SC2002Admin
asked on
Domain local group does not appear on domain member computers
1. I have a printer that is attached to a workstation and would like to share it by granting access to a Domain Local Group. However, at the workstation, Domain Local Group do not appear to be available for selection under security tab when I try to share it. But Domain Global Group does show up.
I thought that Domain Local Group are available within the domain only so that all the domain members should be able to see them.
2. Can a Global Group be a member of another Global Group? I cannot make it what way, but it seems that a Global Group can be a member of Domain Local Group.
Lastly, if I have a folderresiding on another machine which is a domain member, what is the best way to share it. I was thinking of creating a Domain Local Group and granting rights to this group, then, add the already established Global Group to this Domain Local Group, but then I got stuck with the issue in #1...
I thought that Domain Local Group are available within the domain only so that all the domain members should be able to see them.
2. Can a Global Group be a member of another Global Group? I cannot make it what way, but it seems that a Global Group can be a member of Domain Local Group.
Lastly, if I have a folderresiding on another machine which is a domain member, what is the best way to share it. I was thinking of creating a Domain Local Group and granting rights to this group, then, add the already established Global Group to this Domain Local Group, but then I got stuck with the issue in #1...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
karel_jespers,
the scope of a domain local group in a W2k(3) domain is *only* limited to DCs while the domain is still running in mixed mode. Once the domain is running in native mode, domain local groups will be available for permission assignment on any domain member that's running W2k or later.
Domain Local Groups Cannot Be Used in Mixed-Mode Domain
http://support.microsoft.com/?kbid=296369
the scope of a domain local group in a W2k(3) domain is *only* limited to DCs while the domain is still running in mixed mode. Once the domain is running in native mode, domain local groups will be available for permission assignment on any domain member that's running W2k or later.
Domain Local Groups Cannot Be Used in Mixed-Mode Domain
http://support.microsoft.com/?kbid=296369
that is right, but is it necessairy for him to go native mode, only to fix that sharing problem of a printer
karel_jespers,
I'd see it the other way: Assuming that there are no downlevel DCs, why stay in mixed mode? Domain local groups where developed to make administration easier, so if possible, you might as well profit from it.
Apart from that, SC2002Admin was querying about features of an AD domain that he knew "should be there", so telling him that "the domain local group is only available to host recources on dc's" is rather misleading.
SC2002Admin,
before I forget it, the approach in your last question is the correct one.
I'd see it the other way: Assuming that there are no downlevel DCs, why stay in mixed mode? Domain local groups where developed to make administration easier, so if possible, you might as well profit from it.
Apart from that, SC2002Admin was querying about features of an AD domain that he knew "should be there", so telling him that "the domain local group is only available to host recources on dc's" is rather misleading.
SC2002Admin,
before I forget it, the approach in your last question is the correct one.
ASKER
Thaks oBdA, I got it working the way I thought it would work now.
and
the domain local group is only available to host recources on dc's