Introduction
In this small article we can explore user creation in Active Directory and adding
a user to a SharePoint site.
About Active Directory
Active Directory is a directory service created by Microsoft (here onwards referred as AD). AD is used by most Window Server
Operating Systems like 2003, 2008 etc.
AD allows storing user information, credentials, application settings, authentication management, etc. AD can be considered as a database.
Following are the components involved:
- Active Directory Domain Services: ADDS is the central location for
storing user information, handling authentication requests etc.
- Active Directory Rights Management Services: ADRMS manages the rights of a user within the network. The right could be like read, write and print a file.
- Active Directory Federation Services: ADFS is a highly secured, Internet scalable Identity Access solution. ADFS helps in integration between untrusted resources
and domain resources within the organization.
- Active Directory Certificate Services: ADCS allows persisting a user identity along with a private key.
- Active Directory Lightweight Directory Services: ADLDS provides much advantage over Active Directory Domain Services in the case of directory enabled applications. The advantages
include lesser bandwidth, less overheads with domain information, easier replication etc.
Note: While installing SharePoint 2010 to a Windows Server machine, please ensure that the Active Directory is already configured.
Back to Practical
In a production deployment, SharePoint will be installed in a Windows Server
Operating System. Now we can try creating a user and adding to a SharePoint site.
You need a Windows Server 2008 Installation / Virtual Machine to try this scenario.
Step 1: Open Server Manager
Open the Server Manager application from the desktop or through the Start menu.
Start Menu > Programs > Administrative Tools > Server Manager.
In the appearing application choose the following node: Server Manager > Roles > ADDS > (domain) > Users.
Step 2: Create New User inside ADDS.
You can right click on the Users item and choose the New > User menu item.
In the appearing dialog, enter the following details:
Click on the Next button and you will get the following Password dialog.
Enter the password and uncheck the Change Password option. Click the Next button to continue.
Now click the Finish button and the user will get created.
You can see the new user inside the list:
Step 3: Try the user in the SharePoint site.
Next you can try signing in using the new user created. You will get the following error message as the user is not having permissions to the site.
Step 4: Add the User to the SharePoint site.
Now sign in to the SharePoint site with administrative privileges. Choose the Site Actions > Site Permissions option to get the following screen:
You can add the new user to any of the groups above.
- If the user is required to only read operation > Add to the Visitors group.
- If the user is required to contribute > Add to Members group.
- If the user is required to have full control > Add to the Owners group.
For the time being, I am adding the new user into the Members group. Click on the Members item and in the arriving page, use the New > Add Users menu.
In the appearing dialog box, enter the user name, resolve it, and click the OK button.
Now the user is added to the list and you are ready to test the New User.
Step 5: Test the New User
Now open a new browser and enter the home URL: for example: http://corp.
Now it will get opened in the previous user context, use the following option to sign in as
New User.
In the appearing prompt, enter New User as name and the password for the user. You will be able to see the site.
Possible Error
If you are getting an Access Denied error as follows:
Please ensure the following:
- You are accessing the right site URL
- Verify the user is residing in the Members group
References
Summary
In this article we have explored user creation in Active Directory and adding user to a SharePoint site.
