User Account Management

From Vista Ridge Cyberpatriot
Jump to navigation Jump to search

User Account Management (Windows 10)

What Are We Doing?

User account management is about ensuring that our users and their permissions are appropriate. Your virtual machine will have a README file located on the desktop when you first boot it up. This README will specify which users should exist on the system and which permissions those users should have. You will need to perform the following audits on the users of the system:

  1. Verify that all users in the README exist on the system. If you see a user noted in the README that does not exist on the system, they will need to be added.
  2. Verify that no users exist on the system who are not in the README. If there are users on the system who are not in the README, they should be removed.
  3. Verify that all users who are listed as Administrators have Administrator privileges. If there are users on the system who should have Administrator privileges, but do not, they should have their permissions modified to add it.
  4. Verify that no users who are not listed as Administrators have Administrator privileges. If there are users on the system who have Administrator privileges, but are not supposed to, they should have their permissions modified to remove it.

Audit #1: Find And Add Missing Users, and removing Unauthorized users

Graphical User Interface (GUI):

  1. Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
  2. Search for "Computer Management" and click on it when it appears
  3. Navigate to the dropdown menu titled "Local Users and Groups" and expand it
  4. Click on the folder titled "Users"
  5. Open the "Read Me" and look through the users and compare them with the users in the folder you have just opened
  6. If there are any users that are not authorized, right click on there name and select "Delete" check the list multiple times before doing this action, as it can not be undone.
  7. If you find there are any users that haven't been added that need to be, right click inside the folder and select "New User".
  8. Write the name and Secure password for this new user
  9. If this user in the Read Me is listed as an Admin, navigate to the "Groups" folder
  10. Add the new user to the "Administrators" Group.

Command Line

  1. Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
  2. Search for "Windows Powershell" and click on it when it appears
  3. For a list of all users type "Get-LocalUser"
  4. Open the "Read Me" and look through the users and compare them with the users in the list
  5. If there are any users that are not authorized, type "net user *username* /delete"
  6. If you find there are any users that haven't been added that need to be, Type "net user /add *username* *password for user* "
  7. If this user in the Read Me is listed as an Admin, Type "net localgroup administrators *username* /add "

Audit #2: Find and Remove Additional Administrators

Graphical user Interface (GUI):

  1. Click on the Windows Search bar on the bottom left of the screen, or press the Windows key.
  2. Search for "Computer Management" and click on it when it appears
  3. Navigate to the dropdown menu titled "Local Users and Groups" and expand it
  4. Open the "Read Me" and look through the users and compare them with the users in the list
  5. If there are any users that have admin status, while they should only have standard status
  7. If this user in the Read Me is listed as an Admin, Type "net localgroup administrators *username* /add "
Retrieved from "https://cypat.rainbowunicorn.org/index.php?title=User_Account_Management&oldid=123"