1 / 22

Goals

Goals. Create computer accounts Manage computer account properties Locate and move computer accounts Troubleshoot computer accounts. (Skill 1). Creating Computer Accounts. Computer account Required for computers running Windows Server 2003, Windows 2000, Windows XP, and Windows NT

beth
Download Presentation

Goals

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Goals • Create computer accounts • Manage computer account properties • Locate and move computer accounts • Troubleshoot computer accounts

  2. (Skill 1) Creating Computer Accounts Computer account • Required for computers running Windows Server 2003, Windows 2000, Windows XP, and Windows NT • Is used to determine access rights for the computer and Group Policies applied to that machine, regardless of the logged on user • When installing Active Directory on a server, a computer account is automatically created for the new domain controller in the domain by the Dcpromo utility

  3. (Skill 1) Creating Computer Accounts (2) Creating a computer account • To create a computer account before the computer is added to the domain (preemptively), use the Active Directory Users and Computers console • You can also create a computer account in the default containers by joining a client or member server to a domain • You can also preemptively create computer accounts using the command line application, Dsadd.exe

  4. (Skill 1) Creating Computer Accounts (3) Required permissions • The Add Workstations to Domain right (allows all users who have logged on to the domain to create up to 10 computer accounts) • The Create computer objects permission on the container in which the account will be created (allows the user to create an unlimited number of computer accounts in that specific container)

  5. (Skill 1) Figure 8-1 Using Active Directory Users and Computers to create a new computer account

  6. (Skill 1) Designates that this machine is a Windows NT computer, which uses lower levels of authentication security Designates that this machine is a Windows NT backup domain controller Figure 8-2 The New Object – Computer dialog box

  7. (Skill 1) Figure 8-3 The Network Identification tab on the System Properties dialog box (Windows 2000 Professional)

  8. (Skill 1) Figure 8-4 The Identification Changes dialog box (Windows 2000 Professional)

  9. (Skill 1) Figure 8-5 The Domain Username and Password dialog box Figure 8-6 The Network Identification: Welcome to the domain message

  10. (Skill 2) Managing Computer Account Properties • After you create a computer account, you can view and modify the properties of the account • Account Properties dialog box for a computer account • Object • Security • Dial-in • Delegation • General • Operating System • Member Of • Location • Managed By

  11. (Skill 2) Figure 8-7 The General tab (Windows 2000 Native domains)

  12. (Skill 2) Figure 8-8 The Member Of tab

  13. (Skill 2) Figure 8-9 The Managed By tab

  14. (Skill 2) Figure 8-10 The Object tab

  15. (Skill 2) Figure 8-11 The Delegation tab (Windows Server 2003 domains)

  16. (Skill 3) Locating and Moving Computer Accounts • Original locations • Computer accounts for member servers and clients are created in the Computers container in the domain • Computer accounts for domain controllers are created in the Domain Controllers OU by default • Use the Active Directory Users and Computers console to move computer accounts • Select the computer account or accounts to move and right-click • Select Move to open the Move dialog box and select the appropriate OU • Alternatively, you can select the accounts and drag them into the appropriate OU

  17. (Skill 3) Locating and Moving Computer Accounts (2) • To locate a particular computer account • Right-click the component of Active Directory to search in (such as a specific OU or the entire domain) and click Find • Choose Computers in the Find list box and type the name (or partial name) of the computer in the Computer name text box • You can also search based on the role of the computer (Workstation/Server or Domain Controller)

  18. (Skill 3) Figure 8-12 The Move dialog box

  19. (Skill 3) Figure 8-13 Opening the Find Computers dialog box

  20. (Skill 3) Figure 8-14 The Find Computers dialog box

  21. (Skill 4) Troubleshooting Computer Accounts • Typical problems • Problems related to the computer account password • Problems related to restoring the computer’s configuration using an outdated (older than 7 days) System State backup or Automated System Recovery (ASR) backup set • The accidental deletion of the computer account from the domain controller • Solutions • In most cases, you can solve the majority of computer account-related problems by recreating the account • If this is not feasible (such as when this problem occurs on a domain controller), reset the computer account password in Active Directory Users and Computers

  22. (Skill 4) Figure 8-15 Resetting a computer account

More Related