The Security Groups tool searches for and then displays security group membership for a user account. It allows a ConfigMgr user to see the Primary Group, Direct Group Membership, and Nested Group Membership. Actions can be taken as well-- including adding the user account to a New Direct Group and then Refreshing the membership lists.
How it does it
This tool connects to Active Directory to show and/or edit Security Group membership.
Navigation
Navigate to the Security Groups tool by right clicking on a User Object, selecting Recast RCT, and selecting Security Groups.
The Security Groups tool can be run on multi-selected User Objects, but not User Groups or User Collections. Multi-selecting User Objects will return an "Are you sure?" message followed by multiple dialog boxes stacked on top of one another.
The Security Groups tool can be run on multi-selected User Objects, but not User Groups or User Collections. Multi-selecting User Objects will return an "Are you sure?" message followed by multiple dialog boxes stacked on top of one another.
Screenshot
When the action is run, the following dialog box will open:
Selecting "Add New Direct Group" will pull up an additional window that allows a user to search and discover groups to add the user account to.
Executing an add will prompt an "Are you sure?" message, and then if the Refresh button is pushed, the new membership will be updated.
Recast Permissions
If using Recast Server with a Service Account, the same permissions are required for the service account.
| Active Directory | Reset Password |
| Active Directory | Add or Remove Account from Group |
Microsoft Permissions
- This action requires that the user running the tool has permission to look at group memberships for the user object in Active Directory.
- Also requires permission to modify the memberships of group objects in Active Directory