Creating a Single User

    To log in to Active Directory and to access resources in the domain, users require a user account. Using ADManager Plus, you can create a new user account in Active Directory with all the relevant attributes in a single step. Besides creating a user account in Active Directory, ADManager Plus also allows you to simultaneously provision accounts for the user in Microsoft 365, Exchange, Google Workspace, Live Communication Server (LCS)/Office Communication Server (OCS), Skype for Business, and Lync. You can configure remote mailboxes for the user accounts being created. You can even create independent Google Workspace and Microsoft 365 accounts without a preexisting AD user account.

    Procedure:

    You have to enter the values for various user attributes based on your requirement and finally click the Create User button. User attributes are grouped under different categories and present as "Tabs" like User Profile, Account Details, Contact details, Exchange Attributes . Choose the required "tab" and enter the appropriate values for the user. Use the copy user attributes option if you wish to configure the attributes of the new user account with the settings of an existing user account.

    Steps:

    1. Click AD Management tab
    2. Click 'Create Single User' link under 'Create Users'. This opens the Create Single User screen.
    3. If you wish to populate the attributes with the values from an existing user account, click the Copy User Attributes button. You can also key in the values for all the necessary attributes using the following steps.
    4. Specify the values for User Profile attributes.
    5. Select a valid container. To select the desired container, click on edit icon placed beside the 'select container' field.
    6. You can also create a new container by selecting the tab 'Create New OU' which you find after attempting to 'change' the container. Select the location to create the and name it.
    7. Click on the Account Details tab and specify the account properties.
      • There are different options available for password settings. You can choose any one from 'Randomly generate password', 'Type a password' etc. You can even customize the password settings to your organizational objectives, by clicking on the 'Configure password complexity' link.
      • Member of: All groups cannot be set as primary group to users for security reasons. So before applying primary group for users check the authorization. Only Security Global and Security Universal Groups can be set as Primary Groups. You can also import a CSV file to specify values for this field.
      • Set the appropriate account expiry date, using the Account Expires option.
      • Use the 'logon restriction' option to specify the computers from which users can logon.
      • Specify the hours during which the users can have access to the domain using the 'logon hours' option.
      • Click here to know how to configure the logon hours.
    8. Click on Contact tab to specify the contact information about the user.
    9. Select the Exchange tab to create a external mail enabled user or mailbox enabled user or with no mail.
    10. Choose mail server and mailbox store while creating mailbox enabled user.
    11. Choose Admin groups and give Target SMTP address (Example:"SMTP:user@mail1.com) while creating external mail enabled users.
    12. Click the Remote Mailbox tab to create a remote mailbox for the user.
      • Select the 'enable remote mailbox' option.
      • Specify the remote routing address in the field provided.
      • Select the Terminal tab and specify the terminal services attributes.
    13. Click OCS/Lync/Skype tab and specify the appropriate values for the required OCS/Lync/Skype for Business attributes.
    14. Click the Custom Attributes tab and enter the appropriate values for the custom attributes. To execute a custom script on successful creation of the user account, the custom script option and enter the script in the script command window.

      Note: Before attempting to add values to custom attributes via CSV import, you have to configure the custom attributes in the admin tab of ADManager Plus.

    15. To create an account in Office 365 for this user,
      • Select the Office 365 option located just above the tabs.
      • Click the Office 365 tab.
      • Select a method for creating the user account.
      • Using the options in Assign Licenses, select the desired license and the services that you wish to assign to this user.
      • In the group membership field, select the groups to which you wish to add this user.
      • In Microsoft 365 roles, select the role that you want to assign to this user.
    16. If the user has been assigned an Exchange Online mailbox, you can also enter the desired email alias* and also enable the litigation hold* and in-place archive* for the user's mailbox. Set storage quotas for the mailbox by configuring the fields in Storage limits.
    17. Configure features like OWA, OMA, protocols and policies for the associated mailbox.

      Important: Office 365 tab will be available only if the Office 365 settings are configured in ADManager Plus.

      • Also, ensure that Windows Azure module is installed on same the machine where ADManager Plus is installed.
      • The country attribute is mandatory to apply O365 license.

        Note: If there is a match between the UPN suffix and any of the O365 domains, that domain will be used for account creation. Else, the default domain in O365 will be used.

    18. Once the creation of Office 365 user accounts is successful, you can add them directly to MS Teams via ADManager Plus.
    19. To add O365 users to Microsoft Teams, follow these steps:

      • Select the 'MS Teams' tab from the user creation template.
      • Click the 'Teams and Channel' option to list the available teams and channels to which you can add users.
      • The 'Policy packages' option lets you select and apply the respective policy packages. You can choose from any of the twelve pre-defined policy packages.
      Important:
      • MS Teams tab will be available only if Office 365 settings as well as MS Teams settings are configured in ADManager Plus.
      • Ensure that the MS Teams pre-requisites are satisfied to add O365 users to MS Teams successfully.
    20. To create a Google Workspace account for this user,
      • Select the Google Workspace option located just above the tabs.
      • Click the Google Workspace tab.
      • Click the edit icon located next to the field Google Workspace group, and select the relevant groups.
      • Click the edit icon located next to Google Workspace organizational unit, and select the desired container from the list.
        Note: 'Google Workspace' option will be available only if the Google Workspace settings are configured in Admin tab.
      • After specifying the required details, click on Create to add this new user account to your Active Directory.

    * These tasks that might not be executed immediately, but with a delay, as it might take some time to create the user's mailbox. These tasks will be executed as soon as the mailbox is created. Until then, these operations will be listed under Delayed Management Tasks. Click here to know how to view, and manage all such Delayed Management Tasks.

    User creation using 'templates'

    1. A user can be created by selecting the predefined templates available in the option "selected Template"
    2. By selecting a template, all the properties of the template will be applied to the users being created.
    3. By clicking in 'change' you can change the template from mail enabled users to mailbox enabled users etc.
    4. A set of users with common properties can be created by using the specific template. Link to template creation

    Ex: If your intention is to create user accounts with mailbox for permanent employees, you can select the template 'MailBox Enabled Users' and start creating accounts. All the users created eventually will bear the same properties.

    Note: If the selected template has creation rules configured, the fields included in the rules will be automatically updated with the specified values. Also, these rules will not be visible to the technicians during the user creation process.

    For details on the user attributes, refer to the Microsoft Documentation here and here.

    Note:
    1. To create Mailbox Enabled Users in Exchange 2007, you would require the Exchange Management Console, failing which the legacy Mailbox will be created.
    2. The mandatory parameters for creating a user are the Logon Name, SAMaccount Name and the FullName. When the attribute is left blank, the user account will be created with the default values.
    3. Changing domain in middle of things will reset all domain specific attributes.
    4. OWA - 2 DC Replication. If Mailbox is created in one Domain controller, Out look Web Access contacts other Domain Controller to confirm the mapping, but do not authenticate.

      The Real Scenario for this is:

      • A Domain may have more than one domain controllers.
      • Users will be created in the first available domain controller in ADManager Plus.
      • The OWA authenticates a DC for login; if the DC is not the one in which user is created, it will not be recognised until it is replicated.

    Steps to configure Logon Hours

    • Click on the grid located beside the 'Logon Hours' option.
    • Click on 'Select hours'.
    • Enter the logon time frame in the 'from' and 'to' field.
    • Check specific days or all days of the week to apply the chosen logon timings.
    • Click 'Allow' to grant users permission to logon to the network in the chosen time frame.
    • Click 'Deny' to restrict users from logging on to the network in the chosen time frame.

    To specify the allowed or restricted logon hours for a user,

    Note: Alternatively you can also set logon hours by,
    1. Selecting each hour manually from the grid.
    2. Clicking the 'Allowed' option to provide round the clock logon privilege from Sunday through Saturday. To block out a user on all the days of the week simply click 'Deny'

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding