G
Guest
Hello, we have a strange problem and are desperate for help. We have a
Windows 2000 AD environment in which there is one root level domain and two
child domains. One child domain is working perfectly fine, the other one is
causing major headaches.
I'll call the root domain root.domain and then sitea.root.domain and
siteb.root.domain.
What we're trying to do is have users log in to root.domain with their
root.domain account and then do something simple like create a file or folder
on a member server in the siteb.root.domain space. Everything has been set
up; we can go to the member server and set permissions on the folder so that
the root.domain user will have full permission to the resource. So, accounts
are pulling over fine. In fact, for some users have absolutely no problems.
The issue seems to follow user accounts. But, the user accounts having
access problems are set up EXACTLY the same as the one's that are not. Not
just in Active Directory, but also at the file and folder permissions levels
on the member server.
What happens is, the user will simply get an access denied error message
when trying to access the folder. I have also seen some users that are able
to open the folder up, but then they can't create folders or files inside the
folder. Again these users have the same permissions on the folder as myself
which btw I have not yet had a problem. We have even gone so far as to grant
the users with problems domain admin privilges in siteb.root.domain.
The only reason I mention sitea.root.domain is because we actually have
another child domain working, as far as I know, perfectly. Any advice would
be greatly appreciated.
Windows 2000 AD environment in which there is one root level domain and two
child domains. One child domain is working perfectly fine, the other one is
causing major headaches.
I'll call the root domain root.domain and then sitea.root.domain and
siteb.root.domain.
What we're trying to do is have users log in to root.domain with their
root.domain account and then do something simple like create a file or folder
on a member server in the siteb.root.domain space. Everything has been set
up; we can go to the member server and set permissions on the folder so that
the root.domain user will have full permission to the resource. So, accounts
are pulling over fine. In fact, for some users have absolutely no problems.
The issue seems to follow user accounts. But, the user accounts having
access problems are set up EXACTLY the same as the one's that are not. Not
just in Active Directory, but also at the file and folder permissions levels
on the member server.
What happens is, the user will simply get an access denied error message
when trying to access the folder. I have also seen some users that are able
to open the folder up, but then they can't create folders or files inside the
folder. Again these users have the same permissions on the folder as myself
which btw I have not yet had a problem. We have even gone so far as to grant
the users with problems domain admin privilges in siteb.root.domain.
The only reason I mention sitea.root.domain is because we actually have
another child domain working, as far as I know, perfectly. Any advice would
be greatly appreciated.