Solved

windows 2008 share - security permissions

Posted on 2013-06-12
8
356 Views
Last Modified: 2013-06-12
When trying to assign the "Domain\Users" object to a shared folders in a  Windows 2008 domain, it is saying the object cannot be found.    From both of the DCs we have no problem assigning the "Domain\Users" object.     I tried from multiple other domain PCs and Servers, logging in with the same admin account, but get the error that it can't find that object.  It has no problems finding other OUs and adding those permissions.

Thanks
0
Comment
Question by:tiptechs
  • 4
  • 4
8 Comments
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39241660
Make sure that when you try to add the 'Domain Users' to the permissions that the 'From this location' is specified as your Domain. If it is showing the computer name then you will get this message.

Try typing 'Domain' in the 'Select users, Computers, Service Accounts, or Groups' , then click 'ok', to see if the Domain accounts and groups are listed. You should see 'Domain Admins, Domain Computers, Domain Guests, Domain Controllers, and Domain Users' and any other Domain Groups you have created. If 'Domain Users' is not listed then that is why you are getting this message.  

If the Server is not part of the Domain then you will also receive this message.
0
 

Author Comment

by:tiptechs
ID: 39241851
The correct domain is showing up.  I can choose browse and see everything in the domain.    I select the domain "domain.com" and then choose object "Users" and that is when it says it can't be found.  Though this works on the DCs.
0
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39241967
When using 'Domain' instead of Users, do you see 'Domain Users' listed?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:tiptechs
ID: 39241999
I am trying to use just "Users" which is the default container.    We have a few users setup under Domain.com -> Users instead of being in a seperate OU.   I can select those other OUs with no problem.  The "Users" container works fine from the DCs, but not from any other server / pc on the domain.
0
 

Author Comment

by:tiptechs
ID: 39242079
Thinking this is some sort of permissions issue, but cannot find anything.  If I do an advanced search from a member servers shared folder under adding security permissions.    It will find everything in the domain except for the default containers such as "Users", "Computers", etc..

Thanks.
0
 
LVL 13

Accepted Solution

by:
Michael Machie earned 500 total points
ID: 39242124
On the DCs is a default AD container called Users, as you are aware. You do not apply permissions to a share via AD container when the folder is not located on the DC, only via a User account or Group(s). Not only that but permissions via an UO is not recommended.

I was able to verify that you can indeed select some default OU containers, not manually created ones, in the permissions box - but only from a shared folder local to the DC. You cannot do this from a folder not on a DC.  

You will need to create a Security Group and add the desired Users into that group, then provide that Group permissions to the folder, or, add each User individually.
0
 

Author Comment

by:tiptechs
ID: 39242191
Thanks Machienet.   I was thinking this might be a default behavior, but wasn't sure.

Thanks again.
0
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39242282
Sure thing. Try it out and if when you verify it is working, please mark my answer as the Solution :)
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question