Chapter 12

Managing Windows User Accounts


Understanding user accounts

Creating user accounts

Setting account options

Working with groups

Creating a login script

Every user who accesses a network must have a user account. User accounts allow you — as network administrator — to control who can access the network and who can’t. In addition, user accounts let you specify what network resources each user can use. Without user accounts, all your resources would be open to anyone who casually dropped by your network.

Understanding Windows User Accounts

User accounts are among the basic tools for managing a Windows server. As a network administrator, you’ll spend a large percentage of your time dealing with user accounts — creating new ones, deleting expired ones, resetting passwords for forgetful users, granting new access rights, and so on. Before I get into the specific procedures of creating and managing user accounts, this section presents an overview of user accounts and how they work.

Local accounts versus domain accounts

A local account is a user account stored on a particular computer, applicable to that computer only. Typically, each computer on your network has a local account for each person who uses that computer.

By contrast, a domain account is a user account that’s stored by Active Directory (AD) and can be accessed from any computer that’s a part of the domain. Domain accounts are centrally managed. This chapter deals primarily with setting up and ...

Get Networking For Dummies, 11th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.