MCSE

Group Policy is a collection of settings which can be applied to computers and users. With group policy administrator can centrally manage the computers and users. Easer administration using group policy. We can apply group policy by using this Organization Unites level group policy. Domain Level Group Policy Site Level Group Policy 1). Organization Units(OU ) level group policy:  If we apply a Group  Policy on Sales OU, this group policy will affect sales OU users. How to apply OU level group policy In Sys1 server login as administrator. Open the ADUC console create the same OU with user account Ex. sales OU-s1, s2 user account. Open the group policy management console.            Expand Forest                  ↳ Domain                           ↳ Domain Name (preetam.com) ...

                      Role of Active Directory  Transfer of Roles Seize of Roles In Active Directory there are six Roles.    Operation Masters Naming Master Schema Master RID Master PDC Emulator Infrastructure Master Global catalog One to five master is  Flexible Single Master Operation Roles (FSMO Roles) and the last one is Multi-Master Operations Roles. 1). Naming Master Check and Maintain the Uniqueness of the Domain Name in the Whole Forest It is Responsible for Adding, Removing and  Renaming the domain names in the whole Forest. 2). Schema Master The schema is a set of Rules which is used to define the structure of Active Directory. The schema contains Definition of all the Objects which are stored in Active Directory The schema is further classified into —Classes           *Class is a template which is used to create an Obje...

           Structure Of Active Directory *Logical Structure Domain Tree Parent/Child Forest *Physical Structure Domain Controller sites Domain Tree:- a tree is a set of one  oe=r more Domains with contiguous names. If more then one domain exists. you can combine the multiple domains into hierarchical tree structures. The first domain created is the root domain of the first tree. Another domain is the same domain tree are child domains A domain immediately above another domain in the same domain tree is its parent. Creating chaild domain controller In System, tree log in as administrator Server OS— Workgroup Assign the IP address pre DNS should be the same alternate DNS server is the primary server Install ADDS server  In System3 server manager console click on the flag and click on promote this server from to a domain controller. select add a new domain to an existing forest sel...

                       Additional Domain Controller—(Backup) If you already have one Domain Controller in a Domain, you can add an additional domain controller to the domain to improve the availability of network service. Adding Additional Domain Controller can help provide fault tolerance, balance the local of the existing Domain controller, and provide additional infrastructure support to the site. The replication type between two read/write DC's is multi-master replication. Creating Additional Domain Controller Configure the first System1 DC primary server domain name — preetam.com In System2 computer login as  administrator server Operating System —Workgroup Assign the IP address and preferred DNS should be the same. alternate DNS server address is DC primary server IP address. In system2 computer open the server manager console click on add Rolle and features Click next...

                                          Organization Unit It is a logical container which contains active directory objects(User, Groups, Organization Unit, & other objects) It is Also called as a subtree. It is used for minimizing administrative tasks. It is used  for Organizing and managing the  active directory object It is used for delegating the control to one or more users. Creating an Organization Unit In System 1 DC login as administrator. Open that ADUC console Right click on Domain Name preetam.com click new> Organization Unit write OU name sales and click ok. In the sales, Organization Unit creates some user account Ex. x1 & X2 user.  Applying Delegation control right on sales Organization Unit System DC login as administrator open  ADUC console.  sales Organization Un...

                      File Server Resource Management FSRM service is introduse in 2008 R2 to 2012. FSRM functionality (feature). Storage Quota management. File Screening management. Storage Reports management. Instaling FSRM service In System server Domain Controller login as administrator. Open the server manager console. click on Add Roles and Features. Click three times next, next, next; Expand files and storage  service Expand files and iSCSI service manager  click on add feature next, next, next, install. I ). Storage quota management In  System one  server Domain Controller login as administrator Open file server  resource manager Expand Quota management Right click on Quata template and click on create Quota templet. Templet name- Block Image files for user3 Space limit 5 GB click on ok Right click on quota and click create a quota  one new window wi...

                                            Home Folder The home folder is a  centralized location of the user's files (DATA) Home folder makes it easier, for an administrator to backup user files by collecting all users file in one location. Whenever the user login to any computer in a domain, home folder will be available in the form of a network drive network location.                                       Creating Home Folder network drive In System one server Domain Controller login as administrator. Open the ADUC control and create the same user accounts ex. user1, user2, user3. Open the E:\ drive and create one new share folder by the name Home-permission read/write. Open ADUC console right click on user3 account click on properties. Select th...

                                                Creating Local profile In System server login as administrator. open the ADUC console and create the same user account. Verification  System two login user 1 create some data o desktop check the type profile locally. Steps to check a profile  log in as a user user1. open the control panel in search box write a profile   click on a configure advanced user profile property check the type of profile -local                                                       Creating Local profile In System 1 server login as administrator open the drive create one new Shared folder (name Roam) permission everyone read/write. Open ADUC co...

A profile is a user- state Environment. A profile contains a personal setting of the user like.             —Documents,             —Desktop setting.             —Star menu icon,             —shortcut,             —Application data,             —Download,             —Picture,             —Music,             —videos,            —Contects,            —Feavrites etc;            Types of  Profiles *local Profile *Roaming profile Local profile A local user profile is created the first time you log in to a computer and is stored on computers local hard disk. Any Changes mode to user local pr...

In System one server login as an administrator  open the ADUC console and create same user account user1, user2, user3. In System one server open the E:\ Drive and create a new folder open name it sales and create same files. right click on the sales folder and click on share with and click on specific people. click on down arrow click on find people and the user name and click on OK select permission read. the user2 and give the permission to read and write. click on share. In System 2 client computer login as user1. access the sales shared folder from the network. Verification  open client system login as user  open Run and type \\System_name\sales          or \\10.0.0.1\sales access the files permissions read. Creating The  Hidden share folder by using $ sing (sales$) Creating Map Network Drive  In Sys2 client computer login as user2 open the run \\Sys1 click ok  right click...

In system two client computer login as a domain a domain administrator. Open the computer, open the NTFS E drive. create one folder by the name data open the data folder and create some files. Roaming Inherited Permission from a folder right click on data folder and click on properties. select security tab clicks on advance. click on disable  inheritated permitions fro this object select administrator and click remove click on apply, click on yes and ok, ok ; Right click on data folder and click on propertce.  select security click edit>add type the name administrator and ok check the box full controll allow and click apply ok, ok. like this add the user1 account and give the permission read. add the user 2 account and give the permission read &write. in System 2 login user1- as user  open the E:\ drive open the folder and access the files—permission read.

Permissions define the type of access feated to a user, group, or computer to access resources. permissions can be applied to resources such as files, folders, and printers. —Like, a privilege to read a file, delete a file, or to create a new file in a folder. Types of Permissions Security level permission Share level  permission *Security Level permission  Can be Implemented only on NTFS partition. Security or NTFS permissions can be set on Drives, folders, and files. by default, security permission will be inherited from its parent drive or folder. File permissions override folder  permissions. Creators of files and folders are there owners. Different Security permissions are —full control, modify, read, execute, write and read, list folder contents. * Share Level permissions It can be implemented on NTFS and FAT partitions. It can be set on drives and shared folders but not files. What are the share folders? —Share fol...

                                                      Allow login locally *In System one DC login as Administrator open the ADUC console and create user account *user1,user2, user3. *open GPM console (open run and type gpmc.msc and click ok) *expand forest        ↳ Domainpreetam.com(domain_name)                       ↳ domain controller                                 ↳ default Domain Controller right click and click edit new windows will appear *Expand computer configuration                 ↳ policy                       ↳ windows settings               ...

                       How to change the default Domain password policy. Login as administrator in Domain Controller. open group policy management console (open run and type gpmc.msc) expand Domain >expand domain_name(preetam.com)>default domain policy right-click on this and click on edit Expand Computer Configuration >policy>windows setting>account policy>password policy  right click on minimum password length and click on properties. right click on a password must be a complexity requirement and click on the property and disable it.  note:- if we change  policy then we want to update policy            we can update policy in three ways... open run and type gpupdate and click ok.                                     or restart do...

                                   User Management Local User  A user Account created in the local database of a computer. A local user is generally used in workgroup model. A local user can log in only on the respective computer. Domain User A domain account created in ADDB. Domain user is used in DOMAIN model. Domain user can log in to any computer in the Domain. Active Directory DB file Name is NTDS.Dit NTDS.Dit stands for  New Technology Directory Services  Directory Information Tree.                     Creating Domain  user in Domain Controller In System 1 server DC login as administrator. Open ADUC console (run—>DSA.msc) expand the Domain Name Preetam.com. right click on user container click on new and click user. type first name and user login name click on next type the pa...

                                Clients & Member Servers Clients A computer joined in the domain with client Operating System. Client Operating System like — Windows 10, Windows 8, Windows 7, Windows XP professional. Member Servers A computer joined in the domain with server Operating System. Operating System Like — Windows System 2012, Windows System 2008, Windows System 2003. Configuring Clients & Member Servers In System two computer login as administrator with any Operating System- Workgroup. assign the IP address should be unique and preferred DNS is Domain Controler IP (DC-IP). In System two right click on computer icon, click on properties. Click on change setting and then click change. select member of domain and type the domain name. Type the username-Administrator@preetam.com         ...

        Step by Step installation of Active Directory Domain Service (ADDS) In System computer login as administrator. (server O/S  is by default workgroup)  Assign the IP address and preferred DNS  server should be same. open the server manager console. click on  Add Role and Features click three times next, next, next. check Active Directory Domain Service (ADDS) check box. a new window will open click add the feature. click next, next, next, and install. In server manager console click on flag click on promote the server to a domain controller. select a new forest. type the root Domain Name like —preetam.com and click on next. select forest function level — Windows 2003 & Domain function level Windows 2003. write the password and confirm password and click five-time next,  next,  next,  next,  next, and click install and restart. Verification  ...

Active Directory Domain Service (ADDS) is introduced on 2000 server Operating System. What is Active Directory Domain Service?   The  Active Directory Domain Service (ADDS) database stores information on user identity, computer, groups, services, and resources. Active Directory Domain Service (ADDS) controllers also host the service that authenticates the user and computer account then they logon to the domain.  Purpose of Active Directory Provides user login and authentication services using KARBOS PROTOCOL. to centralize and decentralize the resource management. To centrally organize and many                                                                                                      ...

There is two types of topologies:- Physical Topologies: Star, Bus, Tree, Mesh,etc. Logical Topologies  Logical Topologies workgroup model- peer to peer Domain model :- client /server Workgroup Model All computer are peer; no computer has control over another computer.   each computer has a set of user accounts to use any computer in the workgroup , you must have an account on that computer Domain Model One or more computer are server network administars use server to control the security and permission for all computers on the domain this makes it easy to mack changes becouse the changes are automatically made to all computer.                                      Active Directory Domin services ADDS is Intruduse on 2000 server Operating System What  is Active Directory Domain services? The AD DS  database store information on...

* IP address is a logical address, by using IP address we can stabilize between the network devices. Two versions of addressing scheme    —IP version 4 - 32 bit addressing    —IP version 6 - 128 bit addressing * IP v4 is a 32-bit address it is divided into 4 octets, and each octet contains 8bit, and each octet separated by a dot "." symbol. IP v4 is starting from 0.0.0.0   to 255.255.255.255 up to 4.3 billion  IP address. IP v4 classified into five classes.   Class A — 0.0.0.0     to    127 .255.255.255   Class B — 128 .0.0.0  to    191 .255.255.255   Class C — 192 .0.0.0  to    223 .255.255.255   Class D — 224 .0.0.0  to    239 .255.255.255   Class E — 240 .0.0.0  to    255 .255.255.255 Class A, B, and C is used for LAN, MAN, and WAN, Class D is used for multicasting. Class E is used for res...

                                  GUI to CORE mode open your PowerShell;  you can search on the start menu. and type the command given below.             uninstall-WindowsFeature server-gui-mgmt-infra, server-gui-shell -restart and hit enter and wait                                                CORE mode to GUI mode type a command on command prompt  PowerShell and hit Enter  then type the command given below         install-WindowsFeature server-gui-mgmt-infra, server-gui-shell -restar              hit enter and wait  if you have questions then you can comment I will reply you. thanks for visiting my blog.