Search

Home >> Windows Server >> 2025 >> Basics >> What are local user accounts and local groups in Windows Server

What are local user accounts and local groups in Windows Server

A user account is a security principals object for an end user to access the resources available on a computer. A user account can be a user account for a human user, a user account for a software, a user account for the Operating System services, or an account for a computer. Two types of user accounts and groups in Windows Server Operating Systems are 1) local user accounts and groups and 2) Active Directory user accounts and groups. Active Directory user accounts and groups are not in our current scope of study. Active Directory user accounts and groups are somewhat advanced topic and we will discuss Active Directory user accounts and groups later, in another lesson.

Let us try to understand what are local user accounts and groups.

Local user accounts

Local user accounts are created on a single Windows Server Operating System and local user account cannot be used to login to another Windows Server. Local user accounts are authenticated by the Windows Server Operating system, normally by a combination of user–id and password strings. Local user accounts can be assigned rights and permissions on the local Windows Server Operating System only.

Local user accounts and security groups are security principals in Windows Server Operating System. A security principal is any entity that can be authenticated by the Windows Server Operating System. Security principals are assigned with SIDs (security identifiers).

Following screenshot shows the default user accounts created after a fresh Windows Server 2025 installation.

default-user-accounts-in-windows-server-2025.jpg

Local groups

Local security groups are used to hold local users or other groups together. The main purpose of local security groups is to simplify the management of security permissions for the resources available on Windows Server Operating Systems.

For example, let us assume that there is a common file directory available in a Windows Server based and that common file directory is meant only for three user accounts in that Windows Server. We can add those three user accounts in a security group and assign permission to only that security group for that common file directory, instead of adding three individual user accounts one–by–one. The advantage is that, that security group can be reused to assign permission for another resource, for a similar situation later.

Following screenshot shows the default groups created after a fresh Windows Server 2025 installation.

default-groups-in-windows-server-2025.jpg

 

Written by Jajish Thomas.
Last updated on 27th July, 2024.

 

<< What are multi–user Operating Systems (OS ) and multi–task Operating Systems (OS )
Different types of user accounts in Windows Server >>
Related Tutorials
Introduction to Windows Server 2025
Minimum hardware requirements for Windows Server 2025
New features of Windows Server 2025
How to download Windows Server 2025 Preview iso file
How to install Windows Server 2025
Differences between Server Core and GUI (Desktop Experience)
Default GUI tools in Server Core
How to run PowerShell as administrator
How to run PowerShell as administrator in Server Core
How to find the PowerShell version in Server Core and Desktop experience
How to add Network icon to desktop in Windows Server 2025
How to add Computer (This PC) icon to desktop in Windows Server 2025
How to rename a computer using Windows Explorer
How to rename computer using "Rename-Computer" PowerShell Cmdlet
How to configure IPv4 Address in Windows Server 2025
How to configure IPv4 address in Windows Server 2025 using PowerShell Cmdlets
How to configure IPv6 Address in Windows Server 2025
How to configure IPv6 Address in Windows Server 2025 using PowerShell
What is MMC (Microsoft Management Console) and what are MMC snapin files
Add a snapin to MMC console
What are Roles and Features and difference between Roles and Features in Windows Server
Roles in Windows Server
Features in Windows Server
How to add Roles and Features in Windows Server
How to Remove Roles and Features in Windows Server
How to add Roles and Features using PowerShell
How to remove Roles and Features using PowerShell
Different types of computer hardware devices
What is a Driver Software
What is Device Manager and how to open Device Manager
What is Plug and Play (PnP)
How to scan for hardware changes using Device Manager and pnputil.exe
How to disable a device using Device Manager
How to disable a device using PowerShell Disable-PnpDevice Cmdlet
How to enable a device using PowerShell Enable-PnpDevice Cmdlet
How to update drivers using Device Manager
What is Driver Signing in Windows Operating Systems
What is Roll back of a driver and how to Roll Back a driver
How to uninstall a device using Device Manager
What are File attributes in Windows Operating Systems
attrib command in Windows
How to hide files and folders using Windows File Explorer
How to hide files and folders using attrib.exe command
How to view hidden files using Windows File Explorer
What are file name extensions
What are known file extensions and how to view known file extensions
How to associate a file name extension with an app
Hide or Show known file name extensions in Windows Server 2025
Hide or Show protected operating system files in Windows Server 2025
What are multi–user Operating Systems (OS) and multi–task Operating Systems (OS)
What are local user accounts and local groups in Windows Server
Different types of user accounts in Windows Server
How to create a local user in Windows Server
How to create a local user in Windows Server using New-LocalUser PowerShell cmdlet
How to force a local user to change password on next login
How to enable or disable a local user account
How to allow or prevent a local user to change password
What are Security Principals and SIDs
How to find SIDs of local user accounts