Scribd Logo
Upload

Welcome to Scribd!

  • Section #4 (WIn ACL)

    Uploaded by

    Ahmed Taher
    7 views39 pages
    Active Directory is used to store and manage objects like user accounts and computers. It allows for organization into domains, sub-domains, and organizational units. To install Active Directory, the AD Domain Services role must be added on the server and the root domain configured. User, computer, and group objects can then be managed through Active Directory Users and Computers. Existing group policy objects can be modified, such as updating the password policy, and reports on settings and objects can be generated.

    Original Description:

    Sammry for important protocol in ccnp

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Active Directory is used to store and manage objects like user accounts and computers. It allows for organization into domains, sub-domains, and organizational units. To install Active Directory, the AD Domain Services role must be added on the server and the root domain configured. User, computer, and group objects can then be managed through Active Directory Users and Computers. Existing group policy objects can be modified, such as updating the password policy, and reports on settings and objects can be generated.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    7 views39 pages

    Section #4 (WIn ACL)

    Uploaded by

    Ahmed Taher
    Active Directory is used to store and manage objects like user accounts and computers. It allows for organization into domains, sub-domains, and organizational units. To install Active Directory, the AD Domain Services role must be added on the server and the root domain configured. User, computer, and group objects can then be managed through Active Directory Users and Computers. Existing group policy objects can be modified, such as updating the password policy, and reports on settings and objects can be generated.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 39

    Windows Access

    control
    Done by:
    Gehad Mohamed
    Table of contents

    Active directory Active directory


    01 Installation 02 configuration
    01 Active
    directory
    installation
    0. introduction

    Active Directory stores and manage objects that represent common entities: such as user
    accounts or computers.
    Domain
    Root Domain

    Sub-Domain Sub-Domain
    1. Install Active Directory

    1. In Server Manager, from Manage menu open Add Roles ans Features
    2. Select Role-based installation then next
    3. Select Active Directory Domain Service then next.
    4. Finally start the installation.
    2. Post-Installation configuration

    1. In Server Manager, from Notification menu open post-deployment Configuration


    2. Select Add a new forest , enter root domain name then press next.
    3. From Directory controller Options add Directory password.
    4. Uncheck Create DNS Delegation if checked
    5. Verify NetBIOS name, then next.
    6. Define the path for DNS files, the start installation
    02 Active
    directory
    configuration
    1. Examine Admin account
    properties

    1. Run Windows PowerShell as Administrator


    2. Run “whoami /user” command to display SID and other info.
    Note:
    -The final three digits of SID represent the role of the user (500 -> Administrator)
    -You can use “whoami /all” to display additional privilege info.
    3. Use “get–aduser –identity administrator –properities * ” to display account info.
    2. Manage users

    1. In Server Manager, from Tools menu open Active directory Users and Computers
    2. Expand bfcai.com domain node
    3. Right-click bfcai.com domain node, select New, and then select Organization Unit.
    Finally name it.
    Note: OU can have a Group Policy Object linked to it, while container can’t.
    4. Right-click ITAdmins ou, select New, and then select user.
    3. Manage groups

    1. In Server Manager, from Tools menu open Active directory Users and Computers
    2. Expand bfcai.com domain node
    3. Right-click ITAdmins ou, select New, and then select group and name it.
    4. Add InfoSec user to account to the new group
    4. Manage computers

    1. In Server Manager, from Tools menu open Active directory Users and Computers
    2. Expand bfcai.com domain node
    3. Right-click Computers , select New, and then select Computer; name it, and define it’s
    user.
    4. Use “get–adcomputer –filter * | out-file C:\coputers.txt” to generate a report of all
    computers in the domain.
    1

    3
    5. Modify an existing GPO
    Group Policy is a powerful tool enabling custom user and computer settings to be
    deployed to objects across Active Directory.

    1. In Server Manager, from Tools menu open Group Policy Management


    2. In the Group Policy Management console, expand Forest > Domains > bfcai.com and
    select the Default Domain Policy.
    3. Right-click the Default Domain Policy, and then select Edit.
    4. Browse to the Password Policy node by following this path: Computer Configuration >
    Policies > Windows Settings > Security Settings > Account Policies.
    5. Use “gpresult /H C\:passwords-gpresults.html” to generate a report of password policy
    setting updates

    Note: When using Default Domain Policy Password settings apply to all domain members
    Thanks

    You might also like