Differences between revisions 27 and 35 (spanning 8 versions)
Revision 27 as of 2016-09-19 22:39:36
Size: 2071
Editor: scot
Comment:
Revision 35 as of 2020-08-12 00:31:36
Size: 3172
Editor: scot
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= Lab 04 = = Lab 03-04 =
Line 3: Line 3:
In this lab you will create some organizational groups and users in your AD. In this lab you will create some organizational units, groups and users in your AD.
Line 8: Line 8:
  a. Change its network address to be IP=192.168.1.3, subnet=255.255.255.0, DNS=192.168.1.2 and verify that you can access the internet.
  a. Change its name to be cpte230b
  a. Add the new Windows 10 computer to the Active directory.
  a. Change its network address to be IP=192.168.1.5, subnet=255.255.255.0, DNS=192.168.1.2 and verify that you can access the internet.
  a. Change its name to be cpte230w
  a. Add the new Windows 10 computer to the top Active directory domain.
Line 12: Line 12:
     1. Under Computer Name, click "Change..." and add it to your active directory.
 1. Find and install the remote administration tools.
     1. Under Computer Name, click "Change..." and add it to your active directory.
     1. In the Windows 10 computer as administrator add the "Domain Users" to the list of users allowed to use remote desktop
        1. Right click start
        1. Select System, Advanced System Settings
        1. Select Remote, Select Users and Add "Domain Users" to the list.
 1. Find and install the remote administration tools. (Hint: you can do this through powershell easier than through the GUI)
 1. Instal Windows Admin Center
 1. Enable remote desktop connections
Line 15: Line 21:
In your domain controller: In your domain controller (Using the RSAT tools or powershell):
Line 17: Line 23:
 1. Create an organizational unit named {{{OU_Contractors}}}
  a. Create a global group in the {{{OU_Contractors}}} called {{{g_contractors}}}
 1. Create an organizational unit in your child domain named {{{OU_Contractors}}} and add the following items to this OU.
  a. Create a global group called {{{g_contractors}}}
Line 20: Line 26:
 1. Create a user mgr in the users folder.  1. Create a user mgr in the users folder of your parent domain.
Line 23: Line 29:
 1. Create a new folder on your cpte230a (parent domain controller) and share it. Make the share name {{{contractors}}}.
  a. Set permissions on the share to allow {{{g_contractors}}} to read and write to it.
  a. Set permissions on the share to give the mgr user full control.
Line 28: Line 37:
 1. Document the OU structures added and Groups added to each domain on the domains page.
 1. Do this in a new section called "Organizational Units" and "Groups"
 1. Document the OU structures added and Groups added to each domain on the domains page. Do this in a new section called "Organizational Units" and "Groups"
 1. Document the Share created and its purpose in a new section called "Shared Resources"
Line 33: Line 42:
||Video Shows: OU structures and groups created in the instructions ||20 ||
||Video Shows: A remote login event to windows 10 using the mgr user. ||30 ||
||Video Shows: the mgr user changing the password for the contractor user on the windows 10 machine. ||30 ||
||Video Shows: OU structures and groups created in the instructions ||10 ||
||Video Shows: A remote login event to windows 10 using the mgr user. ||10 ||
||Video Shows: the mgr user changing the password for the contractor user on the windows 10 machine. ||20 ||
||Video Shows: the contractor user accessing the file share and adding a new text file || 20 ||
||Video Shows: the mgr user accessing the file share and deleting the new text file || 20 ||

Lab 03-04

Instructions

In this lab you will create some organizational units, groups and users in your AD.

Create a new VM:

  1. Add a new Windows 10 virtual machine
    1. Change its network address to be IP=192.168.1.5, subnet=255.255.255.0, DNS=192.168.1.2 and verify that you can access the internet.
    2. Change its name to be cpte230w
    3. Add the new Windows 10 computer to the top Active directory domain.
      1. Right click start, system, advanced settings
      2. Under Computer Name, click "Change..." and add it to your active directory.
      3. In the Windows 10 computer as administrator add the "Domain Users" to the list of users allowed to use remote desktop
        1. Right click start
        2. Select System, Advanced System Settings
        3. Select Remote, Select Users and Add "Domain Users" to the list.
  2. Find and install the remote administration tools. (Hint: you can do this through powershell easier than through the GUI)
  3. Instal Windows Admin Center
  4. Enable remote desktop connections

In your domain controller (Using the RSAT tools or powershell):

  1. Create an organizational unit in your child domain named OU_Contractors and add the following items to this OU.

    1. Create a global group called g_contractors

    2. Create a user called contractor and put them in g_contractors group.

  2. Create a user mgr in the users folder of your parent domain.
    1. Make mgr the Administrator for the OU_Contractors by using the delegation wizard. Make sure the the user has "Reset user passwords..." and "Modify the membership of a group"

    2. Set the mgr password and document it in the "password" page. Make sure there is no requirement to change the password.
  3. Create a new folder on your cpte230a (parent domain controller) and share it. Make the share name contractors.

    1. Set permissions on the share to allow g_contractors to read and write to it.

    2. Set permissions on the share to give the mgr user full control.
  4. You will demonstrate mgr's ability by changing the password for "contractor".
    1. You can demonstrate this by logging in to your windows 10 machine and starting the active directory users and computers tool.
    2. Find the contractor user and reset the password.

Documentation

  1. Document the OU structures added and Groups added to each domain on the domains page. Do this in a new section called "Organizational Units" and "Groups"
  2. Document the Share created and its purpose in a new section called "Shared Resources"

Video Grade Guide

Topics

Points

Video Shows: OU structures and groups created in the instructions

10

Video Shows: A remote login event to windows 10 using the mgr user.

10

Video Shows: the mgr user changing the password for the contractor user on the windows 10 machine.

20

Video Shows: the contractor user accessing the file share and adding a new text file

20

Video Shows: the mgr user accessing the file share and deleting the new text file

20

Video talks through the required documentation.

20

WindowsAdministration/Lab04DelegationAndShares (last edited 2024-10-03 19:39:01 by scot)