Active Directory Users

Active Directory data store usually consists of information related to network resources which can be easily accessed from within a domain. These network resources actually include users, computers, groups, printers, policies that talk about security, services, etc. that are termed as Active Directory Objects. Of these AD objects, we will talk about User objects in the following section.

A user object (user account) in the directory permits and provides every end user a facility to log on to the Windows Server. Moreover, this object is generally made up of attributes such as user logon name, first name, last name, display name and contact number to name a few. To generate a new user object in the Active Directory, here are the steps that one must follow:

1. Click Start, Administrative Tools, and the Active Directory Users and Computers console.
2. In the console tree, choose the OU in which the new user object will be created.
3. From the Action menu, click New then click User.
4. In the New Object - User dialog box, enter information for the fields listed below: First name, Initials, Last name, Full name (automatically populated), User logon name, User logon name (pre-Windows 2000).
5. Click Next.
6. Enter a password in the Password field and confirm the password in the Confirm password field.
7. Specify a new password at next logon. Click Next.
8. Validate the settings that have been entered on the Summary screen.
9. Click Finish..

A new user object with the specified settings will be created. However, for a user it is very essential to have an Active Directory user account in order to log on to a computer or domain. Therefore, in one way it can be said that the user account actually sets up an identity for the user. In fact, it is user account that helps a user in getting a proper authentication of using the domain resources. Other than that, user objects are also utilized as service accounts for applications where a service is provided with access permission for explicit network resources.

Apart from all these Active Directory user objects are further referred to as Security Principals since that stress more on security that is implemented by the OS for these objects. Each security principal is allocated with an SID during their formation which is a distinctive security ID. With this SID, user objects are capable of logging in to a network and further access the domain resources.