Create a User
User accounts creation
Users can be created manually using Administrative tools. Given that there are no multiple domains and the server is a standalone one we don't need Active Directory. The user account creation can be simple and mainly serving the purpose of providing personal profiles and workspace. This doesn't restrict a user from using a public workspace, esp for collaboration or submission of homeworks, etc
However, creating multiple users may become tiresome especially when the creator of accounts has to look at the existing users and make sure there is no naming conflict. Given this background we have written up a script that will assist in the generating users and we recommend using the script and following the practices related to using the script for best results.
Accounts Best Practices
- Users' first and last names should be used so that there is no confusion about who it belongs to.
- The account names should be in the format firstname.lastname (If the account name goes beyond 20 chars you may reduce the First Name to merely First Initial.)
- If one such account already exists (common names like John, Michael, etc get used often) then suffix a digit
- Password should not be complicated and should not have random characters.
- Have words in the dictionary and preferably 2 or 3 simple words combined. (For ex: "summer flower")
- These passwords should not be changeable by anyone including the users themselves.
- These passwords should never expire.
- Ensure that the groups "Instructors" and "Students" exists prior to creating the users.
- The Group should contain either "Instructors" or "Students" depending on who the user is. All users are, by default, also a part of "Users" group.
- The description field should be used to enter an identifying information like ID or Roll number. For instructors it could be the course they are teaching.
Creating a record of users
- Open up MS Excel and start the top row with the following headers (in order and exactly how they are): "FirstName", "LastName", "AccountName", "Password", "Group" and "Description" Note, in the Excel sheet shown the Description column is missing but you could refer the Excel sheet Users_Spring2013.csv saved for your reference.
- The order could be changed but it makes auditing more difficult. If there is uniformity, it is easy to notice anomalies/mistakes.
- Enter the users - 1 per row, filling their details.
- Once you are done, go to the "File" menu and click "Save As".
- Give it a name that follows the following format: "Users<semester><2 digits of the year>". So something like UsersSpring14
- Save it as a "Comma Separated Value (CSV)".
- Save it in the location C:\EJP_SUPPORT_FILES\User Account Creation
- Accept all the warnings it may throw. Those won't affect our operation and in fact ignoring them will be useful for the script.
Editing record
You should minimize the edits to the above file.
- You may still need to modify a user if:
- you realized that you have added a John Smith and the user was not added because some other John Smith was already added before.
- a newly assigned password may have matched that of another user's.
- a formal audit/review led to a directive to change the account details/ correct mistakes.
- Make the changes and save the file.
If the file was already used to feed the User account creation script then the modification will create some new/changed records.
- If the records are changed, then you should manually delete the user or assign a new digit suffix and leave the incorrect user account unassigned.
- For example the user John Smith had his ID wrongly entered. So the user account john.smith should be deleted manually
- Then the correction should be made in the record and the script should be run again.
- Or a workaround is to add a new record for John Smith with the account john.smith1 with the corrected data.
- If the records are new, then you could simply run the script again and feed it the same record file. Already existing users won't be created but the newer ones will be.
Using the User Accounts Generation Scripts (UAGS)
Setting Execution Policy
- Open a Powershell window
- Enter Set-ExecutionPolicy RemoteSigned
- Press 'y' when prompted
Running the script
The location C:\EJP_SUPPORT_FILES\User Account Creation also contains a file called UserAccountCreation (which is a shortcut type)
- Double click on the file. It will open up a window as shown.
- Carefully enter the filename that you saved the records under. Now the script will go through the records and create them as follows:
- Check if a user account already exists.
- If it exists it will skip that user and display such a message on the screen.
- If it does not exist it will attempt to create that user
- Pull in the rest of the details. If the group to which a user is assigned to is invalid (Say "Instructor" was entered instead of "Instructors") it will skip that user to be added later. It will throw that message on the screen so that you could revisit the file and correct the spellings. (Refer Editing record section above.)
- Finally it will have created all users and the window waits for you to press a key and then to close the window. You may now close it.
Note
If you run the UAGS with the same record file over and over again, the users wont be duplicated. So this can be used to the advantage if the number of users increase gradually over the semester. You can add records to the bottom of the record file and keep using it without worrying about creating multiple user accounts for the same person. However if you accidentally entered wrong user information and such a user was created it is advised to delete the user before modifying the record file and re-running the UAGS.
- To recover these files from a server problem which possibly wiped out the files on C: drive simply go to EJPRECOVERY drive. The path is F:\EJP_SUPPORT_FILES\User Account Creation
- Copy the contents of this folder into C:\EJP_SUPPORT_FILES\User Account Creation
Creating a shortcut for the UAGS
It is possible that you may have accidentally deleted or misplaced the UAGS shortcut mentioned above Creating a new shortcut is easy but you need to have the file UserAddition.ps1 in C:\EJP_SUPPORT_FILES\User Account Creation Then follow the steps:
- Go to C:\EJP_SUPPORT_FILES\User Account Creation
- Right click to bring up the menu and navigate to find Shortcut. Click it.
- Enter the following as shown:
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -noexit &'C:\EJP_SUPPORT_FILES\User Account Creation\UserAddition.ps1'
- Click next and Enter a convenient name. We recommend UserAccountCreation. Click Finish.