Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
com)
Table of Contents Introduction.......................................................................................................................... 2 A.1 Windows Server 2008 R2 Standard Server Core Installation ......................................... 3 A.2 Windows Sever 2008 Datacenter Full Installation ....................................................... 12 B.1 Setting up a Domain Controller.................................................................................... 19 B.2 Adding a second Domain Controller (server2) ............................................................. 29 B.3 Setting up a member server (MS-Core) ...................................................................... 36 C.1 Setting up a disk mirror ................................................................................................ 41 C.2 Creating Spanned Volumes .......................................................................................... 46 D.1 Setting up Organizational Units (OUs) ......................................................................... 49 D.2 Setting up Users ........................................................................................................... 52 D.3 Setting user logon times .............................................................................................. 56 E.1 Setting up groups ......................................................................................................... 58 E.2 Restrict view to Organizational Unit with a Group Policy ............................................ 64 E.3 Redirecting My Documents from client machine to server ......................................... 68 E.4 Blocking access to Control Panel with GPOs ................................................................ 79 E.5 Publishing software to Users with GPOs ...................................................................... 85 F.1 Installing print server role ............................................................................................ 89 F.2 Installing Printers .......................................................................................................... 92 F.3 Publishing printer to directory ..................................................................................... 96 F.4 Installing a generic unshared printer............................................................................ 99 G.1 Setting up server core file services ............................................................................ 100 G.2 Configuring Remote Desktop on Server Core ............................................................ 103 G.3 Remote connecting to Server Core from Windows 7 ................................................ 105 H.1 Setting up DHCP Services (Server2) ........................................................................... 108 H.2 Setting up windows 7 to obtain IP from server2 ....................................................... 114 H.3 Removing DHCP services ........................................................................................... 115 I.1 Decommissioning a domain controller ....................................................................... 118 References ........................................................................................................................ 120
Introduction
This manual will demonstrate how to configure a domain controller and use active directory services. We will be setting up two server machines which will be used as domain controllers (each running a full installation of Windows Sever 2008 R2), a member server (running a core installation of Windows Server 2008 R2) and a client machine (running windows 7) which will be connected to the domain. The four machines will be named as follows: Server1 - will be the first domain controller Server2 - will be a second domain controller MS-Core - will be the member server Client1 - will be the client machine For the purpose of this manual a domain will be created to host a college network for staff members, which will include trainers, managers and administrative staff. The college is called IPA and has trainers for both IT and Marketing. The IT department is subdivided into two locations Dublin and Belfast. There are also managers and administrative staff within the college that will be represented in the domain.
Next screen click Install now, setup will now begin. 2. Select Windows Server 2008 R2 Standard (Server Core Installation) and click Next (See Figure 2: Installation Version)
3. Click I accept to aggree to the license term then click Next (See Figure 3: Licensing Agreement).
4. Click Custom to install a fresh copy of Windows (See Figure 4: Custom Installation).
5. Select Drive Options to create a partition and install the OS (See Figure 5: Configuring Hard Drive)
7. Enter the size of partition required in MB then click Apply (here we will use 30000MB, 30GB, see Figure 7: Set Partition Size).
8. Click OK to the notification window. (See Figure 8: Windows Drive Usage Notification).
9. Next click on partiaion that has just been created and click Next (See Figure 9: Install to Partition).
10. Windows will now install the system; Windows will restart several times before finishing (See Figure 10: Windows Installation)
11. Click OK to change password on first use (See Figure 11: Password Change Prompt).
12. Enter the new password (here we use Pa$$w0rd) and click the blue arrow (See Figure 12: New Password Entry).
Renaming the server Server core contains a very useful tool which includes a menu oriented command interface called server configuration (sconfig) which allows us to manage many configuration settings (Minasi, M., Gibson, D., Finn, A., Henry, W. & Hynes, B., 2010, p. 1277) 1. Using the server core command prompt window, type sconfig and press Enter (See Figure 1: sconfig command).
2. In the sconfig console type 2 and press Enter (See Figure 2: Computer Name Option).
3. Type in a new computer name (here we are using MS-Core) and press Enter (See Figure 3: Rename Core Server).
4. You will be prompted to restart the computer. Click Yes and restart (See Figure 4: Restart Prompt).
5. Log into the server once Windows restarts and run sconfig again (See Figure 5: Servers New Name).
The computer name field will now display the new name setting.
Setting static IP address When dealing with domain controllers the IP4 address should be statically assigned (Tittel, E. & Korelc, J.,2008,p.107). It is beneficial to set up static IP addresses for any server machine that is connected to the domain as it may be later upgraded to be a domain controller. Here we will set the static IP address for the server core installation. 1. Run sconfig and type 8, then press Enter (See Figure 1: sconfig window Network Settings).
2. Choose the index number of the network adapter that you want to edit (in our case we use 0, see Figure 2: Choose Network Adapter).
3. In network adapter settings type 1 and press Enter. Then type S and press Enter to set a static IP address (See Figure 3: Static IP Options)
10
4. Type the IP address you wish to use if you are changing the IP and press Enter. Then type the subnet mask if you wish to change it and press Enter
Set a static IP of 192.168.0.34 and press Enter, subnet mask of 255.255.255.0 (the default setting) which is the same as /24 in the Classless Inter-Domain Routing (CIDR) notation and press Enter. As we are not looking at internet access leave gateway blank. 5. The new static IP settings are displayed (See Figure 5: New IP Settings).
6. Type 4 then press Enter to exit to the main menu. Next type 12 and press Enter to shut down the server (See Figure 6: Restart Server).
11
Once installation has completed, log in using the password set up during installation. Now rather than being presented with a command line interface, we are presented with the familiar windows interface (See Figure 2: Server Startup).
12
Configuring computer name and IP address Setting name settings and static IP address in the full installation of Windows Server 2008 R2 is not the same as the core installation. Similar to a standard windows environment we change these settings using properties windows and control panel. Here we will set a staticIP address for Server1 and name the server appropriately. 1. Go to Start Computer (Right Click)Properties (See Figure 1: Computer Properties Option).
2. Click Advanced System Settings from the left-hand pane (See Figure 2: Advanced System Settings).
13
3. From the System properties window select the Computer Name tab 4. Next select Change (See Figure 3: Computer Name Tab).
5. Enter a new Computer name (here we use Server1) and click OK (See Figure 4: Computer Name Change).
14
6. You will be prompted to restart your computer. Click OK, then click Restart now (See Figure 5: Restart Prompts).
7. Once the computer has restarted go to StartNetwork (Right Click)Properties (See Figure 6: Network Properties Option).
15
8. Choose Change adapter settings from the left-hand pane (See Figure 7: Network Sharing Center).
9. In the Network Connections window right click on the connection you want to edit. (See Figure 8: Network Adapter Properties)
16
10. Select Internet Protocol Version 4 form the list then click Properties (See Figure 9: Adapter Properties).
11. Set static IP to 192.168.0.1 and subnet of 255.255.255.0 Leave all other fields blank and click OK (See Figure 10: Static IP Settings).
The defaul gateway is used when dealing communication outside of the local network, i.e. internet communication (Northrup, T. & Mackin, J.C., 2010, p.536). As we are not looking at internet access we will leave this setting blank. The server itself will act as a DNS server (Morimoto, R., Noel, M., Droubi, O., Mistry, R. & Amaris, C., 2010, p.260), so it is also unnecesary to enter in an ip address into the DNS fields. 17
Setting up Network configuration on Server2 and Client For the purpose of this manual we will set up another domain controller as in Part 2 we will name this domain controller Server2 and the IP address to 192.168.0.3 with a subnet mask of 255.255.255.0. We will also use a client machine running windows 7. This machine will be named client1 and will have a static IP of 192.168.0.35, a subnet mask of 255.255.255.0 and a DNS of 192.168.0.1 (The IP address of Server1, as this will be a workstation on the domain see Section B: Part 2) For a full listing of the network settings see Table 1: Serer2 and Client1 Network Settings Server2 Client1 (windows 7) 192.168.0.2 192.168.0.4 255.255.255.0 255.255.255.0 192.168.0.1 192.168.0.1 Table 1: Server2 and Client1 Network Settings
As we are going to use Server2 as a second domain controller we need to point its primary dns server to the static IP of Server1 Client1 will be used as a workstation on the domain therefore we need to point the primary DNS server to the static IP of Client1 and the alternative DNS to the static IP address of Server2.
18
19
2. You will be presented with a wizard interface, leave Use advanced mode installation unchecked and click Next (See Figure 2: dcpromo Wizard).
3. You will be presented with information about Operating System Compatibility, click Next to continue (See Figure 3: Compatibility Information).
20
4. As we are setting up our first domain controller chose Create a new domain in a new forest and click Next (See Figure 4: Deployment Configuration).
5. Enter a name for the domain (here we use MSCCONV.IPA) and click Next (See Figure 5: Name Domain).
21
6. Next we will be prompted to set the domain and forest fuctional level, leave both as Windows Server 2003 and click Next (See Figure 6: Forest Functional Level).
Set to the same level as all other domain controllers on the network Click Next for the forest function level and the domain functional level The funtional level defines which features are available to the domain or forest. Higher levels often incorporate features from lower levels (i.e. 2008 has features from 2003). Once a functional level is set all other domain controllers within the forest or domain must be at the same funtional level (Morimoto, R., Noel, M., Droubi, O., Mistry, R. & Amaris, C., 2010, p.118).
22
7. On the Additional Domain Controller Options, make sure the DNS server is checked and click Next (See Figure 7: Additional DC Options).
The global catalog is contains information on every object in the entire domain forest, it can be accessed by any client that supports active directory can query this catalog (Tittel, E. & Korelc, J., 2008, p.121). The domain name services (DNS) role allows the domain controller to associate fully qualified domain names (FQDN) to their network IP address (Minasi, M., Gibson, D., Finn, A., Henry, W. & Hynes, B., 2010, p.180). 8. When prompted, click Yes to continue (See Figure 8: DNS Delegation Prompt)
23
9. Leave the Location for Database, Log Files, and SYSVOL set to the default settings and click Next (See Figure 9: Location for DB, Log File and SYSVOL).
10. A restore administrator password needs to be set, in case there are any issues with the server. Enter a password (Pa$$w0rd) and click Next
24
11. Click Next on the summary page to continue (See Figure 11: Server Summary).
12. The Active Directory will now be configured. Click Reboot on completion and wait for system to restart.
25
Adding a Windows 7 workstation member to the Domain By adding a client machine to the domain we can log onto the computer using any domain account (Bott, E., Sienchert, C. and Stinson, C., 2011, p.650). The client machine will then be a workstation on the domain. Assuming that the networks settings have been set up using the settings given in A.2: Setting up Network configuration on Server2 and Client. 1. Go to Start, right click on Computer and select Properties (See Figure 1: Computer Properties Option)
2. Choose Advanced system settings from the left-hand pane (See Figure 2: Advanced System Settings Option)
26
3. Choose the Computer Name tab then click Change (See Figure 3: System Properties Window)
4. In the Domain text box type the name of the domain we set up earlier (MSCCONV.IPA), see Figure 4: Join Domain Settings.
5. You will be prompted to enter the domain administrator details. Username: administrator, Password: Pa$$w0rd, (See Figure 5: Logon Prompt)
NOTE: The local administrator of the first domain controller is promoted to the domain administrator 27
6. Once the client has joined the domain a welcome message will appear, click OK (See Figure 6: Domain Welcome)
7. Restart the computer when prompted. Note: Currently there are no domain user accounts set up other than the administrator account, so we cannot log on to the domain. However sets 8 and 9 demonstrate how to log on to the network. 8. When windows restarts at the logon screen choose Switch User (See Figure 7: Domain Logon Window).
9. Choose Other User and then enter domain_name\username and enter the password (e.g. Username: MSCCONV.IPA\user Password: Pa$$w0rd).
28
29
3. Enter the name of the domain we set up earlier (MSCCONV.IPA) in the box provided, then click Set.. (See Figure 2: Identify Domain)
4. When prompted, enter the domain administrator details (username: Administrator and password: Pa$$w0rd), see Figure 3: Administrator Logon
30
5. MSCCONV.IP should appear highlighted (see figure 4), click Next (See Figure 4: Select a Domain).
6. Leave the settings as default on the Select a Site screen and click Next (Figure 5: Select a Site)
31
7. Make sure DNS server and Global catalog are selected and click Next (See Figure 6: Additional Options).
32
9. Leave the default settings on the Location for Database window and click Next (See Figure 8: Location for Database).
10. Enter a restore password and click Next (See Figure 9: Restore Mode Password Settings).
33
11. Click Next on the Summary window to continue (See Figure 10: Summary Window).
12. Check Reboot on completion on the installation window (See Figure 11: Installation Window).
34
13. After reboot you will now see a domain logon window (See Figure 12: Domain Logon).
35
2. Choose the index number of the network connection you wish to configure from the list (here we choose 0) and press Enter. The adapter setting for this network connection will be displayed. 3. Next type 2 and press Enter to configure the DNS settings 4. Enter in the IP address of server1 (192.168.0.1) and press Enter (See Figure 2: DNS Settings).
36
5. Click OK on the Preferred DNS server set notification 6. Enter the IP address of the alternative DNS server (server2, 192.168.0.2) and press Enter (See Figure 3: Alternative DNS Settings).
7. Click OK on the Alternative DNS server set notification 8. Once completed type 4 and press Enter to return to main menu (See Figure 4: Return to Main Menu).
37
10. Type D and click Enter to select domain (See Figure 5: Change Domain)
11. Type the name of the domain you wish to join (MSCCONV.IPA) and press Enter (See Figure 6: Name of Domain to Join).
12. When prompted to enter a domain username enter the administrator details for the domain (UN: administrator PW: Pa$$w0rd), see Figure 7: Domain Logon
38
NOTE: The password window will pop up but will look like nothing is being typed. Enter the password and press Enter (See Figure 8: Password Entry Window)
13. When prompted if you want to change the computer name, as the computer was name previously, click No (See Figure 9: Change Name Prompt).
14. You will then be prompted to restart. Click Yes and restart the server (See Figure 10: Restart Prompt).
39
15. Once the server has restarted, run sconfig. MSCCONV.IPA is now listed as the domain. MS-Core is now a member server (See Figure 11: Domain Change Confirmation).
40
2. Select Disk Management from the item tree in the left-hand of the server manager console. This will display the disks and volumes on the system (See Figure 2: Disk Management).
The hard disks cannot be used until they are online and initialised 41
3. Right click on Disk 1 and Disk 2 and choose Online (See Figure 3: Set Disks Online).
4. Right click on Disk 1 and Disk 2 again and choose Initialize Disk (See Figure 4: Initialize Disks).
42
5. Check the disks to be initialized, choose GPT and click OK (See Figure 4: Choose Disks to Initialize).
Note: By Initialising these two disks, disk0 is automatically set to be Dynamic If disk0 is not dynamic already do the following: 5b. Right click on Disk0 and click Convert to Dynamic Disk (See Figure 5: Make Dynamic)
43
6. Right click on the drive to be mirrored and choose Add mirror (use the C drive), see Figure 6: Add Mirror Option
7. Choose which disk you want the drive mirrored on to (here we use disk 1) and click Add Mirror (See Figure 7: Choose Disk to Mirror to).
44
8. Mirroring to disk 1 will set disk 1 to be dynamic. Click Yes to confirm this change (See Figure 8: Basic to Dynamic Prompt)
9. When this is completed you will see the drive mirrored on disk 1 (See Figure 9: Mirrored Drive)
45
2. The new spanned volume wizard will begin, click Next (See Figure 2: Spanned Volume Wizard).
46
3. Select the disks to be included in the spanned volume. Add all disks by clicking Add, then click Next (See Figure 3: Add Disks)
4. Leave the options as default (assign drive letter E) and click Next (See Figure 4: Assign Drive Letter).
47
5. Format the volume using the default settings (NTFS, Default size, Quick Format). Click Next (See Figure 5: Format Spanned Volume).
6. Click finished when wizard completes 7. When wizard has completed new spanned volume information will appear in the disk management console (See Figure 6: Spanned Volume Information)
48
2. Right click on the domain name (MSCCONV.IPA) in the left-hand pane. Choose New then Organisational Unit (See Figure 2: Organisational Unit).
49
3. Enter the name of the new organisational unit (name it IPA) and click OK (See Figure 3: Name Organisational Unit).
Now we will create a new organisational unit within the one that has just been created. 4. Right click on the newly created IPA organisational unit and choose New then Organisational Unit (See Figure 4: Nested Organisational Unit).
50
A diagram of the organisational structure we will be using can be seen in figure 5: Organisational Unit Structure
5. Once all organisational unit have been entered there should be a nested list of all unit visible in the left-hand pane (See Figure 6: Nests Organisational Unit Tree).
51
2. Enter in the user details (see figure 2) and click Next (See Figure 2: User Details).
52
3. Enter a password (Pa$$w0rd) and uncheck User must change password on next logon and click Next (See Figure 3: User Password).
4. Click Finish to confirm user settings (See Figure 4: Confirm User Settings)
53
5. We will set up users in each of the organisational units as follows in Figure 5: Organisational Unit Users
6. To set up users in each organisational units open each unit and right click in the white space and choose New then User (See Figure 6: New User in OU)
54
7. Users should appear listed in the organisational unit (See Figure 7: Organisational Unit User List)
55
2. On the Account tab, check the box beside Logon Hours: and click Logon Hours (See Figure 2: Logon Hours).
56
3. In the Logon Hours window choose Logon Denied to clear the time restrictions (See Figure 3: Clear Times).
4. Highlight the time and day you want to allow logon, select Logon permitted, then click OK (See Figure 4: Specify Times).
Now all users that were selected are limited to only log on to the domain between Monday and Friday
57
2. Open Active Directory Users and Groups and select the organisational unit in which you want to create the group. Right click in the white space and choose New then Group (See Figure 2: Adding a New Group).
58
3. On the new group window enter the name of the group and choose Global under the Group scope then click OK (See Figure 3: Name Group).
There are three group scopes available, domain local, global, and universal. The domain local only applies to a single machine. Global applies to the entire domain, and universal applies to the entire forest, including all domains (Tittel, E. & Korelc, J., 2008, p.212). 4. Right click on the newly created group and choose Properties (See Figure 4: Group Properties).
59
5. Choose the Members tab and click Add (See Figure 5: Add Members to Group).
6. From the Select users.. dialogue type user and click Check Names (See Figure 6: Check Names).
Note: As there are several users with a username similar to user this will open a Multiple Names Found dialogue, which will allow us to easily add several users to the group at once.
60
7. As we are setting up the group to cover all users (as all are Staff) select all the users from the Multiple Names Found window and click OK (See Figure 7: Add Multiple Users).
8. Click OK to confirm the users to be added to the group (See Figure 8: Confirm Add Users).
We will now add groups based on figure 1. As Managers, Trainers and Admin contain users from all sub organisational unit we will create new groups within the IPA organisational unit. For groups based on organisational unit we will place the group within the OU itself.
61
9. Create a new group for Managers within the IPA organisational unit. Repeat steps 2 8 (See Figure 9: Managers Group).
10. Add user1, user11, user16 and user19 to this group using the method as step 7. Press the ctrl key to select multiple users (See Figure 10: Select Multiple Users).
62
11. Within the marketing OU create a new group called marketing and add all the users from the organisational unit to this group (See Figure 11: OU Group).
Create a group for the Dublin and Belfast organisational unit Note: For organisational units that have sub groups it is possible to add a group within a group to save time. 12. Go to the IT organisational unit and create a group called IT, now when it comes to adding users simply type the name of the sub group to be added (add Dublin and Belfast), see Figure 12: Groups in Groups.
63
2. Right click on the IT organisational unit and select Properties (See Figure 2: Organisational Unit Properties).
64
3. Choose the Security tab then choose Add (See Figure 3: Add Security Privileges).
4. Add the Marketing group and click OK (See Figure 4: Add Group Privileges).
65
5. Once we have added the Marketing group check the box under Deny for the read option (See Figure 5: Deny Read).
6. On the client machine log in as a user13 from the marketing group. 7. Go to start and type in the searchbox c:\Windows\system32\rundll32.exe dsquery.dll, OpenQueryWindow. This will allow us to search the active directory 8. Type User in the search box to list all users, this will demonstrate that users are visible (See Figure 6: Search Directory).
66
9. Next type user19 (a user in the IT OU), this user cannot be found as the logged on user does not have access to read that OU (See Figure 7: Search For User).
The user does not appear in the search because the logged on user is a member of the restricted (Marketing) group which applied to the Marketing OU and cannot read/see users from the IT organisational unit of which user19 is a member.
67
To make the folder accessible from other machines on the domain we will need to share it.
68
2. Right click on the User_Docs folder and choose Properties. Next choose the Sharing tab and click Advanced Sharing (See Figure 2: Advanced Sharing Options).
3. Check the option to Share this folder and the click OK (See Figure 3: Share Folder).
69
5. On server1 go to Start Administrative Tools Group Policy Management (See Figure 4: Group Policy Management Option).
6. Right click on Group Policy Objects and select New (See Figure 5: New Group Policy Object).
70
7. Name the group policy object (RedirectDocsGPO, See Figure 6: Name Group Policy Object)
8. Click OK to confirm the creation of the object (See Figure 7: Group Policy Confirmation Notification).
9. Right click on the newly created object and choose Edit (See Figure 8: Edit Group Policy Object).
71
11. Right click Documents and choose Properties (See Figure 10: Documents Properties).
72
12. Choose Basic Redirect everyones folder to the same location from the Setting option, then enter the location of the shared User_Docs folder in the Root Path: then choose OK (See Figure 11: Redirect Settings).
13. Choose the Settings tab and check all three checkboxes for this example we will leave the folder in place even if the policy is removed, click OK (See Figure 12: Document Redirect Policy Settings).
73
14. Click Yes to confirm the settings (See Figure 13: Confirm Settings).
Note: The editor will appear empty even though policies have been applied. Close the editor. 15. Close the Group Policy Management Editor 16. At the Group Policy Management window right click on the domain (MSCCONV.IPA) and choose Link an Existing GPO (See Figure 14: Link Existing GPO).
74
As we want to apply to a client within the domain we can apply the group policy object to the entire domain 17. Choose the newly created group policy object (RedirectDocsGPO) from the list and click OK (See Figure 15: Select GPO).
18. The group policy object should now be listed in the right-hand pane when the domain is selected (See Figure 16: Listed GPO).
75
20. Check Do no show this message again (for convenience) and click OK (See Figure 17: GPO Notification).
As we only want this GPO to apply to the client1 machine we must add it to the scope of the policy 21. On the Scope tab choose Add.. (See Figure 18: Add to Scope).
22. In the Select Users, Computers.. window click Object Types.. (See Figure 19: Select Object Types).
76
23. Check the box beside Computers to list computers in the add dialogue (See Figure 20: List Compuers).
24. Now we can type Client1 and add it to the scope, click OK (See Figure 21: Adding Client1).
77
25. Client1 will now be listed in the scope (See Figure 22: Client Listed in Scope).
26. To demonstrate the folder redirection we need to save a file in the documents folder of the client machine. 27. Start client1 and log on as User16, open the Documents folder and save a file. 28. On server2 go to the User_Docs folder on the C: drive. We can now see the user folder for User16 (See Figure 23: User folder in User_Docs).
The users documents are now stored in a subfolder within the C:\User_Docs directory of server2
78
2. Name the GPO BlockControlPanelGPO. Right click on the GPO and select Edit (See Figure 2: Edit GPO).
79
3. Go to User ConfigurationPoliciesAdministrative TemplateControl Panel and right click on Prohibit access to the Control Panel and choose Edit (See Figure 3: Prohibit Control Panel Access).
4. Click the radio button beside Enabled then click OK (See Figure 4: Enable Prohibited Access).
80
5. To test the restriction log in to client1 as User19 and try access Control panel 6. An error message will appear (See Figure 5: Restriction Notification).
Now we will add an exception for User20. 7. On the group policy management window choose Delegation from the right-hand pane of the group policy window and choose Add (See Figure 6: Add Delegation).
81
9. Choose Read from the dropdown list under permissions and click OK (See Figure 8: User Read Permission).
10. With User20 highlighted in the list choose Advanced (See Figure 9: Advanced Delegation Options).
82
11. From the Security Settings window choose User20 and check the box under Deny for Read (See Figure 10: Deny Read of GPO).
12. Click Yes to confirm settings (See Figure 11: Confirm Settings).
Note: As the user cannot read the GPO it will not apply to user20
83
13. To confirm these setting log into Client1 as user20 the control panel will now be listed in the start menu and the user can access it (See Figure 12: User20 Control Panel Access).
84
Figure 1: InstallChromeGPO
85
4. Edit the GPO and go to User ConfigurationPoliciesSoftware Settings, right click Software Installation and choose New, then Package (See Figure 2: Software Installation Settings).
5. Select the MSI file from the shared folder and click Open (Figure 3: Select MSI File).
86
6. Choose Published from the Select deployment method option and click OK (See Figure 4: Deployment Method).
7. The software should now be listed under the Software Installation option (See Figure 5: MSI Listed).
To demonstrate this we will log onto the client machine as User16 (a user from the Dublin OU). Published software is available to user through the control panel, it is not automatically installed
87
8. On client1 log in as User16 and open the Control Panel, under programs select Get Programs (See Figure 6: Get Programs Option).
9. The deployed MSI file should appear in the Get Programs window (See Figure 7: MSI in Get Programs Window)
88
2. Choose Print and Document Services from the Select Server Roles options and click Next (See Figure 2: Print and Document Services).
89
3. When presented information about Print and Document Services click Next (See Figure 3: Print and Document Services Information).
4. Choose Print Server from the top of the list of services and click Next (See Figure 4: Printer Server Role Services).
90
5. Click Install to confirm the installation the role will now be installed (See Figure 5: Installation Confirmation).
91
2. In the Devices and Printers window right click under the Printers and Faxes and choose Add a printer (See Figure 2: Add Printer Option).
92
4. Next choose and existing port from the drop down list (See Figure 4: Choose Printer Port). Note: Choose a port which is not already in use.
5. From the Manufacturer list choose HP and then choose HP 910 from the Printers list (See Figure 5: Printer Selection).
93
6. Name the printer you want to install (here we name the printer HP910), click Next (See Figure 6: Printer Name).
7. Choose Share this printer and leave the default field entries, click Next (See Figure 7: Printer Sharing).
8. Click Finish when the installation is completed (See Figure 8: Installation Completion).
94
9. Repeat the process ensure that you choose a different port to the one used for the installation of the HP900 printer (step 4) and install a HP 915 (step 5), (See Figure 9: Alternate Port Selection).
95
2. Choose the Sharing tab and then check List in the directory, click OK (See Figure 2: List in Directory).
96
3. Search for printer in active directory. Using Server2, run Active Directory Users and Computers. Right click on the domain name (MSCCONV.IPA) and choose Find (See Figure 3: Find in Directory).
4. In the Find Users, Contacts and Groups window choose Printers from the Find: dropdown menu (See Figure 4: Find Window).
97
5. Enter the name of the printer into the name field and click Find Now. If the printer is found it will be listed under the Search results: (See Figure 5: Search Results).
98
6. At step 7 choose Do not share this printer (See Figure 2: Do Not Share Printer).
99
2. Next we will make a folder to share. Type mkdir c:\share and press Enter (See Figure 2: Make Folder).
This will place a folder on the C drive called share 3. Navigate to the folder to confirm it has been created. Type cd c:\share and press enter (See Figure 3: Navigate to Folder).
Once we have confirmed the folder is created we will share it on the network
100
4. Type net share ms-coreShare=c:\share and press Enter. This will set up a share called ms-coreShre and points it to the share folder on the C drive (See Figure 4: Folder Share).
By sharing the ms-coreShare folder the MS-Core machine is now a file server, however as we have also installed NFS, this share is also accessible by machines running unix systems.
101
Testing share on the network using server1 To find a shared resource on the network we can simply search for the computer name on the network using the prefix \\, network shares are identified as follows \\computer\\shareName (Bott, E., Sienchert, C. and Stinson, C., 2011, p.742). 1. On server1 go to Start and type \\ms-core to display the network shares for the core server (See Figure 2: Search for Core Server).
2. If the core server has been configured correctly we should see the ms-coreShare folder (See Figure 2: Shared Folder).
102
3. Next type 2 and press Enter to allow clients with any version of Remote Desktop to connect (See Figure 2: Any Remote Desktop Client).
103
Figure 3: Notification
104
2. Enter the IP address of the core server in the Computer field and click Connect (See Figure 2: Connection Setup)
105
3. Logon with an administrator account. Click Use another account (See Figure 3: Use Another Account)
4. Enter in the domain administrator username (administrator) and password (Pa$$w0rd), (See Figure 4: Administrator Logon).
5. Remote desktop will now connect (See Figure 5: remote Desktop Connecting).
106
6. Click Yes to accept the security certificate (See Figure 6: Remote Desktop Certificate)
7. A window will now open that displays the screen of the MS-Core server (See Figure 7: Remote Desktop to Core).
107
2. Click Next on the Before You Begin notification. Choose DHCP Server from the Select Server Roles page and click Next (See Figure 2: Install Server Role).
108
3. Click Next at the Introduction to DHCP Server 4. Select the network connection you wish to use with the DHCP server and click Next. (Here we use 192.168.0.2)
5. Set the DNS server to point to the local host (127.0.0.1) and parent domain to the domain network we have set up. Make sure all settings are the same as those in Figure 4 (Below) and click Next
Make sure there are no references to server1 in the DNS as we want to use server2 solely for DHCP services 109
6. WINS is not required, so choose WINS is not required for application on this network and click Next
7. On the Add or Edit DHCP Scopes window choose Add (See Figure 6: DHCP Scopes)
110
8. Enter in the following details: Scope Name = server2 Starting IP = 192.168.0.100 Ending IP = 192.168.0. 150 Subnet mask = 255.255.255.0 (See Figure 7: DHCP Scope Settings)
9. Click Next once you have added the scope (See Figure 8: DHCP Set Up).
111
10. Enable DHCPv6 stateless mode and click Next (Figure 9: DHCPv6 Settings).
11. Leave the IPv6 DNS server settings as the default settings and click Next (See Figure 10: IPv6 DNS Server Settings).
112
12. As we are logged into server2 as the domain administrator we can Use current credentials to authorize the DHCP server, the click Next (See Figure 11: Authorize DHCP)
13. Click Install to confirm the settings (See Figure 12: Confirm Installation).
113
2. Open Command Prompt and type ipconfig to display the ip address that is being assigned from server2. It should be in the range of the scope defined during the setup of DHCP server (See Figure 2: Assigned IP)
Figure 2: Assigned IP
114
2. Choose Roles from the left-hand pane, then choose Remove Roles (See Figure 2: Remove Role Option)
115
3. Click next on the Before You Begin information page 4. Uncheck DHCP in the Remove Server Roles window, then click Next (See Figure 3: Remove Roles).
5. Click Remove to confirm the removal selection 6. Click Close when removal process complete 7. When prompted restart the server (See Figure 4: Restart Prompt).
116
To confirm that the settings have been applied correctly, test the client machine to see what IP address it is assigned when the DHCP server is down. On client1 open command prompt and run IPCONFIG Because server2 is no longer a DHCP server, the client machine will not be assigned an IP address. By default windows will assign an Automatic Private IP Address (APIPA) when it cannot obtain network configurations from the server (Northrup, T. & Mackin, J.C., 2010, p.60). An APIPA address always starts with 169.X.X.X (See Figure 5: APIPA Address)
117
118
4. In order for the domain controller to be deleted we must confirm that it is offline and choose delete. Check the box and click Delete (See Figure 3: Confirm Offline)
5. A message box will appear stating that the domain controller is a global catalog. Click Yes to continue the deletion. 6. The sever2 domain controller has now been deleted (See Figure 4: Server2 Deleted).
As server2 is no longer bootable it is unlikely to be powered on again within the network. If however it was to start working then the server should be forcibly removed as to avoid domain conflicts. Open command prompt on Server2 and type dcpromo /forceremoval and follow the steps in the wizard to remove the domain controller features from the server. Where possible any machine whose primary DNS pointed to server2, should have this changed to server1.
119
References
Bott, E., Sienchert, C. and Stinson, C. (2011). Windows 7 Inside Out Deluxe Edition. Washington: Microsoft Press Desmond, B., Richards, J., Allen, R. and Lowe-Norris, A.G. (2009). Active Directory, Fourth Edition. USA: O'Reilly Installing a server role on a server running a Server Core installation of Windows Server 2008 R2: Overview. (July 26th 2010). Retrieved June 12th, 2013, from http://technet.microsoft.com/en-us/library/ee441260%28v=ws.10%29.aspx Lowe, D. (2011). Networking All-In-One for Dummies, Fourth Edition. NJ: Weily Minasi, M., Gibson, D., Finn, A., Henry, W. & Hynes, B. (2010). Mastering Windows Server 2008 R2. Indiana: Wiley Publishing Morimoto, R., Noel, M., Droubi, O., Mistry, R. & Amaris, C. (2010). Windows Server 2008 R2 Unleashed. Indiana: Pearson Northrup, T. & Mackin, J.C. (2010). Windows 7 Enterprise Desktop Support Technician: Selfpaced Training Kit. Washington: Microsoft Press Tittel, E. & Korelc, J. (2008). Windows Server 2008 For Dummies. Indiana: Wiley Publishing
120