A. To add a new user to a domain you need to logon to the Server as an Administrator and run the User Manager for Domains Utility. Before adding a new user however, you should consider the different naming conventions that can be used, and there are really 4 main standards
- Last name plus initial - This is probably the most popular, and for John Savill would give SavillJ
- First name plus last name initial - e.g. JohnS, however you will quickly run out and may need to use middle initial as well etc.
- First name initial plus last name - e.g. JSavill
- First name plus number - e.g. John34, the problem with this is it is not easy to recognize the person.
It is important to stick to a standard, however unless this is a new installation, there will already be a standard to follow at your company. To add a user:
- Start User Manager for Domains (Start - Programs - Administrative Tools - User Manager for Domains)
- Select New User from the User Menu
- In the username field enter the name the user will use to logon, e.g.
savillj. Case is not important however stick to a common format. The
username can be up to 20 characters in length and you can use a
combination of letters/numbers/punctuation's except for the following
" \[\] ? / \ ; : | = ,
You can use spaces in the user name, however this is not a good idea as you would need to put the name in quotes whenever you enter a command relating to the account.
- Although the Full Name field is not mandatory it is a good idea to fill it in with the persons real name. There are several NT utilities that dump out the user information and this name is displayed, and with this in mind you may like to put the last persons name first, e.g. Savill, John for future readability
- The Description field is as the name implies, just a description of the person, i.e. "Sales Manager", however you put what you like for Description :-)
- You need to enter a password for the new user which they will use the first time they logon, and this is entered twice, once in the "password" field, and again in the "confirm password" field. The password is case sensitive so make sure you enter the password in the correct case both times and tell the user where you use capitals/lowercase.
- You will see 4 check boxes
- User Must Change Password at Next Logon - It is a good idea to select this, and the first time the user logs on they will need to change the password
- User Cannot Change Password - Not a good idea, you would only really use this for a shared account
- Password Never Expires - Again not a good idea, this would be a security risk as permanent passwords are frowned on
- Account Disabled - A means for suspending an account
- Click on the Groups button at the bottom of the dialog box
- Select a group on the right hand side and click Add to make the new user a member of that group
- Click OK when finished
- Next click on the profile button
- In the profiles you can enter the path for the users profile, e.g. \\savpdc\profiles.
- In the logon script section you can enter the name of a batch file to be run when the user logs on. You only need to enter the name of the batch file, and not the full UNC location as it will assume the logon script is in the netlogon share
- You can also setup the users home directory, which can either be a local area, or more commonly a share on a network drive.
- Click OK when finished
- It is also possible to set logon hours for each user by clicking the Logon button
- By clicking the "Logon To" button you can restrict which workstations the user can logon to.
- The Account button allows you to setup an account expiry time, and the account type
- Finally the DialIn button allows you to give accounts the ability to dial in, and whether or not to allow callback.