I am about to create new AD domain and install various application server like Advanced CRM, Share point,Biz talk server, SQL server
In rule server.
Previously I had worked with one or two application server in one AD domain.
I want to create universal security group on each server and assign necessary rights to enterprise admins, domain admins, power users, authenticated users.
I was thinking of creating this built in group enterprise admins, domain admins, power users, authenticated users. in ADUC on DC.
but should I create universal security on each server and under universal security group for example--should I create server management group and then assign security permissions.