Chapter 6. Users
Introduction
User accounts are some of the most frequently used objects in Active Directory; they create the means of authenticating and authorizing someone to access resources on your network. Because Windows server systems authenticate and authorize users primarily through Active Directory, many key issues that system administrators deal with are covered in this chapter. In particular, Active Directory manages information regarding user passwords; group membership; enabling, disabling, or expiring user accounts; and keeping track of when users have logged on to the network.
The Anatomy of a User
The default location for user
objects in a domain is the cn=Users
container directly off the domain root. You can, of course, create
user objects in other containers and
organizational units in a domain, or move them to these containers after
they’ve been created. Table 6-1
contains a list of some of the interesting attributes that are available
on user objects. This is by no means
a complete list. There are many other informational attributes that we
haven’t included.
Table 6-1. Attributes of user objects
Attribute | Description |
|---|---|
| Large integer representing when the user’s account is going to expire. See Setting a User’s Account Options (userAccountControl) for more information. |
| Relative distinguished
name of |
| Typically the full name of a user. This attribute is used in administrative ... |
Get Active Directory Cookbook, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
