Built-In Domain Objects not visible from Member Server
Posted on 2012-08-22
We have a new Windows 2008 R2 domain which is functioning well with 2 domain controllers. We have an old 2003 domain which we have DCPOMO'd out as the last domain controller, then added it fresh as a member server to the new domain.
It works fine for the most part, but for some reason when we try to add security for a file share (any file share or NTFS security incl new ones) we can see all active directory users and groups apart from the Built-In ones. I.e. "Administrators" is invisible, "Users" is invisible, but "Domain Admins" is fine.
A manual browse of A/D confirms this - we can browse to the Built-In folder, but groups such as "Administrators" is not visible.
I've confirmed that these are seen from the D/C and client PCs.