22
Active Directory User Manual xxxxx Fall 201x IT255 – Operating Systems II Instructor: Instructor??

Active Directory User Manual

Embed Size (px)

Citation preview

Page 1: Active Directory User Manual

Active Directory User Manual xxxxx

Fall 201x

IT255 – Operating Systems II Instructor: Instructor??

Page 2: Active Directory User Manual

Tim Williams

Table of Contents

Active Directory User Manual

Introduction

Introduction............................................................................................................ 4

Unit 1 Describe Familiarity with Active Directory

Description............................................................................................................. 5

Assignment ............................................................................................................. 6

Unit 2 New Active Directory Concept Learned

Description............................................................................................................. 8

Assignment ............................................................................................................. 9

Unit 3 Create Table of Contents

Description............................................................................................................. 10 Unit 4 Submit Manual for Review

Description............................................................................................................. 11

Unit 5 Active Directory Command Line

Description............................................................................................................. 12

Assignment ............................................................................................................. 13

Unit 6 Part 1 Discussion - Multiple-Choice Questions

Description............................................................................................................. 15

Assignment ............................................................................................................. 16

Unit 6 Part 2 LabSim Concept Learned

Description............................................................................................................. 17

Page 3: Active Directory User Manual

- 3 -

Assignment ............................................................................................................. 18 Unit 7 Submit Manual for Review

Description............................................................................................................. 19

Unit 8 LabSim Concept Learned

Description............................................................................................................. 20

Assignment ............................................................................................................. 21

Conclusion

Conclusion.............................................................................................................. 22

Page 4: Active Directory User Manual

- 4 -

INTRODUCTION This manual is designed to describe what the instructor hopes I, Tim Williams, have learned

from the IT255 Operating System II class. By adding content from each of the units/weeks

involved in the class, the hope is that this manual will help me in the future. Perhaps in the

future it will come in handy when questions arise on a particular topic. Since this manual

focuses on difficult and/or interesting topics I’ve come across in the class, perhaps it will be of

future use. It is not intended as a comprehensive guide or a complete reference to topics

discussed in the class. It is strictly intended as a subjective reference guide by the author and for

the author. Any use beyond an educational purpose is strictly prohibited.

Page 5: Active Directory User Manual

- 5 -

UNIT 1 – Description – (Describe Familiarity with Active Directory)

Describe your familiarity with Active Directory through an actual work environment, education, or your own personal use. If you are not currently familiar with Active Directory, you can describe how it would be of help to an organization that does use it. You must discuss at least two Active Directory components in this paper and make at least two references back directly to content from LabSim for this unit in your response. Grading will be based on addressing this assignment by using appropriate technical content in addition to proper spelling, grammar, organization, and readability of your paper.

Page 6: Active Directory User Manual

- 6 -

UNIT 1 – Assignment – (Describe Familiarity with Active Directory) I can’t say I have a lot of familiarity with Active Directory directly. I haven’t really worked in it

to configure much. It would consider this feature to be one of those features I know a little about

overall. I do remember back in the 90s when MS announced Active Directory for WinNT5

(Win2K). At the time there was a feature in use called Novell NDS that most IT folks used and

thought MS was maybe just finally catching up when and if Active Directory lived up to the

hype. I didn’t do much in the way of network config, but worked with Domino as a RAD tool.

It was fairly easily to configure for user access to the server, so in most cases we just passed over

any other network user tool and even WinNT directory and stayed in the Domino domain. It

seems that with the advent of more Active Directory tools and features, the one feature I’d like to

determine, is if I can create single-sign-on through Domino on a Win2K8 server or not? So far, I

haven’t had success doing this. I would think there’d be a direct solution to access a server, like

Domino, running on the Win2K8 box. If you know of something, not third party, please let me

know. From my experience, MS doesn’t make things easy for anything if you are using

something other than a MS tool.

Most of my experience with Active Directory has come in the form of ADDS, and more

particularly with Group Policy Settings. This tool is very powerful and I believe most IT folks

are utilizing it. However, my experience is they are abusing the power of it. Just because one

can lock down every aspect of a users machine, doesn’t mean one should. Especially with

regards to the GP and Internet Explorer, IT folks have locked the entire browser down, not

realizing that MS designed IE to have separate settings already configured inside it. Trusted

Sites should not be treated like the Internet Sites and have the same config. The whole purpose

Page 7: Active Directory User Manual

- 7 -

of GP is to push out universal settings to users machines so they have a similar experience. If

that experience is a bad one, then in my opinion, the IT folks have failed their users.

Page 8: Active Directory User Manual

- 8 -

Unit 2 – Description – (New Active Directory Concept Learned)

You will continue your Active Directory User manual by typing a 1/2 page paper in which you

recall a new concept you learned during a lab(s) in this unit that you want to take with you in

your user manual. Report which lab(s) you based your comments on and make at least two

direct references back to LabSim content. Copy your response into a new page of your existing

Active Director User Manual started in Part B of the Unit 1 Assignment (do not submit it here).

You will submit a draft of your user manual later in Unit 4. Be sure to note Unit 2 Assignment

as the heading for this section of your user manual.

Grading will be based on addressing this assignment by using appropriate technical content in

addition to proper spelling, grammar, organization, and readability of your paper.

This document is the start of your user manual that will be ultimately submitted in Unit 11 as

your Learner Outcome project for this course with drafts submitted in Units 4 and 8. In Unit 11,

you will be shown how to add your Active Directory User Manual to your eFolio

Page 9: Active Directory User Manual

- 9 -

Unit 2 – Assignment – (New Active Directory Concept Learned)

I can’t think of anything really new or memorable about these labs. I did like seeing the “cost”

option for prioritizing replication. I had heard of this but never seen it. I find it kind of funny

MS puts a cost on replication unstead of prioritizing it. I’d think scheduling would solve the cost

question adequately. I guess they feel the “cost” option is for lazy IT folks instead of properly

configuring a replication schedule and actually knowing their network. The only useful

application of “cost” I can see is if it would determine when replication occurs or doesn’t based

on network utilization between the two sites. I didn’t see where this was its purpose.

Page 10: Active Directory User Manual

- 10 -

Unit 3 – Description – (Table of Contents)

Add a table of contents to your Active Directory User Manual that lists the first two assignments

and leaves room to add the remaining assignments as they are added. Do not submit it here yet.

You will submit a draft of your user manual later in Unit 4. Place your Table of Contents on a

fresh page after the manual's title page.

Page 11: Active Directory User Manual

- 11 -

Unit 4 – Description – (Submit Work for Review)

Use the link above to submit your running user manual started back in Unit 1. This assignment

is an opportunity for me to check your progress and provide feedback for continuing this project.

At this point, you should have at least content documented in your user manual from Units 1-4.

Page 12: Active Directory User Manual

- 12 -

Unit 5 – Description – (Active Directory Command Line)

Our discussion board in this unit gave us a chance to share command line ideas with each other.

Start a new page in your Active Directory User Manual. Type “Unit 5 Assignment” at the top.

First, copy in your discussion board contribution. Next, add a dividing line then copy in another

student's post that you found the most helpful or interesting. Be sure to note which student's post

you used. Do not submit your user manual here yet. You will submit a second draft of your user

manual later in Unit 8. Be sure to update your table of contents.

Page 13: Active Directory User Manual

- 13 -

Unit 5 – Assignment – (Active Directory Command Line)

For a new user I don't really see many of these command line options being used. You'd only be

using these out of necessity; the need for speed. However, one command line option I thought

would be very valuable would be the CSVDE command. This allows you to take a .csv file and

import users into the system. It also lets you bulk export data to .csv. This would be particularly

helpful if you are creating a new server domain or porting one domain to another. You could

export all the users, tweak any changes you wanted in the .csv, then import it into the other

domain. I've used similar techniques when creating/migrating from/to a Domino environment.

In fact, I currently offer our customers the ability to read in a .csv for keeping users up-to-date

from their Active Directory to their Domino environment if they wish to. This feature has been

used in the past especially when bringing a new customer online using my software.

You need to use the -i switch to specify that's it's an import mode file. Also, using the -m switch

keeps all the specific Active Directory stuff out of the file. This is especially useful for porting

names to a different server platform. There are a lot of switches, many I didn't know about.

Here's a link displaying them:

http://technet.microsoft.com/en-us/library/cc732101(v=ws.10).aspx

Andrew Havlovick-AP

11/7/12 6:54 PM

One of my favorite Windows commands is the "shutdown" command. I installed Windows

Server 2012 on a VM last week and could not for the life of me find the power menu (which was

silly of me, considering that I had just installed Windows 8 on my desktop and it's in exactly the

same spot, on the menu that pops up from moving the mouse in the either the upper or lower-

Page 14: Active Directory User Manual

- 14 -

right corner), so it was the shutdown command to the rescue! A favorite shortcut of mine is

"Windows Key + R", which opens the "Run" window, and then from there typing "cmd" to open

a command prompt. The most common switches I use are "shutdown /s", which shuts the

computer down after displaying a warning and waiting for an about 30-second time-out , and

"shutdown /r", which does the same shut down but then restarts the computer. Typing "shutdown

/?" opens the help for this command. Although I haven't tried them, I am curious to try the

"shutdown /a" command to abort a shutdown during the time-out period, and "shutdown /p" to

shut down with no warning whatsoever.

Page 15: Active Directory User Manual

- 15 -

Unit 6 Part 1 – Discussion Board – Description – (Multiple-Choice Question)

Post: To help each other review material covered in the first six units, please develop a multiple choice question (four answer options) of your design from the material in our textbook or LabSims contained in the first six units. Post your question (without the answer) to this discussion board by Thursday. When you develop your question, note the location of the solution. Also prepare an explanation as to why the solution option is correct and why the each of the other solutions options is not correct. Post only the question (not the location or solution) by Thursday. Please be unique. Here is an example of the format used for designing multiple choice questions (b is the correct answer). Example: Which NTFS standard permission for folders and files grants the same permissions as Read and includes the ability to run applications or scripts? a. Write b. Modify c. Read & execute d. Full Control Post your original thread by Thursday (5 points) Respond: Part 1: Respond to at least two other students' question posts by Sunday. Provide a solution, explanation as to why that solution option is correct, and why each of the other options is not correct. (2 points for the first reply and 3 points for the second) Part 2: As late in the day Sunday as possible, reply to your own post providing your solution, location of the solution in the text or LabSim, explanation of why the solution option is correct and why each of the other options is not correct. Part 3: For your running user manual, start a new page title Unit 6 Discussion Board, copy in your question, location, solution, and explanations. Also copy in the question, location, solution, and explanations from another student that contained something new that you learned or something you found particularly interesting. Be sure to note the name of the student whose material you used. Since solutions are not being posted until Sunday, you can have a couple of days into Unit 7 to complete this part of your user manual. Update your table of contents for this entry. Please include your name in the subject line of your post. Spelling, grammar, relevance, and completeness will all be taken into account when grading your discussion contributions.

Page 16: Active Directory User Manual

- 16 -

Unit 6 Part 1 – Discussion Board – Assignment – (Multiple-Choice Question)

Your manager has asked you to create a large number of new users. You have access to a comma-separated value (csv) file of all the user information. What tool/command would you use to import this information to create user accounts? a. Dsadd b. Csvde c. Mkppl d. Klist "a" is not correct. It is a command line tool, but only for adding individual users to the directory. "b" is the correct answer because CSVDE is the command line tool for importing users into the system using a comma-separated file (CSV). See p. 192-193 of MCTS Guild to Microsoft Windows Server 2008 Active Directory Configuration by Greg Tomsho. "c" is not correct. There is no "MKPPL" command. "d" is not correct. This tool is used in conjunction with Kerberos tickets or event tickets in the system. It does not import users. Ansony Waters-WJ

Which of the following is an account type found in Active Directory? a. Domain thicket account b. Computer account c. Local user account d. GPO The answer is Computer account. Local User Account is only found locally, and the other two

are not accounts. (Thicket is just a play on forest.) I made the question from knowledge from

chapter 3 of our textbook.

Page 17: Active Directory User Manual

- 17 -

Unit 6 Part 2 – Description – (LabSim Concept Learned)

You will continue your Active Directory User manual by typing a 1/2 page paper in which you

recall a new concept you learned during a lab(s) in this unit that you want to take with you in

your user manual. Report which lab(s) you based your comments on and make at least two

direct references back to LabSim content. Copy your response into a new page of your existing

Active Director User Manual started in Part B of the Unit 1 Assignment (do not submit it here).

You will submit a draft of your user manual later in Unit 8. Be sure to note Unit 6 Assignment

as the heading for this section of your user manual and to update your table of contents.

Grading will be based on addressing this assignment by using appropriate technical content in

addition to proper spelling, grammar, organization, and readability of your paper.

This document is the start of your user manual that will be ultimately submitted in Unit 10 as

your Learner Outcome project for this course with drafts submitted in Units 4 and 7. In Unit 10,

you will be shown how to add your Active Directory User Manual to your eFolio.

Page 18: Active Directory User Manual

- 18 -

Unit 6 Part 2 – Assignment – (LabSim Concept Learned)

I enjoyed the content from LabSim 6.6.3. It contained information on setting password

preferences, including length of passwords, minimum length, how long a password can be kept,

and also complexity requirements. One item I’ve come across in my own experience is trying to

re-use an old password and being stopped from doing this. This module addressed how and

where that is set. It also touched on account lockout due to typing in the wrong password

repeatedly. I didn’t know exactly where this was located before and how it related to the Group

Policy settings. It was good to see it in action in LabSim 6.6.3 and 6.6.4 and get some

experience changing the settings.

Page 19: Active Directory User Manual

- 19 -

Unit 7 – Description – (Submit Work for Review)

Use the link above to submit your running user manual started back in Unit 1. This assignment

is a opportunity for me to check your progress and provide feedback for continuing this project.

At this point, you should have at least lab work documented in your user manual from Units 1-7.

(25 points, due Sunday)

Page 20: Active Directory User Manual

- 20 -

Unit 8 – Description – (LabSim Concept Learned)

You will continue your Active Directory User manual by typing a 1/2 page paper in which you

recall a new concept you learned during a lab(s) in this unit that you want to take with you in

your user manual. Report which lab(s) you based your comments on and make at least two

direct references back to LabSim content. Copy your response into a new page of your existing

Active Directory User Manual started in Part B of the Unit 1 Assignment (do not submit it here).

You will submit the final version of your user manual later in Unit 10. Be sure to note Unit 8

Assignment as the heading for this section of your user manual and to update your table of

contents.

Grading will be based on addressing this assignment by using appropriate technical content in

addition to proper spelling, grammar, organization, and readability of your paper.

This document is the start of your user manual that will be ultimately submitted in Unit 10 as

your Learner Outcome project for this course with drafts submitted in Units 4 and 7. In Unit 10,

you will be shown how to add your Active Directory User Manual to your e-Folio.

Page 21: Active Directory User Manual

- 21 -

Unit 8 – Assignment – (LabSim Concept Learned)

In LabSim labs 2.4.5 and 2.4.6 I needed to add “A” and “CNAME” records. These are host and

aliases records for a zone. They allow users the ability to go to a zone multiple ways. This is

particularly helpful if you want to type in “intranet” in your browser and it takes you to the

intranet page, which could be a long address. So instead of typing in the long address, you just

type in “intranet” and it resolves correctly. I didn’t know where these values/records were

created before and now I know. My company uses this a lot and it’s nice to know how these

links work.

Page 22: Active Directory User Manual

- 22 -

CONCLUSION

In LabSim labs 2.4.