Network Administration: User Account Components

Every user who accesses a network must have a user account. User accounts allow the network administrator to determine who can access the network and what network resources each user can access. In addition, the user account can be customized to provide many convenience features for users, such as a personalized Start menu or a display of recently used documents.

Every user account is associated with a username (sometimes called a user ID), which the user must enter when logging on to the network. Each account also has other information associated with it. In particular:

  • The user’s password: This also includes the password policy, such as how often the user has to change his or her password, how complicated the password must be, and so on.

  • The user’s contact information: This includes full name, phone number, e-mail address, mailing address, and other related information.

  • Account restrictions: This includes restrictions that allow the user to log on only during certain times of the day. This feature enables you to restrict your users to normal working hours so that they can’t sneak in at 2 a.m. to do unauthorized work.

    This feature also discourages your users from working overtime because they can’t access the network after hours, so use it judiciously. You can also specify that the user can log on only at certain computers.

  • Account status: You can temporarily disable a user account so that the user can’t log on.

  • Home directory: This specifies a shared network folder where the user can store documents.

  • Dial-in permissions: These authorize the user to access the network remotely via a dialup connection.

  • Group memberships: These grant the user certain rights based on groups to which they belong. For more information, see the section, “Assigning Permissions to Groups,” later in this chapter.