Labs‎ > ‎Windows Labs‎ > ‎

Windows Lab 04 - Creating User Accounts


In this lab we'll setup our Active Directory infrastructure.  This will include creating Organizational Units (OU) to store our user accounts, and organize our structure in a logical way.  You'll create an account for you personally as well as ten other accounts manually.  Then we'll create 200 user accounts using a script.  During this lab we will briefly touch on some topics that we will go into more detail on in later chapters.  These include creating a security group, and setting up a shared folder for our users home folders.  The high level steps are the following:
  • Create OU structure
  • Create Staff security group
  • Create your account
  • Create home folder location
  • Create home folder for your account
  • Manually create user accounts
  • Add new accounts to Staff group
  • Create home folders for new accounts
  • Setup shared folder between physical machine and virtual server
  • Copy import folder from physical machine to virtual server
  • Clean import CSV
  • Import user accounts
  • Verify replication between Server01 and Server02

Create OU Structure

This will be the first time we open the tool Active Directory Users and Computers.  We will use this tool a lot in this lab.  Create an "Oak Forest Users" OU under the domain.  Then create two more OU's under "Oak Forest Users" called "Security Groups" and "Staff"
  • Oak Forest Users
    • Security Groups
    • Staff
Server01 - Create OU Structure

Create Staff Security Group

Under the "Security Groups" OU create a security group using default options called "Staff"
Server01 - Create Staff Group

Create Your Account

Create an account for yourself in the "Staff" OU using your name.  The username format should be first letter of first name then your last name.  If your name is John Doe your username would be jdoe.  Use the same password we have been using for other accounts, P@ssw0rd.  When you are done creating the account add it to the "Staff" group.  (Make sure you add it to the group and not the OU.)
Server01 - Create Personal Account

Create Home Folder Location

Create a location on the C drive on Server01 to store user's home folders.  We will start by creating a folder named "Shared Data" on the root of our server's C drive.  All shared folders will be placed in this folder.  Create a folder named "Home" inside the "Shared Data" folder.  Share the "Home" folder giving everyone full control for the share permissions.
  • C:\Shared Data\Home  <---  Only share the "Home" folder.  DO NOT share "Shared Data"
Server01 - Create Home Folder Location

Create Home Folder for your Account

Create a home folder for your account using Active Directory Users and Computers.

Manually Create User Accounts

Create the following ten accounts using Active Directory Users and Computers.  Create the accounts in the "Staff" OU, and set all their passwords to P@ssw0rd.  Make sure to set the passwords never to expire.  Use the same username format as your personal account.  First letter of firstname, followed by last name.
  • Mike Smith
  • Crystal Clear
  • Robin Graves
  • Ben Dover
  • Justin Tyme
  • Anna Mull
  • Joe King
  • Crystal Ball
  • Jim Nasium
  • Chris P Cream
Server01 - Manually Create Accounts

Add New Accounts to Staff Group

Add your new accounts to the "Staff" group.
Server01 - Add Accounts to Staff Group

Create Home Folders for New Accounts

Use Active Directory Users and Computers to create home folders for the new accounts.  Set the home folder to "\\Server01\Home\%USERNAME%" and it will create a folder for each user.
Server01 - Create Home Folders for New Accounts

Setup Shared Folder Between Physical Machine and Virtual Server

We need to transfer some data from the physical computer to the virtual server.  VirtualBox will let us create a shared folder between the physical and virtual machines.  Use VirtualBox to share the CIS232 folder on the root of the C drive on the physical computer with the virtual server.

Select Server01 in VirtualBox Manager then click the Settings button.

Click Shared Folders on the left side, then click the folder with the plus sign on it on the right.

User "C:\CIS232" as the Folder Path, Set the folder name to "CIS232".  Check all three boxes, then click OK.

Click OK on the Settings screen.

If the server is on and you are signed into the server then the drive won't appear right away.  If the drive is missing sign off and sign on again to have it appear.
Server01 - Sign Out

Copy Import Folder from Physical Machine to Virtual Server

Copy the "Import" folder from the server's E drive to the server's C drive.  The E drive should be the VirtualBox share.  If you don't have the import file download it here using the physical computer and copy it to your C:\CIS232 folder on the physical.  Once it exists on the physical computer you will see it on the E drive on the virtual server.
Server01 - Copy Import Folder to C Drive

Import User Accounts

The script we're going to use to import our user accounts requires the ADHelper object be registered with Windows.  Find the ADHelper object in the "Import" folder and register it.  You can do this by right clicking on it and selecting "Register".
Server01 - Register ADHelper

There are two tools we want to use to import the students.  The first is called "Clean CSV File 1.0" and this will scan our import file for any errors.  Once complete a new file will be created with all problems removed.  The next file is "Import Users 1.0" and this will be used to import our users and create home folders.  All the settings in the scripts should be ready for you.  Run both scripts.  Note: When using PowerShell or the Command Prompt you can use tab to autocomplete file names.  You'll see the names of the scripts pop up in the video after a few letters, that is because I hit tab to autocomplete them.  Try it yourself when performing this task.
Server01 - Import User Accounts

Verify Replication Between Server01 and Server02

Log into Server02 and open Active Directory Users and Computers.  Make sure all the newly created accounts have replicated to Server02.  If replication hasn't happened yet type the following command into PowerShell to force the replication: repadmin /syncall /e /d/ A /P /q  T
Server02 - Verify Replication


Answer the lab questions.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10