ssignment Week

PROG 2203 – Assignment Week 1

 

 

PART 1

In groups of 2-4 create a company that will be used throughout the course.

Please read the article “The Ultimate Guide to Active Directory Best Practices”

(https://www.dnsstuff.com/active-directory-best-practices) to get an idea of what type of

considerations you may need to make when creating your company. Remember, this company

will be the foundation for all your assignments throughout the course. 😊

Write a summary of the company including the following information:

1. Name of the company

2. Names of group members

3. Size of the company (# of users)

4. What industry is the company in?

5. A brief summary of what the company does (1-2 sentences).

6. How many locations does the company have? Where are they located?

7. Where is the main data center located?

8. How many servers are there? What are they used for?

9. How many user computers are there?

10. What are the different departments?

11. Any other specific considerations about the company that should be made.

 

 

 

 

PART 2

 

Overview: Create a lab environment containing a Domain Controller, a File Server, and a User Computer

in your company.

Part 1:

1. Use VMWare workstation to create a VM using Windows Server 2019 to serve as your

organization’s first Domain Controller

a. Remember to give your DC a name

b. Give your Administrator account a strong password (or you may bump into problems

later)

c. Use the “Add Roles or Features” Wizard to install the Active Directory Domain Services

role to your server

d. Promote your server to a Domain Controller

e. Assign the DC a static IP address

Part 2:

1. Create a user computer (Windows 10) and join it to the domain

a. You will need to assign a workable IP to the user computer (it should be on the same

subnet as the DC, and use the DC as the DNS address)

b. Give your user computer a logical name

c. Join it to the domain using a domain administrator account

Part 3:

1. Create a File and Print server (Windows Server 2019) for your company and join it to the domain

a. You will need to assign a workable IP to the user computer (it should be on the same

subnet as the DC, and use the DC as the DNS address)

b. Give your user computer a logical name

c. Join it to the domain using a domain administrator account

Part 4:

1. Create the necessary OU’s within Active Directory to represent your organization’s structure.

2. Create a user account for each of your group’s members

3. Create 3 security groups that fit within your organization

a. Explain what these groups will be used for

4. Create a distribution group that fits within your organization

a. Explain what this group will be used for

5. Move the User Computer to an appropriate OU

a. Explain why you chose this OU

6. Move the File and Print server to an appropriate OU

a. Explain why you chose this OU

 

PART 3

Create group policy objects to support your company (created in week 1). Create a report summarizing

Kerberos.

Part 1: Group Policy

1. Create a password policy

a. What settings will you use and why?

b. To which object or OU did you link your password policy, and why?

2. Create a folder of on the file server

a. Create a group policy that will share this folder with a specific department

b. What department did you choose and why?

3. Create a Password Settings Object

a. How is a password settings object different from a password settings policy?

4. Create a policy that will redirect user’s documents folder to a shared folder directory on the file

server.

a. What UNC path did you use?

b. Create a folder on the User PC and ensure that it is populated in the File Server directory

to see that the policy is working.

5. Create a user account to be used as a service account

a. What type of service will this account be used for?

b. What will be required for this account to be used with Kerberos?

c. Take a screenshot of the account including the delegation tab.

Part 2: Kerberos

In your own words, write a summary explaining Kerberos. Include:

a) The components of Kerberos and what each one does

b) Each of the available Kerberos Policy Settings that can be enforced through Group Policy

and what they do

c) How Kerberos works

d) A diagram explaining the Kerberos system

For your submission, include a screenshot for each of the items listed above. Include as much detail as

possible.

 

 

PART 4

: Managing Group Policies

1. In your own words explain:

a. What the SYSVOL share is on a Domain Controller.

b. What is Loopback Processing and when is it used?

c. The difference between an Active Directory folder and an Organizational Unit.

d. What is slow link processing and when is it used?

e. Will your organization be implementing slow-link processing in their design? Why or

why not?

f. The difference between synchronous and asynchronous processing.

2. Run the Group Policy Results wizard on your user PC in your lab environment.

a. Include a copy of the results in your report

b. What GPO’s were applied to the computer and/or user account? What settings did they

apply?