After my previous post which was on How to install Active Directory on a Windows Server 2003, I thought creating user accounts in Active Directory and Assigning permissions to folders will be more suited to follow on.
First let’s look at how we can create user accounts in a domain (after installing active directory)
- Log in to your domain controller with an administrative privileged account.
- Click on Start -> All programs -> Administrative tools -> Active Directory Users and computers
- Expand the domain -> Right Click on the User container and select New -> Select User
- You will be prompted with the New Object – User Window
- Fill in the necessary details and click Next
- Assign and confirm the password -> click Next
- On the summary screen verify your details and click Finish.
User account is created and you can create any number of users here to meet your requirements.
I have created two user accounts namely, User A and User B. By default when you create a new user account it will be a member of the Users group. You can go into the properties of the user object and make the user a member of any other group if necessary.
Now let’s look at how to assign permissions to a Shared Folder
- Create a folder and Share the folder by right clicking on the folder and selecting Sharing and Security
- You will be prompted with the Folder properties Window where you will have two options (Do not share this folder and share this folder)
- Select Share this folder option
- Click on Permissions and you will be prompted with the Permissions window which shows who can access this shared folder over the network. By default “Everyone” can access the folder.
- I am going to make this folder accessible only to User A. To achieve this, I am going to remove all other users permission and add only User A.
- On the Sharing Permissions for Folder window click on “Everyone” and click on Remove.
- After removing the everyone group from the permissions window click on Add and add User A and grant him full control permission
- Click Apply and Ok.
- Now click on the Security Tab, here you will be able to see the permissions given for each user or group towards this folder.
- Remove all users and groups and then add User A, if you want you can add the Administrator acccount so that only User A and the Administrator will have access to the folder and no one else.
- After you add User A, give User A full control permission over his folder and click Apply and Ok.
After you perform these tasks, only User A will be able to access the Shared Folder.
Screen shots attched below 🙂