mcse-08-implementing of an active directory service-04-lab

8/6/2019 MCSE-08-Implementing of an Active Directory Service-04-Lab

1/60

ADVANTAGE PRO Chennais Premier Networking Training Center

Implementing an Organizational UnitStructure


2/60


Create and Manage OU using Directory Service

Tools

Type the command

to create the OU


3/60


Create and Manage OU using Directory Service

Tools

Created OU will

displayed here


4/60


Modifying an Organizational Unit

Procedure

Dsmod ou Organizational Unit DN desc Description

d Domain u UserName p Password


5/60



To modify the

query


6/60



Our modify thing will

be displayed here


7/60


Removing an OU

This command will

remove the OU type Y

to confirm


8/60


Removing an OU


9/60


10/60


Create OU using Ldifide Tool

Create an input file

Dn: OU=Sample OU,DC=nwtraders,DC=msft

Changetype: add

objectClass: organizational Unit.

Run Ldifide to create, modify or delete OU

Ldifde i k f OU List.ldf -b


11/60




12/60




13/60


14/60


Create OU using Windows Script Host

Save this script to

create the OU


15/60


16/60


Create OU using Windows Script Host

Ou will be created

here


17/60


Delegate Administrative Control

Click

ACTIVE DIRECTORY USERS AND

COMPUTERS


18/60



Select the OU and right

click select

DELEGATE CONTROL


19/60



Click NEXT to

continue


20/60


21/60



Select the delegate

control

Click NEXT to

continue


22/60



Click FINISH


23/60


Verify Delegation of Administrative Control

Click

ACTIVE DIRECTORYUSERS AND COMPUTERS


24/60



Select VIEW and select

ADVANCED

FEATURES


25/60



Select OU andselect properties


26/60



Here select

SECURITY

Then click

ADVANCED


27/60



In the list it will

display the user


28/60


Implementing User, Group, and Computer

Accounts



29/60


Create Accounts Using the Csvde Tool

Right click the domain and

select the NEW then OU


30/60



Then type the

name of the OU

Then click

OK


31/60



Created OU will

be displayed here


32/60


33/60



Type this command and press

enter your user account


34/60


35/60


Create and Manage Accounts using Ldifde Tool

Procedure:

Prepare the Ldifide file for importing

-- Ldifide file contains a record that consists of a sequence of

lines that describe either an entry for a user account.

-- Any line that begins with a pound-sign(#) is a comment line

is ignored when you run the Ldifide file.

-- If a value is missing for an attribute, it must be representedas Attribute Description : FILL SEP


36/60



Sample Code:Create Shyam

dn: cn=Shyam,ou=Human Resources,dc=test1,dc=com

Changetype: AddobjectClass: user

SAMaccountName: shyam

userPrinicipalName:[email protected]

displayName:shyam

userAccountControl: 512


37/60



Run the ldifde command to import the file and create

multiple user accounts in Active Directory

In Command Prompt type:

ldifide i k f filename b UserName Domain Password

Where

i indicates importing a file to Active Directory

f indicates next parameter of the file that are

importing

b sets the command to run as username,domain andpassword

-k ignores errors during an import operation and

continues processing


38/60



Create the file in this

format


39/60



Type the command and

execute it


40/60



The user will display

here


41/60


Create and Manage Accounts using Windows

Script Host

Procedure Use Note to create a text file with a .vbs extension.

-- Connect to the container in which you want to create

the Active Directory object by specifying the LightweightDirectory Access Protocol (LDAP) query.

Set objou=Get object(LDAP://ou=Human

Resources,dc=test1,dc=com)


42/60


43/60



Script Host

This is the script to

create the user


44/60



Script Host

Save the .vbs

formatThen click

SAVE


45/60



Script Host

Then execute the script by

using WSCRIPT


46/60



Script Host

Created account will

display here


47/60


Changing Value using Windows Script Host

Procedure Connect to the object that the property will be

changed

Set objUser=Get Object(LDAP://cn=Mary,ou=Test,dc=test1,dc=com)

Set the new value of the property-for example, the

room number of an employee who has moved to a

new office

objUser.Putphysical Delivery Office Name,Room 4358


48/60


49/60


Adding a UPN suffix

Procedure

Open Active Directory Domains and Trusts.

In the console tree, right click Active Directory

Domains and Trusts, and then click properties

On the UPN suffixes tab, type an alternative UPN

suffix, and then click Add.


50/60


Adding a UPN suffixOpen Active Directory Domains and Trusts

Select the ACTIVE

DIRECTORY DOMAINS

AND TRUSTS


51/60


Adding a UPN suffixIn the console tree, right click Active Directory Domains and

Trusts, and then click properties

Right click the trust and

select the properties


52/60


Adding a UPN suffix

Here type the suffix

name


53/60


Adding a UPN suffix

Then click ADD


54/60


55/60


56/60


Removing a UPN suffixIn Active Directory Domains and Trusts, in the console tree,

right-click Active Directory Domains and Trusts, and

then click Properties

In active directory domain

trust right click and select

properties


57/60


Removing a UPN suffixOn the UPN Suffixes tab, select the UPN suffix name that

you want to remove, and then click Remove

Click REMOVE


58/60


Removing a UPN suffix

Click YES


59/60


SID

Is a list of all SIDs that were assigned to a useraccount

Provides migrated user account with continuity of

access to resources


60/60

mcse-08-implementing of an active directory service-04-lab

Documents