We have a computer on our network with some network shares. This computer is NOT part of our domain. In order to allow certain users to access the network shares, we have been creating local accounts on the computer with the same user name and password as the active directory user and adding those (local) users to the permissions list. Show
For example, this computer (TestComputer) has a local user (UserA) that has been given Full Control of a shared folder (TestFolder). There is also an active directory user with the same name ( What we want to do is join TestComputer to our domain and then give permissions to the active directory user ( It looks like here shows that joining a computer to a domain doesn't mess with the local accounts. However, it didn't clarify if anything would happen if those local accounts had the same name as active directory accounts. I just need clarification that I can just simply join the computer to the domain, replace the local user permissions with the active directory user and delete (maybe disable) the local user account.
asked Nov 25, 2009 at 21:51
If the domain has group policy it could potentially change members of users in the local admin and power users group.....or even add in new users. But existing users on the local machine will remain unaffected. answered Nov 25, 2009 at 22:08
daeddaed 962 bronze badges The only user and\or group change that occurs when joining a computer to a domain is that the domain users group is added to the local users group and the domain admins group is added to the local admins group. Your local user accounts will be unaffected and there will be no conflict with the domain user with the same name. You should be fine going ahead with your plan. answered Nov 25, 2009 at 21:56
joeqwertyjoeqwerty 109k6 gold badges80 silver badges171 bronze badges 1 Should be fine, unless your join the computer to the domain & promote it to a domain controller, in which case you'll no longer have local computer accounts. You'll also need to fix any NTFS permissions on files local users may have setup, as these won't carry over. Maybe you can use sidhistory with this if it's complicated, it might work? answered Nov 26, 2009 at 14:33
Nick KavadiasNick Kavadias 10.8k7 gold badges36 silver badges47 bronze badges
Local user accounts are stored in the SAM database. True or False? Each user account is assigned a ___________ to ensure that security is kept intact if the account is renamed. Which logon method requires users to press Ctrl+Alt+Delete before logging on? a. Windows Welcome Which logon method allows multiple users to have applications running on the computer at the same time? a. Windows Welcome Which characters are not allowed in user account names? (Select all that apply.) Because user names are case sensitive, you can use capitalization to ensure that they are Which characteristics apply to the Administrator account? (Choose all that apply.) a. It has a blank password by default. a. It has a blank password by default. Which characteristics apply to the Guest account? (Choose all that apply.) a. It has a blank password by default. a. It has a blank password by default. Because the initial user account created during installation is a member of the Administrators The ___________ built-in local group has been depreciated and is no longer recommended for use Standard users are members of which built-in local group? a. Administrators Standard user accounts are more usable in Windows 7 than previous versions of Windows because User Account Control elevates privileges as required. True or False? Which tasks can be performed by using the User Accounts applet in Control Panel? (Choose a. Change your password a. Change your password password reset disk contains ____________. encrypted copy of the user password Which user management tool is required to assign a. User Accounts in Control Panel b. Local Users and Groups MMC snap-in What is a risk of resetting a user password? a. The user account becomes corrupted. b. EFS-encrypted files cannot be accessed. Which file in a profile contains user-specific registry settings? a. AppData Which profile is copied to create a profile for new user accounts? a. Default User A roaming profile is located on a network server. True or False? Which profile is merged into each user profile when the user is logged on? a. Default User In a domain-based network, each server authenticates users by using the SAM database. The ___________ group becomes a member of the Administrators local group when a Windows 7 Which editions of Windows 7 have the option to use Parental Controls? (Choose all that a. Windows 7 Home Premium a. Windows 7 Home Premium Time limits can be configured separately for each day of the month. True or False? Which program or utility do you use to copy an existing user profile to the default user Which security feature in Windows 7 prevents malware by limiting user privilege levels? a. Windows Defender b. User Account Control (UAC) The default privilege level for services is LocalSystem. True or False? When compared to Windows XP, which networking features have been updated or added a. TCP/IPv4 b. Network Access Protection (NAP) When compared to Windows Vista, which data protection feature is new in Windows 7? a. Local security policy Which of the following passwords meet complexity requirements? (Choose all that apply.) a. passw0rd$ a. passw0rd$ Which password policy setting should you use to prevent users from reusing their passwords a. Maximum password age Which account lockout policy setting is used to confi gure the time frame in which incorrect a. Account lockout duration c. Reset account lockout counter after The _____ local policy controls the tasks users are allowed to perform. Which type of AppLocker rule condition can uniquely identify any fi le regardless of its a. Publisher How would you create AppLocker rules if you wanted to avoid updating the rules when a. Manually create rules for each application Evaluating DLL files for software restrictions has a minimal impact on performance because Which utilities can be used to compare the settings in a security template against a computer a. Secedit a. Secedit To which event log are audit events written? a. Application An ________ is used to describe the structure of an application and trigger UAC when What are you disabling when you configure UAC to not dim the desktop? a. Admin Approval Mode Microsoft Security Essentials requires a subscription fee after a 90-day trial period. True Which of the following does Action Center monitor? (Choose all that apply.) a. Network Firewall a. Network Firewall To prevent spyware installation, you should configure Windows Defender to perform __________. Which type of encryption is the fastest, strongest, and best suited to encrypting large a. Symmetric To encrypt a file by using EFS, the file must be stored on an NTFS-formatted partition. True How can you recover EFS-encrypted files if the user profile holding the digital certificate is a. Restore the file from backup. b. Restore the user certificate from a backup copy. Which of the following is not true about BitLocker Drive Encryption? a. BitLocker Drive Encryption requires at least two disk partitions. e. You must use a USB drive to store the startup key. BitLocker Drive Encryption is user aware and can be used to protect individual files on a Which is the preferred setting for Windows Update? a. Install updates automatically a. Install updates automatically Which categories of updates can be downloaded and installed automatically by Windows a. Critical b. Important What group becomes a member of the Administrators local group when a Windows 10 computer joins a domain?A built-in group. After the initial installation of the operating system, the only member of the group is the Administrator account. When a computer joins a domain, the Domain Administrators group is added to the Administrators group.
What authentication method requires the computer to be joined to either a domain or Azure AD?Pass-through authentication (PTA) is a feature of Azure AD Connect. It involves a simple service in the form of an agent running on one or several on-premises domain-joined servers, which validates a user's sign-on on behalf of Azure AD directly with the on-premises Active Directory (AD).
Are local user accounts are stored in the SAM database?SAM is part of the registry and can be found in the C Drive on the hard disk. This means that the SAM data is locally stored. Due to this, it is used in the case of a local logon. The user will only be able to access the data which is stored in that profile.
Which of the following cmdlets will you use to create local users using Windows Powershell?Description. The New-LocalUser cmdlet creates a local user account.
|