You won’t find the Active Directory Users and Groups console in Mac OS X Lion Server. Instead, Mac administrators typically use the simplified Server app to create and administer user accounts on Lion servers.

For the purposes of this tutorial, I will review creating local user accounts. On Lion systems, local accounts enable a user to log in to the local system to access files, shares, services and other resources present on that system; local accounts cannot be used to log in to another computer upon which the same local user account isn’t already present. However, Lion users can log in to other systems using those systems’ local accounts and leverage local accounts configured on the server to access that server’s resources.

Create user accounts using the new Server app

Within Lion’s Server app, highlight Users in the left-hand console, then click the + icon within the Users window. The New User window will appear. Enter the user’s full name (usually the user’s complete first and last names using proper capitalization and spacing), account name (an abbreviated name), email address and password (which must be entered twice). Check the Allow user to administer this server box only if you wish for the new user account to possess administration privileges, otherwise leave it unchecked.

Because the Account Name is difficult to change, review it carefully before creating the user account. The Account Name is a shortened name that is usually composed of letters, numbers and/or an underscore, hyphen and/or period. Note that, in Mac OS X Lion, users can authenticate or log in using the values supplied either in the Full Name or Account Name fields within the New User window.

Lion administrators can access a user’s additional settings by right-clicking the new user account and selecting Advanced Options. The user account’s User ID, group memberships, Account Name, aliases and login shell and home directory appear. Settings can be modified but errors can prevent users from even logging in, so be sure to administer edits carefully.

Create new user accounts using Workgroup Manager

Lion administrators can also create new users using Workgroup Manager. To do so, open Launchpad, select the Server folder and choose Workgroup Manager. Enter the host name and administrator username and password within the resulting Workgroup Manager Connect window, then click Connect.

Next, click OK to close the directory node message. Then click the Accounts icon, followed by the New User toolbar icon. Click OK to acknowledge that users may not receive services access if service access control lists are in use, in which case services must later be individually configured for users.

Proceed by entering the new user information, leaving other default settings per Apple’s recommendations. Ensure you don’t provide the new user with administrator privileges unless you intend to do so, then click Save.

Note that, when creating new users within Workgroup Manager, new user accounts aren’t automatically added to the Workgroup group. User accounts created using the Server app, however, are automatically added to the Workgroup group.