Domain Users and Groups
In this case, we are creating a user called “helpdesk tech” In our class scenario, this account will be used by the Help Desk tech.
Open the Server (Domain Controller)
(“Server Manager” displays).
In Server Manager, click Tools/Active Directory Users and Computers.
(“Active Directory Users and Computers” displays)
Click the New User icon.
(“New Object – User” dialog box displays).
Fill in required fields.
(Password screen displays).
Enter a password in Password and Confirm password fields.
NOTE: “User must change password at next login”can be left as checked. . In real life, user might be given an initial password of something generic like “White123”, but the user will be forced to change it upon first login.
(Final screen displays).
Review information and click Finish.
(“Helpdesk tech” user is created. This user’s logon name is “HDTech”).
Adding the user to their appropriate group(s) will give the user the rights they need to perform their job function.
With Active Directory open, expand the domain.
Right-click the user account (e.g, “Help Desk tech”).
(“Properties” dialog box displays)
Click Member of tab
(“Member of” tab displays).
This user is already a member of the “Domain Users” group. As such, he/she can log into any machine on the domain.
Now, since this user is a help desk tech, let’s add him/her to “Domain Admins” group. This will give the tech added rights to perform their job.
(“Select Groups” dialog box displays)
In the “Enter the object names to select” field, enter Domain Admins.
Click Check Names.
(The group name is validated).
(The “Domain Admins” group has been added to the user’s profile)
Note: You can also add a user to a group by selecting the group first. See steps below:
Right-click the group (e.g., “Domain Admins”).
(“Domain Admins Properties” dialog box displays)
Click Members tab
(“Members” tab displays).
(“Select Users, Contacts, Computers, Service Accounts, or Groups” dialog box displays).
In the “Enter the object names to select” field, enter the user’s name (e.g., “Help Desk”) to be added to the group.
Click Check Names.
(User name is validated).
(The user name displays in the group’s “Members” tab.)
User displays in the group
On the Domain Controller, launch Server Manager.
(Server Manager displays).
Click Tools/ Active Directory Users and Computers.
(“Active Directory Users and Computers” screen displays)
Highlight the container that you want to create the group in (e.g., “Users).
Click the “Create a new group in the Current container” icon.
(“New Object – Group” dialog box displays).
Enter the Group name (e.g., “IT Admins”) and select a Group scope (e.g., “Global”)
and a Group type (e.g, “Security”).
(Group is created).