Question on AD Groups and Sharepoint Groups
https://sharepoint.stackexchange.com//questions/100111
-
10-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a security group inside Active Directory called 'Services'. I've added a number of users to the group. I then went into Sharepoint and added that group to the 'Contribute' sharepoint group. The group appeared in the intellisense so I figured all was fine.
But when I take a user who is part of the Active Directory group and click 'Check Permissions' inside Sharepoint, they aren't showing up with the rights that are granted to 'Contribute'. I can add the users directory to the Sharepoint group, but that defeats the purpose of managing Sharepoint via AD.
I have set the claims authentication ticket to expire every two minutes and have waited over an hour. I also did a full user synchronization to see if that would change anything but it didn't.
Is there another process that we can use to force the claims updates to refresh?
Solution
Members of AD groups cannot be viewed by SharePoint (without code). Therefore, when you check permissions, members of the group will show as having no rights. Here is an article discussing this: https://www.nothingbutsharepoint.com/sites/eusp/pages/active-directory-groups-vs--sharepoint-groups-for-user-management-a-dilemma.aspx
