Ntfs permissions in a AD domain environment

C

Charliey_2000

I was hopeing someone could explain how and when ntfs
permissions to servers within a windows 2000 domain in an
active directory enviroment was replicated. Whenever I
make a change for permissions with a domain account the
changes does not seem to take place until I loggoff a
workstation and log back in. This is true if I make the
permission changes from the server or from a remote
workstation.

I know with group policies and such there is a default
time interval for changes to be read but in those
situations I can always run gpudate.

With ntfs permissions how do I make a workstation read
the ntfs permission changes right away. If a user is
already logged into the workstation and needs access to
the shared folder I made the permission changes to they
need to logoff and login again.

Is this normal?
 
D

David Adner

NTFS permissions are not replicated. If User1 does not have access to a
folder and you then add it to Group2 which does have access, User1 has
to log off and back on before the user sees a change. This is because
when a user logs on they are actually getting a security token that
details their group memberships and such. It's not refreshed unless they
log off and back on.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

NTFS vs Shared 3
NTFS Permissions Architecture - Best Practices? 6
Grant ntfs permission on domain computer to WORKGROUPComp\User 2
Problem in assigning permissions to shared folder for a user in parent domain 0
NTFS Permissions on local groups after dcpromo? 1
AD User & Inherited Permissions 7
Services Permissions 1
Migrating NTFS Permissions 2

Top