In this lab we're going to create department based groups and place our users in them. We'll use these groups to setup permissions on sub folders in a common folder we're creating. The idea is to create folders for each department to share information. Then we'll create a couple more shares and distribute them to our users with a logon script. We'll start out by installing office on our clients so we can use Excel. The high level steps are the following:
Put the "Microsoft Office Professional Plus 2013" DVD in the virtual DVD drive. The image can be found in C:\CIS232. You may need to rename the disk so it has an ISO extension before you can use it. Nothing will happen, proceed to the next step
Once the DVD is in the drive, login to Client01 as Ben Dover (bdover) and install Office.
Client01 - Install Office Professional Plus 2013
We have a list of users and associated groups that we'll use later in the lab. Log on to Server01 as Administrators and copy that list from the CIS232 folder to Ben Dover's home folder. ("C:\Shared Data\Home\BDover")
Server01 - Copy Groups.csv to Ben Dover
Let's create the groups that represent the departments in our organization. Create the following groups in the "Security Groups" OU. Each group will be a global group.
Server01 - Create Groups
Open the Groups.csv file on Client01. Use the data in the file to add the users to their groups on Server01. There are many different ways you can add the users to the groups. Try to find the most efficient method for you.
We are ready to create a common share for our users. The common share will contain folders for each department. Only the members of each department will have access to their folders. Create the common folder with the following settings.
Server01 - Create Common Share
Now we will create our department shares inside "C:\Shared Data\Common\" Create the following folders.
On each folder set the following NTFS permissions: In the end each folder should only have the permissions specified below.
Server01 - Setup Department Folders
We're going to create two more shares. One will be a public drive that anyone in our organization can use to share information, and the other will be used for pushing out applications. Create two folders in "C:\Shared Data" with the following settings:
Server01 - Create Public Share
Server01 - Create Apps Share
Now we want to create a logon script and apply it to our user accounts. Copy the logon.bat file to Server01's desktop and modify it to have the following lines.
Once you're done run the script on the server and verify it creates the mapped drives. If not double check the script for errors.
Server01 - Create Logon Script
Once the script is working copy it into the netlogon folder. (\\Server01\netlogon) Then apply the logon script to all your users. You can modify the properties of all your users at once and set the Logon Script to "logon.bat" under the "Profile" tab.
Server01 - Apply Logon Script
Finally we can test out our work. On Client01 log in as MSmith and make sure the network drives appear and that you have the correct access.
Server01 - Verify Network Drives
Answer the lab questions.