I have been building the file structure of my new file server for a few months, adding hierarchically structured folders according to the office divisions. I have also been adding AD Security Groups to match the structure of the folders. Persons working in a particular division are assigned to the Security Group for that division and the security group defines permissions to the divisional folder. Up until today, it has all worked well.
This morning, I created a new divisional folder (we will call it "Council"). I created a similarly named security group (" SG_Office_Council") and I added a few names to it. When I applied the security group to the folder, giving it standard "Modify" permissions (identically to how I had done for every other folder), I expected that only the members of the newly-created "SG_Office_Council" security group would have access to it.
When one of the members of the "SG_Office_Council" group tried to access the folder, there was no access. The user was a member of a different security group ("SG_Office_GC"), so I removed the "SG_Office_Council" group from the folder and applied the "SG_Office_GC" group to the folder. The user had instant access.
I tried removing all of the user-based security groups, and of course the user lost access to the folder. I applied the user to the security permissions for the folder, and of course the user had access.
I recreated the "SG_Office_Council" security group as well as several others, and it seems that any newly created security groups do not work. The old group work fine, but new ones don't.