Solved

windows 2008 share - security permissions

Posted on 2013-06-12
8
359 Views
Last Modified: 2013-06-12
When trying to assign the "Domain\Users" object to a shared folders in a  Windows 2008 domain, it is saying the object cannot be found.    From both of the DCs we have no problem assigning the "Domain\Users" object.     I tried from multiple other domain PCs and Servers, logging in with the same admin account, but get the error that it can't find that object.  It has no problems finding other OUs and adding those permissions.

Thanks
0
Comment
Question by:tiptechs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39241660
Make sure that when you try to add the 'Domain Users' to the permissions that the 'From this location' is specified as your Domain. If it is showing the computer name then you will get this message.

Try typing 'Domain' in the 'Select users, Computers, Service Accounts, or Groups' , then click 'ok', to see if the Domain accounts and groups are listed. You should see 'Domain Admins, Domain Computers, Domain Guests, Domain Controllers, and Domain Users' and any other Domain Groups you have created. If 'Domain Users' is not listed then that is why you are getting this message.  

If the Server is not part of the Domain then you will also receive this message.
0
 

Author Comment

by:tiptechs
ID: 39241851
The correct domain is showing up.  I can choose browse and see everything in the domain.    I select the domain "domain.com" and then choose object "Users" and that is when it says it can't be found.  Though this works on the DCs.
0
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39241967
When using 'Domain' instead of Users, do you see 'Domain Users' listed?
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 

Author Comment

by:tiptechs
ID: 39241999
I am trying to use just "Users" which is the default container.    We have a few users setup under Domain.com -> Users instead of being in a seperate OU.   I can select those other OUs with no problem.  The "Users" container works fine from the DCs, but not from any other server / pc on the domain.
0
 

Author Comment

by:tiptechs
ID: 39242079
Thinking this is some sort of permissions issue, but cannot find anything.  If I do an advanced search from a member servers shared folder under adding security permissions.    It will find everything in the domain except for the default containers such as "Users", "Computers", etc..

Thanks.
0
 
LVL 13

Accepted Solution

by:
Michael Machie earned 500 total points
ID: 39242124
On the DCs is a default AD container called Users, as you are aware. You do not apply permissions to a share via AD container when the folder is not located on the DC, only via a User account or Group(s). Not only that but permissions via an UO is not recommended.

I was able to verify that you can indeed select some default OU containers, not manually created ones, in the permissions box - but only from a shared folder local to the DC. You cannot do this from a folder not on a DC.  

You will need to create a Security Group and add the desired Users into that group, then provide that Group permissions to the folder, or, add each User individually.
0
 

Author Comment

by:tiptechs
ID: 39242191
Thanks Machienet.   I was thinking this might be a default behavior, but wasn't sure.

Thanks again.
0
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39242282
Sure thing. Try it out and if when you verify it is working, please mark my answer as the Solution :)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question