Welcome: Guest!

MOSS Forum

 
Home » Forum » MOSS       Ask a questionRSS Feeds

Problem with nested AD-groups

  Asked By: Elvis Roth         Date: Mar 06, 2007      Category: MOSS      Views: 371
 

I am involved in a MOSS 2007 project. Authenticating users is done with
Active Directory. The MOSS webapplication is on a domain and is using Windows
Authentication.

Sample:
GroupA (an AD-group) has been set to have certain rights in MOSS. GroupB
(another AD-group) is nested in GroupA in the active directory. UserA (an
AD-user) is in GroupB in the active directory. When UserA try to get to a
page in MOSS the user is not allowed though the user should because of the
indirect rights.

I recognize this problem from before but cant remember exactly. I think it
has to do with nested active directory groups. I have searched the web and
Knowledgebase for answers but havent found any. I have seen though that
others experiencing the same problem. Can it be that
"WindowsPrincipal.IsInRole" do not work with nested groups.

Is there any problems with nested active directory groups? Is there a
Knowledgebase article about it? Anyone?

Tagged:          

 

1 Answer Found

 
Answer #1       Answered By: Jaime Weaver          Answered On: Mar 06, 2007       

I seem to remember that nested  AD groups don't work when they're nested
within SharePoint groups. They do work, however, when the AD group is
added as a SharePoint user.

 
Didn't find what you were looking for? Find more on Problem with nested AD-groups Or get search suggestion and latest updates.


Your Answer
  • Answer should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

 
Hall of Fame  |  Facebook  |  Twitter  |  LinkedIn  |  Terms of Use  |  Privacy Policy  |  Contact us
RSS Feeds: Articles |  Forum |  New Users |  Activities |  Interview FAQ |  Poll |  Hotlinks


Go4Sharepoint, is a Microsoft Featured Community. Microsoft, Windows, Sharepoint, Sharepoint logo, Windows logo, etc are trademarks of the Microsoft Corporation. All product names, logos, copyrights, and trademarks mentioned are acknowledged as the registered intellectual property of their respective owners. This site is not in any way affiliated with, nor has it been authorized, sponsored, or otherwise approved by, Microsoft Corporation.

Copyright © 2008-2011