User Manager for Domains User Manager for Domains

  • Slides: 8
Download presentation
User Manager for Domains

User Manager for Domains

User Manager for Domains 4 Manages the user accounts in a domain 4 It

User Manager for Domains 4 Manages the user accounts in a domain 4 It is located in the PDC çWhile User Manager exists in each NT machine, but it is local to each machine 4 Its core is a shared database of users çSAM (Security Access Manager) çpart of the PDC registry

UMD Functions 4 Create, modify, and delete user accounts in the domain 4 Define

UMD Functions 4 Create, modify, and delete user accounts in the domain 4 Define user’s desktop environment and network connections 4 Assign logon scripts to user accounts 4 Manage groups and trust relationships 4 Manage a domain’s security policies 4 Changes only take effect after user logs off and logs on

User manager main screen and user properties 4 The main screen is shown here

User manager main screen and user properties 4 The main screen is shown here 4 User properties 4 account type and expiration date 4 Username, Password and Full Name 4 Logon script, workstations and hours 4 Profile 4 User accounts are assigned a SID (security identifier) when created -- never reused 4 looks like: S-1 -5 -D 1 -D 2 -D 3 -RID

Guest account security 4 Guest account is NOT secure like in UNIX 4 You

Guest account security 4 Guest account is NOT secure like in UNIX 4 You cannot delete the guest account, but you should be sure it is disabled 4 DOS, WFW and Windows 95 do not require login to a domain 4 NT WS does require but you can log to the local machine and to the network with guest privileges if Guest is enabled 4 Guest is member of the Everyone group.

Creating an user account 4 The process is graphical-oriented 4 New user dialog (the

Creating an user account 4 The process is graphical-oriented 4 New user dialog (the one shown is missing the hours, logon and account icons) 4 Assigning group membership dialog 4 by default an user can log any time in any workstation, but you can change this 4 You can set logon expiration of passwords 4 You should setup the user home directory, logon script name and profile path 4 Of course you can copy user accounts and rename them (templates)

Managing Security Policies 4 Account, characteristics of passwords 4 User Rights, which user or

Managing Security Policies 4 Account, characteristics of passwords 4 User Rights, which user or group is assigned what system rights 4 Audit, what kind of security events are to be logged 4 Trust Relationships, how domains interact (not shown)

System Policy Editor 4 Automatically installed in the NT Server, not in workstations see

System Policy Editor 4 Automatically installed in the NT Server, not in workstations see it here 4 You can set a variety of restrictions to users 4 their desktop color and wallpaper settings 4 their control panel display access 4 their system access 4 many shell characteristics 4 DON’T try it if you are not an experienced administrator, and don’t touch default user and computer

WP 7 MULTI DOMAINS WP 7 Multi domainsWP 7 MULTI DOMAINS WP 7 Multi domains
Kindred Domains Detecting and Clustering Botnet Domains UsingKindred Domains Detecting and Clustering Botnet Domains Using
Three Domains of Life Protists Three Domains ofThree Domains of Life Protists Three Domains of
Domains and Kingdoms Chapter 17 3 3 DomainsDomains and Kingdoms Chapter 17 3 3 Domains
Finite Constraint Domains 1 Finite Constraint Domains ConstraintFinite Constraint Domains 1 Finite Constraint Domains Constraint
DNA binding domains and activation domains of transcriptionDNA binding domains and activation domains of transcription
Domains The 3 Domains are Archaea Eubacteria andDomains The 3 Domains are Archaea Eubacteria and