In this lab we'll setup our Active Directory infrastructure. This will include creating Organizational Units (OU) to store our user accounts, and organize our structure in a logical way. You'll create an account for you personally as well as ten other accounts manually. Then we'll create 200 user accounts using a script. During this lab we will briefly touch on some topics that we will go into more detail on in later chapters. These include creating a security group, and setting up a shared folder for our users home folders. The high level steps are the following:
This will be the first time we open the tool Active Directory Users and Computers. We will use this tool a lot in this lab. Create an "Oak Forest Users" OU under the domain. Then create two more OU's under "Oak Forest Users" called "Security Groups" and "Staff"
Server01 - Create OU Structure
Under the "Security Groups" OU create a security group using default options called "Staff"
Server01 - Create Staff Group
Create an account for yourself in the "Staff" OU using your name. The username format should be first letter of first name then your last name. If your name is John Doe your username would be jdoe. Use the same password we have been using for other accounts, P@ssw0rd. When you are done creating the account add it to the "Staff" group. (Make sure you add it to the group and not the OU.)
Server01 - Create Personal Account
Create a location on the C drive on Server01 to store user's home folders. We will start by creating a folder named "Shared Data" on the root of our server's C drive. All shared folders will be placed in this folder. Create a folder named "Home" inside the "Shared Data" folder. Share the "Home" folder giving everyone full control for the share permissions.
Server01 - Create Home Folder Location
Create a home folder for your account using Active Directory Users and Computers.
Create the following ten accounts using Active Directory Users and Computers. Create the accounts in the "Staff" OU, and set all their passwords to P@ssw0rd. Make sure to set the passwords never to expire. Use the same username format as your personal account. First letter of firstname, followed by last name.
Server01 - Manually Create Accounts
Server01 - Add Accounts to Staff Group
Use Active Directory Users and Computers to create home folders for the new accounts. Set the home folder to "\\Server01\Home\%USERNAME%" and it will create a folder for each user.
Server01 - Create Home Folders for New Accounts
We need to transfer some data from the physical computer to the virtual server. VirtualBox will let us create a shared folder between the physical and virtual machines. Use VirtualBox to share the CIS232 folder on the root of the C drive on the physical computer with the virtual server.
Select Server01 in VirtualBox Manager then click the Settings button.
Click Shared Folders on the left side, then click the folder with the plus sign on it on the right.
User "C:\CIS232" as the Folder Path, Set the folder name to "CIS232". Check all three boxes, then click OK.
Click OK on the Settings screen.
If the server is on and you are signed into the server then the drive won't appear right away. If the drive is missing sign off and sign on again to have it appear.
Server01 - Sign Out
Copy the "Import" folder from the server's E drive to the server's C drive. The E drive should be the VirtualBox share. If you don't have the import file download it here using the physical computer and copy it to your C:\CIS232 folder on the physical. Once it exists on the physical computer you will see it on the E drive on the virtual server.
Server01 - Copy Import Folder to C Drive
The script we're going to use to import our user accounts requires the ADHelper object be registered with Windows. Find the ADHelper object in the "Import" folder and register it. You can do this by right clicking on it and selecting "Register".
Server01 - Register ADHelper
There are two tools we want to use to import the students. The first is called "Clean CSV File 1.0" and this will scan our import file for any errors. Once complete a new file will be created with all problems removed. The next file is "Import Users 1.0" and this will be used to import our users and create home folders. All the settings in the scripts should be ready for you. Run both scripts. Note: When using PowerShell or the Command Prompt you can use tab to autocomplete file names. You'll see the names of the scripts pop up in the video after a few letters, that is because I hit tab to autocomplete them. Try it yourself when performing this task.
Server01 - Import User Accounts
Log into Server02 and open Active Directory Users and Computers. Make sure all the newly created accounts have replicated to Server02. If replication hasn't happened yet type the following command into PowerShell to force the replication: repadmin /syncall /e /d/ A /P /q T
Server02 - Verify Replication
Answer the lab questions.