Register

Forgot Password

Site FAQ

Home > IT Answers > Windows Server > Better way to enroll users in Active Directory

Mgarczynski

10 pts.

Better way to enroll users in Active Directory

I have just reviewed the steps given to me by my Network Admin for enrolling a new user in A/D and I can't believe it's this complicated and requires this many steps. The summary steps are : 1. On the A/D server open the A/D users and computers 2. Add the user entering his name, username, password, and group memberships. 3. Create User shared folder on File server with MD \FileServerusers%username% 4. Select new folder properties, sharing tab. 5. Select Permissions, Everyone, Full Control. 6. Select Security Tab, then advanced button. uncheck Allow interitable permissions and copy option. 7. On Security tab, remove domain user and everyone. add the %username% with full control. 8. Select Advanced button, Owner tab and give ownership to Administrator Profile. 9. Log onto a Terminal Server, which creates Profile folder, My Documents, and other application folders. 10. Return to File Server, Select User Shared Folder Properties, Security tab, Advanced button, Ownership Tab, then take give ownership to Administrator as the ownership of the share and sub folders transferred to the user. We are running Win Server 2008 R2 A/D and Win Server 2003 file server. We are a small company with 250 users. I can't believe it's this difficult to create a profile or that larger companies have to spend this much time creating profiles. Any ideas or suggetions are appreciated.

Software/Hardware used:
Windows Server 2008 R2, Windows Server 2003

ASKED: December 30, 2010 4:46 PM

UPDATED: December 30, 2010 10:39 PM

RELATED QUESTIONS

Answer Wiki:

They don't. Create a single user as a template. Setup all the roaming profile setting within that user. When you need to create a new user right click on the template and select copy or copy from (or something like that). When AD creates the new user it will automatically create the roaming profile folder with the correct security permissions. You don't need to log into the terminal server using the users account to create the local profile. When the user logs in for the first time the local profile will be created automatically. Usually larger companies will integrate the creating of domain accounts with their HR system so that when a new employee is created in the HR system the domain account and all the folders needed are automatically created.

Last Wiki Answer Submitted: December 30, 2010 10:39 pm by Denny Cherry

64,520 pts.

All Answer Wiki Contributors: Denny Cherry

64,520 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags