locked
AD permissions invalid after domain controller reboot RRS feed

  • Question

  • I have two servers.  A domain controller running Exchange 2007 on Windows Server 2008.  Another server running WSS3 (12.0.0.6545) on Windows Server 2008.

    There are several AD security groups that contain AD users.  These AD groups are assigned to sharepoint groups to allow AD users to have access to the sharepoint content.

    If the domain controller is restarted, some of the users no longer can access sharepoint sites for which they have been assigned access and the user gets an access denied error message.

    This happens to about 5% of the users in AD that have access to the sharepoint sites.

    If the user is removed from the AD group and immediately added back to the group, the user's access is restored and they can access the site properly.

    How do I fix this problem in which the security link between sharepoint and AD users gets broken when the domain controller is restarted?


    Friday, August 5, 2011 5:32 PM

All replies

  • I have also seen this issue, but that was because users were added to multiple sharepoint groups using DL's. Can you verify this?


    Thanks & Regards, Soumyadev | Posting is provided "AS IS" with no warranties, and confers no rights.
    Monday, August 8, 2011 2:44 AM
  • I am not sure what you mean by DL...
    Wednesday, August 10, 2011 1:22 PM
  • DL means distribution List.
    Thanks & Regards, Soumyadev | Posting is provided "AS IS" with no warranties, and confers no rights.
    Wednesday, August 10, 2011 2:00 PM
  • I am not sure how to add a user to a sharepoint group using a distribution list.  Most of the users are members of AD domain security groups and the AD domain security groups are members of sharepoint groups or assigned directly to the ACL list of document libraries and lists.
    Wednesday, August 10, 2011 2:18 PM