3.4 Managing Dynamic Groups
A dynamic group is one whose membership changes based on a defined set of criteria. Until now dynamic groups were only possible in the Exchange environment, but now they can also be created in the Active Directory setting.
The graphic below describes a typical use for an Active Directory dynamic group. There are three dynamic groups in the graphic. Each group has a set of criteria that determines who can be added to the group and who can not. Each group controls access to a specific set of files, folders, and applications.
HINT:You can create a static member list that contains permanent members of the dynamic group; you can also create an excluded member list that denies those users membership in the dynamic group.
User2 has recently joined the IT department. When the IT department’s dynamic group is updated, she will be added to the group. When the Sales department’s dynamic group is updated, User2 will be removed from its members list.
HINT:You can refresh a dynamic group’s member list by right-clicking it and selecting .
User3, who has left the IT department for the HR department, will be removed from the IT department dynamic group and added to the HR department dynamic group.