MCITP 70-640: Domain Groups

This video looks at the groups created in Active Directory that are available to all computers in your domain. Enterprise Admins 00:46 Schema Admins 01:33 Domain Admins 02:12 Domain Users 02:58 Domain Guests 03:32 Domain Computers 04:40 Domain Controllers 05:09 Read-only Domain Controllers 05:35 Enterprise Read-Only Domain Controllers 06:13 Allowed RODC Password Replication Group 06:48 Denied RODC Password Replication Group 07:43 DNSAdmins 08:22 DNSUpdateProxy 08:54 DHCP Administrators 09:24 DHCP Users 10:29 Group Policy Creator Owners 10:51 Cert Publishers 11:10 RAS and IAS Servers 11:30 Enterprise Admins This group is the most powerful group in Active Directory. It is automatically made a member of the Domain Administrators group for all domains in the forest thus giving members of this group administrators rights on all domains in the forest. This group also has additional rights forest wide like changing forest wide information and addingremoving domains from the forest. Schema Admins This is the only group that can make changes to the schema. The schema defines the active directory database. This group only exists in the root domain of the forest. Domain Admins The domain admins group has administrators rights to all users and computers in the domain including domain controllers. When a computer is added to the domain, this group is added to the local administrators group on that computer. Domain Users Members of this group can login in to workstations, run <b>…<b>