Solved

windows 2008 share - security permissions

Posted on 2013-06-12
8
358 Views
Last Modified: 2013-06-12
When trying to assign the "Domain\Users" object to a shared folders in a  Windows 2008 domain, it is saying the object cannot be found.    From both of the DCs we have no problem assigning the "Domain\Users" object.     I tried from multiple other domain PCs and Servers, logging in with the same admin account, but get the error that it can't find that object.  It has no problems finding other OUs and adding those permissions.

Thanks
0
Comment
Question by:tiptechs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39241660
Make sure that when you try to add the 'Domain Users' to the permissions that the 'From this location' is specified as your Domain. If it is showing the computer name then you will get this message.

Try typing 'Domain' in the 'Select users, Computers, Service Accounts, or Groups' , then click 'ok', to see if the Domain accounts and groups are listed. You should see 'Domain Admins, Domain Computers, Domain Guests, Domain Controllers, and Domain Users' and any other Domain Groups you have created. If 'Domain Users' is not listed then that is why you are getting this message.  

If the Server is not part of the Domain then you will also receive this message.
0
 

Author Comment

by:tiptechs
ID: 39241851
The correct domain is showing up.  I can choose browse and see everything in the domain.    I select the domain "domain.com" and then choose object "Users" and that is when it says it can't be found.  Though this works on the DCs.
0
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39241967
When using 'Domain' instead of Users, do you see 'Domain Users' listed?
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 

Author Comment

by:tiptechs
ID: 39241999
I am trying to use just "Users" which is the default container.    We have a few users setup under Domain.com -> Users instead of being in a seperate OU.   I can select those other OUs with no problem.  The "Users" container works fine from the DCs, but not from any other server / pc on the domain.
0
 

Author Comment

by:tiptechs
ID: 39242079
Thinking this is some sort of permissions issue, but cannot find anything.  If I do an advanced search from a member servers shared folder under adding security permissions.    It will find everything in the domain except for the default containers such as "Users", "Computers", etc..

Thanks.
0
 
LVL 13

Accepted Solution

by:
Michael Machie earned 500 total points
ID: 39242124
On the DCs is a default AD container called Users, as you are aware. You do not apply permissions to a share via AD container when the folder is not located on the DC, only via a User account or Group(s). Not only that but permissions via an UO is not recommended.

I was able to verify that you can indeed select some default OU containers, not manually created ones, in the permissions box - but only from a shared folder local to the DC. You cannot do this from a folder not on a DC.  

You will need to create a Security Group and add the desired Users into that group, then provide that Group permissions to the folder, or, add each User individually.
0
 

Author Comment

by:tiptechs
ID: 39242191
Thanks Machienet.   I was thinking this might be a default behavior, but wasn't sure.

Thanks again.
0
 
LVL 13

Expert Comment

by:Michael Machie
ID: 39242282
Sure thing. Try it out and if when you verify it is working, please mark my answer as the Solution :)
0

Featured Post

Enroll in May's Course of the Month

May’s Course of the Month is now available! Experts Exchange’s Premium Members and Team Accounts have access to a complimentary course each month as part of their membership—an extra way to increase training and boost professional development.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question