How can i add Active Directory security groups to a SharePoint site to control permissions, rather than individual user accounts

SharePoint does integrate active direct开发者_JAVA百科ory accounts, of course, but how about security groups? Have a few sites where I'm fairly confident access is going through an existing Active Directory (AD) security groups (i.e. only an AD security group has been granted permissions through the 'People and Groups') In another situation, where I created the AD group and granted it permissions to a site, the customers were not able to access immediately. Eventually had to fast-track it and add the individuals to the People and Groups to keep the project going, but hoping not to have to maintain it that way.

Any specific requirements of the security group in AD? Universal, Global, or domain local? Is there any time delay between modifying group members in AD and having that take effect in SharePoint?

Any AD group type is usable by SharePoint so long as that group is usable by the server SharePoint is running on. Said another way, if you were using the OS level tools on the server and the OS recognizes your group, then you can use it in SharePoint.

As for when group memberships changes become effective, it has always been near real time for me but I can't say that I can speak to all possible AD topology deployments.