NetTech Solutions Supporting Local Users and Groups Lesson Three
NetTech Solutions Objectives Configure the user environment Configure and troubleshoot local user and group accounts Troubleshoot system startup and user logon problems Troubleshoot security settings and local security policy
NetTech Solutions Supporting Local User Accounts and Groups Understanding Logon On a Local Computer –To gain initial access to the computer –To control access to local computer resources –To control access to network resources in a workgroup environment
NetTech Solutions Supporting Local User Accounts and Groups Creating Users and Groups –User Accounts tool –Local Users And Groups tool Default User Accounts –Administrator –Guest –HelpAssistant –SUPPORT_xxxxx
NetTech Solutions Creating User Accounts From Computer Management
NetTech Solutions Creating User Accounts cont. From Control Panel
NetTech Solutions Creating Strong Passwords Bad Password Practice: –Using no password –Using a real name, user name, or company name makes for an easy-to-guess password –Using a common dictionary word –Using any password that you write down or that you share Passwords should be: –At least eight characters –A combination of lowercase and uppercase letters, numbers, and symbols –Passwords should be changed regularly.
NetTech Solutions Managing User Accounts Local User Properties:
NetTech Solutions Supporting Groups Groups simplify the assignment of permissions and user rights to user accounts.
NetTech Solutions Default Group Accounts Administrators Backup Operators Guests Network Configuration Operators Power Users Remote Desktop Users Replicator Users HelpServices
NetTech Solutions Special Groups Everyone Authenticated Users Interactive Network
NetTech Solutions Creating Groups Select “New Group”
NetTech Solutions Security Identifiers (SIDs) User accounts and groups are considered security principals, meaning that you can grant them access to resources on a computer. Windows
NetTech Solutions Limitations of Windows XP Home Edition Windows XP Home Edition, limitations: –does not support the creation of local groups. –The Local Users And Groups tool is not available –must create and manage users through the User Accounts tool in Control Panel. –only two types of accounts: Computer Administrator, Limited –Windows XP Home Edition does not have an account named Administrator. –Windows XP Home Edition cannot join a domain.
NetTech Solutions User Profiles Windows XP supports the following types of user profiles: –Local –Roaming –Mandatory
NetTech Solutions Local Profile Storage Within each user profile, several files and folders contain configuration information and data, including the following: Application Data Cookies Desktop Favorites Local Setting My Documents My Recent Documents NetHood PrintHood Send To Start Menu Templates NTUSER.DAT NTUSER.DAT.LOG
NetTech Solutions Built-In User Profiles Default User profile All Users profile
NetTech Solutions Using Multiple Profiles for the Same User Account Same Name Two different accounts: –Local –Domain
NetTech Solutions Fast User Switching allows multiple local user accounts to log on to a computer simultaneously Practice: Work with Local User Accounts and Groups –Page 3-22
NetTech Solutions Troubleshooting User Logon Troubleshooting Password Problems Resolving Lost Passwords for Local User Accounts Using Administrator Local account to reset a password will result in the loss of: – that is encrypted with the user’s public key –Internet passwords that are saved on the computer –Files that the user has encrypted
NetTech Solutions Two ways to reset the password Use CTRL + ALT + DEL choose reset password or Create a Password Reset Disk –Allows a user to reset their own password without loss of information
NetTech Solutions Troubleshooting Domain Logon Problems Make sure the user is logging into the correct domain and not locally Cached Credentials –Must have SP1 or later Troubleshooting Missing Domain Controller Issues
NetTech Solutions Supporting Security Settings and Local Security Policy Understanding Local Security Policy –As the name suggests, Local Security Policy applies only to the local computer. Using Local Security Policy, you can control the following: Who accesses the computer Which resources users are authorized to use on their computers Whether a user’s or group’s actions are audited (recorded in the Windows Event Log)
NetTech Solutions Order of Policy Application 1.Local Security Policy 2.Active Directory site 3.Active Directory domain 4.Active Directory OU
NetTech Solutions Resultant Set of Policy (RSoP) Policy settings are cumulative, so all settings contribute to effective policy. The effective policy is called the Resultant Set of Policy (RSoP).
NetTech Solutions GPRESULT
NetTech Solutions Configuring Local Security Policy Local Security Policy Group Policy Object
NetTech Solutions Local Security Policy Password Policy Account Lockout Policy Audit Policy
NetTech Solutions Audit Policy Logs are created in the Security Log file in Computer management Events or In Administrative Tools under Events
NetTech Solutions Summary Case Scenario Exercises –Page 3-44 Troubleshooting Lab –Page 3-44 Chapter Summery –Page 3-45 Key Points –Page 3-46 Key Terms –Page 3-47