I am about to create new AD domain and install various application server like Advanced CRM, Share point,Biz talk server, SQL server
In rule server.

Previously I had worked with one or two application server in one AD domain.

I want to create universal security group on each server and assign necessary rights to enterprise admins, domain admins, power users, authenticated users.

I was thinking of creating this built in group enterprise admins, domain admins, power users, authenticated users. in ADUC on DC.

but should I create universal security on each server and under universal security group  for example--should I create server management group and then assign security permissions.
Who is Participating?
Manikandan NarayanswamySecurity Specialist & IBM Security GuardiumCommented:

The easiest way could be create a Universal security group in active directory along with server management group . Add all the servers in the server management group. Then add this group to the universal security group which you created. Then define the members who would have rights to access these servers.

Am I to assume the new domain is a child domain or another tree within the same forest?  Or is this to be a new domain in a new forest?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.