Home > Developer > Windows

Management of Windows Server2008 domains

Source: Internet
Author: User
Tags administrator password create domain
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Lab Report

Experiment Name: domain management

Experiment Description: Install Active Directory, create domain, manage domain Users and groups, apply Domain Group Policy

Experimental topology: slightly

Experimental steps:

First, in the Windows Server2008 Install Active Directory upgrade domain controller, domain name tarena.com , the client joins the domain

1. Log in as Administrator administrator, modify TCP/IP settings

650) this.width=650; "title=" clip_image002 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image002 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260629orvm.jpg "" 408 "height=" 416 "/>

2, "Start"-"Run" Enter the dcpromo command to install the domain controller, patiently wait for the download of the secondary files to complete, and then automatically open the Installation Wizard, click Next

650) this.width=650; "title=" clip_image004 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image004 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260632xcop.jpg "" "height=" 435 "/>

3. Select New domain in New forest and click Next.

650) this.width=650; "title=" clip_image006 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image006 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260632f4wx.jpg "" 507 "height=" 445 "/>

4. Set the new domain name to tarena.com and click "Next".

650) this.width=650; "title=" clip_image008 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image008 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 140526063223c9.jpg "" 507 "height=" 444 "/>

5. Select forest functional level to accept the default values and click Next.

650) this.width=650; "title=" clip_image010 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image010 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260632jawy.jpg "" 508 "height=" 443 "/>

6. Select "Domain functional Level" and accept the default value, click "Next"

650) this.width=650; "title=" clip_image012 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image012 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260633dz9a.jpg "" 507 "height=" 444 "/>

7. Tick "DNS Server", click "Next", "Do you want to continue", and click "Yes".

650) this.width=650; "title=" clip_image014 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image014 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260633iure.jpg "" 509 "height=" 444 "/>

8. Set the location of the domain control files and click "Next"

650) this.width=650; "title=" clip_image016 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image016 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260633tn9k.jpg "" 510 "height=" 445 "/>

9. Set the administrator password to use in Directory Services Restore mode, click Next

650) this.width=650; "title=" clip_image018 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image018 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260634t9hp.jpg "" 508 "height=" 445 "/>

10. Confirm the installation selection and click "Next"

650) this.width=650; "title=" clip_image020 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image020 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260634yq7t.jpg "" 507 "height=" 444 "/>

11, tick "reboot after completion" (if not checked, you can restart manually).

650) this.width=650; "title=" clip_image022 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image022 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260634ygv6.jpg "" 441 "height=" 287 "/>

12, to restart the password reset, enter the system, confirm the installation results.

650) this.width=650; "title=" clip_image024 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image024 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260634gfza.jpg "" 630 "height=" 580 "/>

13, the administrator login Windows7 client, modify TCP/IP to join the new domain tarena.com

650) this.width=650; "title=" clip_image026 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image026 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260635oksi.jpg "" 414 "height=" 432 "/>

Enter the domain name and click OK

650) this.width=650; "title=" clip_image028 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image028 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260635myoy.jpg "" 340 "height=" 371 "/>

Authenticate with a domain user or domain administrator

650) this.width=650; "title=" clip_image030 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image030 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260635xde6.jpg "" 443 "height=" 262 "/>

Verify success will prompt "Welcome to tarena.com Domain"

Second, Group Policy settings under a domain environment

1. Open the Administrative Tools---Active directory Users and Computers---tarena.com----Right-click Users, tap New---user, enter the information, click Next

650) this.width=650; "title=" clip_image032 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image032 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260635erxm.jpg "" 443 "height=" 343 "/>

Set User password

650) this.width=650; "title=" clip_image034 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image034 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260635ndoh.jpg "" 446 "height=" 348 "/>

Create a new OU "Caiwu" in the Domain "tarena.com", create a new normal user Cai as an employee account under Caiwu, and the manager as the manager's account

2. Prohibit all users in the domain from modifying the desktop background

1) Open the Administrative Tools---Group Policy Management, right click on default Domain policy, select "Edit" to enter the Group Policy Management editor

650) this.width=650; "title=" clip_image036 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image036 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260635hebf.jpg "" 767 "height=" 538 "/>

User Configuration---Policies---Administrative templates---Control Panel---personalization, right-click Prevent changes to desktop background, clicking Edit

650) this.width=650; "title=" clip_image038 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image038 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260636kmrf.jpg "" 801 "height=" 544 "/>

Tick "enabled" and click "OK".

650) this.width=650; "title=" clip_image040 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image040 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260636jvqj.jpg "" 702 "height=" 535 "/>

2) Verify that the policy is working correctly. Log in Windows7 client with User1 user, right click on desktop Select "Personalization", found "desktop background" is gray, cannot be set, stating that Group Policy applied successfully

650) this.width=650; "title=" clip_image042 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image042 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260636hkgp.jpg "" 841 "height=" 597 "/>

3, on the basis of experiment 2 to achieve CAIWU OU users can modify the desktop background.

1) Open Group Policy Management, right-click on "Caiwu", create GPO

650) this.width=650; "title=" clip_image044 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image044 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260637fyw5.jpg "404" height= "/>"

Create a new GPO with the name "CAIWU1"

650) this.width=650; "title=" clip_image046 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image046 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 14052606378g2e.jpg "" 391 "height=" 165 "/>

Right-click Caiwu and select Block Inheritance

650) this.width=650; "title=" clip_image048 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image048 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260637zepw.jpg "" 419 "height=" 377 "/>

With user Cai login verification under Caiwu, you can change the desktop background and apply the policy successfully

650) this.width=650; "title=" clip_image050 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image050 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260637eg4w.jpg "" 277 "height=" 329 "/>

4, on the basis of experiment 3, on the default Domain policy configuration is enforced, users who implement CAIWU ou can not modify the desktop background

1) Right-click on DefaultDomain Policy and select "Force"

650) this.width=650; "title=" clip_image052 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image052 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260638iv0p.jpg "" 358 "height=" 514 "/>

Use Cai to log in to Windows7 client to verify successful policy application

650) this.width=650; "title=" clip_image054 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image054 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260638jvn0.jpg "" 375 "height="/>

5, on the basis of experiment 4 to remove the Caiwu ou block inheritance, the enforcement of the domain policy, and then caiwu the OU to create a new GPO, set the user to open the default home page of the browser is http://www.tarena.com

1) Right-click Caiwu OU, unblock inheritance, right-click DefaultDomain Policy to cancel "force"

2) Right-click the Caiwu OU to create a new GPO

650) this.width=650; "title=" clip_image056 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image056 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260638hwfl.jpg "" 396 "height=" 165 "/>

3) Right-click on "Default Home Page" and select "Edit" to enter the Group Policy Editor

User Configuration---Policies---windows settings---Internet Explorer Maintenance---Important URLs, setting up a custom home page

650) this.width=650; "title=" clip_image058 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image058 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 14052606382dwa.jpg "" 805 "height=" 552 "/>

4) Validation policy. User Cai login windows7, open IE browser, home page URL for http://www.tarena.com, policy application success

650) this.width=650; "title=" clip_image060 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image060 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260638xmth.jpg "" 603 "height="/>

6. Configure the Default domain policy on the basis of experiment 5 the default home page for users who open a browser is http://www.baidu.com.

1)

650) this.width=650; "title=" clip_image062 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image062 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260639xpih.jpg "" 804 "height=" 545 "/>

2) Open the default home page of the browser with user authentication for Caiwu ou, still http://www.tarena.com

650) this.width=650; "title=" clip_image064 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image064 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260639r6nl.jpg "" 570 "height="/>

7. Caiwu OU Manager users are not affected by the ban on modifying desktop background policies

1) Click "DefaultDomain Policy", select "delegation" on the Right tab, click "Advanced"

650) this.width=650; "title=" clip_image066 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image066 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260639ncgx.jpg "" 845 "height=" 537 "/>

2) Click "Add"

650) this.width=650; "title=" clip_image068 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image068 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260639ko9c.jpg "" 369 "height=" 418 "/>

3) Add "Manager" and click "OK"

650) this.width=650; "title=" clip_image070 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image070 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260640cuus.jpg "" 464 "height="/>

3) Select Manager permissions to reject the write, and deny Apply Group Policy, apply.

650) this.width=650; "title=" clip_image072 "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; margin:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image072 "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260670b4ob.jpg "" 477 "height=" 435 "/>

4) You can change the desktop background by logging in with Jingli at the client.

650) this.width=650; "title=" clip_image050[1] "style=" border-top:0px; border-right:0px; Background-image:none; border-bottom:0px; padding-top:0px; padding-left:0px; border-left:0px; padding-right:0px "border=" 0 "alt=" clip_image050[1] "src=" http://img1.51cto.com/attachment/201407/13/6212447_ 1405260670jiry.jpg "" 277 "height=" 329 "/>

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
list of registered domains types of web domains domains of change list of all domains multiple registration of domains list of internet domains different types of domains names
Related Article
How to remove bootcamp Windows partition in Mac dual system
Windows Server 2016-active Directory Domain Services Port rollup
Using word to convert a PDF file to a DOC file

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More