pramod1
asked on
ACTIVE DIRECTORY SERVER
There is a new AD server created having new servers like CRM, BIZTALK , INRULE servers being added
I am attaching sheet ,
the sheet gives some information as to how groups are to be created. They need my advise
as per sheet, as to how groups are created I have come to some conclusion believe one will be creating will be universal security Group –Universal or Global? I believe Forest functional level to be windows server 2003 and above.
I believe there will be one AD with one global catalog.
I believe below will be added on the AD server.
Domain Users-Universal security group –Global- domain users where u will be adding below users.
Domain Computers-Universal Security group-Global- where u will be adding domain computers.
DOS-DMV-BIZ-ApplicationUse rs-UAT
DOS-DMV-BIZ-IsolatedHostUs er-UAT
DOS-DMV-BIZ-Administrators -UAT
DOS-DMV-BIZ-ServerOperator s-UAT
DOS-DMV-BIZ-SSOAdministrat ors-UAT
DOS-DMV-BIZ-SSOAffiliateAd ministrato rs-UAT
DOS-DMV-BIZ-BAMPortalUsers -UAT
am I correct, also SAFETY\svcDMVCRMinstUAT
SAFETY\svcDMVCRMsvcsUAT
SAFETY\svcDMVCRMdbUAT
SAFETY\svcDMVCRMsndbxUAT
SAFETY\svcDMVCRMmdlwrUAT
SAFETY\SVCDMVBIZINSUAT
SAFETY\SVCDMVBIZINHUAT
SAFETY\SVCDMVBIZISHUAT
where above accounts are created on AD server or individual CRM and biz talk server
just needed expert advise.
Copy-of-Groups--Permissions.xlsx
I am attaching sheet ,
the sheet gives some information as to how groups are to be created. They need my advise
as per sheet, as to how groups are created I have come to some conclusion believe one will be creating will be universal security Group –Universal or Global? I believe Forest functional level to be windows server 2003 and above.
I believe there will be one AD with one global catalog.
I believe below will be added on the AD server.
Domain Users-Universal security group –Global- domain users where u will be adding below users.
Domain Computers-Universal Security group-Global- where u will be adding domain computers.
DOS-DMV-BIZ-ApplicationUse
DOS-DMV-BIZ-IsolatedHostUs
DOS-DMV-BIZ-Administrators
DOS-DMV-BIZ-ServerOperator
DOS-DMV-BIZ-SSOAdministrat
DOS-DMV-BIZ-SSOAffiliateAd
DOS-DMV-BIZ-BAMPortalUsers
am I correct, also SAFETY\svcDMVCRMinstUAT
SAFETY\svcDMVCRMsvcsUAT
SAFETY\svcDMVCRMdbUAT
SAFETY\svcDMVCRMsndbxUAT
SAFETY\svcDMVCRMmdlwrUAT
SAFETY\SVCDMVBIZINSUAT
SAFETY\SVCDMVBIZINHUAT
SAFETY\SVCDMVBIZISHUAT
where above accounts are created on AD server or individual CRM and biz talk server
just needed expert advise.
Copy-of-Groups--Permissions.xlsx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Global Groups = Only Individual Users can be added to this type of Group
Universal Groups = Groups and Users can be added to this Group Type
Will.
Universal Groups = Groups and Users can be added to this Group Type
Will.
ASKER
why not domain local group for managing each server individually?
Are you dealing with multiple different domains? If not when do not use Domain Local Groups.
Group Types Explained
https://technet.microsoft.com/en-ca/library/cc755692%28v=ws.10%29.aspx
Will.
Group Types Explained
https://technet.microsoft.com/en-ca/library/cc755692%28v=ws.10%29.aspx
Will.
ASKER
DOS-DMV-BIZ-IsolatedHostUs
DOS-DMV-BIZ-Administrators
what kind of accounts will be this, can u go through excel sheet
UATSAFETY\svcDMVCRMsvcsUAT
SAFETY\svcDMVCRMdbUAT
SAFETY\svcDMVCRMsndbxUAT
SAFETY\svcDMVCRMmdlwrUAT