1.1-1 COMPUTER HARDWARE
1.1-2 SYSTEM'S SPECIFICATION
1.1-3 COMPUTER SYSTEM DESIGN
1.1-4 ASSEMBLE COMPUTER HARDWARE
1.1-5 STORAGE AND IO DEVICES
1.1-6 BIOS VS UEFI
INTRODUCTION TO SERVER
|
SERVER
|
ACTIVE DIRECTORY
LEARNING OBJECTIVES:
After reading this INFORMATION SHEET, STUDENT(S) MUST be able to:
By using Active Directory as a whole, you have access to several management tools, including Group Policy (GP), the ability to put groups inside groups multiple times, and an online directory of users, computers, printers, and contacts that you can access easily through the Windows user interface. Although you certainly can operate a Windows-based network without Active Directory deployed in some form, you lose out on a lot of functionality.
What is Active Directory and Why Should I care?
Active Directory is the brain of a Window Server Network.
It is a database that keeps track of a huge amount of stuff and gives us a centralized way to manage all our network machine, users, and resources.
Type of that active directory provides
As a matter of fact, every time you login in to a corporate network, you’re using an Active Directory.
What is Domain Controller?
What is Domain?
It is a logical group of computer that share a central directory database. The machine are all named with part of domain name like itsmeismael.com (also called a “suffix”) and registered in the active directory database so they can be managed.
Forest is comprised of all the domains in your enterprise. Your forest may only one domain.Users are also part of “namespace”.
Example: Your email address is a part of domain namespace.
[email protected]
Note: Email-like logins are also called “User Principle Names” when used to log into a Server 2008 R2 network.
What is Server Role?
Server role is a major job that a server can perform.
It’s recommended that a server not have too many roles
A domain controller usually has only two roles:
After reading this INFORMATION SHEET, STUDENT(S) MUST be able to:
- Define briefly what Active Directory is,
- Describe what three primary types of objects that active directory provides.
- Describe what happens when you login in to active directory network
- Define what domain controller is.
- Describe forest.
- Describe a domain.
- Define briefly what a server role is.
- Install active directory.
By using Active Directory as a whole, you have access to several management tools, including Group Policy (GP), the ability to put groups inside groups multiple times, and an online directory of users, computers, printers, and contacts that you can access easily through the Windows user interface. Although you certainly can operate a Windows-based network without Active Directory deployed in some form, you lose out on a lot of functionality.
What is Active Directory and Why Should I care?
Active Directory is the brain of a Window Server Network.
It is a database that keeps track of a huge amount of stuff and gives us a centralized way to manage all our network machine, users, and resources.
Type of that active directory provides
- Users and groups
- Services (i.e. Email, etc.)
- Resources (Printer, Shared Folders, etc.)
As a matter of fact, every time you login in to a corporate network, you’re using an Active Directory.
What is Domain Controller?
- A domain controller is a machine that runs Active Directory Services.
- Think of it as a boss of your network.
- You may have multiple domain controller that all have copies of the same active directory database.
What is Domain?
It is a logical group of computer that share a central directory database. The machine are all named with part of domain name like itsmeismael.com (also called a “suffix”) and registered in the active directory database so they can be managed.
Forest is comprised of all the domains in your enterprise. Your forest may only one domain.Users are also part of “namespace”.
Example: Your email address is a part of domain namespace.
[email protected]
Note: Email-like logins are also called “User Principle Names” when used to log into a Server 2008 R2 network.
What is Server Role?
Server role is a major job that a server can perform.
It’s recommended that a server not have too many roles
A domain controller usually has only two roles:
- Active directory domain services
- Domain name services
- Is a service provided by a server that allows you to find other computer in your network
- Allows you to type a friendly name of a machine instead of its IP address, allowing your client to get the IP address from the DNS server and go find the resources.
oU,USER AND COMPUTER ACCOUNT
ORGANIZATIONAL UNIT
An organization Unit is a container that holds AD Object like User Accounts, Computer Accounts, and Groups.
OUs help to keep your objects organized, but also are used to control what your Users can and can’t do (among the other things)
We’ll start off building a few OUs so our Users and Computer Accounts will have a place to live.
You can organize OUs:
DSADD is a command-line option that will allow you to create users with commands.
Syntax:
dsadd user ”cn=Username,ou=OUName, dc=YOurndomain, dc=yoursuffix”
Example
dsadd user “itsmeuser, ou=CSSStudents, dc=css, dc=com”
If you are going to add users’ complete name use the following syntax.
dsadd user “itsmeuser, ou=CSSStudents, dc=css, dc=com “ –fn Ismael –ln Balana –pwd css_2016 –mustpwd no
If you want fast and easy creation of users just use the following codes, but this time you need type the codes using Notepad or any equivalent text editor.
1. Open notepad or notepad++ > then type an example shown below
Syntax:
dsadd user “cn=%1, ou=OUName, dc=YourDomain, dc=YourSuffix” –fn%2 –ln%3 –pwd Password –mustchpwd yes
Example:
dsadd user “cn=%1, ou=CSSUsers, dc=itsmeismael, dc=com” –fn%2 –ln%3 –pwd css_2016 –mustchpwd yes
2. Save it as “addUsername.bat” in accessible directory.
3. Open command line, navigate to the directory where the script resides and type:
Syntax
addOUName username firstname lastname
Example:
addCSSUsers itsmeismael Ismael Balana
4. Open server manager OU’s destination and check the result
COMPUTER ACCOUNTS
OU VS GROUP
OU’s keep your object organized and are used to control what users and computers can and can’t do.
Groups are active directory objects that allow you to provide and deny access to resources like printer folder en masse. Groups are reside in organizational unit.
An organization Unit is a container that holds AD Object like User Accounts, Computer Accounts, and Groups.
OUs help to keep your objects organized, but also are used to control what your Users can and can’t do (among the other things)
We’ll start off building a few OUs so our Users and Computer Accounts will have a place to live.
You can organize OUs:
- Geographically
- By function (Departments. etc.)
- But remember to KISS as much as you’re able to! Keep it Simple, Sysadmin
- it allow users to access network resources
DSADD is a command-line option that will allow you to create users with commands.
Syntax:
dsadd user ”cn=Username,ou=OUName, dc=YOurndomain, dc=yoursuffix”
Example
dsadd user “itsmeuser, ou=CSSStudents, dc=css, dc=com”
If you are going to add users’ complete name use the following syntax.
dsadd user “itsmeuser, ou=CSSStudents, dc=css, dc=com “ –fn Ismael –ln Balana –pwd css_2016 –mustpwd no
If you want fast and easy creation of users just use the following codes, but this time you need type the codes using Notepad or any equivalent text editor.
1. Open notepad or notepad++ > then type an example shown below
Syntax:
dsadd user “cn=%1, ou=OUName, dc=YourDomain, dc=YourSuffix” –fn%2 –ln%3 –pwd Password –mustchpwd yes
Example:
dsadd user “cn=%1, ou=CSSUsers, dc=itsmeismael, dc=com” –fn%2 –ln%3 –pwd css_2016 –mustchpwd yes
2. Save it as “addUsername.bat” in accessible directory.
3. Open command line, navigate to the directory where the script resides and type:
Syntax
addOUName username firstname lastname
Example:
addCSSUsers itsmeismael Ismael Balana
4. Open server manager OU’s destination and check the result
COMPUTER ACCOUNTS
- Allow AD to keep track and control the computers in your network. A computer without an Account in AD can’t access the network –it’s security measure.
- It resides in OU’s which allow you to install software to all machines in OU at once.
- When you are going to join a computer in your domain (you’ll need Admin level credentials)
- A computer account is automatically created in AD.
OU VS GROUP
OU’s keep your object organized and are used to control what users and computers can and can’t do.
Groups are active directory objects that allow you to provide and deny access to resources like printer folder en masse. Groups are reside in organizational unit.
JOIN DOMAIN
FOLDER REDIRECTION
Folder Redirection allows you as an administrator to point a number of special folders, such as Documents, Music and Downloads, to locations of your choice. The most common use of this is to locate folders such as My Documents on a network share so that it can be centrally backed up.
As of Windows Server 2008 R2, the folders you can redirect are as follow
One of the most useful things you can do is redirecting the Documents folder (or My Documents for Windows XP and earlier). This allows you to store a user’s files on a network share, rather than in their local user profile. This has a number of advantages, including allowing you to back up these files centrally, and giving users access to their files even if they log on to a number of different computers. You can couple Folder Redirection with Offline Files to ensure that people can continue to work on their files even when they are not connected to your network.
As of Windows Server 2008 R2, the folders you can redirect are as follow
- AppData (Roaming)
- Desktop
- Start Menu
- Documents
- Pictues
- Music
- Video
- Favourites
- Contacts
- Downloads
- Links
- Searches
- Saved Games
One of the most useful things you can do is redirecting the Documents folder (or My Documents for Windows XP and earlier). This allows you to store a user’s files on a network share, rather than in their local user profile. This has a number of advantages, including allowing you to back up these files centrally, and giving users access to their files even if they log on to a number of different computers. You can couple Folder Redirection with Offline Files to ensure that people can continue to work on their files even when they are not connected to your network.
REMOTE DESKTOP AND APPLICATION
GROUP POLICY
What is Group Policy
Every Windows computer has a Local group policy to control what can be done on it and what is restricted, but you don’t want to go around to all the computers in your Domain and configure all the settings manually.
You want to join the rest of the world and administer Group policy from Active directory.
Local scenario
Advantage
Advantage
We can create a Group Policy Object easily, but we have to link it to the appropriate container (usually an OU) before it takes effect on the Users and/or Computers.
A single GPO can be linked to multiple containers so you can re-use it again.
Group policy has two sides
Each side of group policy has policies and *NEW preferences.
Generally, we create separate GPO’s for Users and Computers
- Contains Settings that can be configured to control what’s happening with Users and Computers.
- There are literally thousands of different settings that can be configured inside of each GPO.
- GPOs are use with containers (Domains, Sites, and OUs), but are not applied to group
Every Windows computer has a Local group policy to control what can be done on it and what is restricted, but you don’t want to go around to all the computers in your Domain and configure all the settings manually.
You want to join the rest of the world and administer Group policy from Active directory.
Local scenario
Advantage
- You can configure each computer separately using Local policy
- But configuring 30 or more machine using local policy it is too redundant and too time consuming.
Advantage
- Configuring all machines at once from the comfort of your desk.
- Less time to configure all machines.
- Down of a server may affects all the connected machines
We can create a Group Policy Object easily, but we have to link it to the appropriate container (usually an OU) before it takes effect on the Users and/or Computers.
A single GPO can be linked to multiple containers so you can re-use it again.
Group policy has two sides
- User
- Computers
Each side of group policy has policies and *NEW preferences.
Generally, we create separate GPO’s for Users and Computers
ROAMING PROFILE
DHCP SERVER
PRINTER DEPLOYMENT
WINDOWS SERVER BACK UP