[Previous] [Next]
Lesson 2: Planning New User Accounts
You can streamline the process of creating user accounts by planning and organizing the information for the user accounts. You should plan the following areas:
- Naming conventions for user accounts
- Requirements for passwords
After this lesson, you will be able to
- Plan a strategy for creating new user accounts.
Estimated lesson time: 5 minutes
Naming Conventions
The naming convention establishes how users are identified in the domain. A consistent naming convention will help you and your users remember user logon names and locate them in lists. Table 10.1 summarizes some points you might want to consider in determining a naming convention for your organization.Table 10.1 Naming Convention Considerations
Consideration | Explanation |
---|---|
User logon names must be unique | Local user account names must be unique on the computer where you create the local user account. User logon names for domain user accounts must be unique to the Directory. |
Use 20 characters maximum | User logon names can contain up to 20 uppercase or lowercase characters; the field accepts more than 20 characters, but Windows 2000 recognizes only the first 20. |
Avoid invalid characters | The following characters are invalid:" / \ [ ] : ; | = , + * ? < > |
User logon names are not case sensitive | You can use a combination of special and alphanumeric characters to help uniquely identify user accounts. User logon names are not case sensitive, but Windows 2000 preserves the case. |
Accommodate employees with duplicate names | If two users were named John Doe, you could use the first name and the last initial, and then add additional letters from the last name to differentiate the duplicate names. In this example, one user account logon name could be Johnd and the other Johndo. Another possibility would be to number each user logon name—for example, Johnd1 and Johnd2. |
Identify the type of employee | In some organizations, it is useful to identify temporary employees by their user account. To identify temporary employees, you can use a T and a dash in front of the user's logon name—for example, T-Johnd. Alternatively, use parentheses in the name—for example, John Doe (Temp). |
Password Requirements
To protect access to the computer, every user account should have a password. Consider the following guidelines for passwords:
- Always assign a password for the Administrator account to prevent unauthorized access to the account.
- Determine whether the Administrator or the users will control passwords. You can assign unique passwords for the user accounts and prevent users from changing them, or you can allow users to enter their own passwords the first time they log on. In most cases, users should control their passwords.
- Use passwords that are hard to guess. For example, avoid using passwords with an obvious association, such as a family member's name.
- Passwords can be up to 128 characters; a minimum length of eight characters is recommended.
- Use both uppercase and lowercase letters, numerals, and valid nonalphanumeric characters.
Lesson Summary
In this lesson, you learned that in planning user accounts, you should determine naming conventions for user accounts, requirements for passwords, and account options such as logon hours, the computers from which users can log on, and
account expiration. You learned that domain user accounts can be up to 20 characters long and must be unique within the OU where you create the domain user account. Local user account names can also be up to 20 characters long and must be unique on the computer where you create the local user account. Making these decisions before you start creating user accounts will reduce the amount of time it takes to create the needed user accounts and will simplify managing these accounts.