• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 42
  • Last Modified:

ACL permission changes are not reflected on user's machine

A domain user Joe was placed in a security group security_deny_group to prevent him from accessing folders on a network share. Things changed and I've since removed him from that deny group. However, he is still not able to access that folder. The odd part of this is that  when he logs in as himself on another machine, he is able to access that folder. It seems like security information is being cached somewhere. Any suggestions on clearing it out?
0
kobymaster
Asked:
kobymaster
  • 3
  • 2
3 Solutions
 
ferraristaCommented:
I bet the computer where he still cannot access the folder from has some problems. Check the event log.
Have the user try the same access from again a different workstation to confirm this behaviour.
0
 
ferraristaCommented:
Also select the folder in question and verify the effective permissions in place, just to make sure that the permissions you tweaked are indeed being reflected accordingly
0
 
Derek SouterITO Svc Delivery Cons IIICommented:
are you absolutely certain that Joe has actually logged off and back on to the computer he has a problem with?

group memberships are updated at logon - as part of the logon process.   Until he actually logs off and back on, the previous group memberships are used
1
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
kobymasterAuthor Commented:
@ferrarista - I'll definitely check event logs. In terms of permissions, I created a deny security group and he was a part of that group. Hence I didn't have to change effective permissions but simply removed him from that group. I've also found that another user that I removed from that group cannot access the folder either. This issue is not isolated to one user.

@Derek - Yes, he's rebooted on a regular base as this issue has been going on for a couple of weeks.

Thanks for your responses.
0
 
kobymasterAuthor Commented:
I've found a fix for this issue. I'll post as much as I can here for others who run into the same issue. The end user is using Windows 10. According to this article https://support.microsoft.com/en-us/help/4034314/smbv1-is-not-installed-windows-10-and-windows-server-version-1709 SMBv1 is automatically turned off after the feature update. I turned on this feature on the offending machine, rebooted and all is good. I checked our file server running Win Server 2016 and SMBv1/CIFS is turned on as well.

Thanks @Derek and @ferrarista for assisting. Your suggestions helped me rule out other issues.
0
 
kobymasterAuthor Commented:
I was able to resolve this issue ruling out other possible issues using ferrarista and Derke's suggestions.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now