Chapter 18: Managing User Accounts and Parental Controls
At the office, your IT administrators will create and manage the user account you
need to log on to the network. You can use the techniques discussed in the “Logging
On, Switching, Locking, Logging Off, and Shutting Down” section of Chapter 1 to
log on to the network and access your account. If you have a problem with your
account, you can ask your IT administrators to help you resolve it.
At home, you have complete control over your computer. During installation, you
created the user account that you need to log on to your computer. When you are
logged on with an Administrator account rather than a standard user account, you
can create other accounts to allow other people to log on to your computer. You can
also manage user account settings as necessary.
While the user and group names are what Windows Vista displays to you, these
names aren’t the actual identifiers Windows Vista uses. Behind the scenes, when you
create a user or group account, Windows Vista assigns each user or group a unique
security identifier (SID). The SID consists of a computer or domain security ID pre-
fix combined with a unique relative ID for the user or group. The SID allows Win-
dows Vista to track an account independently from its display name. Windows Vista
does this to enable you to easily change account names, and delete accounts without
worrying that someone might gain access to resources simply by re-creating an
account with the same name as one you’ve deleted.
Thus, when you change a username or group name, you tell Windows Vista to map a
particular SID to a new display name. When you delete a user or group, you tell
Windows Vista that a particular SID is no longer valid. If you later were to create an
account with the same username or group name, the new account would not have
the same privileges and permissions as the previous one. This occurs because the
new account will have a new SID.
When you install Windows Vista, the operating system installs several types of
default accounts. The default user accounts are Administrator and Guest. The
default system accounts include LocalSystem, LocalService, and NetworkService.
You use these accounts as follows:
A standard account that provides complete access to your computer. To protect
your computer, the Administrator account should have a secure password.
A standard account that provides limited privileges on your computer. Because
this account can potentially put your computer at risk, the Guest account is dis-
abled by default.
A system account for running system processes and handling system tasks. The
operating system manages this account.