Each group that is created in Active Directory has a Security identifier or SID associated with it. This is called as Security Group. We can assign permission to this group only. Distribution group doesn't contain any SID or security identifier, so it can't e used to provide any permission. It can be use only in mail distribution list.
Security group can use as a Distribution group where the Distribution group can't be use as Security group.
Nesting :
When you place one group inside another group , it is called nesting. Nesting also allows two or more groups to be placed in the same group.
Role Based Access Control:
Role based access control is a strategy of group management generally used in large enterprises. This approach is generally used in companies with more than 500 employees. The approach involves not adding the user or users directly to the resource. In order to grant access, another group is created and assigned permissions to the resource. For example, if you had a share called general you would create two groups called general_share_modify and general_share_read. These would be assigned to the general share and given the required access.
Role-based access control“ http://en.wikipedia.org/wiki/Role-based_access_control
Security group can use as a Distribution group where the Distribution group can't be use as Security group.
Nesting :
When you place one group inside another group , it is called nesting. Nesting also allows two or more groups to be placed in the same group.
Role Based Access Control:
Role based access control is a strategy of group management generally used in large enterprises. This approach is generally used in companies with more than 500 employees. The approach involves not adding the user or users directly to the resource. In order to grant access, another group is created and assigned permissions to the resource. For example, if you had a share called general you would create two groups called general_share_modify and general_share_read. These would be assigned to the general share and given the required access.
Role-based access control“ http://en.wikipedia.org/wiki/Role-based_access_control
No comments:
Post a Comment