Basic User Creation in Active Directory Users and Computers(ADUC), Active Directory Administrative Center(ADAC) and PowerShell in Windows Server 2019
In the previous blog post we promoted our server to domain controller and created our AD forest and domain:
https://eyeteahero.blogspot.com/2019/05/promoting-windows-server-2019-server-to.html
Now that we have a domain running let's create some user accounts.There are 3 tools you can use to create user accounts. Active Directory Users and Computers, Active Directory Administrative Center and PowerShell
Expand your domain name then single click the Users container. Take note the single user at the top named administrator is the domain administrator account and the rest are built in security groups.
Type in a temporary password, leave the check boxes default and click Next. Note that this configuration is good for a new staff member joining your company as their password should routinely expire, it shouldn't be disabled (unless if they are starting at a much later date) and User cannot change password should only be used for things like service or specialty accounts. This will ask the user to make a new password the first time they log in
Click Active Directory Administrative Center (ADAC)
Click your domain, then Users, then New, then User
Fill in the necessary information, specify a temporary password then click OK
The user has been added
https://eyeteahero.blogspot.com/2019/05/promoting-windows-server-2019-server-to.html
Now that we have a domain running let's create some user accounts.There are 3 tools you can use to create user accounts. Active Directory Users and Computers, Active Directory Administrative Center and PowerShell
1 Active Directory Users and Computers
Click Start > Server Manager
Click Active Directory Users and Computers
Expand your domain name then single click the Users container. Take note the single user at the top named administrator is the domain administrator account and the rest are built in security groups.
Right click Users, click New, then click User
Type in the required fields and click Next. Note that most companies use a naming scheme, something like first initial then last name
Type in a temporary password, leave the check boxes default and click Next. Note that this configuration is good for a new staff member joining your company as their password should routinely expire, it shouldn't be disabled (unless if they are starting at a much later date) and User cannot change password should only be used for things like service or specialty accounts. This will ask the user to make a new password the first time they log in
Review the summary and click Finish
You can now see that the user account has been created
2 Active Directory Administrative Center
Click Start > Server Manager
Click Active Directory Administrative Center (ADAC)Click your domain, then Users, then New, then UserFill in the necessary information, specify a temporary password then click OK The user has been added3 PowerShell
Click Start then click PowerShell
Type the following command and press enter and then specify the temporary password
- New-ADUser -Name "John Smith" -GivenName "John" -Surname "Smith" -SamAccountName "jsmith" -UserPrincipalName "jsmith@company.com" -Path "CN=Users,DC=company,DC=com" -AccountPassword(Read-Host -AsSecureString "Type PW") -Enabled $true
To confirm the account was created type
- Get-ADUser username
At this point you have a working domain controller, go ahead and start back at the beginning of this blog series and create a second server with just a different host name and IP address on the same network as a member server.
You can follow this next post to join a server to an already existing domain:
