Configuring User Account Attributes

Include the following:

       Account: In addition to the user Property name ( first, middle, Initial, last name , full name ) and Various user login name ( UPN user At login , the user logon SAM account name ) You can configure the following additional property:

v  Log on hours. This attribute defines when the account will be used to access the domain Computer. You can use the calendar week view style definitions allow logon time Login denied time.

v  Log on to. Use this property to specify which computer users can use it to log on to Domain. Specifies the name of the computer, and add it to the list of allowed computers.

v  Account expires. When you want to create a user temporary use, the value that is useful Account. For example, you may want to create a user account used by interns just a year. You can use this value to a pre-set account expiration date. Account can be re-configured manually until it cannot be used after the expiration date Administrator.

v  User must change password at next logon. This property allows you to force users reset their own password at next login. This is usually your thing you reset a user's password, you can make.

v  Smart card is required for interactive log on. The amount will reset a user's password to a complex, random sequence of characters, and set the properties required by the use of smart cards for authentication at login.

v  Password never expires. It is you usually use the property and services Accounts, that is, without the use of ordinary users, but the accounts by the service. By Set this value, you must remember to manually update passwords on a regular basis; however, you are not forced to do it at the predetermined intervals. Therefore, Account cannot be locked because the password has expired - a feature that is Services account is particularly important.

v  User cannot change password. Again, this option is typically used for services Account.

v  Store password using reversible encryption. The policy support Knowledge protocol used by applications requires user passwords Authentication purpose. Stored encrypted password using reversible nature of Storing passwords in plain text version of the same. For this reason, the strategy It should not be enabled unless application demand is greater than the need to protect Password information. This approach is the use of Challenge Handshake need through remote access or Internet Authentication Protocol (CHAP) authentication Service (IAS). In Digest authentication, also needs Internet Information Services (IIS).

v  Account is trusted for delegation. You can use this property to allow a service account to impersonate a standard user to access network resources on behalf of a user.

       Organization. This includes properties such as the user’s Display name, Office, Email address, various contact telephone numbers, managerial structure, department and company names, addresses and so forth.

       Member of. This section enables you to define the group memberships for the user.

       Profile. This section enables you to configure a location for the user’s personal data, and to define a location in which to save the user’s desktop profile when he or she logs out.

       Extensions. This section exposes many additional user properties, most of which do not normally require manual configuration.