Solved

Apply Domain Local Groups on Member Servers

Posted on 2004-03-26
6
261 Views
Last Modified: 2010-04-13
I have a problem that I just discovered.  It seems that I am unable to apply permissions for any Domain Local Groups on any of my member servers?  I can apply fine on the domain controllers but not on any member server... is there something special I need to to to allow domain local groups to be applied on the member servers?

If I was not clear I am trying to apply security to directories/files.

Thank you for your help.

Austin Henderson
0
Comment
Question by:NTGuru705
  • 3
  • 3
6 Comments
 
LVL 83

Expert Comment

by:oBdA
ID: 10692248
Your domain is probably still running in mixed mode. For domain local groups to be available on member servers, you'll need to switch your domain to native mode, otherwise they'll behave like local groups on NT4 DCs.
As long as you don't have any leftover NT4 BDCs or plan to add NT4 BDCs, you should be able to switch over without problems.

Members of a Domain Local Group Are Not Granted Rights
http://support.microsoft.com/?kbid=260534

Modes Supported by Windows 2000 Domain Controllers
http://support.microsoft.com/?kbid=186153

Group Type and Scope Usage in Windows
http://support.microsoft.com/?kbid=231273
0
 
LVL 1

Author Comment

by:NTGuru705
ID: 10693295
This is right on..
Here is the problem.. we are running an Exchange 5.5 box that at one time was a BDC (technically still is) for my NT 4 domain that is now mixed mode with three 2K DCs and this NT 4 box.... there is no way for me to go native because of this box is there... ?
0
 
LVL 83

Accepted Solution

by:
oBdA earned 250 total points
ID: 10694415
Since you can't demote an NT4 BDC (there's a 3rd party tool out there someplace that claims to be able to do this, but I wouldn't trust it, especially if there's Exchange running on it as well), your only chance would be to upgrade this machine to W2k as well, but I wouldn't consider that "without problems".
I'd recommend for the time being to do it the old fashioned way, assigning permissions to local groups on the member servers to which you add the appropriate global groups.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 1

Author Comment

by:NTGuru705
ID: 10694909
The problem is I cant do that.  It is a NAS device and the Domain Local groups are on one of my domain controllers... the disk space that I bought is where I need to apply the permissions... and there are a ton of groups that have been created for this purpose. Previously we had no troubles because the disks that these permissions were applied to were ON the DC.. but we are taking that burdon off the DC and putting it on the NAS device... thus my problem has been revealed.

Perhaps my exchange upgrade is quicker that planned.
0
 
LVL 1

Author Comment

by:NTGuru705
ID: 10699465
I am looking at using ... UPromote..

http://utools.com/UPromote.asp

Anyone have any experience with this tool.. if it were not for Exchange 5.5 running on this box I would just pull the trigger on this tool but I hesitate because of Exch 5.5 on it.

Thanks
0
 
LVL 83

Expert Comment

by:oBdA
ID: 10699843
Well, that's exactly the tool I meant, but I don't have any experience with it, sorry; and I guess you found http://utools.com/Exchange.asp already.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question