MOSS Forum

Ask Question   UnAnswered
Home » Forum » MOSS       RSS Feeds

Problem with nested AD-groups

  Asked By: Elvis    Date: Mar 06    Category: MOSS    Views: 2327

I am involved in a MOSS 2007 project. Authenticating users is done with
Active Directory. The MOSS webapplication is on a domain and is using Windows

GroupA (an AD-group) has been set to have certain rights in MOSS. GroupB
(another AD-group) is nested in GroupA in the active directory. UserA (an
AD-user) is in GroupB in the active directory. When UserA try to get to a
page in MOSS the user is not allowed though the user should because of the
indirect rights.

I recognize this problem from before but cant remember exactly. I think it
has to do with nested active directory groups. I have searched the web and
Knowledgebase for answers but havent found any. I have seen though that
others experiencing the same problem. Can it be that
"WindowsPrincipal.IsInRole" do not work with nested groups.

Is there any problems with nested active directory groups? Is there a
Knowledgebase article about it? Anyone?



1 Answer Found

Answer #1    Answered By: Jaime Weaver     Answered On: Mar 06

I seem to remember that nested  AD groups don't work when they're nested
within SharePoint groups. They do work, however, when the AD group is
added as a SharePoint user.

Didn't find what you were looking for? Find more on Problem with nested AD-groups Or get search suggestion and latest updates.