Lab ASSIGNMENT 03

Group Members:

Nayad Razzaq, Mushahid Hussain &

Nazakat

ROLL NO: 09,43 &09 (R)

Class:

Bs (IT5th)

Session: 2021-2025

Submitted to: Sir Tayyab Arshad

Subject: System &network administration

UNIVERSITY OF KOTLI AZAD JAMMU AND KASHMIR

Chapter 09: Active Directory:

Introduction

Active directory is a centralized and standardized system that automates network management of
user data, security, and distributed resources; Enables interoperation with other directories.
Active Directory is designed especially for distributed networking environments.

Active Directory features:

• Support for the X.500 standard for global directories.

• The capability for secure extension of network operations to the Web.

• A hierarchical organization that provides a single point of access for system administration.
(Management of user accounts, clients, servers, and applications, for example) to reduce
redundancy and errors.

• An object-oriented storage organization, which allows easier access to information. • Support

for the Lightweight Directory Access Protocol (LDAP) to enable inter-directory operability.

Install Active Directory Domain Service

1. Add Roles and Features

 Chapter 10: Creating of Users, Computers and Groups Account in Active
Directory Domain Services

User Account creation in a Domain controller:

Open AD Users and Computers snap-in from Server Manager. You can also open AD Users and
Computers snap-ins by typing dsa.msc on RUN program. You can open RUN application
pressing Windows Key + ‘R’ on your keyboard.
Create an Organizational Unit:
Finally, Review the user configuration and click Finish.

Creating steps of users group account:

1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory
Users and Computers.

2. In Active Directory Users and Computers window, expand .com

3. In the console tree, right-click the folder in which you want to add a new group.

4. Click New, and then click Group.

 Chapter 11: File and Storage Services

Now let’s have a scenario, we want to share a folder named Academic Materials to Students
users group. We want only the Students group of users to view and execute the contents of the
folder. We already have Students users group set up and assigned users into the group. So, let’s
create the shared folder. To create a new shared folder, click Tasks and click New Share in Server
Manager Console.
 Chapter 12: Group policy Management

Group Policy is a hierarchical infrastructure that allows a network administrator in charge of

Microsoft's Active Directory to implement specific configurations for users and computers.
Group Policy can also be used to define user, security and networking policies at the machine
level.

Configuration of a Group policy

As usual we used our aaucs.local domain and our windows seven client, in this group policy our
aim will be restrict few applications such as Notepad.exe, calculator.exe and paint.exe for the
group called students that we already created earlier.
on the server manager go to Tools, find and click Group policy Management
Next, on the Group Policy Management Editor, expand User Configuration, Policies, and
Administrative Templates, and then click System, next double click Don’t run specified
Windows applications, click Enabled and click Show
Next, click Control Panel, on the right pane, double click Prohibit access to Control Panel and
PC Settings, then click Enabled and click OK…

Next, let’s Link the Technical support GPO to our domain, right click aaucs.local and click Link
an Existing GPO…
Next, you can open Command prompt (CMD) and type gpupdate /boot /force

Implementation of an Audit policy: