If a user is added to a security group they will always need to log off before they get the new security token and be a member of that group. As far as I know there is no way around that.
----- Original Message ---- From: Mike French <[EMAIL PROTECTED]> To: NT System Admin Issues <ntsysadmin@lyris.sunbelt-software.com> Sent: Thursday, May 8, 2008 3:56:04 PM Subject: RE: NTFS Permissions 1) was the user added to the group _during the current login session_, or before the current login session. - Yes they did not log off to refresh the session. 2) are there any explicit DENY entries in place? - None (I kept it a simple as possible) 3) what does Effective Permissions return for the user account? - I should have done this.... I'll check this out. 1. have a user in that managers group, log off and log back on to ensure they get the new security token. - A correlation with #1 far above... This makes sense but sucks... I assume M$ has a refresh interval... I'll google... I bet the Token Refresh is the culprit here. 2. If #1 doesn't solve it, recreate the group as a domain local security group. - I tried it both ways, no love... -----Original Message----- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Thursday, May 08, 2008 2:49 PM To: NT System Admin Issues Subject: RE: NTFS Permissions Two thoughts... 1. have a user in that managers group, log off and log back on to ensure they get the new security token. 2. If #1 doesn't solve it, recreate the group as a domain local security group. Shook -----Original Message----- From: Mike French [mailto:[EMAIL PROTECTED] Sent: Thursday, May 08, 2008 3:08 PM To: NT System Admin Issues Subject: NTFS Permissions I have an issue with my file server and NTFS permissions. I checked the "Shared Permissions" and they are Domain Admins Full control and Doman Users Change. The structure is simple: \\FileServer\Shared\Managers In AD I created a Global group called "Managers" and added the appropriate users to the group. Now back over to the file server I add the "Managers" group to the Managers folder NTFS permissions, gave them "Full Control" and the permissions inherited down through the child folders. Now when I go to a user's machine who is a member of the "Managers" group and try to access the Managers folder "Access is denied"? They can get through the "Shared" directory so I don't think its "Share Permissions". If I configure the NTFS permissions explicitly for each user it works? Maybe replication? Folder owner problems? I've been googling and haven't run into anything that fits the bill. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
