How to create groups

"A group in Active Directory is a collection of user accounts, computers, or other groups that are managed as a single unit. Groups make it easier to assign permissions and access to multiple users at once, instead of configuring each user individually. There are two main types: security groups, used for granting access to resources, and distribution groups, used for sending emails. By using groups, administrators can efficiently manage permissions and maintain better organization within the network."

Creating these objects is very similar as we did with users.

Security Groups

This kind of group if used to grant access to resources (folders, other AD objects...). To create one, we first open ADUC and hit the "New Group" button.

Here I've named the group "Infrastructure Managers", which we will use later on when we mess up with ACLs. When it's created, I'll double click it and go to the "Members" tab to add three users.

Distribution Groups

As mentioned previously, "Distribution Groups" are used for sending emails. In this AD environment, since we are willing to make it as realistic as possible (the goal is to teach how to build an HTB acceptable box) I'll create the "HR" group, which stands for "Human Resources". We will see how to use it with Exchange later on.

After it's created we can add its members.

Written by ruycr4ft

PreviousHow to create users NextJoin computers to the domain

Last updated 7 days ago