Users, Groups, Profiles, and Policies - PowerPoint PPT Presentation

1 / 35
About This Presentation
Title:

Users, Groups, Profiles, and Policies

Description:

Cannot be used with network resources. Used to identify individuals and to record ... A collection of user specific settings that are retained across logins ... – PowerPoint PPT presentation

Number of Views:71
Avg rating:3.0/5.0
Slides: 36
Provided by: pbcc
Category:

less

Transcript and Presenter's Notes

Title: Users, Groups, Profiles, and Policies


1
Users, Groups, Profiles, and Policies
  • Chapter Five

2
Windows XP Professional User Accounts
  • Local user account
  • Exists on a single computer
  • Cannot be used with network resources
  • Used to identify individuals and to record
    activity, control access, and retain settings
  • The only user account that can be created,
    configured, and managed by Windows XP
    Professional
  • Domain user account
  • Can be used throughout a domain

3
Windows XP Professional User Accounts
  • Imported user account
  • A local account created by duplicating name and
    password of an existing domain account
  • Can only be used when the Windows XP Professional
    system is able to communicate with the domain of
    the original account

4
Windows XP Professional User Accounts
  • A Windows XP Professional system can be
  • A standalone system where all users access local
    resources through a common user account that
    automatically logs into the system upon bootup
  • A standalone system where each user logs into the
    system with a unique user account to gain access
    to local resources
  • A network client where each user logs into the
    system with a unique domain/network user account
    to gain access to network and local resources

5
Windows XP Professional User Accounts
  • Used to uniquely identify a user to the system
    using a named user account and a password
  • Store details about security settings, access
    permissions, and preferences (password policy,
    account lockout policy, audit policy, user rights
    assignment, security options, public key
    policies, IP security policies)

6
Windows XP Professional User Accounts
  • Multiple-user systems
  • Operating systems (such as Windows XP) that can
    support more than one user
  • Windows XP implements its multiple-user system
    through the following
  • Groups
  • Resources
  • Policies
  • Profiles

7
Windows XP as a Multiple-user System
  • Groups
  • Named collections of users
  • Resources
  • Any useful service or object
  • Printers
  • Shared directories
  • Software applications

8
Windows XP as aMultiple-user System
  • Policies
  • Set of configuration options that define security
  • Used to define password restrictions, account
    lockouts, user rights, and event auditing
  • Can be defined for a user, computer, or a group
  • Profiles
  • A collection of user specific settings that are
    retained across logins

9
Logging On to Windows XP Professional
  • Logon authentication
  • The requirement to provide a name and password to
    gain access to the computer
  • Purpose of logon authentication
  • Maintains security and privacy within a network
  • Tracks computer use by user account

10
Default User Accounts
  • Administrator
  • Guest

11
Administrator
  • Unlimited access and unrestricted privileges to
    every aspect of Windows XP (all security
    settings, other users, groups, operating system
    environment, printers, shares, and storage
    devices)
  • Must be protected from misuse
  • Define a complicated password
  • Rename the account

12
Characteristics of the Administrator Account
  • Cannot be deleted
  • Cannot be locked out (disabled due to repeated
    failed logon attempts)
  • Cannot be disabled (made unusable for logon)
  • Cannot be removed from the Administrators local
    group
  • Can be renamed

13
Guest
  • Has limited access to resources and computer
    activities
  • Should be protected from misuse
  • Set a new password for the account
  • Allow use only by authorized one-time users or
    users with low-security access

14
Characteristics of theGuest Account
  • Cannot be deleted
  • Can be locked out
  • Can be disabled (default)
  • Can have a blank password (default)
  • Can be renamed

15
Naming Conventions
  • Standardized regular methods of creating names
    for user accounts, computers, directories,
    network shares, printers, and servers
  • Common rules
  • Construct user names from users first and last
    name, plus a code identifying the job title or
    department(e.g, BobSmithAccounting)
  • Construct group names from resource types,
    department names, location names, project names,
    or combinations of all four (e.g., Accounting01)

16
Elements of Naming Conventions
  • Must be consistent across all objects
  • Must be easy to use and understand
  • New names should be easily constructed by
    mimicking composition of existing names
  • An objects name should clearly identify that
    objects type

17
Managing User Accounts
  • Users and Passwords applet
  • Accessed via Control Panel
  • Used to create a local user account out of an
    existing domain account
  • Local Users and Groups MMC snap-in
  • Accessed via Advanced button on Advanced tab of
    Users and Passwords applet
  • Used to create local user accounts from scratch

18
Users and Passwords Applet
  • Can only be opened if
  • You are logged into the Windows XP Professional
    system with the Administrator account, or
  • Logged on with a user account which is a member
    of the Administrators group, or
  • By providing the username, password, and domain
    when attempting to launch the applet

19
Users and Passwords Applet
  • Users tab
  • Displays all user accounts that can be employed
    to gain local access
  • Advanced tab
  • Grants access to certificate management, advanced
    user management, and secure boot settings
  • Add button
  • Add New User wizard
  • Properties button
  • Access to basic properties for the selected user
    account

20
Users and Passwords Applet
21
Users and Passwords Applet
22
Users and Passwords Applet
23
Local Users and GroupsMMC Snap-in
  • Used to create and manage local users only
    imported users do not appear in this interface
  • Console tree hosts two nodes
  • Users
  • Contains all local user accounts
  • Groups
  • Contains all local group accounts

24
Local UsersMMC Snap-in
25
Local GroupsMMC Snap-in
26
Users Node
  • Displays all existing local user accounts
  • Properties dialog box has three tabs
  • General
  • Member Of
  • Profile

27
Users Node
28
Users Node
29
Users Node
30
Users Node
31
Groups Node
  • Displays all existing local groups, which are
    used to give a specific level of access to
    multiple users through a single management action
  • Two types of groups
  • Local groups
  • Exist only on the computer where they were
    created
  • Can have users and global groups as members
  • Global groups
  • Exist throughout a domain
  • Can only be created on a Windows XP Server system

32
Windows XP Professional Default Groups
  • Administrators
  • Backup Operators
  • Guests
  • Power Users
  • Replicator
  • Users

33
Windows XP Professional Default Groups
34
System Groups
  • Pre-existing groups that cannot be managed but
    which appear in dialog boxes when assigned group
    membership or access permissions

35
System Groups
  • Everyone
  • Authenticated Users
  • Creator Owner
  • Network
  • Interactive
  • Anonymous Logon
  • Dialup
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Users, Groups, Profiles, and Policies" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!