In case of Design & Work, a new authorization structure was computed on the basis of the read authorization structure in accordance with the Best Practice of Microsoft. This consists of
- new permission- and list groups,
- nesting of available groups and accounts in the new groups, as well as the nesting of new groups in each other, and
- the access rights contained in the groups that have access to the directories.
1. Task of this function
In case of Deploy Groups, the new authorization- and list groups are written in the AD. In these, the provided groups and accounts are nested.
For this you need the write rights on the AD, for example as domain admin