SharePoint Group | Active Directory Group |
Members of this group can be added/removed from within SharePoint. The permission to add or remove users from the group can be delegated to SharePoint users. | Members of this group can be managed within Active Directory. Only Active Directory administrators have the permission to modify group memberships. |
Members of this group can be visible to users. | Members of this group are not visible to users. |
Cannot contain another SharePoint group as member. | Can contain another Active Directory Group. |
Must have a unique name on site collection level. The name is the unique identifier of the group. | Can cause serious problems in lage scale scenarios: A user might only be a member of 1024 Active Directory groups (recoursively). If this number is reached the user is no longer able to log on to Windows. Read the Microsoft documentation for more information. |
Can contain SharePoint users that do not exist in the Active Directory. | |
No comments:
Post a Comment