Accounts

The article provides information on how to configure AD and local users and groups for use in SmartPTT. Only one type of users and/or groups is supported per SmartPTT.

User Roles

SmartPTT requires four user groups to implement the following user roles:

• System Admins,
• Database Admins
• Console Admins,
• Console Operators.

For details, please refer to the dedicated article

Active Directory Users and Groups

Active Directory users (AD users) and user groups (AD user groups) might be created and managed in one of the following ways:

• Using tools with graphical user interface.
• Using PowerShell, an advanced command-line shell.

For instructions on graphical tools, see the following articles:

• Creating AD Users
• Creating AD User Groups
• Adding AD Users to AD Groups

For information on PowerShell, see at least the following articles:

• New-ADUser (command to create new AD users)
• New-ADGroup (command to create new AD user groups)
• Add-ADGroupMember (command to add AD users to AD user groups)

Examples (PowerShell)

Danger

All the texts below are provided as examples. None of them is recommended for production purposes.

• Creation of AD user named User01 with pre-determined password Pass123.

  New-ADUser  -Name 'User01' -Password (ConvertTo-SecureString 'Pass123' -AsPlainText -Force) -Enabled = $true
  

  The -Enabled parameter enables accounts created over the PowerShell with pre-determined passwords.

• Creation of AD user group named UserGroup01.

  New-ADGroup -Name 'UserGroup01' -GroupScope Global
  

• Addition of AD user User01 to AD user group UserGroup01.

  Add-ADGroupMember -Identity 'UserGroup01' -Members 'User01'
  

For advanced manipulations with AD users and groups, please refer to the official PowerShell documentation.

Local Users and Groups

Local users and groups might be created and managed in one of the following ways:

• Using tools with graphical user interface.
• Using PowerShell, an advanced command-line shell.

For instructions on graphical tools, see the following articles:

• Creating local users
• Creating local user groups
• Adding local users to local groups

For information on PowerShell, see at least the following articles:

• New-LocalUser (command to create new local users)
• New-LocalGroup (command to create new local user groups)
• Add-LocalGroupMember (command to add local users to local user groups)

Examples (PowerShell)

Danger

All the texts below are provided as examples. None of them is recommended for production purposes.

• Creation of local user named User01 with pre-determined password Pass123.

  New-LocalUser  -Name 'User01' -Password (ConvertTo-SecureString 'Pass123' -AsPlainText -Force)
  

• Creation of local user group named UserGroup01.

  New-LocalGroup -Name 'UserGroup01'
  

• Addition of local user User01 to local user group UserGroup01.

  Add-LocalGroupMember -Group 'UserGroup01' -Member 'User01'
  

For advanced manipulations with local users and user groups, please refer to the official PowerShell documentation.

Firewall

Unlock the following network port on the AD Domain Service host:

• TCP port 389.

Unlock the following network ports on every SmartPTT server host:

• TCP port 389.

If Dispatcher App is allowed to access AD independently (not recommended), then unlock the following network port on every Dispatcher App host:

• TCP port 389.

For details, see the following table:

Port number	Protocol	Direction	Application	Quantity
389	TCP	Inbound	RadioService.exe	1
389	TCP	Outbound	RadioService.exe	1

Click  here to download the table as CSV.

See Also

• Role-Based Access
• ActiveDirectory Module
• Microsoft.PowerShell.LocalAccounts Module