Default User Accounts in Windows® 7
Groups are also provided by Windows 7 which allows you to give a user access to many work related resources simply by making the user a member of group. It is possible to log on to a computer with a user account but it does not allow you to log on with a group account. Different Active Directory domains or local computers can have the same group name therefore groups are addressed by Domain\GroupName or Computer\GroupName.
Three types of group used by Windows 7:
- Local Group
- Security group
- Distribution Group
Local Group: Local group can be created with Local Users And Groups. It is defined on a local computer and you can use it on a local computer only.
Security Group: You can associate security descriptors with it.
Distribution Group: It use an e-mail distribution lists. Security descriptors can’t be associated with them. Distribution group is defined in domains using Active Directory Users and computers.
You can track group accounts as with users account using unequalled SIDs. This mean that a group account can not be deleted and recreated. If you create a new group you will have a new SID and all the permissions and advantages of the old group would be lost. If you assign user access levels, you can make a user a member of the variousÂ groups.
Make a user a member of the following groups:
1. Administrator: Local administrators are the members of this group and they have the full access to the workstation. Accounts can be created by them, they can modify group membership, install printers, and shared resources can be managed by them.
2. Backup Operators: Files can be restored and back up with the members of this group. They can log on to the local computer and computer can be easily shut down. Additionally, regardless of the account how it is set up, the members can back up files whether the members have read/write access to the files. But the access permissions on the files cannot be changed by them and they cannot even perform administrative tasks.
3. Cryptographic Operators: These members are allowed to manage the configuration of encryption, IP Security, digital IDs, and certificates.
4. Event Log Readers: Event Log can be viewed on the computer by these members.
5. Guests: They are provided very limited privileges. The system and the resources can be accessed by these members.
6. Network Configuration Operators: Network settings on the workstation can be managed by these members. TCP/IP settings can be configured by them and they can perform other general configuration tasks.
7. Performance Log users: Counters can be managed and viewed by them. They can also manage performance logging.
8. Performance Monitor Users: Performance counters and performance log can be viewed by its members.
9. Power Users : This feature has been changed in Windows 7. Though in earlier version, this group is used to grant additional advantages but in Windows 7, this is being maintained only for compatibility with legacy applications.
10. Remote Desktop Users: Using terminal services and remote desktop, the members can log on to the workstation.
11. Replicator: The replication of files for the local machines can be managed by its members.
12. Users: User group members have limited advantages. They can locally log on to Windows 7 workstation.