I bought a new file server to replace the current one.
On the old server users were added to shares randomly no using groups and quick fixes were used by taking off permission inheritance and some users even had "change permission" permission
So i'm starting from scratch resetting all the permissions.
We have about 60 Users, and if you add too many users to a share it starts to not load the display names properly when looking at the list of permissions it just shows Active Directory ID numbers instead.
This is what i want to do for each shared drive.
I have created a M_Drive$ share which people map to by use of a normal logon script.
I then removed Everyone from the list and created 2 Security groups on AD
One is called "Mdrive Read only" and the other one is called "Mdrive Read/Write"
And added users to the security group accordingly
On the share permissions i have added the above mentioned security groups.
And the same under the security tab making all its sub folders inherit permissions from the Mdrive shared folder.
The problem is it seems like the 2 security groups are ignored and do not apply.
It only works if i add the actual user to the Share permissions and Security permissions.
It also works if i add OU's
The only time the 2 security groups take effect is if i add "everyone" to the share permission and then the security group to the security permissions, This is not what i want because the users which are not members of my 2 security groups will then have access to resources which they cant have, also new users will automatically have access and cant add all users to the group cus then i have to manage it every time we create a user.
Seesh! Can someone please please help.
On the old server users were added to shares randomly no using groups and quick fixes were used by taking off permission inheritance and some users even had "change permission" permission
So i'm starting from scratch resetting all the permissions.
We have about 60 Users, and if you add too many users to a share it starts to not load the display names properly when looking at the list of permissions it just shows Active Directory ID numbers instead.
This is what i want to do for each shared drive.
I have created a M_Drive$ share which people map to by use of a normal logon script.
I then removed Everyone from the list and created 2 Security groups on AD
One is called "Mdrive Read only" and the other one is called "Mdrive Read/Write"
And added users to the security group accordingly
On the share permissions i have added the above mentioned security groups.
And the same under the security tab making all its sub folders inherit permissions from the Mdrive shared folder.
The problem is it seems like the 2 security groups are ignored and do not apply.
It only works if i add the actual user to the Share permissions and Security permissions.
It also works if i add OU's
The only time the 2 security groups take effect is if i add "everyone" to the share permission and then the security group to the security permissions, This is not what i want because the users which are not members of my 2 security groups will then have access to resources which they cant have, also new users will automatically have access and cant add all users to the group cus then i have to manage it every time we create a user.
Seesh! Can someone please please help.
Last edited: