If multiple users will use your system, it might make sense to organize them into groups. This way, security rights can be granted in a logical and repeatable fashion. Granting rights to individual accounts can become cumbersome and can be difficult to administer. Logically created groups make it easier to assign and maintain permission settings. You can create and administer groups in the NT User Manager program by double-clicking them. Figure 10.20 shows the User Manager Group Creation program.
Aftergroups have been created, we can use them to help us maintain security and access control lists. Access control lists define access to programs, files, and functionality. We can create groups based on user functions and roles and assign them accordingly. Instead of granting permissions to many individuals, we can grant them once and remove them easily by making use of groups. Make use of groups to ease administration of access control lists.