Presentation is loading. Please wait.

Presentation is loading. Please wait.

11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 UNDERSTANDING USER ACCOUNTS  Local user accounts  stored in the Security.

Published byWilfred Hopkins Modified over 9 years ago

Similar presentations

Presentation on theme: "11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 UNDERSTANDING USER ACCOUNTS  Local user accounts  stored in the Security."— Presentation transcript:

1 11 WORKING WITH USER ACCOUNTS Chapter 6

2 Chapter 6: WORKING WITH USER ACCOUNTS2 UNDERSTANDING USER ACCOUNTS  Local user accounts  stored in the Security Accounts Manager (SAM) database on that system  Can be used only on that system  Domain user accounts  Stored in Active Directory on domain controllers  Can be used on any system in Active Directory  Local user accounts  stored in the Security Accounts Manager (SAM) database on that system  Can be used only on that system  Domain user accounts  Stored in Active Directory on domain controllers  Can be used on any system in Active Directory

3 Chapter 6: WORKING WITH USER ACCOUNTS3 WORKGROUPS  No centralized database of user accounts  User account must exist in the SAM of each system the user accesses  Impractical in environments with more than 10 users  No centralized database of user accounts  User account must exist in the SAM of each system the user accesses  Impractical in environments with more than 10 users

4 Chapter 6: WORKING WITH USER ACCOUNTS4 DOMAINS  Centralized database of user accounts  User accounts exist in the Active Directory Hierarchy on the Domain controller  Centralized database of user accounts  User accounts exist in the Active Directory Hierarchy on the Domain controller

5 Chapter 6: WORKING WITH USER ACCOUNTS5 PLANNING USER ACCOUNTS  Account naming  Choosing passwords  Designing an Active Directory hierarchy  Account naming  Choosing passwords  Designing an Active Directory hierarchy

6 Chapter 6: WORKING WITH USER ACCOUNTS6 ACCOUNT NAMING  Account names can be between 1 and 20 characters (letters and/or numbers).  Account names are not case sensitive.  The following characters cannot be used in the account name:  " / \ [ ] : ; |, + = * ? @  Choose an account naming scheme that is logical and stick to it  Account names can be between 1 and 20 characters (letters and/or numbers).  Account names are not case sensitive.  The following characters cannot be used in the account name:  " / \ [ ] : ; |, + = * ? @  Choose an account naming scheme that is logical and stick to it

7 Chapter 6: WORKING WITH USER ACCOUNTS7 CHOOSING PASSWORDS  Choose a password policy that matches the security needs of your organization

8 Chapter 6: WORKING WITH USER ACCOUNTS8 DESIGNING AN ACTIVE DIRECTORY HIERARCHY  Create an organizational unit (OU) structure  Place users in appropriate OU  Provides for features such as group policy  Create an organizational unit (OU) structure  Place users in appropriate OU  Provides for features such as group policy

9 Chapter 6: WORKING WITH USER ACCOUNTS9 WORKING WITH LOCAL USER ACCOUNTS

10 Chapter 6: WORKING WITH USER ACCOUNTS10 CREATING A LOCAL USER ACCOUNT

11 Chapter 6: WORKING WITH USER ACCOUNTS11 MANAGING LOCAL USER ACCOUNTS

12 Chapter 6: WORKING WITH USER ACCOUNTS12 WORKING WITH DOMAIN USER ACCOUNTS

13 Chapter 6: WORKING WITH USER ACCOUNTS13 CREATING A DOMAIN USER ACCOUNT

14 Chapter 6: WORKING WITH USER ACCOUNTS14 MANAGING DOMAIN USER ACCOUNTS  From the Action menu, you can:  Reset a user account password.  Rename, disable, and delete an account.  Modify group membership.  Send e-mail and open a user’s homepage.  From the Action menu, you can:  Reset a user account password.  Rename, disable, and delete an account.  Modify group membership.  Send e-mail and open a user’s homepage.

15 Chapter 6: WORKING WITH USER ACCOUNTS15 THE GENERAL TAB

16 Chapter 6: WORKING WITH USER ACCOUNTS16 THE ADDRESS TAB

17 Chapter 6: WORKING WITH USER ACCOUNTS17 THE TELEPHONES TAB

18 Chapter 6: WORKING WITH USER ACCOUNTS18 THE ORGANIZATION TAB

19 Chapter 6: WORKING WITH USER ACCOUNTS19 THE ACCOUNT TAB

20 Chapter 6: WORKING WITH USER ACCOUNTS20 THE PROFILE TAB

21 Chapter 6: WORKING WITH USER ACCOUNTS21 THE MEMBER OF TAB

22 Chapter 6: WORKING WITH USER ACCOUNTS22 THE TERMINAL SERVICES PROFILE TAB

23 Chapter 6: WORKING WITH USER ACCOUNTS23 THE ENVIRONMENT TAB

24 Chapter 6: WORKING WITH USER ACCOUNTS24 THE REMOTE CONTROL TAB

25 Chapter 6: WORKING WITH USER ACCOUNTS25 THE SESSIONS TAB

26 Chapter 6: WORKING WITH USER ACCOUNTS26 THE DIAL-IN TAB

27 Chapter 6: WORKING WITH USER ACCOUNTS27 THE COM+ TAB

28 Chapter 6: WORKING WITH USER ACCOUNTS28 MANAGING MULTIPLE USERS

29 Chapter 6: WORKING WITH USER ACCOUNTS29 MOVING USER OBJECTS

30 Chapter 6: WORKING WITH USER ACCOUNTS30 CREATING MULTIPLE USER OBJECTS  Using object templates  Using Csvde.exe  Using Dsadd.exe  Using object templates  Using Csvde.exe  Using Dsadd.exe

31 Chapter 6: WORKING WITH USER ACCOUNTS31 USING OBJECT TEMPLATES  Can be an existing user account or an account created specifically for copying.  Not all properties are copied.  Object templates should be disabled to prevent use of the account.  New users are created by copying the user template object  Can be an existing user account or an account created specifically for copying.  Not all properties are copied.  Object templates should be disabled to prevent use of the account.  New users are created by copying the user template object

32 Chapter 6: WORKING WITH USER ACCOUNTS32 IMPORTING USER OBJECTS USING CSV DIRECTORY EXCHANGE  Useful for creating large numbers of users at a time.  Step 1: Create a comma-separated value (CSV) text file of user information.  Step 2: Use Csvde.exe to import the user information from the CSV file into Active Directory.  Useful for creating large numbers of users at a time.  Step 1: Create a comma-separated value (CSV) text file of user information.  Step 2: Use Csvde.exe to import the user information from the CSV file into Active Directory.

33 Chapter 6: WORKING WITH USER ACCOUNTS33 CREATING USER OBJECTS WITH DSADD.EXE  Command-line utility  Can be used in batch files or scripts  Can be used to add other objects as well as users  Command-line utility  Can be used in batch files or scripts  Can be used to add other objects as well as users

34 Chapter 6: WORKING WITH USER ACCOUNTS34 MODIFYING USER OBJECTS WITH DSMOD.EXE  Command-line utility  Can be used in batch files or scripts  Can be used only to modify existing objects  Command-line utility  Can be used in batch files or scripts  Can be used only to modify existing objects

35 Chapter 6: WORKING WITH USER ACCOUNTS35 MANAGING USER PROFILES  Allows each user to have a customized working environment  Preserves application settings, shortcuts, and preferences  Ensures that users do not affect each other’s work environment  Allows each user to have a customized working environment  Preserves application settings, shortcuts, and preferences  Ensures that users do not affect each other’s work environment

36 Chapter 6: WORKING WITH USER ACCOUNTS36 USER PROFILE CONTENTS  User-stored documents and files  Application configurations and settings  Desktop and environment settings  Control Panel settings and configurations  User-stored documents and files  Application configurations and settings  Desktop and environment settings  Control Panel settings and configurations

37 Chapter 6: WORKING WITH USER ACCOUNTS37 USER PROFILE DIRECTORY STRUCTURE

38 Chapter 6: WORKING WITH USER ACCOUNTS38 USING LOCAL PROFILES  Stored on the local system  Available only when the user logs on to that system  Can be modified by the user as needed  Stored on the local system  Available only when the user logs on to that system  Can be modified by the user as needed

39 Chapter 6: WORKING WITH USER ACCOUNTS39 USING ROAMING PROFILES  Allows a user to have the same working environment from any client computer she logs on to.  Central storage provides for easier backup.  Allows a user to have the same working environment from any client computer she logs on to.  Central storage provides for easier backup.

40 Chapter 6: WORKING WITH USER ACCOUNTS40 USING MANDATORY PROFILES  Can be either local or roaming.  User can make changes, but changes are not saved when user logs off.  Renaming Ntuser.dat to Ntuser.man designates profile as mandatory.  Can be either local or roaming.  User can make changes, but changes are not saved when user logs off.  Renaming Ntuser.dat to Ntuser.man designates profile as mandatory.

41 Chapter 6: WORKING WITH USER ACCOUNTS41 MONITORING AND TROUBLESHOOTING USER AUTHENTICATION  Using password policies  Using account lockout policies  Using password policies  Using account lockout policies

42 Chapter 6: WORKING WITH USER ACCOUNTS42 USING PASSWORD POLICIES  Provides a mechanism to control password use in the organization.  Should strike a balance between usability and security.  Creating a password policy that is too demanding increases password-related support calls.  Provides a mechanism to control password use in the organization.  Should strike a balance between usability and security.  Creating a password policy that is too demanding increases password-related support calls.

43 Chapter 6: WORKING WITH USER ACCOUNTS43 USING ACCOUNT LOCKOUT POLICIES  Account Lockout Threshold  Account Lockout Duration  Reset Account Lockout Counter After  Account Lockout Threshold  Account Lockout Duration  Reset Account Lockout Counter After

44 Chapter 6: WORKING WITH USER ACCOUNTS44 ACTIVE DIRECTORY CLIENTS  Windows 2000, Windows XP, and Windows Server 2003 include full Active Directory client capabilities.  Windows 95, Windows 98, Windows Me, and Windows NT 4 require additional client software to gain full Active Directory functionality.  Windows 2000, Windows XP, and Windows Server 2003 include full Active Directory client capabilities.  Windows 95, Windows 98, Windows Me, and Windows NT 4 require additional client software to gain full Active Directory functionality.

45 Chapter 6: WORKING WITH USER ACCOUNTS45 AUDITING AUTHENTICATION  Allows you to track failed and successful logon attempts  Can form part of a security policy  Creates minimal system overhead in all but largest environments  Events are created in the Security log  The security log can be viewed with Event Viewer  Allows you to track failed and successful logon attempts  Can form part of a security policy  Creates minimal system overhead in all but largest environments  Events are created in the Security log  The security log can be viewed with Event Viewer

Download ppt "11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 UNDERSTANDING USER ACCOUNTS  Local user accounts  stored in the Security."

Similar presentations

Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.

Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.

Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 5: Account Management.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 5: Account Management.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 3: Creating and Managing User Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 3: Creating and Managing User Accounts.
5.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

5.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
A+ Guide to Software, 4e Chapter 4 Supporting Windows 2000/XP Users and Their Data.

A+ Guide to Software, 4e Chapter 4 Supporting Windows 2000/XP Users and Their Data.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 5: User Environment and Multiple Languages.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 5: User Environment and Multiple Languages.
Chapter 3 – Creating and Managing User Accounts MIS 431 – Created Spring 2006.

Chapter 3 – Creating and Managing User Accounts MIS 431 – Created Spring 2006.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 3: Creating and Managing User Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 3: Creating and Managing User Accounts.

Similar presentations

Ads by Google