Windows Server 2008


Understanding USER, GROUP and COMPUTER tutorials
-
Names assigned to User, Group and Computer are used for assignment & reference purposes.
-
USER, GROUP & COMPUTER names must be unique can go up to 256 characters, however an associate display name only unto 64 characters.
-
By default Pre-windows 2000 name is the first 20 Characters of the standard name
-
Spaces, Period, Dashes and Underscore is allowed, however other special characters and symbols are not permitted.
-
Domain user accounts let users logon to network allow & access to domain resource
-
Each user account has a unique SID (Security Identifier) to identify the user to the windows server. A user can log on to the domain from any computer that is a member of the domain and can access resources on that computer or on other computers for which the domain user account has permission
-
Logon restrictions apply to users, not groups.
Managing USERS & GROUPS
-
In order to logon to Windows XP or Windows Server 2003 each users need USER A/C. Here computers can be organized into 2 group
WORKGROUP |
DOMAIN |
: :SAMIR SUS BOB |
À : : :SAMIR,SUS,BOB |
Here SAMIR can’t start 2nd or 3rd PC, same way SUS can’t start 1st or 3rd Pc…etcTo use another Pc, his/her user name has to be created on ALL Pcs |
All use a/c are stored on Domain controller here any user can logon to any Pc that are connected within domain |
Username & Password is Authenticated By SAM (Security Accounts Manager) |
Username & Password is Authenticated by AD (Active Directory) which is stored on DC (Domain Controller). When we install Domain Controller, SAM is migrated to AD |
No Centralization management,Easy to manage |
Centralized ManagementComplex, need Domain Administrator |
Right Click My Computer – Manage – Local Users and Group orSTART -- RUN – LUSRMGR.MSC |
Start – Administrative Tools – Active Directory User and Computer orSTART – RUN – DSA.MSC |