Active Directory Groups

Microsoft exchange is tightly integrated with AD (Active Directory). You cannot have exchange without AD.

All of our current Exchange groups are also AD groups. Groups within Ad can be used for Distribution list, security groups in any AD or LDAP aware application or both.

Group Creation and management

In both exchange and Google Apps groups can be manually created, or be created using an API (Application programming interface)

Groups in AD are primarily managed by an owner, or through a program.

Groups created in AD can be synced to Google Apps by use of an API.

Group uses

Groups in AD can be used for e-mail distribution as well as security function as well. IE File system Permissions, Segue site membership, word press blogs ECT…

Groups in Google Apps can be used for E-mail distribution as well as security within Google Docs and other Google applications that are part of the Google Apps environment.

Nested groups

In AD you can have nested groups. That is groups that are member of other groups.

Nested groups are possible in Google Apps.

A non admin adding members to groups

Ad groups can contain only people listed in AD. These can be user object or contact objects. Users that are external to AD, would need a contact object created and the added to a group by an administrator. Contacts are only valid for e-mail distribution only, not any other security functions.

In Google apps this is controlled by the configuration of the group.

Non-admin create groups

In exchange you can allow people to create their own public groups, but this option has been disabled by the Middlebury exchange administrators.

In Google groups this can be turned on or off by administrators.

Who can do what in groups

Groups in AD are configured to be managed by the owner of the group. The owner can be a user or another group. So you can create a group that is manageable by a user, the members of the group, or anyone in AD. Members external to AD cannot manage them.

Groups in Google can be configured to be managed by the owner, the members of the group, anyone in the domain or anyone on the internet.

Google groups allow for non member to request membership. AD does not allow this.

Cross-platform management

Groups in Google apps are managed through their web interface. This can be done from any platform that Google Groups allows. (Mac, PC and Linux)

Groups in AD can only be managed from a PC. Most use outlook, but you can also use an MMC snap-in called Active Directory Users and Groups. AD lacks a web based management for these groups.

Can membership be hidden?

Group membership can be hidden in both AD and Google groups.