Re: Shared Folder NTFS Permission Problems with Domain Accounts
- From: Charles Semple <CharlesSemple@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 29 May 2007 05:41:02 -0700
Ahh yes, of course. I forgot about the Domain Users and Domain Admin groups.
I just tried sharing the folder using Domain Users and it did indeed work.
Thank you Herb.
Odd thing was though that the domain was already in Server 2003 native mode.
"Herb Martin" wrote:
.
"Charles" <Charles@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4C721CD9-6D97-445D-87D5-09C0B7626C00@xxxxxxxxxxxxxxxx
Hello,
I look after a firm which has two DCs and four more servers and I've
recently encountered a problem when I share a folder on one of the four
servers (N.B. I do not have this problem on either of the DCs).
I can share the folder without a problem and then when selecting NTFS
permissions on the folder (not the share, the share permissions are set
for
everyone to have full access) and I select one of the security principals
for
the domain e.g. "domainname\users" I get a message saying name not found.
You cannot use LOCAL groups of the domain on non-DCs unless you are
in (at least) Native mode.
Users is a local group on the domain.
If you change the domain to Native (or Win2003 Server Native) mode then
the Local Groups of the domain become (true) Domain Local groups
automatically
and you can then use these groups on every non-DC (server or workstation) of
the domain -- i.e., they are still 'local' within the domain but now
available throughout
the domain.
IF you cannot do this then you will need to use a Global group of the
domain.
I've made sure that the server is looking within the container for my
domain
and I know it's contacting the DC because I can select security groups
which
I've created I just can't select any of the built-in security principals
for
the domain. I can select local security principals without a problem.
Probably because you kept picking Local built-in groups and your own
groups just happen to be Globals.
Try picking Domain Users or try it with a local group YOU created and
it is likely you will get the reverse effect.
I've tried removing the servers from the domain and re-joining, this
didn't
help. I also tried removing the computer account for one of the servers
and
recreating it and then re-joining but again no luck.
Generally a poor idea today -- as today computer SIDs may be important
(or are starting to be important) -- try to avoid removing computer accounts
from the domain whenever possible.
Any help anyone could offer would be greatly appreciated as I'm stumped.
--
Herb Martin, MCSE, MVP
http://www.LearnQuick.Com
(phone on web site)
- Follow-Ups:
- Re: Shared Folder NTFS Permission Problems with Domain Accounts
- From: Herb Martin
- Re: Shared Folder NTFS Permission Problems with Domain Accounts
- References:
- Re: Shared Folder NTFS Permission Problems with Domain Accounts
- From: Herb Martin
- Re: Shared Folder NTFS Permission Problems with Domain Accounts
- Prev by Date: Re: System Log Corrupted
- Next by Date: Re: upgrading to full version from eval
- Previous by thread: Re: Shared Folder NTFS Permission Problems with Domain Accounts
- Next by thread: Re: Shared Folder NTFS Permission Problems with Domain Accounts
- Index(es):
Relevant Pages
|
