1. Home
  2. Knowledge Base
  3. Test Case Scenarios
  4. ADCE – Mapping Domain User Account To A Local User Account

ADCE – Mapping Domain User Account To A Local User Account


Active Directory Domain User account mapping to Windows Local User account feature of ADCE allows the systems administrators to create and manage local account(s) on the workstation. The local account(s) are individually mapped to the users’ domain accounts and created for users who interactively log on to the workstation. Windows Local User account is created when the user changes their domain password for the first time using the software.

The Windows Local User account password is managed by the user. Whenever they change their domain account password (using the software), their local account password is also updated.  The default password suffix is ‘-w0n+’ and can be altered by the systems administrator.  The software will use the user’s new domain password and append the password suffix to set the local account password.

The local user accounts can be made member of one or more of the built-in groups on the workstation.


Operating System

  • Microsoft Windows 7.0 or
  • Microsoft Windows 8.1 or
  • Microsoft Windows 10 or
  • Microsoft Windows Server 2008 & R2 or
  • Microsoft Windows Server 2012 & R2 or
  • Microsoft Windows Server 2016

.NET Framework

  • .NET Framework 4.0


Active Directory Domain Environment

  • Single Active Directory Domain environment i.e. Single Forest with Forest Root Domain only example. SYNERGIX.WIN
    • You can setup a more complex Active Directory Domain environment, if needed.  For example, one forest SYNERGIX.WIN with child domains US.SYNERGIX.WIN, and GB.SYNERGIX.WIN and a trusted forest SYNERGIXLABS.WIN with child domains US.SYNERGIXLABS.WIN, GB.SYNERGIXLABS.WIN

    • Security Group(s)
      • Create a security group called “SYNERGIX ADCE Managed Computers“.  The group type may be Domain Global Group or Domain Local Group.
      • Add the test domain computer(s) into the security group “SYNERGIX ADCE Managed Computers
      • SYNERGIX ADCE Managed Local Groups(This security group is used as a security filter, only the members of this group will mapped to selected  local groups).
      • Add the user to the  SYNERGIX ADCE Managed Local Groups security group

    • Delegate Control
      • Not applicable for configuring this feature

    • Configure domain Group Policy Object
      • Copy SYNERGIX AD Client Extensions Administrative Template file SYNERGIX-ADCE.ADMX to %SystemRoot%\PolicyDefinitions on admin workstation (must be Windows 7.0)
      • Copy SYNERGIX AD Client Extensions Administrative Template Language file SYNERGIX-ADCE.ADML to %SystemRoot%\PolicyDefinitions\en-US on same admin workstation (must be Windows 7.0)
      • Mapped Local User Account

      • Using GPMC.MSC, edit existing or new Group Policy Object.
      • In Group Policy Editor, expand COMPUTER CONFIGURATION
      • Expand Administrative Templates
      • Expand SYNERGIX AD Client Extensions
      • Expand Local Users and Groups
      • Select Domain Account Mapping to Local User  Account and right click select properties
      • Click on the Enable radio button to enable the policy setting
      • Enter the user account naming convention as per your requirements (By default %username%-la)
      • Enter the account password suffix
      • Enter account restore value,password last set value
      • check mark the groups where the domain user should mapped


    • Ensure your (admin) account is member of the SYNERGIX ADCE Managed Computers security group
    • Log into a domain computer with the domain account ( your admin account ) that has local administrative privileges on the workstation.
    • Ensure the SYNERGIX AD Client Extensions specific Group Policy settings were applied
      • Launch RSOP.MSC or run GPRESULT.EXE /v to confirm
    • Install SYNERGIX AD Client Extensions software
    • Run gpupdate/force,
    • Change the password using the ADCE system tray icon menu ‘change password’. After changing the password for the local user new password is generated with the suffix’-w0n+’(by default).
    • Log off and login with the local user account name and passwordExample:-%Username%-la%password%-w0n+

    Test Results

  • Pass or
  • Fail

  • Test Results Submission

  • Complete the Test Environment worksheet
  • Upload test results document file to software test repository
  • Upload log files
    1. ServiceLogfile.txt
    2. ClientLogfile.txt
    3. Output of GPRESULTS.EXE /V command

    Note: You must use ADCE \ Help \ Submit Log Files button to zip up above 3 files and submit

Was this article helpful?

Related Articles