Lab 02 : DNS ADDS Role - eamonstackpole/my-tech-journal GitHub Wiki

Overview

  • In this lab we configured a windows server to provide Domain name and Active Directory services, created our own forest/domain, and added our Windows machine to this domain group.
  • Make sure to write down all the passwords created during this lab!

Setting Up AD01

  • Set AD01 to LAN

  • Create a local admin password NOTE: Make it difficult!

  • Go to Server Manager and Pin it to Taskbar for future use

  • This is what the menu should look like: image

  • Set the network configurations by clicking on "Ethernet0" --> Right-click --> Properties --> IPv4 --> Properties image

  • Make sure you are connected by pinging

  • Then go back to the menu and click "Manage" and select "Add Roles and Features"

  • Do default settings except for the following:

    • Active Directory Domain Services --> "Add Features"
    • Check Active Directory Domain Services

  • When finished installing Restart

Setting Up DNS

Getting ADDS

  • After Restart click on notifications
  • Promote the server to domain controller
  • Create a forest using the firstname.lastname convention
  • Set up a DSRM (backup/emergency) password
  • After Reboot login as Domain Administrator

Setting UP DNS Records

  • Go back to Server Manager and select the new "DNS"

  • Right click on AD01 and select "DNS Manager"

  • It should look like this: image

  • Forward Lookup Zones --> right-click eamon.local --> new Host(A or AAAA name)

image

  • Ignore the warning given
  • Right-click Reverse Lookup Zone --> New Zone
  • Network ID = 10.0.5
  • Go back to the records made in the previous steps and uncheck and recheck the boxes for the 2 records created.

Creating Users

  • Go back to Server Manager and select "AD DS"

  • Right-click AD01 and select "Active Directory Users and Computers"

  • It should look like this: image

  • Right-click Users --> New --> User

  • Use the naming convention for both accounts

    • Admin account has (adm) included in the full name and -adm in the username
    • To make the admin account an admin, right click it and select add to a group and put "Domain Admins" and hit ok

Adding WKS01 to DNS

  • Have WKS01 use AD01 for its preferred DNS server
  • Control Panel --> System and Security --> System --> Change settings --> Change
  • Click Domain and put the name of the domain (firstname.local) and enter the domain admin credentials
  • After confirmation restart computer and login with the regular domain user account

Notes

Tech Terms

  • Forest : The structure above domains
    • Different Models
      • Organizational : Accounts & resources are stored and managed together
      • Resource : Account & resources are stored in different forests
      • Restricted Access : Accounts & resources are restricted and isolated from other forests

Sources

Forests