Windows Server 2008 Configuration Part 1 Lab Manual Presented By
Windows Server 2008 ConfigurationPart 1Lab ManualPresented by
Table of ContentsModule 1 - Creating a Windows Server 2008 Forest3Module 2 - Install the Server Domain Controller5Module 3 – Creating and Managing a Custom MMC7Module 4 – Creating and Locating Objects in Active Directory9Module 5 – Delegating Administrative Tasks12Module 7– Automating The Creation of User Accounts13Module 8– Creating Users with Windows PowerShell and VBScript16Module 9– Creating and Managing Groups20Module 10– Automating the Creation and Management of Groups21Module 11– Administering Groups in an Enterprise24Module 12– Create and Manage a Custom MMC27Module 13– Supporting Computer Objects and Acccounts30 Copyright 2010 - Idea Dudes LLCPage 2
Copyright 2010 - Idea Dudes LLCPage 3
Module 1 – Creating a Windows Server 2008 ForestRequirementsFor this exercise you will need a Virtual Machine with at least one hard-drive. This can be used for the wholecourse.Exercise 1: Install Windows Server 20081. Insert the Windows Server 2008 installation DVD2. Power on the system3. Select the language, regional settings and keyboard layout that are correct for your system and ClickNext4. Click Install Now5. Select the Windows Server 2008 Enterprise (Full Installation) and Click Next6. Select the I Accept The License Terms check box and click Next7. Click Custom8. Select Volume to install the Operating System9. Click Next10. Click OK11. Type an Administrator Password and Confirm it. (Pa w0rd)12. Click OKExercise 2: Perform Post-Installation Configuration1. Wait for the desktop for the Administrator account to appear2. Use the Initial Configuration Tasks window to configurea. Time Zone (appropriate for your area)b. Computer name: DC1 (do not restart)3. Click the Configure Networking link in the Initial Configuration Tasks window4. Select Local Area Connection5. Change Settings of this connection Click on the Toolbar6. Select Internet Protocol version 4 and click Properties7. Click use the following IP addressa. IP address: 10.10.0.10b. Subnet mask: 255.255.0.0c. Default gateway: 10.10.0.1d. Preferred DNS Server: 10.10.0.108. Click OK and the close9. Select the Do Not Show This At Logon check box10. Click the Close Button on the Initial Configuration Tasks window Copyright 2010 - Idea Dudes LLCPage 4
Exercise 3: Install a New Windows Server 2008 Forest using dcpromo1.2.3.4.5.6.7.8.9.10.11.12.Click Start, click Run, type dcpromoClick nextReview the warning on the Operating Systems Compatibility pageOn the Choose a Deployment Configuration page, type Finalvision.com and Click NextOn the Set Forest Functional Level Choose Windows Server 2008Click NextClick Yes, The Computer Will Use A Dynamically Assigned IP Address (Not recommended)Click Yes to close to close the Active Directory Domain Services Installation Wizard warningmessageOn the location for SYSVOL, Database, Log Files page, accept the defaults and Click NextOn the Directory Restore Mode Password page, type Pa w0rd in both spaces and Click NextOn the Summary Page, review selectionsClick Next (Installation will continue and Finish Copyright 2010 - Idea Dudes LLCPage 5
Module 2 – Install the Server Domain ControllerRequirementsUse the DC1 that was created in Exercise 1. Also you will need another blank VM that can you will use to install theCore Server on.Exercise 1: Install Server Core1.2.3.4.5.6.7.8.9.10.Insert the Windows Server 2008 installation DVDPower System OnSelect the language, regional settings, and keyboard and click nextClick Install NowSelect Windows Server 2008 Enterprise (Server Core Installation) and Click NextAccept the EULA and Click NextClick Custom (Advanced)Select the Disk to install the Operating System and Click NextLogon to the system after installation is completedChange the password , Enter Pa word in each New Password and Confirm Password boxes andPress ENTER11. Click OKExercise 1: Perform Post-Installation Configuration on Server Core1. Type netdom renamecomputer %computername% /newname:ServerCore and Press ENTER2. Confirm the operation press Y3. Type netsh interface ipv4 set address name ”Local Area Connection” source staticaddress 10.10.0.12 mask 255.255.0.0 gateway 10.10.0.1 1 and Press ENTERa. Sets the IP address for NIC4. Type netsh interface ipv4 set dns name ”Local Area Connection” source static address 10.10.0.10primary Press ENTERa. Sets the Preferred DNS5. Type ipconfig /all and Press ENTERa. Confirm the IP configuration6. Type shutdown –r –t 0a. Restarts the server7. Log on as Administrator8. Type netdom join %computername% /domain: finalvision.coma. Joins the server to the finalvision.com domain9. Restart by typing shutdown –r –t 010. Type oclista. Lists the server roles that are installed11. Type ocsetup and Press ENTER12. Click OK13. Type ocsetup DNS-Server-Core-Role Press ENTERa. Must be followed directory , commands are case sensitiveb. Installs the DNS Server role on the Core Server14. Type oclista. Observer DNS Role is installed Copyright 2010 - Idea Dudes LLCPage 6
Exercise 2: Create a Domain Controller with Server Core1. Type dcpromo /unattend /replicaOrNewDomain: replica /replicaDomainDNSName: finalvision.com/ConfirmGC: Yes /UserName:Finalvision\Administrator /Password: */SafeModeAdminPassword:Pa w0rd Press Entera. This will start the Domain Controller install2. When prompted to enter credentials , type Pa w0rd for the administrator account in FinalVision.comin the FinalVision.com domain and Click OKa. Domain Controller will be installedExercise 3: Remove a Domain Controller1. Logon to the Server Core2. Type dcpromo /unattend /AdministratorPassword:Pa w0rda. This will remove the Domain Controller Copyright 2010 - Idea Dudes LLCPage 7
Module 3 – Creating and Managing a Custom MMCRequirementsUse the DC1 that was created in Module 1 - Exercise 1.Exercise 1: Create a Custom MMC1.2.3.4.5.6.7.8.9.10.11.12.13.14.15.Logon to the DC1 as Administrator (Pa w0rd)Click Start button and in Start Search box type MMC and Press ENTERChoose Add/Remove Snap-in from File MenuSelect Active Directory Users and Computers and click Adda. Notice Active Directory Schema is not presentedClick OK to close the Add/Remove Snap-in Dialog BoxClick Start Button and type cmdAt the command prompt type regsvr32 schmmgmt and press ENTERClick OKReturn the MMCAdd the Active Directory Schema Snap-InAdd the Computer Management Snap-In and direct it to Local ComputerClick on FinishClick on OK to close Add/Remove Snap-InChoose Save from the File and save menu and save the console to the desktop with the nameAdmin.mscClose the consoleExercise 2: Add a Snap-in to a MMC1.2.3.4.5.Open the Admin.mscChoose Add/Remove Snap-in from the File MenuAdd the Event Viewer and direct it to the Local ComputerClick OK to close the Add/Remove Snap-InSave and close the console Copyright 2010 - Idea Dudes LLCPage 8
Exercise 3: Manage the Snap-ins of an MMC1.2.3.4.5.6.7.8.9.10.11.12.13.Open the Admin.mscChoose Add/Remove Snap-ins from the File MenuSelect Event Viewer from the list of Selected snap-insClick Move Up buttonSelect Active Directory SchemaClick Remove ButtonSelect Computer ManagementClick Edit ExtensionsSelect Enable Only Selected ExtensionsDeselect Event ViewerClick OK to close the Extensions For Computer ManagementClick OK to close the Add/Remove Snap-ins Dialog boxSave and Close the consoleExercise 4: Prepare a Console for Distribution to Users1.2.3.4.5.6.7.8.9.10.11.Open Admin.mscChoose Options from the File MenuIn the Console Mode drop-down list, choose User Mode-Full AccessClick OKSave and close the consoleOpen the console by double-clicking itClick the File menua. There is not an Add/Remove Snap-ins optionClose the consoleRight-Click the console and choose AuthorClick the File Menua. Add/Remove Snap-ins option appearsClose the Console Copyright 2010 - Idea Dudes LLCPage 9
Module 4 – Creating and Locating Objects in Active DirectoryRequirementsUse the DC1 that was created in Exercise 1.Exercise 1: Create Organizational Units1.2.3.4.5.6.7.8.9.10.11.Logon to DC1 as an AdministratorOpen the Active Directory User and Computers snap-inExpand the Domain nodeRight-Click the Domain Node and choose New and Select Organizational UnitType the name of the Organizational Unit: EmployeeSelect Protect Container from Accidental DeletionClick OKRight-Click the OU and Choose PropertiesIn the Description Field, type Non-administrative user identitiesClick OKCreate the followingOU nameDesktopsGroupsAdminsServerLaptopsOU DescriptionDesktop ComputersNon-administrative groupsAdministrative groupsServerLaptop computersExercise 2: Create Users1. Right-Click Employees OU and Select New User Input the following information remember to clickNext to ContinueFirst NameDanRobertBarbaraLindaJackieLast NameHolmeRedfordBushMillsRobertsLogon NamedholmerredfordbbushlmillsjrobertsPasswordPa w0rdPa w0rdPa w0rdPa w0rdPa w0rdChange PasswordYesYesYesYesYes Copyright 2010 - Idea Dudes LLCPage 10
Exercise 3: Create Computers1.2.3.4.5.6.Right-Click Servers OU FinalVision and Select New ComputerComputer name box type SVR1 and Click OKRight-Click the computer and choose PropertiesJust look at properties do not change anyClick OKCreate the followingComputer rcise 4: Create Groups1.2.3.4.5.6.7.8.9.10.Right-Click the Groups OU and Select New GroupType Finance for the Group NameDo not change the name of the Group Name (Pre-Windows)Select Security for Group TypeSelect Global for the Group ScopeClick OKRight-Click Finance Group and select PropertiesExamine the Properties but do not change themClick OKCreate the following groups in Groups OUGroup nameGG Finance ManagersGG SalesAPP Office 2007Group TypeSecuritySecuritySecurityGroup ScopeGlobalGlobalGlobal11. Create the following groups in Admins OUGroup nameGG Help DeskGG Windows AdministratorsGroup TypeSecuritySecurityGroup ScopeGlobalGlobal Copyright 2010 - Idea Dudes LLCPage 11
Exercise 5: Add Users and Computers to .Right-Click GG Help Desk and Select PropertiesClick the Members TabClick Add ButtonSelect dialog box, type RobertClick Check NamesSelect Robert RedfordClick OK to close the Select dialog boxClick OK again to close the group propertiesOpen the properties of the APP Office 2007Click the Members TabClick AddSelect Desktop01Click Check NamesClick Cancela. Name Not Found BoxIn the Select box, Click Object TypesSelect Computers as an object Click OKClick Check Namesa. Name will resolveClick OKExercise 6: Find Objects in Active ght-Click the Domain FinalVision click Find ObjectsIn the Name Box, type BarbClick Find NowRight-Click Saved Queries NodeChoose New and choose QueryType All Users in the Name BoxDescription box type User for the entire domainClick Define QueryOn the Users tab, in the Name box, choose Has A ValueClick OK twice to close the dialog boxesChoose View and the click Add/Remove ColumnsIn the Available columns list, Select Last Name and click the Add ButtonIn the Displayed columns list, Select Type and click the Remove buttonClick OKDrag the Last Name Colum heading so that it is between Name and DescriptionClick the Last Name column heading to sort it alphabetically by last name Copyright 2010 - Idea Dudes LLCPage 12
Module 5 – Delegating Administrative TasksRequirementsUse the DC1 that was created in Exercise 1.Exercise 1: Delegate Administrative Tasks1.2.3.4.5.6.7.Logon to DC1 with Administrative PermissionsRight-Click Employees OU and choose Delegate Control to launch the Delegation of Control WizardClick NextOn the Users Or Groups page, click the Add buttonUsing the Select dialog, type Help Desl and then click OKClick NextOn the Tasks To Delegate page, select Reset User Passwords And Force Password Change At NextLogon task8. Click Next9. Review the summary of the actions that have been performed and click FinishExercise 2: View Delegated Permissions1.2.3.4.5.6.7.8.9.10.11.Right-Click the Employees OU and Choose PropertiesClick OK to close the Properties dialog boxClick the View menu and Select Advanced FeaturesRight-Click the Employees OU and choose PropertiesClick the Security tabClick the Advanced buttonIn the Permission Entries list, select the first permission assigned to the Help DeskClick the Edit ButtonIn the Permission Entry dialog box, locate the permission that is assigned, and then click OKRepeat steps 7-9 for the second permission entry assigned to the Help DeskRepeat steps 2 – 10 to view the ACL of a user in the Employees OU and to examine the inheritedpermissions assigned to the Help Desk12. Open the command prompt type dsacls “ou employees,dc contoso,dc com” and press Enter13. Locate the permission assigned to the Help Desk Copyright 2010 - Idea Dudes LLCPage 13
Module 6– Automating The Creation of User AccountsRequirementsUse the DC1 that was created in Exercise 1First Level Employees, GroupsA global security group in the Groups OU named SalesExercise 1: Create Users with a User Account 18.19.Log on to DC1 as AdministratorOpen ADUC and expand the domainRight-Click Employees OU and choose New and select UserFirst Name Box type SalesLast Name Box type TemplateUser Logon Name type salestemplate click NextType Pa w0rd in the Password box and Confirm Password boxSelect Account Is Disabled check box , Click NextClick FinishBring up Properties of the salestemplate accountClick Organization TabIn the Department box , type SalesIn the Company box, type Final Vision, Inc.Click the MemberOf tabClick Add ButtonType Sales and click OKClick Profile TabProfile Path box, type \\DC1\profiles\%username%Click OKExercise 2: Create a User with the Dsadd Command1. Open a command prompt2. Type dsadd user “cn Mike Tyson,ou Employees,dc finalvision,dc com” –samid Mike.Tyson –pwd* -mustchpwd yes –hmdir \\DC1\users\%username%\documents -hmdir U:3. You will be prompted to enter a password a password for the user twice. Type Pa w0rd4. Open ADUC and confirm Mike’s account is configured as entered Copyright 2010 - Idea Dudes LLCPage 14
Exercise 3: Import Users with CSVDE1. Open Notepad and create the following file , Enter the following linesDN,objectClass, sAMAccountName,sn,givenName,userPrincipalName“cn Lisa Turro,OU Employees,DC FinalVision,DC vision.com“cn Steve Austin,OU Employees,DC FinalVision,DC @finalvision.com2.3.4.5.Save the file to your Documents folder as Newusers.csvOpen a command promptType cd %userprofile%\Documents and press ENTERCsvde –I –f Newusers.csv –ka. –k continues when an error occurs6. Open ADUC snapin and confirm that users were created7. Examine accounts to ensure all information was createdExercise 4: Import Users with LDIFDE1. Open Notepad and create the following file , Enter the following linesDN: CN April Vow, OU Employees, DC FinalVision,DC ComchangeType: addCN: April VowobjectClass: usersAMAccountName: april.vowuserPrincipalName: april.vow@finalvision.comgivenName: Aprilsn: VowdisplayName: Vow, Aprilmail: april.vow@finalvision.comdescription: Sales Representative in USAtitle: Sales Representativedepartment: Salescompany: Final Vision, Inc.DN: CN April Vow, OU Employees, DC FinalVision,DC ComchangeType: addCN: Tony GuptaobjectClass: usersAMAccountName: Tony.GuptauserPrincipalName: tony.gupta@finalvision.comgivenName: Tonysn: GuptadisplayName: Gupta, Tonymail: Tony.Gupta@finalvision.comdescription: Sales Representative in Indiatitle: Sales Representativedepartment: Salescompany: Final Vision, Inc. Copyright 2010 - Idea Dudes LLCPage 15
2.3.4.5.6.7.Save the file to your Documents folder as Newusers.ldfOpen a command promptType cd %userprofile%\Documents and Press ENTERType ldifde –I –f newusers.ldf –k and Press ENTEROpen ADUC and verify accounts have been createdConfirm the user properties are populated Copyright 2010 - Idea Dudes LLCPage 16
Module 7– Creating Users with Windows PowerShell and VBScriptRequirementsUse the DC1 that was created in Exercise 1First Level Employees, GroupsA global security group in the Groups OU named SalesExercise 1: Install Windows PowerShell1.2.3.4.5.6.7.Logon to DC1 as AdministratorClick the Features node of the Server ManagerClick Add Features linkSelect Windows PowerShell from the Features list, Click NextClick InstallWhen the installation is complete, click CloseRight-Click Windows PowerShell in the Windows PowerShell program group and Pin it the StartMenuExercise 2: Create a User with Windows PowerShell1. Open Windows PowerShell2. Type objOU [ADSI]”LDAP://OU Employees,DC FinalVision,DC Com”a. Connect to the Employees OU3. Type objUser objOU.Create(“user”,”CN Mary Star”)a. Create Mary Star object4. Type . Populates the Pre-Windows 20005. Type objUser.SetInfo()a. Writes account into Active Directory6. Type objUser.distinguishedName7. Type objuser get-membera. Lists the populated attributes Copyright 2010 - Idea Dudes LLCPage 17
Exercise 3: Create a New User with a Windows PowerShell Script1. Log on to DC1 as Administrator2. Open Notepad3. Type the following objOU *ADSI ”LDAP://OU Employees,DC FinalVision,DC Com” objUser objUser.Create(“user”,”CN Scott Milner”) �) objUser.Setinfo()4. Save the script to your Documents folder as “Newuser.ps1”, with quotes to save as a non-textdocument5. Open Windows PowerShell6. Type cd documents and press ENTER7. Type set-executionpolicy remotesigneda. This will enable script execution8. Type .\newuser.ps1 and press ENTER9. Confirm that the user was created in Active DirectoryExercise 4: Create a New User with a VBScript Script1. Open Notepad2. Type the followingSet objOU GetObject(LDAP://OU Employees,DC FinalVision,DC Com)Set objUser objUser.Create(“user”,”CN Toya a.jackson”)objUser.Setinfo()3. Save the script in your Documents folder as “Newuser.vbs”, including the quotes so that it is a nontext document4. Open the command prompt5. Type cd %userprofile%\documents and press ENTER6. Type cscript.exe newuser.vbs7. Confirm that the user was created successfully in Active Directory Copyright 2010 - Idea Dudes LLCPage 18
Module 8– Supporting User Objects and AccountsRequirementsUse the DC1 that was created in Exercise 1First Level Employees, GroupsA global security group in the Groups OU named SalesScott MilnerToya JacksonMary StarExercise 1: View All Attributes of a User1.2.3.4.5.6.7.8.9.10.11.12.13.Logon to DC1 as an AdministratorOpen ADUCOpen Employees OU and Right-Click Scott MilnerChoose PropertiesExamine the tabs of the Properties dialog boxClick the Telephone tab and enter information into the Notes field. Click OKClick View menu and select Advanced FeaturesOpen the Properties of Scott Milner and Click the Attribute Editor tabScroll to locate the info attributeLocate the division attribute, double click it, type Subsidiary and click OKLocate the employeeID attribute, type 12345678 and then click OKExamine the other attributesClick OK to close the Properties dialog boxExercise 2: Manage Attributes of Multiple n the Employees OU , select Scott MilnerHold the CTRL key and select Mary Star and Toya JacksonRight-Click any of the selected users and choose PropertiesOn the General Tab, Select the Office box and type MiamiClick the Account TabClick on the Logon Hours buttonClick Sunday and click the Logon Denied optionClick Saturday and click the Logon Denied option then click OKSelect the Computer Restrictions button and click the Log On to buttonSelect the following optionIn the Computer Name box type DESKTOP01 and click AddRepeat the process for DESKTOP02 and DESKTOP03 then click OKOn the Address tab, select the Street, City, State/Province and Zip/Postal Code boxes and Enterfictitious informationClick the Profile tab and configure the \\DC1\%username%\documents home folderClick the Organizational tab and configure the company name, Final Vision, Inc.Click OKOpen the user objects to confirm that the changes were applied Copyright 2010 - Idea Dudes LLCPage 19
Exercise 3: Manage User Attributes with DS Commands1. Open Windows PowerShell2. Type dsquery user –name “* Milner” dsmod user –office “Sydney” –disabled “Yes”a. Modifies the location and account is disabled3. Confirm the changes in ADUC4. Type dsquery user –name “* Milner” dsget user –samid –upna. This will return the Pre-Windows 2000 account and the UPN of Scott Milner5. Type the following lines in Windows PowerShell objOU *ADSI ”LDAP://CN Scott Milner,OU Employees,DC FinalVision,DC Com” objUser.psbase.InvokeSet(‘AccountDisabled’, false) objUser.Setinfo()6. Confirm changes in ADUC Copyright 2010 - Idea Dudes LLCPage 20
Module 9– Creating and Managing GroupsRequirementsUse the DC1 that was created in Exercise 1First Level Employees, GroupsA global security group in the Groups OU named SalesScott MilnerToya JacksonMary StarExercise 1: Create .19.20.21.Logon to DC1 as an AdministratorOpen ADUC and Select the Groups OURight-Click Groups OU, choose New and then Select GroupIn the Group Name type SalesSelect the Global group scope and Security group type Click OKRight-Click the Sales group and choose PropertiesClick the Members tabClick the Add buttonType: Linda,Toya and click OKClick OK to close the Properties boxCreate two global groups Marketing and ConsultantsCreate a Domain Local group named ACL Sales Folder ReadOpen the properties of the ACL Sales Folder Read groupAdd Sales, Marketing and Consultants to the ACL Sales Folder Read groupAdd LindaOpen the properties for the Marketing groupAdd the ACL Sales Folder Read groupCreate a Sales folder on the C:\Bring up the Advanced Security properties for the SalesClick Edit and click AddClick Advanced , and then click Find Nowa. Notice groups with ACL prefix to assist in finding the groups faster22. Create a new groups called Christmas List and make it a Distribution GroupExercise 2: Convert Group Type and Scope1.2.3.4.5.6.Right-Click the Christmas List and choose PropertiesChange the group type to DistributionClick ApplyChange the group scope to Universal click ApplyChange the group scope to Global click ApplyClick OK to close the Properties dialog box Copyright 2010 - Idea Dudes LLCPage 21
Module 10– Automating the Creation and Management of GroupsRequirementsUse the DC1 that was created in Exercise 1First Level Employees, GroupsA global security group in the Groups OU named SalesScott MilnerToya JacksonMary StarExercise 1: Create a Group with Dsadd1. Logon to DC1 as an Administrator2. Open a command prompt3. Type dsadd group “CN Finance,OU Groups,DC FinalVision,DC Com” –samid Finance Group secgrp yes –scope g4. Confirm that group was created by using ADUCExercise 2: Import Groups with CSVDE1. Open Notepad and type the followingobjectClass, sAMAccountName, DN, membergroup,Accounting,”CN Accounting, OU Groups,DC FinalVision,DC Com”, “CN ScottMilner,OU Employees,DC FinalVision,DC Com”; “CN Mary Star,OU Employees,DC FinalVision,DC Com”2.3.4.5.Save the file to your Documents folder with the name “Importgroups.csv”Open a command promptType csvde –I –f “%userprofile%\importgroups.csv”Confirm the changes in ADUCExercise 3: Modify Group Membership with LDIFDE1. Open Notepad and type the followingdn: CN Accounting, OU Groups, DC FinalVision, DC ComchangeType: modifyadd: membermember: CN Toya Jackson,OU Employees, DC FinalVision,Dc Commember:CN Scott Milner,OU Employees,DC FinalVision,DC Comdn: CN Accounting, OU Groups, DC FinalVision, DC ComchangeType: modifyadd: membermember: CN Mary Star,OU Employees, DC FinalVision,Dc Com Copyright 2010 - Idea Dudes LLCPage 22
2.3.4.5.Save the file to your Documents folder as “Membershipchange.ldf”Open a command promptType ldifde –I –f Confirm that membership of Accounting group has been changedExercise 4: Modify Group Membership with Dsmod1. Open a command prompt2. Type dsmod group “CN Finance, OU Groups, DC FinalVision, DC Com” –addmbr “CN ScottMilner, OU Employees, DC FinalVision, DC Com” “CN Acccounting,OU Groups,DC FinalVision, DC Com”3. Confirm the changes in ADUCExercise 5: Confirm Group Membership with Dsget1.2.3.4.5.6.7.8.9.10.Open a command promptType dsget group “CN Accounting,OU Groups,DC FinalVision,DC Com” –membersPress ENTERType dsget group “CN Finance, OU Groups, DC FinalVision,DC Com” – membersPress ENTERType dsget group “CN Finance, OU Groups, DC FinalVision,DC Com” –members –expandPress ENTERType dsget user “CN Scott Milner, OU Employees, DC FinalVision, DC Com” –memberofPress ENTERType dsget user “CN Scott Milner, OU Employees, DC FinalVision, DC Com” –memberof expand11. Press ENTER Copyright 2010 - Idea Dudes LLCPage 23
Module 11– Administering Groups in an EnterpriseRequirementsUse the DC1 that was created in Exercise 1First Level Employees, GroupsA global security group in the Groups OU named SalesScott MilnerToya JacksonMary StarExercise 1: Create a Well-Documented Group1.2.3.4.5.6.7.8.9.10.11.12.Logon to DC1 as an AdministratorSelect the Groups OU in the console treeRight-Click the Groups OU, choose New and then select GroupGroup Name Box type ACL Budget EditSelect Domain Local in the Group Scope section and Security in the Group Type section, and clickOKClick the View menu and ensure Advanced Features is selectedRight-Click the ACL Budget Edit group and choose PropertiesClick the Object TabSelect the Protect Object From Accidental Deletion check box and Click OKOpen the group’s Properties againDescription box type BUDGET (EDIT)Notes field type the following\\SRV1\data \finance\budget\\SVR2\data \finance\revenue projections13. Click OKExercise 2: Delegate Management of Group Membership1.2.3.4.5.Open the Properties dialog box of ACL Budget Edit groupClick the Manage by tabClick the Change buttonType the user name for Scott Milner and click OKSelect the Manager Can Update Membership List check box Click OK Copyright 2010 - Idea Dudes LLCPage 24
Exercise 3: Validate the Delegation of Membership Management1.2.3.4.Open a command promptType runas /user:Scott cmd.exeEnter the Password Pa w0rdType the following dsmod group “CN ACL Budget Edit, OU Groups, DC FinalVision, DC Com”–addmbr “CN Finance, OU Groups, DC FinalVision, DC Com”5. Close command prompt6. Confirm the changes in ADUC Copyright 2010 - Idea Dudes LLCPage 25
Module 11– Creating Computers and Joining the DomainRequirementsUse the DC1 that was created in Mod 1 Exercise 1First Level Admins, GroupsA global security group in the Admins\Groups OU named Server AdminsA global security group in the Admins\Groups OU named Help DeskEmployees OUScott Milner member of Domain Users and Server AdminsToya JacksonMary Star member of Domain Users and Help DeskExercise 1: Create OUs for Client and Server Computer Objects1. Logon to DC1 as an Administrator2. Open ADUC and expand the domain3. Create Desktops and Servers OUsExercise 2: Create Computers Objects1.2.3.4.5.6.7.8.9.10.Right-Click the Desktops OU and select ComputerComputer Name box DESKTOP101Click the Change button next to the User or Group boxType Help Desk in the Select User Or Group dialog box that will be allowed to join the computer tothe domainClick OKCreate a New Computer in Server OU named Server02Click Change button next to User or Group boxType Server AdminsClick OKClick OKExercise 3: Delegate the Ability to Create Computer Objects1.2.3.4.5.6.7.8.9.10.11.12.Logon to DC1 as an AdministratorOpen ADUCClick View menu and ensure Advanced Features is selectedBring up the properties of Desktops OUClick the Security tabClick AdvancedClick AddType Help DeskClick the Object tabSelect This Object and All Descendant Objects from the Drop-Down listIn the Permissions list select Allow next to Create Computer ObjectsClick OK three timesExercise 4: Redirect the Default Computer Container1. Open a command prompt2. Type redircmp “OU Desktops, DC FinalVision, DC Com” Copyright 2010 - Idea Dudes LLCPage 26
Module 12– Create and Manage a Custom MMCRequirementsUse the DC1 that was created in Mod 1 Exercise 1First Level Admins, GroupsA global security group in the Admins\Groups OU named Server AdminsA global security group in the Admins\Groups OU named Help DeskEmployees OUScott Milner member of Domain Users and Server AdminsToya JacksonMary Star member of Domain Users and Help DeskWindows PowerShell must be installedExercise 1: Create a Computer with Dsadd1.2.3.4.Logon to DC1 as an AdministratorOpen a command promptType dsadd computer “CN DESKTOP100, OU Employees, DC FinalVision, DC Com”Confirm the computer was createdExercise 2: Import Computers by Using CSVDE1. Open ccountName“CN DESKTOP153,OU Desktops,DC FinalVision,DC Com”, computer, DESKTOP153, 4096, DESKTOP153 “CN DESKTOP154,OU Desktops,DC FinalVision,DC Com”, computer, DESKTOP154, 4096, DESKTOP154 “CN SERVER03,OU Servers,DC FinalVision,DC Com”, computer, Server03, 4096, Server03 2.3.4.5.Save the file to your Documents folder as “Computers.csv”Open a command promptType csvde –I –f “%userprofile%\documents\computers.csv”Confirm changes with ADUC Copyright 2010 - Idea Dudes LLCPage 27
Exercise 3: Import Computers by Using LDIF file1. Open Notepad2. Enter the following informationdn: CN Server10, OU Servers, DC FinalVision, DC Com”changeType: addobjectClass: TopobjectClass: personobjectClass: organizationalPersonobjectClass: userobjectClass: computercn: Server10userAccountControl: 4096sAMAccountName: SERVER10 dn: CN Server11, OU Servers, DC FinalVision, DC Com”changeType: addobjectCla
Exercise 1: Install Windows Server 2008 1. Insert the Windows Server 2008 installation DVD 2. Power on the system 3. Select the language, regional settings and keyboard layout that are correct for your system and Click Next 4. Click Install Now 5. Select the Windows Server 2008 Enterprise (Full Installation) and Click Next 6.
Several LTSC Windows Server versions that are supported with SC Series are in various phases of mainstream or extended Microsoft support: Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, and Windows Server 2019. Microsoft extended support for Windows Server 2008 R2 is scheduled to end in January 2020.
The Windows The Windows Universe Universe Windows 3.1 Windows for Workgroups Windows 95 Windows 98 Windows 2000 1990 Today Business Consumer Windows Me Windows NT 3.51 Windows NT 4 Windows XP Pro/Home. 8 Windows XP Flavors Windows XP Professional Windows XP Home Windows 2003 Server
A computer with at least a 450MHz Pentium CPU with 128 MB of RAM, running Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, Windows 8/8.1, Windows 10, Windows Server 2012, Windows Server 2016 or Windows Server 2019 platforms. Instal
Web Server Hardware Processor - Fast Multi Core or Multi Processor Memory - 4 gig Disk - 500MB Operating System Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 Software IIS 7, 7.5, 8, 8.5 & 10
Microsoft SQL Server 2012 (all editions except LocalDB) Microsoft SQL Server 2008 Express or Microsoft SQL Server 2008 R2 Express Microsoft SQL Server 2016 Workstation Requirements 32 or 64-bit editions of Windows XP SP3, Windows 7, Windows 8.1, and Windows 10. 32 or 64-bit editions of Windows Server 2003, Windows Server 2008 R2, Windows Server .
- 32 & 64 bit Windows 7, Windows 8 & Windows 10 - 32 & 64 bit Windows 2008 Server - Windows 2008 Server R2 - Windows Server 2012 - Windows Server 2012 R2 - Windows Server 2016 NOTE: Microsoft .Net Framework 4.5 is required on all o
Server 2005 , SQL Server 2008 , SQL Server 2008 R2 , SQL Server 2012 , SQL Server 2014 , SQL Server 2005 Express Edition , SQL Server 2008 Express SQL Server 2008 R2 Express , SQL Server 2012 Express , SQL Server 2014 Express .NET Framework 4.0, .NET Framework 2.0,
AutoCAD 2000 HDI 1.x.x Windows 95, 98, Me Windows NT4 Windows 2000 AutoCAD 2000i HDI 2.x.x Windows 95, 98, Me Windows NT4 Windows 2000 AutoCAD 2002 HDI 3.x.x Windows 98, Me Windows NT4 Windows 2000 Windows XP (with Autodesk update) AutoCAD 2004 HDI 4.x.x Windows NT4 Windows 2000 Windows XP AutoCAD 2005 HDI 5.x.x Windows 2000 Windows XP
