Difference between revisions of "Windows Accounts"

From Stadm
Jump to navigationJump to search
Line 30: Line 30:
 
*Click on the "Remote Desktop Services Profile" tab and type in the profile path to where the users profile is located, also select the Home Folder to be mounted to the users folder on the network share
 
*Click on the "Remote Desktop Services Profile" tab and type in the profile path to where the users profile is located, also select the Home Folder to be mounted to the users folder on the network share
 
[[File:AD_rds.png|350px|Remote Desktop Services Profile]]
 
[[File:AD_rds.png|350px|Remote Desktop Services Profile]]
 +
 
==Group Policy==
 
==Group Policy==
 
*Group Policy is a great way to configure commonly deployed settings to both Users and Computers, below we show some commonly used Group Policy settings and how to apply them to only certain users/groups or computers
 
*Group Policy is a great way to configure commonly deployed settings to both Users and Computers, below we show some commonly used Group Policy settings and how to apply them to only certain users/groups or computers

Revision as of 10:39, 7 July 2015

Windows Administration

Purpose

  • Guide to how to setup a New User with a roaming profile using the GUI in Windows(RSAT)
  • The rest of this guide assumes you have RSAT installed and know the common tools to administer a Windows computer, if not check out this wiki first: http://wiki.eri.ucsb.edu/stadm/Windows_Administration
  • Common tools to edit/add users/groups and attributes in Active Directory
Active Directory Users and Computers - dsa.msc 
Group Policy Management - gpmc.msc
  • These can be run from the Run box(Windows Key +R) or can be found under Administrative Tools in the control panel
  • All domain joined computers logged in with a domain administrator account can manage the domain as long as you have RSAT installed, the following does not need to be run from any Server, it can be run from a local Windows 7 box as long as it is joined to the domain

Adding User/Group

  • A user or a group can be manually added through the GUI from any domain joined computer
  • Open Active Directory Users and Computers and navigate to the Organizational Unit(OU) you wish to create a user in.

Active Directory Users and Computers

  • As shown above right click inside the organizational unit and you will get a drop down menu of items(you can also left click the "Action" button in the toolbar if in the appropriate OU to get the same menu)
  • Navigate to New and in there you will have options to create a new User or Group along with other options

Create User Create Group

Editing Unix Attributes

  • To change attributes about a user using the GUI find the user in the appropriate OU. Right click on the users name and hit "Properties"

Edit Properties

  • Inside of Properties you can change the Users information such as name, but more importantly you have options to add in user profiles, remote desktop profiles, unix attributes, etc.

See Properties

  • If you originally click the "Unix Attributes" tab there should be nothing inside of it, to give a user a specific UID number look at the example on the right

Unix UID None Unix UID

Setting User Roaming Profile

  • Setting a users roaming profile is relatively straight forward, right click on the user you want to set a profile for and enter in the UNC path to where the folder is located

Roaming User Profile

  • For users that specifically use RDS we want to set up profiles a little differently, luckily there is a tab for setting up profiles only for when logging into an RDS server
  • Click on the "Remote Desktop Services Profile" tab and type in the profile path to where the users profile is located, also select the Home Folder to be mounted to the users folder on the network share

Remote Desktop Services Profile

Group Policy

  • Group Policy is a great way to configure commonly deployed settings to both Users and Computers, below we show some commonly used Group Policy settings and how to apply them to only certain users/groups or computers
  • Open up Group Policy Management: gpmc.msc

Common Group Policies

  • In many domain environments a lot of computers will have the same settings that have to be applied across all of them, a good example of this is networking and firewall rules
  • While we can go individually to each computer and manually type in multiple search suffixes or a firewall rule to allow Incoming Echo requests(ping) it would take forever on multiple computers, in this example we show you how to apply a Group Policy Object to a set of computers

Adding Group Policy Object

Editing Group Policy Object

Deleting Group Policy Object

Windows Syncing Group Policy