1 / 55

Efficient User and Computer Account Management Guide

Learn how to create, modify, and manage user and computer accounts effectively. Understand naming conventions, best practices, and account hierarchy placement. Practice creating accounts and templates.

preciousj
Download Presentation

Efficient User and Computer Account Management Guide

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Module 2: Managing User and Computer Accounts

  2. Overview • Creating User Accounts • Creating Computer Accounts • Modifying User and Computer Account Properties • Creating a User Account Template • Enabling and Unlocking User and Computer Accounts • Resetting User and Computer Accounts • Locating User and Computer Accounts in Active Directory • Saving Queries

  3. Lesson: Creating User Accounts • What Is a User Account? • Names Associated with Domain User Accounts • Guidelines for Creating a User Account Naming Convention • User Account Placement in a Hierarchy • User Account Password Options • When to Require Password Changes • How to Create User Accounts • Best Practices for Creating User Accounts

  4. What Is a User Account? Local user accounts (stored on local computer) Domain user accounts (stored in Active Directory) Windows Server 2003 Domain Multimedia: Types of User Accounts

  5. Names Associated with Domain User Accounts

  6. Guidelines for Creating a User Account Naming Convention A convention for naming user accounts should accommodate: • Employees with duplicate names • Different types of employees, such as temporary or contract employees

  7. Geopolitical Design Business Design North America Accounting Users Users South America Sales Users Users User Account Placement in a Hierarchy

  8. User Account Password Options

  9. When to Require or Restrict Password Changes

  10. How to Create User Accounts Your instructor will demonstrate how to: • Create a domain user account • Create a local user account

  11. Practice: Creating User Accounts In this practice, you will: • Create a local user account by using Computer Management • Create a domain account by using Active Directory Users and Computers • Create a domain user account by using Run as • Create a domain user account by using dsadd

  12. Best practices for creating local user accounts • Do not enable the Guest account • Limit the number of people who can log on locally Best practices for creating domain user accounts • Disable an account that will not be used immediately • Require users to change their passwords the first time that they log on Best Practices for Creating User Accounts

  13. Lesson: Creating Computer Accounts • What Is a Computer Account? • Why Create a Computer Account? • Where Computer Accounts Are Created in a Domain • Computer Account Options • How to Create a Computer Account

  14. What Is a Computer Account? • Identifies a computer in a domain • Provides a means for authenticating and auditing computer access to the network and to domain resources • Is required for every computer running: • Windows Server 2003 • Windows XP Professional • Windows 2000 • Windows NT

  15. Why Create a Computer Account? • Security • Authentication • IPSec • Auditing • Management • Active Directory features: • Software deployment • Desktop management • Hardware and software inventory through SMS

  16. Computers that join a domain are created in the Computers container Computer accounts can be moved to or created in other organizational units Where Computer Accounts Are Created in a Domain

  17. Computer Account Options

  18. How to Create a Computer Account Your instructor will demonstrate how to: • Create a computer account by using Active Directory Users and Computers • Create a computer account by using dsadd

  19. Practice: Creating a Computer Account In this practice, you will • Create a computer account by using Active Directory Users and Computers • Create a computer account by using dsadd

  20. Lesson: Modifying User and Computer Account Properties • When to Modify User and Computer Account Properties • Properties Associated with User Accounts • Properties Associated with Computer Accounts • How to Modify User and Computer Account Properties

  21. When to Modify User and Computer Account Properties Modify user account properties to: • Make it easier to use search capabilities to find users • Match a company’s organizational hierarchy • Determine the group membership of a user account Modify computer account properties to: • Assist in asset tracking (Location property) • Document who manages a computer (Managed By property)

  22. Properties Associated with User Accounts The Properties dialog box for a user account contains:

  23. Properties Associated with Computer Accounts The Properties dialog box for a computer account contains:

  24. How to Modify User and Computer Account Properties Your instructor will demonstrate how to modify user and computer accounts

  25. Practice: Modifying User and Computer Account Properties In this practice, you will modify user and computer account properties

  26. Lesson: Creating a User Account Template • What Is a User Account Template? • What Properties Are in a Template? • Guidelines for Creating User Account Templates • How to Create a User Account Template

  27. What Is a User Account Template? • A user account template is a user account that contains the properties that apply to users with common requirements • User account templates make creating user accounts with standardized configurations more efficient User AccountTemplate

  28. What Properties Are in a Template?

  29. Create a separate classification for each department • Create a separate group for short-term and temporary employees • Set user account expiration dates for short-term and temporary employees • Disable the account template • Identify the account template Guidelines for Creating User Account Templates

  30. How to Create a User Account Template Your instructor will demonstrate how to create a user account template

  31. Practice: Creating a User Account Template In this practice, you will create a user account template

  32. Lesson: Enabling and Unlocking User and Computer Accounts • Why Enable and Disable User and Computer Accounts? • How to Enable and Disable User and Computer Accounts • What Are Locked-out User Accounts? • How to Unlock User Accounts

  33. Why Enable or Disable User and Computer Accounts?

  34. How to Enable and Disable User and Computer Accounts Your instructor will demonstrate how to enable and disable user and computer accounts

  35. What Are Locked-out User Accounts? • The account lockout threshold: • Defines the number of failed logon attempts • Prevents hackers from guessing user passwords • An account can exceed the account lockout threshold by too many failed logon attempts: • At the logon screen • At a screen saver protected by a password • When accessing network resources

  36. How to Unlock User Accounts Your instructor will demonstrate how to unlock user accounts

  37. Practice: Enabling and Disabling User and Computer Accounts In this practice, you will enable and disable a user account and computer account

  38. Lesson: Resetting User and Computer Accounts • When to Reset Passwords • How to Reset Passwords • When to Reset Computer Accounts • How to Reset Computer Accounts

  39. When to Reset User Passwords • Reset a password when a user forgets his or her password • After resetting a password, a user can no longer access some types of information, including: • E-mail that is encrypted with the user’s public key • Internet passwords that are saved on the computer • Files that the user has encrypted

  40. How to Reset User Passwords Your instructor will demonstrate how to reset user passwords

  41. When to Reset Computer Accounts Reset computer accounts when: • Computers fail to authenticate to the domain • Passwords need to be synchronized

  42. How to Reset Computer Accounts Your instructor will demonstrate how to reset computer accounts

  43. Practice: Resetting a User Account Password In this practice, you will reset the password for a user account

  44. Lesson: Locating User and Computer Accounts in Active Directory • Multimedia: Introduction to Locating User and Computer Accounts in Active Directory • Search Types • How to Search for Active Directory Objects • How to Search Using Common Queries • Using a Custom Query

  45. Multimedia: Introduction to Locating User and Computer Accounts in Active Directory This presentation will explain how to locate objects in Active Directory

  46. Search Types Basic query criteria include: • Object type • Location • General values associated with the object, such as name and description

  47. How to Search for Active Directory Objects Your instructor will demonstrate how to search for Active Directory objects

  48. How to Search Using Common Queries Your instructor will demonstrate how to search for Active Directory objects by using common queries

  49. (&(&(objectCategory=user)(l=Denver)(&(objectCategory=person) (objectClass=user)(userAccountControl=1.2.840.113556.1.4.803:=2)))) Using a Custom Query

  50. Practice: Locating User and Computer Accounts In this practice, you will locate user and computer accounts that meet specific criteria

More Related