MODULE -1 Installing and Configuring Active Directory Domain Services (AD DS)

WHAT IS DIRECTORY AND ACTIVE DIRECTORY

Active Directory Domain Services (AD DS) are the core functions in Active Directory that manage users and
computers and allow sysadmins to organize the data into logical hierarchies. Active Directory Domain Services
(AD DS), provides the methods for storing directory data and making this data available to network users and
administrators. AD DS stores information about user accounts, such as names, passwords, phone numbers,
and so on, and enables other authorized users on the same network to access this information. Active
Directory uses a structured data store as the basis for a logical, hierarchical organization of directory
information. This data store, also known as the directory, contains information about Active Directory objects.
These objects typically include shared resources such as servers, volumes, printers, and the network user and
computer accounts. With a single network logon, administrators can manage directory data and organization
throughout their network, and authorized network users can access resources anywhere on the network.
Active Directory provides the structure to centralize the network and store information about network
resources across the entire domain. It uses Domain Controllers to keep this centralized storage available to
network users. Active Directory stores information about objects on the network and makes this information
easy for administrators and users to find and use. It’s a kind of database use to store the information of User,
Groups and Computers and centralize Database of Object and management of resources.
WHAT IS THE PURPOSE OF ACTIVE DIRECTORY
A server running Active Directory Domain Services (AD DS) is called Domain Controller. It authentication and
authorizes all users and computers in Windows type network.
A single sign-on environment
Use in a large network environment
Centralized group policy

Active Directory Domain Services Terms to Know

In order to understand AD DS, there are some key terms to define.
Schema: The set of user configured rules that govern objects and attributes in AD DS.
Global Catalog: The container of all objects in AD DS. If you need to find the name of a user, that name is
stored in the Global Catalog.
Query and Index Mechanism: This system allows users to find each other in AD. A good example would be
when you start typing a name in your mail client, and the mail client shows you possible matches.

Replication Service: The replication service makes sure that every DC on the network has the same Global
Catalog and Schema
Sites: Sites are representations of the network topology, so AD DS knows what objects go together to
optimize replication and indexing.
Lightweight Directory Access Protocol: LDAP is a protocol that allows AD to communicate with other LDAP
enabled directory services across platforms.
Benefits of Active Directory Domain Services
There are several benefits to using AD DS for your basic network user and computer management.
You can customize how your data is organized to meet your companies needs
You can manage AD DS from any computer on the network, if necessary
AD DS provides built in replication and redundancy: if one Domain Controller (DC) fails, another DC picks up
the load
All access to network resources goes through AD DS, which keeps network access rights management
centralized

What Services are Provided in Active Directory Domain Services?

Here are the services that AD DS provides as the core functionality required by a centralized user
management system.
Domain Services: Stores data and manages communications between the users and the DC. This is the
primary functionality of AD DS.
Certificate Services: Allows your DC to serve digital certificates, signatures, and public key cryptography.
Lightweight Directory Services: Supports LDAP for cross platform domain services, like any Linux computers
in your network.
Directory Federation Services: Provides SSO authentication for multiple applications in the same session, so
users don’t have to keep providing the same credentials.
Rights Management: Controls information rights and data access policies. For example, Rights Management
determines if you can access a folder or send an email.
STEPS TO ADD ACTIVE DIRECTORY DOMAIN SERVICES ROLE TO A WINDOWS SERVER 2008 R2.
1. Select Start > Administrative Tools > Server Manager.
2. Server Manager appears. Select Roles on the left and click Add Roles.
3. The Add Roles Wizard appears. By default, then Before You Begin information screen is shown. Click Next.
4. The Select Server Roles screen appears
5. Select Active Directory Domain Services and click Next. If .NET 3.5.1 is not installed, the wizard prompts
you to install it.
6. The Active Directory Domain Services informational screen appears. Read it and click Next.
NOTE: Installing >NET 3.5.1 will require access to the internet or access to a copy of the .NET installer
executable. Click Add Required Features to install .NET 3.5.1 from the wizard.
7. The Confirm Installation Selections screen appears. Confirm your selections and click Install.
8. The installation runs and the Installation Progress screen appears.
NOTE: The wizard reminds you to run dcpromo.exe after installing Active Directory Domain Services. Those
steps are detailed in Run dcpromo.exe
9. The installation completes and the Installation Results screen appears
10. Click Close to complete the wizard. You return to Server Manager.
11. The Active Directory Domain Services role now appears under Roles in Server Manager.

LEARNING MODULE 2 : Installing and configuring DC Promo

WHAT IS DCPromo?
DCPromo (Domain Controller Promoter) is a tool in Active Directory that installs and removes Active Directory
Domain Services and promotes domain controllers. Dcpromo is a windows server operating system (OS)
command. It is used to promote or make normal windows server functionality to server functionality as
domain controller. It is used to install or remove Active Directory Domain Services (AD DS) which builds
forests and domains in Active Directory, is found in every version of Windows Server since Windows 2000.
The DCPomo console utility is used on Windows Server to install the Active Directory Domain Services (AD
DS) role, promoting a member server to the Active Directory (AD) domain controller or demoting it.
DCPROMO on Windows Server 2008 Installation
Steps to set IP Address
Run “ncpa.cpl” then OK or Right-Click to Local Area Connection, then Click “Properties” Select IPv4, then Click
“Properties” Then Input Manually the given IP address (class address)
After the reboot you should have several Active Directory related tools under “Administrative Tools”
LEARNING MODULE 3 Understanding Workgroup and Domain

WHAT IS WORKGROUP AND DOMAIN

The main difference between workgroups and domains is how resources on the network are managed.
Computers on home networks are usually part of a workgroup, and computers on workplace networks are
usually part of a domain.
WORKGROUP
Workgroup is a peer-to-peer network setup using Microsoft Windows operating system. It's a group of
computers on a local area network that share common resources and responsibilities. The workgroup is a
collection of computers that are part of the same network. All the computers are peers and do not have
control over another computer. The workgroup facilitates the detection of the computers that are part of it
and the sharing of resources like folders or printers. In a workgroup, all computers are peers; no computer
has control over another computer.
DOMAIN
A network domain is an administrative grouping of multiple private computer networks or hosts within the
same infrastructure. Domains can be identified using a domain name; domains which need to be accessible
from the public Internet can be assigned a globally unique name within the Domain Name System (DNS).
WHAT IS DOMAIN NAME
Domain name is the address where Internet users can access your website. A domain name is used for finding
and identifying computers on the Internet. It identify one or more IP addresses. Computers use IP addresses,
which are a series of number. For example, the domain name microsoft.com represents about a dozen IP
addresses. Domain names are used in URLs to identify particular Web pages.
Example:
http://www.pcwebopedia.com/index.html, The domain name is pcwebopedia.com.
PURPOSE OF DOMAIN NAME
Domain names serve to identify Internet resources, such as computers, networks, and services, with a text-
based label that is easier to memorize than the numerical addresses used in the Internet protocols. A domain
name may represent entire collections of such resources or individual instances.
STEPS TO CHECK WHETHER YOUR COMPUTER IS PART OF A DOMAIN OR NOT.
Open the Control Panel, click the System and Security category, and click System. Look under “Computer
name, domain and workgroup settings” here. If you see “Domain”: followed by the name of a domain, your
computer is joined to a domain.

DIFFERENCE BETWEEN WORKGROUP (Peer to Peer Network) AND DOMAIN (Client Server Network)
WORKGROUP:
Network type: Peer-to-Peer Windows computer network
Log-in: User can use his/her login credentials only on his or her
system and not others. Hence known as local login.
Administration: Distributed administration wherein each user can manage his
machine independently.
Storage: Mostly distributed. Each device has its own dedicated
storage.
DOMAIN:
Network type: Client/server network
Log-in: User can use his login from any device of the office. Also
known as remote login
Administration: Centralized administration. All devices can be managed from
a centralized device (usually a server).
Storage: Centralized storage preferred. All user data is stored at a
centralized storage device.
MODULE 4

MODULE 4 Understanding IP address

INTRODUCTION:
IP addresses is a series of numbers that allow devices to communicate with each other. Every device
connected to a network is given a unique number called an Internet Protocol (IP) address. This identifies
devices on the internet and allows them to communicate. The most common type of IP address consists of
four series of numbers broken up by periods.
Example: 192.168.100.1
Two types of IP addresses:
1. Static IP Address?

A static IP address is assigned to a specific device and remains constant over time
Static IP Pros: advantage
Simple server hosting. Simplify the process of hosting your own web, email, or File Transfer Protocol (FTP)
server.
Convenient remote access. Allow employees to work remotely because your VPN (Virtual Private Network)
or other remote access option remembers and trusts your IP address.
Reliable communication. Communicate hassle-free over Voice over Internet Protocol (VoIP) and other
digital voice services.
Easy file transfers. Send and receive data quickly with faster upload and download speeds.
Static IP Cons: disadvantage
Potential security weaknesses. Put additional security measures like firewalls in place, because a constant
IP address could give hackers time to attack your network.
Cost Be prepared to pay extra for a static IP. They aren’t included in most internet plans. Using a static IP for
hosting servers means your server would be on constantly, adding another cost.
Complex setup. Look for an Internet Service Provider (ISP) that offers the support needed to manually
configure devices with a static IP. Business ISPs typically offer more support than consumer ISPs.
2. Dynamic IP Address?

A dynamic IP address is assigned by the network when you connect and changes periodically.
Dynamic IP Pros: advantages
Automatic configuration. Spend less time and money on maintenance because most devices are configured
to grab an available IP address automatically.
No additional fees. Save money by choosing dynamic IPs, which don’t cost you anything on top of your
internet plan.
Unlimited devices. Use several devices without needing to disconnect and free up IP addresses or manually
configure each new device in the office.

Dynamic IP Cons: disadvantage

More downtime. Understand you could get kicked off your connection, a critical part of hosting servers or
websites and VoIP services.
 Less accurate geolocation. Determine whether or not geolocation is important to your business as it could
be less accurate.
Limited remote access. Have your employees spend more time in the office as remote access can be
challenging and less secure.

Internet Protocol 4 (IPv4) and Internet Protocol 6 (IPv6)

IPv4 address is a 32-bit number that uniquely identifies a network interface on a machine. An IPv4 address is
typically written in decimal digits, formatted as four 8-bit fields that are separated by periods. Each 8-bit field
represents a byte of the IPv4 address.
IPv6 is a 128-Bit IP address. IPv4 is a numeric addressing method whereas IPv6 is an alphanumeric addressing
method.
IPv4 offers 12 header fields whereas IPv6 offers 8 header fields. IPv4 supports broadcast whereas IPv6
doesn't support broadcast.
What is TCP/IP
TCP/IP is a set of protocol develop to allow cooperating computers to share resources across a network,
TCP stands for Transmission Control Protocol
IP stands for Internet Protocol

The most well known network that adopted TCP/IP is Internet. The biggest WAN in the world. TCP/IP defines
five classes of IP addresses: class A, B, C, D, and E. Each class has a range of valid IP addresses. The value of
the first octet determines the class. IP addresses from the first three classes (A, B and C) can be used for host
addresses.
Class E Address
This IP Class is reserved for experimental purposes only or Study. IP addresses in this class ranges from 240.0.
0.0 to 255.255. 255.254.

The IP address is usually combined with a subnet mask.

• IP Address – 192.168.1.165
Every device needs a unique IP address
• Subnet Mask – 255.255.255.0
Used by the local workstation to determine the subnet it belongs to.
The subnet mask is not usually transmitted across the network
It is the subnet mask that helps turn the IP address into something more than a simple identifier. The subnet
mask allows you to separate out the two pieces of the IP address into a network ID and a host ID
• The IP address isn’t really a single address
• An IP address is a combination of a network ID and a host ID
The subnet mask determines what part of the IP address is the network and which part is the host.
NETWORKING WITH IPv4
• IP Address, e.g., 192.168.1.165 Every device needs a unique IP address
• Subnet Mask, e.g., 255.255.255.0 Used by the local workstation to determine what subnet it belong to.
The subnet mask isn’t transmitted across the network
• Default gateway, e.g., 192.168.1.1
The router allows you to communicate outside of your local subnet
The default gateway must be an IP address on the local subnet
SPECIAL IPv4 ADDRESSES
• Loopback address An address to yourself
Ranges from 127.0.0.1 through 127.255.255.254 An easy way to self-reference (ping 127.0.0.1)
• Reserved addresses Set aside for future use or testing 240.0.0.1 through 255.255.255.254

• Virtual IP addresses (VIP)

Not associated with a physical network adapter
Virtual machine, internal router address
CLASSFUL SUBNETTING
On the early days of an IP protocol, there are only 3 subnet mask that could possibly assigned to a particular
workstations
LEARNING MODULE 5 Configuring IPv4 and Subnet Mask

CONFIGURING IPv4
As you configure your workstation, servers, routers, switches and other layer devices, you will be working a
lot with IP addresses, subnet mask and other parameters that necessary to perform IPv4 networking
For example to manually configure an IP address on the device
IP ADDRESSING
• IP address
• Subnet Mask
• Default gateway
• DNS server

NETWORKING WITH IPv4

• IP Address, e.g., 192.168.1.165
Every device needs a unique IP address
• Subnet Mask, e.g., 255.255.255.0
Used by the local workstation to determine what subnet it belong to.
The subnet mask isn’t transmitted across the network
• Default gateway, e.g., 192.168.1.1
The router allows you to communicate outside of your local subnet
The default gateway must be an IP address on the local subnet
SPECIAL IPv4 ADDRESSES
• Loopback address
An address to yourself Ranges from 127.0.0.1
through 127.255.255.254 An easy way to self-reference (ping 127.0.0.1)
• Reserved addresses
Set aside for future use or testing
240.0.0.1 through 255.255.255.254

Virtual IP addresses (VIP)

Not associated with a physical network adapter
Virtual machine, internal router address
CLASSFUL SUBNETTING
On the early days of an IP protocol, there are only 3 subnet mask that could possibly assigned to a particular
workstations

Very specific subnetting architecture

Not used since 1993

• But still referenced in casual conversation
• Used as a starting point when subnetting
Standard values

THE CONSTRUCTION OF A SUBNET

• Network Address
The first IP address of a subnet
Set all host bits to 0 (0 decimal)
• First usable host address
One number higher than the network address
• Network broadcast address
The last IP address of a subnet
Set all host bits to 1 (255 decimal)
• Last usable host address
One number lower than the broadcast address
THE SUBNET MASK

Classless inter-domain routing (CIDR) is a set of Internet protocol (IP) standards that is used to create unique
identifiers for networks and individual devices. The IP addresses allow particular information packets to be
sent to specific computers.
That system is known as CIDR notation.
CIDR is an IP addressing scheme that improves the allocation of IP addresses. It replaces the old system based
on classes A, B, and C. This scheme also helped greatly extend the life of IPv4 as well as slow the growth of
routing tables.
CIDR is a great way to improve the efficiency of IP address distribution. It was vital with IPv4 as IP addresses
were quickly being exhausted. IPv6 is now rolling out and although running out of IP address is now less of a
problem, CIDR will continue to be used.

LEARNING MODULE 6
Understanding Static IP address and Dynamic IP address for Networking
COMPARISON OF STATIC AND DYNAMIC IP ADDRESS FOR NETWORKING
Definition of Static IP address and Dynamic IP Address
Static IP address is fixed in nature and does not change until it is manually changed by the ISP or network
administrator. Static IP address does not change each time when the user connects to the network or sends a
message. It is usually assigned to the servers, mail servers etc.
When a host is configured with static IP address, the process includes a workstation on a network using static
IP addressing and accessing the desired network element directly. Static IP addressing provides consistent
and immediate access with negligible overheads as associated IP address never alters. The benefit of using
static IP is that it gives less downtime, it also provides remote access, which means a user can access his/her
own pc from any location.
Dynamic IP address is usually configured on the devices using DHCP protocol, and it frequently acquires
changes. Each time the user connects to the network its dynamic IP changes. The DHCP (Dynamic Host
Configuration Protocol) server uses a system to trace and look up IP address information that associate to the
active network elements. The tool which is used for translation is known as Domain Name Server (DNS).
DNS stores the IP address along with the mapped domain name to identify the proper location of the
network element and guides the network traffic to the right point. The two protocols DHCP and DNS are
extensively used while browsing the internet. When a user tries to connect to the network DHCP provides
you with a dynamic IP address for a duration and when the user types a URL on the address bar of a browser
the DNS server maps the domain name to the IP address required for the transmission of the web page.
COMPARISON CHART

ADVANTAGES AND DISADVANTAGES STATIC ROUTING

Advantages
Easily implemented in a small network.
No overheads are produced on router CPU.
Secure because the routes are managed statically.
It is predictable as the route to the destination is fixed.
Extra resources (such as CPU and memory) are not required as update mechanisms are not needed.
Bandwidth usage is not required between routers.

Disadvantages
Unsuitable for complex topologies and large networks.
Large networks increase configuration complexity and time consumption.
Link failure can hinder traffic rerouting.
The administrator must be extra careful while configuring the routes.

ADVANTAGES AND DISADVANTAGES OF DYNAMIC ROUTING

Advantages
Suitable for all the topologies.
Network size doesn’t affect the router operations.
Topologies are adapted automatically to reroute the traffic.

Disadvantages
Initially, it could be complicated to implement.
The broadcasting and multicasting of routing updates make it less secure.
Routes rely on current topologies.
Additional resources are required such as CPU, memory and link bandwidth.

COMPARISON CHART