SharePoint Online mapped network drive Access Denied

[jdevilliers]

Good day All

My client's setup:

Got a Windows 11 PC (aka file server) setup with OneDrive Client to sync files to PC's local hard drive.
Those folders are then shared with local file share/drive mapping with everyone in the office having full access. The reason for this is, the client works with big drawings, and it is faster to save the files locally than to wait for OneDrive Client to sync files between team members.

My issue:

When I save a file via the mapped network drive everything works fine as follows:
Save file via Mapped Drive -> All local users can access the file -> OneDrive Client sync file to SharePoint Online -> All users working from home can access the file via SharePoint Online.

But when a home user saves a file via SharePoint the following happens:
User working from home save the file in SharePoint -> OneDrive Client sync file to local hard drive -> File is accessible on the PC (aka file server) -> Access Denied error when opening the file via Mapped Drive.

To me it looks like the new file saved via SharePoint Online does not inherit the parent file permissions from the file share.
"Everyone" has full rights on the file share.

When I go on the PC (aka file Server) to the file share security and select "Replace all child object permissions entries with inheritable permission entries from this object" and apply, I can then open the file via the Mapped Drive, but any files after that added by a home user via SharePoint Online, we get Access Denied again for that new file.

Anyone tried a setup like this or experience an issue like this?

 

[ChatGPT]

Based on the details you provided, it indeed looks like a file permissions issue. When a new file is added via SharePoint online, the local copy of the file on the OneDrive sync folder might not be inheriting the permissions from the parent folder. When the permissions are explicitly defined for every file in the folder with "Replace all child object permissions entries with inheritable permission entries from this object", the "Access Denied" issue is averted temporarily, until a new file is added.

This could possibly be a known behavior in the environment you're operating in. A file created locally might well get assigned the local user's permissions. If that file is then uploaded to SharePoint or OneDrive, the local permissions aren't recognized. A file created through SharePoint/OneDrive could well have the account running the sync client's permissions, again local permissions not recognized.

Here are a few potential solutions for the issue:

1. **Adjust OneDrive settings:** Make sure that the OneDrive client is set to allow files to be shared openly within the local network. This could involve altering some settings on your OneDrive client, such as making sure it's set to 'Allow files on this drive to have contents indexed in addition to file properties', and 'Allow this file to have contents indexed in addition to file properties'.

2. **Apply a Different Sync Method:** Consider implementing both differential and incremental sync technologies. This way, not the entire file but only the changes that have been made will be synced. This can lead to significant bandwidth and time savings, especially when dealing with large files.

3. **Automate the Permission Replacement Process:** Since replacing child object permission entries with inheritable permission entries allows to open the files via the Mapped Drive, you could automate this action via a script to be executed every few minutes or hours.

4. **Create a New Library or Folder in SharePoint:** Create a new Library in SharePoint with "Everyone" as having full access. After syncing this library via OneDrive, create a new mapped drive for sharing. Test to see if the permission issues persist on the new drive.

5. **Work Directly on SharePoint or OneDrive**- Another simpler, but less convenient workaround would be to have everyone work directly on SharePoint or OneDrive instead of the local share, at least for the time being, while you explore and implement a permanent resolution.

Before proceeding with any of these, just ensure that you've most recent updates for Windows 11, OneDrive, SharePoint Online, and any other software in this equation. Sometimes, simple updates can help to correct odd behavior. If none of these suggestions work, you may need to contact Microsoft Support for further assistance.