Definition of GLOBAL GROUP in Network Encyclopedia.

What is Global Group?

Global Group is a group that exists only in the Security Accounts Manager (SAM) database on a Microsoft Windows NT-based network. Global groups are created on domain controllers and are used within an enterprise-level Windows NT network to organize users by function (for example, Accountants global group), location (for example, Third-Floor global group), or some other criteria, to simplify account administration. Global groups contrast local groups, whose primary function is to provide users with permissions for accessing network resources and rights for performing system tasks. Note that global groups can contain only global user accounts from their own domain. They cannot contain global user accounts from other domains, and they cannot contain other groups.

Global Groups in Windows 2000

Global groups are a little different in Windows 2000. Global groups can contain only members from the domain in which they are created, and they can be granted permissions on resources in any domain in the current forest. Users from one forest cannot be members of groups from another forest, and groups from one forest cannot be granted permission on resources in another forest.

If the Windows 2000 domain is in native mode, global groups can contain both user accounts and global groups from the same domain; however, in mixed mode, global groups can contain only user accounts.