Difference between revisions of "User Account Management"

From Vista Ridge Cyberpatriot
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
=== User Account Management (Windows 10)===  
+
=== User Account Management (Windows 10 and Server)===  
  
 
==== What Are We Doing? ====
 
==== What Are We Doing? ====
Line 22: Line 22:
 
# If this user in the Read Me is listed as an Admin, navigate to the "Groups" folder
 
# If this user in the Read Me is listed as an Admin, navigate to the "Groups" folder
 
# Add the new user to the "Administrators" Group.
 
# Add the new user to the "Administrators" Group.
Command Line
+
Command Line :
  
 
# Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
 
# Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
Line 39: Line 39:
 
# Navigate to the dropdown menu titled "Local Users and Groups" and expand it
 
# Navigate to the dropdown menu titled "Local Users and Groups" and expand it
 
# Open the "Read Me" and look through the users and compare them with the users in the list
 
# Open the "Read Me" and look through the users and compare them with the users in the list
# If there are any users that have admin status, while they should only have standard status  
+
# If there are any users that have admin status, while they should only have standard status go to the "Groups" folder
 
#  
 
#  
# If this user in the Read Me is listed as an Admin, Type "net localgroup administrators *username* /add "
+
# Double click the "Administrators" group, and remove and/or add members to this group when needed.
 +
Command Line :
 +
 
 +
# Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
 +
# Search for "Windows Powershell" and click on it when it appears
 +
# For a list of all users type "Get-LocalUser"
 +
# Open the "Read Me" and look through the users and compare them with the users in the list
 +
# If there are any users that are standard users but have admin privileges, type "net localgroup administrators *username* /delete"
 +
# If this user in the Read Me is listed as an Admin and is standard, Type "net localgroup administrators *username* /add "

Latest revision as of 18:01, 20 August 2022

User Account Management (Windows 10 and Server)[edit | edit source]

What Are We Doing?[edit | edit source]

User account management is about ensuring that our users and their permissions are appropriate. Your virtual machine will have a README file located on the desktop when you first boot it up. This README will specify which users should exist on the system and which permissions those users should have. You will need to perform the following audits on the users of the system:

  1. Verify that all users in the README exist on the system. If you see a user noted in the README that does not exist on the system, they will need to be added.
  2. Verify that no users exist on the system who are not in the README. If there are users on the system who are not in the README, they should be removed.
  3. Verify that all users who are listed as Administrators have Administrator privileges. If there are users on the system who should have Administrator privileges, but do not, they should have their permissions modified to add it.
  4. Verify that no users who are not listed as Administrators have Administrator privileges. If there are users on the system who have Administrator privileges, but are not supposed to, they should have their permissions modified to remove it.

Audit #1: Find And Add Missing Users, and removing Unauthorized users[edit | edit source]

Graphical User Interface (GUI):

  1. Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
  2. Search for "Computer Management" and click on it when it appears
  3. Navigate to the dropdown menu titled "Local Users and Groups" and expand it
  4. Click on the folder titled "Users"
  5. Open the "Read Me" and look through the users and compare them with the users in the folder you have just opened
  6. If there are any users that are not authorized, right click on there name and select "Delete" check the list multiple times before doing this action, as it can not be undone.
  7. If you find there are any users that haven't been added that need to be, right click inside the folder and select "New User".
  8. Write the name and Secure password for this new user
  9. If this user in the Read Me is listed as an Admin, navigate to the "Groups" folder
  10. Add the new user to the "Administrators" Group.

Command Line :

  1. Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
  2. Search for "Windows Powershell" and click on it when it appears
  3. For a list of all users type "Get-LocalUser"
  4. Open the "Read Me" and look through the users and compare them with the users in the list
  5. If there are any users that are not authorized, type "net user *username* /delete"
  6. If you find there are any users that haven't been added that need to be, Type "net user /add *username* *password for user* "
  7. If this user in the Read Me is listed as an Admin, Type "net localgroup administrators *username* /add "

Audit #2: Find and Remove Additional Administrators[edit | edit source]

Graphical user Interface (GUI):

  1. Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
  2. Search for "Computer Management" and click on it when it appears
  3. Navigate to the dropdown menu titled "Local Users and Groups" and expand it
  4. Open the "Read Me" and look through the users and compare them with the users in the list
  5. If there are any users that have admin status, while they should only have standard status go to the "Groups" folder
  6. Double click the "Administrators" group, and remove and/or add members to this group when needed.

Command Line :

  1. Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
  2. Search for "Windows Powershell" and click on it when it appears
  3. For a list of all users type "Get-LocalUser"
  4. Open the "Read Me" and look through the users and compare them with the users in the list
  5. If there are any users that are standard users but have admin privileges, type "net localgroup administrators *username* /delete"
  6. If this user in the Read Me is listed as an Admin and is standard, Type "net localgroup administrators *username* /add "