Solved

Managing security groups Windows server

Posted on 2014-12-02
4
210 Views
Last Modified: 2014-12-09
hi guys

We've currently got some issues managing our internal security groups in AD.

For example, we have a department called Buying. This buying department has two security groups set up: one for login scripts and one used for folder permissions.

I'm wondering whether we should just create one security group per department instead of separating? As it creates more headaches when managing it?

Also, how do you design your security groups? Is there a methodology you apply for example prior to creating a group?

Thanks
Yashy
0
Comment
Question by:Yashy
4 Comments
 
LVL 5

Assisted Solution

by:A Karelin
A Karelin earned 150 total points
ID: 40475816
0
 
LVL 10

Assisted Solution

by:Walter Padrón
Walter Padrón earned 150 total points
ID: 40476634
I used to create groups reflecting the AD structure but as you said that was a nightmare, then i change to role-based groups.

For instance,  if i need to set permissions on a file share i don't create a group for every dept instead i create one group, set the permissions using this group and add as members the users that need access to file share.

You can nest groups but to keep things simple i only break a group if a will DELEGATE ownership of that group to some one else. In that case i maintain all users in the primary group, create a new one and add back new group to the primary group.

Best regards
0
 
LVL 17

Accepted Solution

by:
lruiz52 earned 200 total points
ID: 40478010
Role based management is the way to go in my opinion.

Check out this technet video from Dan Holme at the link below, I used the info in it to rework my environment and is what I try to stick with when I set up new AD environments

http://technet.microsoft.com/en-us/video/tdbe11-role-based-management-extreme-makeover-for-active-directory.aspx

Let us know what you think.
0
 
LVL 1

Author Comment

by:Yashy
ID: 40488782
Guys, everything here was superb.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question