271_70-292_01.qxd 8/21/03 12:40 PM Page 27Managing Users, Computers, and Groups • Chapter 1 27
Group scope changes can also be performed from the command line using the dsmod
command.The syntax required make scope changes is as follows:
dsmod group GroupDN [-scope {l | g | u}]The function of the switches are self-explanatory, as they represent the distinguished
name of the group to be converted and the type of scope to change the group to. Appendix
A contains a complete listing of the dsmod command and its switches.
Figure 1.19 demonstrates using the dsmod command three times: first to (unsuccessfully)
change a Domain Local group into Global group, second to (successfully) change this same
Domain Local group into a Universal group, and lastly to (successfully) change the
Universal group into a Global group using the following commands:
dsmod group "CN=California Sales Division,DC=corp,DC=mcsaworld,DC=com" -scope gdsmod group "CN=California Sales Division,DC=corp,DC=mcsaworld,DC=com" -scope uFigure 1.19 Changing the Group Scope from the Command-Line
A check of the group scope from the General tab will confirm that the change has
been made. Changing from a domain local group to a global group is not supported by the
dsmod command.
Deleting Groups
A group can easily be deleted from within the Active Directory Users and Computers con-
sole as outlined in Exercise 1.06. Note that deleting a group does not cause any members
of the group to be deleted from Active Directory—only to be removed from that group
and lose any rights and permissions that may have been applied to them if the group is a
security group. If the group is a distribution group, e-mails will no longer be able to be sent
to the group e-mail address.
https://traloihay.net
Bạn đang xem 271_ - MCSA MCSE EXAM 70 292 STUDY GUIDE PHẦN 1 PPTX
