12.4. User Accounts

In an AD network, user accounts are managed with the AD Users and Computers utility, which you can install on any workstation in the enterprise. You use this tool to add and remove users, assign groups, and create an appropriate OU structure for organization, administration, and delegation of objects within your domain. You manage all user access attributes through this interface except for file, directory, and share permissions. You set file system permissions through Windows Explorer.

In addition to domain accounts, non-domain controllers in a Windows 2000 network can also have local accounts. You create local accounts to assign permissions to non-domain users. You can grant someone access to your workstation and the applications ...

Get Mastering™ Network Security, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.