ACL permission changes are not reflected on user's machine

A domain user Joe was placed in a security group security_deny_group to prevent him from accessing folders on a network share. Things changed and I've since removed him from that deny group. However, he is still not able to access that folder. The odd part of this is that  when he logs in as himself on another machine, he is able to access that folder. It seems like security information is being cached somewhere. Any suggestions on clearing it out?
kobymasterAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ferraristaCommented:
I bet the computer where he still cannot access the folder from has some problems. Check the event log.
Have the user try the same access from again a different workstation to confirm this behaviour.
0
ferraristaCommented:
Also select the folder in question and verify the effective permissions in place, just to make sure that the permissions you tweaked are indeed being reflected accordingly
0
Derek SouterITO Svc Delivery Cons IIICommented:
are you absolutely certain that Joe has actually logged off and back on to the computer he has a problem with?

group memberships are updated at logon - as part of the logon process.   Until he actually logs off and back on, the previous group memberships are used
1
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

kobymasterAuthor Commented:
@ferrarista - I'll definitely check event logs. In terms of permissions, I created a deny security group and he was a part of that group. Hence I didn't have to change effective permissions but simply removed him from that group. I've also found that another user that I removed from that group cannot access the folder either. This issue is not isolated to one user.

@Derek - Yes, he's rebooted on a regular base as this issue has been going on for a couple of weeks.

Thanks for your responses.
0
kobymasterAuthor Commented:
I've found a fix for this issue. I'll post as much as I can here for others who run into the same issue. The end user is using Windows 10. According to this article https://support.microsoft.com/en-us/help/4034314/smbv1-is-not-installed-windows-10-and-windows-server-version-1709 SMBv1 is automatically turned off after the feature update. I turned on this feature on the offending machine, rebooted and all is good. I checked our file server running Win Server 2016 and SMBv1/CIFS is turned on as well.

Thanks @Derek and @ferrarista for assisting. Your suggestions helped me rule out other issues.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
kobymasterAuthor Commented:
I was able to resolve this issue ruling out other possible issues using ferrarista and Derke's suggestions.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.