1.INSTALLING ACTIVE DIRECTORY
| |
ACTIVE DIRECTORY PROMOTION
Ø -->Start
Ø -->Run
Ø -->DCPROMO Press Enter
Ø -->Next
Ø -->Next
Ø -->Select second option create a new domain in new forest
Ø -->Next
Ø -->Enter the name of domain like "jetking.com"
Ø -->Next
Ø -->Raise the forest function level (2008)
Ø -->Next
Ø -->Next
Ø -->yes
Ø -->yes
Ø -->Next
Ø -->Enter the complex password (123-asd)
Ø -->Next
Ø -->Next
Ø -->Next
Ø -->Reboot on completion
Ø -->Finish
2. ACTIVE DIRECTORY DEMOTION
STEP-1:
-->START
-->RUN
-->DCPROMO
-->NEXT
-->OK
-->CHECK {DELETE THE DOMAIN BECAUSE THIS SERVER IS THE LAST...}
-->NEXT
-->NEXT
-->NEXT
-->DELETE ALL APPLICATION
-->NEXT
-->ENTER THE PASSWORD
-->NEXT
-->NEXT
-->REBOOT ON COMPLETETION
-->RESTART...
STEP-2:
AFTER RESTART COMPUTER GIVE THE FOLLOWING COMMAND IN RUN
-->SERVERMANAGER.MSC-->ENTER
-->CLICK ON ROLES
-->CLICK ON REMOVE ROLES
-->NEXT
-->UNCHECK THE ROLE OF ACTIVE DIRECTORY (ADDS) AND DNS
-->REMOVE
-->FINISH
-->RESTART COMPUTER....
STEP 3:
-->AFTER RESTART COMPUTER PRESS
-->CTRL+PAUSE BREAK
-->CLICK ON CHANGE SETTING
-->CLICK ON CHANGE
-->CLICK ON MORE
-->REMOVE THE NAME OF DOMAIN
-->OK
-->CLOSE
-->RESTART COMPUTER....
STEP 4:
AFTER RESTART COMPUTER RUN
-->SYSTEM32
-->REMOVE THE FOLDER OF DNS IF IT IS EXIST.
-->FINISH.
3.Creating the ADC
Requirement:-
Install active directory service in a system with DNS.
Now go to another computer and configure the IP address with address of DNS server.
Now
-->Start
-->Runt
-->Ping domain name if reply than proceed.
-->Start
-->Run
-->dcpromo /adv press enter.
-->Next
-->Select first option create a domain in existing forest
-->Next
-->Enter the name of domain like "jetking.com" select set credential
-->Enter the administrator & password
-->Next
-->Next
-->Check DNS option
-->Next
-->Next
-->Next
-->Enter the restore mode password
-->Next
-->Reboot on completion.
-->Finish...
4.ADC through ifm:-
Go to the domain controller start>run>cmd
c:\>ntdsutil press enter
Activate instance ntds press enter
ifm press enter
Create full c:\ifm
After finish task
Quit press enter
Exit
Note: before run these commands make a folder in c: drive with name of
ifm.
Now copy this folder in mass storage removable media (pen drive).
Safe remove the pen drive from computer and plug it with another
Computer where you want to configure ADC.
-->Start
-->Run
-->dcpromo /adv press enter.
-->Next
-->Select first option create a domain in existing forest
-->Next
-->Enter the name of domain like "jetking.com" select set credential
-->Enter the administrator & password
-->Next
-->Next
-->Check DNS option
-->Next
-->Next
-->Next
-->Celect another location for media browse the pen drive and give the path next enter the
-->Restore mode password
-->Next
-->Reboot on completion.
5.RODC through ifm:-
Note:-function level of domain must be 2008.
Go to domain controller and run following commands
Make a folder in c: with name RODC
c:\>ntdsutil press enter
Activate instance to ntds press enter
ifm press enter
Create RODC c:\rodc
After finish task
Quit press enter
Exit
Go to the other computer where you want to make RODC.
Note make a user in active directory (domain) before run following task
-->Start
-->Run
-->dcpromo /adv press enter.
-->Next
-->Select first option create a domain in existing forest
-->Next
-->Enter the name of domain like "jetking.com" select set credential
-->Enter the administrator & password
-->Next
-->Next
-->Check DNS option and RODC
-->Next
-->Next
-->Next
-->Select another location for media browse the pen drive and give the path next enter the
-->Restore mode password
-->Next
-->Reboot on completion.
6.Configuring CDC
Install active directory in a system with DNS.
Now go to another computer and configure the IP address with the address of DNS server. Now check it
Must be ping with the name of domain
Now run the following command in run.
-->Start
-->Run
-->dcpromo /adv press Enter
-->Next
-->Next
-->Create a new domain in existing forest
-->Next
-->Enter the name of domain
-->Click on set
-->Enter the user name and password of domain and click
-->Ok
-->Next
-->Nnter the domain name and child domain name (mail).
-->Next
-->Next
-->Uncheck the DNS
-->Next
-->Yes
-->Next
-->Next
-->Enter the restore mode password
-->Next
-->Reboot on completion
-->Finish.
7.Configuring DNS
Install the role of DNS from add role services.
-->Start
-->administrative tools
-->DNS
-->Expand computer name
-->Click on forward lookup zone
-->Right click on it
-->New zone
-->Next
-->Primary zone
-->Next
-->Enter the name of zone like jetking.com
-->Next
-->Next
-->Dynamic update
-->Next
-->Finish.
-->Click on zone
-->Right click new host aaa record enter the computer name and IP of DNS server
-->Create
-->Create a record without name
-->Done
-->Double click on SOA record
-->And fill require field like Primary Server Computer Name.jetking.com.
-->Responsible Server Computer Name.jetking.com.
-->Apply
-->Ok.
-->Double click on ns record
-->Edit
-->Enter the computer name.jetking.com and click resolve
-->Ok
-->Apply
-->Ok
-->Now go to the another computer and specify the IP address with the DNS address and ping from jetking.com
If it is pinging just start to install active directory services by using dcpromo
And enter the domain name jetking.com and uncheck DNS when it ask because you have configured
DNS already on another domain after restart computer go the DNS server and check records.
-->Finish
8.Configuring DHCP Server
Install the role of DHCP from the add roles Wizard.
-->Start
-->Administrative tools
-->DHCP
-->Right click on server name click scope
-->Enter the name of scope
-->Next
-->Enter the distribution range of IP address which you want to distribute
-->Next—
-->Enter the exclude range click add
-->Next
-->Specify the lease duration
-->Next
-->Select configure these options now
-->Next
-->Enter the address of the router
-->Next
-->Enter the domain name and computer name
-->Click resolve
-->Click add
-->Next
-->Next
-->Activate this scope now
-->Next
-->Finish...
Now go to the client computer and change the setting of TCP/IP properties>set the obtain IP address automatically.
Now go the command prompt and run following command to see the ip add
c:\>ipconfig
IP 10.0.0.2
Subnet mask 255.0.0.0
This address is specified by DHCP server
For more information about adaptor run following command
c:\>ipconfig /all
Finish.....
9.IP reservation:-
-->Go to the DHCP server and right. Click on the reservation:-
-->Click new reservation
-->enter the name of reservation
-->and specify the address which you want to reserved
-->and specify the MAC address of client in next field. Click apply ok close refresh.
-->Finish
Now go to the client of DHCP and set obtain IP address automatically. If setting is already automatic IP than run following commands
c:\>ipconfig /release (to release the previous IP address)
c:\>ipconfig /renew (to get new address from the DHCP server)
Finish...
10. Backup of DHCP server
Backup Process:-
-->Right .click on computer name in DHCP server
-->Backup
-->Make a folder in any drive and select it
-->Finish.
Restoring process:-
-->After delete scope from the DHCP server
-->Right Click on the computer name in DHCP server and click restore select the target folder where the
Backup stored
-->Start
-->Finish...
11.Configuring DHCP relay agent
Step-1
Configuring DHCP Server:-
Install the role of DHCP from the add roles
Wizard.
-->Start
-->Administrative tools
-->DHCP
-->Right click on server name click scope
-->Enter the name of scope
-->Next
--->Enter the distribution range of IP address which you want to distribute
-->Next
-->Enter the exclude range click add
-->Next
-->Specify the lease duration
-->Next
-->Select configure these options now
-->Next
-->Enter the address of the router
-->Next
-->Enter the domain name
-->And computer name
-->And click resolve
-->Click add
-->Next
-->Next
-->Activate this scope now
-->Next
-->Finish...
Create Scope-2 same as Scope-1 with the different IP according to the network map that you have.
Step2.
Configuring LAN routing:-
Requirements:-
1:- Two LAN cards
Procedure:-
Configure the IP 10.0.0.100 /255.0.0.0 in lan-1 and connect this LAN with a switch-1.
Configure the IP 192.168.10.100 /255.255.255.0 in lan-2 and connect this
LAN with switch-2.
Now install the role of RRAS from add roles wizard on this computer.
12. Installing role:-
-->Run
-->Servermanager.msc
-->Click on roles
-->Add roles
-->Ok
-->Click on network policies and access services
-->Next
-->Next
-->Click on routing and remote access
-->Add require services
-->Next
-->Install
-->Finish
-->Start
-->Administrative tools
-->RRAS
-->Right click on server name and click
Configure and enable routing and remote access service
-->Next
-->Custom configuration
-->Next
-->LAN routing
-->Next
-->Finish
-->Start service
-->Expand ipv4
-->Static routes
-->Right click select new static route
-->Select
The LAN-1 in interface field.
Destination 192.168.10.0 /255.255.255.0
Gateway 10.0.0.1
Ok
Click select new static route>select
The LAN -2 in interface field.
Destination 10.0.0.0 /255.0.0.0
Gateway 192.168.10.1
Ok
Now right click on general and click new routing protocol and add DHCP relay agent
-->Right click on DHCP relay agent
-->Properties
-->Add the IP address
Of the DHCP Server (192.168.10.1).
And add LAN-1 and LAN-2 bpth interfaces also here.
Now go to clients and configure IP address automatically.
13. Deployment
Configuring Windows Deployment
Requirement:-
1-DHCP installed and configure.
2-ADS and DNS
3-Install the role of WDS from add roles wizard.
-->Start
-->Administrative tools
-->WDS
-->Expand server
-->Right click on server name
-->Click configure server
-->Next
-->x:\RemoteInstall (select the destination)
-->Next
-->Respond to all known and unknown client
-->Finish
-->Uncheck add image
-->Finish
-->Right click on boot image and click add boot image
-->Insert the disk of windows vista /Win7/2008 server in the drive and click browse.
-->Select the boot.wim file from the source folder of DVD.
-->Next
-->Next
-->Finish
-->Now right click on the install folder and click install image
-->Select the Install.wim files from the source folder of the DVD.
-->Ok
-->Next
-->Select require images
-->Next
-->Finish
14. Configuring Software Deployment
Make a SHARE FOLDER in NTFS drive and copy the software (MSI package)
In it.
-->Start
-->Run
-->dsa.msc
-->Right click on domain name and click new
-->Organization unit
-->Enter the name of OU and click ok.
-->Now make a user in this OU
-->Close all wizards.
-->Start
-->Run
-->mmc
-->File
-->Add remove snap-in
-->Group policy management
-->Add
-->Ok
-->Expand the group policy-forest-domain
-->jetking.com (domain name)
-->Select the OU
-->Right click on it
-->Create an object of domain and link it
-->Enter the name of object and click ok
-->Now right click on the object which you have new created and click edit
-->You can see here user configuration and system configuration.
-->Expand user configuration-policies software setting software installation
-->Right click on it
-->Properties
-->Enter the package path like\\192.168.10.1\office2003 publish finish.
-->Right click on software installation new package
-->Select pro11.msi file
-->Ok
-->Now click on package which is newly created
-->Properties
-->Deployment
-->Select install this application at logon
-->Apply
-->Ok
-->Close all wizards.
-->Now go to the member of domain and login with this user. Your application will now install automatically.
-->Finish...
15. Configuring Printer Deployment
Configuring Printer Deployment
Connect the printer with the server and install it properly.
Now install the role of printer from add roles wizards.
-->Start
-->Run
-->dsa.msc
-->Right Click on domain and create an organization unit.
-->Create a user within the organization unit.
-->Now
-->Run
-->mmc
-->File
-->Add remove snap-in
-->Add the group policy management
-->Save this console at the desktop
-->Now expand domain
-->And click on organization unit which you have created
-->Right Click on it and select create a gpo
-->Enter the name of gpo
-->Ok
-->Close all wizards
-->Now go to print management from administrative tools
-->Select the printer right click on it and click deploy with group policy
-->Browse
-->Click the organization unit
-->Select gpo
-->Ok
-->Check both options and click add
-->Apply
-->Ok.
-->Go to client of domain and login with user name.
-->Finish...
16. Configuring Shadow Copy
Shadow Copy:-
-->Make a share folder in NTFS drive and save your data in this folder.
-->Now go back and right click on this drive and click properties
-->Click on shadow copy.
-->Now click on enable.
-->You can see a new task created.
-->Now go to share folder and delete data permanently.
Restore Shadow Copy:-
-->Start
-->Run
-->Give the following command in Run
-->\\IP address of server where shadow created
-->Now you can see a share folder just right click on it click properties.
-->Select previous version tab.
-->Click restores
-->Ok.
-->Close all wizards
-->And go to the share folder and check your data has been recovered successfully.
17.Configuring Group Policy
First install the active directory services in a system.
-->Start
-->Administrative tools
-->group policy management
Or
-->Start
-->Run
>mmc
-->File
-->Add remove snap-in
-->group policy management
>Add
-->Ok
-->Expanded the group policy-forest-domain
-->jetking.com (domain name)
-->Right click on it
-->Create an object of domain and link it
-->Enter the name of domain and click ok
-->Now right click on the object which you have new created and click edit
-->You can see here user configuration and system configuration.
-->Expand user configuration-policies-administrative templates
-->Now you can assign any policy like select desktop
-->Double click on remove Computer icon from desktop
-->Click enable
-->Close save this console
-->And close all wizards.
Now run following command
-->Run
-->gpupdate /force
You can see my computer icon has been removed from the desktop.
18. Configuring LAN routing:-
Requirements:-
1:- Two LAN cards
Procedure:-
Configure the IP 10.0.0.1 /255.0.0.0 in LAN-1 and connect this LAN with a switch-1.
Configure the IP 192.168.10.1 /255.255.255.0 in lan-2 and connect this
LAN with switch-2.
Now install the role of RRAS from add roles wizard on this computer.
Installing role:-
-->Run
-->servermanager.msc
-->Click on roles
-->Add roles
-->Ok
-->Click on network policies and access services
-->Next
-->Next
-->Click on routing and remote access
-->Add require services
-->Next
-->Install
-->Finish
-->Start
-->Administrative tools
-->RRAS
-->Right click on server name and click
-->Configure and enable routing and remote access service
-->Next
-->Custom configuration next
-->LAN routing
-->Next
-->Finish
-->Start service
-->Expand ipv4
-->Static routes
-->Right click select new static route
-->Select
The LAN-1 in interface field.
Destination 192.168.10.0 /255.255.255.0
Gateway 10.0.0.1
-->Ok
-->Click select new static route
-->Select The LAN-2 in interface field.
Destination 10.0.0.0 /255.0.0.0
Gateway 192.168.10.1
Ok
Now go to the clients those are connected with switch-1 and configure following IP address.
IP address 10.0.0.2 /255.0.0.0
Default gateway 10.0.0.1
Now go to the computers those are connected with switch-2.
And configure following IP address.
IP address 192.168.10.2 /255.255.255.0
Default gateway 192.168.10.1
Now go to command prompt
-->and ping 10.0.0.2 -t
If pinging you have successfully configured LAN routing.
Note: - "off the firewall on each system".
19. Configuring VPN server
Install routing and remote access services from add roles wizards.
Installing role:-
-->Run
-->Servermanager.msc
-->Click on roles
-->Add roles
-->Ok
-->Click on network policies and access services
-->Next
-->Next
-->Click on routing and remote access
-->Add require services
-->Next
-->Install
-->Finish
-->Start
-->Administrative tools
-->RRAS
-->Right click on server name and click
-->Configure and enable routing and remote access service
-->Next
-->Custom configuration
-->VPN access
-->Finish.
Now dsa.msc
-->And create a domain user in active directory.
-->Right click on this user click properties
-->Click on dial-in tab
-->Click allow
-->Access
-->Apply
-->Ok
-->Now go to client machine and create a VPN dial-up connection.
-->Right click on my network place
-->Properties
-->Setup a connection
-->Connect to a workplace
-->VPN
-->Setup internet connection
-->Dial-up
-->Enter the IP address of VPN server user name and password which you have created on
-->Domain and click connect.
-->Finish.......
20. Configuring ICS
Requirement:-
Two LAN cards:-
Procedure:-
Connect a LAN card with internet connection.
And configure IP on it according to the ISP and make sure your internet is working properly.
-->Now
-->Run
-->ncpa.cpl
-->Right click on LAN card which is connected with ISP and click properties.
-->Click on sharing
-->Click share this connection
-->Ok
-->Finish
-->Now you can see the IP address of your second LAN has been changed.
It will assigned automatically reserved IP address of ICS 192.168.0.1
Now go to the client computers and configure the IP address automatically.
Your firewall must be off in all computers.
Now you can access internet on clients...
21. Proxy configuration
Requirement:-
Two LAN card in a system.
One is connected with ISP or broadband.
One is connected with switch.
Configure the IP on the both LAN like.
Example Lan-1 192.168.1.2
255.255.255.0
192.168.1.1
202.56.215.54
202.56.215.55
Lan-2 192.168.1.3
255.255.255.0
And now install and start the proxy on this machine.
Go to the clients.
And configure the following IP address 192.168.1.4
255.255.255.0
192.168.1.3 (This is the address of proxy server)
-->Right click on internet connection
-->Properties
-->Connections
-->LAN setting
-->Select proxy configuration.
-->Enter the address of proxy server 192.168.1.3
Port No. 6588
-->Apply
-->Ok
Finish (you can access internet connection.)
22. Configuring IP sec policy
Configure the IP address first.
-->Start
-->Run
-->MMC(Microsoft management console)
-->File
-->Add remove snap-in
-->IPSec policy management
-->Add
-->Finish
-->Ok
-->Right Click on IPSec Po
-->New policy
-->Next
-->Next
-->Finish
-->Add
-->Next
-->Next
-->Next
-->Select IP filter list
-->Edit
-->Add
-->Next
-->Next
-->Next
-->Select the source IP <my IP address
-->Next
-->Select destination IP address a specified IP address or subnetmask
-->And enter the destination IP address manually like 10.0.0.100
-->Next
-->Select protocol
-->ICMP
-->Next
-->Finish
-->Ok
-->Select IP filter list
-->Next
-->Select filter action
-->Next
-->Edit
-->Block
-->Ok
-->Next
-->Finish
-->Ok
-->Now Right Click on policy and click assign.
-->Now your client that has IP 10.0.0.100 can not ping from Your computer.
23. Security templates:-
-->Run
-->MMC
-->File
-->Add remove snap-in
-->Add the security templates and Security configuration and analyze
-->Save this console on desktop.
-->Now click on security templates
-->Right click on it new template
-->Enter the name of template
-->Ok
-->Now right. Click on security configuration and analyze
-->Open data base
-->Enter the name of data base
-->Open
-->Select the template name
-->Open
-->Right Click on security configuration and analyze
-->Analyze computer now
-->Now change the policy that require like password policy or others
-->To assign the policy just r .click security configuration and analyze
-->And click configure computer now.
-->Again right click security configuration and analyze
-->Analyze computer now. And check your policy has been update.
-->Finish...
24. FSMO ROLES Transfer
Requirement:-
1. Two computers one PDC and one ADCand one adc.e pdcsh>ok>select i
2. Assume your computer name of domain is server1
3. And host name of the ADC is client1.
-->First install the active directory services on the server1 with DNS.
-->Now go to the client1 and configure the IP address with address of DNS
-->Than check it must be ping from domain.
-->Start
-->Run
-->dcpromo /adv press enter.
-->Next
-->Select first option create a domain in existing forest
-->Next
-->Enter the name of domain like "jetking.com" select set credential
-->Enter the administrator & password
-->Next
-->Next
-->Check DNS option
-->Next
-->Next
-->Next
-->Next
-->Enter the restore mode password
-->Next
-->Reboot on completion.
Now go to server1 and run following commands.
-->Start
-->Run
-->CMD
c:\>ntdsutil
-->ntdsutil:roles press enter
-->fsmo maintenance:connections press enter
-->Server connection:connect to server client1.jetking.com press enter
-->Server connection:quit
-->fsmo maintenance:transfer rid master press enter yes
-->fsmo maintenance:transfer pdc press enter yes
-->fsmo maintenance:transfer infrastructure master press enter yes
-->fsmo maintenance:transfer schema master press enter yes
-->fsmo maintenance:transfer naming master press enter yes
-->For check the transfer’s roles go to the client1 and run following command
-->Run
-->cmd
-->C :\>netdom query FSMO press enter (you can see transfers roles)
-->Finish...
25. CREATING THE ROAMING PROFILE OF DOMAIN USER:-
CREATE AN USER IN ACTIVE DIRECTORY.
-->START
-->RUN
-->DSA.MSC PRESS ENTER
-->EXPANED DOMAIN NAME
-->RIGHT CLICK ON USER FOLDER
-->CLICK NEW USER
-->ENTER THE DETAILES OF USER LIKE USER NAME, LOGIN NAME, PASSWORD AND USER ATTRIBUTES.
-->CLICK NEXT
-->FINISH.
26. NOW CREATE A SHARE FOLDER IN NTFS DRIVE AND GIVE THE FULL PERMISSION.
NOW GO TO ACTIVE DIRECTORY USER AND COMPUTER WIZARD AND
-->R.CLICK ON USER PROPERTIES
-->CLICK ON PROFILE TAB
-->AND FILL THE FOLLOWING DETAILES IN REQUIRE FIELDS
-->PROFILE PATH \\IP ADD OF FILE SERVER\SHARE FOLDER NAME\USER NAME
-->LOCAL PATH X:\SHARE FOLDER NAME (X: IS THE DRIVE WHERE SHARE FOLDER EXISTS.)
-->APPLY
-->OK.
-->NOW GO TO THE CLIENT OF DOMAIN AND LOGIN WITH THE DOMAIN USER.
-->FINISH
27. CONVERTING THE ROAMING PROFILE IN TO THE MANDATRY:-
LOGIN WITH THE ADMINISTRATOR ACCOUNT AND GIVE THE PERMISSION ALLOW LOG ON LOCALLY TO THE DOMAIN USER FROM THE GROUP POLICY OR MAKE THE MEMBER OF PRINT OPERATOR GROUP FROM ACTIVE DIRECTORY USER AND COMPUTER.
TO MAKE THE MEMBER OF PRINT OPERATOR:-
-->START
-->DSA.MSC
-->EXPANED DOMAIN NAME
-->CLICK ON BUILT-IN GROUPS
-->R.CLICK AND PROPERTIES OF PRINT OPERATOR
-->CLICK MEMBERS
-->ADD>ENTER THE NAME OF USER AND CLICK CHECK NAMES
-->OK
-->APPLY
-->OK
-->LOG OFF AND LOGIN WITH THE DOMAIN USER.
-->NOW GO TO HOME FOLDER OF USER PROFILE
-->R.CLICK ON PROFILE FOLDER
-->PROPERTIES
-->SECURITY
-->EDIT
-->ADD THE NAME OF ADMINISTRATOR
-->CHECK NAMES
-->OK
-->GIVE THE FULL PERMISSION
-->APPLY
-->OK.
-->LOG OFF AND LOGIN WITH THE ADMINISTRATOR.
-->NOW GO TO HOME FOLDER OF USER PROFILE
-->D.CLICK ON PROFILE FOLDER
-->TOOLS
-->FOLDER OPTIONS
-->VIEW
-->SHOW HIDDEN FILES AND FOLDERS
-->AND UNCHECK
-->SHOW HIDE EXTENSION
-->SHOW HIDE PROTECTED
-->OK
-->APPLY
-->OK GO TO THE FOLDER AND YOU CAN SEE NTUSER.DAT
-->JUST R.CLICK AND CONVERT IT NTUSER.MAN.
-->SET THE FOLDER OPTIONS DEFAULT.
-->REMOVE THE USER FROM PRINT OPERATOR GROUP.
-->NOW GO TO THE CLIENT MACHINE AND LOGIN WITH THE DOMAIN USER
-->NOW YOUR SETTING OF THE DESKTOP WILL NOT BE SAVE.
-->FINISH.....
28. Configuring IIS Server
Install the role of IIS from add roles services.
Create a web page and save it in a folder.
-->Start
-->Administrative tools
-->IIS
-->Click on server name
-->Expand site
-->Right click on default site and remove it
-->Now right click and select create new site
-->Enter description of site
-->Next
-->Enter the site name
-->Provide the path of the web site folder
-->Assign an IP
-->Apply
-->Ok
-->Now click on site which you have new created
-->Double click on directory browsing
-->Click enable
Now go to the client computer and give the following address to open web page
http://IP address of web server presses enter.
29. Configuring FTP
Install the role of ftp from add role services
-->Start
-->Administrative tools
-->IIS 6.0 manager
-->Expand server name
-->Expand ftp site
-->Remove default ftp site
-->Right click and new ftp site
-->Enter the description
-->Next
-->Assign an IP address
-->Next
-->Next
-->Give the path of ftp folder where your data saved
-->Next
-->Next
-->Next
-->Finish....
Go to client computer
-->Start
-->Run
-->ftp://IP add of ftp server press enter.
30. Quota management
Install the role of file server resource manager from file server add role wizard.
-->Start
-->Administrative tools
-->File server resource manager
-->Expand quota management
-->Quota templates
-->Right click create quota templates
-->Enter the name of templates
-->Define the size
-->Ok
Now right click on quota
-->Create quota
-->Give the path of folder to implement quota
-->Select the templates
-->Click create
-->Finish.
File screening:-
-->Expand file screening management
-->Right click on file screening templates
-->Create file screening templates
-->Enter the template name
-->Select the file extension which you want to prevent
-->Ok.
-->Right click on file screening
-->Click create file screening
-->Define the path of folder and select file screening template
-->Ok
-->Finish.
31. IP SECURITY POLICY
-->START
-->RUN
-->MMC PRESS ENTER.
-->FLIE
-->ADD REMOVE SNAP-IN
-->IP SEC POLICY MANAGEMENT
-->ADD
-->FINISH
-->OK
-->R.CLICK ON IP SEC-PO
-->CREATE IP SEC-PO
-->NEXT
-->NEXT
-->NEXT
-->FINISH
-->ADD
-->NEXT
-->NEXT
-->NEXT
-->ADD
-->ADD NEW IP FILTER LIST
-->NEXT
-->NEXT
-->SELECT SOURECE (MY IP)
-->NEXT
-->DESTINATION (SPECIFY IP OR SUBNET EXAMPLE :-( 10.0.0.10)
-->NEXT
-->SELECT PROTOCOL<ICMP>
-->NEXT
-->FINISH
-->OK>SELECT NEW IP FILTER LIST
-->NEXT
-->NOW ADD FILTER ACTION
-->NEXT
-->NEXT
-->BLOCK
-->NEXT
-->FINISH
-->SELECT NEW FILTER ACTION
-->NEXT
-->FINISH
-->OK
NOW R/C ON POLICY AND ASSIGN. FOR NEGOTIABLE SECURITY:-
-->RIGHT CLICK ON POLICY
-->PROPERTIES
-->EDIT
-->AUTHANTICATION
-->METHOD
-->EDIT
-->USE THIS STRING AND ENTER THE PSK (PRE-SHARED KEY)
-->OK
-->APPLY
-->OK
-->AGAIN CLICK EDIT
-->FILTER ACTION
-->EDIT
-->SELECT NEGOTIABLE SECURITY
-->ADD
-->OK
-->APPLY
-->OK
-->CLOSE
-->APPLY
-->OK
-->CLOSE ALL WIZARD
-->FINISH
30. TRUST
REQIREMENT:-
MINIMUM TWO DOMAIN CONTROLLER.
PROCEDURE:-
MAKE SURE YOUR BOTH DOMAIN CONTROLLER ARE PINGING TO EACH OTHER BY DOMAIN NAME.
-->START
-->ADMINISTRATIVE TOOLS
-->ACTIVE DIRECTORY DOMAIN AND TRUST
-->R.CLICK ON DOMAIN NAME
-->PROPERTIES
-->TRUST
-->NEXT
-->NEXT
-->ENTER THE DOMAIN NAME OF ANOTHER DOMAIN AND PASSWORD
-->NEXT
-->NEXT
-->TWO WAY TRUST
-->BOTH DOMAINS ONLY
-->NEXT
-->NEXT
-->YES, CONFIRM OUTGOING TRUST
-->YES, CONFIRM INCOMING TRUST
-->NEXT
-->NEXT
-->FINISH.
31. AUTHENTICATING USER ON DOMAIN:-
SUPPOSE THERE ARE TWO DOMAIN CONTROLLER NAMED A.COM AND B.COM BOTH ARE TRUSTED TO EACH OTHER
AND USER A OF DOMAIN A.COM WANTS TO LOG ON ON B.COM TO MANAGE USER AND GROUP.
PROCEDURE:-
-->GO TO DOMAIN B.COM
-->DSA.MSC
-->BUILT-IN
-->D.CLICK ON ACCOUNT OPERATOR
-->MEMBERS
-->ADD
-->LOCATION
-->SELECT THE LOCATION DOMAIN A.COM
-->WRITE THE NAME OF USER (A) HERE AND CLICK CHECK NAME
-->OK
-->OK
-->CLOSE
--> RUN
-->GPUPDATE /FORCE
-->NOW LOG OFF DOMAIN B.COM AND LOGIN WITH USER (A) (LOGIN FORMAT:-DOMAIN\USER) USER
NAME:-B\A AND PASSWORD *******) WHERE B IS DOMAIN NAME AND A IS USER.
-->FINISH
32. CONFIGURING DFS
INSTALL DFS FROM FILE SERVICES
-->ON THE DOMAIN CONTROLLER
-->NOW MAKE THE MEMBERS OF THIS DOMAIN.
AND CREATE SOME SHARES ON THE MEMBER DOMAIN.
EXAMPLE JET1 AND JET2 ARE THE MEMBER OF DOMAIN MICRO.COM
AND JET1 HAS A SHARE FOLDER WITH NAME HARDWARE
AND JET2 HAS A SHARE FOLDER WITH NAME SOFTWARE
-->NOW GO TO THE DOMAIN CONTROLLER
-->START
-->ADMINISTRATIVE TOOLS
-->DFS
-->R.CLICK ON NAMESPACES
-->NEW NAMESPACE
-->ENTER THE NAME OF THE SERVER FOR THE DFS HOST(IT SELF SERVER NAME)
-->ENTER THE NAME OF THE NAMESPACE LIKE "NAMESPACE1"
-->NEXT
-->DOMAIN BASED NAME SPACE
-->NEXT
-->CREATE
-->NOW R.CLICK ON NAMESPACE1
-->NEW FOLDER
-->ENTER THE DESIRE NAME
-->CLICK ADD
-->BROWSE
-->BROWSE
-->ADVANCED
-->FIND NOW
-->SELECT THE NAME OF MEMBER DOMAIN
-->OK
-->OK
-->SELECT THE SHARE FOLDER
-->OK
-->OK
-->OK
-->ADD THE ANOTHER FOLDER HERE SAME.
Now go to the another computer in the network and access>\\IP of domain\namespace1
-->Finish
33. Configuring terminal services
Install terminal services on the domain controller from add roles services>.
-->Right click on my computer properties
-->Remote setting
-->Allow computer (network level authentication)
-->Select user and add here a user that you have created in active directory.
-->Start
-->Administrative tools
-->gpo
-->Expand these...Domains
-->jetking.com
-->Domain controllers
-->Default domain controller policy right click on it edit
-->Expand these...computer configuration
-->Policies
-->Windows setting
-->Security setting
-->Local policy
-->User rights assignments
-->Allow logon through terminal services open it click on define these policy setting and add administrator, and user here apply ok finish close all wizard
-->Run
-->dsa.msc
-->Right click on the user properties
-->Environment
-->Click on start program
-->Specify the path of the application
-->Apply
-->Ok
-->Finish
-->Run
-->gpupdate /force...
Now go to the another computer
-->Run
-->mstsc.exe
-->Enter the IP address of the terminal server
-->Enter the user name and password when it asks and you can see an application that start from its.
-->Finish...
34. MIGRATION
REQUIREMENT
MACHINE1 WITH INSTALLED WIN 2003 SERVER AND ADDS, DNS.
MACHIN2 INSTALLED WITH WIN 2008 SERVER AND SPECIFY THE ADDRESS OF DNS AND MAKE SURE IT
SHOULD BE PINGING FROM THE DOMAIN NAME OF MACHINE1.
PROCEDURE:-
COPY THE ADPREP FOLDER IN TO THE C:\ DRIVE OF WIN 2003 SERVER FROM 2008 MEDIA SOURECE\ADPREP.
NOW THE RAISE THE FOREST FUNCTION LEVEL OF THE 2003 SERVER FROM 2000 TO 2003 FROM ACTIVE DIRECTORY DOMAIN TRUST WIZARD.
NOW GO TO THE COMMAND PROMPT
C:\>CD ADPREP ENTER
C:\ADPREP>ADPREP /FORESTPREP ENTER PRESS "C" TO CONTINUE...
C:\ADPREP>ADPREP /DOMAINPREP PRESS ENTER
C:\ADPREP>ADPREP /RODCPREP PRESS ENTER
NOW GO TO MACHINE2 (WIN 2008 SRV) AND MAKE THIS MACHINE ADC OF THE MACHINE1.
-->Start
-->Run
-->dcpromo /adv press enter.
-->Next
-->Select first option create a domain in existing forest
-->Next
-->Enter the name of domain like "jetking.com" select set credential
-->Enter the administrator & password
-->Next
-->Next
-->Check DNS option
-->Next
-->Next
-->Next
-->Next enter the restore mode password
-->Next
-->Reboot on completion.
Now go to MACHINE1 and run following commands.
-->Run
-->cmd
-->c:\>ntdsutil
ntdsutil: roles press enter
FSMO maintenance: connections press enter
Server connection: connect to server client1.jetking.com press enter
Server connection: quit
FSMO maintenance: transfer rid master press enter yes
FSMO maintenance: transfer PDC press enter yes
FSMO maintenance: transfer infrastructure master press enter yes
FSMO maintenance: transfer schema master press enter yes
FSMO maintenance: transfer naming master press enter yes
For check the transfer’s roles go to the client1 and run following command
-->Run
-->CMD
-->c :\> Netdom query FSMO press enter (You can see transfers roles)
-->Finish...