Computing: Computer Administration

Setting up Windows Server 2003: 3. Addition of users and computers.


In the second part of my tutorial Setting up Windows Server 2003: Promotion of the first Domain Controller, I describe how to create and configure the first Domain Controller of a new domain. In this part, you will learn how to add users and computers to Active Directory.

Whereas on a workgroup based network, any computer may access the shared resources on any other computers, on a domain based network, the workstations have to connect to the Domain Controller on the server, and then can access the resources available on the server. This connection has to be done from the login screen of the client (not from an already "running" system). The credentials to log in to the domain (user name and password) are set in Active Directory, and it's only users known by Active Directory, that can actually login to the domain.

We can also add the information about the domain workstations to Active Directory. This allows to associate a given computer (identified by its name) with a given user (already defined). By this way, a standard user can log in to the domain, using the credentials configured for their computer.

Adding users to Active Directory.

You can use the Manage Your Server window, that (unless you disabled it) shows up with the start of Windows Server 2003. Click the link Manage users and computers in Active Directory to begin.

Windows Server 2003: Adding users to Active Directory - Start the task from 'Manage Your Server' window

In the left pane of the Active Directory Users and Computers window, double-click the Users folder. A whole bunch of pre-defined and automatically added users are displayed in the right pane.

Windows Server 2003: Adding users to Active Directory - Pre-defined domain users

From the menu bar, choose Action > New > User. The New Object - User window opens. Fill in the information about your new user. On the screenshot, you see the creation of user "Ali Baba", with username = "Ali" in order to login into the domain wsd-win2003.intranet.home (the domain that we have created in part 2 of the tutorial).

Windows Server 2003: Adding users to Active Directory - Adding a new user [1]

Push the Next button to pass to the entry and configuration of the user password. I changed the default settings, choosing User cannot change password; I also selected the Password never expires checkbox.

Windows Server 2003: Adding users to Active Directory - Adding a new user [2]

After you have pushed the Next button, a summary of the new user properties is displayed. Push the Finish button to actually create the new user. The screenshot shows the summary for "Aly Bubu", another user that I added to Active Directory.

Windows Server 2003: Adding users to Active Directory - Adding a another new user

And finally, here is a screenshot of the list of the users defined in Active Directory of my Windows Server 2003, after "Ali Baba" and "Aly Bubu" have been added.

Windows Server 2003: Adding users to Active Directory - Domain users, after 2 new users have been added

Adding computers to Active Directory.

You can use the Manage Your Server window, that (unless you disabled it) shows up with the start of Windows Server 2003. Click the link Manage users and computers in Active Directory to begin. In the left pane of the Active Directory Users and Computers window, double-click the Computers folder. This folder is empty for now. To add a new computer, choose Action > New > Computer from the menu bar.

Windows Server 2003: Adding computers to Active Directory - Choosing to add a new computer

We will add the two computers shown at the bottom of the network layout diagram in the Setting up Windows Server 2003: Introduction article. Note, that the name of my Windows XP Media Center Edition is wk-winxpm, and the name of my Windows 2000 Professional is wk-win2k.

Let's start with wk-winxpm. Enter this name as Computer name in the New object - Computer dialog box. All other settings may be left as they are...

Windows Server 2003: Adding computers to Active Directory - Adding the new computer 'wk-winxpm' [1]

The user group Domain Admins is allowed to connect from any computer to the domain. That's why it is filled in by default as login users for a newly created computer. To change this, and associate a custom user with the computer wk-winxpm, push the Change... button.

The Select User or Group dialog box opens. In the text field below Enter the object name to select, enter the name, that you want the user of wk-winxpm to use in order to login to the domain (this must be a user name, that actually exists). I chose "Aly Bubu" (screenshot on the left). You can check if your input is ok, by pushing the Check Names button. The content of the text field should now be changed to Aly Bubu [Aly@wsd-win2003.intranet.home] (screenshot on the right).

Windows Server 2003: Adding computers to Active Directory - Adding the domain user for computer 'wk-winxpm' [1]
Windows Server 2003: Adding computers to Active Directory - Adding the domain user for computer 'wk-winxpm' [2]

After having pushed the OK button, we return to the New object - Computer dialog box. Push the OK button to actually create the new computer.

Windows Server 2003: Adding computers to Active Directory - Adding the new computer 'wk-winxpm' [2]

Repeat the steps above to add wk-win2k, and configure the user name to be used on that machine to login to the domain as Ali Baba [Ali@wsd-win2003.intranet.home].

You can right-click a computer in the list and choose Properties from the popping up context menu, to further configure it. I did not take the time to review the possibilities that we have here. I just added a description for my two computers...

Finally, here is a screenshot of the list of the computers defined in Active Directory of my Windows Server 2003, after "wk-winxpm" and "wk-win2k" have been added.

Windows Server 2003: Adding computers to Active Directory - Computers list, after 2 new machines have been added

If you find this text helpful, please, support me and this website by signing my guestbook.