1 00:00:00,460 --> 00:00:07,860 And in one group as a member to another in previous lessons we saw how to add to user accounts on computer 2 00:00:07,860 --> 00:00:11,730 accounts to secure two groups by using the Active Directory. 3 00:00:11,730 --> 00:00:19,530 Come on let's another common Active Directory operation related to security groups is add in one security 4 00:00:19,530 --> 00:00:21,870 group to another security group. 5 00:00:21,870 --> 00:00:30,960 This is done for reasons of management of permissions and memberships before proceeding to see how groups 6 00:00:30,960 --> 00:00:32,380 can be nested. 7 00:00:32,400 --> 00:00:39,960 Let's first understand what type of scope of groups can be added to a given security group. 8 00:00:39,960 --> 00:00:48,030 Without this you might run into areas such as in this example and start thinking what is wrong. 9 00:00:48,090 --> 00:00:53,950 So let's run this command and try to add one group to another. 10 00:00:54,050 --> 00:01:02,250 We have gotten narrow and if you read the error message carefully it clearly states that a local group 11 00:01:02,250 --> 00:01:06,000 cannot be a member of universal group. 12 00:01:06,000 --> 00:01:12,360 It is good to know these things before attempting to hurt a group in another group. 13 00:01:12,360 --> 00:01:21,510 You can read more about the different security group types and their membership details but in short 14 00:01:21,840 --> 00:01:30,900 a universal group can hold global and universal groups from any other man in the same forest as members 15 00:01:31,110 --> 00:01:38,880 a global group can hold other global groups from the same forest and to the main local group can hold 16 00:01:38,910 --> 00:01:45,630 global groups from any domain including trusted universal groups from the same forest. 17 00:01:45,630 --> 00:01:52,290 Domain groups from the same domain and global and universal groups from other forests. 18 00:01:52,290 --> 00:01:56,780 Now let's add just groups free to test group. 19 00:01:56,800 --> 00:02:05,510 Now we have we haven't got to narrow and does group 3 can be freely nested into test group lists command 20 00:02:05,600 --> 00:02:09,840 outs a group named Task Group 3 to test group. 21 00:02:09,840 --> 00:02:17,670 If you notice they are not providing any group scope information at the time of adding the command letter 22 00:02:17,670 --> 00:02:21,270 will automatically calculate the group sound. 23 00:02:21,360 --> 00:02:26,330 If the addition is not supported it will throw arrows. 24 00:02:26,370 --> 00:02:31,170 Otherwise the execution should get completed without any errors. 25 00:02:31,170 --> 00:02:34,590 We can check in with the users and computers. 26 00:02:34,590 --> 00:02:44,340 Council will find a test group and check its members and we can find test group 3 here and see that 27 00:02:44,340 --> 00:02:46,920 it was successful they added. 28 00:02:46,920 --> 00:02:53,090 What about bulk group's creation as we saw in the example of Adam bulk users. 29 00:02:53,110 --> 00:02:55,340 That computer as a counter group. 30 00:02:55,410 --> 00:02:59,010 Security groups can be added in bulk as well. 31 00:02:59,130 --> 00:03:03,100 For this demonstration we can use the following code. 32 00:03:03,210 --> 00:03:10,800 We can create for example for security groups and active directors so that you can add them to a new 33 00:03:10,800 --> 00:03:12,930 security group in bulk. 34 00:03:12,960 --> 00:03:16,740 Create in bulk use groups is very easy. 35 00:03:16,980 --> 00:03:21,450 If they share a similar naming convention as shown in this code. 36 00:03:21,720 --> 00:03:28,260 So we are creating the groups from 1 to 4 and for each group will give a name. 37 00:03:28,260 --> 00:03:37,610 CHILD group and a number from 1 to 4 and will add to this group to active directory with its name. 38 00:03:37,670 --> 00:03:47,670 The scope will be domain local and the path where these groups will be located is groups in production 39 00:03:47,820 --> 00:03:48,600 or you. 40 00:03:48,720 --> 00:03:57,780 So running this code will create 4 groups with the name child Group 1 2 4 and it will do this operation 41 00:03:58,080 --> 00:03:59,280 in seconds. 42 00:03:59,280 --> 00:04:07,500 Now we can add these newly created groups to a secure to another security group with their members. 43 00:04:07,500 --> 00:04:13,240 First let's create a group to which we want to add this newly created 4 groups. 44 00:04:13,380 --> 00:04:20,640 As we saw before a group can be created by using the new dash age group command let the following command 45 00:04:20,640 --> 00:04:25,080 will create the parent group one security group. 46 00:04:25,080 --> 00:04:26,540 So let's run it. 47 00:04:26,580 --> 00:04:34,470 We are new does a group the name parent group 1 and the scope for it will be domain local. 48 00:04:34,530 --> 00:04:43,680 Once the group is created we can add to the newly created for child groups to this parent group one 49 00:04:43,710 --> 00:04:51,870 using the following command will add a variable which will be called groups and equal together as a 50 00:04:51,870 --> 00:04:57,810 group filter in all of the groups which contain child group in its name. 51 00:04:57,810 --> 00:05:04,270 And then we pass this trouble to the following command at this age group member. 52 00:05:04,270 --> 00:05:11,620 They are read in groups to two this group which is called Parent Group one and the groups which we all 53 00:05:11,620 --> 00:05:17,620 read and is taken from groups variable which we have created before. 54 00:05:17,620 --> 00:05:25,120 So the first line of the code will soar shift active director for any group that has a name starting 55 00:05:25,120 --> 00:05:30,420 with child group and strokes the details in the group's variable. 56 00:05:30,520 --> 00:05:36,130 Once the details are available they can be added to another security group. 57 00:05:36,220 --> 00:05:39,170 Parent Group 1 using the out. 58 00:05:39,220 --> 00:05:43,990 Is a group member command led and the groups will be added.