Synology SA3400 Synology Directory Server Administrator s Guide for DSM 7.1 - Page 27
Add a Group, Group Name, Description
View all Synology SA3400 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 27 highlights
Chapter 4: Manage Domain Objects Group Name Description Allow RODC Password Replication Group Members of this group can replicate their passwords to all RODCs in the domain. Cert Publishers Members of this group are given privileges to certificate publishing. Denied RODC Password Members of this group cannot replicate their passwords to any Replication Group RODCs in the domain. DnsAdmins Members of this group can access DNS in the domain. DnsUpdateProxy Members of this group are DNS clients who are permitted to perform dynamic updates on behalf of some other clients (such as DHCP servers). Domain Admins Members of this group have administrative privileges to control all objects and settings in the domain. Domain Computers All workstations and servers are included in this group by default. Domain Controllers All DCs are included in this group by default. Domain Guests All domain guests are included in this group by default. Domain Users All domain users are included in this group by default. Enterprise Admins Members of this group have administrative privileges to control all objects and settings in the entire enterprise's domain structure. Enterprise Read-Only Domain Controllers All RODCs in the entire enterprise's domain structure are included in this group by default. Group Policy Creator Owners Members of this group can modify group policies for the domain. RAS and IAS Servers Members of this group are allowed to use remote access services. Read-Only Domain Controllers All RODCs are included in this group by default. Schema Admins Members of this group can make changes to the domain schema. Note: • Synology Directory Server aligns with the functional level of Windows Server 2008 R2. Refer to this article for more information on the built-in domain groups. Add a Group 1. On a RWDC, go to the Users & Computers page and click Add > Group. 2. Enter the group information and click Next: • Group Scope • Domain local: Domain local groups are used for assigning permissions to resources in their home domain. This group type can nest other domain local groups in the same 24