3

I'm trying to give one user access to a certain folder in a share. The share gives Everyone Change/Read access. Likewise Domain Users has read/write permissions on the root of the share.

One of the folders is for IT use only so I've disabled inheritance and manually added Domain Admins (full control), my user account (full control), and am attempting to add another user through a group called IT_Low.

IT_Low is a universal security group that has just one user in it. When I add this group and give it read/write permissions on the IT folder this user is unable to access the folder at all. The only way I've been able to give him access is by adding his user directly or by adding Domain Users.

This doesn't make any sense to me. Why is the IT_Low group being ignored? I've triple checked that he is the sole member of that group.

Thanks, Chris.

Improve this question

1 Answer 1

Reset to default
3

Have you logged him out and then back in? The security token is issued when you log in, so if you add someone to a new group, they need to have the token re-issued to include that group's permissions. If they are already a member of a group, and the permissions on a directory change, they do not need to log out and then back in.

Improve this answer
1
  • You're my hero. I had no idea about this.
    – Chris76786777
    Commented Jul 6, 2011 at 18:13

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .