LESSON FOUR

USER MANAGEMENT

4.1 INTRODUCTION

User management is an integral part of system administration. System administration involves

controlling access to system. This involves determining what resources are needed by each user
for them to work and execute their daily activities. Sufficient rights should accorded to the user to
access and use the resource effectively without endangering the system. Issues concerning users

Management of users in system administration involves;

 User account creation

 User account management
 Training

4.2 LESSON OBJECTIVES

By the end of the lesson the learners should be able to:

1. explain importance of user management

2. identify the different types of system users
3. explain the importance of training system users

4.3 USER CREATION

This involves introduction of user accounts into a computer systems user database of the
authentication server. The system administrator provides credentials of the user including the name
and log in details that the user will use to access the system. This gives the user ability to work in
a networked system with centralized control. This control is done at the server level and the access
privileges the user is given affects the user during the time they are logged into the network.

The details created in the system will be used to is authenticate the user in the computer system as
being the genuine user. The user is given limited access to certain resources in the system such as
disk spaces, access to printers, ability to install software or to do backups etc. depending on the
nature of work that the user is engaged in.

User registration on the host computer means the user is only registered on the device they are
working on. There is no centralized control over the user’s activities within the system. Such a
user cannot access resource on the network.

4.3.1 Deleting users

This involves removal of users name from the local or server computers. This in essence means
the user cannot access the computer system using the credential they had been allocated.

4.3.2 Disabling users

This involves rendering the user account in active. The user account is still in the computer
system however it cannot be used to access the computer system. Disabling a user account can
be done at the server (for disabling network account for network users) or at the local computer
(for disabling the local user from the local account)

4.4 TYPES OF USERS

There are several type of user’s depending on the type of operating system in use and the type of
work the user will handle in the system. They include;

Privileged users
This is a group of users who have been given a high level of authority within the system. Such
accounts need to be given to only deserving staff members with necessary skills to effectively
handle such user accounts and depending on the nature of their work. They could vary based on
the nature of work.

In Windows operating system some of the privileged accounts include; administrator account,
power users and back up operator. With the administrator having the highest privileges however
in a network environment the person with the highest privileges is the network administrator.
Administrative privileges on a host computers is the highest amount of privileges for users in host
computer.

In windows these users can be created in the server or the local computer. In the server these users
have global access to the computers and other users and user groups in the domain. In local
computer privileged users have overall rights to manage the local computer only. They cannot
manage/access accounts outside the local computers

In Linux the most privileged account is the root account. It has access to all files and command in
Linux

4.4.1 Standard users

These are users who require ordinary resource to do their day today work such as accessing an
application programs and resources such as printers within their work stations. They cannot do
harm to the computer system since their network accounts are limited in rights.

4.4.2 Local users’ vs network users

This are users are created in the local host/client computers within the system. These accounts only
work within the client computer where they were created hence cannot access network resources.
They cannot be used to access other hosts within the networks unless they have user accounts
created in the remote computer. In a local computer the highest user rights is the administrator.

This is a category of users that have global access of the hosts and resources over a network
depending on their access privileges. They are created in the server computer hence the owner of
the user account can access the network from any client computer within the network domain.

NB In system administration the principle of least privilege should be applied, users should be
given the least privileges and more privileges should be added base on the nature of activities they
are engaged in until they are comfortable with their work.

4.5 USER ACCOUNT MANAGEMENT.

This is a routine duty of the system administrator and involves;
  Changing access permissions of the users depending on what they need to perform their
daily tasks.
 Disabling users from the computer systems
 Deleting users that have left the organization should be removed or disabled so as to deny
them access to the organizations resources while they are away as they may be a serious
source of insecurity
 Managing log in times depending on the organizations policy the users may be denied
access to the organization’s resource when they are on leave or out of office hours as per
the organizations policies.
In system administration it is advisable to give the users the least privileges and only increase
their privileges on need to need basis.

4.6 TRAINING
Most often users of the system are not professionals in IT and have varying professional back
grounds. Such users need to be given basic training in use of computer systems in order for the
user to work efficiently and use the system effectively.

Training also acts as guidance to users avoid situations that can cause harm to the system such as
downloading harmful programs that can give outsiders access to the system illegally.
4.7 SUMMARY

User Management involves ensuring users are created into the system and can be able to log into
the system and undertake their tasks.

The system administrator should ensure they are accord right that will ensure they access only
the resources they need for their day to day tasks.

Users can bring harm to the system hence their account should be restricted in terms of privileges
on what they can do in a computer system
4.8 ACTIVITES

 Creating users in windows desktop computers

 Creating users in linux

 Creating and assigning rights to users in a windows sever

 Configuration of active directory in a windows server

 Installation of windows server

 Sharing of files in windows desktop and sever

Learning activity 1
Differentiate on how users are created in a Linux computer and windows based computer
operating system
Learning activity 2
Both linux and windows based computers allow sharing of files explain and differentiate how
the two operating systems perform this activity
Learning activity 3
Differentiate between how users are created in a windows client computer and server computer.
4.9 FUTHER READING

Thomas A Limocelli,,Christina J. Hogan, Strata J. Chalup, The practice of System and

Network Administration 2nd edition

Mark Burgess (2004), Principles of Network and System Administration, 2nd edition

4.10 SELF-TEST QUESTIONS

1. what are privileged users

2. Why do users need to be trained

3. Why do users need to be created in the system?

4. Explain authentication of users in a computer system

5. Why do system users need to be trained

6. Non system users also pose a risk to the system explain

7. explain how you create a user in windows server and differentiate with how you create a user
in a client