Server 2019, ADDS, DNS - connorethanjay/Champlain-College-CNCS-Notes GitHub Wiki

Sysadmin - Server 2019, ADDS, and DNS Configuration | January 22nd 2024

Windows Server

  • Server Manager - A dedicated application / management console used for a heads-up view of your server and accessing your server-roles
  • Server Roles - A group or set of software that allows a server to perform a given operation, such as Active Directory Domain Services, allowing for registration and management of many computers, groups, and users.
  • Group Policy - In comparison to Active Directory (Users and Computers), Group Policy is used to create and enforce rules and restrictions on users, computers, and groups by applying "GPOs" or "Group Policy objects".

Active Directory Domain Services Hierarchy

  • Forest and Trees - A forest is the highest level of organization within Active Directory. In comparison, a Tree may be a subdomain of that. Let's make up a domain name.
    • Connor.org and Morgan.org will be the example.
    • If both Connor.org and Morgan.org have sub-domains like sales.connor.org, those subdomains are Trees, while the main domains are forests.

Domain Admin Accounts compared to Local Admin Accounts

  • Domain Administrators have power over items within the AD Domain.
    • Leahy IT Engineer accounts are AD Domain Admin accounts and can reset passwords for other employees, or add employees to groups.
    • Domain Admin accounts do not have power over items within the Operating System that are not associated with Active Directory. A domain admin could install a program or driver for a computer within that domain, but if it has not been connected to the domain yet (right after being re-imaged for example) you would use local admin credentials.
  • Local Administrators have power over the Operating System based on what access they are given, however they have NO power over AD as they are not associated with it, but rather associated with the single computer that the account is on.

DNS

  • Note that A is for IPv4 while AAAA is for IPv6.
  • While you can resolve for an IP Address by it's hostname with an A or AAAA record, you need a reverse lookup zone to get a Hostname from the IP address. ** After creating the reverse lookup zone, update your pointer records.

Notes going forward

  • Look into nslookup, it seems to be a very useful command and could help a lot more in the future if I proceed down a systems administrator route.
  • Look into Powershell scripting within the next couple days.