LAB Exercises Windows 2003 L2 Training Date:

Module -1

LAB 1 Managing User and Computer Accounts

Objective 1: Creating User and Computer accounts from the Command Line
Description: create a user by name Jack and Computer name as Comp1 in a OU called Training for
the domain wipro.com

Steps:
1. Enter into the command line and type the following commands

C:>net user ramesh password /add /domain

C:>dsadd ou “ou=training,dc=wipro,dc=com”
C:>dsadd user “cn=jack,ou=training,dc=wipro,dc=com
C:>dsadd computer “cn=comp1,ou=training,dc=wipro,dc=com

Objective 2: Creating Bulk user accounts using CSVDE and LDIFDE

Description: Create 5 user accounts in a Training OU of Wipro.com out of which make 3 users as
enabled and remaining 2 users as disabled by default after creation by using CSVDE and LDIFDE
methods

Steps:

CSVDE Method

Create a file as test.csv in the notepad with the following contents

DN,OBJECTCLASS,DISPLAYNAME,USERPRINCIPLENAME,SAMACCOUNTNAME,
USERACCOUNTCONTROL
“cn=user1,ou=training,dc=wipro,dc=com”,user,user1,user1@wipro.com,user1,512
“cn=user2,ou=training,dc=wipro,dc=com”,user,user2,user2@wipro.com,user2,512
“cn=user3,ou=training,dc=wipro,dc=com”,user,user3,user3@wipro.com,user3,512
“cn=user4,ou=training,dc=wipro,dc=com”,user,user4,user4@wipro.com,user4,514
“cn=user5,ou=training,dc=wipro,dc=com”,user,user5,user5@wipro.com,user5,514

Run the following command from the command line

C:>csvde –i –v –f test.csv

LDIFDE Method

Create a file as TEST.ldf in the notepad with the following contents

DN:cn=user1,ou=training,dc=wipro,dc=com
OBJECTCLASS:user
DISPLAYNAME:user1
USERPRINCIPLENAME:user1@wipro.com
SAMACCOUNTNAME:USER1
USERACCOUNTCONTROL:512
DN:cn=user2,ou=training,dc=wipro,dc=com
OBJECTCLASS:user
DISPLAYNAME:user2
USERPRINCIPLENAME:user2@wipro.com
SAMACCOUNTNAME:user2
USERACCOUNTCONTROL:512

DN:cn=user3,ou=training,dc=wipro,dc=com
OBJECTCLASS:user
DISPLAYNAME:user3
USERPRINCIPLENAME:user3@wipro.com
SAMACCOUNTNAME:USER3
USERACCOUNTCONTROL:512

DN:cn=user4,ou=training,dc=wipro,dc=com
OBJECTCLASS:user
DISPLAYNAME:user4
USERPRINCIPLENAME:user4@wipro.com
SAMACCOUNTNAME:USER4
USERACCOUNTCONTROL:512

DN:cn=user5,ou=training,dc=wipro,dc=com
OBJECTCLASS:user
DISPLAYNAME:user5
USERPRINCIPLENAME:user5@wipro.com
SAMACCOUNTNAME:USER5
USERACCOUNTCONTROL:512

Run the command as C:/>ldifde –i –v –f test.ldf

Objective 3: Joining a computer account to a Domain

Description: Join the computer account Comp1.wipro.com to the domain wipro.com from the
command line

Steps
1. Install the support tools on the Machine which is already joined to the domain wipro.com
2. Run the following command from the support tools command prompt

C:/>netdom join comp1 /domain:wipro.com /reboot:15

3. Check the computer account in the Computer container of AD
 Objective 4: Moving User and Computer Accounts from the command Line

Description: Move user1 and User2 from training OU to sales OU in wipro.com from the
command line and check up through ADUC

Steps:

1. dsadd user “cn=user1,ou=training,dc=wipro,dc=com”

2. dsadd user “cn=user2,ou=training,dc=wipro,dc=com”
3. dsadd ou “ou=sales,dc=wipro,dc=com”
4. dsmove “cn=user1,ou=training,dc=wipro,dc=com” –newparent
“ou=sales,dc=wipro,dc=com”
5. dsmove “cn=user2,ou=training,dc=wipro,dc=com” –newparent
“ou=sales,dc=wipro,dc=com”
6. Checkup the user accounts in the new OU Sales using ADUC

Objective 5: Enable/Disable user accounts and deleting the objects

Description: Enable the user account USER1 and disable the user account user2 in the training
OU of wipro.com. Delete the user1 from the training OU through command Line

Steps:

1. dsmod user “cn=user1,ou=training,dc=wipro,dc=com” –disabled no

2. dsmod user “cn=user2,ou=training,dc=wipro,dc=com” –disabled yes
3. dsrm “cn=user1,ou=training,dc=wipro,dc=com”
4. Test the results by using ADUC

Objective 6: searching for a specific object and attribute of an Object

Description: Search for the home directory path of a user User1 of training OU in the
wipro.com and search for the user object Jack in the Domain Wipro.com

Steps:

1. dsget user “cn=user1,ou=training,dc=wipro,dc=com” –hmdir

2. dsquery user domainroot –name jack
3. Check the Results
 LAB 2 Creating and Managing Groups

Objective 1: Creating Global and Local Groups from the command Line

Description: Create a Global group by name sales in a training OU of acme.com and add the
users user1,user2 and user3 as members. Create a local group by name finance on the Member
server and add the users user X , User Y and User Z as members.

Steps:

1. log on to the domain wipro.com and enter into the command line
2. dsadd group “cn=sales,ou=training,dc=wipro,dc=com” –secgrp yes –scope g –
members user1 user2 user3 –d wipro.com
3. check the global group and its members in the Active directory users and
Computers
4. Log on to a domain in a Member server
5. net localgroup sales /add
6. net localgroup sales userX UserY UserZ /add
7. Net localgroup sales

Objective 2: Setting up a group strategy for a given scenario

Description: Create shared folder software on a file server. userX and UserY should have read
only permission. User1 and User2 should have read write permission. Set the permission using
AGDLP concept.

Steps

1. Create a Shared folder on the file server and share it .

2. create salesG1 and Sales G2 as global scope and salesDL1 and Sales DL2 as
domain local scope security groups
3. add users UserX and UserY into SalesG1
4. add user user1 and User2 into salesG2
5. Make SalesG1 as the Member of SalesDL1
6. Makes salesG2 as the member of SalesDL2
7. Set the appropriate permission for the SalesDL1 and SalesDL2 on the share
folder
8. check the permissions by logging as User1 and UserX
 Lab 3 Managing Access to resources

Objectives: Configuring NTFS Security

Description: Create users UserX and UserY in wipro.com. create a share test
folder and a test file with in it on a Member server. set full control for the userX and Usery on the
folder Test. Set Read only permission for userX on the test File.check for NTFS permissions and
effective permissions. Configure ofline settings also check effect of moving and copying of folders
from one partition to another partition as well as in the same partition

Steps:

1. Log on to the domain wipro.com

2. Net user userX /add /domain
3. Net user UserY /add /domain
4. c:/>md test
5. c:/>cd test
6. c:/test> copy con test.txt
7. welcome to wipro Infotech ^Z
8. net share test=c:\test
9. Set Full control as NTFS permission for the both the users on test
folder
10. set read only permission for the test.txt file for the user UserX
11. Check inherited permissions for both the users
12. Check file security over folder Security
13. Check for effective permission for userX on the file Test.txt
14. Configure Share folder Security
15. Configure Offline Settings
 LAB 4 Implementing Printing

Objective :Install Printers setting printer location and configuring Network Printer

Description: install a the driver for the printing device Epson fx105 model. Set the
location attribute to make the search faster. Configure a printer with network port having an
address IP address as 192.168.10.100 . Check the printing after configuration.

Steps

1. Install the printer driver for the printer using Add new printer wizard
2. create a subnet object in the ADSS
3. Configure Location Attribute in the subnet object
4. Configure location Attribute in the printer driver
5. Configure network printer
6. Test the configurations
 LAB 5 – Managing Printing

Objective : create a printer pool ,Availability and priority

Description: Install a driver for the printer provided and set the available time from 10
AM to 2 PM . define the priority for the managers as highest and for business executives as the
least Also enable printer pooling.

Steps

1. Install the driver for the printing device

2. set the available time period of the printer
3. set the priority as 99 for this printer and disable print option for business
executives on this driver
4. Install one more driver for the same printer
5. set the priority as 1 for this printer and disable print option for managers on this
printer
6. Enable printer pooling option to print on the available printer
 LAB 6- Managing Access to objects in Organizational Units

Objective 1: Create a OU and moving objects between the OU form the command
line

Description: Create two OU’s Training and sales in wipro.com add user1 and
user2 to Training OU and UserX,userY to Sales OU. Set rights for the user1 to join a computer to
the doamain only. For UserX set the rights to create user Objects only. For user2 Set the rights to
reset the passwords for both OU’s users. Also Move user1 to sales OU and Userx to Training OU.

Steps:

1. dsadd ou “cn=sales,dc=wipro,dc=com”
2. dsadd ou “cn=training,dc=wipro,dc=com”
3. dsadd user “cn=user1,ou=training,dc=wipro,dc=com”
4. dsadd user “cn=user2,ou=training,dc=wipro,dc=com”
5. dsadd user “cn=userX,ou=sales,dc=wipro,dc=com”
6. dsadd user “cn=userY,ou=sales,dc=wipro,dc=com”
7. Open Active directory users and computers
8. run delegation wizard at the domain level set the rigts for the user1 to
join a computer to the domain
9. run delegation wizard at sales ou and set the rights to create user
objects
10. run delegation wizard at the training OU and set the rights to reset
the password
11. dsmove “cn=user1,ou=training,dc=wipro,dc=com” –newparent
“cn=user1,ou=sales,dc=wipro,dc=com”
12. dsmove “cn=userX,ou=sales,dc=wipro,dc=com” –newparent
“cn=userX,ou=training,dc=wipro,dc=com”
13. Check the status of all the users and OU in ADUC

LAB 7 Preparing to Administer a Server

 Objective: Create a shared folder on a remote computer
Defragment a disk on a remote computer
Connect to a remote console session
Create shortcuts for administrative

Description: create a share folder on a file server by using manage tab. Defragment
the the harddisk of file server from a remote computer. Establish a remote administration
session from the client computer. Create a MMC snapshot to create local user accounts on the
file server.

Steps:

1. Right click on My computer and click on manage

2. right click on computer and click on connect to another computer
3. Use share folder option to create a share folder on the remote
computer
4. use disk management to defrag the hard disk of remote computer
5. create MMC snapshot to create local user accounts on the remote
computer

LAB 8 preparing to monitor server performance

 Objective : Monitor DHCP server,DNS server and Domain Controller

Description: Monitor the behavior of the DHCP,DNS and Domain controller on various
Loads using System Monitor tool also create Counter and trace logs

Steps :
1. Open the system monitor tool
2. connect to the server to be monitored
3. Add the appropriate counters
4. observe the behavior in the GUI mode
5. Repeat the steps for other servers also

LAB 9 Managing Disks

 Objective 1: creating and deleting partitions through Diskpart utility /disk management
also to view partition information. Converting FAT into NTFS file system

Description : Create two primary partition on a given HDD and assign a drive letter G
and H and volume label as Training. View the partition table information. Delete the partition H
drive from the HDD.

Steps:

A. To partition a disk by using Disk Management:

1. In Computer Management, open Disk Management.

2. Right-click an unallocated region of a basic disk, and then click New Partition, or right-click free space in an
extended partition, and then click New Logical Drive.

3. In the New Partition Wizard, click Next.

4. On the Select Partition Type page, click Primary Partition, and then click Next.

5. On the Specify Partition Size page, type nnn (where nnn is the size in megabytes), and then click Next.

6. On the Assign Drive Letter or Path page, select the drive letter, and then click Next.

7. On the Format Partition page:

a. Select the appropriate file system and allocation unit size.

b. Type the appropriate volume label.
c. Select or clear the Perform a quick format and Enable file and folder compression check boxes.

8. Click Next, and then click Finish.

B.To format a disk by using Disk Management:

1. In Computer Management, open Disk Management.

2. Right-click the partition, logical drive, or basic volume that you want to format or reformat, and then click
Format.
3 Select the options that you want under:
• Volume Label.name the disk.
• File System.select either NTFS or FAT.
• Allocation Unit Size.select the allocated size of the disk that you want to format.

4. If you are sure that the disk is undamaged, select the Perform a Quick Format check box.

5. To compress files and folders on the disk, with NTFS volumes only, select
Enable File and Folder Compression.
C. To delete a partition by using Disk Management:

1. In Computer Management, open Disk Management.

2. Right-click the partition that you want to delete, and then click Delete Partition.

D. To partition a disk by using DiskPart:

1. At the prompt, type diskpart

2. At the prompt, type list disk and then make a note of the number of the disk on which you want to create a primary
or extended partition.

3. At the DISKPART prompt, type select disk n (where n is the disk number of the disk where you want to create the
primary or extended partition).

4. At the DISKPART prompt, type one of the following (where number is in

megabytes):

• Create partition primary size=number

. Or .
• Create partition extended size=number
. Or .
• Create partition logical size=number

E. To delete a partition by using DiskPart:

1. Open Command Prompt, and then type diskpart

2. At the DISKPART prompt, type list disk

Make a note of the disk number of the disk from which you want to delete the partition.

3. At the DISKPART prompt, type select disk n (where n is the disk that you
want to delete the partition from).

4. At the DISKPART prompt, type list partition

Make a note of the number of the partition that you want to delete.

5. At the DISKPART prompt, type select partition n, where n is the partition

number of the partition that you want to delete.

6. At the DISKPART prompt, type delete partition

F. To assign, change, or remove drive letters by using Disk Management:

1. In Computer Management, open Disk Management.

2. Right-click a partition, logical drive, or volume, and then click Change Drive Letter and Paths.

3. Do one of the following:

• To assign a drive letter, click Add, and then click the drive letter that
you want to use.
• To modify a drive letter, click it, click Change, and then click the drive
letter that you want to use.

• To remove a drive letter, click it, and then click Remove.

G. To assign, change, or remove a drive letter by using DiskPart:

1. Open Command prompt, and then type diskpart

2. At the DISKPART prompt, type list volume. Make note of the number of the volume whose drive letter you want
to assign, change, or remove.

3. At the DISKPART prompt, type select volume n (where n is the number of the volume whose drive letter you want
to assign, change, or remove).

4. At the DISKPART prompt, type one of the following:

a. assign letter=L (where L is the drive letter that you want to assign or change)

b. remove letter=L (where L is the drive letter that you want to remove)

H. To convert a volume from a FAT or FAT32 drive to NTFS:

1. In a command prompt, type convert d: /fs:ntfs (where d: is the letter of the disk drive).

2. Press ENTER.

If the partition you are converting is the system or boot partition, you must restart the computer running Windows
Server 2003.

LAB 10 Managing Data storage

 Objective 1: Configuring Disk Quota Entries exporting and importing Quota entries

Description: Restrict disk space to 100 MB on the file server for the users Jack and Jill of
wipro.com Export quota entries of Jack and Jill Import the the quota entries for new file server
also.

Steps:

1. Open the properties of a partition on the file server

2. Click on Quota and enable quota management
3. Open quota entries
4. add a new entry for the user Jack
5. set limit disk space to 100 MB
6. set the warning level to 80 MB
7. click on quota and export to a file
8. Import this file on the other server by entering into same wizard
9. Repeat the same steps for the other user Jill also
10. Test the limitation by creating a home folder on the file server

Objective 2: Compressing a folder to increase the disk space encrypt a file and recover
through recovery agent

Description : You have to compress a data folder of size 1 GB and represent with alternate
color. User jack has encrypted a file and has left the organization there is a crucial data in this
encrypted file you have to decrypt the file and make it usable.

Steps: compressing a folder and displaying in alternate color

1. right click on the data folder access the properties

2. on general tab click on advanced option
3. click on compress contents to save disk space
4. close the wizard
5. click on tools on the main window
6. click on folder options
7. click on view
8. select the “show encrypted and Compressed NTFS files in color”

Steps: Encrypting and recovering a encrypted a file

1. Log in as user jack

2. right click on the file to be encrypted and select properties
3. click on advanced option in general tab
4. select encrypt contents to secure data
5. export the certificate and the private key of the user Jack
6. login as administrator
7. import the private key of the user jack
8. cipher –u test.txt
9. open the test.txt to view the contents