Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

User/Group perm issues

Status
Not open for further replies.
segment

segment

ISP
Jun 15, 2004
225
US
Greets all. I'm coming from a *nix environment so excuse my lack of Windows tolerance and overall usage. Anyway, I'm managing a Win2003 SBS server and am having an issue with group permissions.

I've created a group called Somedepartment with three users. John, Jane, and Mary. These users happen to also be in the group Users.

I have a folder that only Somedepartment is allowed to access called SDOnly. I've assigned the permissions in sharing and security to the Somedepartment group.

Simply explained?

John and Jane can access files this way just fine in the SDOnly folder, but Mary cannot. If I give rights to Users to access the SDOnly folder, then all three have no problems. Am I missing something?

 
Sort by date Sort by votes
Mary is inheiriting permissions from some other group or GPO that has a deny access on it. Verify what groups she is a member on by going to the Member Of tab of her user object. Then verify the permissions of each group.



Catadmin - MCDBA, MCSA
Beware the error of pre-emptive poultry inventory!
 
Upvote 0 Downvote
By the way for kicks and giggles I added the group to become a member of the administrators group just now. So here goes...


SomeDepartment group (member of administrators group)
John
Jane
Mary

Users group
John
Jane
Mary

SDOnly (folder)
permissions for sharing and security are set to the SomeDepartment group.

When SDOnly does NOT have the Users group in the permissions, only two people can access the files in the SDOnly folder. When I add the Users group all three can access files.

I only want John Jane and Mary to be able to access the folder. Take note the Users group actually has +40 people in it. Meaning I only want John, Jane, and Mary to access these files. Apparently creating a group for them and them alone doesn't seem to work.

Oh how I wish I could just chgrp $FOO $FILES it seems so much easier.
 
Upvote 0 Downvote
Forget about adding new groups for these three users. Go back to Mary and back track every group she is a member of and every GPO that is attached to her and the groups she is a member of. Windows uses a "Most restrictive permissions apply" type of mentality. If there's a deny somewhere in there for one of the GPOs or groups, that's were she's losing her ability to connect.

It could also be as simple as a deny permission to connect to the computer in question or a deny permission on the network share right above the share you gave her permissions on.



Catadmin - MCDBA, MCSA
Beware the error of pre-emptive poultry inventory!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
831
DrB0b
DrB0b
penguinroundup
  • Locked
  • Question
programmatically delete all saved passwords for IE for any user
Replies
0
Views
332
penguinroundup
penguinroundup
DrB0b
  • Locked
  • Question
Terminal Server issues doing anything network related after RDPing into
Replies
3
Views
358
DrB0b
DrB0b
axilleas
  • Locked
  • Question
Network connectivity issues for domai ncomputers
Replies
1
Views
216
gbaughma
gbaughma
DrB0b
  • Locked
  • Question
FTP Issues
Replies
9
Views
673
SamBones
SamBones

Part and Inventory Search

Sponsor

Back
Top