Local and Global Groups

I'm trying to understand the concepts behind Local and Global groups. If I have a single domain then is a Global group all I would have to set up if I want users to access a resource, or should the procedure be to create a local group also and put the Global in the Local?

I appreciate that if I had a multi domain environment, then creating a Local group and putting various Global groups from the different domains in the Local and applying permissions makes sense. But it's understanding what to create and why.

Peter
Peter_FabriAsked:
Who is Participating?
 
cagriConnect With a Mentor Commented:
The purpose of Global Groups is to groups users and groups from "different" domains and make them a member of a local group. Please note that the need for a Global Group it totally conceptual, otherwise you might individually give rights to the users however this reduces the managebility in large environments.

So idea is to have a Managers Global Group and make this one member of required local groups on whereever needed. When a new manager arrives, simply make him a member of the Global Group and do not bother about anything else.

In single domain environment, there are no benefit of using Global Groups other than following the best practice and keeping the environment scaleable incase a new domain might be added at a later time.

So it is not a must but my advice it to use them.

Hope this helps,
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.