Module 2: Users and Permissions

How do you view all local users and groups on a Windows machine via CLI?

• To view users: Get-LocalUser

• To view groups: Get-LocalGroup

• To see group members: Get-LocalGroupMember [GroupName]

• Lab Activity:

  • Open PowerShell on a Windows VM and run the above commands.

  • Document the local Administrators group membership.

  • Disable the local Administrator account and verify.

How do you view all users and groups on a Linux system?

• View all users: cat /etc/passwd

• View all groups: cat /etc/group

• Check sudo access: Look for the sudo group in /etc/group

• Lab Activity:

  • Run these commands on a Linux VM.

  • Identify which users have sudo access.

How can an admin reset a user's password and force a password change at next logon using Windows CLI?

• net user [username] * (prompts for new password securely)

• net user [username] /logonpasswordchg:yes (forces change at next logon)

• Lab Activity:

  • Reset a test user's password and require password change at next logon on your Windows VM.

How do you change a user's password and expire it immediately on Linux?

• Change password: passwd [username]

• Expire password (force change): sudo passwd -e [username]

• Lab Activity:

  • Create a test user, change their password, and expire it to force a reset on next login.

How do you add and remove users from Windows via CLI?

• Add: net user [username] * /add (prompts for password)

• Remove: net user [username] /del

• PowerShell: New-LocalUser -Name "Username" -Password $Password and Remove-LocalUser [username]

Lab Activity:

• Add and remove a test user using both CMD and PowerShell.

How do you add and remove users on a Linux system?

• Add: sudo adduser [username]

• Remove: sudo deluser [username]

• Lab Activity:

  • Add and remove a test user on your Linux VM.

How do you view and modify file/directory permissions in Windows CLI?

• View: icacls [path]

• Grant permission: icacls "directory path" /grant 'User:(OI)(CI)(R)'

• Remove permission: icacls "directory path" /remove User

• Lab Activity:

  • Use icacls to view, grant, and remove permissions on a test folder.

How do you view and modify file permissions in Linux?

• View: ls -l [file]

• Add execute: chmod u+x [file]

• Add read and execute for user, read for group: chmod u+rx,g+r [file]

• Numeric: chmod 754 [file] (user: rwx, group: rx, other: r)

• Lab Activity:

  • Practice changing permissions on a test file using both symbolic and numeric modes.

What are SetUID, SetGID, and the Sticky Bit in Linux, and how do you set them?

• SetUID (u+s or chmod 4755 [file]): Run file as owner

• SetGID (g+s or chmod 2755 [file]): Run file as group

• Sticky Bit (+t or chmod 1755 [dir]): Only file owner/root can delete

• Lab Activity:

  • Set and verify these bits on test files and directories; observe effects with different users.

What is the difference between simple and advanced permissions in Windows?

Simple permissions (e.g., Read, Write, Modify) are groups of advanced (special) permissions (e.g., Write Attributes, List Folder, etc.).

• Lab Activity:

  • View the advanced permissions for a file in the GUI and compare to the simple permissions.

Who is the "creator owner" in Windows permissions, and what does inheritance mean?

The "creator owner" is the user who created a file/folder and has full control by default. Inheritance means permissions propagate from parent to child objects unless explicitly overridden.

• Lab Activity:

  • Create a folder, set custom permissions, create files inside, and observe permission inheritance and ownership.

What is the purpose of Mobile Device Management (MDM) in user and permissions management?

MDM enforces configuration and security policies on mobile devices, controlling access, enforcing encryption, and managing apps and updates.

• Lab Activity:

  • (If available) Explore MDM policy settings in a virtualized or demo environment.