ACTIVE DIRECTORY SERVER

There is a new AD server created having new servers like CRM, BIZTALK , INRULE servers being added

I am attaching sheet ,

the sheet gives some information as to how groups are to be created. They need my advise

as per sheet, as to how groups are created  I have come to some conclusion believe one will be creating will be universal security Group –Universal or Global? I believe Forest functional level to be windows server 2003 and above.

I believe there will be one AD with one global catalog.

I believe below will be added on the AD server.

Domain Users-Universal security group –Global- domain users where u will be adding below users.
Domain Computers-Universal Security group-Global- where u will be adding domain computers.

DOS-DMV-BIZ-ApplicationUsers-UAT
DOS-DMV-BIZ-IsolatedHostUser-UAT
DOS-DMV-BIZ-Administrators-UAT
DOS-DMV-BIZ-ServerOperators-UAT
DOS-DMV-BIZ-SSOAdministrators-UAT
DOS-DMV-BIZ-SSOAffiliateAdministrators-UAT
DOS-DMV-BIZ-BAMPortalUsers-UAT

am I correct, also SAFETY\svcDMVCRMinstUAT
SAFETY\svcDMVCRMsvcsUAT
SAFETY\svcDMVCRMdbUAT
SAFETY\svcDMVCRMsndbxUAT
SAFETY\svcDMVCRMmdlwrUAT

SAFETY\SVCDMVBIZINSUAT
SAFETY\SVCDMVBIZINHUAT
SAFETY\SVCDMVBIZISHUAT

where above accounts are created on AD server or individual CRM and biz talk server

just needed expert advise.
Copy-of-Groups--Permissions.xlsx
pramod1Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
Accounts are created on the Active Directory Server.

Will.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pramod1Author Commented:
I believe these will be domain users:DOS-DMV-BIZ-ApplicationUsers-UAT
 DOS-DMV-BIZ-IsolatedHostUser-UAT
 DOS-DMV-BIZ-Administrators-

what kind of accounts will be this, can u go through excel sheet
UATSAFETY\svcDMVCRMsvcsUAT
 SAFETY\svcDMVCRMdbUAT
 SAFETY\svcDMVCRMsndbxUAT
 SAFETY\svcDMVCRMmdlwrUAT
Will SzymkowskiSenior Solution ArchitectCommented:
Global Groups = Only Individual Users can be added to this type of Group

Universal Groups = Groups and Users can be added to this Group Type

Will.
pramod1Author Commented:
why not domain local group for managing each server individually?
Will SzymkowskiSenior Solution ArchitectCommented:
Are you dealing with multiple different domains? If not when do not use Domain Local Groups.

Group Types Explained
https://technet.microsoft.com/en-ca/library/cc755692%28v=ws.10%29.aspx

Will.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.