How to delete disable the user account ?

Lets start with types of user account in windows. Here we are write few types of windows account - 

• Administrator
• user_standard / Local / Domain / Microsoft / Network etc
• Guest 

The account we create at the time of installation is called as user with administrative rights.

Administrator Account - The account have the full control over the system, can install / uninstall software, change system setting, manage users and modify security, This account will be used by the individual to manage, monitor and troubleshoot the account.  

Standard User Account (Local User) - This account is having limited permission, allows basic task like running application and changing personal settings ,This cannot install software or change system wide settings. This account is allowed for doing its daily basic task, what it is allowed for  

Guest Account (Deprecated in newer version) - Designed for temporary access with minimal permission.

Local Account - This account which, exist on a specific computer and is not connected to a network domain. This can a administrator or standard user account we also call as a standalone user.

Domain User Account - This is account managed by a domain controller in an active directory environment. This allows users to log in from any computer within the domain using the same credentials. This is generally controlled by IT administrator for security and access management.

How to delete disable the user account ?

 -- Press win + r and type  "lusrmgr.msc" without quotes.

-- After open click on "users"

-- Then go to "users" >  right click on that user account that you are looking to disable >  Then click on the option "properties" > check the box > account is disable > Click on apply > then  after "OK". 

 -- If you want to delete then follow this one after disabling the account. Then again right click on the user account > then select the option "delete" > one dialog box will appear click on the option "confirm" Here you deleted the account.

Disclaimer

Provisioning and deprovisioning in network security are critical components of Identity and Access Management (IAM). These processes control how user access is granted, modified, and revoked across an organization’s IT infrastructure. When implemented correctly—especially through automation—they significantly reduce security risks, compliance violations, and insider threats.

What Is Provisioning in Network Security?

Provisioning is the process of creating user identities and granting access to systems, applications, and network resources based on predefined roles and policies.

Key Functions of Provisioning

User Onboarding:

#. Automatically creates digital identities for new employees and assigns birthright access such as email, collaboration tools, VPN, and internal applications.

#. Role-Based Access Control (RBAC):
Access is granted according to job role, department, or seniority—ensuring consistency and security.

#. Least Privilege Principle:
Users receive only the permissions required to perform their tasks, reducing the attack surface and limiting lateral movement.

#. Security Risk in Provisioning

Over-provisioning is a major security weakness. Excess permissions increase the likelihood of data leaks, privilege escalation, and insider attacks.

What Is Deprovisioning in Network Security?

Deprovisioning is the systematic removal of access when a user no longer requires it—such as during employee exit, role changes, or project completion.

Key Functions of Deprovisioning

Immediate Access Revocation:
#. Accounts must be disabled as soon as employment ends to prevent unauthorized access.


Elimination of Orphaned Accounts:
#. Inactive or forgotten accounts (“zombie accounts”) are frequently exploited by attackers.


Full Identity Cleanup:
#. Includes revoking API keys, terminating active sessions, removing SSH keys, and reassigning file ownership.

Security Risk in Deprovisioning

Delayed or incomplete deprovisioning is a leading cause of post-employment data breaches.

Why Automation Is Essential for IAM Security

Manual provisioning and deprovisioning processes are slow, inconsistent, and prone to human error—one of the primary causes of enterprise security breaches.


Benefits of Automated Identity Lifecycle Management


#. Real-Time Access Control:
Integration with HR systems such as Workday or SAP SuccessFactors ensures instant updates to user access.

#.Compliance and Audit Readiness:
Automated logs provide immutable audit trails for GDPR, HIPAA, SOX, ISO 27001, and other regulations.

#. Prevention of Privilege Creep:
Old or unnecessary permissions are automatically removed when roles change.

Role of SCIM in Automated Provisioning and Deprovisioning

SCIM (System for Cross-domain Identity Management) is an open standard used to automate identity lifecycle events across cloud and enterprise applications.

How SCIM Improves Network Security

#. Automatically syncs users between Identity Providers (IdPs) like Okta or Microsoft Entra ID
#. Ensures consistent access across SaaS platforms such as Salesforce, Dropbox, GitHub
#. Reduces manual errors and provisioning delays




Best Practices for Secure Provisioning and Deprovisioning


#. Implement Role-Based Access Control (RBAC)
#. Enforce least privilege access
#. Automate IAM workflows using SCIM
#. Conduct regular access reviews
#. Monitor logs for identity anomalies

Conclusion

Provisioning and deprovisioning are essential pillars of network security and IAM. Automated identity lifecycle management reduces attack surfaces, strengthens compliance, and prevents unauthorized access. Organizations that neglect these processes expose themselves to data breaches, regulatory penalties, and operational risk.

How to change the name of server in windows 2019

To change the name of a Windows Server 2019, use Server Manager, System Properties (Control Panel), or PowerShell, but always remember to restart the server to apply changes, especially if it's a Domain Controller, which requires extra steps. Let's follow the step by step.

Change the Name of Server  

 First we will change open windows server 2019 in VMware so after that go to Local Server then click on computer name.

Click on change button and we will write Computer name -  server1 and click on OK button. 

So after that you must restart your computer to apply these changes.

Hurry you can see we did it and finally name is server1 is displaying. 

Disclaimer

How to clone of virtual machine or vmware ?

The exact replica or copy of any thing that exist or we can say that ditto of any products is called clone. without time wasting we will go in our vmware and i have already installed widows 10 pro in VMware and with this windows 10 pro we will clone of this. 

How we can create the clone of the Virtual Machine in VMware workstation? 

--By using the "clone" feature of the VMware workstation:-

--Open VMware workstation pro

--Select the virtual machine that you want for creating clone.

--Right click on that virtual machine.

--Go to option "Manage"

--There you will find the option "Clone", click on that

--The wizard will appear.

--Within that wizard click on Next

--Before that it will ask "From the current state of the Virtual Machine or with Snapshot", By default it will go with "From the Current state of the Virtual Machine"

--Then click on "Next"

--It will ask the option you want to create "Full Clone " or Linked Clone", Select the option "Full Clone" or any option you prefare or it asked.

--The It will ask you to enter the "Name" of your virtual machine as well as there will be location option.

--Here if you want to provide the "Name" you can and if you want to change the location you can, -The click on the "Next"

--There will be the option "Clone" click on that and here you will see that clone is strarted.

--Once it got completed it will create the virutal machine on it's own.

--You can click on the option "Power on this virtual machine" to turn it on and use the same username and password (Belonging with the cloned virutal machine) for login.

Disclaimer

How to prevent users from accessing the control panel

While attempting multiple times wrong password is occur problem for you so lets fix it when user try to login own account in windows 10 and if user forgot password then how can i lock user account after trying multiple times wrong password even might be possible some unauthorized person trying to access the accounts. So, here comes with lockout policy where you can safe your users account by administrator.

What is Lockout Policy ? 

A lockout policy in windows is a security features that help protects user accounts from unauthorized access by locking the account after a specific number of failed login attempts. This policy is designed to prevent brute force attacks. Where attackers repeatedly try different passwords to gain access.

Let's Prevent Step by Step  

-- For doing this task you must have a user with administrative rights of administrator account. 

-- Press win + r and type "secpol.msc" windows. Click on "OK".

-- After opening local security policy > go to "account policies" >  "account lockout policy" .

-- then right click on "account lockout threshold" > and go to properties and set "account will lock out after "1"  minute " > then apply / Ok.

-- then same as right click on "account lockout duration" > and go to properties and set "account lockout duration "1"  minute " > then apply / Ok.

-- then same as right click on "reset account lockout counter after" > and go to properties and set "1"  minute " > then apply / Ok.

-- then open cmd prompt and type "gpupdate /force " it will update policy for all user.

-- So you can check after attempting 3 times wrong password user getting pop and saying you account has been locked so wait for some times.

So finally we got it!.

Purpose of the "net_user" cmd in windows ? 

The net_user cmd in windows is used to manage user ccount on a local or remote computer. It allows administrator and users with the necessary privilege to create, modify, delete and view user account and their settings from the cmd prompts.

Disclaimer

Disable to firewall in windows server 2019

To disable the firewall in Windows Server 2019, you can use PowerShell for a quick command (Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled false), the GUI via Server Manager (Local Server -> Windows Defender Firewall -> On -> Off for each profile), or Command Prompt (netsh advfirewall set allprofiles state off) for all profiles, but PowerShell offers the most straightforward method for all profiles at once, ensuring all network types are covered. Lets follow the step by step.

A firewall is a security device—either hardware, software, or both—that monitors and controls incoming and outgoing network traffic based on predefined security rules. The main purpose of a firewall is to act as a barrier between a trusted internal network and untrusted external networks, such as the internet. It helps protect systems from unauthorized access, cyberattacks, malware,
and data breaches. 

Disable the firewall 

For disabling the firewall in windows server, open run cmd with the help of win + r and type firewall.cpl then hit enter

Then go to turn windows defender firewall on or off after that 

 In a practical setup, firewalls are used to:

● Block or allow specific ports or IP addresses.
● Filter traffic based on protocols and applications.
● Prevent access to malicious websites or content.

Disclaimer

How to prevent users from accessing the control panel

Lets start with policy- 

• Inherited Policy
• Explicit Policy

A policy is a set of rules, principles, or guidelines established, by an organization to regulate action , ensure consistency and achieve specific goals, Policies provide a framework for decision making and help maintain order & compilance with a system.

What is Inherited Policy ?

Inherited policy permissions are automatically passed down from a parent object (such as a folder) to its child objects (sub-folder and files). They simplify permission management by ensuring consistency across an entire directory structure. 

Characterstics -

-- Automatically propaged from parent to child objects.

-- Reduce administrative overhead by providing consistent access.

-- Can be over-hidden by explicit policy

-- Can by disable if needed.

What is Explicit policy ?

 Explicit permissions are manually set or assigned to a file, folder or object by any administrator of system owner. They take priority over inherited permissions and apply on the specific object they are set on.

Characterstics - 

-- Applied directly to a resources (file ,folder ,registry key)

-- Not affected by changes in parent object.

 How to assign a permission on a local user in local machine (standalone)?

Standard User Account (Local User) - This account is having limited permission, allows basic task like running application and changing personal settings ,This cannot install software or change system wide settings. This account is allowed for doing its daily basic task, what it is allowed for.  

-- For doing this task you must have a user with administrative rights of administrator account. 

-- Press win + r and type "mmc" (microsoft management console) windows. Click on "files" & then click on "add/remove snap-In" 

-- Then on windows search "Group policy object editor" then click on "Add".

-- In the next windows, click on Browser and go to the "user" tab.

-- Click on the user, on which you need to assign permissions.

-- Then click on "OK" and then finish.

-- Click on "OK" and return on mmc windows.

-- then assign the permission and click on the close. It ask you to save the so click on the save button.

-- Open cmd prompt and run the "gpupdate / force"

-- Logout from the administrator 

-- Login to the user account & check whether the policy works or not.

Disclaimer

How to setup workgroup domain environment in windows 

Environment - It is the set of connection in which we try to perform the task. This help our operating system to work in the surroundings and lets the user do the task. 


By default our operating system works on workgroup.

There are two members of operating system -
1) workgroup 
2) Domain 

Workgroup Enviornment?

A workgroup is a basic network model in windows basic system where computers and connected to peer peer (p2p)  network.

Used in small network (eg home, or small office) where is computer operated independently without a centralised server for management.

Key features 

1) No centralized administrator 

-- Each computer has its own user account and its security setting. 

-- User must manually create accounts on each system they need access to. 


2) Peer to Peer Networking 

-- Computer work group acts as both client and server.

-- File and printer can be shared without dedicated server. 


3) Limited to small network 

-- Suitable for 10 to 20 computers 

-- Does not well scale for large enterprises. 


4) Independent security management 

-- No centralise authentication like active directory 

-- Users must login separately on each machine 


5) Simple set up and maintenance 

-- No need for domain controller on specialised IT staff

-- Cost home networks and small business

Advantages - 

• Simplicity
• No-central server
• Flexiability
• Decentralization
• Easy sharing

Disadvantages

• Scalability Issues
• Security concern
• no central backup
• administrative overhead
• inconsitent settings

 Lets do practical -

Practical on workgroup - we are going to have 2 virutal machine over windows 10 pro OS.

Deploying of Workgroup in that state -

1. On public network (PAN-Private Area Network)
2. Sharing file in public network
3. Establishing private network (offline)
4. Sharing file in  private network

 First we can see that we have two machine like first one is "windows 10 x64" and second one is "clone windows 10 x64"

Both machine are working in work-group : 

Now we will test both machine's IP reachable to each other or not.

NOTE - windows 10 x64 - Denote as an Administrator   

NOTE - clone of windows 10 x64 - Denote as an UserA

-- ipconfig (administrator) IP is 192.168.30.129

-- ipconfig (userA) IP is 192.168.30.131

userA

If we will check administrator's IP is reachable or not - so check it for this cmd ping 192.168.30.129 in userA account But as of now not accessible or request time out.

userA

 same as it If we will check UserA's IP is reachable or not - so check it for this cmd ping 192.168.30.131 in administrator account But as of now not accessible or request time out.

adminstrator

 So why it is coming like that because of internal connectivity is blocking so for this we will fix it by run cmd > win + r > and type "firewall.cpl" and hit enter 

adminstrator

adminstrator

 now  if we will check in userA account with the help of administrator account's IP with this cmd ping 192.168.30.129

userA

Now as it as same disable the firewall in userA account 

now it is working ping request (ping 192.168.30.129) in administrator account. 

administrator

File Sharing  

For file sharing in same network we will create folder first in administrator account > go to file's properties > go to "sharing" > and click on share.. button.

Now add everyone 

 and give permission "Read/Write" 

 click on "share" button 

then check on checkbox folder > then click on permission button  

  then go to advance sharing 

 then allow all permission and check on checkbox > click OK.

 In userA account you can access via win + r run command with the help of administrator account's IP ( //192.168.30.129 ) and hit enter. 

 If you want you can setup this network at one time then whenever you want you can access it like for this > right click on network > map network drive 

then type administrator account's IP (\\192.168.30.129\file-sharing) > finish.

Now you are able to file sharing to each other in same network (but different account like first one is actual windows 10 x64 and second one is clone of windows 10 x64)

NOTE - if in case it will ask for username & password then simple you can provide   

 File Sharing in Private Network 

File sharing in a private network (like a home or office LAN) involves configuring network settings to allow discovery and sharing, then sharing specific folders with defined permissions (Read/Write),  

For this we will go first VMware administrator account' setting . 

then go to network adapter section and set custom : specific virtual network and select vmnet4 > then press OK. 

same as it as we will do in userA VMware's setting.

After completing this setting type win + r and type ncpa.cpl and press OK > then right click on Ethernet0 and go to properties.  

then uncheck the IPv6 box > then check on IP4 checkbox > then double click on IPv4  

 then click on "use the following IP address"  > then type IP like 192.168.1.2 then when click on subnet mask column it will automatically assign subnet mask < OK < OK.

 then if you will check in administrator's IP in cmd prompt (ipconfig). so as you can see here IP is 192.168.1.2

 Now as it as repeat in userA account.

  then if you will check in userA's IP in cmd prompt (ipconfig). so as you can see here IP is 192.168.1.3

Now you can ping request in each account like that below image you can see in administrator account 

Disclaimer