In this small article we can explore the user creation in Active Directory and adding the user to a SharePoint site.
About Active Directory
Active Directory is a directory service created by Microsoft. (Here onwards referred as AD). AD is used by most of the Window Server operating systems like 2003, 2008 etc.
AD allows storing user information, credentials, application settings, authentication management etc. AD can be considered as a database.
Following are the components involved:
· Active Directory Domain Services: ADDS is the central location for storing user information, handling authentication requests etc.
· Active Directory Rights Management Services: ADRMS manages the rights of a user within the network. The right could be like read, write and print a file.
· Active Directory Federation Services: ADFS is a highly secured, Internet scalable Identity Access solution. ADFS helps in integration between untrusted resources and domain resources within the organization.
· Active Directory Certificate Services: ADCS allows persisting a user identity along with a private key.
· Active Directory Lightweight Directory Services: ADLDS provides much advantage over Active Directory Domain Services in the case of directory enabled applications. The advantages include lesser bandwidth, less overheads with domain information, easier replication etc.
Note: While installing SharePoint 2010 to a Windows Server machine, please ensure that the Active Directory is already configured.
Back to Practical
In a production deployment SharePoint will be installed in a Windows Server operating system. Now we can try creating a user and adding to a SharePoint site.
You need a Windows Server 2008 Installation / Virtual Machine to try this scenario.
Step 1: Open Server Manager
Open Server Manager Application from the desktop or through Start Menu.
Start Menu > Programs > Administrative Tools > Server Manager
In the appearing application choose the following node:
Server Manager > Roles > ADDS > (domain) > Users
Step 2: Create New User inside ADDS
You can right click on the Users item and choose New > User menu item.
In the appearing dialog enter the following details:
Click on the Next button you will get the following Password dialog.
Enter the password and uncheck the change password option. Click Next button to continue.
Now click the Finish button and the user will get created.
You can see the new user inside the list:
Step 3: Try the user in SharePoint site
Next you can try signing in using the new user created. You will get the following error message as the user is not having permission to the site.
Step 4: Add the User to SharePoint site
Now sign in to the SharePoint site with administrative privileges. Choose the Site Actions > Site Permissions option to get the following screen:
You can add the new user to any of the group above.
If the user is required to only read operation > Add to the Visitors group
If the user is required to contribute > Add to Members group
If the user is required to have full control > Add to the Owners group
For the time being I am adding the new user into the Members group. Click on the Members item and in the arriving page use the New > Add Users menu.
In the appearing dialog box enter the user name, resolve it and click the OK button.
Now the user is added to the list and you are ready to test the New User.
Step 5: Test the New User
Now open a new browser and enter the home url.
Now it will get opened in the previous user context, Use the following option to sign in as newuser.
In the appearing prompt, enter the newuser as name and the password for the user. You will be able to see the site.
If you are getting an Access Denied error as following:
Please ensure the following:
· You are accessing the right site url
· Verify the user is residing in the Members group
Active Directory Technologies Overview
In this article we have explored the user creation in Active Directory and adding the user to a SharePoint site.