.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Building Groups in Active Directory versus Using SharePoint Groups

Posted By:      Posted Date: October 21, 2010    Points: 0   Category :SharePoint


Can someone point me to an article or blog that discusses the pros and cons of setting groups (owner, full control, contributor, read only) in the Active Directory verus just connecting MOSS 2007 to the AD and building the groups directly in MOSS?  MOSS 2007 only.  Is there any functionality that is lost by building the groups in AD and adding people there rather than building groups in MOSS and adding people there?


Thanks! Patti N.

View Complete Post

More Related Resource Links

Maintain users and groups list of Active Directory for an asp.net web application only

Hi, I have configured active directory in my server 2008. We have a web project using asp.net mvc named Audit planning and Execution Software(Apex2).What we want to do is to authenticate Active directory users for this project.I can get all active directory users, groups, users of a group etc.I want to add users in active directory for the Apex2 project only using asp.net.I also want to display only the users and groups of Active Directory registered with the Apex2 project only. And I also want to add active directory users from whole AD list to our project's AD list. Can you please tell me, how will I do this. Shall I create an Organizational Unit and maintain all users and groups there for our project? Or, is there any other way to do this?  please help me.Thank You

how to create groups for the active directory

hello guys,For my web application i have use the directory services to authenticate the users ,every thing works gr8 ,but now i would like to create groups for the active directory and add users to the groups ,is it possible,if yes please help me out .i am using visual studio 2010 web application C#.

Unable to see Active Directory Groups in the User Profile Database after Profile Import

SharePoint Server 2010 Enterprise RTM. W2K8R2 w/multi-server setup: AD/DNS SQL 2008 WFE APP Claims Mode Web App only using Windows Integrated Auth So, this was never a problem in 2007, and I didn't even realize it was a problem in 2010 until I started to build a solution that utilized my blog article: InfoPath - User Roles in Browser-Enabled Forms Using AD Groups.  I went to utilize the same web method of the same web service, but I noticed that no data was showing up at all.  Typically, the GetUserMembership/GetCommonMembership methods return the specified user's memberships: AD Security Groups, AD Distribution Lists, and SharePoint Sites (not SharePoint Groups, though). My user profile sync is working.  All AD users are pulled in with the proper profile data. "Users and Groups" is selected in the Synchronization Entities section of my Sync Settings. Security groups are working for permissions and audience targeting.  Confirmed my users are affected properly by the use of Security Groups. My query to the GetUserMemberships web method (and GetCommonMemberships) is running (not failing), but it's not returning anything even though my user is in some Security Groups and has explicit membership to multiple sites. The GetUserProfileByName method of the same UserProfileService.asmx web service returns all the regular profile data

working with Active Directory groups



I don't know much about active directory groups and programming with AD.  Now I am working on a project which will have 5 to 6 links to otherweb pages and I want to give access to these pages based on the logged in users.

So I am implementing a administration project to give access to these web pages and planned to keep all the application names in one table and all the users in another table. When ever a person or group needs access to a single project, I want to add them through another screen linking users to applications and store it in a table. When user tries opening the web page in the project then it needs to verify the logged in user in the table and display the project if it has a entry for the user with the application.

I am planning to implement some thing like below

Applications Table




Users Table





Link Application to User




When user logs in verify the above table to check if user with the application is available and display the web page required.


To do this I need to store all the employees details in the company from different AD groups into the users

SharePoint, Active Directiry Groups and Caching


Hello.  I support a portal running on SharePoint.  For some of our SharePoint sites that have larger memberships, we manage the membership through AD groups.  In some cases, clients seem to encountering a caching issue.  As user will be added to the AD group, but SharePoint will continue to give that user an Access Denied message to the site.  Other users who are in the AD group can access the site without issue.  In some cases, creating a new AD group, copying the membership of the original group over, and adding that new group to the site permissions resolves the issue, but not always.  Typically, adding the involved user directly to the site permissions resolves the issue for that user.  Can anyone tell me where SharePoint is caching this information and/or what I can do to clear it out?  Thanks!

Too many groups/using Active Directory group as a member?



Joined a new organization that just adopted sharepoint. to manage users, they've created three primary groups - SharePoint Owners, SharePoint  Members, and SharePoint Visitors. The SharePoint Visitors group contains only one member - an Active Directory group that contains all of the members of our department. The reson for this is so that when new employees join and old employees leave the Our Department Active Directory group, they automatically are added to the SharePoint group SharePoint Visitors and have access to SharePoint and the appropriate permissions.

People from another Active Directory group (internal customers) are selected individually and placed in their appropriate groups.

Our department is broken down into 27 teams or "Tasks." Each Task has Task Members, Managers and Customers (and SharePoint groups to reflect those). Thus, our department has 81 user groups under it. On the site, all of the user groups except the owners are given limited access, and can only read or contribute on a per Document Library or per Document basis.

In our Task Reports document library, the managers are given contribute status and the employees are given limited status. Employees are only given contribute access to the Task report for their specific task.

Here's a graphical map:

Building a Searchable Phone Directory with Windows SharePoint Services

I want to continue to build out the intranet site we've started in our previous articles. A standard item in every intranet is a staff/employee list. Most companies implementing Windows SharePoint Services (WSS) are large enough to have a database that contains all employees. We will use the aggregation features of SharePoint to include data from this database into our intranet.

Sharepoint delete groups


How do I delete groups from companyweb ?


Thank You

Changing an authentication of SharePoint site from SQL-FBA to Active Directory

Hi,      We are using MOSS 2007. I have customized a web application using Custom web part, features and ASPX pages. we have configured SQL-Form based Authentication for this site. I have also used FBA user management functionality from Codeplex. I have created some groups and my application (custom aspx page) is referencing these groups to send an email to specific person as per his role for certail events.        I have a requirement to migrate this set up on other server and change the authentication from SQL-FBA to Active Directory. So if I have to change the Authentication from SQL-FBA to AD then what are the steps I have to follow to make this happen?      I would appreciate any help on this. Thanks, Patav    

WebParts with audiences based on SharePoint groups containing AD Groups are not visible.

My client has two webparts on a page. Each of the webparts is audienced with a SharePoint group. Each SharePoint group contains one or more AD groups. The groups are not deep nested. I.e. SharePointGroup -----> ADGroup -----> list of user accounts.. When a user in any of these groups browses to the page, they cannot see the webpart. An AD user added to the SharePoint group sees the audiences webpart properly. http://support.microsoft.com/kb/948681 references this issue, however these servers are all recently built with Service Pack 2 slipstream install media, so this hotfix is not valid. They believe that the webparts were working fine previously, but then some ILM work was carried out in the AD over the weekend and it's possible that this has changed some fo the group memberships. Given that we're using SP Groups and AD Groups, Does the actual SSP Import bear any relevance to these memberships or does SharePoint use a (potentially cached) Group memberships object on the SPPrincipal? Paul.  Overweight SharePoint addict!

Is it possible to configure sharepoint to use active directory service configured in another server

I installed sharepoint in a computer which is not configured as a domain,I want it to use the active directory services in the domain which is another computer

Creating default SharePoint groups for upgraded sites



I am doing some testing in preparation for a DB attach upgrade from MOSS 2007 to SharePoint Server 2010, and I've run across a bunch of old sites that do not have the default Owners, Members, and Visitors groups. Without those groups (specifically, without Members) we won't be able to take full advantage of the My Sites Memberships page. 

I noticed, though, that when I "Enable Enterprise Features" for all current sites from within Central Administration, sometimes those groups get created on a site that didn't have them before. I've done this on a few different environments and it doesn't seem to always create those groups. Now, I didn't think I had to run Enable Enterprise Features because our 2007 environment was Enterprise, but then I realized some of the sites were created back in SharePoint 2003 and enterprise features might never have been run on the sites when it was upgraded to MOSS 2007. 

So the question: is running Enable Enterprise Features for current sites supposed to create the default groups if they don't exist (along with everything else it does)? Is that the recommended way to get groups made for all sites so site admins/owners can add people to that new Members group which allows the users to visit their My Site page to view all the sites they are members of?


Small site embedded login validating against Active Directory and redrecting to SharePoint site


I am only finding pieces of this information. 

Challenge: Have a standard page with a login box in the corner that is exposed on the web.  The login will validate an employee against AD and also redirect them to a site collection.

I have found information on claims based authentication and the AD Membership provider.  I have also found information on form based login pages.  Most of these examples though just modify the SharePoint form login.  I want to create just a small login box on a page that is already created.  The one thing that I can't seem to find any really solid information on is the redirect to a site collection.

Can anyone tie all of this together for me?  Am I using the correct terminology and heading down the right path.

Any help is greatly appreciated.

Unable to Trust Active Directory So that can Be included In sharePoint 2010


Hi ,

I wanna add another Active Directory to User Profiles in SharePoint 2010,Please guide me in Step by Step.

Thanks in advance

Unable to delete groups in SharePoint Foundation 2010

I have a test group I created in SharePoint that I want to delete (I'm the only user in the group). In the "People and Groups: All Groups" screen I click the edit icon next to the group and then click on the "Delete" button and ok the following warning dialog. However, the group doesn't get deleted. Any idea why this is happening and how to finally delete this group? Thanks.

Active Directory last name changed not updated in sharepoint service 3.0 sp2



we have an active directory member where the last name has changed. However the change is not reflected in sharepoint services sites. When the user opens the sharepoint sites the old last name is displayed. When i look under the properties of the user in sharepoint the last name and the email-adress is still the old one.

How can i correct that?

SSIS SharePoint List Adapter - how to query Users & Groups?


I am using SSIS SharePoint List Adapter to load data in and out of my SharePoint Lists from within SSIS, and most of it is working fine.  However, I need to perform a lookup against the Users & Groups collection in SharePoint so I can retrieve the UserID and set the value when writing back to SharePoint.  Any help would be tremendously appreciated!


ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend