Versions Compared

Version Old Version 27 New Version Current
Changes made by

Roger Merrill

Roger Merrill

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Expand
titleLinux (Ubuntu)
Expand
titleAllow user to log in via SSH

"sudo nano /etc/sssd/conf.d/access.conf"

  1. Using an account with 'sudo' privileges, edit the access.conf file located at the path above.

  2. To give a user access to log in, add their NetID to the 'simple_allow_users' line. If this line does not exist, you can create it. The list of users must be comma-separated.

  3. Restart the sssd service:  sudo systemctl restart sssd.service OR reboot the system.

Expand
titleProvide 'sudo' (admin) priveleges to user
Note

Use with caution. This will enable the user to make system-wide changes and should be reserved for users who have familiarity with a Linux command-line environment.

Info

If the user is logged in, the user will need to log out and log back in again for the system to assign the privileges to their account.

"sudo usermod -aG sudo <netid>"

  1. Using  an account with 'sudo' privileges, run the above command, substituting in the user's netid


Expand
titleWindows (10, 11, Server) on-domain
Expand
titleAdd RDP (Remote Desktop) access
Expand
titleCommand Line

1) On the remote computer, right-click on the start menu and click "Windows PowerShell (Admin)"Image Removed

Image Added


2) Copy in the following command, substituting in the user's Netid

Code Block
languagepowershell
Add-LocalGroupMember -Group "Remote Desktop Users" -Member "AD\<netid>"
Expand
titleProvide Administrator rights to a user

Please submit a request to ischoolit@ot.syr.edu with the user's netid and we can configure this for you

Expand
titleGUI

1) Click on the "Start" menu and then the gear icon in the left-hand menu, then open the "Settings" panelImage Removed

Image Added


2) In the search bar, type "Remote Desktop" and then click on the "Remote Desktop Settings" search resultImage Removed

Image Added


3) In the "Remote Desktop" settings, first make sure the "Enable Remote Desktop" option is enabled. Then, click "Select users that can remotely access this PC"'Image Removed

Image Added


4) Click "Add" on the "Remote Desktop Users" window (1). Ensure the "Location" is set to "ad.syr.edu"(2), and then type the netid of the user (3)Image Removed

Image Added


5) Click "OK".

Expand
titleProvide Administrator rights to a user

At this time, please submit a request to ischoolit@ot.syr.edu and we can configure this for you

...

Expand
titleWindows (10, 11, Server) off-domain
Expand
titleCreate a local user account
Expand
titleCommand Line

1) On the remote computer, right-click on the start menu and click "Windows PowerShell (Admin)"Image Removed

Image Added


2) Copy in the following commands line by line, substituting in the user's Netid or "L-netid" to create an admin account (examples below)

Standard user:

Code Block
languagepowershell
$Password = Read-Host -AsSecureString

New-LocalUser -Name "<netid>" -FullName "Firstname Lastname" -Description "Standard user account for <netid> -Password $Password

Admin user:

Code Block
languagepowershell
$Password = Read-Host -AsSecureString

New-LocalUser -Name "<netid>" -FullName "Firstname Lastname" -Description "Admin user account for <netid> -Password $Password
Expand
titleGUI

1) Click on the "Start" menu and then the gear icon in the left-hand menu, then open the "Settings" panelImage Removed

Image Added


2) Click on "Accounts" in the settings menuImage Removed

Image Added


3) Click on "Other users"Image Removed

Image Added


4) Click on "Add someone else to this PC"Image Removed

Image Added


5) Double-click into the "Users" locationImage Removed

Image Added


6) Fill in the user's information, as shown below, using a temporary password and click "Create" when finished. To create an admin account, use the prefix "L-" before the netid (second image)Image Removed Image Removed

Image AddedImage Added
Expand
titleAdd RDP (Remote Desktop) access
Note

NOTE: Only standard (non-administrator) accounts should be allowed interactive login privileges!


Expand
titleCommand Line

1) On the remote computer, right-click on the start menu and click "Windows PowerShell (Admin)"Image Removed

Image Added


2) Paste in the following command, substituting the local account name

Code Block
languagepowershell
Add-LocalGroupMember -Group "Remote Desktop Users" -Member "<netid>"
Expand
titleGUI

1) From within the "lusrmgr" menu (Step #5 in the previous section), click into the "Groups" location in the tree and then double-click to open the "Remote Desktop Users" groupImage Removed

Image Added


2) You'll see the users who currently have RDP access. Click "Add"Image Removed

Image Added


3) Type the user account in the "object name" box and click "OK"Image Removed

Image Added
Expand
titleProvide Administrator rights to a user
Note

A separate "l-netid" account should be created for this purpose, and the admin account cannot be provided direct remote desktop access

Expand
titleCommand Line

1) On the remote computer, right-click on the start menu and click "Windows PowerShell (Admin)"Image Removed

Image Added


2) Paste in the following command, substituting the "L-<netid>" account name

Code Block
languagepowershell
Add-LocalGroupMember -Group "Administrators" -Member "L-<netid>"
Expand
titleGUI

1) Follow the "account-creation" steps above to create a new local user account ("l-netid")Image Removed

Image Added


2) From within the "lusrmgr" menu (Step #5 in the account creation guide), click into the "Groups" location in the tree and then double-click into the "Administrators" groupImage Removed

Image Added


3) Type the "L-" user account in the "object name" box and click "OK"Image Removed

Image Added