Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 2 Creating Active Directory ® Domain Services User and Computer Objects.

Published byJoseph Heath Modified over 8 years ago

Similar presentations

Presentation on theme: "Module 2 Creating Active Directory ® Domain Services User and Computer Objects."— Presentation transcript:

1 Module 2 Creating Active Directory ® Domain Services User and Computer Objects

2 Module Overview Managing User Accounts Creating Computer Accounts Automating AD DS Object Management Using Queries to Locate Objects in AD DS

3 Naming options for domain user accounts: Names Associated with Domain User Accounts Object NamesExample Uniqueness requirement User logon nameGregory Must be unique within domain User logon name (pre-Microsoft ® Windows ® 2000) Woodgrove\Gregory Must be unique within domain User principal name (UPN) Gregory@WoodgroveBank.co m Must be unique within forest LDAP distinguished name CN=Gregory,OU=IT,DC= WoodgroveBank,DC=com Will be globally unique, combining RDN, container name, and domain names Relative distinguished name (RDN) CN=GregoryMust be unique in OU

4 User Account Password Options User object passwords are a significant aspect of network security and can have options configured for: Password history Length Complexity By default, Windows Server® 2008 domain passwords must meet three out of the following four complexity requirements: Uppercase Lowercase Special characters Numbers

5 You use different tools for creating and managing local and domain user accounts: Tools for Configuring User Accounts AccountTools Local computer account Windows XP and Windows Vista®: User Accounts Domain account Windows Server 2003/2008: Active Directory Users and Computers Command-line utilities: dsadd, Windows PowerShell™, CSVDE, LDIFDE

6 What Is a User Account Template? User accounts templates take advantage of similarity between user accounts To use user templates: Create several typical users reflecting various groups within your organization Copy the user account most like the new account you want to create Modify the attributes: names, e-mail address, logon name, etc. A user account template is an account with common properties already configured

7 Options for Creating Computer Accounts ScenarioProcess Adding individual computers to a domain Add the computer to the domain through computer system properties Account will be created by default in Computers container Creating multiple computer accounts in preparation for automating an operating system and software deployment 1. Create an OU for each department 2. Pre-stage new computer accounts 3. Add the computer to the domain

8 Managing Computer Accounts Computer management activities include: Adding computer accounts: provides computer name and specifies management option Disabling computer accounts: maintains account, but prevents log on from the account Resetting the computer account: resets the security association between the domain and the client computer (re-join necessary) Deleting computer accounts: removes computer from all domain services Configuring group policies: manages software or computer desktop environments

9 Configuring AD DS Objects Using Command-Line Tools Command-line tools: Dsadd - Add objects to AD DS Dsmod - Modify objects in AD DS Dsrm - Remove objects from AD DS Dsget - Locate objects in AD DS net user - Add or modify user accounts Net group - Add or modify group access Net computer - Add or remove computer objects from AD DS

10 filename.ldf Managing User Objects with LDIFDE Active Directory import export LDIFDE.exe

11 Managing User Objects with CSVDE filename.csv Active Directory import export CSVDE.exe HR Application

12 Results from one cmdlet can be pipelined to another Windows PowerShell Cmdlets Windows PowerShell cmdlets all use the same syntax Noun Verb Date ParametersExample Get Get-Date Start Service W3SVC Start-Service W3SVC Get-Service W3svc | format-list Get-Service | sort-object name Get-Service |where-object {$_.status –eq “running”} | sort-object name

13 Options for Locating Objects in AD DS Sorting: use column headings in Active Directory Users and Computers to find the objects based on the columns Searching: provide the criteria for which you want to search Command-line: dsquery parameter

14 What Is a Saved Query? Saved queries provide: A quick and consistent way to access a common set of directory objects to monitor or to perform specific tasks A saved query is a way to save search criteria Options for searching attributes (e.g. last logon date)

Download ppt "Module 2 Creating Active Directory ® Domain Services User and Computer Objects."

Similar presentations

Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
Module 5: Creating and Configuring Group Policy

Module 5: Creating and Configuring Group Policy
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Module 3: Configuring Active Directory Objects and Trusts.

Module 3: Configuring Active Directory Objects and Trusts.
11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.

11 WORKING WITH GROUPS Chapter 7. Chapter 7: WORKING WITH GROUPS2 CHAPTER OVERVIEW  Understand the functions of groups and how to use them.  Understand.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 5: Account Management.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 5: Account Management.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 3: Creating and Managing User Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 3: Creating and Managing User Accounts.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
Lesson 14: Creating and Managing Active Directory Users and Computers

Lesson 14: Creating and Managing Active Directory Users and Computers
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 4: Implementing and Managing Group and Computer Accounts.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Chapter 3 – Creating and Managing User Accounts MIS 431 – Created Spring 2006.

Chapter 3 – Creating and Managing User Accounts MIS 431 – Created Spring 2006.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 3: Creating and Managing User Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 3: Creating and Managing User Accounts.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW  Describe the process of adding a computer to.
11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.

11 WORKING WITH COMPUTER ACCOUNTS Chapter 8. Chapter 8: WORKING WITH COMPUTER ACCOUNTS2 CHAPTER OVERVIEW Describe the process of adding a computer to.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 3: Creating and Managing User Accounts.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 3: Creating and Managing User Accounts.

Similar presentations

Ads by Google