Work Group Scenarios
Work Group Scenarios
Andre Cosens
IT 240
December 20, 2014
Derek Sorrells
Work Group Scenarios
As all three domains already exist on the network, I can start with setting up application permissions for the user accounts that will populate the domains. First I would have to set up user account access to the individual domains. I can use the Active Directory Users and Computers application to assign user accounts to the specific domains. After the user accounts are assigned to their respective domains, I will set up the domain access.
To set up the domain access I will utilize the Security Identifiers and Discretionary access control lists. While I could set users in the Alpha domain to have global access; everyone in the Alpha domain would have the ability to do so. This would be counterproductive to the requirements set forth. By utilizing the Discretionary Access Control List, we can set users to have specific access to resources and files across the network. After the user names and passwords are set and assigned to the respective domains, we can use the Active Directory Users and Computers application to grant specific members of the Alpha domain with access to the Omega domain. We can also ensure that specific members of the Alpha domain only have access to resources on the Alpha domain. I can also set the users in the Omega domain with access to strictly the Omega domain.
This set up will definitely accomplish the required result. By setting individual access per specific members of the Alpha domain, you can ensure that no one else has access to the Omega domain. A blanket group access for Alpha domain, would allow multiple users outside of the desired group within the Alpha Domain, to have access to the resources within the Omega domain. This also allows us to restrict the access of users in the Omega domain to just their local domain.
Andre Cosens
IT 240
December 20, 2014
Derek Sorrells
Work Group Scenarios
As all three domains already exist on the network, I can start with setting up application permissions for the user accounts that will populate the domains. First I would have to set up user account access to the individual domains. I can use the Active Directory Users and Computers application to assign user accounts to the specific domains. After the user accounts are assigned to their respective domains, I will set up the domain access.
To set up the domain access I will utilize the Security Identifiers and Discretionary access control lists. While I could set users in the Alpha domain to have global access; everyone in the Alpha domain would have the ability to do so. This would be counterproductive to the requirements set forth. By utilizing the Discretionary Access Control List, we can set users to have specific access to resources and files across the network. After the user names and passwords are set and assigned to the respective domains, we can use the Active Directory Users and Computers application to grant specific members of the Alpha domain with access to the Omega domain. We can also ensure that specific members of the Alpha domain only have access to resources on the Alpha domain. I can also set the users in the Omega domain with access to strictly the Omega domain.
This set up will definitely accomplish the required result. By setting individual access per specific members of the Alpha domain, you can ensure that no one else has access to the Omega domain. A blanket group access for Alpha domain, would allow multiple users outside of the desired group within the Alpha Domain, to have access to the resources within the Omega domain. This also allows us to restrict the access of users in the Omega domain to just their local domain.