-
7/29/2019 Active Directory Labs
1/78
ACTIVE DIRECTORYHAND-ON LAB ([email protected])
Partner Technology Specialist Microsoft Thailand
-
7/29/2019 Active Directory Labs
2/78
Lab Diagram
-
7/29/2019 Active Directory Labs
3/78
Server Name IP Address
-
7/29/2019 Active Directory Labs
4/78
Lab 1 : Promote Domain
Lab 1.1 : Domain contoso.com
Lab 1.2 : Join Windows XP Domain Lab 1.3 : Active
Directory
-
7/29/2019 Active Directory Labs
5/78
Lab 1.1 : Domain
contoso.com
Command Prompt dcpromo
-
7/29/2019 Active Directory Labs
6/78
Lab 1.1 : Domain
contoso.com
Next Next
-
7/29/2019 Active Directory Labs
7/78
Lab 1.1 : Domain
contoso.com Domain Controller for newdomain
Domain in a new forest
-
7/29/2019 Active Directory Labs
8/78
Lab 1.1 : Domain
contoso.com domain Next
Next
-
7/29/2019 Active Directory Labs
9/78
Lab 1.1 : Domain
contoso.com Next
Next
-
7/29/2019 Active Directory Labs
10/78
Lab 1.1 : Domain
contoso.com Install and configure the DNS server
Permissions compatibleonly with Windows 2000 orWindows
Server
-
7/29/2019 Active Directory Labs
11/78
Lab 1.1 : Domain
contoso.com Password Next
Next
-
7/29/2019 Active Directory Labs
12/78
Lab 1.1 : Domain
contoso.com Windows 2003
I386 directory DNS Server
-
7/29/2019 Active Directory Labs
13/78
Lab 1.1 : Domain
contoso.com Finish Restart
-
7/29/2019 Active Directory Labs
14/78
Lab 1.1 : Domain
contoso.com Start Logon Active Directory Users and
Computers(Start Administrative Tools Active Directory Users and
Computers )
-
7/29/2019 Active Directory Labs
15/78
Lab 1.1 : Domain
contoso.com DNS Management(Start Administrative Tools DNS )
Zone contoso.comcontoso.com sub zone myserver
-
7/29/2019 Active Directory Labs
16/78
Lab 1.2 : Join Windows XP Domain
Client Name IP Address
-
7/29/2019 Active Directory Labs
17/78
Lab 1.2 : Join Windows XP Domain
Change Domain contoso
OK
-
7/29/2019 Active Directory Labs
18/78
Lab 1.2 : Join Windows XP Domain
User Password Restart
restart Logon User Contoso\Administrator
L b J i Wi d XP
-
7/29/2019 Active Directory Labs
19/78
Lab 1.2 : Join Windows XP Domain
Active Directory Users and Computers(Start Administrative Tools
Active Directory Users and Computers )
Click Computers Client Join Domain
-
7/29/2019 Active Directory Labs
20/78
Lab 2 : Object Active Directory
Lab 2.1 : Organization Unit
Lab 2.2 : User Lab 2.3 : Group
Lab 2.4 : Shared Folders, Printers
-
7/29/2019 Active Directory Labs
21/78
Lab 2.1 : Organization Unit
Active Directory Users and Computers(Start Administrative Tools
Active Directory Users and Computers )
-
7/29/2019 Active Directory Labs
22/78
Lab 2.1 : Organization Unit
Click contoso.com New Organization Unit
Lab 2 1 : Organization
-
7/29/2019 Active Directory Labs
23/78
Lab 2.1 : Organization
Unit OU Sales, Executives Managed Desktop
-
7/29/2019 Active Directory Labs
24/78
Lab 2.2 : UserClick contoso.com New User
-
7/29/2019 Active Directory Labs
25/78
Lab 2.2 : User User OU Sales Executive
-
7/29/2019 Active Directory Labs
26/78
Lab 2.2 : UserClick contoso.com New User
-
7/29/2019 Active Directory Labs
27/78
Lab 2.3 : GroupClick contoso.com New Group
-
7/29/2019 Active Directory Labs
28/78
Lab 2.3 : Group Group
L b G
-
7/29/2019 Active Directory Labs
29/78
Lab 2.3 : GroupClick Group Properties Add Users Group
L b 2 3 G
-
7/29/2019 Active Directory Labs
30/78
Lab 2.3 : Group
tab Members Click Add
User Add Check Names OK
L b 2 3 G
-
7/29/2019 Active Directory Labs
31/78
Lab 2.3 : Group
tab Members Click Add
User Add Check Names OK
-
7/29/2019 Active Directory Labs
32/78
Lab 2.4 : Shared Folder, Printer
Shared Folder C:\Shared click Shared Properties
L b Sh d F ld P i
-
7/29/2019 Active Directory Labs
33/78
Lab 2.4 : Shared Folder, Printer
Shared Folder C:\Shared click Shared Properties
L b 2 4 Sh d F ld P i
-
7/29/2019 Active Directory Labs
34/78
Lab 2.4 : Shared Folder, Printer
tab Sharing Share thisfolder tab Security Permission
L b 2 4 Sh d F ld P i t
-
7/29/2019 Active Directory Labs
35/78
Lab 2.4 : Shared Folder, Printer
Click Add Group
Group
L b 2 4 Sh d F ld P i t
-
7/29/2019 Active Directory Labs
36/78
Lab 2.4 : Shared Folder, Printer
Click Add Group
Group
L b 2 4 Sh d F ld P i t
-
7/29/2019 Active Directory Labs
37/78
Lab 2.4 : Shared Folder, Printer
Modify Write Group Add
Lab 2 4 : Shared Folder Printer
-
7/29/2019 Active Directory Labs
38/78
Lab 2.4 : Shared Folder, Printer
Windows XP log off log on User Sales Team (NEO)
Map Network Drive \\MYSERVER\Shared Shared
Logon User Group Sales Team(Pairoj) File
Lab 3 : Group Policy
http://myserver/Sharedhttp://myserver/Shared
-
7/29/2019 Active Directory Labs
39/78
Lab 3 : Group Policy
Lab 3.1 : Group Policy Computer User
Lab 3.2 : Password Policy DomainPolicy
Lab 3.3 : Group Policy Software Lab 3.4 : Group Policy
Management
Console (GPMC) Group Policy in Common Scenario
Lab 3.1 : Group Policy Computer
-
7/29/2019 Active Directory Labs
40/78
p y p
User
Active Directory Users and Computers(Start Administrative Tools
Active Directory Users andComputers )
Lab 3.1 : Group Policy Computer
-
7/29/2019 Active Directory Labs
41/78
p y p
User
OU Click Properties
Lab 3.1 : Group Policy Computer
-
7/29/2019 Active Directory Labs
42/78
User
tab Group Policy
Sales Policy Edit
Lab 3.1 : Group Policy Computer
-
7/29/2019 Active Directory Labs
43/78
User
User Configuration Start Menu and Taskbar
Double Click Remove Runmenu fromStart Menu
Lab 3.1 : Group Policy Computer
-
7/29/2019 Active Directory Labs
44/78
User
Enable OK
Lab 3.1 : Group Policy Computer
-
7/29/2019 Active Directory Labs
45/78
User
User Configuration Control Panel
Double Click RemoveProhibitaccess to theControl Panel
Lab 3.1 : Group Policy Computer
-
7/29/2019 Active Directory Labs
46/78
User
Enable OK
Lab 3.1 : Group Policy Computer
-
7/29/2019 Active Directory Labs
47/78
User
Command Prompt gpupdate /force
Lab 3.1 : Group Policy Computer
-
7/29/2019 Active Directory Labs
48/78
User
Windows XP Logon User OU Sales (pairoj)
Run Control Panel
Lab 3.1 : Group Policy Computer U
-
7/29/2019 Active Directory Labs
49/78
User
Logon User OU Sales (NEO)
Run Control Panel
Lab 3.1 : Group Policy Computer U
-
7/29/2019 Active Directory Labs
50/78
User
OU manage computer Click Properties
Lab 3.1 : Group Policy Computer U
-
7/29/2019 Active Directory Labs
51/78
User
tab Group Policy
Sales Policy Edit
Lab 3.1 : Group Policy Computer U
-
7/29/2019 Active Directory Labs
52/78
User
Interactive logon: Do not display last user name
Lab 3.1 : Group Policy Computer User
-
7/29/2019 Active Directory Labs
53/78
User
Interactive logon: Message text for users attempting to log
on
Lab 3.1 : Group Policy Computer User
-
7/29/2019 Active Directory Labs
54/78
User
Interactive logon: Message title for users attempting for
logon
Lab 3.1 : Group Policy Computer User
-
7/29/2019 Active Directory Labs
55/78
User
Move computer Computer Managed Computer
Lab 3.1 : Group Policy Computer User
-
7/29/2019 Active Directory Labs
56/78
User
Windows XP Command Prompt gpupdate /force
Lab 3.1 : Group Policy Computer User
-
7/29/2019 Active Directory Labs
57/78
User
Restart Windows XP Logon
Ctrl-Alt-Delete Screen
Lab 3.1 : Group Policy Computer User
-
7/29/2019 Active Directory Labs
58/78
User
security template Directory Security Setting , click
ImportPolicy
Security Policy Template
Lab 3.2 : Password Policy DefaultDomain Policy
-
7/29/2019 Active Directory Labs
59/78
Domain Policy
Click contoso.com Group Policy Tab Default Domain Policy
Edit
Lab 3.2 : Password Policy DefaultDomain Policy
-
7/29/2019 Active Directory Labs
60/78
Domain Policy
Password Policy Computer ConfigurationWindows SettingsAccount
Policies Password Policy
Lab 3.3 : Group Policy Software
-
7/29/2019 Active Directory Labs
61/78
Group Policy Managed Desktop
Lab 3.3 : Group Policy Software
-
7/29/2019 Active Directory Labs
62/78
Software installation , click new Package
Lab 3.3 : Group Policy Software
-
7/29/2019 Active Directory Labs
63/78
file .msi UNC name
mode deploy assigned
Lab 3.3 : Group Policy Software
-
7/29/2019 Active Directory Labs
64/78
Package Deploy list Software installation
Lab 3.3 : Group Policy Software
-
7/29/2019 Active Directory Labs
65/78
Windows XP Command Prompt gpupdate /force
Lab 3.3 : Group Policy Software
-
7/29/2019 Active Directory Labs
66/78
Restart Windows XP Software
Lab 3.4 : Group Policy Management Console
-
7/29/2019 Active Directory Labs
67/78
GPMC GPMC.MSI Windows 2003 Server Group Policy Management Start
Administrative ToolsGroup Policy Management
Lab 3.4 : Group Policy Management Console
-
7/29/2019 Active Directory Labs
68/78
OU Sales Group Policy (Sales Policy)
Lab 3.4 : Group Policy Management Console
-
7/29/2019 Active Directory Labs
69/78
tab Settings click show Policy setup
Lab 3.4 : Group Policy Management Console
-
7/29/2019 Active Directory Labs
70/78
tab Settings click show Policy setup
Group Policy in Common Scenario
-
7/29/2019 Active Directory Labs
71/78
Group Policy Desktop
http://www.microsoft.com/downloads/details.aspx?familyid=354B9F45-8AA6-4775-9208-C681A7043292&displaylang=en
Group Policy in Common Scenario
http://www.microsoft.com/downloads/details.aspx?familyid=354B9F45-8AA6-4775-9208-C681A7043292&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=354B9F45-8AA6-4775-9208-C681A7043292&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=354B9F45-8AA6-4775-9208-C681A7043292&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=354B9F45-8AA6-4775-9208-C681A7043292&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=354B9F45-8AA6-4775-9208-C681A7043292&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=354B9F45-8AA6-4775-9208-C681A7043292&displaylang=en
-
7/29/2019 Active Directory Labs
72/78
Machine Policy GPOs Lightly Managed
Mobile No differences from Lightly Managed GPO, so no machine
GPO exists forMobile
Highly Managed AppStation - No differences from Highly Managed
GPO, so no machine GPO exists for
AppStation
Multi-User GPO provided
TaskStation GPO provided
Kiosk GPO provided
User Policy GPOs Lightly Managed
Mobile GPO provided
Highly Managed AppStation - GPO provided
Multi-User GPO provided
TaskStation GPO provided
Kiosk GPO provided
Group Policy in Common Scenario
-
7/29/2019 Active Directory Labs
73/78
Group Policy in Common Scenario
-
7/29/2019 Active Directory Labs
74/78
Run CreateCommonScenarios.cmd C:\Program
Files\Microsoft\GroupPolicy Common Scenarios\Scripts
Group Policy in Common Scenario
-
7/29/2019 Active Directory Labs
75/78
Y
Group Policy in Common Scenario
-
7/29/2019 Active Directory Labs
76/78
Group Policy in Common Scenario
-
7/29/2019 Active Directory Labs
77/78
OU Common Scenarios Group Policy
Group Policy in Common Scenario
-
7/29/2019 Active Directory Labs
78/78
move User Computer Group Policy
