Domain Users and Groups

-Creating a Domain User

-Adding a User to a Group (from the User account)

-Adding a User to a Group (from the group account)

-Creating a Group

Creating a Domain User.

In this case, we are creating a user called “helpdesk tech” In our class scenario, this account will be used by the Help Desk tech.

Launch VMware.

Open the Server (Domain Controller)
(“Server Manager” displays).

In Server Manager, click Tools/Active Directory Users and Computers.
(“Active Directory Users and Computers” displays)

Click the New User icon.
(“New Object – User” dialog box displays).

Fill in required fields.

Click Next.
(Password screen displays).

Enter a password in Password and Confirm password fields.

NOTE: “User must change password at next login”can be left as checked. . In real life, user might be given an initial password of something generic like “White123”, but the user will be forced to change it upon first login.

Click Next.
(Final screen displays).

Review information and click Finish.
(“Helpdesk tech” user is created. This user’s logon name is “HDTech”).

Adding a User to a Group (from the User account)

Adding the user to their appropriate group(s) will give the user the rights they need to perform their job function.

With Active Directory open, expand the domain.
(subfolders display).

Click Users.
(“Users” display)

Right-click the user account (e.g, “Help Desk tech”).
(menu displays).

Click Properties.
(“Properties” dialog box displays)

Click Member of tab
(“Member of” tab displays).

This user is already a member of the “Domain Users” group. As such, he/she can log into any machine on the domain.

Now, since this user is a help desk tech, let’s add him/her to “Domain Admins” group. This will give the tech added rights to perform their job.

Click Add.
(“Select Groups” dialog box displays)

In the “Enter the object names to select” field, enter Domain Admins.

Click Check Names.
(The group name is validated).

Click OK.
(The “Domain Admins” group has been added to the user’s profile)

Note: You can also add a user to a group by selecting the group first. See steps below:

Adding a User to a Group (from the Group account)

Right-click the group (e.g., “Domain Admins”).
(menu displays).

Click Properties.
(“Domain Admins Properties” dialog box displays)

Click Members tab
(“Members” tab displays).

Click Add.
(“Select Users, Contacts, Computers, Service Accounts, or Groups” dialog box displays).

In the “Enter the object names to select” field, enter the user’s name (e.g., “Help Desk”) to be added to the group.

Click Check Names.
(User name is validated).

Click OK.
(The user name displays in the group’s “Members” tab.)

User displays in the group

Click OK

Creating a Group

On the Domain Controller, launch Server Manager.
(Server Manager displays).

Click Tools/ Active Directory Users and Computers.
(“Active Directory Users and Computers” screen displays)

Highlight the container that you want to create the group in (e.g., “Users).

Click the “Create a new group in the Current container” icon.
(“New Object – Group” dialog box displays).

Enter the Group name (e.g., “IT Admins”) and select a Group scope (e.g., “Global”)
and a Group type (e.g, “Security”).

Click OK.
(Group is created).