11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

Slides:



Advertisements
Similar presentations
Chapter Five Users, Groups, Profiles, and Policies.
Advertisements

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 7: Troubleshoot Security Settings and Local Security.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Chapter 8 Chapter 8: Managing Accounts and Client Connectivity.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 4 Managing Group Policy.
12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Administering Active Directory
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 5: User Environment and Multiple Languages.
70-270, MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter Six Creating and Managing User.
Chapter 3 – Creating and Managing User Accounts MIS 431 – Created Spring 2006.
© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.
Module 2: Managing User and Computer Accounts
1 Chapter Overview Planning an Audit Policy Implementing an Audit Policy Using Event Viewer.
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
Working with Workgroups and Domains
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Using Group Policy to Manage User Environments. Overview Introduction to Managing User Environments Introduction to Administrative Templates Assigning.
September 18, 2002 Introduction to Windows 2000 Server Components Ryan Larson David Greer.
1 Group Account Administration Introduction to Groups Planning a Group Strategy Creating Groups Understanding Default Groups Groups for Administrators.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Guide to Operating System Security Chapter 4 Account-based Security.
Managing User Accounts, Passwords and Logon Chapter 5 powered by dj.
6.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 6: Administering User Accounts.
IOS110 Introduction to Operating Systems using Windows Session 7 1.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 
Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks.
With Windows XP, you can share files and documents with other users on your computer and with other users on a network. There is a new user interface.
C HAPTER 6 NTFS PERMISSIONS & SECURITY SETTING. INTRODUCTION NTFS provides performance, security, reliability & advanced features that are not found in.
Windows Server 2003 Overview 1 Windows 2003 Server Overview Ayaz
Fall 2011 Nassau Community College ITE153 – Operating Systems Session 22 Local Security Polcies 1.
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 UNDERSTANDING USER ACCOUNTS  Local user accounts  stored in the Security.
PC Maintenance: Preparing for A+ Certification Chapter 23: Using a Windows Network.
DIT314 ~ Client Operating System & Administration CHAPTER 5 MANAGING USER ACCOUNTS AND GROUPS Prepared By : Suraya Alias.
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
8.1 © 2004 Pearson Education, Inc. Exam Designing a Microsoft ® Windows ® Server 2003 Active Directory and Network Infrastructure Lesson 8: Planning.
Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.
September 18, 2002 Windows 2000 Server Active Directory By Jerry Haggard.
© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.
70-270: MCSE Guide to Microsoft Windows XP Professional 1 Windows XP Professional User Accounts Designed for use as a network client for: Windows NT Windows.
Introduction to Microsoft Management Console (MMC) MMC is a common console framework for management applications. MMC provides a common environment for.
1 Chapter Overview Understanding User Accounts Planning New User Accounts Creating, Modifying, and Deleting User Accounts Setting Properties for User Accounts.
1 Part-1 Chap 5 Configuring Accounts Definitions.
CHAPTER Creating and Managing Users and Groups. Chapter Objectives Explain the use of Local Users and Groups Tool in the Systems Tools Option to create.
Chapter 10: Rights, User, and Group Administration.
Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.
Page 1 User Accounts Lecture 3 Hassan Shuja 09/21/2004.
Managing Local Users & Groups. OVERVIEW Configure and manage user accounts Manage user account properties Manage user and group rights Configure user.
Administering Group Policy Chapter Eleven. Exam Objectives in this Chapter  Plan a Group Policy strategy using Resultant Set of Policy Planning mode.
NetTech Solutions Supporting Local Users and Groups Lesson Three.
NetTech Solutions Security and Security Permissions Lesson Nine.
Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for.
CHAPTER 5 MANAGING USER ACCOUNTS & GROUPS. User Accounts Windows 95, 98 & Me do not need a user account like Windows XP Professional to access computer.
Chapter 7 Server Management Policies –User accounts –Groups Rights and permissions Examples.
4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.
6/19/2016 أساسيات الأتصال و الشبكات Communication & Networks Fundamentals lab 4.
Configuring the User and Computer Environment Using Group Policy Lesson 8.
Chapter Objectives In this chapter, you will learn:
Creating and Managing User Accounts
Chapter 8: Managing Accounts and Client Connectivity
Presentation transcript:

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3

Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference between local and domain accounts  Create and modify a user account in Microsoft Windows XP Professional Edition  Explain the use of and configure groups  Configure Fast User Switching  Troubleshoot common password and logon problems  Explain the difference between local and domain accounts  Create and modify a user account in Microsoft Windows XP Professional Edition  Explain the use of and configure groups  Configure Fast User Switching  Troubleshoot common password and logon problems

Chapter 3: Supporting Local Users and Groups3 SUPPORTING LOCAL USERS AND GROUPS (CONTINUED)  Explain how Local Security Policy affects a computer running Windows XP  Use the Local Security Policy tool to change security settings  Identify the important security settings that are available through Local Security Policy  Explain how Local Security Policy affects a computer running Windows XP  Use the Local Security Policy tool to change security settings  Identify the important security settings that are available through Local Security Policy

Chapter 3: Supporting Local Users and Groups4 LOCAL ACCOUNTS  Local accounts are used for the following activities:  To gain initial access to the computer  To control access to local computer resources  To control access to network resources  Specific to one PC only  Used in a workgroup setting  Local accounts are used for the following activities:  To gain initial access to the computer  To control access to local computer resources  To control access to network resources  Specific to one PC only  Used in a workgroup setting

Chapter 3: Supporting Local Users and Groups5 LOCAL ACCOUNTS right click my computer and choose manage

Chapter 3: Supporting Local Users and Groups6 USER ACCOUNTS  Account management is a comprehensive topic that includes:  Auditing of account activity  Creation of user and group accounts, and management of account properties  Password and account lockout policy configuration  User rights assignments  Account management is a comprehensive topic that includes:  Auditing of account activity  Creation of user and group accounts, and management of account properties  Password and account lockout policy configuration  User rights assignments

Chapter 3: Supporting Local Users and Groups7 DEFAULT USER ACCOUNTS – can not be deleted  Administrator – Most important user  Guest – limited privileges, used for guests  HelpAssistant – builtin for remote assistance  SUPPORT_susux – used by Microsoft when providing remote support through Help and Support Service.  Administrator – Most important user  Guest – limited privileges, used for guests  HelpAssistant – builtin for remote assistance  SUPPORT_susux – used by Microsoft when providing remote support through Help and Support Service.

Chapter 3: Supporting Local Users and Groups8 CREATING USER ACCOUNTS

Chapter 3: Supporting Local Users and Groups9 USER ACCOUNT PROPERTIES, GENERAL TAB

Chapter 3: Supporting Local Users and Groups10 USER ACCOUNT PROPERTIES, PROFILE TAB

Chapter 3: Supporting Local Users and Groups11 USER ACCOUNT ACTION MENU

Chapter 3: Supporting Local Users and Groups12 GROUP ACCOUNTS  Group accounts are used to simplify the assignment of security features by associating user accounts that have common needs.  For example the administrators group will store all users who have administrative rights on the local machine.  Group accounts are used to simplify the assignment of security features by associating user accounts that have common needs.  For example the administrators group will store all users who have administrative rights on the local machine.

Chapter 3: Supporting Local Users and Groups13 DEFAULT GROUP ACCOUNTS  There are several default, built-in groups in Windows XP Professional Edition. The most common of these are:  Administrators group  Backup Operators group  Guest group  Power Users group  Users group  There are several default, built-in groups in Windows XP Professional Edition. The most common of these are:  Administrators group  Backup Operators group  Guest group  Power Users group  Users group

Chapter 3: Supporting Local Users and Groups14 CREATING GROUP ACCOUNTS

Chapter 3: Supporting Local Users and Groups15 SECURITY IDENTIFIERS (SIDS)  User accounts and groups are considered security principals. Meaning that you can grant them access on a computer. Every security principal has a unique Security Identifier (SID) assigned to it at the time of creation.  Basically a number associated with a user or a group used for tracking security settings. It is easier for the OS to track a number rather than a Name.  User accounts and groups are considered security principals. Meaning that you can grant them access on a computer. Every security principal has a unique Security Identifier (SID) assigned to it at the time of creation.  Basically a number associated with a user or a group used for tracking security settings. It is easier for the OS to track a number rather than a Name.

Chapter 3: Supporting Local Users and Groups16 LIMITATIONS OF WINDOWS XP HOME EDITION  Cannot create local groups  Local Users And Groups tool is not available—must use User Accounts tool  Supports only two types of accounts:  Computer Administrator  Limited  Does not have an account named Administrator  Cannot join a domain  Cannot create local groups  Local Users And Groups tool is not available—must use User Accounts tool  Supports only two types of accounts:  Computer Administrator  Limited  Does not have an account named Administrator  Cannot join a domain

Chapter 3: Supporting Local Users and Groups17 USER PROFILES  User profiles store user-specific configuration settings, such as customized desktops and personalized application settings

Chapter 3: Supporting Local Users and Groups18 Types of profiles Windows XP supports  Local – available only on the PC it was created on. XP pro and Home support this  Roaming – stored in a shared folder on a network server and are accessible from any location in a network. Only XP Pro.  Mandatory – roaming profiles that users cannot make permanent changes to. Mandatory profiles are used to enforce configuration settings. Only XP Pro.  Local – available only on the PC it was created on. XP pro and Home support this  Roaming – stored in a shared folder on a network server and are accessible from any location in a network. Only XP Pro.  Mandatory – roaming profiles that users cannot make permanent changes to. Mandatory profiles are used to enforce configuration settings. Only XP Pro.

Chapter 3: Supporting Local Users and Groups19 DOCUMENTS AND SETTINGS FOLDER – Storage Location for Local Profiles  Windows stores local user profiles in the Documents And Settings folder. This folder stores several files and folders containing configuration information and data for each user profile.

Chapter 3: Supporting Local Users and Groups20 LOCAL USER PROFILES  A local user profile is available only from the system on which it was created  A unique local user profile is created and stored on each computer a user logs on to  A local user profile is available only from the system on which it was created  A unique local user profile is created and stored on each computer a user logs on to

Chapter 3: Supporting Local Users and Groups21 HANDLING MULTIPLE PROFILES FOR THE SAME USER NAME  If a Windows XP Professional Edition computer is a member of a Windows domain, two users with the same user account name can log on to the same system.  If there were 2 Matts that logged onto a local machine 2 separate folders would be created. 1. C:\documents and settings\matt 2. C:\documents and settings\matt. where is the name of the local PC  If a Windows XP Professional Edition computer is a member of a Windows domain, two users with the same user account name can log on to the same system.  If there were 2 Matts that logged onto a local machine 2 separate folders would be created. 1. C:\documents and settings\matt 2. C:\documents and settings\matt. where is the name of the local PC

Chapter 3: Supporting Local Users and Groups22 ROAMING USER PROFILES – stored on a network server - this helps avoid the following 2 problems  Users will have a different profile on each machine they log on to  Without regular backup, if the local machine crashes, the profile could be lost  Users will have a different profile on each machine they log on to  Without regular backup, if the local machine crashes, the profile could be lost

Chapter 3: Supporting Local Users and Groups23 ENABLING ROAMING PROFILES  Create and share a folder on the server that will hold the roaming profiles  Make sure that the users have access to the shared folder  Specify the location of the roaming profile folder  Create and share a folder on the server that will hold the roaming profiles  Make sure that the users have access to the shared folder  Specify the location of the roaming profile folder

Chapter 3: Supporting Local Users and Groups24 ADDITIONAL POINTS ON ROAMING PROFILES  Roaming profiles are generally used in a domain environment  In a domain account, a roaming profile is created and configured once on a domain controller  Roaming profiles are generally used in a domain environment  In a domain account, a roaming profile is created and configured once on a domain controller

Chapter 3: Supporting Local Users and Groups25 MANDATORY USER PROFILES  Mandatory user profiles are applied to roaming user profiles. When a profile is made mandatory, users are unable to save changes to desktop settings.  Used when you don’t want users to change settings, such as desktop backgrounds and icons.  Mandatory user profiles are applied to roaming user profiles. When a profile is made mandatory, users are unable to save changes to desktop settings.  Used when you don’t want users to change settings, such as desktop backgrounds and icons.

Chapter 3: Supporting Local Users and Groups26 FAST USER SWITCHING  Allows multiple local user accounts to log on to a computer simultaneously  Users can switch sessions without logging off or closing programs  Running programs still consume computer resources  This can really slow down the PC. I would not recommend using it.  Allows multiple local user accounts to log on to a computer simultaneously  Users can switch sessions without logging off or closing programs  Running programs still consume computer resources  This can really slow down the PC. I would not recommend using it.

Chapter 3: Supporting Local Users and Groups27 TROUBLESHOOTING PASSWORD PROBLEMS  The user is mistyping the user name, password, or both  The user has the CAPS LOCK key engaged  The user is mistyping the user name, password, or both  The user has the CAPS LOCK key engaged

Chapter 3: Supporting Local Users and Groups28 SECURITY POLICY  Security policy is a combination of security settings that affect the security on a computer  Computers that are members of a workgroup are subject only to Local Security Policy  Computers that are members of a domain are subject to both Local Security Policy and Group Policy  Security policy is a combination of security settings that affect the security on a computer  Computers that are members of a workgroup are subject only to Local Security Policy  Computers that are members of a domain are subject to both Local Security Policy and Group Policy

Chapter 3: Supporting Local Users and Groups29 ORDER OF POLICY APPLICATION 1. Local Computer Policy is applied to the computer 2. Group Policy settings are applied for the Active Directory site of which the computer is a member 3. Group Policy settings are applied for the Active Directory domain of which the computer is a member 4. Group Policy settings configured for the Active Directory OU of which the computer is a member are applied 1. Local Computer Policy is applied to the computer 2. Group Policy settings are applied for the Active Directory site of which the computer is a member 3. Group Policy settings are applied for the Active Directory domain of which the computer is a member 4. Group Policy settings configured for the Active Directory OU of which the computer is a member are applied

Chapter 3: Supporting Local Users and Groups30 RESULTANT SET OF POLICY  Policy settings are cumulative, so all settings contribute to effective policy. The effective policy is called the Resultant Set of Policy (RSoP).

Chapter 3: Supporting Local Users and Groups31 ACCESSING LOCAL SECURITY POLICY

Chapter 3: Supporting Local Users and Groups32 CONFIGURABLE SECURITY OPTIONS  There are quite a few configurable security options in Windows XP  Including:  Shutdown: Allow System To Be Shut Down Without Having To Log On  Microsoft Network Server: Amount Of Idle Time Required Before Suspending A Session  Network Security: Force Logoff When Logon Hours Expire  Other security options  There are quite a few configurable security options in Windows XP  Including:  Shutdown: Allow System To Be Shut Down Without Having To Log On  Microsoft Network Server: Amount Of Idle Time Required Before Suspending A Session  Network Security: Force Logoff When Logon Hours Expire  Other security options

Chapter 3: Supporting Local Users and Groups33 PASSWORD POLICY  Enforce password history  Maximum password age  Minimum password age  Minimum password length  Passwords must meet complexity requirements  Store password using reversible encryption for all users in the domain  Enforce password history  Maximum password age  Minimum password age  Minimum password length  Passwords must meet complexity requirements  Store password using reversible encryption for all users in the domain

Chapter 3: Supporting Local Users and Groups34 ACCOUNT LOCKOUT POLICY  Account Lockout Policy allows you to configure the computer to stop responding to logon requests from a user who has a valid logon name but who keeps entering the incorrect password. The policy settings are as follows:  Account Lockout Duration  Account Lockout Threshold  Reset Account Lockout After  Account Lockout Policy allows you to configure the computer to stop responding to logon requests from a user who has a valid logon name but who keeps entering the incorrect password. The policy settings are as follows:  Account Lockout Duration  Account Lockout Threshold  Reset Account Lockout After

Chapter 3: Supporting Local Users and Groups35 AUDITING  Auditing consists of two major components:  Audit policy  Audit entries  Auditing consists of two major components:  Audit policy  Audit entries

Chapter 3: Supporting Local Users and Groups36 CHOOSING EVENTS TO AUDIT  There are several types of events that can be audited based on the specific security needs of the given system.  Table 3-1 lists these Auditable events  There are several types of events that can be audited based on the specific security needs of the given system.  Table 3-1 lists these Auditable events

Chapter 3: Supporting Local Users and Groups37 POTENTIAL EVENTS TO AUDIT  Shutting down and restarting the computer  Users logging on at odd hours  Users logging on to computers they wouldn’t normally log on to  Users attempting to log on unsuccessfully  Changes to user and group accounts  Printer usage  Access to particular files and folders  Shutting down and restarting the computer  Users logging on at odd hours  Users logging on to computers they wouldn’t normally log on to  Users attempting to log on unsuccessfully  Changes to user and group accounts  Printer usage  Access to particular files and folders

Chapter 3: Supporting Local Users and Groups38 CONFIGURING AUDIT POLICY  Configure the audit policy  Enable auditing on specific resources  Configure the audit policy  Enable auditing on specific resources

Chapter 3: Supporting Local Users and Groups39 VIEWING AUDIT ENTRIES IN THE SECURITY LOG

Chapter 3: Supporting Local Users and Groups40 CHAPTER SUMMARY  Local user accounts are used to gain initial access to a computer and to control local resources.  Local groups are used to simplify the assignment of security features by associating user accounts that have common needs.  User profiles store user-specific configuration settings, such as customized desktops and personalized application settings.  Local user accounts are used to gain initial access to a computer and to control local resources.  Local groups are used to simplify the assignment of security features by associating user accounts that have common needs.  User profiles store user-specific configuration settings, such as customized desktops and personalized application settings.

Chapter 3: Supporting Local Users and Groups41 CHAPTER SUMMARY (CONTINUED)  Windows stores local user profiles in the Documents And Settings folder. This folder stores several files and folders containing configuration information and data for each user profile.  Password problems are a common issue with users. Make sure that they are typing their logon information correctly and that the Caps Lock key is not engaged.  Windows stores local user profiles in the Documents And Settings folder. This folder stores several files and folders containing configuration information and data for each user profile.  Password problems are a common issue with users. Make sure that they are typing their logon information correctly and that the Caps Lock key is not engaged.

Chapter 3: Supporting Local Users and Groups42 CHAPTER SUMMARY (CONTINUED)  Security policy is a combination of security settings that affect the security on a computer. Computers that are members of a workgroup are subject only to Local Security Policy. Computers that are members of a domain are subject to both Local Security Policy and Group Policy.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.