I am trying to share folders using user groups in the AD on Windows 2008 server. On Windows 2003 server, one would normaly follow the following procedure:
1) Create your user group and assign users to this group in the Windows AD
2) Create the folder, and share it to "domain Users" with full permisions.
3) Go to the NTFS permisions of this folder, and assign it to the group that you have created in the AD, and give it the appropriate permissions.
Bob's your uncle, it then works. But following the above on a Windows 2008 server has diffrent results, for example:
1) I create my User Group in AD, and assign my users to it
2) I create a folder and share it to the domain users
3) I then go to the NTFS permisions of this folder, and assign it to the group that you have created in the AD, and give it the appropriate permissions
Regardless to the user groups I assign in the NTFS security, everyone still has access to the folder. Nothing I do in the NTFS security on Windows 2008 server, when I add users or remove users from the group I added to the folder changes. The only thing I can do to change "something" is on the share, when I reduce the access level on the domain user from "Co-Ownder" to contributer, or lower. A typlical share that I create on Windows server 2008 lookd like this:
Domain Users (Co-Owner)
NTFS Permisions (Management) <-- a group I created in the AD, there are 2 users that belong to this group
Regardles of the above config, everyone still has access to this folder. In Windows 2003, this normaly works great without fail.
Please tell me what I am missing....