测试步骤：     
      1.将域账户 A 加入到全局组 B；
      2.在域控制器本机上新建共享文件夹 C，将全局组 B 设置为对共享文件夹 C 具有访问权限 ;
      3.使用域账户A登录电脑访问共享文件夹C,无法访问；
      4.将域账户A直接加入到共享文件夹C的权限列表里，域账户A可以访问共享文件夹C；
      5.在客户机登录域账户A，在命令行输入 whoami /groups  ,域账户A不属于安全组B;          6.将域服务器重启后，在客户端机登录域账户A可以访问共享文件夹C；

请论坛里的各位高手大神们指点，这个问题是什么原因导致的，该怎么解决。

 

本帖最后由 342779360 于 2018-7-12 17:09 编辑
分享至：

    
SWS13  

新新人类 Rank: 1

帖子
    18
精华
    0
无忧币
    69

 

    

发表于 2018-7-12 17:10 | 来自  51CTO网页

[只看他] 沙发

权限可以对组，也可以对域任何用户呀，为啥非要属于安全组B呢

 

    
342779360  

新新人类 Rank: 1

帖子
    10
精华
    0
无忧币
    33

 

    

发表于 2018-7-12 17:14 | 来自  51CTO网页

[只看他] 板凳

引用:

    原帖由 wx5b238bf319a68 于 2018-7-12 17:10 发表
    权限可以对组，也可以对域任何用户呀，为啥非要属于安全组B呢

为了方便后期对共享文件夹的维护，设置组对共享文件夹的权限，当用户账户变更的时候，只需要去修改组成员就可以了，不需要去修改文件夹的权限列表。

 

    
ferrari_zhang  

技术员 Rank: 2

帖子
    36
精华
    0
无忧币
    184

 

    

发表于 2018-7-14 18:42 | 来自  51CTO网页

[只看他] 地板

组的确是不立即生效的，用户立即生效。用户加到组里后需要注销重新登录才行。03 08 12都是这样

 

本帖最后由 ferrari_zhang 于 2018-7-15 08:41 编辑

    
jihua2016  

禁止发言

帖子
    94
精华
    0
无忧币
    131

 

    

发表于 2018-7-14 19:54 | 来自  51CTO学院APP

[只看他] 5#    

提示: 作者被禁止或删除 内容自动屏蔽

    
盛下的果实  

中级工程师 Rank: 6Rank: 6

帖子
    605
精华
    0
无忧币
    1264

29_small.gif64_small.gif79_small.gif

 

    

发表于 2018-7-14 22:09 | 来自  51CTO网页

[只看他] 6#    

楼主这样做是对的，不要对共享文件夹单个用户的去添加，要先添加好安全组，后续有变动，直接在对应的安全组里进行增减用户就可以了。
我公司的文件服务器是Server 2012R2的，一般对共享文件夹直接添加用户账户的话，会立马生效，如果直接加入安全组的话，不会马上生效，用户只要注销下，重新登录，就生效了！

 

    
342779360  

新新人类 Rank: 1

帖子
    10
精华
    0
无忧币
    33

 

    

发表于 2018-7-16 18:59 | 来自  51CTO网页

[只看他] 7#    

引用:

    原帖由 ferrari_zhang 于 2018-7-14 18:42 发表
    组的确是不立即生效的，用户立即生效。用户加到组里后需要注销重新登录才行。03 08 12都是这样

已测试，如你所说已生效，谢谢。

 

    
342779360  

新新人类 Rank: 1

帖子
    10
精华
    0
无忧币
    33

 

    

发表于 2018-7-16 19:01 | 来自  51CTO网页

[只看他] 8#    

引用:

    原帖由 盛下的果实 于 2018-7-14 22:09 发表
    楼主这样做是对的，不要对共享文件夹单个用户的去添加，要先添加好安全组，后续有变动，直接在对应的安全组里进行增减用户就可以了。
    我公司的文件服务器是Server 2012R2的，一般对共享文件夹直接添加用户账户的话，会立马生效，如 ...

是的，对于人员变动很少的公司来说可以考虑直接把用户加入到权限列表，不过我这因为人员流动率大，用组的方式控制权限可以减少很多重复的工作量。
已测试过，用户注销后重新登录修改生效，谢谢。

 

    
342779360  

新新人类 Rank: 1

帖子
    10
精华
    0
无忧币
    33

 

    

发表于 2018-7-16 19:05 | 来自  51CTO网页

[只看他] 9#    

问题已解决，结贴。

 

    
盛下的果实  

中级工程师 Rank: 6Rank: 6

帖子
    605
精华
    0
无忧币
    1264

29_small.gif64_small.gif79_small.gif

 

    

发表于 2018-7-17 13:08 | 来自  51CTO网页

[只看他] 10#    

引用:

    原帖由 342779360 于 2018-7-16 19:01 发表

    是的，对于人员变动很少的公司来说可以考虑直接把用户加入到权限列表，不过我这因为人员流动率大，用组的方式控制权限可以减少很多重复的工作量。
    已测试过，用户注销后重新登录修改生效，谢谢。 ...

还有一点就是共享文件夹随着使用时间的增长，子目录会越来越多，容量会越来越大，会因为这两个因素，编辑NTFS权限时间会越来越久，如果是针对安全组去变更，就快很多，只是用户端需要重新登陆下。

 

    
xiezhend  

新新人类 Rank: 1

帖子
    4
精华
    0
无忧币
    36

29_small.gif68_small.gif

    

发表于 2020-8-20 09:35 | 来自  51CTO网页

[只看他] 11#    

引用:

    原帖由 342779360 于 2018-7-16 19:05 发表
    问题已解决，结贴。

谁说一定要注销才能生效呢，net session \\那电脑ip /del ,删除一下会话就会生效

问题 

回复

您好，

感谢您在我们论坛发帖。

如果我们想建立一个用户拥有管理员权限，我们只需要将用户（demo）加入到Administrators组即可。具体步骤如下：

1，以域管理员身上登陆到2012sever， 左击”开始”，导航到windows管理工具》Active directory用户和计算机。

 

2， 找到您想要更改权限的用户名，我这里是Meng, 右击添加组。

 

3， 在跳出的窗口中，点击”Advanced”按钮，选择“Administrators组“将用户”meng”添加到该组，点击“确定“按钮。

 

4， 导航到“Builtin”内的Administrator组，点击“成员”检查是否刚刚添加的用户”meng”是否添加成功。

 

希望我的回复对您有所帮助。如果有任何不明白的地方，请您随时让我知道。

Best regards

Julie

According to the latest Gartner report regarding x86 Server Virtualization Infrastructure, about 80% of server workloads are virtualized, and Hyper-V platform is among the leaders in the area of virtualization. Have you ever wondered why server virtualization became so popular? Today, I will share a few advantages because of which companies should really consider Hyper-V virtualization in order to not be in the 20% of non-virtualized (legacy) organizations.

Higher hardware utilization

The biggest issue of on-premises data centers, which have dedicated servers for each workflow, is very low hardware utilization. Companies simply can’t afford to run out of server capacity because their line-of-business (LOB) applications will work slowly or even stop, which is going to impact their revenues, so they oversize their hardware. Resource utilization of such servers is usually below 20% — they are not used at their full potential. So how can you benefit from higher utilization of your expensive servers? Yes, virtualization is the answer. Theoretically, on the physical server that hosts an application you can implement five of the same servers as VMs (five servers with 20% utilization). Each application can have its own isolated environment, or several, for multi-tier application. In practice, there are more aspects to consider, like redundancy or VM peaks. With Hyper-V, you can consolidate more workloads within one server and take full advantage of your hardware.

Better flexibility

One of the greatest benefits of Hyper-V is its flexibility. For example, if at the end of the month, my SQL server requires more resources to quickly generate reports, it’s just a matter of a few clicks to add (or remove) required resources, such as CPU, memory or storage. This type of operation is much more difficult, sometimes even impossible, to achieve in non-virtualized environments. And what’s more, this process can be automated!

 

 

Additionally, virtualization can give you the advantage of mobility. Since OS and applications inside a VM are not stuck to the host, they can be easily moved to another host within a cluster with no need to reinstall everything on a new machine. Also, you can move a VM to a new, faster server without application disruption, ensuring high Availability for your infrastructure and saving a lot of time.

 

Cost savings

Often, companies experience budget overruns due to resource utilization. With more hardware utilization under hypervisors, you don’t need as many dedicated physical servers for your LOB applications. So instead of buying dedicated hardware, you can invest in a few servers for Hyper-V and virtualize all workloads. This leads to less hardware purchases and, consequently, less required space for it, less power consumption and so on.

We are talking about virtualization, so let’s see what the additional cost is for it. Besides hardware, the cost of virtualization is usually the cost of the hypervisor or hypervisor license. There are many hypervisors, like Microsoft Hyper-V, VMware ESXi, Citrix XenServer and RedHat Enterprise Virtualization. However, if most of your infrastructure is based on Windows Server OS, then Hyper-V is probably the best option for you as it’s already part of the Windows Server license. To enable Hyper-V, you just need to select a checkbox in the Add/Remove features menu. Usually, the built-in features of Windows Server are enough, which makes cost benefits visible for either small or larger infrastructures.  Another advantage is the minimal cost of training —   Hyper-V is based on Windows, and management should be easy to understand and handle by Windows Server administrators. For large environments though, additional management could be required, which can be done by Microsoft System Center — and the cost will only be the price of the additional software.

 

Disaster recovery

Catastrophic failure can always occur, be it a hardware breakdown, a software issue or the human factor. That’s why it’s important to have a disaster recovery (DR) environment where you can easily fail over if you experience issues with your main site. As a secondary data center, you can use popular public clouds (i.e. Microsoft Azure) or another data center located in a different part of your city, another country or even around the world. Building such an environment is easy with Hyper-V — the VMs can be replicated to the DR site with Hyper-V Replica or third-party applications. When replication is active, production changes are transferred to the replica VM according to a schedule, so then you can fail over VMs to the second site once required. You can also verify if replicas are reliable by testing them with a few simple steps. Bottom line, with Hyper-V you can have a great replication solution for your VMs at an affordable price.

Disadvantages

Of course virtualization has some drawbacks too. A highly-loaded database on a dedicated database server is slightly faster than one on the VM, due to the hypervisor overlay. But the truth is that this occurs only in special usage conditions, and even though the database on the physical server will probably have better performance, the difference is so small as to be negligible.

Another drawback of virtualization is applications with specific requirements. For example, Microsoft Clusters, Oracle RAC — applications with guest clustering or applications which rely on hardware components that cannot be virtualized — wouldn’t make good candidates for virtualization.

So with many VMs on your server, what’s going to become a critical part of the infrastructure? Yes, the host. If the host fails, then all the VMs on that server will stop working. That’s why a healthy hypervisor implementation should also have high Availability (can be done by host clustering), backups and an efficient DR plan (can be done by Hyper-V Replica or in a more advanced way by Veeam Backup & Replication).

Virtualization technologies have become a part of our life. Surprisingly, not many people are familiar with them. In this article, I’m going to give a detailed explanation on what virtualization is. I will take a look at Microsoft Hyper-V technology and examine it by performing the initial steps of configuration: Installation and virtual machine deployment.

What is virtualization?

Virtualization is the creation of a virtual (rather than physical) version of an IT environment, including an operating system (OS), a storage device, etc. Virtualization takes place on the same hardware platform after installing specific software - hypervisor. The hypervisor is an additional layer between physical and virtual spheres; it manages the system’s hardware resources so they are distributed efficiently among virtual machines (VMs).

System resources are provided for VMs, and the hypervisor makes this distribution flexible — and even limited from time-to-time, depending on the current VM load and system policy. Guest software, which is used by end-users, runs on the VM as though it’s running directly on the physical hardware. Both the application and the end user may be unaware that they are working within a virtual sphere.

The history of virtualization

The term "virtualization" has been around since the 1960s. However, because there were no personal computers in those days, virtualization did not become a reality until the late 1990s.

Companies realized then that they could save money by moving from a physical to a virtual platform. Technologies, especially computer capacities, were growing as well. Very much unlike Moore's law (1000-times more, over the last 20 years), office tasks remained on pretty much the same level. That led to inefficient use of resources.

You or your company might be interested in virtualization because it can:

• Save you money by reducing the number of servers consuming energy, and by costing less to purchase and maintain;
• Make management, control and inspection of VMs much easier than with traditional servers;
• Give you a flexible environment for various tests—and more!

Sounds interesting, right? So, what is Hyper-V technology exactly? Let’s take a look at this Microsoft’s interpretation of virtualization.

What is Microsoft Hyper-V?

Microsoft could not ignore the virtualization trend. Microsoft introduced Hyper-V as a virtualization platform in 2008, and it continued to release new Hyper-V versions with new Windows server versions. So far, there are a total of four versions, including Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 and Windows Server 2008.

Update: Recommending to read an E-book "All You Need to Know About Microsoft Windows Server 2016 Virtualization" by Clint Wyckoff to stay tuned with the technology changes that will have great impact on Hyper-V.

Since Hyper-V’s debut, it has always been a Windows Server feature, which could be installed whenever a server administrator decided to do so. It’s also available as a separate product called Microsoft Hyper-V Server. Basically, Microsoft Hyper-V Server is a standalone and shortened version of Windows Server where Microsoft cut out everything irrelevant to virtualization, services and Graphical User Interface (GUI) to make the server as small as possible. Plus, without the bells and whistles, the server requires less maintenance time and it is less vulnerable, because, for example, fewer components mean less patching.

Hyper-V is a hybrid hypervisor, which is installed from OS (via Windows wizard of adding roles). However, during installation it redesigns the OS architecture and becomes just like a next layer on the physical hardware (refer to pic.1).

Pic. 1 Hyper-V architecture

How to install Hyper-V

It’s simple and the same as any typical program installation. First of all, check and see which Windows version you have. If it’s Windows Server OS and newer than 2008, you should activate the Hyper-V role through the Server Manager, and then perform the installation by following the wizard. For Windows 8/8.1, check Windows 8 versions comparison, to make sure your current OS license allows you to deploy Hyper-V.

Note: If you are running a Windows version older than 2008, you will need to upgrade to a newer version before you can proceed.

Once the installation is complete, the computer will reboot. After it has rebooted, you will notice additional services have been installed, including Hyper-V Manager.

Next, let’s go to the Control Panel, then to Administration and then to Hyper-V Manager to find out what you can do with this installation.

How does it work?

All Hyper-V management operations are available from Hyper-V Manager (pic.2).

Pic. 2 Hyper-V Manager

Since Hyper-V role is also integrated into the Server Manager tool, you can find some useful information there by viewing the events and services related to Hyper-V and see recommended configurations, tasks, best practices, and online resources.

With Hyper-V Manager, you can create, change and delete VMs; tune virtual networking and perform additional dependent operations. Let’s make one simple operation and create a test VM right now.

Right-click the server node in the main window, point to New, and select Virtual Machine (Pic.3). You will then see the new Virtual Machine starting.

Pic. 3 Hyper-V Manager. New VM creation.

You must then enter a name for the virtual machine, find a place to store it (the system disk is the default) and specify the amount of memory to allocate.

Next, you will select a network adapter for VM use, create a virtual hard disk (yes, every VM needs a disk) and then define how you are going to install an operating system to VM (physical CD/DVD-ROM or .ISO image on a hard disk). You should then click Finish and your VM will be created!

To check if the VM is working, right-click on the name of the virtual machine and then click Connect (Pic.4). Once the VM is initialized, the operating system installation should start automatically.

Pic. 4 Hyper-V Manager. Virtual Machine Connection.

Licensing in Hyper-V

Windows Server allows you to install one physical instance of an OS, plus some virtual machines depending on the OS version and edition.

From the other side, the standalone edition of Hyper-V does not need any operating system license, but you will need to buy licenses for any instances of Windows when you install them on VMs. For example, if you have Windows Server 2012 Datacenter, you can install an unlimited number of VMs right away. To find out more information, please refer to the article about Windows Server 2012 R2 licensing.

Backing up your data

Once you begin to create or migrate workloads to Hyper-V, you’ll want to make sure everything is backed up. Veeam provides fast, reliable and affordable backup, recovery and replication for virtualized environments running on Windows Server with Hyper-V.

Download a FREE trial of the #1 Hyper-V Backup

Conclusion

Virtualization and Hyper-V alone have brought to computing an entire revolution of new benefits, including hardware-resource savings, a need for less space, energy cost savings, and much more.