ServersLearn AD in 15 Minutes a Week: Active Directory Groups

Learn AD in 15 Minutes a Week: Active Directory Groups

ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.




by Jason Zandri
www.2000trainers.com

Welcome to the 16th installment of Learn Active Directory Design and Administration in 15 Minutes a Week, a weekly series aimed at current IT professionals preparing to write the new Windows Active Directory Design and Administration exams (70-219 and 70-217 respectively), as well as newcomers to the field who are trying to get a solid grasp on this new and emerging directory service from Microsoft. This installment begins the more detailed discussion of the Windows 2000 Active Directory Single Masters of Operation, and this particular article begins a more detailed discussion of the Windows 2000 Active Directory Groups.

Active Directory Groups
Jason Zandri’s latest article in the ‘Learn Active Directory Design and Administration in 15 Minutes a Week’ series begins a more detailed discussion of the Windows 2000 Active Directory Groups.

There are two main groups in Active Directory: Distribution Groups and Security Groups.

  • Distribution Groups
    are used to gather a specific set of users for non-security-related
    functions. Sending e-mail messages to a distribution group
    is the primary example of this. You cannot use distribution
    groups to assign rights and permissions. That is the
    function of a
    Security
    Group.
  • Security Groups
    are used to gather a specific set of users for the specific
    reason of assigning access rights and permissions via the
    group rather than individually to each user object.

Active
Directory uses a subset of both of these groups, as outlined
below.

  • Security Domain local groups
    are where permissions are set to grant user access to network
    resources, such as files, folders, or printers in a single
    domain.
  • Distribution Domain local
    groups

    allow the non-security-related function (e.g., e-mail)
    for group members of the single domain.

Page 2: Active Directory Groups Continued

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends & analysis

Latest Posts

Related Stories