TestOut PC Pro Ch08 - System Mgmt 2

08.1.0-001 Active Directory

Policy

A set of rules and guidelines that establish the way that a business is conducted within an organization.

08.1.0-002 Active Directory

Workgroup

Microsoft’s implementation of peer-to-peer networking.

08.1.0-003 Active Directory

Domain

An administratively defined collection of network resources that share a common directory database and security policies.

08.1.1-004 Workgroup vs Domain Setup

Workgroup

Microsoft’s implementation of peer-to-peer networking. A LAN link connects each host. No host by itself has a specific role, but instead, each one provides and consumes network resources - possibly being a server or a host at different times.

Computers in the same workgroup can access shared resources, such as shared files or printers. In a workgroup setting, the local user creates the password that provides the shared access.

08.1.1-005 Workgroup vs Domain Setup

Workgroup Benefits

It’s easy and you don’t have to purchase any specialized equipment. The Windows OS itself has everything you need to setup this type or networking mode.

08.1.1-006 Workgroup vs Domain Setup

Workgroup Disadvantages

It doesn’t scale very well, if you have a organization with more than 10 computers, w workgroup will be difficult to manage because it lacks centralized control. You’d have to make all the configuration changes separately on each computer.

A workgroup can also be difficult to back up. Instead of having just one host where everyone saves their information, you might have different information stored on each system. Deciding what information to back up and from which computer could be challenging, especially if you’re doing backups every day. Workgroups also lacks security.

They have no centralized authentication and only require a username and password to login.

08.1.1-007 Workgroup vs Domain Setup

Domain

A collection of network resources that share a common directory database and security policy. A domain uses the client-server model, where each host has a specific role. Clients request and consume information from servers. Servers provide user management, security, printing, and storage in the form of file servers or mapped drives.

08.1.1-008 Workgroup vs Domain Setup

Domain Advantages

Domains provide centralized management, improved security, scalable structures, and easier data backup. They allow for unified user authentication and policies across multiple systems.

08.1.1-009 Workgroup vs Domain Setup

Domain Disadvantages

More expensive to implement because it requires specialized software and hardware. The domain model is also much more complex and takes longer to set up on the front end.Domain disadvantages include higher costs due to required server infrastructure and complexity that demands more expertise for setup and maintenance.

08.1.2-0010 Active Directory Overview

Centralized control

All the computers share the same central authentication and configuration database located on a domain controller. Once a user has been created on the domain controller, he or she can use any computer on the network to perform any permitted task.

Provides resources for an administrator to backup, manage, configure and secure the network from a single point. Easy access to files and print resources by publishing them on the network. A user can search the directory database for the document they need and securely access it.

08.1.2-0011 Active Directory Overview

Components - Domain

A collection of network objects or resources that share a common directory database and security policies. The domain is the basic administrative unit of an Active Directory structure that stores user and security information.

Depending on the requirement, the entire network might be represented by a single domain with hundreds or thousands of objects. It’s also possible that one network could require multiple domains, so a naming convention might be necessary.

In this example, the distinguished - or full - DNS name is CorpNet.xyz. The domain, or common name is CorpNet. Each domain has one or more domain controllers.

08.1.2-0012 Active Directory Overview

Components - Domain Controller

A Windows server that holds the Active Directory database. A domain controller is a member of only one domain, but a domain can contain multiple domain controllers - each holding a copy of the same Active Directory database.

Any of these domain controllers can make changes to the database because all changes are copied between domain controllers in a process called replication.

08.1.2-0013 Active Directory Overview

Components - Objects, Containers and OUs.

Represents each network resource which include user accounts, groups, computers, or printers. Each object has assigned attributes that contain specific information. For example, a user account may have information about the user’s name, phone number, and email address.

The objects are organized into logical containers. These containers help to make security administration easier by subdividing and organizing network resources. Windows comes preconfigured with a few containers, including ones for computers and users.

These containers are created by default and can’t be moved, renamed, or deleted. You can however, create organizational units. An organizational unit can contain other OUs or any type of object, such as user, computers, and printers.

08.1.3-0014 Join a Domain

Join a Domain

RC-Start Menu Button > Click System (opens system about window) Below the device info click Domain or Workgroup (launches system properties window) Click Change > Toggle the Domain Member of Button

In order to join a host or a system to a domain, there needs to be a domain created. A Windows server system must be setup and install Active Directory on it, then make it a domain controller and then configure a domain.

08.1.3-0015 Join a Domain

Prepare the System

You can also setup the Server with Active Directory Domain Server (AD DS), you can also have DNS on this domain. If DNS is setup on the same domain controller, be mindful of the DNS IP Address.

The host or system (workstation) doesn’t know how to contact the domain controller, we would need to configure to be able to find the domain controller.

08.1.3-0016 Join a Domain

Configure DNS Server Address

Go down to the Network Icon in the notification area on the bottom right of the taskbar, RC Network Icon > Select Network and Internet Settings > Click Ethernet

Scroll down to see the IP Assignments where it is set to Automatic or DHCP. The IP is coming via DHCP and so is the DNS information.

If your network is set up so that your DHCP server is handing out the correct IP address for your AD DNS Server, you don’t have to make any changes. If it’s not, then you need to manually specify the IP address pointing to the DNS server that’s functioning within your AD environment.

Click Edit, Change to Manual and click Save. Plug in the values for the IP, subnet mask, gateway router IP address, and the DNS address then click Save.

Search bar, open CLI elevated and type ipconfig /all. Confirm the changes are made so the host/workstation can contact the domain controller.

08.1.3-0017 Join a Domain

Join the Domain

Back to the system properties, click the Domain radio button and enter the name of the domain you want to join.

Before this host/workstation can join the domain, Administrative domain user credentials are required to be authenticated. If done correctly, you will get a Welcome to the Domain message, then click OK.

Restart the host/workstation for changes to take place.

08.1.3-0018 Join a Domain

Login as a Domain User

You now have the option to login as a local user, but there is a new login option available. Login as Other User. Type the name of the domain then a backslash, and then put the name of the user in the domain to be authenticated.

Because your logging into the system for the first time using a domain user account, we need to provision that user account on the system. You have to have the user profile setup as well as the profile directory setup. You need to have the default apps installed.

8.1.4-0019 LAB
JOIN A WORKSTATION TO A DOMAIN

1. Right click Start Menu > click System

8.1.4-0020 LAB
JOIN A WORKSTATION TO A DOMAIN

2. Verify Account is local Acct, Click Domain or Workgroup

8.1.4-0021 LAB
JOIN A WORKSTATION TO A DOMAIN

3. System Properties Window, Click Change

8.1.4-0022 LAB
JOIN A WORKSTATION TO A DOMAIN

4. Comp Name Window > Click Domain > Enter Domain Name, Click OK

8.1.4-0023 LAB
JOIN A WORKSTATION TO A DOMAIN

5. Windows Security Window, Enter Admin Credentials, Click OK

8.1.4-0024 LAB
JOIN A WORKSTATION TO A DOMAIN

6. Welcome to Domain Window > Click OK > Restart Now

8.1.4-0025 LAB
JOIN A WORKSTATION TO A DOMAIN

7. Login then Right click Start-Menu > Click System, verify account

8.1.5-026 Manage Active Directory Objects