but there are some preliminary things you may have checked already. If not, they may be related to the issue as well. 

When attempting to access shares on a Windows server from an Apple MacOS device such as a desktop, users might encounter issues that can stem from various compatibility and configuration settings. When SMB shares will only connect using administrative accounts. 

You may find: 

Windows Security Log Event ID 4625

4625: An account failed to log on

Account For Which Logon Failed:

This identifies the user that attempted to logon and failed.

• Security ID:  The SID of the account that attempted to logon. This blank or NULL SID if a valid account was not identified - such as where the username specified does not correspond to a valid account logon name.
• Account Name: The account logon name specified in the logon attempt.
• Account Domain: The domain or - in the case of local accounts - computer name.

A prevalent cause is related to the Server Message Block (SMB) protocol versions, namely SMB1 and SMB2, which are essential for facilitating file sharing over a local network. MacOS and Windows use SMB for network file sharing, but discrepancies in SMB version support or configurations can lead to access problems. Specifically, if the Windows server is an older server OS version and configured to use SMB1, which is outdated and less secure, newer versions of MacOS may struggle to connect due to their preference for the more secure SMB2 or later protocols. 

To check which versions are enabled on the server open PowerShell prompt on the server and execute the following command. The output will display, among other things, SMB version enabled on the server. 

              Get-SmbServerConfiguration

If you have already addressed and established SMB1 and SMB2 are enabled on the server read on.  

This connectivity issue is further complicated when trying to access shares as a standard user versus an administrator. An administrator account might have additional privileges that can bypass certain network restrictions or have the necessary rights to change SMB protocol settings, whereas a standard user account may lack these permissions.

 Users should also verify that their accounts have the appropriate permissions to access the desired shares on the local network. 

If you have already established that the user account, you are trying to access the share with from the mac HAS access to the share then continue. You can view the permission in various ways on the server. One method is open Computer manger and view the permissions properties of the shares "Shares".

It's crucial for network administrators to ensure that both MacOS and Windows server settings are aligned, favoring SMB2 or higher for security and compatibility reasons. Adjusting these settings requires administrator-level access to both the MacOS system and the Windows server, to tweak the network configurations accordingly. 

Alternate Solution - Fix Windows Share Access from a Mac  

Here is the trick that I used just today to get two mac desktops to access windows server shares. You won't find this solution anywhere else.

After determining the administrator account accessed without an issue, it was evident the protocols, network, DNS, and several other factors for accessing the share were working properly. Plus, the standard user account was able to access other server's shares (different servers on the same network). It was this one particular windows server that the standard user, any standard user account, from the mac had an issue. 

The giveaway for this situation was that in the server's log were entries for failed logins indicating a NULL SID for the user account. The name displayed correctly however (sorry, I had to blur the name to protect the innocent).

                     

Only Administrator Account can access a Windows Share from Mac

Try this to fix Windows share access from a mac using a standard windows account particularly when only administrator can access windows share from mac.  

When only an administrator account can access a Windows share from a Mac, use the user's name that you're trying to fix  access for in the command below. This worked perfectly.  

On the server open a command prompt and run the command RUNAS like this to start notepad.exe on the server in the user's context. The same command can be used if the share is on Windows desktop (not a server). The command wouldn't require the domain portion. Type RUNAS /? to get command options and examples.

Once run, try accessing the server and shares again from the macs, it may solve your issue too.  I'm giving away a great a great trick that's I've used for other problems, testing, and now for solving the problem only administrator can access windows share from mac.

More detailed information on Event 4625:  https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventID=4625

 Please share this post if it worked for you too. 

Add a comment if the solution to solve the problem of only administrator can access windows share from mac was useful or not or if you have a variant of the solution, or this post inspired a whole new method to fix the issue. It could help someone else with the same or similar problem accessing Windows shares from a Mac OS desktop or laptop. 

  

Centralize and Share RDP Connections

Share and Centralize RDP Connections Without a File Server

RDP (remote Desktop Protocol) was first introduced by Microsoft in the Windows NT Terminal Server operating system as a multiuser server platform. 

In an increasingly interconnected digital landscape, businesses require robust solutions for managing remote desktop protocol (RDP) connections efficiently. Leveraging software that offers centralized management of RDP connections has become essential to ensure seamless access and collaboration. This cutting-edge software eliminates the need for a traditional file server, streamlining the process and allowing users to share RDP connections online. Central access to RDP connections ensures that all team members can quickly and easily reach the resources they need without the complexities of individual setup protocols. By sharing RDP connections through a centralized platform, companies gain the advantage of uniformity and security, as access rights and credentials are managed in one secure location.

Moreover, this approach allows IT administrators to maintain and oversee all RDP sessions through a single pane of glass, drastically reducing the risk of unauthorized access. The ability to manage a multitude of RDP connections from a central repository enhances productivity, as users no longer need to remember multiple login details for different servers. With this online-based solution, users can experience the convenience of a central access point for all remote desktop needs. Sharing RDP connections via such software also means that updates and changes can be rolled out swiftly across the entire organization. Ultimately, a centralized RDP connection management software provides a powerful and streamlined mechanism for businesses to maintain control over their remote access infrastructure without the dependency on physical file servers.

Centrally Manage and Access RDP Connections

Businesses need reliable solutions for effectively managing remote desktop protocol (RDP) connections in an increasingly interconnected digital ecosystem. To guarantee smooth access and cooperation, using software that provides centralized control of RDP connections has become crucial. Users can share RDP connections online using this state-of-the-art software, which streamlines the process and does away with the requirement for a conventional file server. All team members will be able to swiftly and simply access the resources they require online without having to deal with the hassles of separate setup methods thanks to central access to RDP connections. Companies benefit from uniformity and security when they share RDP connections via a centralized platform since access privileges and credentials are maintained in a single, safe location.

Furthermore, this method significantly lowers the danger of unauthorized access by enabling IT managers to manage and supervise all RDP connections accessible through a single pane of glass. Productivity is increased when users can manage numerous RDP connections online from a single location, eliminating the need for them to remember separate login credentials for various servers. Users can enjoy the ease of a single access point for all remote workstations with this web-based solution. Updates and modifications can also be quickly implemented throughout the entire company by using such software to share RDP connections. Ultimately, organizations can retain control over their remote access infrastructure without relying on physical file servers thanks to a centralized RDP connection management software, which offers a strong and efficient mechanism for doing so.

Using Microsoft Remote Desktop on a Windows 11 PC - A Step-by-Step Guide

A Step-by-Step Guide to Using Microsoft Remote Desktop on a Windows 11 PC.

How to Setup and Access Microsoft Remote Desktop on a Windows 11 Computer: A Comprehensive Tutorial.

Microsoft Remote Desktop on Windows 11 

I'm enjoying my Microsoft Windows 11 desktop. Not much more advantageous over Windows 10 for the standard user who uses general base everyday applications but nonetheless, it's really nice. I have a lab and office that are equipped with an array of computers that I utilize for various tasks, including of course testing. 

The lab, as anyone would guess, is mostly for testing purposes, I use a virtualization platform that's excellent for testing. Virtualization platforms are a great tool for testing software or configuration experimentation but also increases the number of desktops and servers available to connect to. Which leads to the point of using RDP for connecting to these various desktops and servers.  

Whenever I need to connect to and manage one of the physical or virtual desktops and servers, I use and rely on Microsoft's Remote Desktop. A wonderful built-in service and tool added to Windows operating systems by Microsoft. 

However, with Windows 11 installed on some of my PCs, I now need to ensure that I can use the latest version of Windows as both a host and a guest for my remote sessions. To do so, follow these steps if you also need to connect to or from a Windows 11 computer.

Using Microsoft Remote Desktop on a Windows 11 PC

Requirements

Please note that Remote Desktop is compatible only with Windows 11 Pro and Enterprise editions. Unfortunately, this tool is not accessible on Windows 11 Home. Additionally, I will guide you through the process assuming that both your host and guest PCs are connected to the same home or home office network. However, if you intend to use Remote Desktop to connect to a PC over the internet, such as from a home PC to a work PC, you will likely need to utilize a VPN or secure gateway to establish and safeguard the connection.

1. Enable Remote Desktop

To establish remote access and enable connection to your Windows 11 PC from another computer, you must initially configure it as a host. In Windows 11, navigate to Settings > System > Remote Desktop. 

Activate the Remote Desktop switch. Take note of the PC's name, as it will be required for the connection process.

 

2. Provide remote user access.

When logging in to your Windows 11 computer, the default is to use the admin account that is already set up, which is most likely your own account. However, if you need to give access to other accounts, you can do so by selecting the option for Remote Desktop users.

To add another account, simply click on the Add button. In the Select Users window, enter the name of the account you wish to add and then click on Check Names. Afterward, click OK and then OK again. This will enable you to sign in with that account when connecting remotely to this PC.

Connect from another guest computer.

To establish a remote connection with your Windows 11 PC from a different device or operating system, such as a Mac, iPhone, iPad, or Android device, you can utilize the Microsoft Remote Desktop app. Simply download and install the app that corresponds to your specific OS or device. For the purpose of this explanation, let's assume you are connecting from another Windows PC.

To begin, access the Remote Desktop tool on your guest PC. In Windows 10, you can find its shortcut in the Windows Accessories folder within the Start menu. In Windows 11, locate it in the Windows Tools folder on the All Apps screen. If you encounter any difficulty finding it, simply click on the Search icon, start typing "Remote Desktop," and select the result for Remote Desktop Connection.

Next, enter the name of your Windows 11 PC in the Computer field. Click on the "Show Options" button. If necessary, input the username of the account on the remote Windows 11 PC that you wish to utilize. If you desire an added layer of security, you can select the option to "Always ask for credentials," which will prompt you to enter your password each time you connect to this PC. Once you are prepared, click on "Connect" to initiate the connection.

This is the standard RDP client interface. 

Click the connect button. 

Please enter the account password. Upon initial connection to a computer, a notification will appear indicating that the identity of the remote computer cannot be verified. You will be prompted to proceed with the connection. Select the option to "Remember my choice" for future connections to this computer. Confirm by clicking "Yes."

Check the box, don't ask again for RDP connections to this computer.

Once connected, you will find a blue connection bar at the top of the screen, offering various options. You have the ability to pin the bar in place and assess the connection speed using the icons on the left side. On the right side, you can minimize the remote window to the taskbar, adjust the window size, and end the remote session.

Connect to and control the remote computer.

Use Windows 11 as a guest.

To utilize Windows 11 as a guest on another computer, ensure that the remote PC is configured to accept Remote Desktop connections. On your Windows 11 PC, access the Remote Desktop tool by navigating to the Windows Tools folder on the All Apps screen. 

Also: How to use an RDP Manager to Manage RDP Connections to and from Windows 11 and Windows 10.

Before establishing a connection, you have the option to customize specific settings for your remote session. A very useful setting is to enable access to local drives. Which means that if you enable checkbox, you'll be able to access your local drives from within the remote desktop session directly. In the Remote Desktop Connection window, click on the Show Options button. Within the General tab, you can add a username if necessary and choose whether to enable or disable the "Always ask for credentials" option.

QuickBooks Error Code 1603 - How to Fix

How can QuickBooks Error code 1603 be fixed?

Thought to share my solution for fixing Quickbooks Error 1603 when installing Quickbooks Desktop Software. 

Please share this post and link https://pctechgo.blogspot.com/2022/09/quickbooks-error-1603.html so others could find it faster if this solution to fix Quickbooks Error 1603 works for you. 

 Fix QuickBooks Error 1603 While Installing QuickBooks Desktop

Already tried the recommended actions from Quickbooks knowledge-base but still get the error .Tech support doesn't know what to do. During an installation of Quickbooks, I encountered this error .And Quickbooks / Intuit knowledge base documentation suggested downloading and install the diagnostic tool to diagnose and possibly help fix the error . I received the same Quickbooks error 1603 while install the diagnostic tool. 

The OS was Windows 10. The user coincidentally had another computer,  another Windows 10 desktop, that had Quickbooks installed. So what's different , the build number. 

Fix Error 1603 when you install QuickBooks Desktop

Without getting into build number differences of Windows 10, let me provide the information I found and fixed Quickbooks installation error 1603. I tried all the recommended steps from Quickbooks and other posts and forums. 

Download the Quickbooks installer if you don't have it already. 

Right click the file and select properties. 

Then click on the compatibility tab. Check the Compatibility Mode, then runs compatibility for Windows 7. Save your changes and rerun the installation. 

Quickbooks Install Error 1603 on Azure Windows 10 virtual desktop 

Don't know if it made a difference but the desktop was a virtual machine in Azure. It was an Azure Windows 10 virtual desktop.

Please share this port and link so others could find this solution faster and easier. Thank you. 

How to Sync Changes in AD to Azure Manually

Sync Active Directory Changes to Azure AD.  

 

Syncing Changes in AD to Azure Manually

With an Azure AD connect server and services setup on your domain, password changes occur within seconds. 

Other property changes to Active Directory objects take longer to sync to Azure. Any user property, group property , or group membership changes all take a significantly longer time to sync. The shortest time possible is 30 Minutes . The sync time cannot be changed. it is set by Microsoft and cannot be modified with PowerShell or any other means. This is by design by Microsoft. 

Azure syncing and other issues related to Microsoft Active Directory and other productivity applications can be supported online. Online remote support software enables remote access    to systems such as servers and desktop through the web - https://www.4remotesupport.com/ . Also enabled is full remote control of keyboard and mouse, not just viewing capabilities are  available.   

Perform a Manual Sync 

There comes times when you want to sync changes made in your local domain environment to Azure quickly. This can be accomplished using a manual delta sync. It is a command line PowerShell option that will send recent changes in AD to Azure before the scheduled time. 

The following command when run on your AD Sync server will send changes immediately to Azure.

Open an elevated PowerShell session and run the following command as shown in the screen cap above. 

              C:\>Start-ADSyncSyncCycle -PolicyType Delta

Be sure to add the -delta at the end and if you have a spread out domain structure where your domain controllers are in multiple locations and syncing sometimes takes time, be sure to give enough time for the local changes to have replicated or force a sync of your local domain first.