How to configure and manage local and domain user account properties
You should be familiar in configuring and managing local as well as domain user accounts to get job as system / network administrator. There may be slight variation from windows 2000, 2003 and 2008 to configure and manage user accounts. I will explain this using windows server 2003 domain controller and windows 2003 member server. I have installed 2 windows server 2003 servers in VMware and connected them in networking using VMnet1. I am using windows 2003 member server to explain about configuring local user account and windows server 2003 domain controller to explain about configuration of domain user account.
Step-by-step procedure to configure properties of a local user account.
- Click start – Right click on My Computer – Click Manage
- “Computer Management” screen will be opened
- Click on + before Local Users and Groups and click Users
- You should find some users listed in the right pane of the screen ex: like Administrator, Guest …etc
- You can create one dummy user to test this experiment, I have created a user account using the name “testuser” for this experiment purpose
- Double click on the user account you want to configure or right click on the user account and click properties from the menu that appears
- You will get the “testuser properties” window
- You can view and configure many properties of a particular user account using this window
- In general tab of this screen you can give full name and description of a user account and can assign various password options. Each option has it’s specific significance.
- If you select “User must change password at next logon” option, user will be asked by computer when he logs on to a computer first time. He has to change his password for first time.
- “User can not change password” and “Password never expires options” are disabled when you select the “User must change password at next logon” option
- “User can not change password” option specifies the user cannot change assigned password. This setting will be done by an administrator to the user account which will be used by more than one person such as guest account.
- “Password never expires” option specifies the password never expires even when there is a “Maximum password age” setting in the password policy in group policy.
- “Account is disabled” option specifies the user account is disabled when it is selected. Administrator can disable any user account whenever it is required to do.
- “Account is Locked Out” option is not available to lock an account. The account will be locked out automatically when a user tries specified number of wrong password entries in password policy in group policy and it is available to unlock by users of administrator group.
- In the Member of tab you can add this user to any group by using Add Button. The permissions of the user account will be changed according to the group membership.
- In the profile tab you can assign user’s profile folder, home folder and user’s logon script file. The logon scripts for a local user accounts must be stored in the SystemRoot\System32 folder.
- Environment tab will be used to configure terminal services startup environment. These settings override client-specified settings
- Sessions tab is used to set the Terminal services timeout and reconnection settings
- Remote control tab is used to configure terminal services remote control settings
- Terminal services profile tab is used to configure the Terminal services user profile
- Dial-In tab is used to configure the Dial-in properties for the local user account. This option is used to give permission to access a Remote access server
Step-by-step procedure to configure properties of a domain user account
- Click Start – Programs – Administrative Tools – Active Directory Users and Computers
- Click on + located before domain name (mydomain.com in my case) and click users
- You should be able to see the list of users listed in the right pane
- Double click on the user account you want to configure properties. or You can right click on the user account you want to configure and click properties
- The User Account properties dialog box appears on the screen with lot of tabs to configure user account properties
- The General tab will be used to configure First name, Last Name, Display Name, Description, Office, Telephone, Email and Web Page…etc of a user account
- The Address tab is used to configure the complete postal address including Zip/Postal code and Country of a user
- The Account tab is used to configure the account related settings like Logon Hours and Logon To
- The Profile tab is used to configure a profile path, logon script file and home folder path of a user account
- The Telephone tab is used to configure all the telephone numbers related to a user account
- The Organization tab is used to configure all the information about title, department, company and his manager of a user account
- The “Remote Control, Terminal Services Profile, Sessions and Environment” tabs are related to Terminal Server as explained in the configuring local user account properties in earlier steps in this article
- The Dial-in tab is used to configure the Remote Access Permission (Dial-in or VPN) settings of a user account
- The Member of tab is used to configure the group membership of a user account
- The COM+ tab is used to set the membership of the COM+ partition set
In above steps some of the screens may be confused in configuring because it’s dependence on other type of servers like Terminal server, Remote Access Server and Virtual Private Network Server. Please ask me if you are unable understand any of them. You can ask a question using comments form provided below.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.
Comments
No comments yet.
Leave a comment