active directory user manual
TRANSCRIPT
Active Directory User Manual xxxxx
Fall 201x
IT255 – Operating Systems II Instructor: Instructor??
Tim Williams
Table of Contents
Active Directory User Manual
Introduction
Introduction............................................................................................................ 4
Unit 1 Describe Familiarity with Active Directory
Description............................................................................................................. 5
Assignment ............................................................................................................. 6
Unit 2 New Active Directory Concept Learned
Description............................................................................................................. 8
Assignment ............................................................................................................. 9
Unit 3 Create Table of Contents
Description............................................................................................................. 10 Unit 4 Submit Manual for Review
Description............................................................................................................. 11
Unit 5 Active Directory Command Line
Description............................................................................................................. 12
Assignment ............................................................................................................. 13
Unit 6 Part 1 Discussion - Multiple-Choice Questions
Description............................................................................................................. 15
Assignment ............................................................................................................. 16
Unit 6 Part 2 LabSim Concept Learned
Description............................................................................................................. 17
- 3 -
Assignment ............................................................................................................. 18 Unit 7 Submit Manual for Review
Description............................................................................................................. 19
Unit 8 LabSim Concept Learned
Description............................................................................................................. 20
Assignment ............................................................................................................. 21
Conclusion
Conclusion.............................................................................................................. 22
- 4 -
INTRODUCTION This manual is designed to describe what the instructor hopes I, Tim Williams, have learned
from the IT255 Operating System II class. By adding content from each of the units/weeks
involved in the class, the hope is that this manual will help me in the future. Perhaps in the
future it will come in handy when questions arise on a particular topic. Since this manual
focuses on difficult and/or interesting topics I’ve come across in the class, perhaps it will be of
future use. It is not intended as a comprehensive guide or a complete reference to topics
discussed in the class. It is strictly intended as a subjective reference guide by the author and for
the author. Any use beyond an educational purpose is strictly prohibited.
- 5 -
UNIT 1 – Description – (Describe Familiarity with Active Directory)
Describe your familiarity with Active Directory through an actual work environment, education, or your own personal use. If you are not currently familiar with Active Directory, you can describe how it would be of help to an organization that does use it. You must discuss at least two Active Directory components in this paper and make at least two references back directly to content from LabSim for this unit in your response. Grading will be based on addressing this assignment by using appropriate technical content in addition to proper spelling, grammar, organization, and readability of your paper.
- 6 -
UNIT 1 – Assignment – (Describe Familiarity with Active Directory) I can’t say I have a lot of familiarity with Active Directory directly. I haven’t really worked in it
to configure much. It would consider this feature to be one of those features I know a little about
overall. I do remember back in the 90s when MS announced Active Directory for WinNT5
(Win2K). At the time there was a feature in use called Novell NDS that most IT folks used and
thought MS was maybe just finally catching up when and if Active Directory lived up to the
hype. I didn’t do much in the way of network config, but worked with Domino as a RAD tool.
It was fairly easily to configure for user access to the server, so in most cases we just passed over
any other network user tool and even WinNT directory and stayed in the Domino domain. It
seems that with the advent of more Active Directory tools and features, the one feature I’d like to
determine, is if I can create single-sign-on through Domino on a Win2K8 server or not? So far, I
haven’t had success doing this. I would think there’d be a direct solution to access a server, like
Domino, running on the Win2K8 box. If you know of something, not third party, please let me
know. From my experience, MS doesn’t make things easy for anything if you are using
something other than a MS tool.
Most of my experience with Active Directory has come in the form of ADDS, and more
particularly with Group Policy Settings. This tool is very powerful and I believe most IT folks
are utilizing it. However, my experience is they are abusing the power of it. Just because one
can lock down every aspect of a users machine, doesn’t mean one should. Especially with
regards to the GP and Internet Explorer, IT folks have locked the entire browser down, not
realizing that MS designed IE to have separate settings already configured inside it. Trusted
Sites should not be treated like the Internet Sites and have the same config. The whole purpose
- 7 -
of GP is to push out universal settings to users machines so they have a similar experience. If
that experience is a bad one, then in my opinion, the IT folks have failed their users.
- 8 -
Unit 2 – Description – (New Active Directory Concept Learned)
You will continue your Active Directory User manual by typing a 1/2 page paper in which you
recall a new concept you learned during a lab(s) in this unit that you want to take with you in
your user manual. Report which lab(s) you based your comments on and make at least two
direct references back to LabSim content. Copy your response into a new page of your existing
Active Director User Manual started in Part B of the Unit 1 Assignment (do not submit it here).
You will submit a draft of your user manual later in Unit 4. Be sure to note Unit 2 Assignment
as the heading for this section of your user manual.
Grading will be based on addressing this assignment by using appropriate technical content in
addition to proper spelling, grammar, organization, and readability of your paper.
This document is the start of your user manual that will be ultimately submitted in Unit 11 as
your Learner Outcome project for this course with drafts submitted in Units 4 and 8. In Unit 11,
you will be shown how to add your Active Directory User Manual to your eFolio
- 9 -
Unit 2 – Assignment – (New Active Directory Concept Learned)
I can’t think of anything really new or memorable about these labs. I did like seeing the “cost”
option for prioritizing replication. I had heard of this but never seen it. I find it kind of funny
MS puts a cost on replication unstead of prioritizing it. I’d think scheduling would solve the cost
question adequately. I guess they feel the “cost” option is for lazy IT folks instead of properly
configuring a replication schedule and actually knowing their network. The only useful
application of “cost” I can see is if it would determine when replication occurs or doesn’t based
on network utilization between the two sites. I didn’t see where this was its purpose.
- 10 -
Unit 3 – Description – (Table of Contents)
Add a table of contents to your Active Directory User Manual that lists the first two assignments
and leaves room to add the remaining assignments as they are added. Do not submit it here yet.
You will submit a draft of your user manual later in Unit 4. Place your Table of Contents on a
fresh page after the manual's title page.
- 11 -
Unit 4 – Description – (Submit Work for Review)
Use the link above to submit your running user manual started back in Unit 1. This assignment
is an opportunity for me to check your progress and provide feedback for continuing this project.
At this point, you should have at least content documented in your user manual from Units 1-4.
- 12 -
Unit 5 – Description – (Active Directory Command Line)
Our discussion board in this unit gave us a chance to share command line ideas with each other.
Start a new page in your Active Directory User Manual. Type “Unit 5 Assignment” at the top.
First, copy in your discussion board contribution. Next, add a dividing line then copy in another
student's post that you found the most helpful or interesting. Be sure to note which student's post
you used. Do not submit your user manual here yet. You will submit a second draft of your user
manual later in Unit 8. Be sure to update your table of contents.
- 13 -
Unit 5 – Assignment – (Active Directory Command Line)
For a new user I don't really see many of these command line options being used. You'd only be
using these out of necessity; the need for speed. However, one command line option I thought
would be very valuable would be the CSVDE command. This allows you to take a .csv file and
import users into the system. It also lets you bulk export data to .csv. This would be particularly
helpful if you are creating a new server domain or porting one domain to another. You could
export all the users, tweak any changes you wanted in the .csv, then import it into the other
domain. I've used similar techniques when creating/migrating from/to a Domino environment.
In fact, I currently offer our customers the ability to read in a .csv for keeping users up-to-date
from their Active Directory to their Domino environment if they wish to. This feature has been
used in the past especially when bringing a new customer online using my software.
You need to use the -i switch to specify that's it's an import mode file. Also, using the -m switch
keeps all the specific Active Directory stuff out of the file. This is especially useful for porting
names to a different server platform. There are a lot of switches, many I didn't know about.
Here's a link displaying them:
http://technet.microsoft.com/en-us/library/cc732101(v=ws.10).aspx
Andrew Havlovick-AP
11/7/12 6:54 PM
One of my favorite Windows commands is the "shutdown" command. I installed Windows
Server 2012 on a VM last week and could not for the life of me find the power menu (which was
silly of me, considering that I had just installed Windows 8 on my desktop and it's in exactly the
same spot, on the menu that pops up from moving the mouse in the either the upper or lower-
- 14 -
right corner), so it was the shutdown command to the rescue! A favorite shortcut of mine is
"Windows Key + R", which opens the "Run" window, and then from there typing "cmd" to open
a command prompt. The most common switches I use are "shutdown /s", which shuts the
computer down after displaying a warning and waiting for an about 30-second time-out , and
"shutdown /r", which does the same shut down but then restarts the computer. Typing "shutdown
/?" opens the help for this command. Although I haven't tried them, I am curious to try the
"shutdown /a" command to abort a shutdown during the time-out period, and "shutdown /p" to
shut down with no warning whatsoever.
- 15 -
Unit 6 Part 1 – Discussion Board – Description – (Multiple-Choice Question)
Post: To help each other review material covered in the first six units, please develop a multiple choice question (four answer options) of your design from the material in our textbook or LabSims contained in the first six units. Post your question (without the answer) to this discussion board by Thursday. When you develop your question, note the location of the solution. Also prepare an explanation as to why the solution option is correct and why the each of the other solutions options is not correct. Post only the question (not the location or solution) by Thursday. Please be unique. Here is an example of the format used for designing multiple choice questions (b is the correct answer). Example: Which NTFS standard permission for folders and files grants the same permissions as Read and includes the ability to run applications or scripts? a. Write b. Modify c. Read & execute d. Full Control Post your original thread by Thursday (5 points) Respond: Part 1: Respond to at least two other students' question posts by Sunday. Provide a solution, explanation as to why that solution option is correct, and why each of the other options is not correct. (2 points for the first reply and 3 points for the second) Part 2: As late in the day Sunday as possible, reply to your own post providing your solution, location of the solution in the text or LabSim, explanation of why the solution option is correct and why each of the other options is not correct. Part 3: For your running user manual, start a new page title Unit 6 Discussion Board, copy in your question, location, solution, and explanations. Also copy in the question, location, solution, and explanations from another student that contained something new that you learned or something you found particularly interesting. Be sure to note the name of the student whose material you used. Since solutions are not being posted until Sunday, you can have a couple of days into Unit 7 to complete this part of your user manual. Update your table of contents for this entry. Please include your name in the subject line of your post. Spelling, grammar, relevance, and completeness will all be taken into account when grading your discussion contributions.
- 16 -
Unit 6 Part 1 – Discussion Board – Assignment – (Multiple-Choice Question)
Your manager has asked you to create a large number of new users. You have access to a comma-separated value (csv) file of all the user information. What tool/command would you use to import this information to create user accounts? a. Dsadd b. Csvde c. Mkppl d. Klist "a" is not correct. It is a command line tool, but only for adding individual users to the directory. "b" is the correct answer because CSVDE is the command line tool for importing users into the system using a comma-separated file (CSV). See p. 192-193 of MCTS Guild to Microsoft Windows Server 2008 Active Directory Configuration by Greg Tomsho. "c" is not correct. There is no "MKPPL" command. "d" is not correct. This tool is used in conjunction with Kerberos tickets or event tickets in the system. It does not import users. Ansony Waters-WJ
Which of the following is an account type found in Active Directory? a. Domain thicket account b. Computer account c. Local user account d. GPO The answer is Computer account. Local User Account is only found locally, and the other two
are not accounts. (Thicket is just a play on forest.) I made the question from knowledge from
chapter 3 of our textbook.
- 17 -
Unit 6 Part 2 – Description – (LabSim Concept Learned)
You will continue your Active Directory User manual by typing a 1/2 page paper in which you
recall a new concept you learned during a lab(s) in this unit that you want to take with you in
your user manual. Report which lab(s) you based your comments on and make at least two
direct references back to LabSim content. Copy your response into a new page of your existing
Active Director User Manual started in Part B of the Unit 1 Assignment (do not submit it here).
You will submit a draft of your user manual later in Unit 8. Be sure to note Unit 6 Assignment
as the heading for this section of your user manual and to update your table of contents.
Grading will be based on addressing this assignment by using appropriate technical content in
addition to proper spelling, grammar, organization, and readability of your paper.
This document is the start of your user manual that will be ultimately submitted in Unit 10 as
your Learner Outcome project for this course with drafts submitted in Units 4 and 7. In Unit 10,
you will be shown how to add your Active Directory User Manual to your eFolio.
- 18 -
Unit 6 Part 2 – Assignment – (LabSim Concept Learned)
I enjoyed the content from LabSim 6.6.3. It contained information on setting password
preferences, including length of passwords, minimum length, how long a password can be kept,
and also complexity requirements. One item I’ve come across in my own experience is trying to
re-use an old password and being stopped from doing this. This module addressed how and
where that is set. It also touched on account lockout due to typing in the wrong password
repeatedly. I didn’t know exactly where this was located before and how it related to the Group
Policy settings. It was good to see it in action in LabSim 6.6.3 and 6.6.4 and get some
experience changing the settings.
- 19 -
Unit 7 – Description – (Submit Work for Review)
Use the link above to submit your running user manual started back in Unit 1. This assignment
is a opportunity for me to check your progress and provide feedback for continuing this project.
At this point, you should have at least lab work documented in your user manual from Units 1-7.
(25 points, due Sunday)
- 20 -
Unit 8 – Description – (LabSim Concept Learned)
You will continue your Active Directory User manual by typing a 1/2 page paper in which you
recall a new concept you learned during a lab(s) in this unit that you want to take with you in
your user manual. Report which lab(s) you based your comments on and make at least two
direct references back to LabSim content. Copy your response into a new page of your existing
Active Directory User Manual started in Part B of the Unit 1 Assignment (do not submit it here).
You will submit the final version of your user manual later in Unit 10. Be sure to note Unit 8
Assignment as the heading for this section of your user manual and to update your table of
contents.
Grading will be based on addressing this assignment by using appropriate technical content in
addition to proper spelling, grammar, organization, and readability of your paper.
This document is the start of your user manual that will be ultimately submitted in Unit 10 as
your Learner Outcome project for this course with drafts submitted in Units 4 and 7. In Unit 10,
you will be shown how to add your Active Directory User Manual to your e-Folio.
- 21 -
Unit 8 – Assignment – (LabSim Concept Learned)
In LabSim labs 2.4.5 and 2.4.6 I needed to add “A” and “CNAME” records. These are host and
aliases records for a zone. They allow users the ability to go to a zone multiple ways. This is
particularly helpful if you want to type in “intranet” in your browser and it takes you to the
intranet page, which could be a long address. So instead of typing in the long address, you just
type in “intranet” and it resolves correctly. I didn’t know where these values/records were
created before and now I know. My company uses this a lot and it’s nice to know how these
links work.
- 22 -
CONCLUSION
In LabSim labs 2.4.