Scribd
Upload
243 views25 pages

3.1-2 Active Directory

Active Directory is a database and directory service that allows centralized management of users, groups, computers, and other network resources. It provides three primary object types - users and groups, services, and resources. When a user logs into an Active Directory network, they are authenticating with the Active Directory database. A domain controller runs Active Directory services and maintains a copy of the Active Directory database, replicating changes to other domain controllers. A domain is a logical grouping of computers that share the same Active Directory database. A forest consists of all the domains within an enterprise. Server roles define the major jobs a server can perform, and a domain controller typically only has the Active Directory and DNS server roles installed to avoid overloading the server.

Uploaded by

Wilkin Felisilda Simo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
243 views25 pages

3.1-2 Active Directory

Active Directory is a database and directory service that allows centralized management of users, groups, computers, and other network resources. It provides three primary object types - users and groups, services, and resources. When a user logs into an Active Directory network, they are authenticating with the Active Directory database. A domain controller runs Active Directory services and maintains a copy of the Active Directory database, replicating changes to other domain controllers. A domain is a logical grouping of computers that share the same Active Directory database. A forest consists of all the domains within an enterprise. Server roles define the major jobs a server can perform, and a domain controller typically only has the Active Directory and DNS server roles installed to avoid overloading the server.

Uploaded by

Wilkin Felisilda Simo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 25

INFORMATION SHEET 3.

1-2

ACTIVE DIRECTORY

LEARNING OBJECTIVES
After reading this INFORMATION SHEET, STUDENT(S) MUST be able to:

• Define briefly what Active Directory is,


• Describe what three primary types of objects that active directory provides.
• Describe what happens when you login in to active directory network.
• Define what domain controller is.
• Describe forest.
• Describe a domain.
• Define briefly what a server role is.
• Install active directory.

INTRODUCTION
In Windows NT, administrators were introduced to the concept of domains. Active
Directory Domain Services (AD DS) builds on that concept by creating a dynamic,
easily accessible structure through which directory and management information can
be stored and accessed centrally throughout an organization. By using AD DS, you
create a structure for managing your equipment and the people who use that
equipment, which is a helpful feature for all but the smallest of operations.

By using Active Directory as a whole, you have access to several management tools,
including Group Policy (GP), the ability to put groups inside groups multiple times,
and an online directory of users, computers, printers, and contacts that you can
access easily through the Windows user interface. Although you certainly can’t operate
a Windows-based network without Active Directory deployed.

In this information sheet, you are able to configure and install active directory.

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 1
09464485036
Revision # 01
What is Active Directory and Why Should I care?

Active Directory is the brain of a Window Server Network.


It is a database that keeps track of a huge amount of stuff and gives us a centralized
way to manage all our network machine, users, and resources.

Type of that active directory provides

• Users and groups


• Services (i.e. Email, etc.)
• Resources (Printer, Shared Folders, etc.)
These items are objects in the active directory database.

As a matter of fact, every time you login in to a corporate network, you’re using an
Active Directory.

What is Domain Controller?

• A domain controller is a machine that runs Active Directory Services.


• Think of it as a boss of your network.
• You may have multiple domain controller that all have copies of the same active
directory database.

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 2
09464485036
Revision # 01
Changes may made into one database to domain controllers talk back in fort. They
share changes that what they receive in a process called replication.

What is Domain?

It is a logical group of computers that share a central directory database. The machine
is all named with part of domain name like itsmeismael.com (also called a “suffix”) and
registered in the active directory database so they can be managed.

Forest is comprised of all the domains in your enterprise. Your forest may only one
domain.

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 3
09464485036
Revision # 01
Users are also part of “namespace”.

Example: Your email address is a part of domain namespace.


info@itsmeismael.com

Note: Email-like logins are also called “User Principle Names” when used to log into a
Server 2008 R2 network.

What is Server Role?


Server role is a major job that a server can perform.
It’s recommended that a server not have too many roles

A domain controller usually has only two roles:


a. Active directory domain services
b. Domain name services
If you are trying to create some other roles, you can use another domain controller to
prevent over population of roles in a single domain controller that may cause less
productivity.
Domain Name Service

• It is a service provided by a server that allows you to find other computers in


your network
• Allows you to type a friendly name of a machine instead of its IP address,
allowing your client to get the IP address from the DNS server and go find the
resources.

Note: Without DNS, Active Directory will not work. In Windows Sever 2008 R2, it’s
recommended that you integrate DNS with active directory.

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 4
09464485036
Revision # 01
INSTALLATION
1. Open Server Manager and click on roles, this will bring up the Roles Summary
on the right side where you can click on the Add Roles link.

Figure 1: Selecting role in Server Manager

2. Select server role. Check Active Directory Domain Services then click install
(see Figure 1.1) from the list, you will be told that you need to add some
features, click on the Add Required Features (see Figure 2.2) button and click
next to move on.

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 5
09464485036
Revision # 01
Figure 2.1: Selecting server role

Figure 2.2: Add features requirements


Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 6
09464485036
Revision # 01
3. A brief introduction to Active Directory will be displayed as well as a few links to
additional resources, you can just click next to skip past here and click install
to start installing the binaries for Active Directory.

Figure 3: Confirm installation

4. When the installation is finished you will be shown a message of successful


configuration, just click Close.

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 7
09464485036
Revision # 01
Figure 1.5 Installation Result

CONFIGURATION

1. Open Server Manager, expand Roles (click +) and click on Active Directory
Domain Services. On the right side click on the Run the Active Directory
Domain Services Installation Wizard (dcpromo.exe) link that show in Figure
1.6a or you can use an alternative method shows in Figure 1.6b.

Figure 1.6a Setting up active directory domain services


Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 8
09464485036
Revision # 01
Figure 1.6b Using dcpromo.exe

2. It will show another wizard, this time to configure the settings for your domain,
click next to continue.

Figure 1.7 Active Directory Domain Services Installation Wizard

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 9
09464485036
Revision # 01
3. The message that is shown now relates to older clients that do not support the
new cryptographic algorithms supported by Server 2008 R2, these are used by
default in Server 2008 R2, click next to move on.

Figure 1.8 Operating System Compatibility

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 10
09464485036
Revision # 01
4. Choose to create a new domain in a new forest.

Figure 1.9 Deployment Configuration

5. Now you can name your domain, in this lesson, I will be using a .com suffix

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 11
09464485036
Revision # 01
Figure 1.10 Naming the forest root domain

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 12
09464485036
Revision # 01
6. Change forest functional level to Server 2008 R2.

Figure 1.11 Set forest functional level

7. Include DNS in our installation as this will allow us to have an AD Integrated


DNS Zone, when you click next you will be prompted with a message just click
yes to continue.

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 13
09464485036
Revision # 01
Figure 1.12 Additional domain controller options

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 14
09464485036
Revision # 01
8. A delegation for this DNS server cannot be created because the authoritative
parent zone cannot be found or it does not run Windows DNS server. If you are
integrating with an existing DNS infrastructure, you should manually create a
delegation to this DNS server in the parent zone to ensure reliable name
resolution from outside the domain “itsmeismael.com”. Otherwise, no action is
required.

If you are installing a forest root domain controller that is using Active
Directory-integrated DNS, you typically do not need to be concerned about this
warning message.

Figure 1.13 A warning message for active directory domain service installation

9. You will need to choose a place to store log files, it is a best practice to store the
database and SYSVOL folder on one drive and the log files on a separate drive,
but since this is in a lab environment, just leave them all on the same drive.

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 15
09464485036
Revision # 01
Figure 1.14 Location for database, Log Files, and SYSVOL

10. Assign password for Administrator account that will be used when this domain
controller is started in Directory Service Restore Mode.

Choose a STRONG Active Directory Restore Mode Password and click next twice
to continue the configuration.

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 16
09464485036
Revision # 01
Figure 1.15 Directory Services Restore Mode Administrator’s Password

11. Review the summary of the configure services

Review Summary

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 17
09464485036
Revision # 01
12. You will be able to see what components are being installed by looking in the
following box. If the reboot on completion check box was not checked you will
proceed to manual reboot shows in Figure 1.16b

Figure 1.16a Completing active directory domain services

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 18
09464485036
Revision # 01
Figure 1.16b Completing the Active Directory Domain Services Installation Wizard

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 19
09464485036
Revision # 01
TASK SHEET 3.1-2

Title: Install active directory

Performance Objective: Given are the following materials, you should


be able to install active directory. Allotted time 30 minutes.

Supplies/Materials :

Equipment : Computer with Windows Server 2008 R2

Prerequisites:
Steps/Procedure:
1. Read information sheet 3.1-2 Installing active directory
2. Install active directory
3. Prepare for installation
4. Create domain name and password
Where
Domain name = css.com
Password = _admin@123
5. Specify the preferred DNS server
6. Add the Active Directory Domain Services role
7. Install active directory domain ser
8. vices

Assessment Method:
Demonstration, Observation

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 20
09464485036
Revision # 01
Performance Criteria Checklist 3.1-2

Trainee’s Name: _____________________________________ Date: ______________________


During the performance of the task, did you consider the following criteria?

Grade Point
Equivalent
NO
Highest
CRITERIA YES Possible Score =
5
Lowest Possible
Score = 0
Did the trainee…
1. Installed and configured active
directory correctly.
2. Used proper domain name
suffix
3. Applied and Performed
occupational health safety
procedures
4. Performed and followed
completely the given tasks?

Total Points

Total Items

Signature of the Trainee/Learner

Signature of the Trainer

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 21
09464485036
Revision # 01
Grade Point Equivalent

The table shows the equivalent points that are used and show how they are calculated
to determine the grade point average (GPA), or index.
The highest equivalent points that trainer can give is 5 points per criterion and the
lowest is 0. If the trainee/learner accumulate scores with below two (2) grade point
equivalent, she/he needs to retake the whole given task.

Grade Point Explanation


Equivalent

5 Excellent

4 Very Good

3 Good

2 Average

1 Poor

0 Failure

TERMS AND DEFINITIONS

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 22
09464485036
Revision # 01
Active Directory - is the brain of a Window Server Network. It is a database
that keeps track of a huge amount of stuff and gives us a centralized way to
manage all our network machine, users, and resources.
Domain controller is a machine that runs Active Directory Services.
Domain is a logical group of computers that share a central directory database.
The machine is all named with part of domain name like itsmeismael.com (also
called a “suffix”) and registered in the active directory database so they can be
managed.
Forest is comprised of all the domains in your enterprise. Your forest may only
one domain.
Server role is a major job that a server can perform.

Domain Name Service is a service provided by a server that allows you to find
other computers in your network

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 23
09464485036
Revision # 01
REFERENCES

https://www.howtogeek.com/99323/installing-active-directory-on-server-2008-
r2/

https://blogs.technet.microsoft.com/activedirectoryua/2011/07/07/a-
delegation-for-this-dns-server-cannot-be-created-because-the-authoritative-
parent-zone-cannot-be-found-or-it-does-not-run-windows-dns-server/
http://cssnctwo.weebly.com/
https://www.techrepublic.com/blog/data-center/ten-first-steps-with-windows-
server-2012/
http://dailytechnotips.blogspot.com/2013/06/
https://www.howtogeek.com/99323/installing-active-directory-on-server-2008-
r2/
http://www.informit.com/articles/article.aspx?p=1912064&seqNum=9
https://www.scribd.com/document/367154163/3-1-4-Installing-Active-
Directory
https://www.scribd.com/document/367154163/3-1-4-Installing-Active-
Directory
https://www.techrepublic.com/article/solutionbase-configuring-a-honeypot-
for-your-network-using-kf-sensor/
http://tekbloq.com/2017/05/12/install-an-additional-active-directory-domain-
controller-with-windows-server-2008-r2/
http://www.storegrid.co.za/help-pages-online/hp-help/PageHelp/disk-imag e-
backup-settings.html
http://techgenix.com/running-windows-server-2008-r2-installing-creating-lab-
domain-controller-part1/
https://messaging24x7.wordpress.com/
https://examkey.files.wordpress.com/2014/10/system-admin-manual-edition-
upload.pdf
https://docs.oracle.com/cd/E19164-01/820-0820/IDE_intro.html
http://portal.sivarajan.com/2016/10/windows-server-2016active-
directorypart1.html
Empty
https://www.itprotoday.com/active-directory/avoid-active-directory-mistakes-
windows-server-2008
https://www.scribd.com/document/367154163/3-1-4-Installing-Active-
Directory
https://www.theitblogs.com/setup-active-directory-on-windows-server-2016-
core/
https://www.howtogeek.com/99323/installing-active-directory-on-server-2008-
r2/
https://www.scribd.com/document/367154163/3-1-4-Installing-Active-
Directory
Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 24
09464485036
Revision # 01
https://www.codeproject.com/articles/36200/how-to-setup-windows-server-
2008-domain-controller
https://2k8server.blogspot.com/
https://andz88.wordpress.com/tag/active-directory/
https://www.baruch.cuny.edu/confluence/display/undergraduatebulletinsprin
g14/Letter+Grades+and+Grade+Point+Equivalents
https://www.facebook.com/cssnc2/videos/760116857465002/

Developed by
Document No.
Setup computer server Version 1.1.2019
Learning Outcome 3.2 ISMAEL MANIC BALANA Page
Active Directory www.facebook.com/itsmeismael 25
09464485036
Revision # 01

You might also like