• In this chapter from MCITP Self-Paced Training Kit (Exam 70-646): Windows Server 2008 Server Administrator (2nd Edition) you will learn how to configure and deploy NAP and the various methods that are available to deal with noncompliant computers. You will also learn how to plan and deploy Windows Server 2008 R2 remote access services to ensure that your organization’s clients can connect to.
• I am using windows 7, I cannot connect to a shared network drive on another machine. I can ping the machine. I can remote desktop connect to the machine. The machine is on the same subnet; My friend with the exact same laptop as me (and on the same network, same workgroup) can connect to the shared folder.

• Cannot Map Anymore Windows Objects Internal Limit Reached On Twitter Page
• Cannot Map Anymore Windows Objects Internal Limit Reached On Twitter Account

Microsoft’s Windows 10 only lets you install apps and games on a limited number of devices. It has even stricter limits for subscription music and videos purchased from the Windows Store. Here’s how to ensure you stay within those limits.

Server Manager allows you to easily setup shared folder in Windows Server 2012. File Server role must be installed prior to be able to share files and folder on the network. Shared folders on the network allows many users to access the files and folders. Remember, folders can be shared but individual files cannot.

Think of this like Windows 10’s versions of iTunes computer authorizations. When you hit the limit of devices associated with your Microsoft account, you’ll see a “device limit reached” error message when you go to download apps, music, or videos.

Windows 10’s Device Limits Explained

There are three separate device limit lists, as Microsoft’s app store, music store, and video store are all technically separate.

• Apps and Games: For apps and games purchased (or just downloaded for free) from Windows 10’s Store, you’re limited to 10 devices. For Windows 8.1, you were limited to 81 devices that could download apps and games from the Windows Store. While most people were unlikely to ever run up against that 81 device limit, it’s feasible you could bump up against Windows 10’s device limit for apps.
• Music from a Groove Music Subscription: If you have a subscription to Microsoft’s Groove Music service, formerly known as Xbox Music, you’re limited to four devices that can download and play your music at any given time.
• Music Purchased from the Store: If you instead purchase music from the Store, Microsoft’s website says the music “an be authorized on up to five (5) personal computers and a reasonable number of registered devices.”
• Movies & TV: For movies and TV shows purchased and rented from the Windows Store and played in the Movies & TV app–formerly known as Xbox Video–you’re limited to four devices that can download and play videos at any given time.

Yes, these are three separate lists. You’ll never notice it until you bump up against the limit, as Microsoft automatically adds devices to these lists as you use them.

How Often You Can Remove Devices

You can add devices to these lists at any time by signing in and downloading apps, music, or videos. You can add as many devices as you want at any given time, assuming you don’t hit the limit.

You can remove any number of devices from your authorized “Apps and Games” list at any time, so it’s simple to manage this list if you run into problems.

However, the Music and Movies & TV lists are more restricted. You can only remove one device from each of these lists once every 30 days. If you rely on Microsoft’s media services, you’ll want to keep track of your device limits and remove devices from here immediately when you no longer use them.

How to Manage Your Authorized Devices

RELATED:How to Track Your Windows 10 PC or Tablet If You Ever Lose It

To manage your authorized device list, sign into the Microsoft Account website with the account you use on your Windows 10 devices. Click the “Devices” category and select “Apps & games devices,” “Music devices,” or “Movies & TV devices,” depending on which list you want to manage.

The main “Your Devices” list here allows you to view a list of the devices you’ve used and find them on a map if you’ve enabled the Find My Device feature on Windows 10.

If you’ve reached the device limit for installing apps and games, remove one or more devices from the list here. You won’t be able to install apps and games from the Windows Store on devices you remove from this list–unless you re-add them to the list–so only remove devices you don’t use anymore.

Once you’ve done so, you’ll be able to visit the Windows Store on a new, unregistered device and install apps and games. That new device will appear in your list of authorized devices after you do.

You can remove devices at any time, even after you’ve wiped it or sold it. So you don’t need to worry about pre-emptively managing this list like you do with iTunes–just visit this web page if you ever bump into the limit.

If you use Microsoft’s music or video services, visit the associated web pages here to see your list of registered devices. Each list is separate, and you can only remove a device once every thirty days from each list. If you reach the limit, you can remove a device and add another one–as long as you haven’t removed a device in the last 30 days. You may want to remove devices from these lists immediately.

If you’d like to remove more devices from the list–or remove one more often than once every thirty days–your only option is to contact MIcrosoft customer support by opening the “Contact Support” app in Windows 10’s Start menu and asking them to help you with the problem. There’s no guarantee they will.

Microsoft’s device limits are perhaps a bit low–for example, there’s no limit on how many devices you can install Steam games on. Luckily, most people won’t have more than ten devices they want to install Windows 10 apps on. And, if you can’t install Windows 10 apps from the Store on a device, you can always continue to install traditional desktop applications.

Image Credit: DobaKung on Flickr

READ NEXT

• › Windows 10’s Tablet Mode May Be Replaced With the Desktop
• › How to Quickly Switch Between Gmail Accounts on Android, iPhone, and iPad
• › How to Use the chmod Command on Linux
• › How Writers Can Use GitHub to Store Their Work
• › How to Easily Recycle the Old Electronics You Can’t Sell

There has been some spirited discussion within our IT department about mapping network drives. In particular, it has been said that mapping network drives is a bad thing and that adding DFS paths or network shares to your (Windows Explorer/Libraries) favorites is a far better solution.

Why is this the case?

Personally I find the convenience of z:folder to be better than serverpathfolder', particularly with cmd line and scripting (of course I'm not talking about hard-coded links, naturally!).

I have tried searching for pros and cons of mapped network drives, but I haven't seen anything other than 'should the network go down, the drive will be unavailable'. But this is a limitation of any network-accessed storage.

I have also been told that mapped network drives poll the network when the network resource is unavailable, however I haven’t found more information on this. Do network drives poll the network any more than a Windows Explorer library/favourite? Wouldn't this still be an issue with other network access mechanisms (that is, mapped Favourites) whenever Windows tries to enumerate the file system (for example, when a file/folder picker dialog is opened)?

JakeGouldBeeblebroxBeeblebrox

20 Answers

I imagine the strongest reason for not mapping network drives is that the admins don't want to deal with the headaches of maintaining an index of a finite number of drive letters in addition to the network paths. For one, there might be too many commonly-used network shares to assign drive letters to all of them, and in a large organization, not everyone will have access to all the same shares. Share names are also more descriptive and potentially less ambiguous than drive letters (more on the ambiguity later).

Second, you can run into drive letter collisions. If someone's PC has a memory card reader, that might gobble up four or more drive letters. A and B are typically reserved for the floppy drives of last century, and C and D are usually reserved for the hard drive and optical drive, so the card reader will use E, F, G, and H. If one of your network drives is usually mapped to H: via a logon script, this poor person either won't be able to use the card reader's H: drive or won't be able to mount the network drive.

Unless someone within the organization is responsible for allocating drive letters for specific purposes, the network drives could also end up causing a lot of confusion. For example, suppose you map drive S: to the share that has the setup programs for all your site-licensed software, and someone else maps S: to the shared drive where they drop all kinds of shared documents. When you try to explain how to install some software, you tell them to open their S: drive and find the setup program for Microsoft Office, but all they can find is a folder named office, which contains a bunch of miscellaneous files someone dropped there for a temporary file transfer. It might take you 5 or 10 minutes to sort out the confusion.

There are also some potential performance issues if a server goes down or if a machine is taken off the network. For example, if you map network drives on a machine, then remove the machine from the network (maybe it's a laptop), the machine may appear to hang upon logon while Windows tries in vain to mount the missing network drives.

On the other hand, on older versions of Windows, I've noticed that file transfers to or from a mapped network drive often go much faster than if you browsed to the network folder and performed the same file transfer--in which case, most people would prefer to map network drives.

robrob

The simple answer is that it isn't a bad thing. Network drives are perfectly safe to map as drives.

The superstition comes from the fact that you shouldn't be mapping foreign (i.e. Internet) drives as local because files opened from mapped drives are opened using the 'local' zone, which generally affords them less protection - and if the files are actually coming from the Internet this is a reduction in security.

If, as I suspect is the case, you're actually mapping int​ra​net network drives, then opening the folders as mapped drives is exactly as secure as accessing them via their network path names. The only difference is that having them mapped is more convenient.

Sathyajith Bhat♦

In my experience, it mostly centers around badly written software.

If person A works on a suite of files that are mapped to G:, and then person B tries to open the same set of files with the same path mapped to H:, things fail.

If you use UNC paths, then assuming that person A and person B's computers can both see the share point, everything will work fine.

Sure, the ideal solution is to use software that doesn't store file relationships using absolute paths, but that's not something you can always control.

A lot of software in the CAD/CAM markets is poorly written, and barely works at all. Since the market is rather small, there is little competitive pressure. I know at least one piece of software that has had issues with absolute paths for the last 5 major releases, and they still remain unfixed, despite reporting the problems to the company.

Fake NameFake Name

We've had serious problems with network drives where I work because sometimes Windows doesn't connect to them, and it seems to not automatically connect a network drive when a program tries to access it.

At least half a dozen times a user from accounting has called because she gets the same error. It's because she opened program X, which is using a file mapped on network drive Y:, and it's not connected for some unfathomable reason.

Ben BrockaBen Brocka

I doubt that the IT guys are worried about one user mapping a network drive, rather they are worried about a hundred users or a thousand. For example, if a bunch of hosts kick off search indexing of a networked drive or drives at the same time, how will that affect everyone else trying to use the network? When a networked drive is inevitably taken offline, will it lock up hundreds of machines until the OS gives up and drops the drive mapping? Will PCs hither and yon boot more slowly or fail to boot altogether if connections to mapped drives can't be reestablished?

Kyle JonesKyle Jones

One problem with the serverdir syntax is that command windows cannot cd to them. If you have admin privileges and do not want to use a drive letter you can use the mklink command to mount drives to a directory instead of a drive letter. The directory Home should not exist.

mklink /d 'c:DrivesHome' 'serverHomeFolderuser1'

This folder is useable by everything.

Mounting to a drive leter could be bad because it is possible for it to change to another mount point. Then you are reading and writing to something you don't expect. If executables from a mount point change, they could contain viruses.

My solution requires admin privileges, so if you are not running with admin rights, it is more secure since another program could not change it on you without admin rights.

Here's one good reason:

Windows (at least XP) does not support file paths with over 256 characters. Mapping allows someone to add a file where otherwhise wouldn't be possible, by shortening the path. Then you have a program that navigates through all files and folders, and is not aware of the mapping. Without the mapping, the existing file has a path length above 256. The program crashes.

A number of pieces of software, including various version of Microsoft Visual Studio and CMS Bounceback, will only work with drive letters and not with absolute paths. Given this restriction then to use any such software requires you do define drive letters - you have no choice. But Windows does not make this very easy as it seems to ask for a user ID and password, but only one user ID and password is allowed in Windows for all connections to any one network device (e.g. multiple disks and printers).

Just talk to some of the hundreds of IT consultants who are now having to deal with the recent Zero-day outbreak of 'CryptoLocker' and you'll soon realize that mapped-drives on a local computer that get's infected can cause massive damage to data on the server, via the mapped drive.

Specifically:

“CryptoLocker will also access mapped network drives that the current user haswrite access to and encrypt those. It will not attack simple server shares, onlymapped drives.”

Thus, there are clearly security concerns with using mapped drives in this age of ever-present and newly discovered zero-day malware hitting users frequently.

We've eliminated all mapped drives across our LAN and use 'network shares' instead.

A few reasons not to use mapped drives:

1) They take up resources on both the local machine with the mapped drive and the network resources. Local applications can become sluggish because your local computer has to read the contents of the mapped drive when the application is launched or when the system is booted. Try it out. Map a bunch of drives and launch Excel. Unmap the drives and try it again.

2) Moving your application to a new environment will be tedious. In the event of a disaster recover, moving to a more powerful machine, or if another developer is taking over your application. If the new environment doesn't allow mapped drives or drive letters are mapped differently then someone is spending time rewriting code. The time saved on the front end will be more than lost fixing it.

I know it's an old thread, but I wouldn't say they are perfectly safe. We removed mapped drives because of the security risks. Many viruses try to spread across drives. They do not however, spread across shortcuts pointing to DFS shares. Something to keep in mind...

One reason for limiting drive mapping would be e-mail viruses (zip or exe files opened by somewhat 'dense' users) such as Cryptolocker which will alphabetize all files on local and mapped drives and encrypt them. It (in particular) does not discriminate according to drives.We got hit, and were able to recover using backups of the server(s), but of course the local files were 'toast'.

slhck

Certain widespread viruses and malware will exploit mapped drives. That's about as good a reason as any not to use them.

Mapped drives are faster if you are manipulating large quantities of files. Windows authenticates your access once with a mapped drive, and then allows the file interactions to take place. UNC paths are authenticated by Windows for every file accessed. So the authentication process would happen thousands of times if you were manipulating thousands of files under a UNC path.Mapped Drive - Authenticate onceUNC - Authenticate every time a file is accessed.

This can have implications with something as simple as copying files. Mapped drives will always be faster; noticeably with large numbers of files.

I do not like to use mapped drives because I use a variety of network resources infrequently and I can never find the complete address for others to use. Using shortcuts also enables me to step up in the directory with ease. If the only reason to map drives is the 256 character limit, that is a sorry excuse to loose all that file location detail.

Mapped drives are dangerous! In the past few years with the surge of ransomware, I have been removing mapped drives wherever possible. Ransomware targets all DRIVE LETTERS not just local data. So while you are safe as long as you keep redundant backups, it is still a headache to have to deal with such a data breach.

If you are in a business environment (primary target of ransomware), and if you can, get rid of mapped drives!!

Cannot Map Anymore Windows Objects Internal Limit Reached On Twitter Page

DavidPostill♦

Certain ransomware viruses, such as the CryptoWall family, look for any mapped drive and infect those drives. If the network share is using UNC however and not a drive letter, then these viruses do not infect the share.

Peter Mortensen

In relation to the crypto/ransomware considerations, Locky is one example of ransomware that can spread via UNC paths as well as mapped drive letters. If your concern re: mapped network drives vs. UNC paths is determined by the potential for ransomware attacks, understand that it only protects against some.

There are several ways to go about detecting/preventing ransomware attacks - and it is generally recommended to use multiple protection methods: protect the network, protect the endpoint, and maintain a robust backup regime. I personally use Sophos InterceptX as an anti-ransomware solution on the endpoint, a Cisco ASA (with IPS) firewall, ShadowProtect for backup and use mapped network drives where it makes administrative sense to do so.

Disclaimer: I'm a Sophos Certified Architect. Though I don't work for Sophos, I think their technology is neat. I also work for an MSP, and that's the technology we decided upon after checking into the various options available in Australia.

Edited as requested to give more information for the second paragraph.Also, I speak Australian, not English, grammar is slightly different and some words are spelled differently (it's Colour, not Color, and don't even get me started on cantaloupe).

Network drive is a good way to share resources, but I don't agree with the fact that home directories be put on a sharable network drive. That's just blatantly stupid. Most applications use your home directory as place to store specific application settings for users. If IT want's one more headache (as if they don't have enough to deal with), then fixing application dependencies for users within the network can be a pain they can add their bag of problems. This issues can mount in an environment where many such applications are used and their dependencies and requirements change. For one thing work can be stiffled for users on the network and company lose money and time based on low productivity levels. That is something that cannot be risked. Secondly, some organizations map user home drive on the network to monitor what's on there. The government does that a lot as part of their requirement. It also adds to the problem of being able to work from home. If your connectivity via VP has issues with your application working remotely through a VPN session, where you run your application that requires a dependency from your network mapped home drive and the drive mapping fails, then you're hosed.

Personally, I think it should only be done for good reasons, but not to the point where it hinders productivity and affects the company's bottom line.

The number 1 reason you would not want to do this is that ransomware can not access a UNC path, but drive letters are fair game. If you would like you network share cryptolocked then by all means continue with drive letter mapping.

I personally do not see the advantage of drive letters and truly find the UNC paths are easier as I never have to worry about mapping drive letters, especially after changing login passwords. You can create shortcuts which behave no different than drive letters and can add those shortcuts to Windows Explorer.

Cannot Map Anymore Windows Objects Internal Limit Reached On Twitter Account

Peter Mortensen

Not the answer you're looking for? Browse other questions tagged network-sharesnetwork-drive or ask your own question.