Account Types
Each user in a system needs an account to access the network in a Microsoft Active Directory environment. The user account has a Security Identifier (SID) linked to the account. When I create a user called Ian
, they may have a SID of 1-5-1-2345678-345678
. When the account is deleted, the SID is deleted too.
For example, a member of the IT team has deleted a user account called Ian
. It may have a SID of SID 1-5-1-2345678-345678
, so he quickly creates another account called Ian
, but this account cannot access resources as it has a new SID of SID 1-5-1-2345678-3499999
. The first portion from left to right identifies the domain, and then the remainder is a serial number that is never reused.
There are various types of user accounts, and these are heavily tested in the Security+ exam; you must know when you would need each account: