SharePoint, Active Directiry Groups and Caching
Hello. I support a portal running on SharePoint. For some of our SharePoint sites that have larger memberships, we manage the membership through AD groups. In some cases, clients seem to encountering a caching issue. As user will be added to the AD group, but SharePoint will continue to give that user an Access Denied message to the site. Other users who are in the AD group can access the site without issue. In some cases, creating a new AD group, copying the membership of the original group over, and adding that new group to the site permissions resolves the issue, but not always. Typically, adding the involved user directly to the site permissions resolves the issue for that user. Can anyone tell me where SharePoint is caching this information and/or what I can do to clear it out? Thanks!
October 6th, 2010 8:51pm

It is a good practice to ask the user logoff and logon again when a user is added to an active directory group. During the logon process the group membership is used to built the security token. Serge Serge
Free Windows Admin Tool Kit Click here and download it now
October 6th, 2010 9:52pm

Hi Mike_G_Fox, Thank you for share your problem. Do you mean that after you add some users to the AD group, SharePoint will not give these users an Access to the site immediately, but after a period of time, these users will get the permission normally? If it is so, I suggest you to let the users logoff and logon again. Because after you gave some permissions to the users, as the users did not logoff, the server may not refresh the users’ state and remain the users’ permission before. Hope these could help you. Regards.
October 12th, 2010 5:45am

I was wondering if anyone found an answer to this issue as I have encountered the same problems. We have AD Groups setup, we add these AD Groups to SharePoint Groups. If we then go and add a new user to the AD Group, they get access denied to the site. I have had my users logoff, reboot etc... to no prevail. Sometimes an IISRESET on both our SharePoint WFE and Application Server will solve the problem immediately, however that is not a valid solution. Thanks KenKenneth Clebak
Free Windows Admin Tool Kit Click here and download it now
May 4th, 2011 11:25am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics