Chapter 3. Managing user accounts
User account management can be summed up as CRUD, or create, read, update, delete. I originally came across this acronym in terms of dealing with data and databases during software development, but it can be applied to any data store. Ultimately, Active Directory is just a data store.
You learned how to create user accounts in the previous chapter. In this chapter you’ll learn how to update and delete user accounts.
Note
I’ll use attributes and properties interchangeably throughout the book. Technically, the AD schema class used to create the object has attributes and the object itself has properties. Common usage is to use the two words interchangeably when working with AD objects.
The process of updating user accounts can be divided into two areas. First, you need to be able to update the data that forms the user account. The data is held in the user account properties, and you’ll learn how to use GUI tools and PowerShell to modify those properties. Second, the status of the account can be updated by disabling or enabling it. A disabled account can’t be accessed, and you’ll see why you may want to disable an account, as well as how to perform the task.