How do I create a new user in Active Directory?

~ 0 min
2021-08-26 02:12
PDF version

Overview

The purpose of this article is to explain how to create a new user account within Active Directory.

Procedure

The following screenshots were taken using Windows Server 2019 (v1809).
If using a different version of Windows Server these images may contain minor variances.
  1. Launch Active Directory Users and Computers.
    "Active Directory Users and Computers" can be found on the Start Menu under the "Windows Administrative Tools" folder.
  2. Locate the Organizational Unit (folder) that will contain the user account.
    1. Ensure the domain is expanded.
    2. For small environments this will usually be the "Users" OU.
  3. Click the Action menu.  (Alternatively, right-click the OU from step 2)
    1. Move the mouse cursor down to New, another context menu will appear.
    2. Click User.
    3. The "New Object - User" dialgoue will appear.
      New Object - User
  4. Complete the following fields, then click Next:
    1. First Name
    2. Initials (optional)
      This is intended for middle initial(s)
    3. Last Name
    4. Full Name
      This field will begin to auto populate as characters are entered into the First name, Last name, and initials fields.
    5. User logon name
      User logon names are limited to 256 characters, however to maintain backwards compatibility user logon names should not exceed 20 characters.
  5. Enter a Password.
    After entering the password, type the same password in the Confirm password field.
  6. Review and check any of the password options that apply:
    1. User must change password at next login
      This is option should be considered to be be checked (enabled).  As an administrator you can safely give the new user their password and after a successful login the user will be prompted to immediately change their password.  This helps safe guard the password so that only the user knows their password.
    2. User cannot change password
      WARNING: This is not considered a best practice and should be avoided if possible.
      Specify this option if you do not want the user to be able to change their own password.  This may be useful if creating a service account for which you want to prohibit user interaction.
    3. Password never expires
      WARNING: This is not considered a best practice and should be carefully considered before choosing this option.  This may be useful if creating a service account, or an account that will not require human interaction.
    4. Account is disabled
      Checking this option will cause the User account to be disabled which will prevent login or access of any kind.
      This is a good option if you want to pre-create a user account and provide access to the user at a later time.
  7. When you are satisfied with the user's password options, click Next to review the new user account.
  8. Click Finish to have the new user account created.

References

Average rating 0 (0 Votes)

You cannot comment on this entry

Tags

Active Directory User Management Windows Server