When you deploy an Active Directory infrastructure, you can create many users through the GUI, but also from the command line (through PowerShell).
You can also add a lot of information in the properties of your users, as well as configure a lot of settings on them.
To create users, you can use the "Active Directory Users and Computers" console.
To create a user, right-click on the "Users" folder (or an organizational unit you created) and click : New -> User.
Provide at least a first name and a logon name (so, a user name).
Then, enter a password respecting the complexity required by your server (in particular a minimum length of 8 characters) and choose whether :
When you create users from the command line, they are created by default in the "Users" folder of your domain if you don't specify a destination folder.
New-ADUser -Name "Lionel" -SamAccountName "InformatiUser" -UserPrincipalName "InformatiUser@informatiweb.lan" -AccountPassword(Read-Host -AsSecureString "Input Password") -Enabled $true
Input Password: **********
As expected, the user was created in the "Users" folder by default.
And his username is : InformatiUser.
To change the default folder, use the "redirusr" command and specify the DN (so, the absolute name) of the desired container or organizational unit as a parameter.
redirusr [absolute name of target folder]
To find the absolute name (also called DN for Distinguished Name in LDAP), all you have to do is right-click "Properties" on the desired container or organizational unit, then go to the "Attribute Editor" tab.
In the list of available attributes, you will find the "distinguishedName" attribute which corresponds to the LDAP path of this Active Directory object.
Note that you must have enabled the advanced features of the "Active Directory Users and Computers" console for this tab to be displayed.
If this is not the case, go to the "View" menu of this console and click on : Advanced Features.
In our case, we will redirect the creation of future users to the organizational unit : OU=MyUsers,DC=informatiweb,DC=lan
And we create a new user from the command line :
New-ADUser -Name "TestUser" -SamAccountName "TestUser" -UserPrincipalName "TestUser@informatiweb.lan" -AccountPassword(Read-Host -AsSecureString "Input Password") -Enabled $true
As expected, the user appears in our folder that we specified previously with the "redirusr" command.
By right-clicking "Properties" on a user, you can add/edit many properties on this one.
In the "General" tab, you can specify :
In the "Address" tab, you can specify :
In the "Account" tab, you can :
You will also find several account options :
You can also set an expiration date for this user account if you wish.
This option is very convenient in schools, universities or training centers, because you usually know in advance when students or interns are expected to leave your institution.
As a result, you can schedule the expiration of their accounts so that these accounts are automatically deactivated when they finish their studies or training.
If you click on the "Logon Hours" button, you will be able to choose which days and at which times this user can log in with his account.
If you click on the "Log On To" button, you will be able to choose whether this user can log on to :
In the "Profile" tab, you can specify :
In the "Telephones" tab, you can specify :
Windows Server 4/3/2021
Windows Server 8/20/2021
Windows Server 6/11/2021
Windows Server 5/14/2021
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2021 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.