Windows Groups are containers used to organize users.
Windows Server 2003 has two types of Group Scopes and four
variants of Group Types.
Group Scopes.
Security Groups and Distribution Groups.
Security Groups have two functions:
1. Security Groups are used to manage user account and
computer account access to shared resources.
2. Security Groups are used to filter Group Policy Setting.
Distribution Groups have a single function:
Distribution Groups are used to create email distribution lists,
which enable you to send email to the members of the distribution group.
Group Types.
Local Groups, Domain Local Groups, Global Groups and Universal Groups
Local Groups are Groups that only have machine wide permissions,
which mean a local group provides a method of granting permissions
to resources on the local computer only.
Domain Local Groups are similar to Local Groups, but Domain Local
Groups can be used to grant permissions to any Windows 2000
Machine and higher to be able to access resources within its own
domain. This is still part of the 70-292 mcse.
Global Groups can be nested inside other Global Groups within its
own domain. Global Groups contain users and groups from its own
domain and are normally assigned to Local or Domain Local Groups
Universal Groups can be granted permissions to any object in its
Domain or Forest as well as Domains in other Forests in which a
trust has been established.
Computer Accounts provide a method of authenticating Computers
that log onto your Domain.
Computer Accounts can be created automatically such as when you
first log onto a Domain, or Computer Accounts can be created
manually, using Active Directory Users and Computers.
Managed Computer Accounts allow us to create Computers that
can be managed by a Remote Installation Server or RIS Server
which allows an Administrator to automatically install an Operating
System on the Computer.
Computer Accounts can also be created using the NET COMPUTER
command, the NETDOM utility and the DSADD Computer command.
Windows User Accounts User Accounts permit a User to log onto a
Computer or a Domain.
In Windows Server 2003, we use Active Directory Users and
Computers to create User Accounts. A User Account is what
Windows uses to identify and authenticate the user and grant
them access to resources inside the domain.
User Accounts can also be used by Windows Services to allow
the Service access to specific resources on the computer or network.
User Accounts can be created using the NET USER command and
the DSADD User command. This is explained in detail in 70-292
mcse training.
Active Directory Users and Computers enables an Administrator
to manipulate all aspects of User Accounts, such as the log on
hours, where the User can use Terminal Services, Exchange
Settings and much more.
Creating User Accounts Using Automation Computer Accounts
provide a method of authenticating Computers that log onto
your Domain.
Do you want to create a lot of User Accounts at one time? Or
perhaps you want to migrate a large list of User Accounts into
your Active Directory Domain?
In Windows Server 2003, we use Active Directory Users and
Computers to create User Accounts. A User Account is what
Windows uses to identify and authenticate the user and grant
them access to resources inside the domain.
User Accounts can also be used by Windows Services to allow
the Service access to specific resources on the computer or network.
In this video we show you how to use LDIFDE to create user
Accounts Automatically. LDIFDE is a command line utility that
enables you to import a text file containing User Accounts.
LDIFDE is incredibly flexible and powerful. Once you use LDIFDE,
you'll wonder why you never found it sooner!
CSVDE is a utility similar to LDIFDE, except CSVDE uses a CSV
file as the basis for importing new User Accounts. CSVDE is the
weapon of choice for many as you can use the more flexible
approach of importing a spreadsheet containing user accounts
and have CSVDE do the work.
The DS Commands, consisting of DSADD, DSGET, DSMOVE,
DSRM, DSQUERY and DSMOD are Active Directory commands
that you can use to automate and manipulate User Account
Creation and Modification. They are very powerful and show
be part of every Active Directory Administrators Toolkit.
Finally, there’s the good old NET USER command. This is a
legacy command, but it’s still useful for pumping out a few
quick User Accounts. This just a part of the 70-292 mcse
exam to let you see the detail of this training.
