Sign in with
Sign up | Sign in
Your question

Problems with giving the Domain Users group access to fold..

Last response: in Windows 2000/NT
Share
Anonymous
a b 8 Security
July 28, 2004 6:58:15 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Hello,

Having a problem here with giving the group Domain Users rights to
objects. For example, I have a \bin\ folder. I right click on this
folder and select the Security tab. Then I click Add..., choose
Domain Users from the Entire Directory, and give the group full
control from the checkboxes.

Here's where the problem starts. Members of Domain Users still aren't
getting the access they need to \...\bin\. If I go back and check the
security settings for that folder, there's no Domain Users listing.
In its place is a "None" group. Its syntax is None(<<Local computer
name>>\None).

How can I keep this from happening? No matter how many times I try to
add Domain users to an object, it always changes to the None group.

Thanks,

--CW
Anonymous
a b 8 Security
July 29, 2004 7:46:36 AM

Archived from groups: microsoft.public.win2000.security (More info?)

That's a new one on me. I have never seen a "none" group. The syntax also suggests
that "none" is a local computer group. Try giving "users" from the local computer
permissions to see if that works. The local users group on a domain computer contains
the domain users group. Usually a group does not disappear, but instead you will see
a bunch of numbers that are the unresolved sid for the group.

It would be a good idea to give that computer a full virus scan with virus
definitions up to date as of today since you are having unexplained behavior. Also
run netdiag on it looking for any failed tests that may indicate a problem with
domain access such as failed test/errors for dns, dc discover, kerberos, and domain
membership-secure channel. nediag is part of the support tools on the install cdrom
in the support/tools folder where you will need to run the setup program there. ---
Steve


"corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
news:216bf30e.0407281358.670a3d20@posting.google.com...
> Hello,
>
> Having a problem here with giving the group Domain Users rights to
> objects. For example, I have a \bin\ folder. I right click on this
> folder and select the Security tab. Then I click Add..., choose
> Domain Users from the Entire Directory, and give the group full
> control from the checkboxes.
>
> Here's where the problem starts. Members of Domain Users still aren't
> getting the access they need to \...\bin\. If I go back and check the
> security settings for that folder, there's no Domain Users listing.
> In its place is a "None" group. Its syntax is None(<<Local computer
> name>>\None).
>
> How can I keep this from happening? No matter how many times I try to
> add Domain users to an object, it always changes to the None group.
>
> Thanks,
>
> --CW
Anonymous
a b 8 Security
July 30, 2004 1:13:08 PM

Archived from groups: microsoft.public.win2000.security (More info?)

I thought it was very curious behavior as well... especially with
regard to Domain Users "changing" to a local group. Local groups and
accounts are not allowed on our system by the security folks either.
At any rate, we're having some of the SID issues you mentioned below
as well. I'm starting to wonder is this comes from cloning/ghosting a
machine... at least that's when I see these problems raise their ugly
head. I did follow Q262958 (even though we're not getting any 1000 or
1053 errors) without any success.

So with all of this said, do you have any insight on how to clean up
the "bunch of numbers that are the unresolved sid for the group"?

Oh, BTW netdiag /fix fails on the DC with "[FATAL] Failed to get
system information of this machine". I'm NOT getting any DNS errors
(only browser errors - 8021 & 8032). Any ideas?

Thanks again!

--CW


"Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message news:<wq_Nc.174849$a24.97243@attbi_s03>...
> That's a new one on me. I have never seen a "none" group. The syntax also suggests
> that "none" is a local computer group. Try giving "users" from the local computer
> permissions to see if that works. The local users group on a domain computer contains
> the domain users group. Usually a group does not disappear, but instead you will see
> a bunch of numbers that are the unresolved sid for the group.
>
> It would be a good idea to give that computer a full virus scan with virus
> definitions up to date as of today since you are having unexplained behavior. Also
> run netdiag on it looking for any failed tests that may indicate a problem with
> domain access such as failed test/errors for dns, dc discover, kerberos, and domain
> membership-secure channel. nediag is part of the support tools on the install cdrom
> in the support/tools folder where you will need to run the setup program there. ---
> Steve
>
>
> "corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
> news:216bf30e.0407281358.670a3d20@posting.google.com...
> > Hello,
> >
> > Having a problem here with giving the group Domain Users rights to
> > objects. For example, I have a \bin\ folder. I right click on this
> > folder and select the Security tab. Then I click Add..., choose
> > Domain Users from the Entire Directory, and give the group full
> > control from the checkboxes.
> >
> > Here's where the problem starts. Members of Domain Users still aren't
> > getting the access they need to \...\bin\. If I go back and check the
> > security settings for that folder, there's no Domain Users listing.
> > In its place is a "None" group. Its syntax is None(<<Local computer
> > name>>\None).
> >
> > How can I keep this from happening? No matter how many times I try to
> > add Domain users to an object, it always changes to the None group.
> >
> > Thanks,
> >
> > --CW
Related resources
Anonymous
a b 8 Security
July 30, 2004 11:27:24 PM

Archived from groups: microsoft.public.win2000.security (More info?)

You certainly don't want to have computers with the same sid. SysInternals explains
this and how to remedy it as shown in the link below.

http://www.sysinternals.com/ntw2k/source/newsid.shtml
http://www.sysinternals.com/ntw2k/freeware/psgetsid.sht... --- displays sids for a
computer or local user

The Event ID's. for 8021 and 8032 are usually caused by a master browser being
multihomed. The fsmo pdc for the domain is usually the master domain browser and it
is multihomed or used as a rras server [virtual adapter even if it has one nic] you
can get those errors and experience problems with the browse list.

http://support.microsoft.com/default.aspx?scid=http://s...

Any fatal error is not good with netdiag. Running netdiag /v may give more info and
dcdiag should also be run on domain controllers. First thing to check is dns
configuration in that domain controllers should point to the first domain controller
in the domain [pdc fsmo] and themselves as second in the list of preferred dns
servers in tcp/ip properties. Domain members need to point to only domain controllers
for their dns and never an ISP dns server on any domain computer. Dns problems can
result in the unresolved sids you are seeing if they are domain groups on a domain
computer. Also ipsec policies [client/respond/request] that involve the domain
controller can also cause networking problems in the domain. --- Steve

"corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
news:216bf30e.0407300813.7a3ab8ed@posting.google.com...
> I thought it was very curious behavior as well... especially with
> regard to Domain Users "changing" to a local group. Local groups and
> accounts are not allowed on our system by the security folks either.
> At any rate, we're having some of the SID issues you mentioned below
> as well. I'm starting to wonder is this comes from cloning/ghosting a
> machine... at least that's when I see these problems raise their ugly
> head. I did follow Q262958 (even though we're not getting any 1000 or
> 1053 errors) without any success.
>
> So with all of this said, do you have any insight on how to clean up
> the "bunch of numbers that are the unresolved sid for the group"?
>
> Oh, BTW netdiag /fix fails on the DC with "[FATAL] Failed to get
> system information of this machine". I'm NOT getting any DNS errors
> (only browser errors - 8021 & 8032). Any ideas?
>
> Thanks again!
>
> --CW
>
>
> "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
news:<wq_Nc.174849$a24.97243@attbi_s03>...
> > That's a new one on me. I have never seen a "none" group. The syntax also
suggests
> > that "none" is a local computer group. Try giving "users" from the local computer
> > permissions to see if that works. The local users group on a domain computer
contains
> > the domain users group. Usually a group does not disappear, but instead you will
see
> > a bunch of numbers that are the unresolved sid for the group.
> >
> > It would be a good idea to give that computer a full virus scan with virus
> > definitions up to date as of today since you are having unexplained behavior.
Also
> > run netdiag on it looking for any failed tests that may indicate a problem with
> > domain access such as failed test/errors for dns, dc discover, kerberos, and
domain
> > membership-secure channel. nediag is part of the support tools on the install
cdrom
> > in the support/tools folder where you will need to run the setup program
here. ---
> > Steve
> >
> >
> > "corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
> > news:216bf30e.0407281358.670a3d20@posting.google.com...
> > > Hello,
> > >
> > > Having a problem here with giving the group Domain Users rights to
> > > objects. For example, I have a \bin\ folder. I right click on this
> > > folder and select the Security tab. Then I click Add..., choose
> > > Domain Users from the Entire Directory, and give the group full
> > > control from the checkboxes.
> > >
> > > Here's where the problem starts. Members of Domain Users still aren't
> > > getting the access they need to \...\bin\. If I go back and check the
> > > security settings for that folder, there's no Domain Users listing.
> > > In its place is a "None" group. Its syntax is None(<<Local computer
> > > name>>\None).
> > >
> > > How can I keep this from happening? No matter how many times I try to
> > > add Domain users to an object, it always changes to the None group.
> > >
> > > Thanks,
> > >
> > > --CW
Anonymous
a b 8 Security
August 2, 2004 2:37:41 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Steve,

Thanks for the help so far!!! I have another question based upon your
last post. I have 2 DCs -- dc1 and dc2. dc1 and dc2 are both DNS
servers and both are domain controllers (with dc1 being the fsmo pdc).
dc1 is 10.10.0.10 and dc2 is 10.10.0.14. You wrote:

> First thing to check is dns configuration in that domain controllers should
> point to the first domain controller in the domain [pdc fsmo]
> and themselves as second in the list of preferred dns.

So in the case of dc1, are both the primary and seconday DNS addresses
10.10.0.10 then?

Thanks,

--CW

"Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message news:<wixOc.60065$eM2.45212@attbi_s51>...
> You certainly don't want to have computers with the same sid. SysInternals explains
> this and how to remedy it as shown in the link below.
>
> http://www.sysinternals.com/ntw2k/source/newsid.shtml
> http://www.sysinternals.com/ntw2k/freeware/psgetsid.sht... --- displays sids for a
> computer or local user
>
> The Event ID's. for 8021 and 8032 are usually caused by a master browser being
> multihomed. The fsmo pdc for the domain is usually the master domain browser and it
> is multihomed or used as a rras server [virtual adapter even if it has one nic] you
> can get those errors and experience problems with the browse list.
>
> http://support.microsoft.com/default.aspx?scid=http://s...
>
> Any fatal error is not good with netdiag. Running netdiag /v may give more info and
> dcdiag should also be run on domain controllers. First thing to check is dns
> configuration in that domain controllers should point to the first domain controller
> in the domain [pdc fsmo] and themselves as second in the list of preferred dns
> servers in tcp/ip properties. Domain members need to point to only domain controllers
> for their dns and never an ISP dns server on any domain computer. Dns problems can
> result in the unresolved sids you are seeing if they are domain groups on a domain
> computer. Also ipsec policies [client/respond/request] that involve the domain
> controller can also cause networking problems in the domain. --- Steve
>
> "corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
> news:216bf30e.0407300813.7a3ab8ed@posting.google.com...
> > I thought it was very curious behavior as well... especially with
> > regard to Domain Users "changing" to a local group. Local groups and
> > accounts are not allowed on our system by the security folks either.
> > At any rate, we're having some of the SID issues you mentioned below
> > as well. I'm starting to wonder is this comes from cloning/ghosting a
> > machine... at least that's when I see these problems raise their ugly
> > head. I did follow Q262958 (even though we're not getting any 1000 or
> > 1053 errors) without any success.
> >
> > So with all of this said, do you have any insight on how to clean up
> > the "bunch of numbers that are the unresolved sid for the group"?
> >
> > Oh, BTW netdiag /fix fails on the DC with "[FATAL] Failed to get
> > system information of this machine". I'm NOT getting any DNS errors
> > (only browser errors - 8021 & 8032). Any ideas?
> >
> > Thanks again!
> >
> > --CW
> >
> >
> > "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
> news:<wq_Nc.174849$a24.97243@attbi_s03>...
> > > That's a new one on me. I have never seen a "none" group. The syntax also
> suggests
> > > that "none" is a local computer group. Try giving "users" from the local computer
> > > permissions to see if that works. The local users group on a domain computer
> contains
> > > the domain users group. Usually a group does not disappear, but instead you will
> see
> > > a bunch of numbers that are the unresolved sid for the group.
> > >
> > > It would be a good idea to give that computer a full virus scan with virus
> > > definitions up to date as of today since you are having unexplained behavior.
> Also
> > > run netdiag on it looking for any failed tests that may indicate a problem with
> > > domain access such as failed test/errors for dns, dc discover, kerberos, and
> domain
> > > membership-secure channel. nediag is part of the support tools on the install
> cdrom
> > > in the support/tools folder where you will need to run the setup program
> here. ---
> > > Steve
> > >
> > >
> > > "corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
> > > news:216bf30e.0407281358.670a3d20@posting.google.com...
> > > > Hello,
> > > >
> > > > Having a problem here with giving the group Domain Users rights to
> > > > objects. For example, I have a \bin\ folder. I right click on this
> > > > folder and select the Security tab. Then I click Add..., choose
> > > > Domain Users from the Entire Directory, and give the group full
> > > > control from the checkboxes.
> > > >
> > > > Here's where the problem starts. Members of Domain Users still aren't
> > > > getting the access they need to \...\bin\. If I go back and check the
> > > > security settings for that folder, there's no Domain Users listing.
> > > > In its place is a "None" group. Its syntax is None(<<Local computer
> > > > name>>\None).
> > > >
> > > > How can I keep this from happening? No matter how many times I try to
> > > > add Domain users to an object, it always changes to the None group.
> > > >
> > > > Thanks,
> > > >
> > > > --CW
Anonymous
a b 8 Security
August 3, 2004 12:19:03 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Hi CW.

See the link below for explaination. The first dc can point just to itself as the
primary only. --- Steve

http://support.microsoft.com/default.aspx?scid=kb%3Ben-...

"corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
news:216bf30e.0408020937.695d809e@posting.google.com...
> Steve,
>
> Thanks for the help so far!!! I have another question based upon your
> last post. I have 2 DCs -- dc1 and dc2. dc1 and dc2 are both DNS
> servers and both are domain controllers (with dc1 being the fsmo pdc).
> dc1 is 10.10.0.10 and dc2 is 10.10.0.14. You wrote:
>
> > First thing to check is dns configuration in that domain controllers should
> > point to the first domain controller in the domain [pdc fsmo]
> > and themselves as second in the list of preferred dns.
>
> So in the case of dc1, are both the primary and seconday DNS addresses
> 10.10.0.10 then?
>
> Thanks,
>
> --CW
>
> "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
news:<wixOc.60065$eM2.45212@attbi_s51>...
> > You certainly don't want to have computers with the same sid. SysInternals
explains
> > this and how to remedy it as shown in the link below.
> >
> > http://www.sysinternals.com/ntw2k/source/newsid.shtml
> > http://www.sysinternals.com/ntw2k/freeware/psgetsid.sht... --- displays sids for
a
> > computer or local user
> >
> > The Event ID's. for 8021 and 8032 are usually caused by a master browser being
> > multihomed. The fsmo pdc for the domain is usually the master domain browser and
it
> > is multihomed or used as a rras server [virtual adapter even if it has one nic]
you
> > can get those errors and experience problems with the browse list.
> >
> >
http://support.microsoft.com/default.aspx?scid=http://s...
> >
> > Any fatal error is not good with netdiag. Running netdiag /v may give more info
and
> > dcdiag should also be run on domain controllers. First thing to check is dns
> > configuration in that domain controllers should point to the first domain
controller
> > in the domain [pdc fsmo] and themselves as second in the list of preferred dns
> > servers in tcp/ip properties. Domain members need to point to only domain
controllers
> > for their dns and never an ISP dns server on any domain computer. Dns problems
can
> > result in the unresolved sids you are seeing if they are domain groups on a
domain
> > computer. Also ipsec policies [client/respond/request] that involve the domain
> > controller can also cause networking problems in the domain. --- Steve
> >
> > "corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
> > news:216bf30e.0407300813.7a3ab8ed@posting.google.com...
> > > I thought it was very curious behavior as well... especially with
> > > regard to Domain Users "changing" to a local group. Local groups and
> > > accounts are not allowed on our system by the security folks either.
> > > At any rate, we're having some of the SID issues you mentioned below
> > > as well. I'm starting to wonder is this comes from cloning/ghosting a
> > > machine... at least that's when I see these problems raise their ugly
> > > head. I did follow Q262958 (even though we're not getting any 1000 or
> > > 1053 errors) without any success.
> > >
> > > So with all of this said, do you have any insight on how to clean up
> > > the "bunch of numbers that are the unresolved sid for the group"?
> > >
> > > Oh, BTW netdiag /fix fails on the DC with "[FATAL] Failed to get
> > > system information of this machine". I'm NOT getting any DNS errors
> > > (only browser errors - 8021 & 8032). Any ideas?
> > >
> > > Thanks again!
> > >
> > > --CW
> > >
> > >
> > > "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
> > news:<wq_Nc.174849$a24.97243@attbi_s03>...
> > > > That's a new one on me. I have never seen a "none" group. The syntax also
> > suggests
> > > > that "none" is a local computer group. Try giving "users" from the local
computer
> > > > permissions to see if that works. The local users group on a domain computer
> > contains
> > > > the domain users group. Usually a group does not disappear, but instead you
will
> > see
> > > > a bunch of numbers that are the unresolved sid for the group.
> > > >
> > > > It would be a good idea to give that computer a full virus scan with virus
> > > > definitions up to date as of today since you are having unexplained behavior.
> > Also
> > > > run netdiag on it looking for any failed tests that may indicate a problem
with
> > > > domain access such as failed test/errors for dns, dc discover, kerberos, and
> > domain
> > > > membership-secure channel. nediag is part of the support tools on the install
> > cdrom
> > > > in the support/tools folder where you will need to run the setup program
> > here. ---
> > > > Steve
> > > >
> > > >
> > > > "corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
> > > > news:216bf30e.0407281358.670a3d20@posting.google.com...
> > > > > Hello,
> > > > >
> > > > > Having a problem here with giving the group Domain Users rights to
> > > > > objects. For example, I have a \bin\ folder. I right click on this
> > > > > folder and select the Security tab. Then I click Add..., choose
> > > > > Domain Users from the Entire Directory, and give the group full
> > > > > control from the checkboxes.
> > > > >
> > > > > Here's where the problem starts. Members of Domain Users still aren't
> > > > > getting the access they need to \...\bin\. If I go back and check the
> > > > > security settings for that folder, there's no Domain Users listing.
> > > > > In its place is a "None" group. Its syntax is None(<<Local computer
> > > > > name>>\None).
> > > > >
> > > > > How can I keep this from happening? No matter how many times I try to
> > > > > add Domain users to an object, it always changes to the None group.
> > > > >
> > > > > Thanks,
> > > > >
> > > > > --CW
Anonymous
a b 8 Security
August 3, 2004 10:14:57 AM

Archived from groups: microsoft.public.win2000.security (More info?)

Steve,

Thanks for all your help... I did find out over the course of fixing
this problem that for netdiag to work, the Remote Registry Service has
to be enabled. I had it disabled based upon guidance from our
security folks.

Thanks,

--CW

"Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message news:<XkxPc.235884$Oq2.5412@attbi_s52>...
> Hi CW.
>
> See the link below for explaination. The first dc can point just to itself as the
> primary only. --- Steve
>
> http://support.microsoft.com/default.aspx?scid=kb%3Ben-...
>
> "corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
> news:216bf30e.0408020937.695d809e@posting.google.com...
> > Steve,
> >
> > Thanks for the help so far!!! I have another question based upon your
> > last post. I have 2 DCs -- dc1 and dc2. dc1 and dc2 are both DNS
> > servers and both are domain controllers (with dc1 being the fsmo pdc).
> > dc1 is 10.10.0.10 and dc2 is 10.10.0.14. You wrote:
> >
> > > First thing to check is dns configuration in that domain controllers should
> > > point to the first domain controller in the domain [pdc fsmo]
> > > and themselves as second in the list of preferred dns.
> >
> > So in the case of dc1, are both the primary and seconday DNS addresses
> > 10.10.0.10 then?
> >
> > Thanks,
> >
> > --CW
> >
> > "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
> news:<wixOc.60065$eM2.45212@attbi_s51>...
> > > You certainly don't want to have computers with the same sid. SysInternals
> explains
> > > this and how to remedy it as shown in the link below.
> > >
> > > http://www.sysinternals.com/ntw2k/source/newsid.shtml
> > > http://www.sysinternals.com/ntw2k/freeware/psgetsid.sht... --- displays sids for
> a
> > > computer or local user
> > >
> > > The Event ID's. for 8021 and 8032 are usually caused by a master browser being
> > > multihomed. The fsmo pdc for the domain is usually the master domain browser and
> it
> > > is multihomed or used as a rras server [virtual adapter even if it has one nic]
> you
> > > can get those errors and experience problems with the browse list.
> > >
> > >
> http://support.microsoft.com/default.aspx?scid=http://s...
> > >
> > > Any fatal error is not good with netdiag. Running netdiag /v may give more info
> and
> > > dcdiag should also be run on domain controllers. First thing to check is dns
> > > configuration in that domain controllers should point to the first domain
> controller
> > > in the domain [pdc fsmo] and themselves as second in the list of preferred dns
> > > servers in tcp/ip properties. Domain members need to point to only domain
> controllers
> > > for their dns and never an ISP dns server on any domain computer. Dns problems
> can
> > > result in the unresolved sids you are seeing if they are domain groups on a
> domain
> > > computer. Also ipsec policies [client/respond/request] that involve the domain
> > > controller can also cause networking problems in the domain. --- Steve
> > >
> > > "corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
> > > news:216bf30e.0407300813.7a3ab8ed@posting.google.com...
> > > > I thought it was very curious behavior as well... especially with
> > > > regard to Domain Users "changing" to a local group. Local groups and
> > > > accounts are not allowed on our system by the security folks either.
> > > > At any rate, we're having some of the SID issues you mentioned below
> > > > as well. I'm starting to wonder is this comes from cloning/ghosting a
> > > > machine... at least that's when I see these problems raise their ugly
> > > > head. I did follow Q262958 (even though we're not getting any 1000 or
> > > > 1053 errors) without any success.
> > > >
> > > > So with all of this said, do you have any insight on how to clean up
> > > > the "bunch of numbers that are the unresolved sid for the group"?
> > > >
> > > > Oh, BTW netdiag /fix fails on the DC with "[FATAL] Failed to get
> > > > system information of this machine". I'm NOT getting any DNS errors
> > > > (only browser errors - 8021 & 8032). Any ideas?
> > > >
> > > > Thanks again!
> > > >
> > > > --CW
> > > >
> > > >
> > > > "Steven L Umbach" <n9rou@n0-spam-for-me-comcast.net> wrote in message
> news:<wq_Nc.174849$a24.97243@attbi_s03>...
> > > > > That's a new one on me. I have never seen a "none" group. The syntax also
> suggests
> > > > > that "none" is a local computer group. Try giving "users" from the local
> computer
> > > > > permissions to see if that works. The local users group on a domain computer
> contains
> > > > > the domain users group. Usually a group does not disappear, but instead you
> will
> see
> > > > > a bunch of numbers that are the unresolved sid for the group.
> > > > >
> > > > > It would be a good idea to give that computer a full virus scan with virus
> > > > > definitions up to date as of today since you are having unexplained behavior.
> Also
> > > > > run netdiag on it looking for any failed tests that may indicate a problem
> with
> > > > > domain access such as failed test/errors for dns, dc discover, kerberos, and
> domain
> > > > > membership-secure channel. nediag is part of the support tools on the install
> cdrom
> > > > > in the support/tools folder where you will need to run the setup program
> here. ---
> > > > > Steve
> > > > >
> > > > >
> > > > > "corn29@ no_spam excite.com" <corn29@excite.com> wrote in message
> > > > > news:216bf30e.0407281358.670a3d20@posting.google.com...
> > > > > > Hello,
> > > > > >
> > > > > > Having a problem here with giving the group Domain Users rights to
> > > > > > objects. For example, I have a \bin\ folder. I right click on this
> > > > > > folder and select the Security tab. Then I click Add..., choose
> > > > > > Domain Users from the Entire Directory, and give the group full
> > > > > > control from the checkboxes.
> > > > > >
> > > > > > Here's where the problem starts. Members of Domain Users still aren't
> > > > > > getting the access they need to \...\bin\. If I go back and check the
> > > > > > security settings for that folder, there's no Domain Users listing.
> > > > > > In its place is a "None" group. Its syntax is None(<<Local computer
> > > > > > name>>\None).
> > > > > >
> > > > > > How can I keep this from happening? No matter how many times I try to
> > > > > > add Domain users to an object, it always changes to the None group.
> > > > > >
> > > > > > Thanks,
> > > > > >
> > > > > > --CW
!