SETUP COMPUTER SERVER

INTRODUCTION TO SERVER

“Cannot establish connection to server” message of hopelessness for those who are
uploading files online, posting photos on Facebook, downloading torrent file from
peer network, and streaming videos online. But what is this message all about? What
is the server that these message referring to, or in other hand, what is server?
SERVER

is a physical computer that provide services to all client computers connected to it,
allowing them (client computer) to access available information or resources.

An entity in the client/server programming model, where the server is a software or

a program, running on one or multiple computers, that manages resources and
services of the network, while handling requests from different computers to access
said resources.
ACTIVE DIRECTORY
LEARNING OBJECTIVES:
After reading this INFORMATION SHEET, STUDENT(S) MUST be able to:
 Define briefly what Active Directory is,
 Describe what three primary types of objects that active directory provides.
 Describe what happens when you login in to active directory network
 Define what domain controller is.
 Describe forest.
 Describe a domain.
 Define briefly what a server role is.
 Install active directory.
In Windows NT, administrators were introduced to the concept of domains. Active
Directory Domain Services (AD DS) builds on that concept by creating a dynamic,
easily accessible structure through which directory and management information
can be stored and accessed centrally throughout an organization. By using AD DS,
you create a structure for managing your equipment and the people who use that
equipment, which is a helpful feature for all but the smallest of operations.
By using Active Directory as a whole, you have access to several management
tools, including Group Policy (GP), the ability to put groups inside groups multiple
times, and an online directory of users, computers, printers, and contacts that you
can access easily through the Windows user interface. Although you certainly can
operate a Windows-based network without Active Directory deployed in some form,
you lose out on a lot of functionality.
 What is Active Directory and Why Should I care?
Active Directory is the brain of a Window Server Network.
It is a database that keeps track of a huge amount of stuff and gives us a
centralized way to manage all our network machine, users, and resources.
Type of that active directory provides
 Users and groups
 Services (i.e. Email, etc.)
 Resources (Printer, Shared Folders, etc.)
These items are objects in the active directory database.
As a matter of fact, every time you login in to a corporate network, you’re using an
Active Directory.
What is Domain Controller?
 A domain controller is a machine that runs Active Directory Services.
 Think of it as a boss of your network.
 You may have multiple domain controller that all have copies of the same active
directory database.

What is Domain?
It is a logical group of computer that share a central directory database. The
machine are all named with part of domain name like itsmeismael.com (also called
a “suffix”) and registered in the active directory database so they can be managed.

Forest is comprised of all the domains in your enterprise. Your forest may only one
domain. Users are also part of “namespace”.
Example: Your email address is a part of domain namespace.
info@itsmeismael.com
Note: Email-like logins are also called “User Principle Names” when used to log
into a Server 2008 R2 network.

What is Server Role?

Server role is a major job that a server can perform.
It’s recommended that a server not have too many roles
A domain controller usually has only two roles:
1. Active directory domain services
2. Domain name services
Domain Name Service
 Is a service provided by a server that allows you to find other computer in your
network
 Allows you to type a friendly name of a machine instead of its IP address, allowing
your client to get the IP address from the DNS server and go find the resources.
Without DNS, Active Directory will not work. In Windows Sever 2008 R2, it’s
recommended that you integrate DNS with active directory to make your IT life
easier
 OU,USER AND COMPUTER ACCOUNT
ORGANIZATIONAL UNIT
An organization Unit is a container that holds AD Object like User Accounts,
Computer Accounts, and Groups.
OUs help to keep your objects organized, but also are used to control what your
Users can and can’t do (among the other things)
We’ll start off building a few OUs so our Users and Computer Accounts will have a
place to live.
You can organize OUs:
 Geographically
 By function (Departments. etc.)
 But remember to KISS as much as you’re able to! Keep it Simple, Sysadmin
User accounts
 it allow users to access network resources
Create accounts using command line
DSADD is a command-line option that will allow you to create users with
commands.

Syntax:
dsadd user ”cn=Username,ou=OUName, dc=YOurndomain, dc=yoursuffix”
Example
dsadd user “itsmeuser, ou=CSSStudents, dc=css, dc=com”

If you are going to add users’ complete name use the following syntax.
dsadd user “itsmeuser, ou=CSSStudents, dc=css, dc=com “ –fn Ismael –ln Balana –
pwd css_2016 –mustpwd no

If you want fast and easy creation of users just use the following codes, but this time
you need type the codes using Notepad or any equivalent text editor.
1. Open notepad or notepad++ > then type an example shown below
Syntax:
dsadd user “cn=%1, ou=OUName, dc=YourDomain, dc=YourSuffix” –fn%2 –ln%3 –
pwd Password –mustchpwd yes
Example:
dsadd user “cn=%1, ou=CSSUsers, dc=itsmeismael, dc=com” –fn%2 –ln%3 –pwd
css_2016 –mustchpwd yes

2. Save it as “addUsername.bat” in accessible directory.

3. Open command line, navigate to the directory where the script resides and type:
Syntax
addOUName username firstname lastname
Example:
addCSSUsers itsmeismael Ismael Balana
4. Open server manager OU’s destination and check the result
 COMPUTER ACCOUNTS
 Allow AD to keep track and control the computers in your network. A computer
without an Account in AD can’t access the network –it’s security measure.
 It resides in OU’s which allow you to install software to all machines in OU at once.
 When you are going to join a computer in your domain (you’ll need Admin level
credentials)
 A computer account is automatically created in AD.

OU VS GROUP
OU’s keep your object organized and are used to control what users and computers
can and can’t do.
Groups are active directory objects that allow you to provide and deny access to
resources like printer folder en masse. Groups are reside in organizational unit.
 Folder Redirection allows you as an administrator to point a number of special
folders, such as Documents, Music and Downloads, to locations of your choice. The
most common use of this is to locate folders such as My Documents on a network
share so that it can be centrally backed up.

As of Windows Server 2008 R2, the folders you can redirect are as follow
 AppData (Roaming)
 Desktop
 Start Menu
 Documents
 Pictues
 Music
 Video
 Favourites
 Contacts
 Downloads
 Links
 Searches
 Saved Games

One of the most useful things you can do is redirecting the Documents folder (or My
Documents for Windows XP and earlier). This allows you to store a user’s files on a
network share, rather than in their local user profile. This has a number of
advantages, including allowing you to back up these files centrally, and giving users
access to their files even if they log on to a number of different computers. You can
couple Folder Redirection with Offline Files to ensure that people can continue to
work on their files even when they are not connected to your network.
GROUP POLICY

What is Group Policy

 Contains Settings that can be configured to control what’s happening with Users
and Computers.
 There are literally thousands of different settings that can be configured inside of
each GPO.
 GPOs are use with containers (Domains, Sites, and OUs), but are not applied to
group
Local vs. Domain
Every Windows computer has a Local group policy to control what can be done on it
and what is restricted, but you don’t want to go around to all the computers in your
Domain and configure all the settings manually.
You want to join the rest of the world and administer Group policy from Active
directory.
 Local scenario
Advantage
 You can configure each computer separately using Local policy
Disadvantage
 But configuring 30 or more machine using local policy it is too redundant and too
time consuming.
Domain Scenario
Advantage
 Configuring all machines at once from the comfort of your desk.
 Less time to configure all machines.
Disadvantage
 Down of a server may affects all the connected machines
Creating and linking GPO’s
We can create a Group Policy Object easily, but we have to link it to the appropriate
container (usually an OU) before it takes effect on the Users and/or Computers.
A single GPO can be linked to multiple containers so you can re-use it again.
Group policy has two sides
1. User
2. Computers
While you can configure settings for both sides in any one GPO, you generally don’t
(this is why we separate users and computers into separates OU’s).
Each side of group policy has policies and *NEW preferences.
Generally, we create separate GPO’s for Users and Computers