نمایش نتایج: از شماره 1 تا 2 از مجموع 2

موضوع: ساخت یوزر در اکتیور

  
  1. #1
    نام حقيقي: امیر جواهری

    تازه وارد
    تاریخ عضویت
    Jun 2018
    محل سکونت
    البرز
    نوشته
    4
    سپاسگزاری شده
    0
    سپاسگزاری کرده
    0

    ساخت یوزر در اکتیور

    با سلام و وقت بخیر خدمت دوستان
    می خام بدونم که آیا در اکتیو دایرکتوری ، میتونم یوزری درست کنم که ادمین باشه ولی نشه باهاش لاگین کرد. اگه میشه یه همچین یوزری درست کرد لطفاً راهنماییم کنید . . .



    موضوعات مشابه:

  2. #2
    نام حقيقي: Armin Rezaeimehr

    مدیر عمومی شناسه تصویری EVERAL
    تاریخ عضویت
    Jul 2009
    محل سکونت
    Tehran
    نوشته
    695
    سپاسگزاری شده
    572
    سپاسگزاری کرده
    594
    نوشته های وبلاگ
    7
    سلام
    شما هدفت از ساخت Domain Administrator Account چیه؟ می خواهید دسترسی Admin به
    User بدید و بعد به سرور Active نتونه Login کنه ؟
    یکی از هدف‌‌های بدیهی اینکه که شما قصد دارید Dis join و join to domain را برای سازمان به ایشان دسترسی
    بدید. (که اینکار در Console Active تحت Group Policy و OU مورد نظر انجام میدید).
    توسط logon script و Assign به user مربوطه می تونید برای login از راهنمای زیر استفاده کنید:

    Creating the logon script

    The logon script is the file that does the actual action. It could be almost any action, as noted above. So we’ll start by creating that script. The default location for logon scripts is the NETLOGON share, which, by default, is shared on all Domain Controllers in an Active Directory forest, and is located in the following folder:
    %SystemRoot%\SYSVOL\sysvol\<domain DNS name>\scripts
    Where %SystemRoot% is usually “C:\Windows” and <domain DNS name> is the DNS name of the domain, similar to “Petri.local”. This folder, which is a part of the SYSVOL special folder, is replicated to all the Domain Controllers in the domain.
    Note: The actual process of creating the script is beyond the scope of this article, there are plenty of good resources with great examples on the Internet.

    1. Create the logon script and give it the appropriate name (for example: logon.bat, logon.cmd, logon.vbs, etc.) The script can use ANY name, just make sure you know what that name is, and give it the right file extension type.
    2. Make sure that the script runs and performs the required action when it is manually run (double-click on it).
    3. Copy the logon script (CTRL+C).
    4. Paste the logon script in the NETLOGON share on one of the Domain Controllers. The NETLOGON share is located in the following path: c:\Windows\Sysvol\Sysvol\Domain Name\Scripts.

    Note: You can enter a UNC path in the “Logon script” field and place the file in another location. However, this location should be one that is replicated to all Domain Controllers, and unless you have such a folder available, I’d suggest you keep to the NETLOGON share.
    What permissions are required for Logon scripts to run?

    Logon scripts run with the credentials of the user. It is recommended that the “Domain Users” group shall be given permission to any resources used by either of these scripts. For example, if the logon script writes to a log file, the group “Domain Users” should be given read/write access to the file or the folder where the log file is located. Most users have limited privileges on the local computer, so logon scripts will have the same limited privileges.
    Assigning the script to the user

    Next, we need to decide what user should have the logon script. We will work in that user’s user account in Active Directory Users and Computers. With this procedure, you can only link ONE logon script to each user, and you must do it ONE USER AT A TIME, or, if you have the knowledge – script the changes in Active Directory (there are methods to do this, but I won’t get into detail here).
    If you plan to have more than ONE logon script, and if you wish to assign that/those script(s) to more than one user, you might want to look into the “Setting up a Logon Script through GPO in Windows Server 2008” article.

    1. Open Active Directory Users and Computers from the Administrative Tools folder (or dsa.msc from RUN).
    2. Expand the domain tree, locate the OU where the user is located.
    3. Right-click the user object, select Properties.
    4. In the Profile tab, locate the Logon Script box.
    5. In the Logon Script box type the name of the script from step #2. You DO NOT need to enter the path, since it is located in the NETLOGON share. Make sure you enter the full name (i.e. logon.bat or logon.vbs etc.).
    6. Click Ok.

    Replicate the DCs

    Now we need to replicate the DCs in the domain by using either Active Directory Sites and Services, Replmon, Repadmin, or wait a few moments (depending on the number of DCs). As a simple follow up to this article, I suggest you use Active Directory Sites and Services.
    Testing the logon script


    1. On one of the computers that is part of the domain, logoff the specific user account.
    2. Logon and test.

    If the logon script doesn’t work for you, go back to the basics and see if it works at all by double-clicking on it. See if it’s placed in the right path – the NETLOGON share on one of the DCs, and see if it has replicated to the other DCs. Also check permissions by trying to manually run the script from the right path but while logged on as the user, and not as an administrato


    !It's possible to change your life at any time

کلمات کلیدی در جستجوها:

هیچ کلمه ای ثبت نشده است.

برچسب برای این موضوع

مجوز های ارسال و ویرایش

  • شما نمی توانید موضوع جدید ارسال کنید
  • شما نمی توانید به پست ها پاسخ دهید
  • شما نمی توانید فایل پیوست ضمیمه کنید
  • شما نمی توانید پست های خود را ویرایش کنید
  •