Difference between revisions of "BCX Users and Computers"

From BCX Media Wiki
Jump to navigation Jump to search
m
m
Line 108: Line 108:
  
 
==Quick find and resetting user passwords==
 
==Quick find and resetting user passwords==
 +
 +
To quickly find a user, from the Users and Computers tab begin to type their username in to the 'Search Active Directory:' box.
 +
The name will begin to auto-populate.
 +
Click the magnifying glass icon or press enter to find the user.
 +
 +
[[File:bcx users and computers search.png|link=]] Image showing U&C tab Search active directory
 +
 +
Once the user is highlighted, click 'Reset Password' either on the right hand side, or in the ribbon at the top of the window.
 +
Follow the on screen prompts to complete the password reset.
 +
 +
[[File:bcx users and computers reset password.png|link=]] Image showing U&C tab Reset Password
  
  
 
==Editing user details==
 
==Editing user details==
 +
 +
To edit a users details, find them in the Users and Computers tab either by navigating the folder structure, or by using the search function.
 +
Double click their username, or highlight and click 'View User Details'
 +
You will then see this window
 +
 +
[[File:bcx users and computers user details.png|link=]] Image showing User details User Details tab
 +
 +
You can edit the details of the user here as you would be accustomed to with the user template you've already created.
 +
There is a button to view their home directory and reset there password here too.
  
  
 
==Renaming existing users==
 
==Renaming existing users==
 +
 +
When a user changes their name, Users and Computers can be used to ammend their account updating email aliases and home directory paths at the same time.
 +
 +
Select the user and right click for menu, or choose Rename User from the details pane as shown.
 +
 +
[[File:bcx users and computers rename.png|link=]] Image showing U&C tab rename user
 +
 +
Rename the user under the new heading, as shown here, surname to Bloggs.
 +
 +
Checking the Apply User OU Template box will fill out the corresponding requirements shown greyed out.
 +
 +
Checking the Retain any existing email addresses as aliases box will keep existing addresses as well as creating a new default address.
 +
 +
 +
[[File:bcx users and computers rename wizard.png|link=]] Image showing rename user wizard
 +
 +
After the rename you can view the changes in user details.
 +
 +
[[File:bcx users and computers user details user.png|link=]] Image showing User details User Details tab
 +
 +
Also review the Home Directory.
 +
 +
[[File:bcx users and computers user details home.png|link=]] Image showing User details home dir tab
 +
 +
And under mailbox you can see the user now has a new default address and has also kept the original address.
 +
 +
[[File:bcx users and computers user details mail.png|link=]] Image showing User details mailbox tab
  
  
 
==Multiple user changes==
 
==Multiple user changes==
 +
 +
As with renaming a user, if you select multiple users,
 +
you can change various attributes relating to the users template.
 +
 +
After selecting the users and clicking rename, the following wizard is presented.
 +
 +
As shown here the UPN for the selected users will be changed in bulk.
 +
 +
[[File:bcx users and computers rename multiple wizard.png|link=]] Image showing rename user wizard for multiple user changes
 +
 +
This same wizard can also be used to update usernames and update home directories using the OU template syntax.
  
  
 
==Moving users==
 
==Moving users==
 +
 +
If you have a requirement to move a user or multiple users into a different OU, migrate data, or both, this can be done easily using the Move User function in Users & Computers.
 +
 +
Highlight the user and right click, choose move, or pick Move User from the details pane as shown
 +
 +
 +
[[File:bcx users and computers move user.png|link=]] Image showing U&C tab move user selected
 +
 +
Here we choose to both move OU and Migrate Data
 +
Click Browse in the resulting window to choose the required destination OU
 +
 +
[[File:bcx users and computers move user wizard.png|link=]] Image showing move user wizard
 +
 +
After selecting the required OU, the Move User Wizard window now automatically displays the expected new settings.
 +
 +
Check everything is correct and click Move User
 +
 +
[[File:bcx users and computers move user wizard move.png|link=]] Image showing move user wizard ready to move
 +
 +
You will be prompted to confirm the user is not using offline files, and is not logged onto the network.
 +
The move is then performed, the results visible in Users and Computers
 +
 +
[[File:bcx users and computers moved user.png|link=]] Image showing U&C tab moved user highlighted
 +
 +
Delete user AD Accounts can be checked to provide an effective method of archiving data before user account deletion.
 +
 +
Initially, set up an Archive OU, then use the move wizard to move the user and data into that archive OU, and with the delete checkbox ticked.
 +
The users AD account would be deleted upon completion of the move.
 +
 +
[[File:bcx users and computers move user archive.png|link=]] Image showing move user wizard move to archive and delete account
  
  
 
==Validate Shares and Permissions==
 
==Validate Shares and Permissions==
 +
 +
This function enables a users’ Home Directory to be checked for the correct share access and permissions.
 +
 +
If the Home Directory exists, permissions are checked against the Template and adjusted if incorrect.
 +
If not, the will Home Directory will be created in line with the Template.
 +
 +
This can effectively be used to bulk change existing or set missing permissions.
 +
 +
This can be utilised for single or multiple users.
 +
Select the user(s) and either choose the option from the ribbon or from the right click menu.
 +
 +
You are presented with a confirmation dialogue, followed by a dialogue confirming the results.
 +
 +
[[File:bcx users and computers validate.png|link=]] Image showing U&C tab validate shares and permissions highlighted
  
  
 
==Adding groups==
 
==Adding groups==
 +
 +
Groups can be used to group computers or users together.
 +
BCX deployment tasks can be assigned to a group of users or stations.
 +
 +
To create a group click 'Add New' and then 'Group'.
 +
 +
[[File:bcx users and computers groups.png|link=]] Image showing U&C tab add new group highlighted
 +
 +
You name your group with an administrative name.
 +
Eg: Science
 +
 +
[[File:bcx users and computers new group.png|link=]] Image showing group details general tab
 +
 +
Group Type
 +
By default any groups created will be global security groups, which allow you to set permissions based on this group on files and folders.
 +
If you would like to use an existing group for email purposes you can choose to convert the group to either an Exchange, or 365 based group.
 +
 +
[[File:bcx users and computers new group type.png|link=]] Image showing group details group type tab
 +
 +
Under the Group Email Addresses tab there are options to mail-enable the group in Office 365 to allow for distribution emails to all group members.
 +
 +
The display name is how the group will be presented in the address book.
 +
The email address will be the global address for all members Eg: science@school.sch.uk
 +
Multiple additional group e-mail addresses can also be managed from the Group Email Addresses tab.
 +
 +
[[File:bcx users and computers new group mail.png|link=]] Image showing group details group e-mail tab
 +
 +
Group Members
 +
To add members to the group, click 'Add Group Members'
 +
 +
[[File:bcx users and computers new group memebers.png|link=]] Image showing group details group members tab
 +
 +
Select the users you want to add to the group from the list, using the control key to select individual users, or the shift key to select a large portion of users.
 +
Clicking the 'Show all Active Directory Object' will show users that aren't under the BCX users root OU, and computer objects too.
  
  
 
==Converting multiple groups==
 
==Converting multiple groups==
 +
 +
Once you have created groups, the facility then exists to manage them in bulk.
 +
Simply select the required groups, and you have the ability to make changes to the group type or membership of those groups in one operation.
 +
 +
[[File:bcx users and computers groups multiple.png|link=]] Image showing U&C tab multiple select groups highlighted
 +
 +
Here you can see the group type options.
 +
You are able to change the group scope and type, and also convert groups to mail enabled for either Exchange or 365.
 +
 +
[[File:bcx users and computers group type.png|link=]] Image showing group details group type tab
 +
 +
From the group members tab, you can add or remove objects which will then be applied across your preselected groups.
 +
 +
[[File:bcx users and computers group memebers.png|link=]] Image showing group details group members tab
 +
  
  
 
==Viewing details for a station==
 
==Viewing details for a station==
 +
 +
You can view the Station Details by clicking the button in the ribbon bar, details pane or right clicking
 +
the station in the list.
 +
This window will show you the DNS name fo the station as well as its Active Directory location and LDAP path.
 +
The description field is read from Active Directory and any change in AD or BCX will be reflected in the other.
 +
If the 'Account is Disabled' box is ticked then the station will be unable to log any users on to the network,
 +
this may be useful if you would like to prevent the computer from being used.
 +
The 'Notes' box is stored in the BCX central database and will be kept on the rebuild of a station. This section
 +
can be very useful for keeping details such as why the station was rebuilt, or any changes to the station.
 +
 +
[[File:bcx users and computers station details.png|link=]] Image showing ststion details general tab
 +
 +
You can access the other tabs from this screen.
  
  
 
==Importing multiple stations==
 
==Importing multiple stations==
 +
 +
Importing station accounts lets you prestage computers with their MAC address so that when they are imaged for the
 +
first time they will automatically be given the correct name.
 +
You can import multiple stations at the same time easily. Navigate to the OU you would like to import the accounts in
 +
and then click 'Add New' on the ribbon and click 'Multiple Station Import'
 +
 +
[[File:bcx users and computers stations multiple.png|link=]] Image showing U&C tab multiple station import highlighted
 +
 +
You will then see this window
 +
 +
[[File:bcx users and computers stations multiple import.png|link=]] Image showing multiple station import window
 +
 +
You can type your station names and MAC addressed in manually, or choose to import them from a CSV. The decription field is optional
 +
Once your list is complete click 'Add Stations' and the accounts will be created with their corresponding MAC address in the OU
 +
you are in.
  
  
 
==Disk Quotas==
 
==Disk Quotas==
  
 +
When using the File Server Connector on the servers that hold user's home folders, the BCX Server can manage quota information.
 +
This can then be used within the Manager and configured to show users their quota upon login with a small notification.
 +
 +
NTFS Disk Quota
 +
When the BCX File Server Connector service starts, it checks to see if NTFS quota settings are enabled on each disk.
 +
If NTFS disk quotas are enabled, these quotas will be used for all user home folders located on this disk.
 +
 +
If using NTFS disk quotas, you can Enable Legacy NTFS Quota Management from within BCX Manager - Settings,
 +
and manage individual users and user template quotas from within BCX Manager.
 +
 +
 +
File Server Resource Manager (FSRM Quotas)
 +
 +
File Server Resource Manager is the preferred method and offers much more flexibility
 +
with options to set multiple limits and different actions for each limit.
 +
Quotas can be assigned at a top folder level and automatically propagated to all sub folders.
 +
 +
First disable NTFS disk quotas if enabled and restart the BCX File Server Connector on that server.
 +
If NTFS disk quota management is disabled, BCX will assume home folders located on this disk are using FSRM quota management.
 +
 +
When using this method BCX simply reads quota values from FSRM. We recommend using the Microsoft tool under
 +
Administrative Tools - File Server Resource Manager on your file servers to manage your quota settings.
 +
 +
You can mix NTFS quotas and FSRM quotas on different disks on the same server. For example, you can have NTFS quotas enabled on D:,
 +
and File Server Resource Manager quotas on E:.
 +
 +
 +
 +
[[File:bcx settings disk quotas.png|link=]] Image showing settings disk quotas tab
 +
 +
Disk Quota Mode: Here you can set the disk quota mode to disabled, ADS Home Directory or Documents Path.
 +
ADS Home Directory uses the users home folder directory location to check quota information, as specified in the users Active Directory properties.
 +
Documents Path will use the users Documents path for when using redirected folders in Group Policy.
 +
 +
Popup on logon: Use this value to specify how long the popup remains on screen for,
 +
or set to 0 to disable automatic popup.
 +
 +
Auto refresh quota: Use this value to specify how often the client should refresh it's quota information.
 +
 +
Only enable if member of group: Use this dropdown list to select the user Organisational Unit or Security Group that these settings apply to.
  
 +
Enable Legacy NTFS Quota Management from within BCX Manager: Allows the use of NTFS disk based quota system which can be edited
 +
from within user properties in BCX Manager.
  
  

Revision as of 14:04, 17 June 2020


Users and Computers is used to manage users and stations and their organisational structures.

Creating an Organisational Unit

An Organisational Unit is a container in which you can store computer or user objects.

To Create an OU find that location in Users and Computers that you want to place a new OU, click 'Add New' and then 'Organisational Unit'. For example a new intake of students would be created under the Students OU.

bcx users and computers add ou.png Image showing users and computers tab with add new ou

You will then see the OU Details window where you can enter the name of the OU and a description.

bcx users and computers new ou.png Image showing new ou details window

The 'Protect container from accidental deletion' when checked prevents accidental deletion of the OU and all of the objects contained within. To disable it, you have to go into the properties of the OU by right clicking it and un-ticking the box before trying again to delete it.

Once created, the User Template tab is where you create a template that governs the way that all users under the OU are created.


Creating a User Template

A User Template is a set of rules that you apply to an Organisational Unit. The rule govern the way a user is created when you create them in that location. Rules can set the way the username is formatted, where their home directory is and how it is mapped, their logon scripts, where their mailbox will exist, what groups they are part of and many other properties such as password requirements.

To create a user template, go to the Users and Computers tab. Find the folder where you are going to create new users. Right click the folder and click the 'Edit User Template' option.

bcx users and computers template add.png Image showing users and computers tab with right click edit user template

This will give you the edit template window

bcx users and computers template overview.png Image showing OU details User Template Overview

You will get options here to either copy an existing template, or 'Create New Template'

The masks that are shown are ways to format a username in the User Details Template tab. Here are some examples applied to Joe Bloggs: %f%%l% :- joeBloggs %F%%l% :- JoeBloggs %l%%1f% :- Bloggsj %l%%1F% :- BloggsJ %l%%ff% :- BloggsJo

User details are set on the first page. All details need to be generic here, you are not yet creating the user. Wild-cards are used the specify how to format the the display name and username. If you have more than one UPN suffix for your domain you can set that here too.

bcx users and computers template user details.png Image showing OU details User Details tab

An example of a username is 11%l%%f%. This would create a user with the prefix of 11 followed by their surname and forename. So a firstname of Joe and surename of Bloggs would give a username of 11BloggsJoe

The account options with the check boxes will be set as default for all new users.


bcx users and computers template home directory.png Image showing OU details Home Dir Template tab

On this page you can set which drive letter to assign for a homedrive and where the folder will be shared from. The name of server where the user data is stored should be entered, then the physical path to the folder where it exists on the server. You can also choose the NTFS permissions from a pre-set list, the default being Grant User Modify.

bcx users and computers template mailbox.png Image showing OU details Mailbox Template tab

You can set mailbox settings on this next tab. It requires that the BCX Exchange connector be setup and that you have an onsite exchange server or 365 Exchange Online. You would select the most appropriate mailbox database for the user.

bcx users and computers template group.png Image showing OU details Group Template tab

Here you can add users to groups by default when they are created. You just click 'Add Group Membership' button and select the groups that are appropriate.


Adding a new user onto network

Find the location that you want to create your new user. Click 'Add New' at the top and click 'User'

bcx users and computers user add.png Image showing U&C Tab Add New User

You will see this window

bcx users and computers user new.png Image showing New User window

Populate the first name and last name, and the rest of the user details will be populated as per the template. You can override the template settings by un-ticking the 'Enforce User Template Mask' Other settings can be overridden in the other tabs as per the user template.


Importing multiple users

You can import multiple users at the same time easily. Just click 'Add New' on the ribbon and click 'Multiple User Import'

bcx users and computers user import.png Image showing U&C Tab Add Multiple User Import

You will then see this window

bcx users and computers multiple import.png Image showing Multiple User Import window

You can either type in the names yourself manually and let it generate the username automatically, or import them from a CSV. Override the automatic description and username by pressing the appropriate buttons. If the last 2 columns are the CSV are populated with data, the import wizard will see this and ask you if you want to override them. There is no way to override other settings from the template mask from this window. You would have to change the template to suit. If any duplicates or errors are detected, you will be given a chance to go back and correct them and retry the import again.


Quick find and resetting user passwords

To quickly find a user, from the Users and Computers tab begin to type their username in to the 'Search Active Directory:' box. The name will begin to auto-populate. Click the magnifying glass icon or press enter to find the user.

bcx users and computers search.png Image showing U&C tab Search active directory

Once the user is highlighted, click 'Reset Password' either on the right hand side, or in the ribbon at the top of the window. Follow the on screen prompts to complete the password reset.

bcx users and computers reset password.png Image showing U&C tab Reset Password


Editing user details

To edit a users details, find them in the Users and Computers tab either by navigating the folder structure, or by using the search function. Double click their username, or highlight and click 'View User Details' You will then see this window

bcx users and computers user details.png Image showing User details User Details tab

You can edit the details of the user here as you would be accustomed to with the user template you've already created. There is a button to view their home directory and reset there password here too.


Renaming existing users

When a user changes their name, Users and Computers can be used to ammend their account updating email aliases and home directory paths at the same time.

Select the user and right click for menu, or choose Rename User from the details pane as shown.

bcx users and computers rename.png Image showing U&C tab rename user

Rename the user under the new heading, as shown here, surname to Bloggs.

Checking the Apply User OU Template box will fill out the corresponding requirements shown greyed out.

Checking the Retain any existing email addresses as aliases box will keep existing addresses as well as creating a new default address.


bcx users and computers rename wizard.png Image showing rename user wizard

After the rename you can view the changes in user details.

bcx users and computers user details user.png Image showing User details User Details tab

Also review the Home Directory.

bcx users and computers user details home.png Image showing User details home dir tab

And under mailbox you can see the user now has a new default address and has also kept the original address.

bcx users and computers user details mail.png Image showing User details mailbox tab


Multiple user changes

As with renaming a user, if you select multiple users, you can change various attributes relating to the users template.

After selecting the users and clicking rename, the following wizard is presented.

As shown here the UPN for the selected users will be changed in bulk.

bcx users and computers rename multiple wizard.png Image showing rename user wizard for multiple user changes

This same wizard can also be used to update usernames and update home directories using the OU template syntax.


Moving users

If you have a requirement to move a user or multiple users into a different OU, migrate data, or both, this can be done easily using the Move User function in Users & Computers.

Highlight the user and right click, choose move, or pick Move User from the details pane as shown


bcx users and computers move user.png Image showing U&C tab move user selected

Here we choose to both move OU and Migrate Data Click Browse in the resulting window to choose the required destination OU

bcx users and computers move user wizard.png Image showing move user wizard

After selecting the required OU, the Move User Wizard window now automatically displays the expected new settings.

Check everything is correct and click Move User

bcx users and computers move user wizard move.png Image showing move user wizard ready to move

You will be prompted to confirm the user is not using offline files, and is not logged onto the network. The move is then performed, the results visible in Users and Computers

bcx users and computers moved user.png Image showing U&C tab moved user highlighted

Delete user AD Accounts can be checked to provide an effective method of archiving data before user account deletion.

Initially, set up an Archive OU, then use the move wizard to move the user and data into that archive OU, and with the delete checkbox ticked. The users AD account would be deleted upon completion of the move.

bcx users and computers move user archive.png Image showing move user wizard move to archive and delete account


Validate Shares and Permissions

This function enables a users’ Home Directory to be checked for the correct share access and permissions.

If the Home Directory exists, permissions are checked against the Template and adjusted if incorrect. If not, the will Home Directory will be created in line with the Template.

This can effectively be used to bulk change existing or set missing permissions.

This can be utilised for single or multiple users. Select the user(s) and either choose the option from the ribbon or from the right click menu.

You are presented with a confirmation dialogue, followed by a dialogue confirming the results.

bcx users and computers validate.png Image showing U&C tab validate shares and permissions highlighted


Adding groups

Groups can be used to group computers or users together. BCX deployment tasks can be assigned to a group of users or stations.

To create a group click 'Add New' and then 'Group'.

bcx users and computers groups.png Image showing U&C tab add new group highlighted

You name your group with an administrative name. Eg: Science

bcx users and computers new group.png Image showing group details general tab

Group Type By default any groups created will be global security groups, which allow you to set permissions based on this group on files and folders. If you would like to use an existing group for email purposes you can choose to convert the group to either an Exchange, or 365 based group.

bcx users and computers new group type.png Image showing group details group type tab

Under the Group Email Addresses tab there are options to mail-enable the group in Office 365 to allow for distribution emails to all group members.

The display name is how the group will be presented in the address book. The email address will be the global address for all members Eg: science@school.sch.uk Multiple additional group e-mail addresses can also be managed from the Group Email Addresses tab.

bcx users and computers new group mail.png Image showing group details group e-mail tab

Group Members To add members to the group, click 'Add Group Members'

bcx users and computers new group memebers.png Image showing group details group members tab

Select the users you want to add to the group from the list, using the control key to select individual users, or the shift key to select a large portion of users. Clicking the 'Show all Active Directory Object' will show users that aren't under the BCX users root OU, and computer objects too.


Converting multiple groups

Once you have created groups, the facility then exists to manage them in bulk. Simply select the required groups, and you have the ability to make changes to the group type or membership of those groups in one operation.

bcx users and computers groups multiple.png Image showing U&C tab multiple select groups highlighted

Here you can see the group type options. You are able to change the group scope and type, and also convert groups to mail enabled for either Exchange or 365.

File:bcx users and computers group type.png Image showing group details group type tab

From the group members tab, you can add or remove objects which will then be applied across your preselected groups.

File:bcx users and computers group memebers.png Image showing group details group members tab


Viewing details for a station

You can view the Station Details by clicking the button in the ribbon bar, details pane or right clicking the station in the list. This window will show you the DNS name fo the station as well as its Active Directory location and LDAP path. The description field is read from Active Directory and any change in AD or BCX will be reflected in the other. If the 'Account is Disabled' box is ticked then the station will be unable to log any users on to the network, this may be useful if you would like to prevent the computer from being used. The 'Notes' box is stored in the BCX central database and will be kept on the rebuild of a station. This section can be very useful for keeping details such as why the station was rebuilt, or any changes to the station.

bcx users and computers station details.png Image showing ststion details general tab

You can access the other tabs from this screen.


Importing multiple stations

Importing station accounts lets you prestage computers with their MAC address so that when they are imaged for the first time they will automatically be given the correct name. You can import multiple stations at the same time easily. Navigate to the OU you would like to import the accounts in and then click 'Add New' on the ribbon and click 'Multiple Station Import'

bcx users and computers stations multiple.png Image showing U&C tab multiple station import highlighted

You will then see this window

bcx users and computers stations multiple import.png Image showing multiple station import window

You can type your station names and MAC addressed in manually, or choose to import them from a CSV. The decription field is optional Once your list is complete click 'Add Stations' and the accounts will be created with their corresponding MAC address in the OU you are in.


Disk Quotas

When using the File Server Connector on the servers that hold user's home folders, the BCX Server can manage quota information. This can then be used within the Manager and configured to show users their quota upon login with a small notification.

NTFS Disk Quota When the BCX File Server Connector service starts, it checks to see if NTFS quota settings are enabled on each disk. If NTFS disk quotas are enabled, these quotas will be used for all user home folders located on this disk.

If using NTFS disk quotas, you can Enable Legacy NTFS Quota Management from within BCX Manager - Settings, and manage individual users and user template quotas from within BCX Manager.


File Server Resource Manager (FSRM Quotas)

File Server Resource Manager is the preferred method and offers much more flexibility with options to set multiple limits and different actions for each limit. Quotas can be assigned at a top folder level and automatically propagated to all sub folders.

First disable NTFS disk quotas if enabled and restart the BCX File Server Connector on that server. If NTFS disk quota management is disabled, BCX will assume home folders located on this disk are using FSRM quota management.

When using this method BCX simply reads quota values from FSRM. We recommend using the Microsoft tool under Administrative Tools - File Server Resource Manager on your file servers to manage your quota settings.

You can mix NTFS quotas and FSRM quotas on different disks on the same server. For example, you can have NTFS quotas enabled on D:, and File Server Resource Manager quotas on E:.


bcx settings disk quotas.png Image showing settings disk quotas tab

Disk Quota Mode: Here you can set the disk quota mode to disabled, ADS Home Directory or Documents Path. ADS Home Directory uses the users home folder directory location to check quota information, as specified in the users Active Directory properties. Documents Path will use the users Documents path for when using redirected folders in Group Policy.

Popup on logon: Use this value to specify how long the popup remains on screen for, or set to 0 to disable automatic popup.

Auto refresh quota: Use this value to specify how often the client should refresh it's quota information.

Only enable if member of group: Use this dropdown list to select the user Organisational Unit or Security Group that these settings apply to.

Enable Legacy NTFS Quota Management from within BCX Manager: Allows the use of NTFS disk based quota system which can be edited from within user properties in BCX Manager.



Return to Contents page