Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 2: Managing User and Computer Accounts. Overview Creating User Accounts Creating Computer Accounts Modifying User and Computer Account Properties.

Published byAgatha Glenn Modified over 9 years ago

Similar presentations

Presentation on theme: "Module 2: Managing User and Computer Accounts. Overview Creating User Accounts Creating Computer Accounts Modifying User and Computer Account Properties."— Presentation transcript:

1 Module 2: Managing User and Computer Accounts

2 Overview Creating User Accounts Creating Computer Accounts Modifying User and Computer Account Properties Creating a User Account Template Managing User and Computer Accounts Using Queries to Locate User and Computer Accounts in Active Directory

3 Lesson: Creating User Accounts What Is a User Account? Names Associated with Domain User Accounts Guidelines for Creating a User Account Naming Convention User Account Placement in a Hierarchy User Account Password Options When to Require or Restrict Password Changes Tools to Create User Accounts Practice: Creating User Accounts Best Practices for Creating User Accounts

4 What Is a User Account? Multimedia: Types of User Accounts Domain user accounts (stored in Active Directory) Local user accounts (stored on local computer) Windows Server 2003 Domain

5 Names Associated with Domain User Accounts Name Example User logon name Tadams Pre—Windows 2000 logon name contoso\Tadams User principal logon name Tadams@contoso.msft LDAP distinguished name CN=terry adams,ou=sales,dc=contoso,dc=msft LDAP relative distinguished name CN=terry adams

6 Guidelines for Creating a User Account Naming Convention A convention for naming user accounts should accommodate: Employees with identical names Different types of employees, such as temporary or contract employees

7 User Account Placement in a Hierarchy Geopolitical Design Users North America Users South America Business Design Users Accounting Users Sales

8 User Account Password Options Account options Description User must change password at next logon Users must change their passwords the next time they log on to the network User cannot change password Users do not have the permissions to change their own password Password never expires Users’ passwords will not expire and do not need to be changed Account is disabled Users cannot log on by using the selected account

9 When to Require or Restrict Password Changes Option Use this option when you: Require password changes Create new domain accounts Reset passwords Restrict password changes Create local and domain service accounts

10 Tools to Create User Accounts Tools available to create user accounts Active Directory Users and Computers Command-line utilities Dsadd Net user Batch utilities CSVDE LDIFDE Computer Management MMC to create local users Active Directory Users and Computers Command-line utilities Dsadd Net user Batch utilities CSVDE LDIFDE Computer Management MMC to create local users

11 Practice: Creating User Accounts In this practice, you will: Create a local user account by using Computer Management Create a domain account by using Active Directory Users and Computers Create a domain user account by using dsadd

12 Best Practices for Creating User Accounts Best practices for creating local user accounts Limit the number of people who can log on locally Best practices for creating domain user accounts Disable any account that will not be used immediately Require users to change their passwords the first time that they log on Do not use the Users container for ordinary user accounts Rename the Administrator account Use strong passwords

13 Lesson: Creating Computer Accounts What Is a Computer Account? Why Create a Computer Account? Where Computer Accounts Are Created in a Domain Computer Account Options Practice: Creating a Computer Account

14 What Is a Computer Account? Identifies a computer in a domain Provides a means for authenticating and auditing computer access to the network and to domain resources Is required for every computer running:  Windows Server 2003  Windows XP Professional  Windows 2000  Windows NT

15 Why Create a Computer Account? Security  Authentication  Auditing Management  Software deployment  Desktop management  Hardware and software inventory through Systems Management Server

16 Where Computer Accounts Are Created in a Domain Computers that join a domain are created in the Computers container Computer accounts can be moved to or created in other organizational units Computer accounts can be moved to or created in other organizational units

17 Computer Account Options

18 Practice: Creating a Computer Account In this practice, you will: Create a computer account by using Active Directory Users and Computers Create a computer account by using dsadd

19 Lesson: Modifying User and Computer Account Properties When to Modify User and Computer Account Properties Properties Associated with User Accounts Renaming a User Account Properties Associated with Computer Accounts Practice: Modifying User and Computer Account Properties

20 When to Modify User and Computer Account Properties Modify user account properties to: Make it easier to use search capabilities to find users Match a company’s organizational hierarchy Determine the group membership of a user account Make it easier to use search capabilities to find users Match a company’s organizational hierarchy Determine the group membership of a user account Modify computer account properties to: Assist in asset tracking (Location property) Document who manages a computer (Managed By property) Assist in asset tracking (Location property) Document who manages a computer (Managed By property)

21 Properties Associated with User Accounts The Properties dialog box for a user account contains:

22 Renaming a User Account The Rename User dialog box

23 Properties Associated with Computer Accounts The Properties dialog box for a computer account contains:

24 Practice: Modifying User and Computer Account Properties In this practice, you will modify user and computer account properties

25 Lesson: Creating a User Account Template What Is a User Account Template? What Properties Are in a Template? Guidelines for Creating User Account Templates Practice: Creating a User Account Template

26 What Is a User Account Template? Employs a user account with properties meeting common user requirements Makes creating user accounts with standardized configurations more efficient User Account Template

27 What Properties Are in a Template? TabProperties copied Address All properties except Street Address Account All properties except Logon Name Profile All properties except Profile path and Home folder reflect new user’s logon name Organization All properties except Title Member Of All properties

28 Guidelines for Creating User Account Templates Create a separate classification for each department Create a separate group for short-term and temporary employees Set user account expiration dates for short-term and temporary employees Disable the account template Identify the account template

29 Practice: Creating a User Account Template In this practice, you will create a user account template

30 Lesson: Managing User and Computer Accounts Why Enable or Disable User and Computer Accounts? What Are Locked-Out User Accounts? When to Reset User Passwords When to Reset Computer Accounts Practice: Resetting and Disabling a User Account

31 Why Enable or Disable User and Computer Accounts? Scenarios for disabling accounts User takes a leave of absence Creating accounts that will not be used immediately User takes a leave of absence Creating accounts that will not be used immediately Tools available for disabling or enabling accounts Active Directory Users and Computers Dsmod command Active Directory Users and Computers Dsmod command

32 What Are Locked-Out User Accounts? Account lockout thresholds:  Define the number of failed logon attempts  Prevent hackers from guessing user passwords Logon failures can occur:  At the logon screen  At a screen saver protected by a password  When accessing network resources

33 When to Reset User Passwords Reset a password when a user forgets his or her password After the local user’s password has been reset, the user can no longer access some types of information

34 When to Reset Computer Accounts Reset computer accounts when: Computers fail to authenticate to the domain Passwords need to be synchronized

35 Practice: Resetting and Disabling a User Account In this practice, you will: Reset a user account password Disable user accounts

36 Lesson: Using Queries to Locate User and Computer Accounts in Active Directory Multimedia: Introduction to Locating User and Computer Accounts in Active Directory Search Types What Is a Saved Query? Importing and Exporting Saved Queries Practice: Using Saved Queries to Locate Users and Computers in Active Directory

37 Multimedia: Introduction to Locating User and Computer Accounts in Active Directory This presentation will explain how to locate objects in Active Directory

38 Search Types Basic query criteria include: Object type Location General values associated with the object, such as name and description

39 What Is a Saved Query?

40 Importing and Exporting Saved Queries

41 Practice: Using Queries to Locate Users and Computers in Active Directory In this practice, you will: Create a query to find computer accounts in the sales department Export the query as an XML file in the Admin_tools shared folder

42 Lab: Managing User and Computer Accounts In this lab, you will: Create user accounts Create computer accounts Use queries to locate objects Modify user and computer properties

Download ppt "Module 2: Managing User and Computer Accounts. Overview Creating User Accounts Creating Computer Accounts Modifying User and Computer Account Properties."

Similar presentations

Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.
1 Module 3 Setting Up User Accounts. 2  Overview Introduction to User Accounts Planning New User Accounts Creating User Accounts Deleting and Renaming.

1 Module 3 Setting Up User Accounts. 2  Overview Introduction to User Accounts Planning New User Accounts Creating User Accounts Deleting and Renaming.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.

Khan Rashid Lesson 11-The Best Policy: Managing Computers and Users Through Group Policy.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.

Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 5: Account Management.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 5: Account Management.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 3: Creating and Managing User Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 3: Creating and Managing User Accounts.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.

Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.
Lesson 14: Creating and Managing Active Directory Users and Computers

Lesson 14: Creating and Managing Active Directory Users and Computers
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
Chapter 3 – Creating and Managing User Accounts MIS 431 – Created Spring 2006.

Chapter 3 – Creating and Managing User Accounts MIS 431 – Created Spring 2006.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 3: Creating and Managing User Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 3: Creating and Managing User Accounts.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.

Similar presentations

Ads by Google