Full Name: _____Eliezer Andujar____________________________ Date/Time Started: __________ CSEC 378/418 – Lab 4 Deliverable and Instructions: This lab will guide you through the configuration and...

read instructions attached



Full Name: _____Eliezer Andujar____________________________ Date/Time Started: __________ CSEC 378/418 – Lab 4 Deliverable and Instructions: This lab will guide you through the configuration and management of your Windows Servers and Windows 10 host. This lab begins once you are already connected to your Windows Servers via the Netlab environment. For instructions on how to get connected to the Netlab environment, please consult the Lab Connectivity Guide on D2L. You will have access to two Windows Server 2019 VMs, and a Windows 10 VM. I will refer to these throughout this lab as Server 1, Server 2, and Windows 10 Host. During the course of this lab you will create and use a user with a username consisting of your first initial and last name - i.e. knaughton. You will also create a domain with a name that consists of your DePaul username, with a suffix of “.csec” – i.e. knaught4.csec. Throughout this lab when you see the term yourname, or yourdomain, I am referring to these. Substitute these accordingly throughout the lab. Please do not create a user actually named “yourname”, or a domain named “yourdomain”. I use the presence of these names in your screenshots to validate that the screenshots are your own, and you will not receive credit if these are not unique to you. The submission file for this lab will be a pdf version of this document, with your answers and screenshots added. Each question and screenshot will count for 1 point. Your score will be determined by the percentage of total questions you answer correctly or provide the relevant screenshot for. Answer the questions below the prompts indicated in orange. If the question is multi-part, you must answer all parts correctly to receive the point for that question. No partial credit will be given. Add screenshots below the prompts indicated in orange. When adding screenshots to the document, be sure to include all requested information and any command output as necessary. If your screenshot does not meet the requirements of the prompt you will not receive credit for that screenshot. Each individual question is worth 1 point. Each screenshot prompt is worth 1 point. IMPORTANT The later sections in this lab depend on your configuration from the earlier sections. This lab will need to be completed all in one Netlab reservation. If you leave off in the middle of the lab, you will need to start over in order to pick it back up. Ensure that each screenshot is readable in-line in the submission document. If I am unable to read the contents of your screenshot in the document because it is too large of a screenshot, I will not count it for credit. Please do not include screenshots of your whole desktop to answer a question about one single piece of information. Section 1: Creating and Managing a Domain using PowerShell Step 1: Use the Netlab environment to access your “Server 2019 1” machine. You can use the drop-down arrow next to the server name to send the Ctrl+Alt+Del signal to get started. Sign in with the username Administrator and the password CSEC378418! Step 2: In Lab 3, you created a domain using the configuration Wizard in Server Manager. Here you will create a domain using PowerShell. Open PowerShell and run the following command to install the role for AD DS: Add-WindowsFeature AD-Domain-Services Step 3: Once the previous command has finished running, you will now create your new Forest and Domain by running the following command, substituting yourname with your CampusConnect username.csec (For example mine would be knaught4.csec) Install-ADDSForest -DomainName yourname.csec -InstallDNS Step 4: You will be prompted for a Safe Mode Administrator password. Use DePaulCDM2021! for the SafeMode password when prompted. Answer “Y” when asked if you want to continue with the operation. Step 5: Your Server 1 will reboot after the installation is complete. This may take a few minutes to complete. When your Server 1 comes back up sign in as yourdomain\Administrator with the password CSEC378418! Step 6: Go to the tools menu in Server Manager and look for Active Directory Users and Computers. Looks like that wasn’t installed so go ahead and install it using PowerShell. Run the command Get-WindowsFeature -Name RSAT* to see the list of available tools with names beginning with RSAT, which stands for Remote Server Administration Tools. You will see a list of available options Take a screenshot of some of the available options and include it below. Step 7: Within this list you will see some options already installed and some that are available. In the name column of the ouput look for one named RSAT-Role-Tools. This will already be installed but some of the management tools contained under it are not. Run the following PowerShell command to install ADUC and other management tools. Add-WindowsFeature RSAT-Role-Tools. Take a screenshot of the output you get showing confirmation that this was installed and include it below. Step 8: Go back to the Tools menu in Server Manager, you will see the Active Directory Users and Computers (ADUC) installed along with other AD management tools. Open ADUC and you will see your new domain listed in the left pane. Click the drop down arrow next to your domain name. Take a screenshot of the left pane in ADUC showing your domain name and its default contents and include it below. Step 9: Go back to Powershell. Create an OU called DePaulCDM in your new domain using Powershell. Run the command below replacing yourdomain with your CampusConnect username to create this OU: New-ADOrganizationalUnit -Name “DePaulCDM” -Path “DC=yourdomain,DC=csec” Question 1.1: Explain each section and option of this command and what it does. Step 10: Go back to ADUC and look at your domain. Refresh ADUC using the green refresh icon at the top of the ADUC window, and you will see your new OU appear. Verify that you can see your new OU before proceeding. Step 11: Create a new OU named Admins within your DePaulCDM OU using PowerShell. Run the following command to create this new OU. New-ADOrganizationalUnit -Name “Admins” -Path “OU=DePaulCDM,DC=yourdomain,DC=csec” Question 1.2: Why is the -Path portion of this command different than the command you ran in Step 9? Step 12: Create two more OUs within your DePaulCDM OU. Using the same syntax that you used before, create an OU named Staff, an OU named Faculty, and an OU named Admins within your DePaulCDM OU. Include a screenshot of the commands you ran to create these OUs. Include a screenshot of your ADUC window showing these new OUs created under the DePaulCDM OU. Step 13: Create four new OUs using PowerShell. Create an OU called Full-Time and an OU called Part-Time within the Faculty OU. Also create an OU called Full-Time and an OU called Part-Time within the Staff OU. Include a screenshot of the commands you ran to create these OUs. Include a screenshot of your ADUC window showing these OUs created under their correct parent OUs. Step 14: Now that you have your organizational structure set up in your domain, create a new user within the Admins OU. Substitute the yourname username to (first initial of your first name, full last name, all lowercase, no spaces – i.e. mine would be knaughton). Run the following command to create this new user: New-ADUser -Name “yourname” -userPrincipalName “yourname” -Path “OU=Admins,OU=DePaulCDM,DC=yourdomain,DC=csec” Step 15: By default this account will not have a password set. You can set the password by running the following PowerShell command. The account’s password is currently blank so when you are prompted for the current password just hit enter. Set the account password to CSEC378418! Set-ADAccountPassword yourname Step 16: By default this new account will be disabled. Enable it using the following PowerShell command: Enable-ADAccount yourname Include a screenshot of the commands you ran to create this user, set the password and enable the account. Step 17: Add the yourname user to the Domain Admins group using PowerShell. Run the command below. Add-ADGroupMember -Identity “Domain Admins” -Members “knaughton” Step 18: Verify yourname’s group membership by running the following PowerShell command to list the members of the Domain Admins group. Get-ADGroupMember “Domain Admins” Include a screenshot of this command and its output. Section 2: Joining a Computer to the Domain and Accessing File Shares Step 1: Use the Netlab environment to access your Windows 10 Host. Sign in with the username Administrator and the password CSEC378418! Step 2: Right click on the network connection icon in the bottom right of the screen and choose the option to Open network and internet settings > change adapter options. Right click on the Ethernet0 network interface and go to Properties > IPv4 Properties. Leave the IP address settings the same, if you change these your Windows 10 Host will not be able to communicate on the local network. Change the DNS server from 8.8.8.8 to the IP address of your Windows Server 1. Take a screenshot of this configuration window and include it below, then click OK and save your changes, and close out of the network configuration. Question 3.1: In order to add this Windows 10 machine to the domain, why does Server 1 need to be the DNS server for this host? Why will 8.8.8.8 not work? Step 3: Add your Windows 10 host to yourdomain. Go to Start Menu > This PC right click and go to Properties. Choose Change settings under Computer name, domain and workgroup settings. Step 3a: Within the System Properties menu, set the description for the computer to be your campus connect username, followed by -WIN10. For example, mine would be KNAUGHT4-WIN10. Step 3b: Then click the Change button to rename the computer. Name the computer WIN10HOST. Step 3c: Within the same menu, set the domain of your machine to yourdomain.csec, then click OK. You will be prompted for authentication. Authenticate using the yourdomain\yourname account. You should receive a success message. Step 3d: Restart your machine to save the changes. When it boots back up it will now be a member of yourdomain. Step 4: Give your machine a minute to boot. Then login with the yourdomain\yourname account. You will need to select the Other user option in the bottom left corner of the sign in screen to specify a different user. Once logged in, navigate back to Start Menu > This PC > Properties. Take a screenshot of the Computer name, domain and workgroup settings showing that your machine is now successfully joined to the domain. Step 5: Navigate back to Server 1. Using