1)Change IP Address to a Static IP Address Assigned by the Professor

On Core Server

1)Change IP address to a static IP address assigned by the professor

C:\>netsh int ipv4 set addr name="Local Area Connection" static 192.168.0.10 255.255.255.0 192.168.0.1

1)

2)Change computer name to: FIN-Lastname (ex, FIN-BARKER).

C:\>wmic computersystem where name="%COMPUTERNAME%" call rename name="FIN-BARKER

"

Executing (\\WIN-04LIEVO3HG4\ROOT\CIMV2:Win32_ComputerSystem.Name="WIN-04LIEVO3H

G4")->rename()

Method execution successful.

Out Parameters:

instance of __PARAMETERS

{

ReturnValue = 0;

};

C:\>

3)Reboot

C:\>shutdown /r /t 0

4)Enable RDP (Terminal services)

C:\>cd /windows/system32

C:\Windows\System32>cscript scregedit.wsf /ar 0

Microsoft (R) Windows Script Host Version 5.7

Copyright (C) Microsoft Corporation. All rights reserved.

Registry has been updated.

C:\Windows\System32>cscript scregedit.wsf /cs 0

Microsoft (R) Windows Script Host Version 5.7

Copyright (C) Microsoft Corporation. All rights reserved.

Registry has been updated.

C:\Windows\System32>

5)Enable remote administration of the following

1. Windows Firewall Remote Management

This will enable it globally:

C:\>netsh advfirewall firewall set rule group="Windows Firewall Remote Managemen

t" new enable=yes

Updated 2 rule(s).

Ok.

The below commands will enable it for the domain profile only (technically a more secure solution). See in the comments area for clarification (the gist: you have to configure by rule NAME, not GROUP when specifying security profile(s)). When I did this, I had to reboot systems to get it working. . . dunno:

C:\>netsh advfirewall firewall set rule name="Windows Firewall Remote Management

(RPC)" new enable=yes profile=domain

Updated 1 rule(s).

Ok.

C:\>netsh advfirewall firewall set rule name="Windows Firewall Remote Management

(RPC-EPMAP)" new enable=yes profile=domain

Updated 1 rule(s).

Ok.

6)Install Active directory using an unattended answer file

1. Make the Forest Functional Level and Domain Functional Level 2008
2. Install DNS. Your Domain name should be Z-lastname.Internal (ex, Z-Barker.Internal)
3. SafeModeAdminPassword should be set to Ait12345

Open notepad in core machine (notepad). Enter the following:

[DCInstall]

InstallDNS=yes

ReplicaOrNewDomain=Domain

NewDomain=Forest

NewDomainDNSName=Z-barker.internal

RebootOnCompletion=no

SafeModeAdminPassword=Ait12345

DomainLevel=3

ForestLevel=3

Save to the C:\ directory as unattend.txt

Run dcpromo using the unattend.txt file

C:\Users\administrator>cd \

C:\>dcpromo /unattend:c:\unattend.txt

Checking if Active Directory Domain Services binaries are installed...

Active Directory Domain Services binaries are being installed. Please wait...

Active Directory Domain Services Setup

Validating environment and parameters...

A delegation for this DNS server cannot be created because the authoritative par

ent zone cannot be found or it does not run Windows DNS server. If you are integ

rating with an existing DNS infrastructure, you should manually create a delegat

ion to this DNS server in the parent zone to ensure reliable name resolution fro

m outside the domain Z-barker.internal. Otherwise, no action is required.

------

The following actions will be performed:

Configure this server as the first Active Directory domain controller in a new f

orest.

The new domain name is Z-barker.internal. This is also the name of the new fores

t.

The NetBIOS name of the domain is Z-BARKER

Forest Functional Level: Windows Server 2008

Domain Functional Level: Windows Server 2008

Site: Default-First-Site-Name

Additional Options:

Read-only domain controller: No

Global catalog: Yes

DNS Server: Yes

Create DNS Delegation: No

Database folder: C:\Windows\NTDS

Log file folder: C:\Windows\NTDS

SYSVOL folder: C:\Windows\SYSVOL

The DNS Server service will be installed on this computer.

The DNS Server service will be configured on this computer.

This computer will be configured to use this DNS server as its preferred DNS ser

ver.

The password of the new domain Administrator will be the same as the password of

the local Administrator of this computer.

------

Starting...

Performing DNS installation...

Press CTRL-C to: Cancel

Waiting for DNS installation to finish

......

Waiting for DNS Server service to be recognized... 0

Waiting for DNS Server service to start... 0

Checking if Group Policy Management Console needs to be installed...

..

Configuring the local computer to host Active Directory Domain Services

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 1423 obj

ects remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 1336 obj

ects remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 1289 obj

ects remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 1242 obj

ects remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 1197 obj

ects remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 1149 obj

ects remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 1100 obj

ects remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 1044 obj

ects remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 1005 obj

ects remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 961 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 919 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 871 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 824 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 784 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 747 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 702 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 657 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 605 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 566 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 526 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 479 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 436 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 384 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 349 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 310 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 269 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 234 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 196 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 154 obje

cts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 121 obje

cts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 84 objec

ts remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 41 objec

ts remaining

.

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 9 object

s remaining

Creating directory partition: CN=Configuration,DC=Z-barker,DC=internal; 0 object

s remaining

..

Creating directory partition: DC=Z-barker,DC=internal; 0 objects remaining

.

Creating Active Directory Domain Services objects on the local Active Directory

Domain Controller

Creating new domain users, groups, and computer objects

.

Setting the LSA policy information

Setting the computer's DNS computer name root to Z-barker.internal

.

Securing S-1-5-32-550

Securing machine\software\microsoft\windows

...

Securing SamSs

.

The attempted domain controller operation has completed

Configuring the DNS Server service on this computer...

.

Active Directory Domain Services is now installed on this computer for the domai

n Z-barker.internal.

This Active Directory domain controller is assigned to the site Default-First-Si

te-Name. You can manage sites with the Active Directory Sites and Services admin

istrative tool.

Windows Server 2008 domain controllers have a new more secure default for the se

curity setting named "Allow cryptography algorithms compatible with Windows NT 4

.0." This setting prevents Microsoft Windows and non-Microsoft SMB "clients" fro

m using weaker NT 4.0 style cryptography algorithms when establishing security c

hannel sessions against Windows Server 2008 domain controllers. As a result of t

his new default, operations or applications that require a security channel serv

iced by Windows Server 2008 domain controllers might fail.

Platforms impacted by this change include Windows NT 4.0, as well as non-Microso

ft SMB "clients" and network-attached storage (NAS) devices that do not support

stronger cryptography algorithms. Some operations on clients running versions of

Windows earlier than Vista with Service Pack 1 are also impacted, including dom

ain join operations performed by the Active Directory Migration Tool or Windows

Deployment Services.

For more information about this setting, see Knowledge Base article 942564 (http

://go.microsoft.com/fwlink/?LinkId=104751).

This computer does not have static IP addresses assigned to the IP Properties of

any of its network adapters. If both IPv4 and IPv6 are enabled for a network ad

apter, both IPv4 and IPv6 static IP addresses should be assigned to both IPv4 an

d IPv6 Properties of the physical network adapter. Otherwise, either an IPv4 or

an IPv6 static IP address should be assigned. You should assign static IP addr

ess(es) for reliable Domain Name System (DNS) operation. If you do not assign st

atic IP address(es), then clients may not be able to contact this domain control

ler and any delegations that currently point to the dynamically assigned IP addr

ess will stop working when the IP address changes.

You must restart this computer to complete the operation.

C:\>

7)Reboot

C:\>shutdown /r /t 0

8)Add two users and making one a Domain Admin

C:\Users\administrator>net user user Password1 /add

The command completed successfully.

C:\Users\administrator>net user adminuser Password1 /add

The command completed successfully.

C:\Users\administrator>net group "Domain Admins" adminuser /add

The command completed successfully.

C:\Users\administrator>

9)Run ipconfig /all and screenshot

C:\Users\administrator>ipconfig /all

Windows IP Configuration

Host Name ...... : FIN-BARKER

Primary Dns Suffix ...... : Z-barker.internal

Node Type ...... : Hybrid

IP Routing Enabled...... : No

WINS Proxy Enabled...... : No

DNS Suffix Search List...... : Z-barker.internal

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :

Description ...... : Intel(R) PRO/1000 MT Network Connection

Physical Address...... : 00-50-56-A3-26-75

DHCP Enabled...... : No

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::132:502a:f885:82fb%2(Preferred)

IPv4 Address...... : 192.168.0.10(Preferred)

Subnet Mask ...... : 255.255.255.0

Default Gateway ...... : 192.168.0.1

DNS Servers ...... : ::1

127.0.0.1

NetBIOS over Tcpip...... : Enabled

Tunnel adapter Local Area Connection*:

Media State ...... : Media disconnected

Connection-specific DNS Suffix . :

Description ...... : Teredo Tunneling Pseudo-Interface

Physical Address...... : 02-00-54-55-4E-01

DHCP Enabled...... : No

Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 2:

Media State ...... : Media disconnected

Connection-specific DNS Suffix . :

Description ...... : isatap.{B13CC124-7F6E-4BB0-8B27-0D6ED53D9

779}

Physical Address...... : 00-00-00-00-00-00-00-E0

DHCP Enabled...... : No

Autoconfiguration Enabled . . . . : Yes

C:\Users\administrator>

10)blah

On Vista computer

1)Change the computer name to vis-lastname (ex. vis-barker)

From an ADMINISTRATIVE COMMAND PROMPT, run the WIMC rename command. If you don’t use an administrative command prompt, the command will look successful but ReturnValue will be 5

C:\Users\test>wmic computersystem where name="%COMPUTERNAME%" call rename name="

VIS-BARKER"

Executing (\\VISTA-PC\ROOT\CIMV2:Win32_ComputerSystem.Name="VISTA-PC")->rename()

Method execution successful.

Out Parameters:

instance of __PARAMETERS

{

ReturnValue = 5;

};

C:\Users\test>

BAD – didn’t run with administrative command prompt – ReturnValue is 5

C:\Windows\system32>wmic computersystem where name="%COMPUTERNAME%" call rename

name="VIS-BARKER"

Executing (\\VISTA-PC\ROOT\CIMV2:Win32_ComputerSystem.Name="VISTA-PC")->rename()

Method execution successful.

Out Parameters:

instance of __PARAMETERS

{

ReturnValue = 0;

};

C:\Windows\system32>

Good – used the administrative command prompt – ReturnValue is 0

OR – Start, right-click on Computer. Under Computer name.domain, and workgroup settings click on Change settings

2)Make sure you can ping the IP address of your domain controller (the core server)

C:\Windows\system32>ping 192.168.0.10

Pinging 192.168.0.10 with 32 bytes of data:

Reply from 192.168.0.10: bytes=32 time=53ms TTL=128

Reply from 192.168.0.10: bytes=32 time=2ms TTL=128

Reply from 192.168.0.10: bytes=32 time=1ms TTL=128

Reply from 192.168.0.10: bytes=32 time=1ms TTL=128

Ping statistics for 192.168.0.10:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 1ms, Maximum = 53ms, Average = 14ms

3)Change your DNS settings to point to the core server

Run the following command from an administrative command prompt change 192.168.0.10 to the IP address of your domain controller

C:\ >netsh interface ipv4 add dnsserver name="Local Area Connection" address=192.168.0.10 index=1

or

In Network Connections, right-click Local Area Connection and select Properties. If prompted for User Account Control, click Continue.

Click on Internet Protocol Version 4 (TCP/IPv4) and click on the Properties button. Click on the Use the following DNS server address radio button then enter the appropriate information for your DNS server in the Preferred DNS server field.

4)Do an nslookup for your domain name

C:\Windows\system32>nslookup z-barker.internal

DNS request timed out.

timeout was 2 seconds.

Server: UnKnown

Address: 192.168.0.10

Name: z-barker.internal

Address: 192.168.0.10

5)reboot

6)Run the following command from an administrative command prompt (if you don’t run from an administrative command prompt, the command will fail saying “The command failed to complete successfully”)

C:\>netdom join VIS-BARKER /domain:z-barker.internal /userd:administrator /passw

ordd:Password1

The computer needs to be restarted in order to complete the operation.

The command completed successfully.

Or

7)Reboot

8)Dsafsdf

9)Sdfsdf

10)