WEBVTT

00:00.430 --> 00:05.340
This section we'll talk about creating and managing users and groups.

00:05.340 --> 00:12.240
Now when we have a forest and domain installed the next step is to add some users to our domain.

00:12.250 --> 00:20.280
Now we'll start with added simple user then we'll create a group of users will create a new group and

00:20.280 --> 00:27.840
then add a group of users into that group using a filter to ensure that we add to the correct set of

00:27.840 --> 00:36.490
users then we'll create a new organizational unit over you and move users and computers into the old

00:36.510 --> 00:37.140
you.

00:37.140 --> 00:44.520
It's essential for any domain administrator to know how to do these simple tasks will be using the Folarin

00:44.580 --> 00:48.050
active directories in those partial nouns.

00:48.230 --> 00:56.880
Use or Adey group Aidy group member Adeeb account password Adey principle group membership.

00:56.940 --> 01:03.040
Every object and 80 computer will also be used in the following commands.

01:03.090 --> 01:08.130
Import Desch says fi convert to dasht securest dream.

01:08.220 --> 01:09.770
Get this command.

01:09.810 --> 01:14.360
Test this path read dish host Ryders host.

01:14.400 --> 01:17.320
So let's get started with creating users.

01:17.400 --> 01:26.850
We can use you this Adey user comments lead to create new users most Kulick properties can be directly

01:26.940 --> 01:30.230
edited by using the parameters of a new address.

01:30.260 --> 01:32.410
The user command left.

01:32.490 --> 01:41.370
There are a lot of parameters which could be used by this command let the field step will get the user

01:41.370 --> 01:49.460
account which is associated with administrator with get Dash 80 user Desch identity administrator.

01:49.460 --> 01:53.010
This account should be really well secured.

01:53.110 --> 01:59.940
So will add a new account to replace the Administrator account to add a new user to you.

01:59.940 --> 02:03.170
Then you'd Dash 80 user command left.

02:03.240 --> 02:06.740
There are three basic ways to use new address.

02:06.810 --> 02:08.680
A The user command left.

02:08.760 --> 02:13.940
We can create an user by specifying all details on the command line.

02:13.980 --> 02:23.460
We can create a user from a template object either one you create or an existing user or we can use

02:23.590 --> 02:29.840
s.c.s the file to create multiple users from a list of users and properties.

02:29.850 --> 02:36.030
Let's create our first user by specifying all details on the command line.

02:36.090 --> 02:41.490
We need to specify the settings for the new user at the command line.

02:41.520 --> 02:50.020
Then we need to add the user to the appropriate Active Directory domain services security groups.

02:50.020 --> 02:53.810
Now let's add a variable secure password.

02:53.930 --> 02:56.410
We'll call this horrible password.

02:56.490 --> 03:06.300
So let's type Dolor character Basford and it will be equal to read the host command prompt and to parse

03:06.300 --> 03:10.240
14 quotes and we needed a secure stream.

03:10.300 --> 03:18.300
Then we'll use this command and you dash 80 user with the following parameter name account password

03:18.520 --> 03:26.910
same account password display name email address enabled given name and pass through parameter.

03:26.910 --> 03:29.910
Also password never expires parameter.

03:30.030 --> 03:39.480
Surname and user principle name very toast prompt for a password and mosques that the user enters and

03:39.570 --> 03:41.170
the results are then you.

03:41.170 --> 03:44.520
Does the user command is as follows.

03:44.550 --> 03:47.140
Because we've used parse through parameter.

03:47.250 --> 03:54.480
This creates our first user but doesn't make the user a member of any domain security groups except

03:54.480 --> 03:55.860
domain users.

03:55.950 --> 04:03.710
The default one to add the user to security groups we need to use the AT DESK Adey group member command

04:03.710 --> 04:04.400
left.

04:04.440 --> 04:11.460
And because the goal is to give James the same set of security group says that Administrator account

04:11.730 --> 04:19.070
will use Windows power shell to get the list of security groups that the administrator is a member of

04:19.260 --> 04:24.220
and then goes through the list and add James to each of the groups.

04:24.300 --> 04:29.610
So we're using the following code for this as we can tell from the get.

04:29.630 --> 04:33.740
Does the user command in this code count.

04:33.750 --> 04:37.290
James is now a member of five security groups.

04:37.350 --> 04:45.830
Group Policy creator owners domain admins enterprise cerements schema garments and administrators of

04:45.870 --> 04:53.970
the same security groups to which their administrator account belongs will want to come back to as groups

04:53.970 --> 04:54.720
later.

04:54.810 --> 04:57.890
But now let's focus on users first.

04:57.990 --> 05:02.050
There are multiple ways to end users in a batch.

05:02.090 --> 05:06.310
But probably the simplest is to use a C S V file.

05:06.380 --> 05:15.360
You can easily create this file in Microsoft Excel or any plain text editor and then use Windows powers

05:15.380 --> 05:24.130
child to read the values and this is free file and add the users to read this is the file that you import.

05:24.220 --> 05:26.830
Import Dursley come on left.

05:26.840 --> 05:31.550
Now let's recap and take a closer look what we've done.

05:31.550 --> 05:38.070
First we checked the identity of the user administrator.

05:38.150 --> 05:47.210
Then we've created our variable password which will read the host to know what pass for to use for you

05:47.210 --> 05:47.680
then.

05:47.740 --> 05:48.710
Then live used.

05:48.720 --> 05:56.120
New this 80 user will follow in parameters and one of them was the account password.

05:56.120 --> 06:02.120
So we have used the tree and lived inserted before in the past.

06:02.130 --> 06:10.940
First wearable this account in the Active Directory Users and Computers will right click on the domain

06:11.180 --> 06:15.830
and find the needed user will be used for James name.

06:15.980 --> 06:20.360
As you can see this user is created successfully.

06:20.360 --> 06:27.560
After that we've caught that all the groups from Administrator account to Louis James account we've

06:27.590 --> 06:34.680
created a variable super user groups which is equal to the two that follow in command.

06:34.790 --> 06:44.100
Let's we around get this say the user with identity parameter administrator and Propertius parameter.

06:44.180 --> 06:48.720
We are looking for all the properties of a list user.

06:48.890 --> 06:57.050
This asterisks character means that we are looking for all the properties of the Folarin account and

06:57.050 --> 07:02.420
also with looking for the member of property of the full only user.

07:02.510 --> 07:10.710
After that we add in the user James to all the groups of the user administrator.

07:10.820 --> 07:19.070
Now let's check the user James in active directory users and computers and we'll be looking for his

07:19.070 --> 07:20.500
group's properties.

07:20.600 --> 07:28.200
And as you can see the user James is the member of the same groups as the user administrator.

07:28.200 --> 07:33.480
Then they're importune users from the seeis we file first.

07:33.500 --> 07:43.100
I created the file inserts format and put it into a folder on my local drive like check this file.

07:43.130 --> 07:51.830
It contains all the properties which are needed to be added to the new users like display name given

07:51.830 --> 07:56.240
name name surname as a m account name.

07:56.240 --> 08:01.890
Also the property that this account will be enabled after ad in it.

08:02.090 --> 08:11.240
Also we've got password never expires property in place user principal name account password which will

08:11.240 --> 08:13.850
be equal to the following stream.

08:13.850 --> 08:22.430
Now let's find the following user an active directory users and computers will be looking for user John.

08:22.580 --> 08:31.680
And as you can see all the surgeons are in place such as username surname same account name Basford

08:31.700 --> 08:34.430
never expires property.

08:34.790 --> 08:40.520
And as you can imagine you can get as many users as you need to this file.

08:40.520 --> 08:44.650
You can also add those users to the groups unit.

08:44.780 --> 08:53.990
And of course you can add the properties unit to this users like email account department and so on.