IN THIS CHAPTER
Understanding user accounts
Creating user accounts
Setting account options
Working with groups
Creating a login script
Every user who accesses a network must have a user account. User accounts allow you — as network administrator — to control who can access the network and who can’t. In addition, user accounts let you specify what network resources each user can use. Without user accounts, all your resources would be open to anyone who casually dropped by your network.
User accounts are among the basic tools for managing a Windows server. As a network administrator, you’ll spend a large percentage of your time dealing with user accounts — creating new ones, deleting expired ones, resetting passwords for forgetful users, granting new access rights, and so on. Before I get into the specific procedures of creating and managing user accounts, this section presents an overview of user accounts and how they work.
A local account is a user account stored on a particular computer, applicable to that computer only. Typically, each computer on your network has a local account for each person who uses that computer.
By contrast, a domain account is a user account that’s stored by Active Directory (AD) and can be accessed from any computer that’s a part of the domain. Domain accounts are centrally managed. This chapter deals primarily with setting up and ...