Group are collection of users with some common attributes for easy management. Before creating groups in Active Directory i will recommend you to understand basic concept about group types and strategy.
Group Types:
1- Distribution
These groups are basically used by email application such as exchange server.
Distribution group does not have SID (Security Identification id).
They can not be used for security purpose.
2- Security
These types of group have a unique SID (Security Identification id).
They are used for security purpose.
Group Scope
Group Scopes are divided on the base of
Replication : Where it can be replicate.
Membership : What type object it can add.
Availability : Where it can be used.
There are following group scopes are available.
A= Local Group
Members: Users ,computers, local groups, global groups, and universal group from any domain in the forest.
Replication: Membership can not replicate with other system.
Availability: Only computer wide scope, local group can not be member of any other group.
B= Domain local:
Members: Users, computers, global gropus, and universal group
Replication: Membership are replicated in every domain controller in the domain.
Availability: Available for only same domain.
C= Global group:
Membership: Limited membership only users, computers, and other global group can member of Global group.
Replication: All domain controllers in the domain.
Availability: Any domain in the forest, and trusting domain.
D= Universal group:
Membership: Users, computers, global groups, universal groups.
Replication: Replicated via Global catalog.
Availability: Available in everywhere in the forest.
No comments:
Post a Comment