AD Users & Groups
Last updated
Last updated
Active Directory (AD) Users: These are individual accounts representing people or devices within a domain. Each user has a unique identifier (username) and credentials (password) to access network resources.
Active Directory Groups: Groups are collections of user accounts, which allow you to manage permissions and access to resources more easily. Instead of assigning permissions to individual users, you assign them to groups, which simplifies user management.
Organizational Units (OUs): These are containers within Active Directory that help organize and manage users, groups, and other resources. OUs make it easier to apply policies, delegate administration, and structure the AD hierarchy. For example, an OU could represent a department like "HR" or "IT."
We will now configure the AD Users & Groups :
Here we can see our AD domains and we we first create OUs named as departments like HR, Legal , Accounts & etc
Similiarly we have created the following OUs with the same steps given above. Now we will create some users in all of the OUs we just created.
Similiarly we can create users in all the OUs and now we will add this user in the HR groups so we can manage the AD users within the group level permissions to effectively manage the AD Users
Now we will be creating groups in the AD users & Groups application under the OUs just created and add the users into it :
Here we have sucessfully configured the groups inside the OUs and now we will be adding users into it
Now we have added the hruser inside the Rookie -HR group inside the HR OU & now the user can be managed individually and also with the group making the AD management easier.
Similiarly we can create users in all the OUs and manage them accordingly with the groups inside the same OUs. So now we have sucessfully configured the AD users & groups now we will learn how to add the AD users into the Domain Administrators group
Lets say we need the OU - IT users to be access the domain rights of the AD domain controller we can follow the following steps :
As we can see the domain administrator user is also the part of Domain Admins group so we can add out Rookie-IT group to provide domain admin access to the IT guys.
Here we have learn the AD users , OU , groups & now we will learn how to setup AD File server in the next section.
