ELECTRICAL ENGINEERING DEPARTMENT

PRACTICAL WORK 6
DEC50103 –OPERATING SYSTEM
SERVER OPERATING SYSTEM ( Workstation & Active
PRACTICAL WORK 6 :
Directory)
PRACTICAL WORK
DATE :
LECTURER’S NAME:
GROUP NO. :
TOTAL
STUDENT ID & NAME : MARKS
(100%)

(1)

(2)

(3)

DATE SUBMIT : DATE RETURN :

Prepared by:
Checked by: Verified by:
1 COURSE LEARNING OUTCOMES (CLO):
Performinstallation for workstation and domain server using MS Windows server or Open Source
server operating system (P4, PLO5)

2 OBJECTIVE
Upon completion of lab session, student should be able to:
i. Create Users, Groups, Organizational Unit In Active Directory
ii. Configure Workstations To Join Domain
iii. Assign Right To User
iv. Configure Group Policies In Active Directory

3 THEORY
Active Directory (AD) is a directory service created by Microsoft for Windows domain networks.
It is included in most Windows Server operating systems.
Active Directory provides a central location for network administration and security. Server computers
that run Active Directory are called domain controllers.
An AD domain controller authenticates and authorizes all users and computers in a Windows domain
type network assigning and enforcing security policies for all computers and installing or updating
software. For example, when a user logs into a computer that is part of a Windows domain, Active
Directory checks the submitted password and determines whether the user is a system
administrator or normal user.

4 EQUIPMENT / TOOLS
1. Computer from activity 6A (Domain Server)
2. Window 7 in virtual machine.
3. Computers used in activity 6B. (client PC)

5
ACTIVITY 6A : CONFIGURE A SINGLE DOMAIN SERVER

PROCEDURES:

1. Open Server Manager by clicking the icon in the Quick Launch toolbar, or from the
Administrative Tools folder.
2. Wait till it finishes loading, then click on Roles > Add Roles link.
3. In the before you begin window, click Next.

4. In the Select Server Roles window, click to select Active Directory Domain
Services, and then click Next.

5. In the Active Directory Domain Services window read the provided information if you
want to, and then click Next.
6. In the Confirm Installation Selections, read the provided information if you want to,
and then click Next.
7. Wait till the process complete.

8. When it ends, click Close.

9. Going back to Server Manager, click on the Active Directory Domain Services link,
and note that there’s no information linked to it, because the DCPROMO command
has not been run yet.

10. Now you can click on the DCPROMO link, or read on.
To run DCPROMO, enter the command in the Run command, or click on the
DCPROMO link from Server Manager > Roles > Active Directory Domain
Services.
11. Depending upon the question if AD-DS was previously installed or not, the Active
Directory Domain Services Installation Wizard will appear immediately or after a short
while. Click Next.

12. In the Operating System Compatibility window, read the provided information and
click Next.
13. In the Choosing Deployment Configuration window, click on “Create a new domain in
a new forest” and click Next.

14. Enter an appropriate name for the new domain. Make sure you pick the right domain
name, as renaming domains is a task you will not wish to perform on a daily basis.
Click Next.

dtk5.com
Note: Do NOT use single label domain names such as “dtk5” or similar. You MUST pick a
full domain name such as “dtk5.com” or “dtk5.local” and so on.

15. The wizard will perform checks to see if the domain name is not already in use on the
local network.
16. Pick the right domain function level. Windows 2000 Native mode is the default, and it
allows the addition of Windows 2000, Windows Server 2003 and Windows Server
2008 Domain Controllers to the domain you’re creating.

Note: If you select “Windows Server 2008” for the forest function level, you will Not be
prompted to pick a domain function level.

17. The wizard will perform checks to see if DNS is properly configured on the local
network. In this case, no DNS server has been configured, therefore, the wizard will
offer to automatically install DNS on this server.
Note: The first DCs must also be a Global Catalog. Also, the first DCs in a forest cannot
be a Read Only Domain controller.

18. It’s most likely that you’ll get a warning telling you that the server has one or more
dynamic IP Addresses. Running IPCONFIG /all will show that this is not the case,
because as you can clearly see, I have given the server a static IP Address. So,
where did this come from? The answer is IPv6. I did not manually configure the IPv6
Address, hence the warning. In a network where IPv6 is not used, you can safely
ignore this warning.
19. You’ll probably get a warning about DNS delegation. Since no DNS has been
configured yet, you can ignore the message and click Yes.

20. Next, change the paths for the AD database, log files and SYSVOL folder. For large
deployments, carefully plan your DC configuration to get the maximum performance.
When satisfied, click Next.

21. Enter the password for the Active Directory Recovery Mode. This password must be
kept confidential, and because it stays constant while regular domain user passwords
expire (based upon the password policy configured for the domain, the default is 42
days), it does not. This password should be complex and at least 7 characters long.
 Strongly suggest that you do NOT use the regular administrator’s password, and that
you write it down and securely store it. Click Next.

22. In the Summary window review your selections, and if required, save them to an
unattend answer file. When satisfied, click Next.
23. The wizard will begin creating the Active Directory domain, and when finished, you will
need to press Finish and reboot your computer.

Note: You can automate the rebooting process by checking the Reboot on Completion
checkbox.
24. Check administrator by Click Start/Administrator Tools/Active Directory Users and
Computers.

ACTIVITY 6B : CREATE USERS, GROUPS, ORGANIZATIONAL UNIT IN

ACTIVE DIRECTORY
PROCEDURES:

1. Go to Start/ Administrator Tools/Active Directory user and Computers

2. Then “Right Click” on User Folder and create New/User
3. Fill the information as window below and Click Next

4. Then fill in your password and Click Next

5. Then Click Finish.

6. Make sure the test01 is member off Administrators and Users, if NOT you need to add
them by click Add/ Users/ Check Names/Click OK.
Repeat click Add / Administrator/ Check Names/Click OK.
7. After that click Apply and OK.

8. Test login using your new user test01

9. Then key in your domain\user name also your password as below.

10. Lastly, check your DNS by click Start /Administrator Tools/ DNS as below.

11. Adding Users and Computers to the Active Directory Domain

Configure your networking settings, so that your machine would be able to properly
communicate with your Domain Controller. Domain Controller that is configure to be a
DNS Server as well, and has its IP address configured as : 192.168.1.1

Windows 7 machine, is configured with the below settings:

1
12. Open your Server1 VM and Windows 7 VM from your Documents>Virtual Machines>
click these icon

13. To make sure that your PC can reach your domain controller properly, try to ping your
DC using command prompt, this will ensure that your PC is able to communicate with
the DC, and hence can properly join it.

14. Also, make sure your Server 1 VM change your adapter setting to Host-Only.
ACTIVITY 6C : CONFIGURE WORKSTATIONS TO JOIN A DOMAIN

PROCEDURES:

1. Click on Start > then right click on Computer and click on Properties

2. The basic system information page will open, under Computer name, domain, and
workgroup settings, click on Change Settings
3. On the System Properties page, click on Change...

4. Under Member of, select the radio button beside Domain: , type the name of the
domain you want your Windows 7 to join and then click OK

5. A pop up box requesting to enter credentials of an account with rights to join the
domain (with rights to create computer accounts), example of such user is one that is
member of the Domain Admins Active Directory group. Once the username and
password are typed, click on OK (dtk5\administrator, p@55word)
6. A confirmation pop up box will welcome you to the domain. Clicking on OK, will result
in having another message informing that a reboot for the machine is required to apply
the changes. Click on OK

7. Close System properties page, and on the You must restart your computer pop up
message box, click on Restart Now

8. Once your machine is rebooted, press CTRL + ALT + Del to log on

9. At the same time go to your Server1 and Click Start> Administrative Tools>Active
Directory Users and Computers. Next click Computers. Now you will see your
Windows7 have been join to the domain controller Server 2008.
10. Click Users>New>Create host01 and Click Next

11. Key in your password : p@55word as figure below

12. Then Click Finish

13. As you can see, the user that last logged on to the system was a local account user (
machine name\username ), and we need to log on to the machine with a domain user
account, to do this, click on Switch User
14. Click on Switch User and Other User

15. Type your domain user credentials and click on Enter key to log on. Note that, as seen
in the below image, my domain name is stated under the username and password
textboxes. If it happens that you have your local machine name is shown and not your
domain name, then type the user name in this format : domain name\username then
your password. (dtk5\host01, p@55word)
16. Now check from start up your PC name log on as host01

17. If you want, after you log on to the machine, open the basic system properties page (
Right Click Computer > Properties ), and check your computer full name, and the
name of the domain your machine is joined to dtk5.com
 ACTIVITY 6D : ASSIGN RIGHT TO USER AND CONFIGURE GROUP
POLICIES IN ACTIVE DIRECTORY

PROCEDURE

1. Watch the 2 video ‘Network Shares – Permissions’ and ‘Deploy Wallpaper Using GPO
(Group Policy)’.

2. Use that as a reference to share a folder in the server to selected user.

3. Apply a group policy so that workstation log-on to the server domain shows the same
wallpaper.

6 RESULT :

Make a screen short with the description for Activity 6A, Activity 6B and Activity 6E

Activity 6A
Server Name

Domain Name

IP address

Table 6A : Domain Server Network Properties

Activity 6B

Active Directory Diagram

Table 6B: Domain User Tree Diagram

(5 marks)
7 DISCUSSION

Make a discussion based on the question below:

Questions:

1. In activity 6A, the step create forest. What are the reasons of doing so?

(5 marks)

2. Explain how do we know that we are add a new user in the same domain?

(5 marks)

3. Explain how your account can switch and access your domain?

(5 marks)

4. State the requirement to apply group policy?

(5 marks)

8 CONCLUSION

Write your conclusion based on this lab.

(5 marks)
 DEC50103 - OPERATING SYSTEM PRACTICAL SKILL MARK
PRACTICAL WORK 6
TITLE: SERVER OPERATING SYSTEM ( Workstation & Active Directory)
NO REG. NO. STUDENT NAME

Course
Learning Marks
Outcom
es(CLO)/ Skills / Aspects Excellent Very Good Good Fair Unsatisfactory Weight
Learning
Domain NO 1 NO 2 NO 3
(LD)
A. CONFIGUR
E A SINGLE
DOMAIN Student can Student can Student can
SERVER understand and understand and understand and Student can Student did not
Able to configure single configure single configure single understand but understand and
X3
domain server domain server domain server unable single unable single
configure
without being .after being .but complete domain server . domain server .
single domain assisted. assisted. only some.
server .

5 4 3 2 1
B. CREATE
USERS, Student can
Student can
GROUPS, Student can create understand and Student can Student did not
understand and
ORGANIZATI users and group in install and create understand but understand and
create users and
ONAL UNIT Active Directory users and group in unable create unable to create X3
group in Active
IN ACTIVE without being Active Directory users and group in users and group in
Directory after
DIRECTORY assisted. but complete only Active Directory . Active Directory .
being assisted.
Able to create some.
users and
group in Active 5 4 3 2 1
Directory
C. CONFIGURE Student can Student can
Student can join Student can Student did not
WORKSTATI understand and join understand and
workstation but understand but understand and
ONS TO workstation join workstation X4
complete only unable join unable join
JOIN A without being after being
some. workstation workstation
DOMAIN assisted. assisted.
Able to install
and configure
workstation
(Microsoft 5 4 3 2 1
Windows 7
Ultimate) in
VM.
D. ASSIGN
RIGHT
AND
PERMISSI Student can assign Student can Student can Student did not
Student can
ON FOR right and apply assign right and assign right and understand and
assign right and
USER group policy apply group policy apply group policy unable assign X4
apply group policy
AND without being after being but complete only right and apply
.
APPLY assisted. assisted. some. group policy
GROUP
POLICY
Able to assign
right and apply 5 4 3 2 1
group policy

Total /70