Coleman University

Performance Test

NET209

NET 209 Active Directory Domains and Management (Midterm Project)

The purpose of this lab is for you to configure a new Active Directory domain in a network
environment that is used by the Fabrikam company (Fabrikam.net) . You will also be asked to
configure an Active Directory integrated DNS server to handle hostname resolution for the
entire Active Directory domain network.
You will use Two Server 2012R2 Datacenter computers isolated from the schools network
(Internal network option on the VM system for network adapters). Your active account will
be Administrator with a password of net209N on both servers.
The tasks to fully complete this midterm project:
1. Rename both servers, one to RWDC01 and the other to RWDC02, assign static IPs, Install
and configure the first Domain Controller and an AD integrated DNS on RWDC01.
2. Then you will install a second domain controller (RWDC02), as a peer with an AD integrated
DNS, and move the PDC emulator Operations Master role to server RWDC02.
3. Create three new users and two new global security groups. Users are Bob Finch, Darlene
Sacks, and Aaron Green. The user passwords will be: Password! The groups will be named
Accounting and Sales. Bob and Darlene are to be added to the Accounting group and Aaron
will be added to Sales.
4. Create two group policies. One deploys a software package (provided by the instructor) for
the Sales and Accounting group. The other will make it so Aaron Green can logon to the server
console.
This project will take 2+ hours. This is to reinforce what you learned in labs in a real new
production environment. Treat it as you would your first job assignment in the field

There are 23 screenshots to get full credit.

Server 1 : RWDC01 (1st Domain Controller and Primary DNS)
Server 2 : RWDC02 (Peer Domain Controller)

Coleman University

Performance Test

NET209

For all necessary screenshots please add these into the a blank WordPad or Word
document you create on your HOST desktop called <Student ID#> finalPreformance for credit.

Part 1 Active Directory Setup

1. First step is to Configure your servers with the following settings:
Use the following IPv4 information: IPs 10.10.1.101 and 10.10.1.102, Subnet
Mask=255.0.0.0 Gateway=10.10.1.101. Your servers need to be named RWDC01 and
RWDC02. Take a screenshot of both Server Manager Local Machine property sheets and
IPv4 settings. *** ( 4 screenshots)
2. Add the Active Directory Domain Services role to RWDC01 then restart. Repeat this step
with RWDC02.
3. Create a new forest and make RWDC01 a Domain Controller. The Domain Name is
Fabrikam.net
4. Make sure that RWDC01 is also an Active Directory integrated DNS.
5. After RWDC01 resets take a screenshot of the Domain container and the Active Directory
Users and Computer's "Users" organizational unit ***(2 screenshots)
6. Open the Tools>DNS and go to DNS > RWDC01 > Forward Lookup Zones >
_msds.Fabrikam.net > dc > tcp . Take a screenshot of its contents. Then expand the
Fabikam.net forward lookup zone and take a screenshot. Lastly, create and then take a
screenshot of the reverse lookup zone after all the pointer records have been added. ***(3
screenshots)
7. Open a command line and type NET SHARE and take a screenshot of the results. *** (1
screenshot)
8. Configure RWDC02 as a peer Domain Controller.
9. After RWDC02 resets, take a screenshot of the Active Directory Users and Computer's
"Users" organizational unit Open the Tools>DNS and go to DNS > RWDC02 > Forward
Lookup Zones > _msds.Fabrikam.net > dc > tcp . Take a screenshot of its contents. Then
expand the Fabikam.net forward lookup zone and take a screenshot. Lastly, create and
then take a screenshot of the reverse lookup zone after all the pointer records have been
added. ***(4 screenshots)
10. Move the PDC Emulator FSMO to RWDC02.

Coleman University

Performance Test

NET209

11. Provide a screenshot of the following location in Active Directory Users and Computers
console on RWDC02. Fabrikam.net (right click) > Operations Masters... then take a
screenshot. *** (1 screenshot)
Total of 15 Screenshots

Part 2 User , Group, and GPO management

1. Create three users named Bob Finch, Darlene Sacks, and Aaron Green. Create the
Accounting and Sales as security Global groups. Take a screenshot of them in the Active
Directory Users and Computer console in the "Users" organizational unit. ***(1 screenshot)
2. Open the Group policy Management Console>Forest>Domain>Default Domain Policy.
3. Edit the Default domain policy and go to Computer Configuration>Policies>Windows
Settings>Security Settings.
4. Change the following security settings: Make the passwords require 10 characters, set the
lockout threshold to allow only three tries with a 15 minute reset and a 15 minute counter
reset, set the auditing of account login events to log successes and failures, set the policy in
security to not display the previous user that logged on. **(Take a snapshot of each of the
settings that you set. 5 screenshots in all)**
5. Create a software distribution point. Put the software given to you by your instructor into
subfolder for the software and name it after the software package. **(Take a snapshot of
the configured software deployment policy)**
6. Create a policy to allow Aaron Green to logon to the server console.*** (1 screenshot)
Total of 8 Screenshots

YOU are now done with the Final Project!!!!

For all necessary screenshots please add them into the a blank WordPad or
Word document you create on your HOST desktop called <Student ID#>
final-Preformance for credit.

Coleman University

Performance Test

NET209

Be sure to turn in your WordPad document with all your screenshots

to your instructor. Thank You.

Grading Rubric: 280 points possible

Measured Item

Internet Protocol Static Addressing

for Proper Active
Directory Setup
(Step 1
Screenshots 1-2)
2 screenshots
total

Objectives
Substantially Met

Meets Minimal
Requirements

Both systems have

correct static
addressing and
screenshots. Shows
correct IP address,
subnet mask, Default
Gateway and DNS
addresses. All ten fields
correct.

Both screenshots
provided. Settings
have been statically
assigned IP
addresses match
the designated
scenario subnet.

Needs Improvement
1
At least one
screenshot provided.
However settings are
set to automatic or
static IP address and
subnet mask does
not match for the
subnet in the
scenario.

Failure to Meet
Requirements
0
No screenshots
provided to validate
correct settings.
Unable to grade this
portion or this section
of the test was
skipped.

Coleman University

Server Manager
System Property
sheets

Performance Test

Both systems have

correct entries and
screenshots.
Computer name and
domain for both
systems is correct.

Both screenshots
provided. However
one or both
computer names
are incorrect.

DNS
Management and
Active Directory
Integration (Step
5 Screenshots 5,
6)

Screenshot was
provided. Correct
results shown in
_msdcs _tcp SRV
records. Zone has
correct domain name.

(Step 6
screenshots 7,8,9)

Reverse Zone created

for Fabrikam.net

(Step 1
Screenshots 3-4)
2 screenshots
total

NET209

At least one
screenshot provided
however computer
names are incorrect
or havent been
changed from
original settings.

No screenshots
provided to validate
correct settings.
Unable to grade this
portion or this section
of the test was
skipped.

Screenshot was
provided. Correct
results shown in
_msdcs _tcp SRV
records. Zone has
correct domain
name.

Screenshot was
provided. However
SRV records are
incorrect or missing.

No screenshot
provided to validate
correct settings.
Unable to grade this
portion or this section
of the test was
skipped.

NETSHARE results
show both
"NETLOGON" and
"SYSVOL" share
names.

The Users container

Includes all the
Domain Admin and
Enterprise groups.

No screenshots
provided to validate
correct settings.
Unable to grade this
portion or this section
of the test was
skipped.

Domain name is
correct.

5 total
screenshots
Active Directory
Installation
(Step 7
Screenshot 10)
(Step 9
Screenshot 11-14)
(Step 11
screenshot 15)
6 screenshots
total

NETSHARE results
show both
"NETLOGON" and
"SYSVOL" share names.
The Users container
Includes all the Domain
Admin and Enterprise
groups.
RWDC02 is confirmed
as the PDC Emulator.

The Users container

Includes all the
Domain Admin and
Enterprise groups.

Coleman University

Part 2 User,
Group, and Policy
Management
(Step 1 screenshot
16)
(Step 4
screenshots 1721)
(Step 5, 6
Screenshots 2223)
8 screenshots
total

Performance Test

NET209

All users verified (3).

All users verified (3).

All users verified (3).

All security policies

have been changed to
necessary values.

All security policies

have been changed
to necessary values.

All security policies

have been changed
to necessary values.

The software
deployment policy has
been created and
deployed.

The software
deployment policy
has been created
and deployed.

Some screenshots
have been included.

Policies for Aaron

Green have been
created and deployed
correctly.

Some screenshots
have been included.

All screenshots have

been included.

Total screenshots in file should be 23 minimum.

No screenshots
provided to validate
correct settings.
Unable to grade this
portion or this section
of the test was
skipped.