A user enrollment template is a tool to help you enroll users from i5/OS™ to the Windows environment more efficiently. Rather than manually configure many new users, each with identical settings, use a user enrollment template to automatically configure them. Each template is a Windows user profile that defines user privileges, such as group membership, directory paths, and organizational unit containers.
When you enroll users and groups from i5/OS to the Windows environment, you can specify a user template on which to base the new Windows users. For example, you could create a user template and name it USRTEMP. USRTEMP could be a member of the Windows server groups NTG1 and NTG2. On i5/OS you could have a group called MGMT. You could decide to enroll the MGMT group and its members to Windows server. During the enrollment process, you could specify USRTEMP as the user template. During enrollment, you automatically add all members of the MGMT group to the NTG1 and NTG2 groups.
User templates save you from having to set up group memberships individually for each user. They also keep the attributes of enrolled users consistent.
You can make a user template a member of any Windows group, whether you enrolled that group from i5/OS or not. You can enroll users with a template that is a member of a group that was not enrolled from i5/OS. If you do this, however, the users become members of that nonenrolled group as well. i5/OS does not know about groups that were not enrolled from i5/OS. This means that you can only remove users from the group by using the User Manager program on Windows.
If you use a template to define a new user enrollment, and the template has a folder or directory Path or Connect To defined, the newly-created Windows user will have the same definitions. The folder definitions allow the user administrator to take advantage of folder redirection and to manage terminal service sign-on.
If you use a template when you define a new user enrollment, and the template is a user object in a Windows Active Directory organizational unit container, the newly created Windows user object will be in the same organizational unit container. An organizational unit provides a method to grant users administrative control to resources.
You can change existing user templates. Such changes affect only users that you enroll after you change the template.
You use templates only when you create a newly enrolled user in the Windows environment. If you perform enrollment in order to synchronize an existing Windows user with an i5/OS counterpart, Windows ignores the template.
For a detailed procedure see Create user templates.