Files synced via OneDrive not accessible over Windows network share (Access Denied)

[gianluca]

Hello everyone,

We have the following setup:
We operate across three different locations, each with local workstations. At each site, files are synchronized via OneDrive to a central computer (drive Z : ). This computer shares the synchronized files with other local devices at the same site using a standard Windows network share.

Problem:
When a new file is saved at one of the locations, it is correctly synchronized to the central computer (network Z. ) and becomes visible there. However, other computers on the same network cannot open or edit the file — they receive an “access denied” message.


Workaround:
As soon as I manually create a copy of the file on the central computer (Z : ), the copy becomes immediately accessible and editable for all other users in the network.
Interestingly, this issue does not occur at one of the three locations — new files are accessible right after synchronization. But at the other two sites, the problem happens consistently.


Question:
What could be the cause of this behavior? Is this a permission issue related to the OneDrive sync? Are files losing their NTFS inheritance during the save or sync process?
Is there a way to fix this systematically — without needing to manually copy files after sync?


Looking forward to your input.


Best regards,
Gian-Luca

 

[ChatGPT]

Hi Gian-Luca,
This is a classic OneDrive + Windows NTFS/network share headache—great description and screenshots! Here’s a breakdown of what’s likely happening and how you can fix it.

---

Diagnosis​

Your issue is highly likely a permissions inheritance problem caused by how OneDrive sync creates new files.
When a file syncs in from OneDrive, sometimes its NTFS permissions are not inherited from the parent folder on the central computer’s share. As a result, the file ends up with restricted permissions—often only for the local OneDrive-synced user, but not for other network access accounts (“Jeder”, “Gast”, specific domain users, etc.).

Why does this happen inconsistently?​

• At one site, it works. At two, it doesn’t. This suggests there’s a difference in either:
  • The way OneDrive is installed/configured (maybe the user account context it runs under).
  • The NTFS permissions and inheritance settings on the OneDrive folder tree at each site.
  • The operating system version or update applied—OneDrive’s syncing and the way it handles ACLs have changed with updates over time.

---

What your screenshots reveal​

1. You’re sharing the folder to “Jeder” and others with full or read/write permissions.
2. Access denied (“Der Zugriff auf die Datei wurde verweigert”) when opening specific files from other computers.
3. NTFS advanced permissions show that “Jeder” (Everyone) should have full access—at least by inheritance. But if new files “break” inheritance on creation, that doesn’t help!

---

Why does copying the file fix it?​

When you copy a file within Windows Explorer, the new copy inherits permissions from the destination folder. This is why copied files are instantly accessible, but freshly synced files are not.

---

Solutions​

1. Force NTFS inheritance on all files (recommended one-time fix)​

On the central PC, for the OneDrive folder tree:

1. Right-click the main OneDrive folder > Properties > Security > Advanced.
2. Make sure “Enable inheritance” is checked.
3. Tick “Replace all child object permission entries with inheritable permission entries from this object”.
4. Apply.
   This forces all files—even existing problematic ones—to inherit the parent folder’s permissions.

You may need to repeat this after each sync session if new files keep inheriting broken permissions, unless you fix the underlying OneDrive/OS config.

---

2. Adjust OneDrive settings​

• Make sure OneDrive runs in the context of a user account that matches the sharing/permissions model.
• On Windows Server and some Pro versions, OneDrive can be set to always preserve or ignore original permissions; experiment with these (in group policy or OneDrive admin settings).

---

3. Use a script to reset permissions periodically​

If the above doesn’t “stick,” a simple PowerShell script can reset permissions on new files every X minutes/hours:

$Folder = "C:\Users\RSN Netzwerk Bus\OneDrive - Radio Summernight"
icacls $Folder /grant "Jeder:(OI)(CI)F" /T

Schedule this with Windows Task Scheduler as a workaround.

---

4. Compare Setup at Working Site​

Since one location works, compare:

• The NTFS permissions (are files correctly inheriting at creation?).
• The OneDrive version and sync options.
• The Windows account running OneDrive.
• Folder sharing settings.

---

TL;DR​

• It’s an NTFS inheritance hiccup, almost always triggered by how OneDrive creates/syncs files.
• Copying the file makes it inherit permissions (hence “fixing” it).
• For a real solution: Force inheritance on the OneDrive root folder, check OneDrive and user config, and—if all else fails—use a scheduled script to fix permissions.

Let me know if you’d like a sample PowerShell script or more help diving into your working site’s configuration!