Introduction to ADDS
Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. It is included in most Windows Server operating systems as a set of processes and services. Initially, Active Directory was only in charge of centralized domain management. Starting with Windows Server 2008, however, Active Directory became an umbrella title for a broad range of directory-based identity-related services.
A server running Active Directory Domain Service (AD DS) is called a domain controller. It authenticates and authorizes all users and computers in a Windows domain type network—assigning and enforcing security policies for all computers and installing or updating software.
For example, when a user logs into a computer that is part of a Windows domain, Active Directory checks the submitted password and determines whether the user is a system administrator or normal user. Also, it allows management and storage of information, provides authentication and authorization mechanisms and establishes a framework to deploy other related services: Certificate Services, Active Directory Federation Services, Lightweight Directory Services, and Rights Management Services.
A directory is a hierarchical structure that stores information about objects on the network. A directory, in the most generic sense, is a comprehensive listing of objects. A phone book is a type of directory that stores information about people, businesses, and government organizations. Phone books typically record names, addresses, and phone numbers.
Active Directory (AD) is a Microsoft technology used to manage computers and other devices on a network. It is a primary feature of Windows Server, an operating system that runs both local and Internet-based servers.
Benefits of Active Directory :
- Hierarchical organizational structure.
- Multimaster Authentication & Multimaster replication (the ability to access and modify AD DS from multiple points of administration)
- A single point of access to network resources.
- Ability to create trust relationships with external networks running previous versions of Active Directory and even Unix.
Active Directory 'Services':
Active Directory provides several different services, under which one of the key service is “Active Directory Domain Services, ” or AD DS.
Active Directory services include:
(You may use DCLDR to recall the services)
- Domain Services (ADDS)– Stores centralized data and manages communication between users and domains; includes login authentication and search functionality
- Certificate Services (AD CS) – It generates, manages and shares certificates. A certificate uses encryption to enable a user to exchange information over the internet securely with a public key.
- Lightweight Directory Services (ADLDS) – Supports directory-enabled applications using the open (LDAP) protocol.
- Directory Federation Services (ADFS) – Provides single-sign-on (SSO) to authenticate a user in multiple web applications in a single session.
- Rights Management (AD RMS)– It controls information rights and management. AD RMS encrypts content, such as email or Word documents, on a server to limit access.
Domain Controllers: A server that is running AD DS is called a domain controller. Domain controllers host and replicate the directory service database inside the forest. The directory service also provides services for managing and authenticating resources in the forest.
The logical structure of AD
Object: Active Directory structures are arrangements of information about objects.Each object represents a single entity—whether a user, a computer, a printer, or a group—and its attributes.
Forest, Trees and Domain:
A domain is defined as a logical group of network objects (computers, users, devices) that share the same Active Directory database.
A tree is a collection of one or more domains and domain trees in a contiguous namespace, and is linked in a transitive trust hierarchy.
Forest : The top of the structure is called the forest. A forest is a collection of trees.
Organizational units The objects held within a domain can be grouped into organizational units (OUs). An organizational unit (OU) is a subdivision within an Active Directory into which you can place users, groups, computers, and other organizational units. You can create organizational units to mirror your organization's functional or business structure.
Introduction to ADDS
Windows PowerShell
Windows PowerShell is a command-line shell and scripting language designed especially for system administration. Its analog in Linux is called Bash Scripting.
Built on the .NET Framework, Windows PowerShell helps IT professionals to control and automate the administration of the Windows operating system and applications that run on the Windows Server environment.
Windows PowerShell commands, called cmdlets, let you manage the computers from the command line. Windows PowerShell providers let you access data stores, such as the Registry and Certificate Store, as easily as you access the file system. In addition, Windows PowerShell has a rich expression parser and a fully developed scripting language.
So in simple words, you can complete all the tasks that you do with GUI and much more.
A cmdlet or "Command let" is a lightweight command used in the Windows PowerShell environment. The Windows PowerShell runtime invokes these cmdlets at command prompt.
How to Start Windows PowerShell
From the Start Menu Click Start, type PowerShell, and then click Windows PowerShell.
or
From the Start menu, click Start, click All Programs, click Accessories, click the Windows PowerShell folder, and then click Windows PowerShell.
Some Basic Commands in Windows Powershell
get-date
get-location
get-localuser
get-process
get-service
get-help eg: get-help process
ConvertTo-Html
The ConvertTo-Html cmdlet converts .NET Framework objects into HTML that can be displayed in a Web browser. You can use this cmdlet to display the output of a command in a Web page.
Example: Create a web page to display processes
Get-Process | ConvertTo-Html -Property Name, Path, Company -Title "Process Information" | Out-File proc.htm; ii proc.htm
Additional Commands (cmdlet)
You can find the list of updates installed on the machine using the following command:
Get-Hotfix
To get the version of the PowerShell, use the following command:
Get-host | select Version
To get the reboot history :
Get-EventLog system | where-object {$_.eventid -eq 6006} | select -last 10
List of Installed programs:
Get-Module PSWindowsUpdate
Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\* | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table –AutoSize
Finding the rules on the firewall:
Get-NetFirewallRule
IP configuration:
Get-NetIPConfiguration
To verify if IPv4 or IPv6 is enabled or not
Get-NetAdapterLso
To get the routing table
Get-NetRoute
List of Installed Programs
List of Installed Programs
Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Format-Table –AutoSize
Windows PowerShell
Windows Server 2016
Active Directory Federation Services
Windows Defender
Remote Desktop Services
Storage Services
Failover Clustering
Web Application Proxy
IIS 10
Windows PowerShell 5.1
Windows Server Containers
System Requirements
The minimum system requirements to run Windows Server 2016 is discussed here:
Windows Server 2016 is a server operating system developed by Microsoft as part of the Windows NT family of operating systems, developed concurrently with Windows 10. Windows Server 2016 was released on September 26, 2016, at Microsoft's Ignite conference and became generally available on October 12, 2016.
Features of Windows Server 2016
The main features include:
Windows Defender
Remote Desktop Services
Storage Services
Failover Clustering
Web Application Proxy
IIS 10
Windows PowerShell 5.1
Windows Server Containers
The minimum system requirements to run Windows Server 2016 is discussed here:
- Processor:
- 1.4 GHz 64-bit processor
- Compatible with x64 instruction set
- RAM
- STORAGE SPACE
Minimum: 32 GB
Other Requirements
DVD drive (if you intend to install the operating system from DVD media)
About Windows Server 2016
Windows Firewall
Windows Firewall is a Microsoft Windows application that filters information coming to your system from the Internet and blocking potentially harmful programs. The software blocks most programs from communicating through the firewall. Users simply add a program to the list of allowed programs to allow it to communicate through the firewall. When using a public network, Windows Firewall can also secure the system by blocking all unsolicited attempts to connect to your computer.
A firewall acts between two Networks
The first release of the Windows Firewall was called the Internet Connection Firewall and was released in Windows XP (Service Pack 2).
Types of Firewall
1. Hardware eg: cisco firewall
2. Software eg: Windows Firewall
3. Hybrid eg: Network Box
Types of Firewall
1. Hardware eg: cisco firewall
2. Software eg: Windows Firewall
3. Hybrid eg: Network Box
Use the following steps in Windows 10:
- Go to the search box.
- Type firewall and click Enter.
- Select Windows Firewall.
- Turn Windows Firewall on or off.
Inbound and Outbound Rules in Firewall
Inbound rules: These are to do with other things accessing your computer. If you are running a Web Server on your computer then you will have to tell the Firewall that outsiders are allowed to connect to it.
Outbound rules: These are so that you can let some programs use the Internet, and Block others. You will want to let your Web Browser (Internet Explorer, Firefox, Safari, Chrome, Opera, etc.) have access to the Internet, so you will tell Windows Firewall that it's allowed.
Inbound rules: These are to do with other things accessing your computer. If you are running a Web Server on your computer then you will have to tell the Firewall that outsiders are allowed to connect to it.
Outbound rules: These are so that you can let some programs use the Internet, and Block others. You will want to let your Web Browser (Internet Explorer, Firefox, Safari, Chrome, Opera, etc.) have access to the Internet, so you will tell Windows Firewall that it's allowed.
Outbound means you initiate the connection and the traffic starts flowing outward of your computer to the destination you intended. Example: you connect to a server. Inbound means someone else from outside of your computer initiates the connection to your computer, so the traffic starts flowing inward to your machine. For example, your server gets requests from people.
This doesn't mean the actual dataflow. Inbound doesn't mean always inward traffic, and outward doesn't mean always outward traffic, because ports like TCP need both directions in order to establish the connection, and therefore Windows firewall does not block one direction, but the direction of the person or the device that starts the dataflow.
So if you only block outbound traffic of Chrome, it means Chrome can't initiate traffic to outside, but Google can initiate traffic to Chrome.
This Video describes How Windows Firewall restricts an app from using the internet
Configure Windows Firewall
Operating System (OS)
Examples of Operating System
Microsoft Windows was announced by Bill Gates on November 10, 1983.Microsoft introduced Windows as a graphical user interface for MS-DOS, which had been introduced a couple of years earlier.
Versions of Windows
Linux is?
Next, unless you are trying to upgrade an existing Windows installation, press the Custom (Advanced) Installation button. Note that in this case,; the Upgrade button is disabled because of this specific installation if performed on a new computer which does not have any previous operating system (OS) on it.
Select the disk and click on New
Give the partition size and click Apply
Click OK in the dialog box
Click Unallocated Space and click New
Here we are creating 2 Partitions again so applied 30000 MB for the partition and click OK
Finally creating the last partition so select the Unallocated Space and click New doesn’t need to change the size so click Apply.
The setup process will now begin to copy files from the bootable DVD to the hard disk
The computer will reboot, and the next thing you will see is the prompt to set the user’s and computer’s name. By default the computer’s name will be username-PC, where username is the username you will enter there in the corresponding space.
Enter the user’s password. And please remember this password for future use.
Next, type in your product key. If you do not have the product key at hand you can still click “Next”, and proceed with the installation.
Choose what sort of protection your computer needs
Choose your time zone and location and click on Next
Select your network location type. This setting can be changed later,; if required. Also please Note that choosing a profile will have effect on the Windows Firewall and sharing settings. Click “Next”.
Windows will finalize the settings and your desktop will appear
Here it concludes the Wndows 7 Insallation
An Operating system (OS) is a software that acts as an interface between the end-user and computer hardware. Every computer must have at least one OS to run other programs. The OS helps you to communicate with the computer without knowing how to speak the computer's language. It is not possible for the user to use any computer or mobile device without having an operating system.
- Windows
- Linux
- Android
- iOS
- Mac OS
- Chrome OS
Client Vs Server OS:
Windows is?Microsoft Windows was announced by Bill Gates on November 10, 1983.Microsoft introduced Windows as a graphical user interface for MS-DOS, which had been introduced a couple of years earlier.
Versions of Windows
- MS-DOS Windows 1.0 - 2.0
- Windows 3.0 – 3.1
- Windows 95
- Windows 98
- Windows ME - Millennium Edition
- Windows NT 31. - 4.0
- Windows 2000
- Windows XP
- Windows Vista
- Windows 7
- Windows 8
- Windows 10
- Windows Server
- Windows Home Server
- Windows CE
- Windows Mobile
- Windows Phone 7-10
Linux is?
● Free
● Unix Like
● Open Source
● Network operating system
Who developed the Linux?
How to get Linux?
Linux available for download over the net, this is useful if your internet connection is fast.
Various Linux distributions are available. The following are important Linux distributions.
Linux distributions. (Distros)
Let's see How to Install Windows Client OS- Windows 7:
Let's start Installing Windows 7
When installing Win 7 on a computer insert your Windows 7 DVD into your DVD drive and reboot your computer. If you are asked to press a key to boot from DVD or CD; press any key. A black window will appear momentarily while the DVD content is read.
Now the “Install now” button.
● Unix Like
● Open Source
● Network operating system
Who developed the Linux?
In 1991, Linus Torvalds studying Unix at the University, where he used special educational experimental purpose operating system called Minix (small version of Unix and used in Academic environment). But Minix had it's own limitations. Linus felt he could do better than the Minix. So he developed his own version of Minix, which is now know as Linux. Linux is Open Source From the start of the day.
How to get Linux?
Linux available for download over the net, this is useful if your internet connection is fast.
Various Linux distributions are available. The following are important Linux distributions.
Linux distributions. (Distros)
- Red Hat Linux
- UBUNTU Linux
- SuSE Linux
- Mandrake Linux
- Caldera Linux
- Debian GNU/Linux
- Slackware Linux
Let's see How to Install Windows Client OS- Windows 7:
Minimum recommended specs for Installing Windows 7:
- 1 GHz 32-bit or 64-bit processor
- 1 GB of system memory
- 16 GB of available disk space
- DVD-R/W Drive
- Internet access (to activate and get updates)
Difference Between 32 bit and 64 Bit Windows 7 OS:
You need to decide whether to install the 32-bit or 64-bit version of Windows 7. The Windows 7 installation disc package includes both 32-bit and 64-bit versions of Windows 7. Basically, the 64-bit version of Windows handles large amounts of random access memory (RAM) more effectively than a 32-bit system. So if you plan on using Windows 7 on a computer with more than 3 GB of RAM, Here we strongly suggest using the 64-bit version. Most programs designed for the 32-bit version of Windows will work on the 64-bit version of Windows.
Types of Installation
Basically, there are 2 approaches to installing Windows 7:
- Upgrade (In-place upgrade) – This option replaces your current version of Windows with Windows 7, and keeps your files, settings, and programs in place on your computer.
- Custom (“fresh” installation) – This option replaces your current version of Windows with Windows 7, but doesn’t preserve your files, settings, and programs. It’s sometimes referred to as a clean installation for that reason.
When installing Win 7 on a computer insert your Windows 7 DVD into your DVD drive and reboot your computer. If you are asked to press a key to boot from DVD or CD; press any key. A black window will appear momentarily while the DVD content is read.
Next, accept the license terms and click on “Next”.
Next, unless you are trying to upgrade an existing Windows installation, press the Custom (Advanced) Installation button. Note that in this case,; the Upgrade button is disabled because of this specific installation if performed on a new computer which does not have any previous operating system (OS) on it.
Here we reached the partition table of windows 7 we can see that our Disk space is 80 GB. In Windows 7 we can create only 4 partitions during the installation time, aslo a partition of 100 MB will automatically create for saving the System Files. So its better to create only two partitions, one for the windows installation and the whole remaining space in one partition, because we can create partitions as we wish after completing the installation through Device Manager.
Select the disk and click on New
Give the partition size and click Apply
Click OK in the dialog box
Here we are creating 2 Partitions again so applied 30000 MB for the partition and click OK
Finally creating the last partition so select the Unallocated Space and click New doesn’t need to change the size so click Apply.
Finally, we completed the partitioning we can see that we created 3 partitions and one 100 MB Special partition.
Select the partition in which you want to install Windows 7 and Click Next.
The setup process will now begin to copy files from the bootable DVD to the hard disk
The computer will reboot, and the next thing you will see is the prompt to set the user’s and computer’s name. By default the computer’s name will be username-PC, where username is the username you will enter there in the corresponding space.
Enter the user’s password. And please remember this password for future use.
Next, type in your product key. If you do not have the product key at hand you can still click “Next”, and proceed with the installation.
Choose what sort of protection your computer needs
Choose your time zone and location and click on Next
Select your network location type. This setting can be changed later,; if required. Also please Note that choosing a profile will have effect on the Windows Firewall and sharing settings. Click “Next”.
Windows will finalize the settings and your desktop will appear
Here it concludes the Wndows 7 Insallation
Windows Client OS Installaton
Antivirus software is a program designed & developed to protect computers from Viruses. Computer worms, spyware, botnets, rootkits, keyloggers are also detected and removed with the use of Antivirus software. The basic functions of an AV software include three basic steps that are scan, detect and remove viruses from the infected computer.
You can download AVG Software (Free Version from Here)
How to install and Configure
By visiting https://www.avg.com/en-in/free-antivirus-download website you can download a free version of AVG Antivirus. its latest version will works on Windows 7, Windows 8 and Windows 10.
- Download the Installer and Open the file to install your AVG application.
- Follow the onscreen instructions
Step by Step Installation procedure of AVG Antivirus Free Version is demonstrated here:
Configuration of Antivirus
Peer to Peer (P2P) Network
A peer-to-peer network is one in which two or more PCs share files and access the same Peripheral devices such as printers without requiring a separate server computer or server OS.
It is the simplest form of a network. A peer-to-peer (P2P) network is created when two or more PCs are connected and share resources without going through a separate server computer.
In the P2P network, every connected PC is at once a server and a client. There's no special network operating system residing on a robust machine that supports special server-side applications like directory services.
Lets set up a Peer to Peer Network using Two Pcs
Step 1 : You have to make sure that both computers have IP addresses that are on the same subnet. For example, if you give one computer an IP address of 192.168.0.1, then you should give the second computer an IP of 192.168.0.2
If you used the above IP addresses, you should use a subnet mask of 255.255.255.0. If you use an incorrect subnet mask, the connection will not work. Lastly, the value for the default gateway should be the same on both machines. You can pick which IP address you want to use, but use it on both computers for the default gateway.
You could leave the Default Gateway and Preferred DNS server fields blank as you really don’t have to connect to any device outside the local network.
STEP 2: Use a Crossover Cable to connect two PCs directly through their NIC ports
STEP 3: You should disable the firewall on both computers to ensure that none of the file-sharing ports are being blocked. You can do this by going to Control Panel and then Windows Firewall.
STEP 4: You can check the connection by opening a command prompt (Cick on Start and type in cmd) and trying to ping the other computer. Just type the word ping followed by the IP address of the other computer.
You should now be able to go to My Network Places or Network in Windows Explorer and access the other computer. You’ll also need to setup a shared folder if you want to transfer files.
A Simple Network- Setup & Connectivity Verification
An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.
An IP address serves two main functions:
1.Host or Network interface identification
2.Location addressing.
There are two versions of IP
1. Internet Protocol version 4 (IPv4)
2. Internet Protocol version 6 (IPv6)
Internet Protocol version 4 (IPv4) defines an IP address as a 32-bit number. However, because of the growth of the Internet and the depletion of available IPv4 addresses, a new version of IP (IPv6), using 128 bits for the IP address, was standardized in 1998.
IPv4 addresses are usually represented in dot-decimal notation, consisting of four decimal numbers, each ranging from 0 to 255, separated by dots, e.g., 172.16.254.1. Each part represents a group of 8 bits (an octet) of the address.
Static Vs dynamic IP addresses
IP addresses are assigned in two different ways. They may be dynamically assigned (they can change automatically) or statically assigned (they are intended not to change, and must be changed manually).
Most home networks use dynamic allocation. Your router uses DHCP (Dynamic Host Configuration Protocol) to temporarily assign, or "lease," an IP address to your device.
After a period of time, this lease "expires," and the router renews your old address or assigns you a new one depending on the router configuration.
Subnet and Subnet Mask
Dividing an IP network into blocks of logical addresses is known as subnetting.
A subnet mask is data used for bitwise operations on a network of IP addresses that is divided into two or more groups.
Subnetting can improve security and help to balance overall network traffic.
Every IP address has a corresponding subnet mask. The subnet mask specifies the range of the IP addresses in a group. The subnet mask looks a lot like an IP address. It is made up of four eight-bit numbers separated by periods. These numbers once again range from 0 to 255.
A common example of a subnet mask for Class C IP addresses is 255.255.255.0, the default subnet mask for many computers and network routers. When applied to subnet, a subnet mask shows the routing prefix.
IP Conflict
IP address conflict occurs when two devices on the same local physical or wireless network claim to have the same IP address. The second assignment of an address generally stops the IP functionality of one or both of the devices. Many modern operating systems notify the administrator of IP address conflicts.
Default Gateway
A default gateway serves as an access point or IP router that a networked computer uses to send information to a computer in another network or the internet.
In a home or small office environment, the default gateway is a device, such as a DSL router or cable router, that connects the local network to the Internet.
Various utility software can show the default gateway. On Windows, ipconfig may be used, while on Linux systems, netstat may be used
Preferred DNS Server
The computer on which DNS software runs is called a DNS server. Anytime your computer or its software does not know what IP address goes with a specific domain name especially you are searching on internet (Eg: www.google.com), it requests that information from your preferred DNS server.
If your preferred DNS server is unavailable, your computer requests the same information from the alternate DNS server. If both servers are unavailable, your computer fails to accomplish the things you are trying to do over the Internet.
Your home router is likely set by default to use your ISP's DNS servers. Also there are a number of third-party DNS servers available as well. Two examples are OpenDNS (208.67.220.220 and 208.67.222.222) and Google Public DNS (8.8.8.8 and 8.8.4.4)
How to Set IP in Windows
Step 1: Press Windows Key +R
Enter ncpa.cpl
Step 2: Right Click on Network Adapter and Select Properties
STEP 3: Select TCP/IP V4 and Select Properties
STEP 5: You can see a Window like this & Assign IP address and other values
Diagnostic Tools
Computer operating systems provide various diagnostic tools to examine network interfaces and address configuration. Microsoft Windows provides the command-line interface tools ipconfig and netsh and users of Linux systems may use ifconfig, netstat, route, lanstat, fstat, and iproute2 utilities to accomplish the task.
Tip:
What is a 255.255 255.0 subnet?
A class C network would have a subnet mask of 255.255.255.0 which means that 24 bits are used for the network. In CIDR notation this is designated by a /24 following the IP address. So: IP address 192.168.1.168 subnet mask 255.255.255.0 is written as: 192.168.1.168/24 in CIDR notation.
What is CIDR?
Classless Inter-Domain Routing (CIDR is a method for allocating IP addresses and IP routing.
IP address Assignment
Subscribe to:
Comments (Atom)