Active Directory, group policy

 Active Directory (AD) 

  • Active directory is a directory service and it has its own database 
  • Data base contains users, computers, groups, printers etc 
  •  Active directory provides single log on authentication for all devices with in the domain 
  •  Active directory works on DNS. Without DNS we can’t create AD 
  •  There is no company without AD, DNS, DHCP. 
  •  Active directory services run on Domain controller.

Domain: It is a logical group of users or computers which sharing same naming structure.

Tree: It is a group of domains. 

Forest: It is a group of trees. 


OU: An organizational unit (OU) is a container within a Active Directory domain which can hold users, groups and computers. 

Group: Groups are used to collect user accounts, computer accounts, and other groups into manageable units. There are two types of groups in Active Directory: Distribution groups Used to create email distribution lists. Security groups Used to assign permissions to shared resources. 

Group policies: Group Policy is a feature that controls the working environment of user accounts and computer accounts. By using this policies we restrict specific apps, files , folders etc 

Active directory Installation 

Step 1: Open Server Manager. Click the start button then click the Server Manager.




Step 2: Add roles and features. And click Next



Step 3: Select Role-based or feature-based installation and click Next.



Step 4: Select destination server and click Next.




Step 5: Select server roles and select active directory domain services, and click Next.


Step 6: Click Next , and click Next. 

Step 7: Confirmation. Install. 


Creating New Domain 

Step 1: Go to configuration and select add a new forest



Step 2: DSMR password and click next.



Step 3: DNS options and click next.



Step 4: verify NetBIOS name and click next.



Step 5: paths and click next.



Step 6: Click next and next and install


Add VM to cloudmasters.local domain 

Right click on domain click new and add computer give details and click ok




Creating Group 

Right click on domain click new and add group


Create users and add them to group 

Right click on domain click new then user create



Right click on user click move where we want to place


Creating OU and moving VM to it. 

Right click on domain click new then click organization unit



Right click on VM click move to ou


Creating group policy to block notepad in the OU 

Step 1: go to server manager click on tools and click group policy management.



Step 2: Right click on OU and create a group policy and name it.



Step 3: Right click on the created group policy and click edit.



Step 4: Computer Configuration – Policies – Windows Settings – Security Settings and finally – Software Restriction Policies and right click on it and software restriction policis



Step 5: Now Right-click on additional rules and click on “New Path Rule” go to browse and locate the notepad.exe file and set the security level to disallow. And click ok. 

Note: The default path for notepad.exe is c:\windows\system32\notepad.exe


Step 5: Go to command prompt and give gpupdate . this is for updating group policy.


Step 6: Finally restart the computer . now note pad is blocked.









Comments

Post a Comment

Popular posts from this blog

V-Center , cluster, DRS, HA, vMotion

Image
 VCenter  vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent components from a single centralized location.  Center Features  Multi-hypervisor management.  VMware Host Profiles.   Automatic VM restart.   Patch management.   vRealize Orchestrator (vRO).   vCenter Server Linked Mode.   Application programming interfaces (APIs).  CLUSTER  Cluster is a group of ESXi hosts. HA and DRS are the features of a cluster.  Pre requisites for Cluster.   Minimum 3 Hosts recommended   Shared storage “NAS / SAN / VSAN   CPU Compatibility   EVC Enhanced VMotion Compatibility   DRS   HA   VCenter for managing HostsVM kernel port group   Static IPs for all Hosts  HA or vSphere availability   High availability is the ability of the system...
Read more

Windows Services

Image
  Windows Services      Windows service is a computer program that operates in the background Ø        What is different between server and Client ? o    Server provide the service o    Client relives the service      Run command      Windows +R      Run - services.msc                   Dell hardware                Windows os 2019                SQL software          Print is not work ?                     Go to run command services.msc                     Print is running or not check      See the which service       click the right button in mouse...
Read more

41. Configuring Preferences using Item-level targeting

Configuring Preferences using Item-level targeting A computer running windows 2012 server Domain Controller. A member server running windows server 2012 or Client running windows 7. SYS1                                                                           SYS2 Domain Controller                                                   Member Server / Client IP Address                10.0.0.1                         ...
Read more