Topic: Install Domain Controller (partly reference only)

Contents
Install Windows 2008 R2 Server (Skip If Already Installed) ..................................................................3

Install the Latest W2K8 R2 Service Pack (Per Honeywell) ...................................................................5

Set the Date and Time ...........................................................................................................................7

Configure TCP/IP Settings (Skip if already set) ....................................................................................9

Promote the Server to a Root Domain Controller (Skip if already done) ............................................11

Update the Computer's HOSTS File on Domain Controller ................................................................15

Add a Reverse Lookup Zone ...............................................................................................................17

Configure Domain Name Server for Forwarding .................................................................................21

Install Domain Controller Add-on Packages ........................................................................................23

Create the TPS Domain OU ................................................................................................................29

Create Domain Accounts .....................................................................................................................31

Perform Backup Procedures (REFERENCE ONLY) ...........................................................................35

9/25/2015 Copyright © 2014 Honeywell International Inc. 1

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 This page was intentionally left blank.

2 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install Windows 2008 R2 Server (Skip If Already Installed)

Install Windows 2008 R2 Server (Skip If Already Installed)

Objective

Given a server grade platform (in in-centre class T310 and remote class virtual platform), install
Windows Server 2008 R2 Standard Edition. The tasks following this task (of installing 2008 R2)
will create and configure a Domain Controller which is appropriate to be used as part of an
Experion system.
The steps detailed out in the subsequent tasks are also available in the Experion Windows
Domain/Workgroup Implementation Guide.

Main Idea
For the purpose of this class skip the steps to install Windows Server 2008 R2 Standard Operating
system software and updates. The image you restored did this for you.

ATTENTION

If you are in Remote class, restore the snapshot “DC

OS only”. This will restore a Windows Server 2008 R2
with SP1 image on the node which can then be
promoted to Domain Controller.

Step Action

1 Insert the Windows Server 2008 R2 Standard Edition CD-ROM and boot the machine
to begin the installation.

TIP

At the “Press any key to boot from CD or DVD…….”

prompt, press Enter key

2 At each Windows Server 2008 R2 prompt, answer the questions as appropriate.

After installation, for the first logon the system will ask to change the Administrator
password. Refer to the partition sheet and set the password.
After logging in, Refer to the partition sheet and change the Computer Name. Restart
the system.

9/25/2015 Copyright © 2014 Honeywell International Inc. 3

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install Windows 2008 R2 Server (Skip If Already Installed)

This page was intentionally left blank.

4 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install the Latest W2K8 R2 Service Pack (Per Honeywell)

Install the Latest W2K8 R2 Service Pack (Per Honeywell) (Skip if already
installed)
Main Idea

If the node which will become the DC is already installed with Windows2008 R2 Standard Edition
with Service Pack1 then skip this procedure.

In class, skip this procedure. It has been done by the image you restored.

Step Action

ATTENTION

If Windows Server 2008 R2 is installed using the

Experion Initialization DVD, then skip this procedure
and continue with the next procedure in this lab.
For this course Windows Server 2008 R2 was installed
using Experion Initialization DVD.

At the node which will become the DC, logon as Administrator.

4 If necessary, check the “Do not display the page at logon” checkbox.

5 Insert the Experion Initialization Update media or browse to the D_EXP_UPD folder
present on the ESIS ( in class: \\OPC1\ESISR430 ).

6 Navigate to “PACKAGES\SERVICE PACKS\Win7_SRV2008R2_x64_SP1” folder and

double click on “windows6.1-kb976932-x64” file to start the Service Pack 1 installation.

7 Click the Next button on Welcome screen.

8 Select I Accept License Terms and click the Next button.

9 Uncheck Automatically restart the computer. Click Install.

9/25/2015 Copyright © 2014 Honeywell International Inc. 5

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install the Latest W2K8 R2 Service Pack (Per Honeywell)

Step Action

10 After installation is complete, click the Restart button

11 The computer will restart.

12 After the restart, logon to the machine as administrator. If a dialog box appears
"Windows Server Service pack 1 is now installed" click close to exit.

6 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Set the Date and Time

Set the Date and Time

Main Idea

This procedure may have been done as part of the Windows 2008 R2 installation. The time on your
system may already be correct, and you may not need to do this procedure.

ATTENTION

If you are in Remote class, ensure that you have

restored the snapshot “DC_OS only”, before
performing below steps.

Step Action

1 Login to the machine as Student.

TIP

Student is the user created during the Windows

Operating System installation using the Experion
Initialization DVD. Student is a member of the
administrators and users local groups.
We will use the student account as the administrator.
The Student user is specific to the class. This user
will be different based on your site specific
configuration.
It will also be different based on how the OS was
installed.

2 Click Start > Control Panel > Clock, Language and Region > Date and Time.

3 Click the Change Time Zone button in ‘Date and Time’ tab.

4 Use the drop-down menu to select the local time zone. Click OK

5 Click the Change date and time button in Date and Time tab.

6 Specify the correct date and time.

7 Click OK in the ‘Date and Time Settings’ dialog.

8 Click OK in the ‘Date and Time’ dialog.

9/25/2015 Copyright © 2014 Honeywell International Inc. 7

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Set the Date and Time

This page was intentionally left blank.

8 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Configure TCP/IP Settings

Configure TCP/IP Settings (Skip if already set)

Main Idea
This procedure may have been done as part of the Server 2008 R2 installation. In class, the image
you restored was given an IP address; therefore, you will not need to configure the TCP/IP settings.
Therefore, you can skip this lab.
This Lab assumes that the installation of Windows Server 2008 R2 installation was done using the
Experion Initialization media on a qualified platform. This installs all the drivers – including the
drivers for the NIC. Depending on the method used to install Server 2008 R2, the network drivers
may not have been installed. In that case, the user will have to do it manually.

Step Action

1 Read the important information above.

2 At the server which will later become the DC, logon as a user with administrative
privileges.

3 From the Start menu, right-click the Network and select Properties.

4 Select Change adapter settings.

5 Right-click NIC1 (Local Area Connection or Supervisory Network – depending on how

the image in Automation College was built), and select Properties.

6 If User Account Control prompts, click Continue.

7 Select Internet Protocol Version 4(TCP/IPv4) and click the Properties button.

8 Select the Use the following IP address option.

9 Enter the Yellow IP address, Subnet mask, Default gateway, and Preferred DNS
server from your partition sheet.

ATTENTION

Refer to the Partition Sheet for the information

required while completing this lab.

10 Click the OK button to close the Internet Protocol Version 4(TCP/IPv4) Properties dialog
box.

11 Click the Close button to close the Supervisory Network (NIC1) Properties dialog box.

12 Close all windows.

9/25/2015 Copyright © 2014 Honeywell International Inc. 9

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Configure TCP/IP Settings

Step Action

13

ATTENTION

If you are in Remote class do not perform this step

Physically connect the network (Ethernet) cable to the NIC1 using either the yellow or
green cable.

ATTENTION

In a later lab, the node will be converted to be an FTE

node.

10 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Promote the Server to a Root Domain Controller

Promote the Server to a Root Domain Controller (Skip if already done)

Step Action

1 At the server which will be promoted to a DC, logon as Student.

Set the password for the Administrator account (in class, use ac NL01 1).

2 Open Server Manager.

 Administrative Tools
Start Server Manager

3 If User Account Control prompts, click Continue.

4 Local Users and Groups, and click on the Users container.

Expand Configuration

5 Right-click on the Administrator account and set the password for Administrator account
(in class: ac NL01 1).

ATTENTION

If the Windows Server 2008 R2 installation is done

using the Experion Initialization media the
Administrator account is disabled. However, the user
still needs to set the password because the Active
Directory installation wizard checks for the password
of the Administrator account.

6 Close Server Manager.

7 Initiate the promotion to a domain controller:

Procedure
1 Select Start > All Programs > Accessories > Run.
2 Type dcpromo and press Enter.
3 If User Account Control prompts, click Continue.

Patience, loading the Active Directory Domain Services binaries takes a little over a
minute.

8 In the Welcome dialog box select Use advanced mode Installation and click Next.

9 Read the Operating System Compatibility and click Next.

10 Select Create a new domain in a new forest and click Next.

This step begins the process of establishing a root domain controller.

9/25/2015 Copyright © 2014 Honeywell International Inc. 11

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Promote the Server to a Root Domain Controller

Step Action

11 Enter the full DNS name for this root domain from the partition sheet Windows Domain
Name and click Next.
• The DNS name should adhere to DNS conventions (for example, underscores
are permitted by Microsoft DNS Servers, but may not be supported by other
DNS server products).

TIP

By convention, a domain that stands alone and is not

part of the overall IT Windows 2003 enterprise
infrastructure, should append “.Local” to the end of the
domain name.

12 Accept the NetBIOS Domain name and click the Next button.
Typically, you will accept the default name, which matches the first portion of the DNS
name.

13 Select Windows Server 2003 for the Forest functional level and click Next.

14 Select Windows Server 2003 for the Domain functional level and click Next.

15 Select the DNS server check box and click Next.

16 If you see this message click ‘Yes, the computer will use…’

12 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Promote the Server to a Root Domain Controller

Step Action

17 Click Yes to continue

ATTENTION

A root Domain Controller requires the existence of a

Dynamic DNS server. In this step, the Microsoft upgrade
procedure offers to configure a Dynamic DNS server on the
first Domain Controller in the new domain. Unless a
Dynamic DNS server already exists on the network,
Honeywell recommends selecting Yes to accept the auto
configuration. If you select the DNS server option, the
Active Directory installation wizard performs the following
tasks to install and configure DNS:
• Installs the DNS Server service
• Creates a forward lookup zone with the same name
as the Active Directory domain you are creating
• Configures the forward lookup zone as an Active
Directory integrated zone
• Enables secure dynamic updates on the forward
lookup zone

The Active Directory installation wizard does not create a reverse lookup zone. If you
want a reverse lookup zone, you will need to create one after you complete the Active
Directory installation.

9/25/2015 Copyright © 2014 Honeywell International Inc. 13

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Promote the Server to a Root Domain Controller

Step Action

18 Accept the default Database folder, Log files folder and SYSVOL locations and click the
Next button.
At your plant, if disk space is an issue, an alternate location can be selected

19 Enter a Directory Services Restore Mode Administration Password (in class, use
ac NL01 1), and click the Next button.

ATTENTION

This is NOT your Windows 2008 R2 Administrator

password, but is a special account utilized to repair
your system in the event of a failure with Active
Directory services.

20 Review the information that was entered and click Next.

ATTENTION

Installation of Active Directory will take several minutes

depending on options selected and the speed of your
PC (about 3 minutes in class).

21 After the Active Directory configuration is complete click Finish.

22 Click the Restart Now button to make the Active Directory installation effective.

14 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Update the Computer's HOSTS File on Domain Controller

Update the Computer's HOSTS File on Domain Controller

Step Action

ATTENTION

To be able to save the hosts file, you will need to

invoke Notepad using Run as administrator.

9/25/2015 Copyright © 2014 Honeywell International Inc. 15

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Update the Computer's HOSTS File on Domain Controller

Step Action

2 Refer to the procedure in the following document:

Experion Software Installation User’s Guide (EPDOC-X136-en-430A)
Section 14.4.5 Setting up host files
You must identify the

TIP

For an FTE node running a release prior to R400,

enter only the IP address of the Yellow (A) LAN
connection in the HOSTS file.
Starting in R400, FTE nodes use only one IP address.
That address should be entered in the Hosts file.
In a domain architecture, the hosts file on the domain
controller needs to be updated with IP addresses and
host names of all the computers used in the Experion
PKS system.

ATTENTION

Refer to the Partition Sheet for the IP addresses and

computer names of the Server, Console Station,
Domain Controller, OPC1, and OPC2.
Here is an example:
127.0.0.1 Localhost
164.145.214.31 DC1P
164.145.214.51 ESVT1P
164.145.214.71 EST1P
164.145.214.91 OPC1
164.145.214.92 OPC2

16 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Add a Reverse Lookup Zone

Add a Reverse Lookup Zone

Main Idea

Step Action

1 Open the DNS MMC by selecting:

Start > Programs > Administrative Tools > DNS.

2 In the Console tree (left-hand side of the MMC), expand your DNS server by clicking
PLUS SIGN (+).

3 Select the Reverse Lookup Zones folder.

4 Right-click the Reverse Lookup Zones folder and select New Zone.

TIP

If the New Zone option is grayed out then open DNS

with Run as Administrator option

5 In the New Zone Wizard, click the Next button.

6 In the Zone Type dialog box, select Primary zone, check the Store the zone in Active
Directory…… checkbox and click the Next button.

9/25/2015 Copyright © 2014 Honeywell International Inc. 17

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Add a Reverse Lookup Zone

Step Action

7 In the Active Directory Zone Replication Scope screen, select To all domain controllers
in this domain (for Windows 2000 compatibility): NameofDomain and click Next.

18 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Add a Reverse Lookup Zone

Step Action

8 In the Reverse Lookup Zone Name dialog box, select IPv4 Reverse Lookup Zone and
click Next.

9 In the Reverse Lookup Zone Name dialog box, select the Network ID option; enter your
Network ID (in class, the first three octets of your IP address.
Ex: 164.145.214), and click Next.

9/25/2015 Copyright © 2014 Honeywell International Inc. 19

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Add a Reverse Lookup Zone

Step Action

10 In the Dynamic Update screen, select Allow only secure dynamic updates…… and
click Next.

11 Verify the entered information and click Finish.

12 Close the DNS MMC.

20 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Configure Domain Name Server for Forwarding

Configure Domain Name Server for Forwarding

Main Idea

Step Action

1 Open the DNS MMC by selecting:

Start > Administrative Tools > DNS.

2 Display the properties of the DNS server (DC#P).

3 Select the Forwarders tab and click on the Edit button.

4 From your partition sheet, enter the IP address of the DNS Forwarder (the DNS server
to which this DNS server should forward name resolution requests) and press Enter.

ATTENTION

In class, the DNS Forwarder will not resolve and you

will get an error (we have no physical connection
outside this room). Continue anyway.

Do NOT enter the address of your own DNS server

here.

For the DNS Forwarder IP address refer to your

partition sheet.

In a site scenario where the Process Control domain is

connected to the IT domain, configure the Process
Control domain to forward DNS queries to the IT DNS
server.

5 Click OK to close the ‘Edit Forwarders’ dialog box.

6 Click OK to close the DC#P Properties dialog box.

7 Close the DNS MMC.

9/25/2015 Copyright © 2014 Honeywell International Inc. 21

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Configure Domain Name Server for Forwarding

This page was intentionally left blank.

22 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install Domain Controller Add-on Packages

Install Domain Controller Add-on Packages

Step Action

Setting Correct DCOM Permissions

1 Make Student user member of Domain Admins group.

Logoff and Login using Student.

2 Run, type dcomcnfg and press Enter to launch DCOM configuration.

Click Start

3 If User Account Control prompts, click Continue.

4 Expand Component Services and expand Computers.

5 Right click on My Computer and Select Properties.

6 Select the COM Security tab.

7 In the ‘Access Permissions’ group, click the Edit Default button.

8 Click Add, type Local Service, click Check Names, and click OK.

9 Ensure that Local Access Allow is selected for the user ‘Local Service’, and click OK.

9/25/2015 Copyright © 2014 Honeywell International Inc. 23

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install Domain Controller Add-on Packages

Step Action

10 In the ‘Launch and Activation Permissions’ group, click the Edit Default button.

11 Click Add, type Local Service, click Check Names, and click OK.

12 Ensure that Local Launch Allow and Local Activation Allow are selected for the user
‘Local Service’, and click OK.

13 In the ‘My Computer Properties’ window, click OK.

14 Close the Component Services window.

24 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install Domain Controller Add-on Packages

Step Action
Domain Controller Security and Optional Component Installation

15

TIP

It is possible to perform this installation using the

Installation DVD, or an ESIS (under ESIS root). This
procedure uses the DVD.

16 For In-centre class, insert the Installation DVD.

For Remote class, attach the Installation media ISO

17 When the AutoPlay dialog appears, click on Run Experion Media Browser.

TIP

If the AutoPlay dialog does not appear, open Windows

Explorer and execute E:\Browser\CDBrowse.exe.

18 In the ‘Honeywell – Experion PKS Installer – R430’ dialog, click Install/Migrate Experion
PKS.

19 If User Account Control prompts, click Yes.

Note: Be patient, this may take a minute and appear to “go away” temporarily.

20 Click Yes to install Experion PKS domain policies

21 When the ‘Welcome to the Installshield wizard Honeywell Security Model – Domain
Controller’ window appears, click Next.

22 Accept the License Agreement and click Next.

9/25/2015 Copyright © 2014 Honeywell International Inc. 25

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install Domain Controller Add-on Packages

Step Action

23 Enter the password for DCSComServer user and click Next.

TIP

DCSComServer user gets created automatically. In

class, for password, use ac NL01 1

24 Click Install.

25 Click Finish to complete the installation.

26 Click Yes to install optional Experion PKS components.

27 Click Next on ‘Honeywell Experion R430.1……. setup’.

28 Accept the License Agreement and click Next.

29 Select ‘Optional Features’ and click Next.

30 Enter the following information and click Next.

Name: Automation College
Company Name: Honeywell

26 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install Domain Controller Add-on Packages

Step Action

31 Select ‘System Management Runtime’ and ‘TPS Domain Console Configuration’

options and click Next.

32 Review the Summary and click Install.

TIP

This Installation will take about four minutes.

33 On completion, remove the DVD and click OK.

9/25/2015 Copyright © 2014 Honeywell International Inc. 27

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Install Domain Controller Add-on Packages

This page was intentionally left blank.

28 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Create the TPS Domain OU

Create the TPS Domain OU

Step Action

1 At the Domain Controller, logon as Student.

2 Open Active Directory Users and Computers:

Start > Administrative Tools > Active Directory Users and Computers.

3 Right-click the domain name at the top of the hierarchy and select New >
Organizational Unit.

4 In the dialog box for the organizational unit, enter the TPSTeam# (where # is your
student group number) and click OK.

ATTENTION

In a plant environment, the TPS domain name can be

the name/ geographical location of the plant area
being controlled by this system.

5 The newly created OU appears in the directory tree. Select the newly created OU, then
right-click the OU and select Properties from the menu.

6 Select the TPS Domain tab.

ATTENTION

The TPS Domain tab appears on an OU's property

dialog only if the DC packages have been installed

7 Select the TPS Domain option button and click OK.

Result: The OU is configured with the TPS Domain attribute.

9/25/2015 Copyright © 2014 Honeywell International Inc. 29

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Create the TPS Domain OU

This page was intentionally left blank.

30 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Create Domain Accounts

Create Domain Accounts

MAIN IDEA

The accounts built in this lab are specific to this Automation College class. At your site, you would
build accounts based on your requirements rather than building accounts with these names.

Step Action

1 If necessary, open the Active Directory Users and Computers MMC by selecting:
Start >Administrative Tools > Active Directory Users and Computers.

2 Navigate to the Users container. It may be necessary to expand the domain to be able to
access the Users container.

3 In the Console Tree (left-hand side of the MMC), click on the Users container to display
the contents.

4 In the Details pane (right-hand side of the MMC), right-click Student and select
Properties.

5 Add the Student user to the DCS Administrators and Domain Admins groups.

Procedure
1. Select the Member Of tab.
2. Click the Add button.
3. Click Advanced.
4. Click Find Now.
5. Select the DCS Administrators group.
6. Hold the Ctrl button down while selecting the Domain Admins
group.
(Note: both groups should be selected.)
7. Click the OK button.
8. Click OK to close the ‘Select Groups’ dialog box.
9. Click OK to close the ‘Student Properties’ dialog box.

6 Right-click the Users container and select New > User.

9/25/2015 Copyright © 2014 Honeywell International Inc. 31

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Create Domain Accounts

Step Action

7 In the New Object – User dialog box, enter the following:

First name: engr#
User logon name: engr#

ATTENTION

# is the Engineer Group. Refer to your partition sheet for details.

Click the Next button.

8 For the engr# account, enter ac NL01 1 in both of the password fields.
Verify that only the following selections are selected:
User cannot change password
Password never expires.
Click the Next button

9 Click the Finish button.

10 In the Console Tree (left-hand side of the MMC), click on the Users container to display
the contents.

11 In the Details pane (right-hand side of the MMC), select engr# (this deselects the student
account), then right-click engr# and select Properties.

12 Select the Member Of tab.

13 Add the engr# user to the Engineers group:

Procedure
1. Click the Add button.
2. Click Advanced.
3. Click Find Now.
4. Select the Engineers group.
5. Click the OK button.
6. Click OK to close the ‘Select Groups’ dialog box.

32 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Create Domain Accounts

Step Action

14 Remove engr# from the Domain Users group:

Procedure
1. Display the properties of engr#
2. Select the group which should be the primary group (for engr#, Engineers).
3. Click the Set Primary Group button.
4. Select the Domain Users group.
5. Click the Remove button.
6. Click the Yes button.

15 Click OK to close the engr# Properties.

16 Repeat steps 7 to 15 with the following table to create the remaining domain accounts in
the Users container:

Domain User Name Assigned Groups Primary Group Password

1 2
mngr# DCS Administrators DCS Administrators ac NL01 1
1 2
oper# Operators Operators ac NL01 1

1
Deselect (uncheck) the User must change password at next logon option, and select the User
cannot change password and the Password never expires options.

2
This is the password we will use in class. At your site, you may choose any password. Choose your
passwords carefully; they can be difficult to change – especially the password for the mngr account.

Step Action

17 Close the Active Directory Users and Computers MMC.

9/25/2015 Copyright © 2014 Honeywell International Inc. 33

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Create Domain Accounts

This page was intentionally left blank.

34 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Perform Backup Procedures (REFERENCE ONLY)

Perform Backup Procedures (REFERENCE ONLY)

Main Idea

DO NOT PERFORM THIS LAB.

This is a lab for reference only. It shows how you can install and use the Windows Server Backup
feature. In class, we do not want students creating images of the DC.

Step Action

Add Windows Server Backup Feature

ATTENTION

In class, the Windows Server Backup feature has

already been installed. The next several steps show
how the feature would be installed if it weren’t already
installed.

2 Select Start > All Programs > Administrative Tools > Server Manager

TIP

This step is performed to add Windows Server Backup

feature

3 In the left pane click Features and then In the right pane click Add Features. This opens
the Add Features Wizard.

9/25/2015 Copyright © 2014 Honeywell International Inc. 35

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Perform Backup Procedures (REFERENCE ONLY)

Step Action
Add Windows Server Backup Feature

4 On the Select Features page, expand Windows Server Backup Features by clicking
(+) symbol, and then select the check box Windows Server Backup
Click Next

36 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Perform Backup Procedures (REFERENCE ONLY)

Step Action
Add Windows Server Backup Feature

5 Review the summary and click Install

6 On successful installation click Close to exit

9/25/2015 Copyright © 2014 Honeywell International Inc. 37

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Perform Backup Procedures (REFERENCE ONLY)

Step Action

Perform Backup Procedure

1 Select Start > All Programs > Administrative Tools > Windows Server Backup.

2 In the right pane click Backup once. This opens the Backup Once Wizard.

TIP

Use this option for manual backup. To configure

backup to run on regular schedule use Backup
Schedule option

3 On Backup options click Next

38 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Perform Backup Procedures (REFERENCE ONLY)

Step Action
Perform Backup Procedure

4 Select Full Server (recommended) option. Click Next

TIP

This option will backup all volumes including system

state data. If you want to exclude some volume select
Custom

9/25/2015 Copyright © 2014 Honeywell International Inc. 39

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Perform Backup Procedures (REFERENCE ONLY)

Step Action
Perform Backup Procedure

5 Select Remote Shared Folder. Click Next

TIP

Local drives option cannot be selected in case of Full

Backup. Ensure that a shared folder on network is
available for storing the backup and there is enough
space to store the backup

6 Enter a UNC path to store the backup. Select the option Inherit. Click Next.

7 If necessary enter the logon credentials.

40 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Perform Backup Procedures (REFERENCE ONLY)

Step Action
Perform Backup Procedure

8 Review the information and click Backup

9/25/2015 Copyright © 2014 Honeywell International Inc. 41

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary
 Install Domain Controller
Perform Backup Procedures (REFERENCE ONLY)

This page was intentionally left blank.

42 Copyright © 2014 Honeywell International Inc. 9/25/2015

HPS Automation College written permission required to distribute
Honeywell Confidential and Proprietary