Lab 2 – Active Directory and Remote Administration

You need to watch how many VMs are open and running at the same time during this lab. Remember to calculate how much Memory is being used by each virtual machine and also remember that the host operating system needs memory to run also. Verify that Lab 1 has been completed, and that all computers have been renamed and IP addresses have been set according to the PreLab Chart. If you do not remember the steps to complete this part of the lab, you can use instructions from Lab 8 in the IOS110 course: ios110.wordpress.com *Depending on the amount of RAM in your computer, you may not be able to run all VMs at the same time. If you have 8GB of RAM you might be able to adjust the memory in each of the Servers to 2GB and the Clients to 1GB. The performance of the VMs will suffer and you will need to be patient, but you can complete the entire labs that way. Only run the VMs that are necessary to perform the tasks needed.  Approximate completion time:  80 minutes.

1.0 Creating your Domain

  1. Using Server1, create a new domain using the domain name in your PreLab Chart.
  2. If you are using the lab instructions for IOS110, be aware that those instructions are for Windows Server 2012 R2 and you are using Windows Server 2016.
  3. Remember that during the Promotion of the domain controller, you will be prompted to install DNS. DNS MUST be installed during the promotion procedure (watch for the checkbox). It should NOT be installed as a separate role while installing ADDS.
  4. Be sure to change your TCP/IP settings so that you now have a Preferred DNS Server setting with the same IP as your Server1. (This address may change to 127.0.0.1 on Server1. This is the loopback address and is telling TCP/IP to look at itself.)
  5. Now, when you login as the Administrator, you are logging in as the Administrator of the Domain.

2.0 Clients Join the Domain

  1. Change your TCP/IP settings so that the clients are pointing to Server1 for the Preferred DNS Server setting. Use the information on the PreLab chart if you don’t remember the IP address of Server1.
  2. Have both clients join the domain.
    • Right-click the Windows “Start” button and select System.
    • On the right, scroll down until you see System Info.
    • Click on the link, and you will see a link to Change the settings and enter your domain information.
  3. Once your clients have joined the domain, login as the Domain Administrator, not the local administrator. You may have to put your domain name before the username to login to the domain. For example: domain.com\Administrator

3.0 Initial Configuration of ServerCore.

In this section, we will use a combination of Command Line commands and PowerShell commands to rename our computer, configure a static IP address, and Join the Domain. You need to watch the prompts in Server Core to make sure you are using the proper command at the proper command prompt. By default, in Server Core, you are using the Command Prompt. To get to PowerShell, you type PowerShell at the Command Prompt and the prompt will change to PS.

3.1 Initial Configuration using PowerShell cmdlets

Use the following information to perform initial configuration tasks with Windows PowerShell cmdlets.
  1. Boot your ServerCore VM and login as the Administrator.
  2. At the Command Prompt on your ServerCore server, type PowerShell to use PowerShell commands. The prompt should change to PS C:\Users\Administrator>
To get back to the regular Command Prompt, type exit.

Set a static IP address

When you install a Server Core server, by default it is configured using DHCP. If you need a static IP address, you can set it using the following steps: To view your current network configuration, use Get-NetIPConfiguration. To view the IP addresses you’re already using, use Get-NetIPAddress. To set a static IP address, do the following:
  1. Run Get-NetIPInterface.
  2. Note the number in the IfIndex column for your IP interface (which should be Ethernet0) or the InterfaceDescription string. If you have more than one network adapter, note the number or string corresponding to the interface you want to set the static IP address for.

  3. Run the following cmdlet to set the static IP address:

New-NetIPaddress -InterfaceIndex 2 -IPAddress 10.0.xxx.30 -PrefixLength 24 -DefaultGateway 10.0.xxx.1

where:

  • InterfaceIndex is the value of IfIndex from step 2.
  • IPAddress is the static IP address you want to set.
  • PrefixLength is the prefix length (another form of subnet mask) for the IP address you’re setting. (For our example, 24 = 255.255.255.0)
  • DefaultGateway is the IP address to the default gateway.

The above command is all one line and the Default Gateway doesn’t really exist, but we can enter it anyway.

COnfigure Preferred DNS server

  1. Run the following cmdlet to set the DNS client server address:
Set-DNSClientServerAddress –InterfaceIndex 2 -ServerAddresses 10.0.xxx.10

where:

  • InterfaceIndex is the value of IfIndex from step 2.
  • ServerAddresses is the IP address of your DNS server (Server1).

Join a domain

Use the following cmdlets to join a computer to a domain.

  1. Run Add-Computer. You’ll be prompted for both credentials to join the domain and the domain name. Use your domain name and the Domain administrator username and password.

  2. Restart the computer. You can do this by running Restart-Computer.

Rename your ServerCore Server

  1. Use the following command to rename the local computer to SC-SenecaID and then restart it to make the change effective.
Rename-Computer -NewName “SC-SenecaID” -DomainCredential SenecaID.com\Administrator -Restart

Verify Your Configuration

  1. From the Command Prompt on your ServerCore server, type ipconfig /all.
  2. Verify that your computer name has changed, you are in the correct domain, and your TCP/IP settings are correct.

3.2 Using SCONFIG.CMD to Configure ServerCore

  1. Type sconfig at the command prompt. The Server Configuration menu will appear. You can verify your computer name change and domain on this screen.
  2. Select option 4 and ENABLE Remote Administration.
  3. Selection option 5 and set Windows Update Settings to MANUAL so they will not automatically update.
  4. Select option 7 and ENABLE Remote Desktop (option 2 – less secure).
  5. Use option 8 to verify your network settings from above.
  6. Use option 9 to change your time zone to Eastern.
  7. Exit Server Configuration.

4.0 Connect Server Manager to ServerCore Server

  1. On the Windows 10 Admin Client (while still logged in as the Domain Administrator), hit the Windows key and type Server Manager. Click Server Manager to open. You will want to add this to one of your menus for easy access as you will be using this tool frequently.
  2. Connect the Server Manager to the ServerCore server: right-click All Servers and then select Add Servers.
  3. With the Active Directory tab open (it should be looking at your domain), type SC in the name box, then click Find Now. Your ServerCore server should appear in the list.
  4. Click your ServerCore server, then the arrow in the middle, to add it to the list of Selected computers, then click OK.
  5. Your ServerCore server should now appear in the list of servers you can manage. (You can also add Server1 if you like.)
  6. If you right-click on your server, you can see a list of management and configuration options for this server.
  7. Before being able to use some of these remote tools, certain settings need to be changed on your ServerCore server. For example, MMC tools (like Computer Management) require Firewall Rules to be changed.

4.1 Configure ServerCore to allow Remote Administration

  1. From the Server Manager on your AdminClient, right-click on SC-SenecaID and select Windows PowerShell. This opens a PowerShell prompt on your ServerCore server. This is the same as typing PowerShell commands directly into your ServerCore server.
  2. Type the following commands:
Import-Module NetSecurity

Get-NetFirewallRule -DisplayName *DCOM-In* | Set-NetFirewallRule -Enabled True

Get-NetFirewallRule -DisplayGroup "Remote Event*" | Set-NetFirewallRule -Enabled True
You have now changed Firewall settings to allow more Remote Administration. You should now be able to go to the Server Manager, right-click on your ServerCore server and select Computer Management. It should open.

5.0 Using Windows Admin Center for Remote Administration

  1. Using the AdminClient, open the Windows Admin Center by double-clicking on the icon on the desktop (it should have been created during your installation. If not, hit the Windows key and search for Windows Admin Center.)
  2. When the tool opens, click Add, then Servers.Put your ServerCore server name in the field, wait for it to be found, and click Add.
  3. Use the same process to add Server1.
  4. Click on your ServerCore server in the list of servers you can manage. View the overview of this server. Notice all of the tools down the left hand side of the screen. Click on a few of the tools and see what they are used for.
To prove you have completed this lab:
  • Create a Microsoft Word document (or use Google docs), with a name of YourSenecaID-Lab2.docx.
  • Take a screenshot of Server 1 with the Local Server settings displayed, showing the new domain name and that this server is also the DNS server (DNS role installed).
  • Take a screenshot of AdminClient with System Info displayed, showing the new domain name.
  • Take a screenshot of the AdminClient running Server Manager with your ServerCore visible on the screen.
  • Take a screenshot of the AdminClient running Windows Admin Center with the ServerCore Overview screen displayed.
  • Take a screenshot of your ServerCore server with the output of the ipconfig /all command displayed on the screen. Make sure you scroll to the top of the output so the computer name, domain name and IP address are visible.
  • Paste each screen shot into the document, and label them clearly. You should have 5 images. 
  • Save the document as a PDF file using the same name as the document file, and upload it to MySeneca, under Course Documents>Labs>Lab2 before the due date.
 
Design a site like this with WordPress.com
Get started