No announcement yet.

Permission settings ignored.

  • Filter
  • Time
  • Show
Clear All
new posts

  • Permission settings ignored.

    I have inherited a network a year or so ago running Active Directory, the network was set up without expansion in mind... so now that we have 256+ devices on the network I get to set things up all over again.

    I did a fresh server install with Active Directory, and everything seemed to be running smoothly. As I moved people's accounts over to the new network I noticed that permissions I had set for OU's or individual user accounts had no effect at all. Or to clarify, when I relaxed restrictions there was no effect.

    All users, including the Administrator account when logged into a remote machine, with the exception of the domain server, have the security settings of what seems to be the domain/users group default settings.

    Shared folders and files can be viewed and opened but not edited or created no matter what I set security permissions to. Log-in scripts aren't even attempted to be ran.

    The local users machines allow basic file creation, editing etc. But they can't install/ uninstall programs, Add / remove hardware, and all that other slightly more then basic stuff.

    My best guess is I'm doing something simple and wrong with Default Domain Policy. At first I left it alone and created a new one 'above' it with mine password requrement changes (everything else left undefined). So I tried disabling the Default Domain Policy, no dice.

    Things that may matter:
    *The server is running NAT while I migrate domains from a C to an A class network, so both can access the internet.
    *Server 2003 sp2.
    *No other servers at all on this network.


  • #2
    Re: Permission settings ignored.

    maybe you can try dcgpofix on old default domain policy
    The chase is better than the catch


    • #3
      Re: Permission settings ignored.

      I don't get why you would set up a new AD domain because you needed to change your ip addressing scheme. Did you think that you needed to build a new AD to accomodate your new network?