Assigning users to Domain Users group
Question
When I assign a link to Domain Users, the users never get the link. If I assign the link directly to the user or another group, then things work.
Resolution
This is a feature/limitation of Microsoft Active Directory (MS AD). Domain Users is typically the Primary Group that every domain user gets added to. Because of the 5000 user limitation in Microsoft Groups, they don’t store the user's ID in the Domain Users group, and the user's ID in MS AD does not contain Domain Users in its list of group memberships. Instead, the user's ID contains the RID of the Domain Users group stored in the PrimaryGroupID attribute. Due to this behavior UW is unable to utilize a Primary Group for assignments.
This 5000 user limitation came from Windows 2000. Windows 2003, and higher, removes the limitation, but the Primary Group is still used in the same way.
Can't find the KB
Unable to find the KB to address your issue ?
Recent Articles
Lenovo Unified Workspace End-of-Life Questions and Answers
Will the shutdown of LUW servers and access to downloads affect my server licensing? No, the shutdown of the customer servers and access to the product and licensing downloads will not affect your server licensing. This license is downloaded and ...
How do I determine my Unified Workspace license expiration date?
The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...
Lenovo Unified Workspace 7.0.2.13 Released
Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...
LanSchool Documentation Guides
LanSchool Classic Teacher Console The LanSchool Teacher Console is the interface teachers will use to manage their classroom and students. It contains all the tools necessary for a teacher to effectively interact with students and create a ...
Lenovo Unified Workspace 7.0.1.41 Released
Highlights of Unified Workspace 7.0.1.41 Before you install: Please view the installation notes here. 7.0.1.41 requires a 7.0 license file. Below is a list of enhancements and fixes for Unified Workspace 7.0.1.41 Updated Log4j Updated Java Updated ...
Related Articles
Add large number of users to group - Form Too Large
The customer was trying to add a member to a group which has lots of users already. They got "script running slowly" messages, however, users were finally added. The customer then tried adding them in a few at a time, On the last bunch after clicking ...
Display domain policies on a machine
How can I find what policies are set on a machine based on logging into my companies domain ? Start, Run, rsop.msc This will load the snap in and allow you to see what policies are applied to the workstation. Other handy tools : gpedit.msc - Edit ...
Enable Multi-Domain Support
If you use Active Directory and have multiple domains using a Parent Child configuration model AND your Check DNS Configuration is clean and has no errors then you can safely check this option. If it is not enabled and you have parent child domain ...
Enable webNetwork to talk to AD Child domain
To allow webNetwork to talk to a child domain in Microsoft Active Directory you will want to first make sure your child domain is up and running and that you have run DNSLINT to verify your Active directory DNS names and server communication. Next ...
Disable Group Search for File Services
Issue: In the past Unified Workspace (formerly webNetwork) required having to manually add some search indexes to prevent slowness issues in various parts of webNetwork, most notably (webStorage) File Services. When a user authenticates to Unified ...