How do I create a new group in Active Directory?

~ 0 min
2021-08-26 03:14
PDF version

Overview

The purpose of this article is to explain how to create a new user group within Active Directory.

Procedure

The following screenshots were taken using Windows Server 2019 (v1809).
If using a different version of Windows Server these images may contain minor variances.
  1. Launch Active Directory Users and Computers.
    "Active Directory Users and Computers" can be found on the Start Menu under the "Windows Administrative Tools" folder.
  2. Locate the Organizational Unit (folder) that will contain the group.
    1. Ensure the domain is expanded.
    2. For small environments this will usually be the "Users" OU.
  3. Click the Action menu.  (Alternatively, right-click the OU from step 2)
    1. Move the mouse cursor down to New, another context menu will appear.
    2. Click Group.
      The "New Object - Group" dialgoue will appear.
      Active Directory Users and Computers - New Group dialog
  4. Enter a group name.
    Group names are limited to 64 characters.
  5. Select a Group scope.
    See Active Directory Security Groups for a detailed explanation of each scope.
    1. Domain local
      Can grant permissions within the same domain.
    2. Global*
      Can grant permissions on any domain in the same forest, or trusting domains or forests.
    3. Universal
      Can grant permissions on any domain in the same forest or trusting forests.
  6. Select a Group type, Active Directory has two types of groups:
    1. Security*
      Used to grant permissions to shared resources 
    2. Distribution
      Used to create email distribution lists

References

Average rating 0 (0 Votes)

You cannot comment on this entry

Tags

Active Directory User Management Windows Server