Windows Server 2008 Active Directory
Windows Server 2008 Active Directory
Windows Server 2008 Active Directory
Active Directory
Active Directory
Active Directory is a Meta Data. Active Directory
is a data base which store a data base like your
user information, computer information and also
other network object info. It has capabilities to
manage and administrator the complete Network
which connect with AD.
What is domain
Windows NT and Windows 2000, a domain is a
set of network resources
(applications, printers, and so forth) for a group of
users. The user need only to log in to the domain
to gain access to the resources, which may be
located on a number of different servers in the
network. The 'domain' is simply your computer
address not to confused with an URL.
Domain controller
A Domain controller (DC) is a server that
responds to security authentication requests
(logging in, checking permissions, etc.) within
the Windows Server domain. A domain is a
concept introduced in Windows NT whereby a
user may be granted access to a number of
computer resources with the use of a single
username and password combination.
What is LDAP
Lightweight Directory Access Protocol LDAP is
the industry standard directory access
protocol, making Active Directory widely
accessible to management and
query applications. Active Directory supports
LDAPv3 and LDAPv2.
AD
Active Directory on Windows Server 2008
Requirements
An NTFS partition with enough free space (approx
200MB)
An Administrator's username and password
The correct operating system version (Standard, Enterprise
or Data Center)
A NIC
Properly configured TCP/IP (IP address, subnet mask
and - optional - default gateway)
A network connection (to a hub or to another computer
via a crossover cable)
An operational DNS server (which can be installed on
the DC itself)
A Domain name that you want to use
Brains (recommended, not required...)
Installation Of Active Directory
1. Log in as Administrator to
the Workgroup Computer.
2. Assign IP Address and
preferred DNS Server
Address.
3. Click Start, and then click
Run.
4. In the Run box, type
DCPROMO and then
click OK.
5. In Welcome to the Active
Directory Domain Services
Installation Wizard, click
Next.
Installation Of Active Directory
6. In
Operating
system
compatibili
ty Wizard
click Next.
Installation Of Active Directory
7. Select
Create a
new domain
in a new
forest and
click Next.
Installation Of Active Directory
8. Enter the DNS
Domain Name
(Ex:
MICROSOFT.C
OM) and click
Next.
Installation Of Active Directory
9. Select the
Forest
Functional Level
(Windows 2000)
and click Next.
Installation Of Active Directory
10. Select the
Domain
Functional
Level
(Windows
2000 Native)
and click
Next.
Installation Of Active Directory
12. Click Yes
to
continue.
13. On
Database
and log
locations
page, acce
pt the
default
locations
and click
Next.
Installation Of Active Directory
14. On Directory
Services
Restore Mode
Administrator
Password
page, enter
the password
and confirm
password
and click
Next.
Installation Of Active Directory
15. On
Summary
page, review
the Options
you selected
and Next.
Installation Of Active Directory
16. The Active
Directory
Installation starts
and check box
Reboot on
Completion.
17. Computer restarts
after the Installation
of Active Directory
Domain Services.
18. After restarting the
computer, Active
directory will be
installed.
Verification:
6. Log on to Member
Server SYS2 as
Administrator > Open
Network > Open
system name of DC
> Right click the
shared folder and
select Always
Available Offline.
Verification
1. Disconnect or Disable the Network
connection, and try to access the Shared
Folders from network and only SALES folder
will be visible and accessible.
2. Access the SALES folder & make some
modifications (Create some files in it).
3. Connect or Enable the Network
connection, then Right Click the shared folder
& click Sync.
4. Modifications will be updated on the shared
folder (In the server).
User Profiles
A Windows profile is simply a record of user-
related data characterizing a users computing
environment. This record may include display and
application settings, along with network
connections.
What the user sees on the screen and what the
user has access to when they log on is all
determined by how the system administrator has
the profile configured.
User Profiles
There are three different types of Windows
profiles
Local Profiles profiles that are saved on a single
computer. Users cannot access their profile from
any other machine, regardless of whether the
machine is attached to the network or not.
Roaming profiles are saved on the network so
when you log on to any networked computer, your
personalized desktop is loaded no matter what
machine you're on. Users have full freedom of
whats on their profile, which is convenient for
them, but can lead to problems such as slow log on
times and server crashes.
User Profiles
Mandatory Profiles: profiles that cannot be saved
from one session to the next.
A user may utilize any machine that is connected to
the network. However, once a user logs off, any
setting preferences made to the profile is
permanently lost and must be reinstated at every
log on.
This ensures a profile will remain small and easy to
manage
Profiles
Pre-requisites:
Before working on this lab, you must have
1. A computer running windows 2008 server
Domain Controller.
2. A computer running windows 2008 server or
Windows 7.
Configuring Local Profiles
1. Log on to Domain
Controller as
Administrator.
2. Go to Active
Directory Users and
Computers and create
Users (Ex:a1, a2).
Verification:
1. Login as User (a1) on
Client or Member
Server.
2. Right click Computer
> select
Properties, click
Advanced System
Settings.
Local Profiles
3. Select Settings of
User Profiles.
3. Click Settings of
User Profiles.
Verification
4. Verify for User
Profile type and
Status to be
Roaming.
5. Logoff this user
(a1)& login on
another computer
with the same user
(a1), we can see the
files which we have
created on first
computer.
Configuring Mandatory Profile
1. Configure a User (a1) Profile as
Roaming Profile and Login as the
User (a1) on a Client or Member
Server, Create some files on
Desktop and Log off.
2. Log on to Server (D.C) as
Administrator and Open the shared
folder roam.
3. In the shared folder you can find a
folder with the user name (a1).
4. When you try to open the folder a1
you will get an error You dont
currently have permission to
access this folder, click Continue.
5. Click Security tab.
14. On Database
and log
locations
page, accept the
default locations
and click Next.
15. Enter
Password and
Confirm
Password and
click Next.
16. On Summary
page, review the
Options you
selected, and
click Next.
17. After the
Active
Directory
Installation
wizard is
completed, the
n click FINISH.
18. Click Restart Now.