chapter creating and managing users and groups n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
CHAPTER Creating and Managing Users and Groups PowerPoint Presentation
Download Presentation
CHAPTER Creating and Managing Users and Groups

Loading in 2 Seconds...

play fullscreen
1 / 81

CHAPTER Creating and Managing Users and Groups - PowerPoint PPT Presentation


  • 148 Views
  • Uploaded on

CHAPTER Creating and Managing Users and Groups. Chapter Objectives. Explain the use of Local Users and Groups Tool in the Systems Tools Option to create and manage user accounts Describe the various account related properties of a user

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CHAPTER Creating and Managing Users and Groups' - joshua


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
chapter objectives
Chapter Objectives
  • Explain the use of Local Users and Groups Tool in the Systems Tools Option to create and manage user accounts
  • Describe the various account related properties of a user
  • Present different options that are available to define a user’s network environment
chapter modules
Chapter Modules
  • User Manager in Windows NT
  • Adding a User
  • Setting Additional User Account Properties
  • Adding Multiple Users
  • Account Policy
  • User Environment: Home Directory
  • User Environment: User Profiles
  • User Environment: Logon Scripts
  • User Rights
generic networking model
Generic Networking Model

Network OS

Installation

Hardware

Installation

User

Configuration

module

MODULE

User Manager of Windows NT

© N. Ganesan, All rights reserved.

module objectives
Module Objectives
  • Authorized user managers
  • The user manager module
  • Ways of launching the user manager
    • From start, through shortcut and by running usrmgr
  • Case study domain details
  • Case study users in the domain
who can create user accounts
Who Can Create User Accounts?
  • Administrators
  • Domain Administrators
  • Account Operators
user manager
User Manager
  • The GUI module that enables user management
  • Activation
    • Through the start menu
    • Through command level activation by running the command usrmgr
    • From an already created short-cut
creating a short cut the steps
Creating a Short Cut: The Steps

C:\Winnt\Profiles\All Users\

Start Menu\Programs\

Administrative Tools\

User Manager for Domains

Explorer

Right Click

Create

Shortcut

Drag and place

on the desktop screen.

activating the user manager demonstration
Activating the User Manager: Demonstration

Running

usrmgr

From Start

Shortcut

domain details
Domain Details

NAFTA

US

Canada

Mexico

users in the domain
Users in the Domain

Administrator

California

Texas

Nevada

module1

MODULE

Adding a User

© N. Ganesan, All rights reserved.

module objectives1
Module Objectives
  • The steps for adding a user
  • Password options
  • Demonstration of adding a user
  • Further notes on the user
adding a user steps
Adding a User: Steps

User

Manager

User

New

User

Username

Full

Name

Description

Password

password options
Password Options

Password Options

User must

change PW.

User cannot

change PW.

PW never

expires.

Add User

adding users demonstration
Adding Users: Demonstration

Adding the user California.

notes on the user
Notes on the User
  • A user created becomes a member of the built-in User group
  • Additional user account properties can be set:
    • at the time of creation of the account
    • later through the User Properties feature
module2

MODULE

Setting Additional User

Account Properties

© N. Ganesan, All rights reserved.

module objectives2
Module Objectives
  • Reaching user properties menu
  • User optional properties
  • Assignment to groups
  • Profile
  • Hours restriction
  • Workstation access restriction
  • Account properties
  • Dial-in properties
  • Demonstration of properties configuration
reaching user properties menu
Reaching User Properties Menu
  • The menu can be reached through the User Manager for Domain Window
    • Select user and double-click
    • Select user and select Properties from the User Option from the top
user optional properties
User Optional Properties

Groups

Logon To

Profile

Account

Hours

Dialin

groups
Groups
  • Enables the user to be assigned to a group
    • The user acquires the group privileges
  • Enable a user to be removed from a group
groups demonstration
Groups Demonstration

Administrator

Server

Operator

Etc.

To be assigned

User

California

Default

profile
Profile
  • User Profile Path
  • Logon Script Name
  • Local Path to Home Directory
  • User environment profile is discussed later
hours
Hours
  • Restricting the user to a fixed time period for using the network
  • For demonstration:
    • User California is restricted to logon to the network from 8:00 a.m. to 6:00 p.m., Monday to Friday
logon to
Logon To
  • Restricting the user to a predefined number of workstations on the network
    • The network can be accessed only from these workstations
demonstration of logon to
Demonstration of Logon To

US

Others

Canada

Mexico

California

account
Account
  • Account time limit
    • Never expires or
    • Specify expiry date
  • Account type
    • Global for possible entry into other domains
    • Local for restricting to local resources
  • For demonstration:
    • User California’s account will never expire
dial in
Dial-in
  • Allows the user dial-in access to the network
  • Provides callback for security verification
  • For the purpose of demonstration:
    • User California will be given dial-in access privileges
    • Callback security will not be imposed
dial in setup
Dial-in Setup

California

Dial-in with no callback security.

Modem

US

Canada

Mexico

additional properties demonstration
Additional Properties: Demonstration

Groups

Hours

Logon To

Account

Dial-in

module3

MODULE

Adding Multiple Users

© N. Ganesan, All rights reserved.

module objectives3
Module Objectives
  • Copying user account details
    • Overview, case example and demonstration
  • Changing the account properties of multiple users
  • Operation on multiple users
copying user account details
Copying User Account Details
  • Can be copied from an existing user while creating a new user
  • Properties can then be modified to customize the new user properties
copying user account details case example
Copying User Account Details: Case Example

Copy account

details to new user

Nevada from California

Modify Nevada, if required.

changing the account properties of multiple users
Changing the Account Properties of Multiple Users
  • Multiple users can be chosen for account property modification
  • Example:
    • Enforcing the same logon time restriction on a group of users
operation on multiple users case example
Operation on Multiple Users: Case Example

Administrator

Texas

Nevada

Addition to administrator group and then

deletion from administrator group.

module4

MODULE

Account Policy

© N. Ganesan, All rights reserved.

module objectives4
Module Objectives
  • Account policy for all users in the domain
  • Password protection
  • Account lockout protection
  • Other protection
  • Account policy setting demonstration
user account policy for all users in the domain
User Account Policy for All Users in the Domain
  • Major components
    • Password related
    • Account lockout related
  • Password
    • Security against password guessing
  • Account lockout
    • Thwart unauthorized attempt to access the network
password protection
Password Protection

Maximum PW age.

Minimum PW age.

Maximum PW

length.

PW uniqueness.

account lockout protection
Account Lockout Protection

Lockout after ___

bad logon attempts

Lockout duration:

Forever or in

minutes.

Reset counter after

______ minutes.

other protection
Other Protection

Disconnect remote users after logon

time expires.

Require users to logon to change

password.

module5

MODULE

User Environment:

Home Directory

© N. Ganesan, All rights reserved.

module objectives5
Module Objectives
  • User environment
  • Overview of a home directory
  • Creating a home directory: Case example
  • The steps for creating a home directory
  • Demonstration of home directory creation
  • Linking the user to the home directory
user environment
User Environment
  • Home Directory
  • User Profile
  • Login Script
home directory
Home Directory
  • Often provided for each user
  • The user often has exclusive right to the files in this directory
creating a home directory case example
Creating a Home Directory: Case Example

California

Drive H:

US

\\US\Users\California

Canada

Mexico

creating a home directory steps
Creating a Home Directory: Steps

Set California for

sharing.

Create

\\US\Users\California

User Manager/User

Environment Profile

Select Connect

To

Specify

Path to the Home

Directory.

Drive Letter

Specify

home directory creation the two step process
Home Directory Creation: The Two-Step Process

Create a home directory on the server, through

administrative share, if creating from a workstation.

Assign the drive letter H for the user to

connect to the home directory.

module6

MODULE

User Environment:

User Profiles

© N. Ganesan, All rights reserved.

module objectives6
Module Objectives
  • User profiles defined
  • Types of user profiles
  • Local profiles
  • Network profiles
  • Types of network profiles
user profiles defined
User Profiles Defined
  • Defines the network environment for the user
  • A powerful means of customizing a user’s access to the network
    • Program groups
    • Network drives
    • Access to multi-user applications etc.
types of user profiles
Types of User Profiles

Profiles

Local Profiles

Roaming

(Network)

Profiles

Mandatory User

Profiles

Personal User

Profiles

local profiles
Local Profiles
  • Stored locally on the workstation
  • Applies locally to the workstation for a user
network profiles
Network Profiles
  • Applies to a user irrespective of the workstation on which the user enters (Logon) the network
  • Also know as the roaming profile
types of network profiles
Types of Network Profiles
  • Personal user profiles
    • Created and managed by the user
  • Mandatory user profiles
    • Created and managed by the network administrator
    • Permitted changes made by the user are lost at the end of the network session
module7

MODULE

User Environment:

Logon Scripts

© N. Ganesan, All rights reserved.

module objectives7
Module Objectives
  • Definition of logon script
  • Usage
logon script defined
Logon Script Defined
  • Executed during logon
  • Sets network environmental variables for a user
    • Mapping a directory etc.
usage
Usage
  • Better suited for other network environments
  • For NT profiles are preferred that would achieve the same effect with less programming
module8

MODULE

User Rights

© N. Ganesan, All rights reserved.

module objectives8
Module Objectives
  • Overview of user rights
  • General procedure for specifying user rights
  • Sample rights of built-in accounts
user rights
User Rights
  • Can be defined independently
  • In general:
    • Users are assigned to groups with predefined user rights
  • Groups can be built-in groups or created groups
specifying a user right the general procedure
Specifying a User Right: The General Procedure
  • Assign the user to a built-in group
  • Customize, if required, to suit the application requirements of the user
    • Security concerns must also be enforced
sample rights of built in accounts
Sample Rights of Built-in Accounts
  • Add workstation to domain
    • Administrators and Account Operators
  • Assign user rights
    • Administrators
  • Allow and disallow sharing of directories
    • Administrators, Server Operators, Power Users
  • Allow and disallow sharing of printers
    • Administrators, Server Operators, Print Operators and Power Users