If you are attempting to access a Windows 7, Windows 8, Vista or Server 2008 (R2), Server 2012 (R2) computer you may get the” Access Denied – Failed to connect to ADMIN$ share” error , even when supplying the appropriate local user credentials that have Administrator access. If the target computer is not a member of a Windows 2003 or later Domain then this is most likely because the target system has Remote UAC enabled. Remote UAC prevents local administrative accounts from accessing ADMIN$. (more appropriately Remote UAC prevents local accounts from running in an elevated mode when connecting from the network) If you need to be able to access the ADMIN$ using a local account then you will need to disable Remote UAC. You can accomplish this by editing the registry.
Assuming you have all your other ducks in a row (Firewall exceptions, appropriate credentials of local administrative user, etc) then you just need to add a quick entry in the registry of the target computer. In the registry, navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System.
Create a DWORD value called LocalAccountTokenFilterPolicy and assign it a value of 1.
You then can restart the Server service (but a reboot would be ideal ;-)).
LocalAccountTokenFilterPolicy
* By default, when local credentials are used to access a Windows Vista (or later) system that is a member of a Windows Domain this problem does not exist. Your Windows domain may still disable Remote UAC.
** By default Remote administrative access is denied to local accounts when a Windows Vista (or later OS) is NOT a member of a Windows 2003 or later domain.
Microsoft info:
Ah. This fixed my problem. Thanks man
Thanks Stephan, this worked great! I had built an MDT/WDS on Server 2012 R2 and devices where not able to connect to the Deployment Share and display a Task Sequence. An error message noted a possible credential issue, which was weird because that information is correctly baked into the bootstrap.ini settings.
After adding the registry entry and restarting the Server service, the networked PCs connected and deployments got rolling.
good to hear that this was helpful!
Solved.
THANKS
Excelente funciona en Windows Server 2012
This issue was killing me. Thanks a ton for posting this.
No Problem!
thanks a lot its help me. I was struggling with issue from last two days. Many thanks Stephan
your welcome!
NICE. worked for me. Was getting veeam error “tr: Failed to create persistent connection to ADMIN$ shared folder on host ” http://www.veeam.com/kb1493
Thanks Stephan for the tip. It solved my problem.
Are there any other options if this not worked.?
Thanks for the tip. I was totally lost
Thanks!
Thanks man you save my as% XD really was very helpfull
Even easier than restarting the Server service or rebooting run GPUpdate from an admin command prompt.
Top! Thanks!
Hi, server restart is required?
hi!
You then can restart the Server service (but a reboot would be ideal ;-))
/Stephan
Hi Stephan
I tried your tip. after restart still i cannot access the \xxx.xxx.xxx.xxx\c$
any advise.
Thanks.