Nisroc66
asked on
Domain Local Group on one AD domain
Another question from my teacher:
In my workplace a new project is started and there is created a share for that project called 'project_1' a domain local group is created in AD named 'project1' and the people working on the project is added to this group. The network consists of on AD Domain.
The NTFS-rights to the share 'project_1' is as follows:
Allow Modify
Allow Read and Execute
Allow List Folder Contents
Allow Read
Allow Write
Some members of the domain local group 'project1' are having problems saving work to the folder 'project_1' but can read and open files. What is the most likely problem?
My first thoughts wast that the users in question are in a different domain or forest but it says that there is only on AD Domain, and would they even see the share if they were located in a different forest or sub domain? I think I'm missing some thing obvious
In my workplace a new project is started and there is created a share for that project called 'project_1' a domain local group is created in AD named 'project1' and the people working on the project is added to this group. The network consists of on AD Domain.
The NTFS-rights to the share 'project_1' is as follows:
Allow Modify
Allow Read and Execute
Allow List Folder Contents
Allow Read
Allow Write
Some members of the domain local group 'project1' are having problems saving work to the folder 'project_1' but can read and open files. What is the most likely problem?
My first thoughts wast that the users in question are in a different domain or forest but it says that there is only on AD Domain, and would they even see the share if they were located in a different forest or sub domain? I think I'm missing some thing obvious
Last Comment
If the AD group is newly created, it's possible that the users have not logged out/logged in and their new membership has not taken effect.
Can you go into the share and view the effective permissions for a user that's having problems to verify that they do indeed have access?
Can you go into the share and view the effective permissions for a user that's having problems to verify that they do indeed have access?
Check if any other security group have deny write permission for the folder.
ASKER
all good suggestions, but I have a sneaky suspicion that it has something to do with 'domain local group' since it's specifically mentioned in the question. but I'm not sure
Since you stated that the environment only consists of 1 domain, it wouldn't matter if you created the group as DL, Global, or Universal.
ASKER
but if the shearing permissions are set to read only, why can some of the users in the group still write to the folder?
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thank you very much :)
Windows Server 2008
Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.
86K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
Sharing and NTFS permissions are cumulative with the most restrictive combo winning.