SharePoint 2010 - Creating a User in Active Directory and Adding to SharePoint

In this small article we explore user creation in Active Directory and adding a user to a SharePoint site.

About Active Directory

Active Directory is a directory service created by Microsoft. (from here onward, referred to as AD). AD is used by most of the Windows Server operating systems like 2003, 2008 etc.

AD allows storing user information, credentials, application settings, authentication management etc. AD can be considered as a database.

The following are the components involved:

  • Active Directory Domain Services: ADDS is the central location for storing user information, handling authentication requests etc.
  • Active Directory Rights Management Services: ADRMS manages the rights of a user within the network. The right could be like read, write and print a file.
  • Active Directory Federation Services: ADFS is a highly secured, Internet scalable Identity Access solution. ADFS helps in integration between untrusted resources and domain resources within the organization.
  • Active Directory Certificate Services: ADCS allows persisting a user identity along with a private key.
  • Active Directory Lightweight Directory Services: ADLDS provides many advantages over Active Directory Domain Services for directory enabled applications. The advantages include lesser bandwidth, less overhead with domain information, easier replication etc.

Note: While installing SharePoint 2010 to a Windows Server machine, please ensure that the Active Directory is already configured.

Back to Practical

In a production deployment SharePoint will be installed in a Windows Server operating system. Now we can try creating a user and adding to a SharePoint site.

You need a Windows Server 2008 Installation / Virtual Machine to try this scenario.

Step 1: Open Server Manager

Open Server Manager Application from the desktop or through Start Menu.

Start Menu > Programs > Administrative Tools > Server Manager

In the application that appears, choose the following node:

Server Manager > Roles > ADDS > (domain) > Users

ActDirShr1.jpg

Step 2: Create a new user inside ADDS.

You can right-click on the Users item and choose New > User menu item.

ActDirShr2.jpg

In the dialog that appears enter the following details:

ActDirShr3.jpg

Click on the Next button; you will get the following Password dialog:

ActDirShr4.jpg

Enter the password and uncheck the change password option. Click Next button to continue.

ActDirShr5.jpg

Now click the Finish button and the user will be created.

You will see the new user inside the list:

ActDirShr6.jpg

Step 3: Try the user in the SharePoint site.

Next you can try signing in using the new user created. You will get the following error message since the user does not have permission to the site.

ActDirShr7.jpg

Step 4: Add the User to SharePoint site.

Now sign in to the SharePoint site with administrative privileges. Choose the Site Actions > Site Permissions option to get the following screen:

ActDirShr8.jpg

You can add the new user to any of the groups above.

  • If the user is required to only read operation > Add to the Visitors group
  • If the user is required to contribute > Add to Members group
  • If the user is required to have full control > Add to the Owners group

For the time being I am adding the new user to the Members group. Click on the Members item and in the page that appears use the New > Add Users menu.

ActDirShr9.jpg

In the dialog box that appears enter the user name, resolve it and click the OK button.

ActDirShr10.jpg

Now the user is added to the list and you are ready to test the New User.

Step 5: Test the New User.

Now open a new browser and enter the home URL.

E.g.: http://corp

Now it will be opened in the previous user context; use the following option to sign in as a new user:

ActDirShr11.jpg

In the prompt that appears, enter the newuser as name and the password for the user. You will be able to see the site.

ActDirShr12.jpg

Possible Error

If you are getting an Access Denied error as following:

ActDirShr13.jpg

Please ensure the following:

  • You are accessing the right site URL
  • Verify the user is residing in the Members group

References

AD Technologies Overview

Summary

In this article we have explored user creation in Active Directory and adding the user to a SharePoint site.