askvity

How do I create an Active Directory account?

Published in Active Directory 3 mins read

To create an Active Directory account, follow these steps:

  1. Open Active Directory Users and Computers: This is usually accessible from the Start Menu under Administrative Tools.

  2. Navigate to the desired OU: In the left pane, browse to the Organizational Unit (OU) where you want to create the new user account. OUs help organize users, computers, and other resources within your domain.

  3. Create the new user: Right-click on the Users folder (or the OU you navigated to) and select New, then User.

  4. Enter User Information: A "New Object - User" window will appear. Enter the following information:

    • First Name: The user's first name.
    • Last Name: The user's last name.
    • Full Name: This field will usually auto-populate based on the first and last names you entered. You can modify it if needed.
    • User Logon Name: Enter the desired username for the user account. This is the name the user will use to log in to the domain. It often follows a standard naming convention (e.g., first initial last name, or full last name). This is also sometimes referred to as the "SAM account name."

  5. Click Next.

  6. Set the Password: You will now be prompted to set a password for the new user account. Choose a strong password that meets your organization's password policy. You also have the following options:

    • User must change password at next logon: Select this option if you want the user to be forced to change their password when they first log in. This is generally considered best practice.
    • User cannot change password: Select this if you don't want the user to be able to change their password (typically not recommended).
    • Password never expires: Select this option if you want the password to never expire. This is generally discouraged from a security perspective, and best practice is to enforce password expiration policies.
    • Account is disabled: Select this option if you want to create the account but keep it disabled. This can be useful if you are creating the account in advance but don't want the user to be able to log in yet.

  7. Click Next.

  8. Review the Information: A summary screen will appear, showing the information you've entered for the new user account. Verify that all the information is correct.

  9. Click Finish.

The new Active Directory user account is now created. You may need to configure additional properties for the user, such as group memberships, profile path, and home directory. You can do this by right-clicking on the user account in Active Directory Users and Computers, selecting Properties, and then navigating through the various tabs.

Related Articles