Understanding Group Scope
There are four primary scopes of groups in AD DS. Each scope is used for different purposes, but they simply serve to ease administration and provide a way to view or perform functions on large groups of users at a time. The group scopes are as follows:
• Machine local groups
• Domain local groups
• Global groups
• Universal groups
Group scope can become one of the most confusing aspects of AD DS. However, if certain design criteria are applied to group membership and creation, the concept becomes more palatable.
Machine Local Groups
Machine local groups are essentially groups that are built in to the operating system and can be applied only to objects local to the machine in which they exist. In other words, they are ...
Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
