Computer Networks Labs 4,5,6

bugqueenNetworking and Communications

Oct 26, 2013 (3 years and 7 months ago)

63 views

COMPUTER NETWORKS

LAB #
4

Installation and configuration of Domain Controller for Local Area Network


1.

Objective

a.

To learn difference between LAN,MAN and WAN

b.

To learn difference between Workgroup and Domain

c.

To learn difference between Domain Controller and D
omain

d.

To learn benefits of using Domain

e.

To learn how to install windows active directory to make Domain Controller

f.

To learn difference between Tree and forest structure used in Microsoft based
Domain network


2.

Introduction


There are three types of networ
ks LAN, MAN and WAN. LAN is the local area network
if the systems belong to the same enterprise and in other words we can say they belong to
the same network or particularly we can say they have same network ID in there IP
address. MAN is the metropolitan
area network or within city network if the systems that
are interconnected are in the same city but now a day protocols of MAN are not used and
have become obsolete and are not used instead they are totally overtaken by WAN
protocols. WAN is the wide area
network mean when the systems are far apart they can
be connected through WAN links. Basically by WAN we can say that we are using the
protocols that are used in WAN or we can say that when the systems have different
network ID in there IP address.
WANs ar
e used to connect LANs and other types of
networks together, so that users and computers in one location can communicate with
users and computers in other locations. Many WANs are built for one particular
organization and are private. Others, built by Inte
rnet service providers, provide
connections from an organization's LAN to the Internet. WANs are often built using
leased lines. At each end of the leased line, a router connects to the LAN on one side and
a hub within the WAN on the other. Leased lines ca
n be very expensive. Instead of using
leased lines, WANs can also be built using less costly circuit switching or packet
switching methods
.

In this lab our focus is build a Local Area Network for an organization and in order to do
so we can use two types o
f setups. One is workgroup and other is Domain setup. In work
all the computers are independent and have no centralized control and in order to
implement some policy for the users of a department you have to go to each computer
and implement the policies i
ndividually on every system. So in order to make this task
easier Domain setup is used and normally when the number of systems are more than 10
it is recommended. In Domain setup a centralized server is used and Active directory is
installed on it so that
it becomes a Domain Controller. Then all the policies are
implemented on the Domain Controller and all the users are required to use network
logon and all the user settings are controlled through one PC in the network. So the
benefits of the domain is that

there is no need to physically go to each system and
implement the policies rather you just configure the policies on the controller and when
users will logon through the network and all his settings will be imported from the
Domain Controller.

To install

windows active directory to make Domain Controller

you just type
‘DCPROMO’ in the run on Windows Server 2003 and Active Directory installation
wizard will open then follow the instructions to install active directory. Then you can
check the active directo
ry installation through DNS and active directory snap
-
ins.

The Active Directory framework that holds the objects can be viewed at a number of
levels. The forest, tree, and domain are the logical divisions in an Active Directory
network.

Within a deployme
nt, objects are grouped into domains. The objects for a single
domain are stored in a single database (which can be replicated). Domains are identified
by their DNS name structure, the namespace.

A tree is a collection of one or more
domains and domain tre
es in a contiguous namespace, linked in a transitive trust
hierarchy.

At the top of the structure is the
forest.

A forest is a collection of trees that
share a common global catalog, directory schema, logical structure, and directory
configuration. The for
est represents the security boundary within which users, computers,
groups, and other objects are accessible.


3.

Related Topics/Chapters in the theory class

a.

TCP/IP

b.

DNS

c.

LAN


4.

Hardware/Software required

a.

Hardware: PC

b.

Software Tool/Application:
Windows Server 200
3


5.

Tasks

a.

Configure TCP/IP and DNS on Windows Server 2003

b.

Run DCPROMO to install Active directory Service

c.

Test installation of Active Directory using DNS

d.

Test installation of Active Directory using Active Directory Snap
-
ins

e.

Check connectivity to Domain Cont
roller using Domain Name and Ping statement


6.

Deliverables

a.

Lab Report to be submitted by each student at the end of the lab


7.

Conclusion

a.

You will learn difference between LAN,MAN and WAN

b.

You will learn difference between Workgroup and Domain

c.

You will learn d
ifference between Domain Controller and Domain

d.

You will learn benefits of using Domain

e.

You will learn how to install windows active directory to make Domain
Controller

f.

You will learn different between Tree and forest structure used in Microsoft based
Domai
n network


8.

Questions/Assignments

a.











































COMPUTER NETWORKS

LAB #
5

Configuring Organizational Units (OUs) to represent business structure


1.

Objective

a.

To learn how to create organizational unit on domain controller

b.

To learn
how to create organizational units to represent business structure

c.

To learn how to create accounts in OUs

d.

To learn how to change local security policies on domain controller

e.

To learn how to test local security policies and logon on domain controller


2.

Intro
duction


After the installation of active directory, now in order to make the domain structure for
your network you need to create users and groups etc. and define policies for the rights of
the users.

To represent your business structure with different de
partments or units go to Start
-
>Administrative Tools
-
>Active directory users and computers
-
>YourDomain
-
>right
click
-
>New
-
>Organizational Unit. Then create new organizational units to represent your
business structure. You can create OU in an OU as well. In

this way you can represent
hierarchically your business structure.

Then right click on the Organizational Unit you created and then click on new then on
user to add user to the OU. You can change the location of the user using drag and drop.
In this way
you can users to each OU.

Now there are two types of policies, one for the domain controller and other for the
whole domain.

To change the local policies for the domain controller click Start
-
>Administrative Tools
-
>Domain Controller Security Policy there y
ou can change policies for the domain
controller e.g. click on the Security
-
>Local Policies
-
>User rights assignment
-
>allow
logon locally and then you can select the users who can login on the domain controller. In
this way you can also change other policie
s as well.

To change the policies for the whole domain click Start
-
>Administrative Tools
-
>Domain
Security Policy there you can change policies that will apply to the whole domain e.g.
click security settings
-
>Account Policies
-
>Password Policy and there you

can set
different policies about password e.g. length of password etc.

Once you change any of the policy setting you need to update the policy to make it
effective. You can do this by Start
-
>Run
-
>cmd
-
>press enter
-
>type ‘gpupdate/force” and
press enter.

Yo
u can test the local logon policy by logging off the controller and login with the user
added to the allow logon locally policy.


3.

Related Topics/Chapters in the theory class

a.

TCP/IP

b.

DNS

c.

LAN

d.

Active Directory Structure


4.

Hardware/Software required

a.

Hardware: PC

b.

Software Tool/Application: Windows Server 2003


5.

Tasks

a.

Create OUs using Active directory snap
-
ins

b.

Create OUs structure to for business structure

c.

Modify local Domain Controller Policies to allow local logon on the domain
controller

d.

Update the policies usin
g GPUPDATE

e.

Create user accounts in OUs

f.

Test local Logon on domain controller



6.

Deliverables

a.

Lab Report to be submitted by each student at the end of the lab


7.

Conclusion

a.

You will learn how to create organizational unit on domain controller

b.

You will learn ho
w to create organizational units to represent business structure

c.

You will learn how to create accounts in OUs

d.

You will learn how to change local security policies on domain controller

e.

You will learn how to test local security policies and logon on domain c
ontroller


8.

Questions/Assignments






















COMPUTER NETWORKS

LAB #
6

Configuring and Testing Security policies on Domain Network


1.

Objective

a.

To learn how to set Account and Password Policies

b.

To learn how to set security policies for Domain

c.

To lea
rn how to set Group Policies for OUs

d.

To learn how to change Desktop and Start Menu of the user using Group Policies

e.

To learn how to test Security policies


2.

Introduction


Once you have installed the active directory services now you can set different polici
es
centrally on the domain controller and that policies will be imposed on the whole domain.
Now in order to change the password policies for the whole domain click start
-
>
Administrative Tools
-
> Domain Security Policy
-
> Account Policies
-
> Password Poli
cy.
There you will find different policies related to the password of the account including
password’s minimum age, maximum age, minimum password length and password
history etc.

Next you can control different settings and access of the user in the system
. To do so you
need to make a group policy for the OU you created in previous lab. Just click start
-
>
Administrative Tools
-
> Active Directory Users and Computers then right click your OU
-
> Properties
-
> Group Policy. There you will create new policy the
n name it and then
you edit it. And then in group policy editor you can implement different policies for the
user e.g. in user configuration
-
> Administrative Templates
-
>Desktop there just double
click the policy you want to implement and then set it to e
nabled. Then run the command
‘GPUPDATE/force’ from the command prompt.

You can test the implementation of these policies by doing a network logon with user of
the OU on which you have applied the group policy.




3.

Related Topics/Chapters in the

theory class

a.

TCP/IP

b.

DNS

c.

LAN

d.

Active Directory Structure


4.

Hardware/Software required

a.

Hardware: PC

b.

Software Tool/Application: Windows Server 2003


5.

Tasks

a.

Create Password and account policies for Domain

b.

Create Desktop Policy for the OU

c.

Create Star Menu Policy
for OU

d.

Test Policies


6.

Deliverables

a.

Lab Report to be submitted by each student at the end of the lab


7.

Conclusion

a.

You will learn how to set Account and Password Policies

b.

You will learn how to set security policies for Domain

c.

You will learn how to set Group
Policies for OUs

d.

You will learn how to change Desktop and Start Menu of the user using Group
Policies

e.

You will learn how to test Security policies


8.

Questions/Assignment