Solved

Assign NTFS permissions to group of computers

Posted on 2010-09-14
6
932 Views
Last Modified: 2012-05-10
In a 2008 domain I created a task that runs on all computers in the domain under the system account.
The tasks tries to copy a file from a network share. I only want a specified group of computers be able to access the file. I created an AD group, added the computers to the group and gave the group appropiate permissions to the file.
However, my task is not able to copy the file (access denied).

When i add the AD group "Domain computers" to the ACL of the file, or I add an single computer account directly everything works fine....
0
Comment
Question by:SjoerdvW
  • 3
  • 2
6 Comments
 
LVL 17

Expert Comment

by:Tony Massa
ID: 33677292
What are the SHARE permissions set to?

0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 250 total points
ID: 33677316
Did you reboot the computer after you added them to the group, that way the group membership is added to their token ThanksMike
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 250 total points
ID: 33677331
...and in 2008 you can use a nice trick Darren posted without the reboot   http://sdmsoftware.com/blog/2008/08/22/picking-up-computer-group-membership-changes-without-a-reboot/...but reboot should always work.

Thanks

Mike
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 7

Author Comment

by:SjoerdvW
ID: 33677339
SHARE permissions: everyone FC (witch is enough cause it works when I add the computer directly to the file)
0
 
LVL 7

Author Closing Comment

by:SjoerdvW
ID: 33677443
Thnx Mike, you're a live saver... Was working several hours on this without rebooting the machine!!!
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33677529
excellent glad to help, by the way this same principle applies if you add a user to a group.

0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
File Screening 1 13
Solar Winds can't see SQL Server Express 17 32
Replication problems 6 20
Repadmin - Active Directly synchronization 13 15
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question