Manuals / Apple / Baby / Model Vehicle

Apple 10.5 Leapard manual Working with Windows User Accounts, Deleting a User Account

Models: 10.5 Leapard

1 275

Download 275 pages 23.09 Kb

Page 60

60

Working with Windows User Accounts

Use Workgroup Manager to change passwords, password policies, and other settings in Windows user accounts.

The user accounts can reside in a server’s local directory domain, a Mac OS X Server PDC LDAP directory, or another directory system that allows read-write access (not read-only access) such as an Open Directory master LDAP directory or Active Directory on a Windows server.

You can change the user account settings in the Mac OS X Server PDC LDAP directory, but not in a BDC read-only LDAP directory. If you have a BDC, the PDC server replicates the changes to the BDC.

Deleting a User Account

You can use Workgroup Manager to delete a user account stored in an Open Directory domain, the local directory domain, or from any other read/write directory domain.

WARNING: You cannot undo this action.

Deleting a user account also deletes all of the user’s mail.

To delete a user account using Workgroup Manager:

1In Workgroup Manager, click Accounts.

2Select the user account you want to delete.

3To authenticate, click the lock and enter the name and password of a directory domain administrator.

4Choose Server > Delete Selected User or click the Delete icon in the toolbar.

From the Command Line

You can also delete a user account using the dscl command in Terminal. For more information, see the users and groups chapter of Command-Line Administration.

Disabling a User Account

To disable a user account, you can:

ÂDeselect the “User can access account” option in the Basic pane in Workgroup Manager.

ÂDelete the account.

ÂChange the user’s password to an unknown value.

ÂSet password options to disable login. This applies to user accounts with the password type Open Directory or Shadow Password.

Chapter 4 Setting Up User Accounts

Image 60

Apple 10.5 Leapard manual Working with Windows User Accounts, Deleting a User Account, Disabling a User Account

Contents

Mac OS X Server 019-0938/2007-09-01 Contents Configuring the Administrator’s Computer and Account Setting Up an Administrator ComputerCreating a Domain Administrator Account Using Workgroup ManagerContents Setting Up Group Accounts Where Group Accounts Are StoredAdministering Group Accounts Creating a Preset for Group Accounts118 Chapter Contents Contents If You Can‘t Change a User’s Password Type to Open Directory 257 267About This Guide What’s New in Workgroup ManagerWhat’s in This Guide Using Onscreen Help To get help for an advanced configuration of Leopard ServerTo see the most recent server help topics Mac OS X Server Administration Guides This guide Tells you how toUser Management Getting Documentation Updates Getting Additional InformationTools for User Management Workgroup ManagerServer Admin See this documentNetBoot NetInstallServer Preferences Command-Line Tools AccountsAdministrator Accounts Server AdministrationUser Accounts Guest AccountGroup Accounts Computer AccountsAuthentication and Identity Validation User ExperienceComputer Groups Information Access Control Folder and File Owner Access ACLs and Posix Permissions User Management Overview Setup Overview Getting Started with User ManagementSet up an administrator computer Create user accounts and home folders Planning Strategies for User Management Analyzing Your EnvironmentIdentifying Directory Services Requirements Determining Server and Storage RequirementsChoosing a Home Folder Structure Users with local accounts typically have local home foldersDevising a Home Folder Distribution Strategy Determining Administrator Requirements Identifying GroupsGetting Started with User Management Getting Started with User Management Configuring the Administrator’s Computer and Account Setting Up an Administrator ComputerTo set up an administrator computer Using Workgroup Manager Creating a Domain Administrator AccountTo create a domain administrator account To connect and authenticate to directory domains Major Workgroup Manager Tasks Modifying Workgroup Manager Preferences To set Workgroup Manager preferencesPreference Description Finding and Listing Accounts Working with Account Lists in Workgroup ManagerListing Accounts in the Local Directory Domain Listing Accounts in Search Policy Directory Domains To list accounts in a server’s local directory domainListing Accounts in Available Directory Domains Refreshing Account ListsFinding Specific Accounts in a List Using Advanced Search To filter items in the list of accountsTo do this Do this Using Presets Shortcuts for Working with AccountsSorting Users and Groups Editing Multiple Accounts Simultaneously Interface element Mixed-state appearanceTo batch-edit accounts that match specific criteria Importing and Exporting Account Information Getting Started with Workgroup Manager Where User Accounts Are Stored About User AccountsPredefined User Accounts User IDAdministering User Accounts Creating User AccountsTo create a user account Editing User Account Information To make changes to a user accountWorking with Read-Only User Accounts Working with Guest UsersTo work with a read-only user account To delete a user account using Workgroup Manager Working with Windows User AccountsDeleting a User Account Disabling a User AccountWorking with Presets Creating a Preset for User AccountsTo create a preset for user accounts Using Presets to Create Accounts Renaming PresetsEditing Presets To create an account using a presetWorking with Basic Settings Deleting a PresetTo edit a preset To delete a presetTo work with the user name using Workgroup Manager Modifying Short NamesTo work with a user short name using Workgroup Manager Choosing Stable Short NamesAvoiding Duplicate Names Modifying User IDs To change a user ID in Workgroup ManagerAssigning a Password to a User Assigning Administrator Privileges for a ServerTo assign a password To set server administrator privileges in Workgroup ManagerChoosing a User’s Login Picture To change a user’s login pictureRemoving Administrative Privileges from a User Giving a User Limited Administrative CapabilitiesTo remove a user’s administrative privileges Working with PrivilegesTo add limited administrative capabilities Task DescriptionWorking with Advanced Settings Giving a User Full Administrative CapabilitiesTo change a user’s administrative privileges To enable a user’s calendarChoosing a Default Shell To choose a default shellChoosing a Password Type and Setting Password Options To choose a user password type and set password optionsCreating a Master List of Keywords Applying Keywords to User AccountsTo edit the master keyword list To work with a comment using Workgroup Manager Editing CommentsTo work with keywords for a user account Working with Group Settings To set a primary group ID using Workgroup ManagerChoosing a User’s Primary Group To review group memberships using Workgroup Manager Reviewing a User’s Group MembershipsAdding a User to a Group Working with Home Settings To add a user to a group using Workgroup ManagerTo remove a user from a group using Workgroup Manager Removing a User from a GroupWorking with Mail Settings Enabling Mail Service Account OptionsWorking with Print Quota Settings Disabling a User’s Mail ServiceTo disable a user’s mail service using Workgroup Manager To forward a user’s mail using Workgroup ManagerEnabling a User’s Access to All Available Print Queues Enabling a User’s Access to Specific Print QueuesResetting a User’s Print Quota To delete a user’s print quota using Workgroup ManagerTo restart a user’s print quota using Workgroup Manager Removing a Print Quota For a QueueWorking with Info Settings To disable a user’s access to print queues enforcing quotasWorking with Windows Settings Changing a Windows User’s Profile LocationTo change a user’s info Changing a Windows User’s Login Script Location Working with GUIDs Changing a Windows User’s Home Folder Drive LetterChanging a Windows User’s Home Folder Location Viewing GUIDsTo view a user or group Guid About Group Accounts How Group Accounts Track MembershipWhere Group Accounts Are Stored Predefined Group AccountsPredefined Group name Group ID Use Administering Group Accounts Creating Group AccountsTo create a group account Creating a Preset for Group Accounts To create a preset for group accountsEditing Group Account Information To make changes to a group accountCreating Hierarchical Groups To create a hierarchical groupTo convert a legacy group to an upgraded group account Upgrading Legacy GroupsWorking with Read-Only Groups Working with Basic Settings for Groups To delete a group using Workgroup ManagerDeleting a Group Naming a GroupTo work with group names using Workgroup Manager Defining a Group IDChoosing a Group’s Login Picture To work with a group ID using Workgroup ManagerTo choose a group’s login picture Enabling a Group’s Web Services To enable a group’s web servicesWorking with Member Settings for Groups Adding Users or Groups to a GroupWorking with Group Folder Settings Removing Group MembersTo remove group members Specifying No Group Folder Creating a Group FolderTo specify no group folder 102 Designating a Group Folder for Use by Multiple Groups 104 Setting Up Computers Computer Groups About Computer AccountsCreating Computer Accounts To create a computer accountTo set up the guest computer account Working with Guest ComputersWorking with Windows Computers Administering Computer Groups About Computer GroupsDifferences Between Computer Groups and Computer Lists Creating a Computer GroupCreating a Preset for Computer Groups To set up a computer groupUsing a Computer Group Preset To set up a preset for computer groupsTo use a preset for computer groups Adding Computers or Computer Groups to a Computer Group To add computers or computer groups to a computer groupTo upgrade computer lists to computer groups Deleting a Computer GroupUpgrading Computer Lists to Computer Groups To delete a computer groupSetting Up Home Folders About Home FoldersHosting Home Folders for Mac OS X Clients Hosting Home Folders for Other ClientsDistributing Home Folders Across Multiple Servers Administering Share Points Setting Up a Share PointTo set up a share point Unix Class Name PermissionSetting Up an Automountable AFP Share Point for Home Folders To set up an automountable AFP share point for home foldersSetting Up an Automountable NFS Share Point for Home Folders To set up an automountable NFS share point for home foldersSetting Up an SMB Share Point To create an SMB share point and set permissions Administering Home Folders Specifying No Home FolderTo define no home folder Creating a Home Folder for a Local User To create a home folder for a local userCreating a Network Home Folder To create a network home folder for AFP or NFS share pointsCreating a Custom Location for Home Folders To create a custom home folder using Workgroup Manager Element Do this Setting Up a Home Folder for a Windows User To set up a home folder in an existing share point\\servername\usershortname Setting Disk Quotas Setting Disk Quotas for Windows Users to Avoid Data Loss Using Presets to Choose Default Home FoldersMoving Home Folders Deleting Home FoldersManaging Portable Computers About Mobile AccountsAbout Portable Home Directories Logging In to Mobile Accounts About External Accounts Resolving Sync ConflictsLogging In to External Accounts Advantages of Using Mobile Accounts Considerations and Strategies for Deploying Mobile AccountsApplications locally cache temporary files Considerations for Using Mobile Accounts You can manage individual mobile accounts138 Strategies for Syncing Content Mobile accounts can’t restore deleted files through syncingSetting Up Mobile Accounts for Use on Portable Computers Configuring Portable ComputersTo set up portable computers for use on your network Managing Mobile Clients Without Using Mobile Accounts Unknown Mac OS X Portable ComputersUsing Mac OS X Portable Computers with Multiple Users 143 Securing Mobile Clients Optimizing the File Server for Mobile AccountsTo optimize the file server for mobile accounts 146 Client Management Overview Using Network-Visible Resources There are several key network-visible resourcesPower of Preferences Limits accessCustomizing the User Experience Environment Control By letting you manageDesigning the Login Experience Key login settingsEnvironment Desired effect Choosing a Workgroup Working with Synced Homes Improving Workflow153 154 Using Workgroup Manager to Manage Preferences Preference pane What you can manageUnderstanding Managed Preference Interactions 157 158 Setting the Permanence of Management Understanding Hierarchical Preference ManagementPreference Management Basics Caching PreferencesManaging User Preferences To manage user preferencesManaging Group Preferences Managing Computer PreferencesTo manage group preferences To manage computer preferencesManaging Computer Group Preferences Disabling Management for Specific PreferencesTo manage computer group preferences Managing Access to Applications To selectively disable preference managementWhat you can control Icon Indicates the application has this type of signatureTo allow users to open specific applications and folders Allowing Specific Dashboard Widgets To allow specific Dashboard widgetsTo disable Front Row Disabling Front RowTo set up a list of accessible applications Managing Classic PreferencesSelecting Classic Startup Options To work with various startup options for ClassicClassic preference pane What you can control Choosing a Classic System Folder Allowing Special Actions During RestartTo choose a specific Classic System Folder Controlling Access to Classic Apple Menu Items To allow special actions during restartTo hide or show items in the Apple menu Adjusting Classic Sleep Settings To adjust Classic sleep settingsTo choose where Classic user preferences are stored Managing Dock PreferencesMaintaining Consistent User Preferences for Classic Controlling the User’s DockProviding Easy Access to Group Folders To add a Dock item for a group folderAdding Items to a User’s Dock To add items to a user’s DockManaging Energy Saver Preferences Preventing Users from Adding or Deleting Dock ItemsTo prevent users from adding items to their Docks Using Sleep and Wake Settings for Desktop Computers To set sleep and wake settingsSetting Energy Saver Settings for Portable Computers To manage portable computer settingsDisplaying Battery Status to Users To show battery status in the menu bar Scheduling Automatic Startup, Shutdown, or SleepTo schedule automatic actions Setting Up Simple Finder Managing Finder PreferencesFinder preference pane What you can control Controlling the Behavior of Finder Windows To turn on Simple FinderTo hide disk and server icons on the desktop To set Finder window preferencesHiding the Alert Message When a User Empties the Trash Making Filename Extensions VisibleTo hide the Trash warning message To make filename extensions visibleControlling User Access to Remote Servers Controlling User Access to an iDiskPreventing Users from Ejecting Discs Hiding the Burn Disc Command in the Finder Controlling User Access to FoldersTo hide the Burn Disc command To hide the Go to Folder commandAdjusting the Appearance and Arrangement of Desktop Items To hide the Restart and Shut Down commandsRemoving Restart and Shut Down from the Apple Menu To set preferences for the desktop viewAdjusting the Appearance of Finder Window Contents Managing Login Preferences Changing the Appearance of the Login WindowLogin preference pane What you can control List setting Mac OS X version EffectTo change the appearance of the Login Window Configuring Miscellaneous Login Options Option What this does when enabledTo configure miscellaneous login options Choosing Who Can LogCustomizing the Workgroups Displayed at Login To choose who can logEnabling the Use of Login and Logout Scripts To customize the workgroups displayed at loginTo enable the use of login or logout scripts Trust value name RequirementsChoosing a Login or Logout Script Click EditTo choose login or logout scripts Automatically Opening Items After a User LogsTo set an item to open automatically Providing Access to a User’s Network Home Folder Providing Easy Access to the Group Share Point To add a login item for the group share pointTo automatically mount the Network Home Managing Media Access Preferences Controlling Access to CDs, DVDs, and Recordable DiscsTo control access to disc media Controlling Access to Hard Drives, Disks, and Disk Images Ejecting Removable Media Automatically When a User Logs OutTo restrict access to internal and external disks To automatically eject removable mediaManaging Mobility Preferences Creating a Mobile AccountMobility preference pane What you can control To create a mobile account using Workgroup Manager Preventing the Creation of a Mobile AccountManually Removing Mobile Accounts from Computers To prevent the creation of mobile accountsTo remove a mobile account Enabling FileVault for Mobile Accounts OptionEffectTo enable FileVault for mobile accounts Selecting the Location of a Mobile Account To select the location of a mobile accountHome folder location Description Type Name PrivilegeCreating External Accounts To create an external accountSetting Expiration Periods for Mobile Accounts To set an expiration period Stopping Files from Syncing for a Mobile Account To stop files from syncingSetting the Background Sync Frequency Showing Mobile Account Status in the User’s Menu BarTo set the frequency for syncing background folders Configuring Proxy Servers by Port Managing Network PreferencesTo show mobile account status in the user’s menu bar Network preference pane What you can controlTo configure proxy servers for a user or a group To choose the domains that users can access directlyAllowing Users to Bypass Proxy Servers for Specific Domains Enabling Passive FTP Mode To enable passive FTP modeTo disable Internet Sharing Disabling Internet SharingDisabling Bluetooth To disable AirPortTo disable Bluetooth Disabling AirPortPreventing Access to Adult Websites To prevent access to specific websitesManaging Parental Controls Preferences Hiding Profanity in DictionaryAllowing Access Only to Specific Websites To allow access only to specific websitesSetting Time Limits and Curfews on Computer Usage Managing Printing Preferences To set time limits and curfewsPrinting preference pane What you can control To restrict access to the printer list Making Printers Available to UsersPreventing Users from Modifying the Printer List To create a printer list for usersRestricting Access to Printers Connected to a Computer Setting a Default PrinterTo set the default printer Restricting Access to Printers To restrict access to a specific printerAdding a Page Footer to All Printouts To add a footer to all printoutsManaging Software Update Preferences Managing Access to System PreferencesTo manage access to Software Update servers To manage access to System Preferences Managing Time Machine PreferencesTo manage Time Machine preferences Managing Universal Access Preferences Adjusting the User’s Display SettingsUniversal Access Preference pane What you can control Setting a Visual Alert Adjusting Keyboard Accessibility OptionsTo adjust screen appearance To set a flashing alertTo set the way the keyboard responds to keystrokes Option EffectAdjusting Mouse and Pointer Responsiveness Enabling Universal Access ShortcutsTo control mouse and pointer settings Using the Preference Editor with Preference Manifests To allow Universal Access ShortcutsAllowing Devices for Users with Special Needs To allow assistive devicesAdding to the Preference Editor’s List To add to the preference editor’s list Frequency DescriptionEditing Application Preferences with the Preference Editor To edit application preferencesTo disable management of an application’s preferences Using the Preference Editor to Manage Core Services Manifest Examples of things you can changeUsing the Preference Editor to Manage Safari To add Safari to the preference editor list238 Diagnosing Common Network Issues Testing Your Network’s Time and Time ZonesTesting Your DNS Service To test your network’s DNS service on a single computerTesting Your Dhcp Service To test your network’s Dhcp service on a single computerSolving Account Problems If You Can’t Edit an Account Using Workgroup ManagerIf Users Can’t See Their Names in the Login Window If You Want to Use Earlier Versions of Workgroup ManagerIf You Can’t Modify a User’s Open Directory Password If You Can’t Assign Server Administrator PrivilegesIf Users Can’t Log In or Authenticate If Users Relying on a Password Server Can’t Log Problems with a Primary or Backup Domain Controller If Users Can’t Access Their Home FoldersIf Users Can’t Change Their Passwords If a Windows User Can’t Log in to the Windows DomainIf a Windows User’s Profile Settings Revert to Defaults If a Windows User Has No Home FolderSolving Preference Management Problems Testing Your Managed Client SettingsIf Users Don’t See a List of Workgroups at Login To view managed client settings in System ProfilerIf Login Items Added by a User Don’t Open If Users Can’t Add Printers to a Printer ListIf Items Placed in the Dock by a User Are Missing If a User’s Dock Has Duplicate ItemsIf Users See a Question Mark in the Dock If Users See a Message About an Unexpected Error If You Can’t Manage Network ViewsImporting and Exporting Account Information Understanding What You Can Import and ExportLimitations for Importing and Exporting Passwords Using Workgroup Manager to Import Accounts To import accounts using Workgroup ManagerArchiving the Open Directory Master Using Workgroup Manager to Export Accounts To export accounts using Workgroup Manager Using XML Files Created with AppleShare IP Access control list See ACL Apple Filing Protocol See AFPSee also computer list Directory node See directory domainFull name See long name Globally unique identifier See Guid Home directory See home folder Local home directory See local home folder 262 Primary domain controller See PDC Search path See search policy Security identifier See SIDWeblog See blog 266 Index 268 269 270 271 272 273 274 275