Windows Server administrationaga-pics.com/wp-content/uploads/2015/09/Windows...username and password for it and choose his group and click on finish. After this that new user can enter

Installing Windows Server 2012

Prepared by: Eng. Dlawar Sherzad Qadr Page 1

Windows Server administration

Third stage

Prepared by:

Eng. Dlawar Sherzad Qadr



Workgroup:

In computer networking, a workgroup is a collection of computers on

a local area network (LAN) that share common resources and

responsibilities. Windows workgroups can be found in homes, schools

and small businesses.

Microsoft Windows workgroups organize PCs as peer-to-peer local

networks that facilitate easier sharing of files, internet access, printers

and other local network resources. Each computer that's a member of

the group can access the resources being shared by the others, and in

turn, can share its own resources if configured to do so.

Joining a workgroup requires all participants to use a matching name.

All Windows computers are automatically assigned to a default group

named WORKGROUP.

Advantages of a workgroup:

• Usually designed for small local area networks such as schools,

homes or small businesses. Easy to install and configure.

• Function best and with fewer computers.

• Is easier to set up and configure than a domain.

• All content and resources can be shared with peers in the

network.

Disadvantages of workgroup:

• The security measures provided in a workgroup are not as strong

as those for a domain.

• Workgroups are not suggested for sensitive data, transmitting

networks, nor business network.

• There is no centralized management of the resources unlike the

domain network.

https://www.lifewire.com/local-area-network-816382https://www.lifewire.com/definition-of-p2p-818026https://www.lifewire.com/naming-windows-workgroups-818240



Homegroup:

A homegroup is a group of PCs on a home network that can share files

and printers. Using a homegroup makes sharing easier. You can share

pictures, music, videos, documents, and printers with other people in

your homegroup.

You can help protect your homegroup with a password, which you can

change at any time. Other people can't change the files that you share

unless you give them permission to do so.

After you create or join a homegroup, you select the libraries (for

example, My Pictures or My Documents) that you want to share. You

can prevent specific files or folders from being shared, and you can

share additional libraries later.

Domain controller (DC):

On Microsoft Servers, a domain controller (DC) is a server

computer that responds to security authentication requests (logging in,

checking permissions, etc.) within a Windows domain.

A domain controller is the centerpiece of the Windows Active

Directory service. It authenticates users, stores user account

information and enforces security policy for a Windows domain.

A domain controller gives access to another domain in a trust

relationship so that a user logging into a domain can access resources

in another domain. If the server performing the domain controller role

is lost, the domain can still function. If the primary domain controller

is not available, the administrator can designate an alternate domain

controller to assume the role.

https://en.wikipedia.org/wiki/Microsoft_Servershttps://en.wikipedia.org/wiki/Server_(computing)https://en.wikipedia.org/wiki/Server_(computing)https://en.wikipedia.org/wiki/Windows_domain



DCPromo (Domain Controller Promoter): DCPromo (Domain Controller Promoter) is a tool in Active

Directory that installs and removes Active Directory Domain Services

and promotes domain controllers. DCPromo, which builds forests

and domains in Active Directory.

Installing Active Directory (AD):

Before installing active directory make sure that you change server

name and set IP address for your server then start installing active

directory.

For installing active directory go to manageadd role and

features click on next till you rich server selection, Then choose

that server you want to install active directory on it.

Then click on next and in server roles choose Active directory

domain service then click on add futuresthen click on next.

http://searchwindowsserver.techtarget.com/definition/Active-Directoryhttp://searchwindowsserver.techtarget.com/definition/Active-Directoryhttp://searchwindowsserver.techtarget.com/definition/Active-Directory-domain-AD-domainhttp://searchwindowsserver.techtarget.com/definition/domain-controllerhttp://searchwindowsserver.techtarget.com/definition/Active-Directory-forest-AD-foresthttp://searchwindowsserver.techtarget.com/definition/Active-Directory-domain-AD-domain



Click on next till you reach confirmation and tick the restart the

destination server automatically if required, Then click on Install

and wait till active directory installed, the installation process may be

need 20 minutes, don’t worry.

After that installation is complete in result window click on promote

this server to a domain controller link in the top part of window to

create a domain and configure the domain controller.



After we click on link this window is appear to change configuration

and add a domain, here we choose add a new forest because we don’t

have previously server or forest, so we make it, in the root domain

name we must set name to our domain and it used by clients in the

network to find our domain, then click on next.

In this window we must set forest functional level and domain

functional level, it is so important we know that we work on which

level of server to add role and futures to that level, because each

higher level have more and newer role and functionality that don’t run

on lower level, then we set a strong password to active directory

services.



Then click on next till you rich Additional Options and wait till

domain set his NetBIOS name then click on next.

NetBIOS name is a name is like DNS and is used to specify that this

computer is member of which domain and it is used in local

networks only, because it create a traffic and cannot used in internet,

this NetBIOS name is Flat and its length is limited to 16, one bit is

used by system and you can use only 15 bits, we say it is flat because

it don’t have any prefix and postfix, normally server get the left side

of domain name and set as NetBIOS name, if you want you can

change it otherwise click on next.

In the paths you can set a location for active directory database and

login folderand other folders.



Then click on next till you rich prerequisites check and wait till

install bottom is actived then click on install, then wait till

installation process is complete then reboot the server.

After restart the server open the server manager and in the left side

you can see (AD DC and DNS) is added to your server is mean that

you successfully install active directory and domain service.



Add users to domain:

For add user separately or add another user go to server manager

tools Active Directory Users and Computers press R.C on

empty area and choose new user and enter its name and set

username and password for it and choose his group and click on

finish.

After this that new user can enter his username and password and

enter to your domain.

Add computers to a domain:

For add new computer to your domain type sysdm.cpl in run and go

to change , choose member of domain and enter domain name, then

enter domain admins username and password to add that computer t

domain, of you want remove that computer from domain choose

member of workstation and enter any name for workstation and click

on finish.



If you want see all computers and users are member of your domain

go to server manager tools Active Directory Users and

Computers from users you can see users and from computers you

can see computers, if you double click on any computer name you

can see al detail about that computer.

Creating Groups:

For creating groups go to server manager tools group policy

management drop down forest drop down your domain

name highlight group policy object press right click chose

new enter your group name and press ok.



Organizational Unit(OU):

Organizational unit is a group for administrative purposes. By this

(OU) you can manage your network and prevent member to access

something or can do something in your network or on their computers,

you can lock down members and you tell them exactly what he can do

on their computers and they just can do this.

Creating Organization Unit (OU):

For creating organization unit (OU) go to server manager tools

group policy management drop down forest drop down your

domain name highlight domain name press right click chose

new organization unit enter your OU name and press ok.

If you want add a group policy object (GPO) to your OU highlight

your OU and right click on it and choose link to existing GPO then

choose your GPO and click on ok.



Adding user to (OU):

For adding user to OU go to server manager tools Active

Directory Users and Computers users highlight your user

and press R.C on it and choose move then on popup window select

your OU, that user is disappear in users and moved to OU, open OU

and you can see that user there.

Add and configure user and computer:

For adding a windows computer or any device to your domain

controller at first you must set preferred DNS server for your

computer.

Turn on your windows open run type sysdm.cpl network

ID.



Choose first option and next till you rich username and password

window, then enter your username and password and domain name

then click on next.

Then enter computer name and computer domain then click on next.

Then enter your domain username and password and domain then

click on next.



Then choose your account type and click on next.

Then click next and finish after restart your computer, when windows

is started up press CTRL+ALT+DELET to enter your password and

entre ass a member of that domain.



Delegation control:

Delegation control is the process of assigning permission for user and

groups in OU, and grant users or groups only the permissions they

need without adding users to privileged groups (e.g., Domain Admins,

Account Operators).



Map Network Drive:

Network drive is creating a drive on server to shown in client

computers.

For creating network drive at first we must have an OU, Group and

users in group, group policy, then create a share folder to create drive

from it then start configuring.

At first go to server manager file and storage services shares

on empty area press R.C and choose new share.

Click on next then choose your drive then set share folder name then

next till you rich end and create.

After that go to that location you choose you will see a folder is

created as Shares inside it another folder is created by that name you

will set.



Then go to GPO and select your group that linked with OU, pressR.C

on it then choose edit user configuration preference map

drive on empty area press R.C new mapped drive.

In action choose create, in path set location of shared folder we

created, tick on reconnect, select drive letter, in hid/show drive select

show this drive and show all drives then ok.



Then open CMD and type ( gpupdate /force ) wait till is finish.

Then go to your windows and logon by your user you will see the

network drive is added.