Archived from groups: microsoft.public.win2000.active_directory (
More info?)
Correct.
On Tue, 29 Mar 2005 04:37:05 -0800, GLT <GLT@discussions.microsoft.com> wrote:
>Thank you, Jerold.
>
>So to assign permission on a Member Server in our Mixed Mode Domain I will
>have to use Global Groups since Domain Local is not available, correct?
>
>Again, many thanks!
>
>"Jerold Schulman" wrote:
>
>>
>> In mixed-mode, domain local groups only exist on domain controllers.
>>
http://support.microsoft.com?kbid=231273 "Group Type and Scope Usage in Windows "
>>
http://support.microsoft.com?kbid=243330 "Well-known security identifiers in Windows operating systems "
>>
http://support.microsoft.com?kbid=260534 "Members of a Domain Local Group Are Not Granted Rights "
>>
http://support.microsoft.com?kbid=309172 "Group Policy Should Not Be Filtered By Domain Local Groups "
>>
http://support.microsoft.com?kbid=320230 "Permissions Are Affected After You Demote a Domain Controller "
>>
http://support.microsoft.com?kbid=823908 "'Error: Access Is Denied' Error Message Occurs When You Try to Access a Shared Folder "
>>
>>
>>
>> On Mon, 28 Mar 2005 17:59:09 -0800, GLT <GLT@discussions.microsoft.com> wrote:
>>
>> >I need to clarify that statement: "In other words, in Mixed Mode you can't
>> >assign Global Groups to Domain Local Groups on a Member Server?"
>> >
>> >Should read: in Mixed Mode Domain Local Groups are not available on a Member
>> >Server to put Global Groups in?"
>> >
>> >If that is the case, do you assign Global Groups to the resource?
>> >
>> >
>> >
>> >"GLT" wrote:
>> >
>> >> Thanks Jerold. I don't quite follow what you mean though. Is it a correct
>> >> statement that you cannot use Domain Local Groups in Mixed Mode? In other
>> >> words, in Mixed Mode you can't assign Global Groups to Domain Local Groups on
>> >> a Member Server?
>> >>
>> >> "Jerold Schulman" wrote:
>> >>
>> >> > On Mon, 28 Mar 2005 16:19:02 -0800, GLT <GLT@discussions.microsoft.com> wrote:
>> >> >
>> >> > >We are using Server 2003 in a Mixed-Mode environment, one Domain. Why is it
>> >> > >that I cannot create a Domain Local Group on a Member Server? This is driving
>> >> > >me nuts. Do we have to be in Native Mode?
>> >> > >
>> >> > >What I wanted to do was create a Global Group, put Users in it, and then
>> >> > >place that Global Group into a Domain Local Group. Which would then be
>> >> > >assigned to a Resource.
>> >> > >
>> >> > >I can CREATE the Domain Local Group on the DC, but when I try and add it to
>> >> > >a Global Group on a Member Server, it's not there.
>> >> > >
>> >> > >Thank you!
>> >> >
>> >> > In mixed mode, the scope of the domain local group is the domain controllers
>> >> >
>> >> >
>> >> > Jerold Schulman
>> >> > Windows Server MVP
>> >> > JSI, Inc.
>> >> >
http://www.jsiinc.com
>> >> >
>>
>>
>> Jerold Schulman
>> Windows Server MVP
>> JSI, Inc.
>>
http://www.jsiinc.com
>>
Jerold Schulman
Windows Server MVP
JSI, Inc.
http://www.jsiinc.com
Facebook
Twitter
Instagram