Presentation is loading. Please wait.

Presentation is loading. Please wait.

5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Goals 

Published byFelicity Philippa Rich Modified over 9 years ago

Similar presentations

Presentation on theme: "5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Goals "— Presentation transcript:

1 5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Goals   Plan strategies to create user accounts   Create local user accounts   Create domain user accounts   Set user account profiles   Introduce user profiles   Configure roaming user profiles   Create home folders   Maintain user accounts

2 5.2 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Planning Strategies for Creating User Accounts   User account  Provides a form of identification for a user  Used to build the user ticket   User ticket  Also called TGT (Ticket Granting Ticket)  Contains a list of associated Security IDs and all groups to which a user belongs  Used to prove account validity and construct a session ticket for use by the resource server   Ways to create user accounts  Manually using the Active Directory Users and Computers console  Writing scripts using VBScript or Jscript  Writing scripts using Active Directory Services Interfaces (ADSI), a fully programmable automation object available for administrators (Skill 1)

3 5.3 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Planning Strategies for Creating User Accounts (2)   Naming conventions  Unique user names  Easy-to-remember logon names  Be able to differentiate between employees with similar or the same names   Password requirements  Hard to guess  Mix of letters and numerals   Account properties  Log On To option specifies the computers to which a user can log on  Logon Hours option specifies the hours of the day and days of the week a user can log on  Account expires option specifies when an account will be invalid (Skill 1)

4 5.4 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 1) Figure 5-1 Specifying user account properties

5 5.5 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Creating a Local User Account   Local user accounts allow users to log on to a specific computer and access only its resources   The local user account is stored only in the computer’s local security database   When a user logs on to a computer, the computer uses its local security database to authenticate the local user account (Skill 2)

6 5.6 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Creating a Local User Account (2)   If you create a local user account on a computer that requires access to domain resources, the user cannot access resources in the domain   You cannot create local user accounts on a domain controller   You use the Local Users and Groups snap-in within the Computer Management console to create, delete, or disable local user accounts (Skill 2)

7 5.7 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 2) Figure 5-2 Local security database

8 5.8 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 2) Figure 5-3 Creating a local user account

9 5.9 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Creating a Domain User Account   A domain user account allows a user to log on to a domain and access network resources   The domain controller replicates the new user account information to all domain controllers in the domain   You use the Active Directory Users and Computers console to create domain user accounts (Skill 3)

10 5.10 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Creating a Domain User Account (2)   Logon process  A user provides a logon name and password (or alternately, inserts a smartcard and provides a PIN)  The Windows 2000 Server builds a session ticket and generates an access token, which is available during the session   Domain names  AD domain names are usually the full DNS name  Each domain also has a pre-Windows 2000 domain name to allow logon to a Windows 2000 domain from computers running pre- Windows 2000 operating systems   Built-in accounts  Built-in Administrator user account  Built-in Guest account (Skill 3)

11 5.11 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 3) Figure 5-4 Domain user account

12 5.12 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure (Skill 3) Figure 5-5 Creating a domain user account

13 5.13 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-6 Specifying password for a new domain user account (Skill 3)

14 5.14 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-7 Summary screen for a new domain user account (Skill 3)

15 5.15 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-8 The new user in the Active Directory Users and Computers console (Skill 3)

16 5.16 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Setting User Account Properties   Every user account has a set of default properties   You can also define detailed personal properties  Defined for a domain user account  Useful when searching for users   Logon settings control the logon hours for a user   Dial-in settings include whether to allow remote dial-in for the user (Skill 4)

17 5.17 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Setting User Account Properties (2)   You can also specify Terminal Services settings for a user account  Provide the ability to connect to a server from a remote location  Allow the user to run a session as if sitting at the machine   Create a template account containing the common information shared between user accounts (Skill 4)

18 5.18 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-9 Specifying user account properties (Skill 4)

19 5.19 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-10 Specifying logon hours for a user account (Skill 4)

20 5.20 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Introducing User Profiles   A user profile is a collection of data  Includes user’s personal data, desktop settings, printer connections, and network connections  Enables multiple users to work from the same computer  Enables a single user to work from multiple computers on a network   Three types of user profiles  Local user profile  Roaming user profile  Mandatory user profile (Skill 5)

21 5.21 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Introducing User Profiles (2)   Local user profile  Limited to the computer to which the user logs on  Is stored on the system’s local hard disk   Roaming user profile  Allows a user to work on multiple computers on a network  Updates any changes users make to their user profiles on the server   Mandatory user profile  Specifies particular settings for individuals or a group  Does not permanently save the desktop settings made by a user  Only system administrators can change mandatory profiles (Skill 5)

22 5.22 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-11 A sample user profile folder (Skill 5)

23 5.23 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-12 Contents of the Documents and Settings folder (Skill 5)

24 5.24 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Creating a Roaming User Profile   Standard roaming user profiles are used for specific groups of users   Benefits  Provide a standard desktop environment with access to the same network resources  Provide a standard work environment consisting of only those applications and connections used by the group  Streamline troubleshooting   To create a standard roaming user profile  Create a shared folder on the server  Create a user profile template with the appropriate configuration  Copy the roaming user profile template to the shared folder on the server to allow users access to the profile (Skill 6)

25 5.25 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-13 Adding a user to a group (Skill 6)

26 5.26 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-14 Accessing the list of user profiles (Skill 6)

27 5.27 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-15 Copying the user profile template to the shared folder (Skill 6)

28 5.28 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-16 Permitting a user to use the profile (Skill 6)

29 5.29 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-17 Specifying the path to the roaming user profile (Skill 6)

30 5.30 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Creating a Home Folder on a Server   Home folders  Provide a default location for each user to store data  Similar in concept to the My Documents folder on a user’s desktop   Benefits  Not computer dependent  Easily accessible from any computer on the network  Accessible from any client computer using any Microsoft operating system  Backed up as per the server’s backup schedule (Skill 7)

31 5.31 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-18 Specifying the path of the home folder (Skill 7)

32 5.32 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-19 Home folder for a user (Skill 7)

33 5.33 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Maintaining User Accounts Network administrator maintenance tasks   Rename an account to maintain the rights, permissions, and group memberships of a particular user account and transfer the account to a different user   Disable an account for security reasons when a user does not need the account for a certain period   Enable a disabled account   Delete a user account when it is no longer needed   Reset passwords when a user’s password expires before the user changes it   Lock out user accounts when users violate a security policy (Skill 8)

34 5.34 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-20 Options in the Action menu (Skill 8)

35 5.35 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-21 Active Directory message box (Skill 8)

36 5.36 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-22 The disabled user account (Skill 8)

37 5.37 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Figure 5-23 Resetting user password (Skill 8)

Download ppt "5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure Goals "

Similar presentations

Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
15.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.

15.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 15: Configuring a Windows.
Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.

Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.
7.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

7.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
14.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

14.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
15.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

15.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
11.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
5.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

5.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Administering Active Directory

Administering Active Directory
Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.

Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

Similar presentations

Ads by Google