How to use AD group in SharePoint 2010

Question

I'm relatively new to SP2010 and wondered about a few Active Directory permission things:

• Is it possible to limit access to lists and pages to a specific AD group?
• We have a helpdesk area that will assist departments with their SharePoint sites, some which are hidden from most users. Can the helpdesk users still have access to these sites?

Sorry for the noob questions. Thanks.

Answer 1

• You can use AD security groups for setting permissions on Sharepoint sites, lists and items. Some additional recommendations can be found at http://technet.microsoft.com/en-us/library/cc261972.aspx
• It is possible with some simple permissions planning. You can create Sharepoint group HelpDesk and then set this group to have admin permissions on every site. Other users can then be added directly or via different groups only to sites they can see (or use). More info about planning site permissions: http://technet.microsoft.com/en-us/library/cc287752.aspx

Answer 2

Even if you don't want to plan ahead, you can apply this after the fact using Web Application policies. You can basically give an account or set of accounts permissions that apply across all site collections in a web application (e.g. full control, read, but not edit, everything, etc)