Chapter 6
Peer-to-Peer, Domain-based
2 types of networks
Widnows 7- 14 built in groups
Administrators. Backup Operators. Cryptographic Operators. Distributed COM User. Event Log Readers. Guests. IIS_IUSRS. Network Configuration Operators. Performance Log Users. Performance Monitor Users. Power Users. Remote Desktop Users. Replicator. Users.
Faster User Switching
Allows multiple users to have applications running in the backround at the same time. one user can be actively using the computer at a time
Advanced User Account applet
Available only by starting it from the command line. (hint: AUA applet)
C:\users\%USERNAME%
By default, profiles are stored in _____________________
User Profile
Collection of desktop and environment configurations for a specific user or group of users.
Domain
Computers in the ________ share the user accounts on the domain controller
Creating a user can be done from:
Control Panel. Local Users and Groups MMC snap-in. Advanced User Accounts applet.
4 general user tasks you can perform
Create a new user. Delete a user. Rename a user. Set a user password.
Administrator Account
Derives its privileges from being a member of the local Administrators group. has complete access to the system.
Standard User Account
Derives its privileges from being a member of the local users group. cannot compromise the security or stability of Windows 7.
Public Profile
Different from other profiles because it is not a complete profile.
Once
Domain-based networks require a user account only needs to be created _______
SAM database
Each computer maintains a separate list of users and groups in its own ________ _______
Default ratings
Early Childhood (EC), Everyone (E), Everyone 10+ (E10+), Teen (T), Mature (M), Adults Only (AO).
Editing the Default User Profile Without using Sysprep
Edit the registry settings in the default profile, Modify individual settings or import registry keys exported from an already configured profile, Update specific files in the default user profile
3 common naming conventions
First name. First name and last initial. First name and last name.
Stops the automatic logon form occurring
Holding down the Shift key during the boot process
Groups
Members of _____ have access to all resources that the _____ have been given permissions to access
Start Menu
Modifying the _____ ______ is as simple as creating folders and shortcuts. Users all have a personal version that is stored in their profile.
Administrator
Most actions that are triggered by an _______ do not result in a prompt from User Account Control
roaming user profiles
Most mandatory profiles are implemented as roaming user profiles
7 characteristics of the Administrator account
Not visible on the logon screen. has a blank password by default cannot be deleted cannot be locked out due to incorrect logon attempts cannot be removed for local administrators group. can be disabled. can be renamed.
Profile tab
Often used in corporate environments for domain-level accounts. Profile path specifies location of profile for this user.
Guest
One of the least privilged user accounts in Windows. Has extremely limited access to resources and ocmputer activities
automated mechanism
Peer-to-peer networks have no _______ _______ to synchronize user accounts and passwords between computers
Mandatory profile
Profile that cannot be modified
Secure Logon
Protects your copmuter from viruses and spyware that may attempt to steal your password. whn the computer is a domain client, then secure logon is required.
User account
Required for individuals to log on to Windows 7 and use resources on the computer. Has attributes that describe user and control access.
Windows 7- 3 logon Configurations
Standalone. Workgroup member. Domain client.
exists
To access shares or printers on a remote computer, you must log on as a user that ________ on the remote computer
NTUSER.DAT to NTUSER.MAN
To change a profile to mandatory profile you rename the file ____________ to _____________
Roaming Profiles
Useful when a corporation uses Outlook and Exchange for an e-mail system.
Security Accounts Manager database SAM
User accounts are stored in this. Within SAM database, each user account is assigned a security Identifier (SID)
Local User Accounts
User accounts created in Windows 7, Exists only on the local computer.
Initial Account
User created during installation is givin administrative privileges.
4 Naming Conventions Restriction imposed by Windows 7
User logon names must be unique. user logon names must be 20 characters or less. user logon names are not case sensitive. user logon names cannot contain invalid characters.
are not saved
Users can make changes to their desktop settings while they are logged on as the Mandatory Profile, but the changes ______ ______ _____
User Accounts applet
Users can perform basic administration for their accounts using this interface
Default Profile
When new user profiles are created this is what they are off the bat
Default user profile
Windows 7 copies the ______ ______ ______ to create a profile for the new user.
20
Windows 7 has a limit of ________ connections
Administrative
_______options with a shield beside them are restricted to administrative users.
local computer
a roaming profile is copied to the ________ _______
cached
after credentials are _____ locally, you can log on to a computer using a domain user account. even when the domain cannot be contacted
Local Users and Groups MMC Snap-In
allows you to create and manage both user accounts and groups. Other user options can be configured in the properties of the user account.
Game Controls
are used to limit access to games. you can block games based on the game rating.
Groups
are used to simplify the process of assigning security rights and permissions.
C:/users
by default, each user has a spearate profile stored in __________
7 characteristics of a Guest account
cannot be deleted. cannot be locked out. is disabled by default. has a blank password by default. can be renamed. is a member of the Guest group by default. is a member of the Everyone group.
Domain Controller
central server responsible for maintaining user accounts and computer accounts
Software
changes triggered by ______ do result in a prompt from User Account Control
Start Menu
collection of folders and shortcuts to applications.
Tasks performed with parental controls
configure time limits. control game playing. allow and block programs.
Peer-to-peer
consists of multiple windows computers that share information.
Time Limits
control when a user is able to log on and use the computer. Allow you to restrict logons to certain time of the day.
to configure the default profile
create new local user with administrative privileges, log on as the designated local user, modify the new user's profile as desired, create an answer file with CopyProfile parameters set to true, Run Sysprep with /generalize option, Image the computer and deploy the image
Home folder
defines a default location for saving files.
Logon script box
defines a script that is run each time during logon
Public Profile
does not include an NTUSER.DAT file and consequently does not include any registry settings
Small networks
even ____ _____ benefit from resouces with meaningful names
Secure Logon
increases security on your computer by forcing you to press Ctrl+Alt+Delete before logging on
Guest
intended for occasional use by low-security users.
Initial Account
is different from administrator account in that it: is visble on the logon scree. does not have a blank password by default. can be deleted. can be locked out due to incorrect logon attempts. can be removed from the administrators group.
Members Of tab
lists groups of which the user account is a member. any rights and permissions assigned to these groups are also given to the user account.
Windows Welcome
logon method used by standalone computers and workgroup members authenticates user by using local SAM database
parental controls
method for controlling how Windows 7 is used by specific user accounts, the account must be Standard user accounts
Administrator
most powerful local user account possible. Has unlimited access and unrestricted privileges to every aspect of Windows
Network
no computer on the _______ serves as a central authoritative source of user information.
synchronizing
no concerns about _______ passwords between multiple accounts on a domain-based network.
Pass-through authentication
simplest authentication method for users. remote computer has a user account with the exact same name and password as the local machine.
User Accounts applet
simplified interface for user management. in Control Panel.
Automatic Logon
somtimes it is desirable for the computer to automatically log on as a specific user - each time it is started. is configured on the Users tab of the User Accounts applet.
Naming convention
standard process for creating names on a network or standalone computer.
Roaming profile
stored in a network location rather than on the local hard drive. setting move the user from computer to computer on the network
Profile folders and information
there are many folders and information in Profile. such as: Desktop, Documents, Downloads, Favorites, Links, Local Settings, Music, My Documents, NetHood, Pictures, PrintHood, Recent, Saved Games, Searches, SendTo, Start Menu, Templates, Videos, NTUSER.DAT, NTUSER.DAT.LOG, NTUSER.DAT{guid}.TM.blf, NTUSERDAT{guid}.TMContainerxxxxxx.regtransms, ntuser.ini
Domain Admins
they allows centralized administration
Administrator
this account is disabled by default in Windows 7
Domain Admins
this group becomes a member of the local Administrators group (domain-based)
Domain User
this group becomes a member of the local user group (domain-based) to allow all usres in the domain to log on to Windows 7
netplwiz
to start the Advanced User Accounts applet from a command line, us the ___________ command.
Windows Explorer
use __________ ________ to access and modify the contents of the start menu
Domain-based
user accounts for ________ _____ networks are much easier to manage
networked environment
user logon and authorization is very different in a __________ _________
when you view the properties of a group, there is only a single tab
which provides a description of the group and a list of the group members. you can add and remove users from the group here.
to participate in a domain
windows 7 computers are joined to the domain
Block Programs
you can restrict users to running only approved applications. you can manually add programs to the list of approved applications.
To configure a roaming profile
you must edit the user account to point the profile directory at a network location
Cached credentials
your authentication credentials are automatically cached in Windows 7. this is important for mobile computers that are not always conneted to the domain.