To manage users in a domain, create user accounts in Active Directory Domain Services (AD DS). In contrast, to manage users that are specific to one computer, create local user accounts. For more information about creating local user accounts, see Create a local user account (http://go.microsoft.com/fwlink/?LinkID=58123).
Membership in Account Operators, Domain Admins, or Enterprise Admins, or equivalent, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at http://go.microsoft.com/fwlink/?LinkId=83477.
|To create a new user account using Active Directory Administrative Center|
To open Active Directory Administrative Center, click Start, click Administrative Tools, and then click Active Directory Administrative Center.
Another way to open Active Directory Administrative Center is to click Start, click Run, and then type dsac.exe.
In the navigation pane, right-click the node in which you want to add a user account, click New, and then click User.
For interoperability with other directory services, you can click InetOrgPerson instead. For more information about the InetOrgPerson class, see Understanding User Accounts.
In Create User, in the Account section:
- In First name, type the user's first
- In Middle initials, type the user's
- In Last name, type the user's last
- Modify Full name to add initials or
reverse the order of the first and last names.
- In User UPN logon, type the user’s
logon name, and then click the user principal name (UPN) suffix in
the drop-down list.
If the user will use a different name to log on to computers running Microsoft® Windows® 95, Windows 98, or Windows NT® operating systems, you can change the user’s logon name as it appears in User SamAccountName logon to the different name.
- In Password and Confirm
password, type the user's password, and then select the
appropriate password options.
- To protect the user account from accidental
deletion, select the Protect from accidental deletion check
- Click Log on hours, and then set the
permitted or denied logon hours for the user.
- Click Log on to, and then set the
permitted logon workstations for the user.
- In Account expires, select
Never or enter the account expiration date.
- Expand Password options, Encryption
options, and Other options, and then make the
- In First name, type the user's first name.
In Create User, modify the appropriate fields in the Organization, Member Of, and Profile sections, and then click OK.
- You can also perform the task in this
procedure by using the Active Directory module for Windows
PowerShell. To open the Active Directory module, click
Start, click Administrative Tools, and then click
Active Directory Module for Windows PowerShell. For more
information, see Create a New User (http://go.microsoft.com/fwlink/?LinkId=141531).
For more information about Windows PowerShell, see Windows PowerShell (http://go.microsoft.com/fwlink/?LinkID=102372).