Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 3 Creating Groups and Organizational Units.

Published byLindsay Watts Modified over 9 years ago

Similar presentations

Presentation on theme: "Module 3 Creating Groups and Organizational Units."— Presentation transcript:

1 Module 3 Creating Groups and Organizational Units

2 Module Overview Introduction to Groups Managing Groups Creating Organizational Units

3 What Are Groups? There are two types of groups: Distribution groups Cannot be used to assign permissions Used for e-mail distribution lists Security groups Can be used to assign permissions and rights Can also be e-mail-enabled with Exchange Server Groups are a logical collection of similar objects: Users Computers Other Groups Groups are a logical collection of similar objects: Users Computers Other Groups

4 AD DS Domain Functional Levels Domain Functional Level Available in Windows Server 2008 Supported Domain Controller Operating System Windows ® 2000 Native Windows 2000 Windows Server 2003 Windows Server 2008 Windows Server ® 2003 Windows Server 2003 Windows Server 2008 Domain Functional Levels that are available in Windows Server 2003: Windows 2000 Mixed Windows 2000 Native Windows Server 2003 Interim Windows Server 2003

5 What Are Global Groups? Members: User and Computer accounts from the same domain as the global group Global groups from the same domain as the global group Members: User and Computer accounts from the same domain as the global group Global groups from the same domain as the global group Permissions:  Global groups can be assigned permissions in any domain in the forest or any trusting domain Permissions:  Global groups can be assigned permissions in any domain in the forest or any trusting domain Usage: Manage directory objects that require daily maintenance, such as user and computer accounts Group users who have similar network access requirements Usage: Manage directory objects that require daily maintenance, such as user and computer accounts Group users who have similar network access requirements Can be converted to: Universal (if it is not a member of any other global groups) Can be converted to: Universal (if it is not a member of any other global groups)

6 What Are Universal Groups? Members: Global groups from any domain in the forest User and Computer accounts from any domain in the forest Universal groups from any domain in the forest Members: Global groups from any domain in the forest User and Computer accounts from any domain in the forest Universal groups from any domain in the forest Permissions:  Can be assigned permissions in any domain in the forest or any trusting domain Permissions:  Can be assigned permissions in any domain in the forest or any trusting domain Usage: Use to combine groups that span domains Usage: Use to combine groups that span domains Can be converted to: Domain local Global (if no other universal groups exist as members) Can be converted to: Domain local Global (if no other universal groups exist as members)

7 What Are Domain Local Groups? Members: Accounts from any domain in the forest or any trusted domain Global groups from any domain in the forest or any trusted domain Universal groups from any domain in the forest or any trusted domain Domain local groups, but only from the same domain as the domain local group Members: Accounts from any domain in the forest or any trusted domain Global groups from any domain in the forest or any trusted domain Universal groups from any domain in the forest or any trusted domain Domain local groups, but only from the same domain as the domain local group Permissions:  Member permissions can be assigned only within the same domain as the domain local group Permissions:  Member permissions can be assigned only within the same domain as the domain local group Can be converted to: Universal (if no other domain local groups exist as members) Can be converted to: Universal (if no other domain local groups exist as members) Usage: Use to define and manage access to resources in a single domain Usage: Use to define and manage access to resources in a single domain

8 What Are Local Groups? Members: Local users Domain users Domain groups Members: Local users Domain users Domain groups Permissions:  Local groups can be assigned permissions on the local computer only Permissions:  Local groups can be assigned permissions on the local computer only Local groups cannot be created on domain controllers

9 What Is Group Nesting? Benefits of using a nesting strategy in managing AD DS groups: Groups that are members of other groups reduce replication Nested groups provide for simplified management Nesting allows for groups to be members of other groups

10 Considerations for Naming Groups Use concise naming Avoid long complicated names Use common names Use departmental names Sales Marketing Executives Use geographic names Group users to locations:  Countries  States  Cities Use project specific names If virtual teams are created for a project, use the project name as a descriptor Names should be specific enough to accurately describe their purpose, but not so specific that there is a group for every subfunction

11 What Is an Organizational Unit (OU)? OUs are used to: Create administrative boundaries within the domain by delegating authority Create containers within the domain model to represent logical structures An organizational unit (OU): Is a directory object within the domain Is the smallest scope or unit to which you can assign Group Policy settings or delegate administrative authority Can contain users, computers, groups, printers, and other OUs An organizational unit (OU): Is a directory object within the domain Is the smallest scope or unit to which you can assign Group Policy settings or delegate administrative authority Can contain users, computers, groups, printers, and other OUs Enforce Group Policy

12 What Is an OU Hierarchy? OUs can be put inside other OUs to create a hierarchical design WoodgroveBank.com Builtin Business Units Business Management Delegation Product Development Accounts Delegation Resources Security Groups

13 OU Hierarchy Examples ExampleBenefit Geographic OUs Can be administered at the location level Departmental OUs Delegation by job function Resource OUs Designed to manage resource (nonuser) objects By management Build OUs around the administration of the business

Download ppt "Module 3 Creating Groups and Organizational Units."

Similar presentations

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.
Windows Server 2003 使用者群組管理 林寶森

Windows Server 2003 使用者群組管理 林寶森
MOAC : Installing and Configuring Windows Server 2012

MOAC : Installing and Configuring Windows Server 2012
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Introduction to Active Directory

Introduction to Active Directory
11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.

11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Administering Active Directory

Administering Active Directory
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
Chapter 4 Introduction to Active Directory and Account Management

Chapter 4 Introduction to Active Directory and Account Management
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Understanding Active Directory

Understanding Active Directory
© Wiley Inc. 2006. All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.

© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
Hands-On Microsoft Windows Server 2008

Hands-On Microsoft Windows Server 2008
Chapter 7 WORKING WITH GROUPS.

Chapter 7 WORKING WITH GROUPS.

Similar presentations

Ads by Google