Solved

security group in a security group

Posted on 2006-06-26
10
738 Views
Last Modified: 2008-02-01
I seem to not be able to create a security group global.  then create another security group global and make the previous security group a member of this one.  What is proper way to nest these items?
0
Comment
Question by:techbnjcomp
  • 4
  • 3
  • 3
10 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16983031
use universal groups for nesting
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16983034
also make sure that your domain is in native mode for group nesting be available
0
 
LVL 1

Author Comment

by:techbnjcomp
ID: 16983089
I have some users that are in another forest and domain.  We have a two way transitive trust setup between us.  I need to allow these users to access my sharepoint server.  So my question comes in that I need (or think I want) to put these users in a security group.    Then so they need acess to sharepoint I can make that security group  a member of the domain users group and they should have access.  I am in native mode
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 350 total points
ID: 16983152
with a multi domain setup like that you should create universal groups and nest these
0
 
LVL 1

Author Comment

by:techbnjcomp
ID: 16983180
Can't convert to a "universal group" as the system says "The following Active Directory error occurred:  Foreign security principals cannot be members of universal groups."

So I tried to create a universal group but then it does not let me add users from other domain/forest.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16983291
You should be able to add the Global Group from the other domain either in the local group where the resource resides or directly on the object.

0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16983415
what was the issue of not being able to do what you wanted? could just not see the group or was it erroring? probably should have asked that first ha!
0
 
LVL 51

Expert Comment

by:Netman66
ID: 16986218
I think he was trying to nest a Global Group from one domain inside a Global Group from the other.  It's not possible.

You can only nest GG's from the same domain.

0
 
LVL 1

Author Comment

by:techbnjcomp
ID: 16986339
So is grouping even an answer here?  how do I give rights to some users on another domain/forest to use my sharepoint?  I started with groups as i have a trust with other domain/forest.  I was wanting to add them to a group .  then add that group to my domain users which would give them permission.  Thus my original questikon of how to add a group to another group.  Can this be done with groups or what is answer?
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 150 total points
ID: 16987562
Yes.  

Create a local group on the Sharepoint server.  Give the local group the permissions.  Add the Global group from the other domain to it.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question