Presentation is loading. Please wait.

Presentation is loading. Please wait.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 Administering User Accounts and Groups 1.

Published byLinda Richardson Modified over 9 years ago

Similar presentations

Presentation on theme: "Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 Administering User Accounts and Groups 1."— Presentation transcript:

1 Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 Administering User Accounts and Groups 1

2 Overview Introducing User Accounts Planning and Creating New Users Identifying User Properties Creating Local Groups Adding a User & Group in Linux Fall 2011 2 Nassau Community College ITE153 – Operating Systems

3 Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 Windows 7 Professional Administering User Accounts and Groups 3

4 Introducing User Accounts The logon process can be customized Why do this? Automation, restricted access, limited views, etc. Some choices: local security policy, registry settings, Group Policy in domains Built-in User Accounts: Administrator Guest Fall 2011 Nassau Community College ITE153 – Operating Systems 4

5 Introducing User Accounts - Administrator The Administrator account is disabled by default, but you can enable it When it is enabled, the Administrator account has full control of the computer, and it can assign user rights and access control permissions to users as necessary This account must be used only for tasks that require administrative credentials. Use a strong password! See Local Users and Groups best practices under LinksLocal Users and Groups best practices Fall 2011 Nassau Community College ITE153 – Operating Systems 5

6 Introducing User Accounts - Administrator The Administrator account is a member of the Administrators group on the computer. The Administrator account can never be deleted or removed from the Administrators group, but it can be renamed or disabled. Because the Administrator account is known to exist on many versions of Windows, renaming or disabling this account will make it more difficult for malicious users to try and gain access to it Fall 2011 Nassau Community College ITE153 – Operating Systems 6

7 Introducing User Accounts - Administrator Kinds of tasks performed: Creating and modifying user accounts and groups Managing security policies Assigning rights and permissions to user accounts Installing printers Installing hardware devices and drivers Changing system data and other system settings Fall 2011 Nassau Community College ITE153 – Operating Systems 7

8 Introducing User Accounts - Guest The Guest account is used by people who do not have an actual account on the computer A user whose account is disabled, but not deleted, can also use the Guest account The Guest account does not require a password The Guest account is disabled by default, but you can enable it, although not recommended You can set rights and permissions for the Guest account just like any user account By default, the Guest account is a member of the default Guests group, which allows a user to log on to a computer. Fall 2011 Nassau Community College ITE153 – Operating Systems 8

9 Introducing User Accounts - Domain We are only concerned with local accounts and groups Prerequisite for creating a domain user is a domain At least one computer on the network must be running a Windows Server product and be configured as a domain controller Active Directory is the main control mechanism Fall 2011 Nassau Community College ITE153 – Operating Systems 9

10 Introducing User Account - MMC Snap-in: mmc compmgmt.msc Fall 2011 Nassau Community College ITE153 – Operating Systems 10 Administrator and Guest Accounts Home directory

11 Lab A: Introducing User Accounts Fall 2011 11 Nassau Community College ITE153 – Operating Systems

12 Planning User Accounts - Names A naming convention establishes how users will be identified on the network. A consistent naming convention makes it easy for you and your users to remember user names and locate them in lists. User names must be unique. Domain user accounts must be unique to the domain. Local user accounts must be unique to the local computer. User names can contain up to 20 uppercase or lowercase characters except for the following: " / \ [ ] : ; | =, + * ?. Accommodate employees with duplicate names Fall 2011 Nassau Community College ITE153 – Operating Systems 12

13 Planning User Accounts - Passwords The next element in planning new user accounts is identifying the password requirements. Every user account should require a password. Some guidelines: Always assign the Administrator account a password to prevent unauthorized users from using the account Determine who controls the password: Assign users unique passwords and then prevent users from changing them (administrator control) Assign users an initial password and then require users to change them the first time they log on; only individual users will know their passwords. (user control) Determine whether an account needs to expire (temps, etc). Fall 2011 Nassau Community College ITE153 – Operating Systems 13

14 Creating a New User To create a local user account: Open Computer Management. In the console tree, click Users. On the Action menu, click New User. Type the appropriate information in the dialog box. Select or clear the check boxes for: User must change password at next logon User cannot change password Password never expires Account is disabled Click Create, and then click Close. Fall 2011 Nassau Community College ITE153 – Operating Systems 14

15 Creating a New User Open Computer Manager ( compmgmt.msc ) console Fall 2011 Nassau Community College ITE153 – Operating Systems 15 Right click User and click the New User

16 Lab B: Creating a New User Fall 2011 16 Nassau Community College ITE153 – Operating Systems

17 User Account Utility Fall 2011 Nassau Community College ITE153 – Operating Systems 17

18 User Account Utility Fall 2011 Nassau Community College ITE153 – Operating Systems 18

19 Identifying User Properties Every local user account you create has a set of default properties that can be modified in the Properties dialog box for that user. The properties dialog box contains three tabs: General – change full name or description of a user and configure password usage and account lockout Member Of – add or remove user account from a group Profile – set the path for the user profile, logon script, and home folder Fall 2011 Nassau Community College ITE153 – Operating Systems 19

20 Identifying User Properties Fall 2011 Nassau Community College ITE153 – Operating Systems 20

21 Identifying User Properties Fall 2011 Nassau Community College ITE153 – Operating Systems 21 ItemDetails Full nameProvides a space for you to type the user's complete name. DescriptionProvides a space for you to type any text that describes the user account or the user. User must change password at next logon check box Specifies whether the user must change the password at the next logon. User cannot change password check box Specifies whether the user cannot change the assigned password. This option is usually selected only for accounts that are used by more than one person, such as the Guest account. This setting has no effect on members of the Administrators group. Password never expires check box Specifies whether the password will never expire, and overrides the Maximum Password Age setting in the Password policy in Group Policy. Account is disabled check box Specifies whether the selected account is disabled. Account is locked out check box Indicates whether the account is locked out, which means that the user is not able to log on. If the check box is unavailable and cleared, the account is not currently locked out. If this check box is available and selected, the account is currently locked out. You can clear the check box to unlock the account.

22 Identifying User Properties Fall 2011 Nassau Community College ITE153 – Operating Systems 22 ItemDetails Member ofLists the groups that the user account is a member of. AddClick to select the group that you want to add this user account to. RemoveRemoves the user from the selected group.

23 Identifying User Properties Fall 2011 Nassau Community College ITE153 – Operating Systems 23 ItemDetails Profile path Provides a space for you to type a user profile path to the user account. Logon script Provides a space for you to type the name of a logon script. If the logon script is located in a subdirectory of the default logon script path, precede the file name with that relative path. Local pathSpecifies a local path as the home folder. Type a local path, for example, c:\users\erricom. ConnectSpecifies a shared network directory as the home folder for this user. Select a drive letter in the menu. ToProvides a space for you to type the network path for this user's home folder. For example, you might specify drive J, and then type \\airedale\users\dorenap.

24 Lab C: Identifying User Properties Fall 2011 24 Nassau Community College ITE153 – Operating Systems

25 Creating Local Groups To create a local group: Open Computer Management. In the console tree, click Groups On the Action menu, click New Group In Group name, type a name for the new group In Description, type a description of the new group To add one or more members to the new group, click Add Fall 2011 Nassau Community College ITE153 – Operating Systems 25

26 Creating Local Groups In the Select Users, Computers, or Groups dialog box, do the following: To add a user or group account to this group, under Enter the object names to select, type the name of the user account or group account that you want to add, and then click OK. To add a computer account to this group, click Object Types, select the Computers check box, and then click OK. Under Enter the object names to select, type the name of the computer account that you want to add, and then click OK. In the New Group dialog box, click Create, and then click Close. Fall 2011 Nassau Community College ITE153 – Operating Systems 26

27 Creating Local Groups Open Computer Manager ( compmgmt.msc ) console Fall 2011 Nassau Community College ITE153 – Operating Systems 27 Right click Groups and click the New Group

28 Creating Local Groups Open Computer Manager ( compmgmt.msc ) console Fall 2011 Nassau Community College ITE153 – Operating Systems 28 Right click Groups and click the New Group

29 Lab D: Creating Local Groups Fall 2011 29 Nassau Community College ITE153 – Operating Systems

30 Implementing Built-in Groups Open Local Security Policy( secpol.msc ) console Fall 2011 Nassau Community College ITE153 – Operating Systems 30

31 Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 UNIX User Account and Groups 31

32 Adding A User In Ubuntu Fall 2011 Nassau Community College ITE153 – Operating Systems 32

33 Using the Command Line To create a new user account under any Linux distribution use command called useradd. The system administrator is responsible for creating account. Login as root user (or use sudo command) useradd [options] {username} e.g., useradd errico passwd malatesta Fall 2011 Nassau Community College ITE153 – Operating Systems 33

34 Using the Command Line useradd [-c comment] [-d home_dir] [-e expire_date] [-f inactive_days] [-g initial_group] [-G group[,...]] [-m [-k skeleton_dir]] [-o] [-p passwd] [-s shell] [-u uid] login usermod [-c comment] [-d home_dir [-m]] [- e expire_date] [-f inactive_days] [-g initial_group] [-G group [,...]] [-l login_name] [-p passwd] [-s shell] [-u uid [-o]] [-L|-U] login userdel [-r] login This is similar for groups: groupadd, groupmod, groupdel Fall 2011 Nassau Community College ITE153 – Operating Systems 34

35 Important URLS Local Users and Groups - use Local Users and Groups to create and manage users and groups that are stored locally on a computerLocal Users and Groups Local Users and Groupssimilar to link above but for Windows 7, Windows Server 2008, Windows Server 2008 R2Local Users and Groups Local Users and Groups best practices - excellent tipsLocal Users and Groups best practices Microsoft Security TechCenter - links to technical bulletins, advisories, updates, tools, and prescriptive guidance. This is a very good site to visit frequently.Microsoft Security TechCenter Fall 2011 Nassau Community College ITE153 – Operating Systems 35

36 Homework Review the Slides Review Lesson 8 In The Text Fall 2011 Nassau Community College ITE153 – Operating Systems 36

Download ppt "Fall 2011 Nassau Community College ITE153 – Operating Systems Session 21 Administering User Accounts and Groups 1."

Similar presentations

Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Chapter 5: Configuring Users and Groups. Types of User Accounts Administrator –Unrestricted access to performing administrative tasks –Use sparingly Standard.

Chapter 5: Configuring Users and Groups. Types of User Accounts Administrator –Unrestricted access to performing administrative tasks –Use sparingly Standard.
5.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

5.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.

Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.

Fall 2011 Nassau Community College ITE153 – Operating Systems Session 24 NTFS Permissions and Sharing Printers 1.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Chapter 3 – Creating and Managing User Accounts MIS 431 – Created Spring 2006.

Chapter 3 – Creating and Managing User Accounts MIS 431 – Created Spring 2006.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Creating and Managing User Accounts. Overview Introduction to User Accounts Guidelines for New User Accounts Creating Local User Accounts Creating and.

Creating and Managing User Accounts. Overview Introduction to User Accounts Guidelines for New User Accounts Creating Local User Accounts Creating and.
Chapter 7 Managing OUs and Active Directory Accounts

Chapter 7 Managing OUs and Active Directory Accounts
Module 2: Managing User and Computer Accounts

Module 2: Managing User and Computer Accounts
1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.

1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.
9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure.

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.

Similar presentations

Ads by Google