Time
1 hour 40 minutes
Difficulty
Beginner
CEU/CPE
3

Video Description

Administering Active Directory Domain Services This lesson covers the administration of Active Directory Domain Services using three tools: - Active Directory Users and computers - Active Directory Administrative Center - Active Directory Module for Windows Power Shell These tools allow users to create a new computer and add users and groups and manage IT tasks. You can see this items in the standard view or tree view. You can move active directory objects using a move command to set items up in a certain way.

Video Transcription

00:04
interactive director environment. Obviously, one of the most important things that were going to do is manage it out of day to day basis. Three of the tools that we're gonna work with in terms of managing it that we're gonna look at right now are
00:16
if you look at our tools made you hear a certain major
00:18
look at the active directory uses the computers,
00:22
which you've seen already, but we're gonna take a little
00:25
longer. Look at it.
00:26
Wouldn't look at our after directory administrative center,
00:31
and we're going to look at our actor director module for with his power show. So we're looking all three of these things, and we're gonna take a look at how it helps us made a job. I bit I start with after directory
00:41
uses a computers.
00:42
So I have that open up.
00:44
Obviously, an actor doctor uses the computers. If we actually expand our debate out, we have ah list of oh, use of which some are modifiable. It's Omar. If it has a
00:56
double layered icon as a folder inside of it for her
00:59
that you can actually modify it at another. Oh, you underneath that
01:03
or if you have something like the built in one and computers Those cannot be modified. They are as is.
01:07
So that's a difference There
01:10
it obviously if we click out an object like computers here, so that's a no you
01:15
If we want to create a new computer and advance for could actually added new computer, we could go to do computer.
01:21
So right click do do computer
01:25
type of the computer day. What happened? L a lead dash c l four
01:29
ed. Well, actually,
01:30
let the i t group.
01:36
Hey, would you check these here?
01:37
So basically what we did was change. It allowed the i t group
01:41
the opportunity to
01:42
joining computer that the debate.
01:45
So we're going to click on. Okay, that's right. Seal for
01:48
I got to put it over there
01:49
CEO for
01:52
So now we have that computer
01:53
and we could even take that computer, for example, and added to a group so we could actually see. All right,
01:57
let's make that part of our research department
02:00
so putting their research
02:02
security group. So if I that
02:05
research security group would put it there,
02:07
and we're gonna actually look at the attributes of that. So if you right click on it, it would click the properties. Or we could double quick
02:15
that we have some unfinished across the top general Harvard existed member of
02:20
right
02:21
delegation location managed by dialing. We don't actually see it. Attributes. Tab. We have to turn the attributes function odd, so to speak. Basically need to see the advance of U.
02:30
So if we go up to our actor director use of computers Consul here at interview
02:35
under that option, we actually have a advanced features option. Good click on that gives us some additional information on the left hand side of Are paid. So we have, like, program data. We also have STDs, quotas, registered devices, teepee of devices and system. Made you some other things that there
02:53
let's go back to our computer that seal for
02:55
and look at the properties. And now we actually have
02:59
other tabs, like faster replication that wasn't there before we have. The Attribute editor will take a quick look at that.
03:04
That attribute editor has
03:06
options where we kid
03:07
filter it there, we could say, show all the attributes of their values on the ones that have rideable values. With a mandatory optional constructed back Lakes system. Only we can actually change values if we need to like an assistant and somebody's gonna be in there, we can actually set the assistant information there and modify it so we can actually do that. There's a
03:27
list of things here
03:28
somewhere. Sat like here's a distinguished name and if we take a look at that and tell us it's C n equals L O N S C l foresee any calls Computers see it equals a datum CD called
03:38
So if you notice that on the R. O. U structure, that's the one thing you pay to get you to the
03:43
built in was these folders that you cannot modify their actually called CN Innaro you structure. Where are other user actually called o U equals So it was in sales. That's like it will go in sales here and
03:57
take a quick look
03:58
and we actually have
04:00
information. You're so fat. Say look at the attributes of a user.
04:03
So
04:04
our attribute editor, if we actually go ahead and look at that user
04:09
does hits here, we get o u equals
04:12
instead of C at equal sales
04:15
ad.
04:15
They're obviously within here. We can actually move things around. We could drag a drop. We could add to users weaken and other environmental variables that we need. Thio. That's how we actually work with our after directory.
04:28
Uses the computers.
04:30
Now we're gonna move on.
04:30
Yeah, we already know how to create security groups and things like that. What? You're gonna go out? And we're gonna actually look at our environment from our at the directory
04:40
Administrative Center. So our actor, Director, Administrative Center we actually have an overview. It does. We could manage. I t task we could use after director modules. Forward of power show, which we will.
04:49
We could find answers on a 40 but deployed endemic access control solution center
04:56
Deploy off the medication policies we could. Vina buys the
05:00
slash scree there, so we don't have it. Really are
05:03
made you here. We could actually have our overview.
05:08
We have our debate, which you goes R o U structures underneath that
05:12
and that we have are dented Abby Access control. Is there things that clave types resource properties
05:17
We have a global search will search for simple. You could type it, for example, simply like
05:23
a day of light which type of racks and see if we have a racks.
05:27
There we go. We have Arax was we have a rex
05:30
over here on the right. You notice we could reset their password.
05:32
We can view the results.
05:34
Results faster. Aesthetics. We could add up to a group disable of
05:39
ideal choice. Avoid deleting them. Because if there's any encryption associated with their account, you'll never really recover the data. We could move to a different or use quick out move it. Actually,
05:47
choose where you want to play, some
05:49
we can locate them.
05:51
We could also. So if we click on locate here,
05:55
locate where they are. So it tells us where the other i t.
05:59
So we can actually affect our global search. Here
06:01
it We also have our
06:03
properties. We could click on the properties and give us a
06:06
overview of the individual or the object. So here we have, like the account, appear at the top of the information about it. You could protect him accidentally shed,
06:15
uh, because pastor never expires. Displayed a their department, their company.
06:23
They're a member of what groups like here they remember debate users. And I t,
06:27
uh,
06:28
do we also have
06:30
direct directly associated password settings. If they have a, we can assign them. We could actually have a profile path. Ah, whole folder to a local path or a network location. We have things like remote desktop service is profile remote control attribute at her. We have all these folks is built into the
06:46
A council. So Interactive Director, Administrative Center Council. We have a lot of capabilities. We also have the standard view, and we actually have the tree view. The tree view lets us experience things out, and we actually have the same type of thing. There's overview. There's our dough made art and anatomy castles control in our global search. So we have all these features available to us.
07:06
Obviously,
07:08
we could manage everything we need to manage her with it here, not limited in any particular way. Most of the everyday management functions we can actually do right from the screen. So obviously stuff very quickly Well,
07:20
take it,
07:21
create a opportunity, will go back to our overdue screen. And this time I will take a user just to see I was done. We'll take
07:30
a date. Oh,
07:31
right. It will do slash air will do.
07:35
Alex.
07:39
So 88 of Alex, right? It will put a new password. It says the password we reset for a date. Actually, put it do password
07:46
and you type it twice. Make sure that they match that user must change the password. That's log on, whatever your policy is, if that's the requirement that you leave it checked. If it's not a requirement, you could go ahead and check it
08:00
head. If your sanity passwords, as some organizations do, where forces them to be a certain level of complexity?
08:07
Did you write what I'll check that Moscow. That way you don't force him to try to change the password that you just decide it here. And it's like you tell scope here so you can actually change the scope
08:16
to you. What, you want to do it? We can apply here,
08:20
and it says fasters been reset For them successfully, that's all you have to do that we set their password. It's very simple and easy to use tools,
08:26
so obviously we see we could do all of our basic functionality with it. Here.
08:31
What we want so wanna do is understand. We could also use power shell to manage all of these pieces. The puzzle.
08:37
So the power cell environment,
08:39
We actually to come down here, take a look at our
08:41
power show. Remember, this is our active directory module. For with his power shell. If you look up here at the top of the tallest, proactive director module for what? His power. So that's what we have to be in If we were to bait it active directory from the power cell environment.
08:52
So we, uh, under our tours, but he would have clicked on that. So here we are. It were First we're gonna do is it are
09:01
environment We actually
09:03
what to you
09:05
do a few things
09:07
to you?
09:07
Our environment. So we obviously know about
09:09
the
09:11
password. If I believe you just did.
09:13
We could actually also do it from here. We could have done a
09:18
set.
09:20
Right
09:20
dash.
09:22
They were gonna dad
09:22
a D
09:24
account.
09:26
Fast word.
09:28
So set 80 account password. We have that as a command. It
09:31
if we hit Enter and says set 80 capacity to unify position supply
09:37
values for the following parameters. So, for example, the identity uh, let's say
09:41
Alex, right? You're the editor
09:45
says please enter the current password for
09:46
and it gives us our
09:48
information here. So we also want to pay attention to
09:50
make sure we're doing it for the right person. So says, you know, the current current password, right? So we have to come in here, but in the current password, which is
10:01
good to be vast for us, so we
10:03
we'll be able to see it.
10:03
But I did hear the current password
10:05
get into the desire password.
10:09
So put that in.
10:11
That obviously is gonna prompt you to repeat the password
10:16
and it will go through the process. Now says the faster does not meet the length complexity or history requirement, the debate.
10:22
Basically, if you try to reset the password, as we just did to the same password it was we're gonna get this air, which I did on purpose to show you that you get the air if you try to use a password that is that successful.
10:33
So that gets us through our basic concept of setting a password from their active directory administrative
10:39
environment for a power saw.
10:41
So now something else who might want to do is we want might want a creative group could be a user, but a group was what we're gonna do for right now. So is this particular case If you want to create a group, right,
10:52
here's our
10:54
commanded. The infrastructure already used to the group. We're gonna put it in.
10:56
Do
10:58
so. We start out with do 80 group
11:01
that we have the day but
11:01
argument and we put in a group name. So we put in sales managers. No notes. We have no space in this one,
11:09
a group category. That's the argument that we have security. So it's a
11:13
security group that a distribution group
11:16
that we have the group scope? Is it going to be global debate, local or universal? We're going global
11:22
display name display. Name is the friendly day that you see on the screen. So notice we have here where we have sales managers
11:30
as our group Dave here we actually have sales managers with an actual space for I displayed A
11:37
We want to say where we're gonna put it in our structure. Here's our see it equals users. D C equals a data. D c equals dot com.
11:43
So basically this is going to be in our users a data that calm of our business. So we go ahead, we hit dinner, you know, create a sales managers
11:54
group in there. So if we actually come back to, for example, we could do it from either way, we can actually do it from our
12:00
after dark to use their computers or active director, administrative center. We can actually come in here and under users.
12:05
We'll see that we have a sales managers
12:09
group available.
12:11
Now.
12:11
What if we just What if we put it someplace that we didn't actually want to put it? What if we actually wanted it somewhere else?
12:16
Well, we actually could move it. We don't actually have to delete it. Recreated. We can actually
12:20
move it through a gooey on, actually. Just drag drop it. Or we could do it from a power shell where we actually put in a move. Command. So this case, we would have
12:30
move it. Active directory object. We identify the object, right?
12:35
And it tells us Okay, what? Actor directory? Object or we're gonna move. Don't. It's just now we're not using a type of a name. Flag. So what? We did the create we had the day of flag. They'll argue it, but we're not using it here. We're basically active. Directory his designs so that it will identify it based on the
12:50
structure of the information. In this particular case.
12:54
Ah, the CNN that we created notice its sales managers without a space in here. So it's our accommodate.
13:01
It's in the users.
13:03
Oh, you
13:05
still see head because that's what he built in in a data dot com. That's where it is
13:09
Now we wanna have a target pass, so we want to target it to a different location.
13:13
In this case, we're gonna put it in the oh, you do we want to put it in.
13:18
But there's still users are still technically, you know, you. But it's since his built and is considered Sierra or comedy. Where is in this case, who wanted in the O. U of sales
13:28
in a data
13:30
dot com. So what we want to do, we type in the information that we had enter, and I'll go through the process. And if we go back to our
13:37
active directory uses computers or active directory, administrative center doesn't see the way we want to do it.
13:43
If we actually go in here and we refresh our view so we could quit. Refresh here.
13:48
Or we could refresh our view by clicking other afresh icon up here at the top.
13:52
Then we can now go into our sales, are you and we will find in our sales Oh, you
13:58
the
14:00
sales managers. Security Good. If that's where we've actually
14:03
aside the security guard to be So
14:05
you want to refresh your view.
14:09
It's called the head.
14:11
There's your sales managers. So even though we switched from what are you to the next, in our view,
14:16
doesn't mean that we don't actually need to refresh our view.
14:18
And off we go back to her, our administrative center. We could actually go into our environment, hear a click on sales
14:26
it It'll break off our view here,
14:28
and we actually school down it. We will see a sales managers group here,
14:33
and if we look at our users directory,
14:35
then it automatically will refresh. Head of sales managers group is not there to have used
14:39
three other tools to actually do. Our management we actually used are at the directory
14:46
uses the computers a duck which we use for equally.
14:48
We have Ah, In the past, we've used frequently at least our actor director Administrative Centre, which is with the most common way to do things nowadays
14:56
because you actually find out that it works very easily for you. Do you have your overview and your tree tree view list
15:03
so it doesn't matter which way you want to do it.
15:05
There's your beer and we actually did it in power shelves. We knows we could do all of these things from three different options, and that gives us our ability to manage with interactive director vitamin within these three councils.

Up Next

Microsoft Active Directory Domain Services

Module 2 explains how to implement virtualized domain controllers and read-only domain controller (RODCs)

Instructed By

Instructor Profile Image
Michael Boberg
CEO of Broadline Enterprises, LLC
Instructor