Windows 2003 L2 Training

Leave a comment

August 26, 2011 by Rakesh Boraiah


Creating User and Computer accounts from the Command Line

Description:  create a user by name Jack and Computer name as Comp1 in a OU called Training for the domain Home.com

Steps: Enter into the command line and type the following commands

C:>net user ramesh password /add /domain

C:>dsadd ou “ou=training,dc=home,dc=com”

C:>dsadd user “cn=jack,ou=training,dc=home,dc=com

C:>dsadd computer “cn=comp1,ou=training,dc=home,dc=com

Creating Bulk user accounts using CSVDE and LDIFDE

Description:  Create 5 user accounts in a Training OU of Home.com out of which make 3 users as enabled and remaining 2 users as disabled by default after creation by using CSVDE and LDIFDE methods

Steps: CSVDE Method

Create a file as test.csv in the notepad with the following contents

DN,OBJECTCLASS,DISPLAYNAME,USERPRINCIPLENAME,SAMACCOUNTNAME, USERACCOUNTCONTROL

“cn=user1,ou=training,dc=Home,dc=com”,user,user1,user1@Home.com,user1,512

“cn=user2,ou=training,dc=Home,dc=com”,user,user2,user2@Home.com,user2,512

“cn=user3,ou=training,dc=Home,dc=com”,user,user3,user3@Home.com,user3,512

“cn=user4,ou=training,dc=Home,dc=com”,user,user4,user4@Home.com,user4,514

“cn=user5,ou=training,dc=Home,dc=com”,user,user5,user5@Home.com,user5,514

Run the following command from the command line

C:>csvde –i –v –f test.csv

LDIFDE Method

Create a file as TEST.ldf in the notepad with the following contents

DN:cn=user1,ou=training,dc=Home,dc=com

OBJECTCLASS:user

DISPLAYNAME:user1

USERPRINCIPLENAME:user1@Home.com

SAMACCOUNTNAME:USER1

USERACCOUNTCONTROL:512

DN:cn=user2,ou=training,dc=Home,dc=com

OBJECTCLASS:user

DISPLAYNAME:user2

USERPRINCIPLENAME:user2@Home.com

SAMACCOUNTNAME:user2

USERACCOUNTCONTROL:512

DN:cn=user3,ou=training,dc=Home,dc=com

OBJECTCLASS:user

DISPLAYNAME:user3

USERPRINCIPLENAME:user3@Home.com

SAMACCOUNTNAME:USER3

USERACCOUNTCONTROL:512

DN:cn=user4,ou=training,dc=Home,dc=com

OBJECTCLASS:user

DISPLAYNAME:user4

USERPRINCIPLENAME:user4@Home.com

SAMACCOUNTNAME:USER4

USERACCOUNTCONTROL:512

DN:cn=user5,ou=training,dc=Home,dc=com

OBJECTCLASS:user

DISPLAYNAME:user5

USERPRINCIPLENAME:user5@Home.com

SAMACCOUNTNAME:USER5

USERACCOUNTCONTROL:512

Run the command as C:/>ldifde –i –v –f test.ldf

Joining a computer account to a Domain

Description: Join the computer account Comp1.Home.com to the domain Home.com from the command line

Steps

  1. Install the support tools on the Machine which is already joined to the domain Home.com
  2. Run the following command from the support tools command prompt

C:/>netdom join comp1 /domain:Home.com /reboot:15

  1. Check the computer account in the Computer container of AD

Moving User and Computer Accounts from the command Line

Description: Move user1 and User2 from training OU to sales OU in Home.com from the command line and check up through ADUC

Steps:

  1.  dsadd user “cn=user1,ou=training,dc=Home,dc=com”
  2. dsadd user “cn=user2,ou=training,dc=Home,dc=com”
  3. dsadd ou “ou=sales,dc=Home,dc=com”
  4. dsmove “cn=user1,ou=training,dc=Home,dc=com” –newparent “ou=sales,dc=Home,dc=com”
  5. dsmove “cn=user2,ou=training,dc=Home,dc=com” –newparent “ou=sales,dc=Home,dc=com”
  6. Checkup the user accounts in the new OU Sales using ADUC

Enable/Disable user accounts and deleting the objects

Description: Enable the user account USER1 and disable the user account user2 in the training OU of Home.com. Delete the user1 from the training OU through command Line

Steps:

  1. dsmod user “cn=user1,ou=training,dc=Home,dc=com”  –disabled no
  2. dsmod user “cn=user2,ou=training,dc=Home,dc=com” –disabled yes
  3. dsrm “cn=user1,ou=training,dc=Home,dc=com”
  4. Test the results by using ADUC

Searching for a specific object and attribute of an Object

Description:  Search for the home directory path of a user User1 of training OU in the Home.com and search for the user object Jack in the Domain Home.com

Steps:

  1. dsget user “cn=user1,ou=training,dc=Home,dc=com” –hmdir
  2. dsquery user domainroot –name jack
  3. Check the Results

Creating and Managing Groups

Creating Global and Local Groups from the command Line

 Description:  Create a Global group by name sales in a training OU of acme.com and add the users user1,user2 and user3 as members. Create a local group by name finance  on the Member server and add the users user X , User Y and User Z as members.

Steps:

  1. log on to the domain Home.com and enter into the command line
  2. dsadd group “cn=sales,ou=training,dc=Home,dc=com” –secgrp yes –scope g –members user1 user2 user3 –d Home.com
  3. check the global group and its members in the Active directory users and Computers
  4. Log on to a domain in a Member server
  5. net localgroup sales /add
  6. net localgroup sales userX UserY UserZ /add
  7. Net localgroup sales

Setting up a group strategy for a given scenario

Description:  Create shared folder software on a file server. userX and UserY  should have read only permission. User1 and User2 should have read write permission. Set the permission using AGDLP concept.

Steps:

  1. Create a Shared folder on the file server and share it .
  2. create salesG1 and Sales G2 as global scope and salesDL1 and Sales DL2 as domain local scope security groups
  3. add users UserX and UserY into SalesG1
  4. add user user1 and User2 into salesG2Make SalesG1 as the Member of SalesDL1
  5. Makes salesG2 as the member of SalesDL2
  6. Set the appropriate permission for the SalesDL1 and SalesDL2 on the share folder
  7. check the permissions by logging as User1 and UserX

Managing Access to resources

Configuring NTFS Security

Description:  Create users UserX and UserY in Home.com. create a share test folder and a test file with in it on a Member server. set full control for the userX and Usery on the folder Test. Set Read only permission for userX on the test File.check for NTFS permissions and effective permissions. Configure ofline settings also check effect of moving and copying of folders from one partition to another partition as well as in the same partition                         

Steps:

  1. Log on to the domain Home.com
  2. Net user userX /add /domain
  3. Net user UserY /add /domain
  4. c:/>md test
  5. c:/>cd test
  6. c:/test> copy con test.txt
  7. welcome to Home Infotech ^Z
  8. net share test=c:\test
  9. Set Full control as NTFS permission  for the both the users on test folder
  10. set read only permission for the test.txt file for the user UserX
  11. Check inherited permissions for both the users
  12. Check file security over folder Security
  13. Check for effective permission for userX on the file Test.txt
  14. Configure Share folder Security
  15. Configure Offline Settings

Implementing Printing

Install Printers setting printer location and configuring Network Printer

Description: install a the driver for the printing device Epson fx105 model. Set the location attribute to make the search faster. Configure a printer with network port having an address IP address as 192.168.10.100 . Check the printing after configuration.

Steps

  1. Install the printer driver for the printer using Add new printer wizard
  2. create a subnet object in the ADSS
  3. Configure Location Attribute in the subnet object
  4. Configure location Attribute in the printer driver
  5. Configure network printer
  6. Test the configurations

Managing Printing

create a printer pool ,Availability and priority

Description:  Install a driver for the printer provided and set the available time from 10 AM to 2 PM . define the priority for the managers as highest and for business executives as the least  Also enable printer pooling.

Steps

  1. Install the driver for the printing device
  2. set the available time period of the printer
  3. set the priority as 99 for this printer and disable print option for business executives on this driver
  4. Install one more driver for the same printer
  5. set the priority as 1 for this printer and disable print option for managers on this printer
  6. Enable printer pooling option to print on the available printer

Managing Access to objects in Organizational Units

Create a OU and moving objects between the OU form the command line

Description:  Create  two OU’s Training and  sales in Home.com add user1 and user2 to Training OU and UserX,userY to Sales OU. Set rights for the user1 to join a computer to the doamain only. For UserX set the rights to create user Objects only. For user2 Set the rights to reset the passwords for both OU’s users. Also Move user1 to sales OU and Userx to Training OU.

Steps:

  1. dsadd ou “cn=sales,dc=Home,dc=com”
  2. dsadd ou “cn=training,dc=Home,dc=com”
  3. dsadd user “cn=user1,ou=training,dc=Home,dc=com”
  4. dsadd user “cn=user2,ou=training,dc=Home,dc=com”
  5. dsadd user “cn=userX,ou=sales,dc=Home,dc=com”
  6. dsadd user “cn=userY,ou=sales,dc=Home,dc=com”
  7. Open Active directory users and computers
  8. run delegation wizard at the domain level set the rigts for the user1 to join a computer to the domain
  9. run delegation wizard at sales ou and set the rights to create user objects
  10. run delegation wizard at the training OU and set the rights to reset the password
  11. dsmove “cn=user1,ou=training,dc=Home,dc=com” –newparent “cn=user1,ou=sales,dc=Home,dc=com”
  12. dsmove “cn=userX,ou=sales,dc=Home,dc=com” –newparent “cn=userX,ou=training,dc=Home,dc=com”
  13. Check the status of all the users and OU in ADUC

Preparing to Administer a Server

Create a shared folder on a remote computer

Defragment a disk on a remote computer

Connect to a remote console session

Create shortcuts for administrative

Description:  create a share folder on a file server by using manage tab. Defragment the the harddisk of file server from a remote computer. Establish a remote administration session from the client computer. Create a MMC snapshot to create local user accounts on the file server.

Steps:

  1. Right click on My computer and click on manage
  2. right click on computer and click on connect to another computer
  3. Use share folder option to create a share folder on the remote computer
  4. use disk management to defrag the hard disk of remote computer
  5. create MMC snapshot to create local user accounts on the remote computer

Preparing to monitor server performance

Monitor DHCP server,DNS server and Domain Controller

Description: Monitor the behavior of the DHCP,DNS and Domain controller on various Loads  using System Monitor tool also create Counter and trace logs

Steps :

  1. Open the system monitor tool
  2. connect to the server to be monitored
  3. Add the appropriate counters
  4. observe the behavior in the GUI mode
  5. Repeat the steps for other servers also

Managing Disks

creating and deleting partitions through Diskpart utility /disk management also to view partition information. Converting FAT into NTFS file system

Description : Create two primary partition on a given HDD and assign a drive letter G and H and volume label as Training. View the partition table information. Delete the partition H drive from the HDD.

Steps:

A. To partition a disk by using Disk Management:

1.  In Computer Management, open Disk Management.

2.  Right-click an unallocated region of a basic disk, and then click New Partition, or right-click free space in an extended partition, and then click New Logical Drive.

3.  In the New Partition Wizard, click Next.

4.  On the Select Partition Type page, click Primary Partition, and then click Next.

5.  On the Specify Partition Size page, type nnn (where nnn is the size in megabytes), and then click Next.

6.  On the Assign Drive Letter or Path page, select the drive letter, and then click Next.

7.  On the Format Partition page:

a. Select the appropriate file system and allocation unit size.

b. Type the appropriate volume label.

c. Select or clear the Perform a quick format and Enable file and folder compression check boxes.

8.  Click Next, and then click Finish.

B.To format a disk by using Disk Management:

1.  In Computer Management, open Disk Management.

2.  Right-click the partition, logical drive, or basic volume that you want to format or reformat, and then click Format.

3      Select the options that you want under:

  • Volume Label.name the disk.
  • File System.select either NTFS or FAT.
  • Allocation Unit Size.select the allocated size of the disk that you want to format.

4.  If you are sure that the disk is undamaged, select the Perform a Quick Format check box.

5.  To compress files and folders on the disk, with NTFS volumes only, select

Enable File and Folder Compression.

C. To delete a partition by using Disk Management:

1.  In Computer Management, open Disk Management.

2.  Right-click the partition that you want to delete, and then click Delete Partition.

D. To partition a disk by using DiskPart:

1.  At the prompt, type diskpart

2.  At the prompt, type list disk and then make a note of the number of the disk on which you want to create a primary or extended partition.

3.  At the DISKPART prompt, type select disk n (where n is the disk number of the disk where you want to create the primary or extended partition).

4.  At the DISKPART prompt, type one of the following (where number is in

megabytes):

  • Create partition primary size=number

. Or .

  • Create partition extended size=number

. Or .

  • Create partition logical size=number

E. To delete a partition by using DiskPart:

1.  Open Command Prompt, and then type diskpart

2.  At the DISKPART prompt, type list disk

Make a note of the disk number of the disk from which you want to delete the partition.

3.  At the DISKPART prompt, type select disk n (where n is the disk that you

want to delete the partition from).

4.  At the DISKPART prompt, type list partition

Make a note of the number of the partition that you want to delete.

5.  At the DISKPART prompt, type select partition n, where n is the partition

number of the partition that you want to delete.

6.  At the DISKPART prompt, type delete partition

F. To assign, change, or remove drive letters by using Disk Management:

 1.  In Computer Management, open Disk Management.

2.  Right-click a partition, logical drive, or volume, and then click Change Drive Letter and Paths.

3.  Do one of the following:

  • To assign a drive letter, click Add, and then click the drive letter that

you want to use.

  • To modify a drive letter, click it, click Change, and then click the drive

letter that you want to use.

  • To remove a drive letter, click it, and then click Remove.

G. To assign, change, or remove a drive letter by using DiskPart:

1.  Open Command prompt, and then type diskpart

2.  At the DISKPART prompt, type list volume. Make note of the number of the volume whose drive letter you want to assign, change, or remove.

3.  At the DISKPART prompt, type select volume n (where n is the number of the volume whose drive letter you want to assign, change, or remove).

4.  At the DISKPART prompt, type one of the following:

a.  assign letter=L (where L is the drive letter that you want to assign or change)

b.  remove letter=L (where L is the drive letter that you want to remove)

 H. To convert a volume from a FAT or FAT32 drive to NTFS:

1.  In a command prompt, type convert d: /fs:ntfs (where d: is the letter of the disk drive).

2.  Press ENTER.

If the partition you are converting is the system or boot partition, you must restart the computer running Windows Server 2003.               

Managing Data storage

Configuring Disk Quota Entries exporting and importing Quota entries

Description: Restrict disk space to 100 MB on the file server for the users Jack and Jill of Home.com Export  quota entries of Jack and Jill Import the the quota entries  for new file server also.

Steps:

  1. Open the properties of a partition on the file server
  2. Click on Quota and enable quota management
  3. Open quota entries
  4. add a new entry for the user Jack
  5. set limit disk space to 100 MB
  6. set the warning level to 80 MB
  7. click on quota and export to a file
  8. Import this file on the other server by entering into same wizard
  9. Repeat the same steps for the other user Jill also
  10. Test the limitation by creating a home folder on the file server

Compressing a folder to increase the disk space encrypt a file and recover through recovery agent

Description : You have to compress a data folder of size 1 GB and represent with alternate color. User jack has encrypted a file and has left the organization there is a crucial data in this encrypted file you have to decrypt the file and make it usable.

Steps: compressing a folder and displaying in alternate color

1.      right click on the data folder access the properties
2.      on general tab click on advanced option
3.      click on compress contents to save disk space
4.      close the wizard
5.      click on tools on the main window
6.      click on folder options
7.      click on view
8.      select the “show encrypted and Compressed NTFS files in color”

Steps: Encrypting and recovering a encrypted a file

1.      Log in as user jack
2.      right click on the file to be encrypted and select properties
3.      click on advanced option  in general tab
4.      select encrypt contents to secure data
5.      export the certificate and the private key of the user Jack
6.      login as administrator
7.      import the private key of the user jack
8.      cipher –u test.txt
9.      open the test.txt to view the contents

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: