<div>
During the new Group creation process, all new groups are made &quot;member of' the that one Group. &nbsp;Where we can potentially get into some big trouble is when the members exposed to othe databases to all other users on the system. &nbsp;Is it possile to structure AD in some way so that Group-A can *never* be included under the other group's tab? &nbsp;I heard something can be done with AD Object permissions.
</div>


During the new Group creation process, all new groups are made "member of' the that one Group.  Where we can potentially get into some big trouble is when the members exposed to othe databases to all other users on the system.  Is it possile to structure AD in some way so that Group-A can *never* be included under the other group's tab?  I heard something can be done with AD Object permissions.

<div>
Still looking into this. &nbsp;Sorry for the delay. &nbsp;Would that be possible to change from Global to Local security group? &nbsp;That way they won't be able to add a local group into anywhere.
</div>


Still looking into this.  Sorry for the delay.  Would that be possible to change from Global to Local security group?  That way they won't be able to add a local group into anywhere.

<div>
<div class="content wysiwyg-content">
Anyone knows how to prevent a Security Group to be a part of other Groups through AD Object permissions? &nbsp;<br />
Or any other possible way?
</div>
</div>


Anyone knows how to prevent a Security Group to be a part of other Groups through AD Object permissions?  
Or any other possible way?

AD object permissions

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.

Windows Server 2008

IT Administration is the processes and best practices for programming and development, and incorporates methodologies for managing activities and projects. Common methodologies include waterfall, prototyping, iterative and incremental development, spiral development, rapid application development, extreme programming and various types of agile methodology. The life-cycle "model" is a more general term for a category of methodologies, and a software development "process" a more specific term to refer to a specific process chosen by a specific organization.