Вы находитесь на странице: 1из 19

2016

Purdue University
CNIT 242
Section 001

Authors: Benya Chongolnee


Noah Grostefon
Emily Harshman
TA: Professor Hands
Due Date: 9/26/16
Date Submitted: 9/26/16
-On Blackboard

Lab 01: Windows Administration

Lab 01: Windows Administration

09/26/16

Table of Contents
Executive Summary......................................................................................2
Background & Business Scenario................................................................3
Procedures...................................................................................................4
Hardware Check......................................................................................4
Operating System Installation/Network Configuration.............................4
NTP Time-Sync Configuration.................................................................5
Directory Services...................................................................................5
Users and Groups...................................................................................5
Network File Sharing...............................................................................5
Group Policies.........................................................................................5
Seamless Profiles & Redirected Desktops..............................................6
User Disk Quotas....................................................................................6
Logoff Script............................................................................................6
Anti-virus/Anti-Spyware...........................................................................7
Results.........................................................................................................8
Network Diagram...............................................................................,...14
Conclusions and Recommendations..........................................................15
References.................................................................................................16
Appendix.....................................................................................................17
Appendix A: Problem Solving and Troubleshooting..........................17
Appendix B: Cisco PIX Configuration...............................................18

Page 1

Lab 01: Windows Administration

09/26/16

Executive Summary
The purpose of this report is to describe Hands Publishing server and network
systems as well as how the company can make decisions regarding implementation. In
addition, this report shows the steps that were taken to ensure a successful setup, so
Hands Publishing employees could log into their specific account from any computer
within the company with no problems. Along with allowing for the employees to be a bit
more mobile, the report describes how to effectively setup file sharing among each
employee as well as how to set up quotas for each users. How to setup shared printer
among employees to ensure an easy print setup within the office and how to install and
enable anti-virus/anti-spyware solutions are also described in the report.
In order to provide this setup, a relevant literature review was conducted by the
team on how to execute client/server architecture as well as information on how to
effectively implement this setup. This report explores four main topics: 1) the client need
for this particular client/server architecture, 2) the hardware and software used in order
to implement this setup, 3) The procedures taken to execute the companys needs and
4) recommendations from team members. With this setup, key recommendations were
identified in improving implementation of the system within a business including; a slow
transition into said architecture, continual updates of the software being used, and full
CEO support. The complexity that comes with implementing this client/server
architecture can be complex and should be a slow transition from the current server to
the new one. In order for a smooth transition, CEO support as well as other employee
support is vital as well as keeping all software up to date and making this a top priority.

Page 2

Lab 01: Windows Administration

09/26/16

Background and Business Scenario


Hands Publishing started off in 2016 as a publishing company. The company is
located in the heart of Austin, Texas in a small office. Joe Smith, Jill Smith, Larry Smo,
Lilly Rainor, Megan Sprite, and Sara Hanson are the five employees currently working
at Hands Publishing. Joe Smith is the CEO and is in the board of director. Jill Smith is
in charge of accounting. Larry is the information technology and part of the admin
group. Lilly is in marketing, while Megan is in editing and Sara is in contracting. Those
are the current six employee working at Hands Publishing, but the company hopes to
expand in the near future.
Since Hands Publishing is very new, all six employees need working server
and network system in order to run the business effectively and efficiently. All six
workers need a network system that will allow them to do their work on any computers
in the office that would have saved their past works and profiles. They need the system
to be flexible with their type of job, where there might be a chance of travelling or
relocating. The system also need to be secure and protected from any virus or malware
since there are some sensitive information on the server such as secret books and
payment information. It should have necessities of what a basic network system should
have such as VMware Player, directory services with users and groups, network file
sharing, group policy, and much more.

Page 3

Lab 01: Windows Administration

09/26/16

Procedures
Hardware Check:
1. Removed side panel of computer case.
2. Ensured all required hardware components were present.
3. Removed hard drive(s) and documented manufacturer and capacity.
4. Installed hard drives(s) and side panel.
5. Repeated steps 1-4 for each system (2 x Optiplex 990 and 1 x Optiplex 620).
6. Connected each monitor, keyboard, and mouse to a KVM switch, three switches
in total.
7. Connected each KVM switch to each of our three systems.
Operating System Installation/Network Configuration (Bartolo, 2013):
1. Procured Windows 10 32-bit, Windows 10 64-bit, and Server 2012 installation
discs.
2. Inserted Windows 10 32-bit into the Optiplex 620 machine, Windows 10 64-bit
into one of the Optiplex 990 machines, and Server 2012 into the remaining
Optiplex 990.
a. After inserting the disc(s), the computer(s) were restarted.
b. Opened the systems BIOS.
c. Navigated to the boot order menu in the BIOS.
d. Change boot order from the hard drive to the optical (disc) drive.
e. Rebooted the computer.
f. Selected language, timezone, and keyboard layout, then clicked Next |
Install Now | Custom: Install Windows only (advanced).
g. Deleted all pre-existing partitions on the hard drive(s), then clicked Next
h. After Windows finished the installation process, Use Express Settings was
clicked.
3. Connected each Optiplex system to a Netgear switch through an Ethernet
interface.
4. Connected the Netgear switch to the network cable drops through Ethernet.
5. After the Desktop loaded, we navigated to Start Menu | Control Panel | Network
and Internet | Network and Sharing Center | Connections: Ethernet | Properties |
Internet Protocol Version 4(TCP/IPv4) | properties
6. In the IPv4 properties menu, we selected Use the following IP address: and Use
the following DNS server addresses.
7. Entered the IP addresses as per Table 1-IP Schema on page 13.

Page 4

Lab 01: Windows Administration

09/26/16

8. After the network loaded, we navigated to the search bar, searched Windows
Update and clicked Check for updates.
NTP Time-Sync Configuration (SysAdmin Lab, 2012):
1. Started powershell command prompt on the Optiplex 620 with Server 2012.
2. Ran the following command to change time source to the cit.lcl servers:
-w32tm.exe /config /manualpeerlist:cit.lcl /syncfromflags:manual
/reliable:YES /update
3. Ran the commands: -w32tm.exe /config /update and -Restart-Service
w32time
Directory Services (Held, 2014; Microsoft TechNet):
1. Launched Active Directory on Server 2012
2. Created a new domain and forest: run Active Directory Installation Wizard | Next |
Domain controller for a new domain | Next | Create a new domain tree | Next |
Create a new forest of domain trees | Enter name of the new domain
(group17.c24200.cit.lcl) | Next | Accept default settings | Accept default settings |
Yes, install and configure DNS on this computer | Next | Type password and
confirm it for Administrator | Next | Finish.
Users and Groups Creation:
1. Created users by: launching Active Directory Users and Computers | Right-click
folder to create users to | New | User | Enter name, logon name, and password |
Next | Finish. Repeated process for every user on the domain.
2. Created groups by : launching Active Directory Users and Computers |
Right-click folder to create groups to | New | Group | Enter group name | Add
individual users to the group | Next | Finish. Repeated process for every group on
the domain.
Network File Sharing:
1. Launched Active Directory Users and Computers | Selected container in which
the shared folder was created to | New | Shared Folder | Enter folder name |
Click OK | Navigate to properties | Permissions | Assign specified permissions on
a per-user or per-group basis | OK.
Group Policy (Microsoft Technet, 2011):
1. Disabled Regedit
a. Launched Group Policy Management Console | Right-click where the new
GPO will be created | New | New GPO | Specify name | OK
Page 5

Lab 01: Windows Administration

09/26/16

b. Double-click Group Policy Objects | Right-click newly created GPO | Edit |


User Configuration | Administrative Templates | System | Prevent access
to registry editing tools | Enabled | Apply | OK
2. Disabled Command Prompt
a. Launched Group Policy Management Console | Right-click where the new
GPO will be created | New | New GPO | Specify name | OK
b. Double-click Group Policy Objects | Right-click newly created GPO | Edit |
User Configuration | Administrative Templates | System | Prevent access
to command prompt | Enabled | Apply | OK
Seamless profile & Redirected Desktops (Microsoft Technet):
1. Created new shared folder for home directory: Launched Active Directory Users
and Computers | Selected container in which the shared folder was created to |
New | Shared Folder | Enter folder name | Click OK.
2. Right-clicked the new shared folder | Properties | Sharing | Share this folder | OK.
3. Launched Active Directory Users and Computers | Locate the user account |
Right-click user | Properties | Profile | Connect | Specified drive letter as (P:) |
Specified path to \\group17.c24200.cit.lcl\homedirectory\sharedfolder\user.
Repeated process for every user.
User Disk Quotas:
1. Navigated to the C:\ drive in Windows Explorer | Right-click | Properties | Quota |
Enable quota management | Specified limit at 5.0GB | Deny disk space to users
exceeding quota limit | OK.
2. Navigated to the C:\ drive in Windows Explorer | Right-click | Properties | Quota |
Show Quota Settings | Quota Entries | Selected user | Properties | Select users
to apply the quota to | OK | OK.
Remote Server Management:
1. Launched Server Manager | click Remote Management in the Properties are of
Local Servers page | Enable remote management of this server from other
computers | OK.
2. Launched Remote Desktop Connection on a client PC | enter
group17.c24200.cit.lcl in Computer textbox | enter administrator credentials | OK.
Logoff Script:
1. Launched Group Policy Management | User Configuration | Policies | Windows
Settings | Scripts (Logon/Logoff) | Logoff | Click Add in Logoff Properties | Click
Browse | Locate script .bat file | OK.
Page 6

Lab 01: Windows Administration

09/26/16

Anti-virus/Anti-Spyware:
1. Windows Defender on Windows 10 Machines:
a. Launched Start Menu | Settings Icon | Update & Security | Windows
Defender | Enable Real-time protection | Enable Cloud-based protection |
Enable Automatic sample submission | OK.
2. Windows Defender on Windows Server 2012 Machine:
a. Launched Start Menu | Control Panel | System and Security | Security and
Maintenance | Windows Defender | OK.

Page 7

Lab 01: Windows Administration

09/26/16

Overview of Results
Upon the completion of lab one, the team successfully set up one Windows 2012
server and two Windows 10 clients on three separate machines. The Optiplex 990
machine running Windows Server 2012 was set up with its own domain. This domain
had multiple users and groups corresponding with the various departments in Hands
Publishing.

Some of the users that exists on the domain

The second Optiplex 990 machine running Windows 10 x64 had a VMware
virtual machine installed running Windows 7.
Each machine (2 x Optiplex 990 and 1 x Optiplex 620) were connected to the
network through a netgear switch. Each machine was networked per the network
address in Table 1 on page 13.
Each user and groups respectively were granted specific rights and shared
resources dependent upon the needs and occupation of the domain users.

Page 8

Lab 01: Windows Administration

09/26/16

Larry Smo is a member of IT and can access IT folder

Each user had their own respective username and a password that met the
group policy for logon and password policies (Table 2 on page 13). Network file-sharing
was implemented allow clients to access shared resources from the server as well as
access from multiple different computers. A shared printer was also implemented over
the network to allow clients to print over the network.

Page 9

Lab 01: Windows Administration

09/26/16

Shared printer (M1219) and shared resources

Group Policies were established to disable non-administrator clients from


accessing the Registry Editor. Other group policies include the disablement of the
command prompt, disallowing non-administrators from running the program to prevent
undesirable vulnerabilities in the system.

Registry editing disabled

Seamless profiles were implemented through the use of redirected profiles and
desktops as well as a home directory for each user. The home directory was mapped to
drive P: and each user had a disk quota, limiting each user to a max of 5.0gb on their
home directory. Despite implementing a logoff script in the group policy with the

Page
10

Lab 01: Windows Administration

09/26/16

intention of deleting temp files on the user's home directories, the script did not
successfully work despite much effort in implementation.
Each machine had access to the remote server manager that allowed access to
the server from either non-server machine. Only administrators were granted remote
access to the server.

Remote Desktop Connection through Admin1

Remote Access to the server using a non-server machine

Page
11

Lab 01: Windows Administration

09/26/16

All machines also were running a definition of Windows Defender as a


anti-virus/spyware solution.

Windows Defender

Page
12

Lab 01: Windows Administration

09/26/16

IP Schema and Services


Table 1. IP Schema and Services
Operating
Systems

IP Address

Subnet Mask

Default Gate

DNS

Windows
Server 2012

10.18.17.11

255.255.255.0

10.18.17.1

10.2.1.11;
10.2.1.12

Windows 10
32 bit

10.18.17.101

255.255.255.0

10.18.17.1

10.18.17.11;
10.2.1.11

Windows 10
64 bit

10.18.17.102

255.255.255.0

10.18.17.1

10.18.17.11;
10.2.1.11

Table 1. IP Schema and Services


Credentials [Usernames & Passwords]
Host(s)

Username

Password

Windows Server Administrator


2012 R2

Group17

Windows Server Jsmith


2012 R2

Group17

Windows Server JillS


2012 R2

Group17

Windows Server LSmo


2012 R2

Group17

Windows Server LRainor


2012 R2

Group17

Windows Server MSprite


2012 R2

Group17

Windows Server SHanson


2012 R2

Group17

Table 2. Usernames and Passwords

Page
13

Lab 01: Windows Administration

09/26/16

Network Diagram

Network Diagram that was implemented for this project

Page
14

Lab 01: Windows Administration

09/26/16

Conclusions and Recommendations


In conclusion, Hands Publishing needed a client/server architecture that would
allow each employee to log into any computer within the company with their account
credentials. On top of that, they required a system that allowed for easy file sharing
within the company as well as a secure and protected server that is protected from
viruses, malware, or worms. In order to test for any errors or issues that may be
encountered, the Information Technology team ran a test pilot of the architecture they
were hoping to implement. Based on the results stated above from the pilot, it is
believed that implementing this system within the company would be a success.
Executing this system would bring benefits such as security, flexibility, and accessibility
within the office.
While the test pilot was successful, implementing this technology in the company
will take time and will need CEO and employee support. Without the support of the CEO
and employees, the funding needed may not be available, and transition into the new
system may not be as successful as it could. This funding and support would include
employee training for both the IT team and the other departments. In order to be
successful in implementation, a recommendation is to have a slow transition into this
new system. Implementing this system without proper employee training could cause
many problems within the business as well on the IT side. These issues could cause the
company to lose money in the end. It is also recommended to keep the software and
hardware up-to-date will help the system run more smoothly as well. When the
computers were not updated, they tended to be slower or cause unnecessary errors.

Page
15

Lab 01: Windows Administration

09/26/16

References*
(2011). Group Policy for Beginners. M
icrosoft Technet. Retrieved from
https://technet.microsoft.com/en-us/library/hh147307(v=ws.10).aspx
(2012). Configuring NTP on Windows Server 2012. S
ysAdmin Lab.
Retrieved from
http://www.sysadminlab.net/windows/configuring-ntp-on-windows-ser
ver-2012
Bartolo, A. (2013). Step-By-Step: Adding a Windows Server 2012 Domain
Controller to an Existing Windows Server 2003 network. Microsoft
TechNet. Retrieved from
https://blogs.technet.microsoft.com/canitpro/2013/05/05/step-by-stepadding-a-windows-server-2012-domain-controller-to-an-existing-wind
ows-server-2003-network/
Held, B. Bijon, E. (2014). Building Your First Domain Controller on 2012
R2. Microsoft TechNet. Retrieved from
http://social.technet.microsoft.com/wiki/contents/articles/22622.buildin
g-your-first-domain-controller-on-2012-r2.aspx
(n.d.) Directory Service Configuration. M
icrosoft TechNet. Retrieved from
https://technet.microsoft.com/en-us/library/cc961596.aspx
(n.d.) Folder Redirection Overview. Microsoft Technet. Retrieved from
https://technet.microsoft.com/en-us/library/cc732275.aspx

*Please note that the references did not include the teacher assistance and the CNIT242 lecture

Page
16

Lab 01: Windows Administration

09/26/16

Appendices
Appendix A: Problem Solving and Troubleshooting
Problem: Could not connect other computers to the domain server
Cause: Client computers were not connecting to the domain server because the IP
address was not functioning properly.
Resolution: After a few google searches, opinions from the teacher assistance, and a
few trial and errors, this problem was resolved by changing the DNS server IP address
for the netgear switch. After doing that, the client computers were connecting to the
domain server just fine.
Problem: Disabling group policy for regedit
Cause: Undetermined
Resolution: It stated on the monitor that it was regedit is disabled; however, after
testing, it was not working. In order to resolve this problem, authenticated worker
needed to be checked. With that being said, disabling regedit needed to be applied to a
group that contains all the users.
Problems: Computers were not turning on and malfunctioning
Cause: The cables and KVM switches were not working properly and/or broken
Resolution: A lot of the cables and KVM switches that were involved during this project
were broken or not functioning properly. Switching cables and switches to different ones
were difficult because there were a lot of broken and malfunctioning cables and
switches in the bin. After a few rounds of switching them out, a few perfect cables and
switches were found.
Problems: The monitor would not turn on
Cause: We did not insert the CDs in the computer to install Windows
Resolution: At the beginning of this project, the monitors for two of the computers could
not be turn on. After a few tests to figure it out, a way to solve this issue is to have the
Windows installation CDs in the computer to install windows.

Page
17

Lab 01: Windows Administration

09/26/16

Appendix B: NetGear PIX Configuration


(GS108T V1H1 - 3.0.2)
Port number

Cable label

CA

CB

Ethernet cable for DESKTOP_1

Ethernet cable for DESKTOP_2

Ethernet cable for DESKTOP_3

Page
18

Вам также может понравиться