When you create an Active Directory infrastructure, you have the option of creating user groups with a specific scope and type.
Groups allow you to :
To create a new group on your Active Directory infrastructure, right click "New" on the organizational unit (OU) or container (CN) where you want to create it.
As you can see, you can choose a group scope and a group type.
For group scopes, you can choose between :
For the group's type, you have the choice between :
To show you the difference between a security group and a distribution group, we will create 2 groups :
To learn more about the types and scopes of groups, refer to the Microsoft site : About Active Directory groups
The 2 new groups appear.
As mentioned earlier, distribution groups are used for sending mail (through Microsoft Exchange, for example).
Warning : distribution groups don't have a security identifier (SID) and therefore can't be used to assign NTFS rights on folders, ...
Security groups have the same features as distribution groups, but they also have a SID. This is not the case for distribution groups.
Thanks to security groups, you can, for example, manage NTFS rights on folders.
To do this, right click on a folder and go to the "Security" tab.
Then, click on Edit.
Click on the "Add" button.
If you search for the groups available in your Active Directory domain, you will see that only the security group will be displayed.
This proves that distribution groups can't be used to manage NTFS rights on folders.
Windows Server 4/30/2021
Windows Server 8/20/2021
Windows Server 6/18/2021
Windows Server 9/11/2021
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2020 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.