Thanks to everyone who pitched in to help - The problem is now (probably) solved.
Jeremy Taylor (from www.jeremytaylor.net<http://www.jeremytaylor.net> excellent blog for admins) made me check what type of group it is in AD. The client created "local domain" type groups. Jeremy suggested switching to "Global" type - which worked on a new group we created for testing, and the client is now testing to see if converting the group type fixes the existing groups. Today's lesson (and probably for Jermey's blog) - use Global AD groups with SharePoint 2010, even if local domain groups work fine with sharepoint 2007. [Description: Description: C:\Users\Brian\Pictures\EXD Logos\Extelligent logo no text.jpg]Ishai Sagi | Solutions Architect 0488 789 786 | [email protected]<mailto:[email protected]> | www.sharepoint-tips.com<http://www.sharepoint-tips.com/> | @ishaisagi<http://twitter.com/ishaisagi> | MVP Profile<https://mvp.support.microsoft.com/profile/Ishai> From: [email protected] [mailto:[email protected]] On Behalf Of Ishai Sagi Sent: Monday, 29 April 2013 1:14 PM To: ozMOSS Subject: RE: users added to AD group not recognised by SharePoint 2010, on premise, no ADFS. This is a simple deployment, with the only complexity being that there are multiple servers in the farm...not even hardware load balancing. [Description: Description: C:\Users\Brian\Pictures\EXD Logos\Extelligent logo no text.jpg]Ishai Sagi | Solutions Architect 0488 789 786 | [email protected]<mailto:[email protected]> | www.sharepoint-tips.com<http://www.sharepoint-tips.com/> | @ishaisagi<http://twitter.com/ishaisagi> | MVP Profile<https://mvp.support.microsoft.com/profile/Ishai> From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Web Admin Sent: Monday, 29 April 2013 12:28 PM To: ozMOSS Subject: Re: users added to AD group not recognised by SharePoint Wow. No. Is this 2013? On premise or cloud? Any ADFS involved? On 29 April 2013 11:01, Ishai Sagi <[email protected]<mailto:[email protected]>> wrote: Scenario: Sharepoint group X has AD group Y. everyone in group Y can go into sharepoint site. User Z is added to AD group Y, but is still unable to get to site. Check permissions button confirm the user doesn't have permissions - despite being in the AD group Y. What we checked: 1. Ensured the correct user has been added to correct AD group 2. Set the token timeout property (http://blog.amhawkins.com/2012/12/17/setting-the-sharepoint-2010-token-timeout-property/) to 1 second 3. Waited an entire weekend to see if replication picks anything up Anyone seen anything like this? [Description: Description: C:\Users\Brian\Pictures\EXD Logos\Extelligent logo no text.jpg]Ishai Sagi | Solutions Architect 0488 789 786 | [email protected]<mailto:[email protected]> | www.sharepoint-tips.com<http://www.sharepoint-tips.com/> | @ishaisagi<http://twitter.com/ishaisagi> | MVP Profile<https://mvp.support.microsoft.com/profile/Ishai> _______________________________________________ ozmoss mailing list [email protected]<mailto:[email protected]> http://prdlxvm0001.codify.net/mailman/listinfo/ozmoss
<<inline: image001.jpg>>
<<inline: image002.jpg>>
<<inline: image005.jpg>>
_______________________________________________ ozmoss mailing list [email protected] http://prdlxvm0001.codify.net/mailman/listinfo/ozmoss
