Presentation is loading. Please wait.

Presentation is loading. Please wait.

حسابات المستخدمين و المجموعات

Published byDarlene Mills Modified over 8 years ago

Similar presentations

Presentation on theme: "حسابات المستخدمين و المجموعات"— Presentation transcript:

1 حسابات المستخدمين و المجموعات
نظم تشغيل 1

2 المحتوى 1 حسابات المستخدمين 1 إدارة حسابات المستخدمين 2
أنواع حسابات المستخدمين 3 المجموعات 4 التشكيلات الجانبية للمستخدمين 5

3 حسابات المستخدمين

4 حسابات المستخدمين حسابات المستخدمين المحلية
Local user accounts (stored on local computer) حسابات المستخدمين للمجال Domain user accounts (stored in Active Directory) Windows Server 2008 Domain

5 حسابات المستخدمين

6 حسابات المستخدمين Local user account Domain user account Logon screen

7 Logon Screen Welcome Screen Classic Screen شاشة الترحيب
الشاشة الكلاسيكية

8 Logon Screen

9 Logon Screen

10 إدارة حسابات المستخدمين
يمكن إدارة حسابات المستخدمين عن طريق: Control Panel Peer to Peer Network Computer Management Local Users and Groups Client/ Server Network Active Directory Active Directory Users and Computers

11 إدارة حسابات المستخدمين

12 إدارة حسابات المستخدمين

13 إدارة حسابات المستخدمين

14 إدارة حسابات المستخدمين

15 المستخدم أنواع حساب نوع الحساب يحدد الإجراءات التي يمكن للمستخدم تنفيذها على جهاز الكمبيوتر. Control Panel Administrator An account type determines the actions that a user can perform on the computer. Limited User Guest

16 المستخدم أنواع حساب

17 حسابات المستخدمين المضمنين
Built-in accounts

18 حسابات المستخدمين المضمنين

19 المجموعات Group مجموعة من حسابات المستخدمين.
المجموعات تبسط الإدارة من خلال تمكين تعيين الأذونات والحقوق لمجموعة من المستخدمين بدلا من تعيينها لكل حساب مستخدم لحاله. Groups simplify administration by enabling you to assign permissions and rights to a group of users rather than having to assign them for every user account. Group

20 Windows XP built-in Groups
Administrators Users Guests Power Users Backup Operators

21 المجموعات

22 المجموعات

23 Windows server 2008 Default Groups

24 Windows server 2008 Default Groups
Course 6425C Module 4: Managing Groups Windows server 2008 Default Groups Default local groups in the BUILTIN and Users containers Enterprise Admins, Schema Admins, Administrators, Domain Admins, Server Operators, Account Operators, Backup Operators, Print Operators Issues with these groups Highly overdelegated Account Operators, for example, can log on to a domain controller Protected Users who are members of these groups become protected and are not unprotected when removed Best practice: Keep these groups empty and create custom groups with the rights and privileges you require Objective: Describe the purpose of default groups. Keep the default (Builtin) groups empty, except for Administrators and Domain Admins, which should be tightly controlled. Discuss protection and AdminSDHolder. Many built-in groups are assigned a set of user rights automatically. These rights determine what each group and their members can do within a domain’s or forest’s scope. User rights authorize members of a group to perform specific actions, such as logging on to a local system or backing up files and folders. For example, a member of the Backup Operators group has the right to perform backup operations for all of the domain’s controllers. The best practice is to create custom groups with the specific rights and permissions you require, and not to use the overdelegated built-in groups. This also helps you avoid AdminSDHolder problems. Discuss AdminSDHolder to an extent that is appropriate for your audience. References For more information about protected accounts, see: Knowledge Base article at Knowledge Base article at If you want to search the Internet for resources, use the keyword, adminSDHolder. Microsoft TechNet provides an exhaustive reference to the default groups in a domain and to the default local groups. For reference information about local and domain groups, go to For reference information about default local groups, go to Default groups Windows Server 2008 Future Resources

25 User Profile User Profile:
Is a group of settings and files that defines the environment that the system loads when a user logs on. User Profile: هي مجموعة من الإعدادات والملفات التي يحملها النظام عندما يقوم المستخدم بتسجيل الدخول.

26 In each User Profile there is:

27 Default User & All Users

28 Types of User Profiles Windows security requires a user profile for each user account on a computer. The system automatically creates a local user profile for each user when the user logs on to the computer for the first time. The system automatically maintains the settings for each user's work environment in a user profile on the local computer. If a computer is running Windows 2000 Server or later on a network, users can store their profiles on the server. These profiles are called roaming user profiles. Roaming user profiles have the following advantages: Automatic resource availability. A user's unique profile is automatically available when he or she logs on to any computer on the network. Users do not need to create a profile on each computer they use on a network. Simplified computer replacement and backup. When a user's computer must be replaced, it can be replaced easily because all of the user's profile information is maintained separately on the network, independent of an individual computer. When the user logs on to the new computer for the first time, the server copy of the user's profile is copied to the new computer. A mandatory user profile is a special type of pre-configured roaming user profile that administrators can use to specify settings for users. With mandatory user profiles, a user can modify his or her desktop, but the changes are not saved when the user logs off. The next time the user logs on, the mandatory user profile created by the administrator is downloaded. There are two types of mandatory profiles: normal mandatory profiles and super-mandatory profiles. User profiles become mandatory profiles when the administrator renames the NTuser.dat file (the registry hive) on the server to NTuser.man. The .man extension causes the user profile to be a read-only profile. User profiles become super-mandatory when the folder name of the profile path ends in .man; for example, \\server\share\mandatoryprofile.man\. Super-mandatory user profiles are similar to normal mandatory profiles, with the exception that users who have super-mandatory profiles cannot log on when the server that stores the mandatory profile is unavailable. Users with normal mandatory profiles can log on with the locally cached copy of the mandatory profile. Only system administrators can make changes to mandatory user profiles.

29 Types of User Profiles Local user profile Roaming user profile
Stored on a computer's local hard disk Roaming user profile Follows user Stored on a server Mandatory user profile Cannot be modified

30 Temporary User Profile
يتم إصدار التشكيل الجانبي المؤقت للمستخدم في كل مرة يحدث خطأ يمنع تحميل التشكيل الجانبي للمستخدم . يتم حذف ملفات التشكيل الجانبي المؤقت في نهاية كل جلسة، ويتم فقدان التغييرات التي قام بإجرائها المستخدم على إعدادات سطح المكتب والملفات عندما يقوم المستخدم بتسجيل الخروج. التشكيلات الجانبية المؤقتة متاحة فقط على أجهزة الكمبيوتر التي تشغل Windows 2000 والإصدارات الأحدث. A temporary user profile is issued each time an error condition prevents the user's profile from loading. Temporary profiles are deleted at the end of each session, and changes made by the user to their desktop settings and files are lost when the user logs off. Temporary profiles are only available on computers running Windows 2000 and later.

31 Best Practices أفضل الممارسات لإنشاء حسابات المستخدمين
تعطيل حساب Guest تعطيل حساب لن يتم استخدامه على الفور الطلب من المستخدمين تغيير كلمات المرور الخاصة بهم في المرة الأولى التي يقومون فيها بتسجيل الدخول

32 Best Practices

33 Maintain at least two accounts A standard user account
Course 6425C Module 2: Administering Active Directory® Securely and Efficiently Secure Administration with Least Privilege, Run As Administrator, and User Account Control Maintain at least two accounts A standard user account An account with administrative privileges Log on to your computer as a standard user Do not log on to your computer with administrative credentials Start administrative consoles with Run As Administrator Right-click the console and click Run As Administrator Click Use another account Enter the user name and password for your administrative account Objective: Understand the importance of User Account Control and secondary logon. Discuss the reasons behind non-administrative logon. Report the fact that many organizations do not allow administrators to log on directly with their administrative credentials. Ask students: Why it is risky to log on with administrative credentials? The privileges of the credentials could be used, accidentally or intentionally, to harm the environment. Ask students: What is the disadvantage of logging on with standard-user, non-administrative credentials? It is difficult to perform administrative tasks if you have to repeatedly enter administrative credentials. Describe the concept of using Run As Administrator to run processes that require elevation. The processes you start, run with an elevated credential, but the Explorer shell, and all processes that it spawns, run with standard user privileges. You will be demonstrating Run As Administrator next, so you do not have to detail the steps shown on this slide—it can be a reference for students as you perform the demonstration. Reference Using Run as:

34 Best Practices

35 Best Practices

36 المدربة نجلاء العرفاوي
Thank You ! المدربة نجلاء العرفاوي

Download ppt "حسابات المستخدمين و المجموعات"

Similar presentations

Managing User, Computer and Group Accounts

Managing User, Computer and Group Accounts
Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
1 Module 3 Setting Up User Accounts. 2  Overview Introduction to User Accounts Planning New User Accounts Creating User Accounts Deleting and Renaming.

1 Module 3 Setting Up User Accounts. 2  Overview Introduction to User Accounts Planning New User Accounts Creating User Accounts Deleting and Renaming.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
 Overview User Accounts Groups User Rights Permissions.

 Overview User Accounts Groups User Rights Permissions.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 6: Configure and Troubleshoot Local User and Group Accounts.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.

Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.
Window NT Workstation and Server. Windows NT refers to two products workstation server can act as both a client and server in a network environment.

Window NT Workstation and Server. Windows NT refers to two products workstation server can act as both a client and server in a network environment.
Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:

Chapter 5: Configuring Users and Groups. Windows Vista User Accounts User accounts are the primary means of authentication Built-in Accounts –Administrator:
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.

11 MANAGING USERS AND GROUPS Chapter 13. Chapter 13: MANAGING USERS AND GROUPS2 OVERVIEW  Configure and manage user accounts  Manage user account properties.
بروتوكول الانترنت نظم تشغيل 1.

بروتوكول الانترنت نظم تشغيل 1.
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Module 8: Implementing Administrative Templates and Audit Policy.

Module 8: Implementing Administrative Templates and Audit Policy.
Creating and Managing User Accounts. Overview Introduction to User Accounts Guidelines for New User Accounts Creating Local User Accounts Creating and.

Creating and Managing User Accounts. Overview Introduction to User Accounts Guidelines for New User Accounts Creating Local User Accounts Creating and.
Windows Server 2003 使用者及電腦帳號管理 林寶森

Windows Server 2003 使用者及電腦帳號管理 林寶森
Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.

Active Directory Administration Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Creating Users, Computers, and Groups Automate creation.
70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.

70-270: MCSE Guide to Microsoft Windows XP Professional Chapter 5: Users, Groups, Profiles, and Policies.
Working with Workgroups and Domains

Working with Workgroups and Domains

Similar presentations

Ads by Google