Adding user accounts in Active Directory of Windows Server 2012
March 18, 2013 2 Comments
One of the first jobs after installing Active Directory, is creating user accounts, in order for the users to be authenticated in Active Directory. The authenticated user; therefore, can access the network resources. In this way an unauthorized user does not have access to the network without administrator’s permission.
As usual, my well known two ways:
- Hit Windows Key + R buttons, type dsa.msc, and press OK
- Active Directory Users and Computers window opens. Remember you can open it via Server Manager too
- The easiest way, is to right click Users object on the left bottom side, click on New, then User
- Fill the First and Last names as you desire. Mine will be User1. User logon name is User1 too. Click Next
- Choose a strong password, and leave the default settings intact. Then Next and Finish
- Now I want to make this account, a member of administrators. So on the working window, click on Users, and right click User1 on the left side. Then click on Add to a group…
- On Select Groups window, type Domain Admins; Enterprise Admins. Then click on OK twice
As a result, a user, by the name of User1 is created, who is the administrator of both domain and forest.
- Open PowerShell console
- Type and hit enter this command:
New-ADUser -SamAccountName User1 -AccountPassword (read-host "Set user password" -assecurestring) -name "User1" -enabled $true -PasswordNeverExpires $false -ChangePasswordAtLogon $true
Add-ADPrincipalGroupMembership -Identity "CN=User1,CN=Users,DC=cyrusbesharat,DC=local" -MemberOf "CN=Enterprise Admins,CN=Users,DC=cyrusbesharat,DC=local","CN=Domain Admins,CN=Users,DC=cyrusbesharat,DC=local"