issue with nested security groups

Home Forums Microsoft Networking and Management Services Active Directory issue with nested security groups

Viewing 1 post (of 1 total)
  • Author
  • Avatar


    So i made a security group (lets call it Group A) and delegated it a bunch of rights in AD such as being able to create accounts etc. I created a second group (Group B) and delegated it different rights using group policies (log on remotely to servers etc).

    I want everyone in group B to have the Group B rights, plus all of the Group A rights… so i make Group B a member of Group A.

    I add a user account as a member of group b and open ADUC.

    User account only has the permissions delegated to Group B. It is unable to create new accounts.

    If I just make the user account a member of both group A and Group B – it works fine.

    Dont delegated permissions get passed down through group nesting? If not – whats the point of nesting groups?

    Hopefully someone can explain what is going on

    P.s I’m using Server 2003 R2



Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.