That is no longer the acronym used.
Taken from the 2008/2008 R2 AD class I have taught: Single-domain forest: IGDLA Multi-domain forest: IGUDLA Identities (users or computers) are members of Global groups that collect members based on those members roles Which are members of Domain Local groups that provide management of some kind, such as mgmt. of resource access Which are Assigned Access to a resource (i.e., on an ACL) The "U" for multi-domain forests is Universal groups. From a nesting perspective, global groups from any domain in the forest can be members of universal groups, and universal groups can be members of any domain local groups in the forest. Hope that helps. Carl Webster Consultant and Citrix Technology Professional (and MCT) <http://dabcc.com/Webster> http://dabcc.com/Webster From: helpdesk UK [mailto:uk.helpd...@gmail.com] Subject: Re: Single Forest multiple Child domains so I read up once on this going back in NT days.. AGLP Create a user Add the user to a Global Group Add the global group to Local Group Assign permissions Now in win2k8 days we add the mix of UG... so add local group in child1.xyz.com to UG child1.xyz.com and than add the UG child1.xyz.com to a local group in child2.xyz.com and than assign permissions !!! correct ? cheers Joss ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
