Site home page
Get alerts when Linktionary is updated
Book updates and addendums
Get info about the Encyclopedia of Networking and Telecommunicatons, 3rd edition (2001)
Download the electronic version of the Encyclopedia of Networking, 2nd edition (1996). It's free!
Contribute to this site
Electronic licensing info
Users and Groups
Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM.
Network operating systems provide security by requiring that all users log on by typing their user account name and a password. Once a user is verified or authenticated, the user can access the network based on the rights they have been granted throughout the network. Some network operating systems require users to log on every time they access a resource at a different location on the network. The usual technique is to incorporate user authentication features that verify the authenticity of a user one time for all resources on a network. Trust relationships are established so that one server "trusts" that another server has properly authenticated a user.
User accounts hold information about the user, including any restrictions they have on a network. For example, a user might be restricted to logging on at a specific workstation or during a specific time. Groups are collections of users that network administrators create to simplify user management. It is far easier to include users in a group, and then assign network access rights to the group, than it is to assign those rights individually to each user. Groups also simplify messaging. For example, it's easier to send an electronic mail message to a group called "Managers" than to each person in that group individually. Managers should create groups for users, projects, and management purposes when planning and setting up the network, and then add user accounts to groups as users are added to the network.
A user account is granted certain rights and permissions to network resources. These accounts may have the following restrictions (from NetWare):
Groups are collections of users or user accounts. You create groups to simplify the task of managing and defining rights for large numbers of users. It's also easier to send messages to groups than it is to send messages to each individual user within a group. Groups have names and can include users who work on similar projects, belong to the same department, or even belong to a club within the company. A user can belong to more than one group. For example, a user might belong to the manager or administrator's group, the advisory group, and the golf group.
You assign directory and file access rights (permissions in Windows NT) to groups in the same way you can assign those rights to users. However, it is much easier to assign the rights to groups, and then add users to the group. The user then gets all the rights and privileges of that group. Groups should be defined when planning a network and created before adding any users. Then, as you create new user accounts, you can add a user to a group. A user can be a member of more than one group.
Here are some examples of ways you could use groups:
Another interesting aspect of groups is that they provide a convenient way to change or remove the rights of a large number of users at the same time. You can delete an entire group, or you can remove users from a group. When users are removed from a group, they still retain an account on the system, but any rights they had with the group are no longer valid.
Copyright (c) 2001 Tom Sheldon and Big Sur Multimedia.