Active Directory Tutorial Flashcards

youtube channels: Server Academy Jobskillshare

1
Q

workgroup vs domain

A

workgroup (small groups, like at home network): -no server required -user accounts are required on every machine domain: client-server network -a server, called a domain controller, is required (2012, 2019 windows server with active directory on it) -user accounts, user groups are stored in active directory -manages all computer from server. need access to my machine? add colleague /enable colleague to access my machine via active directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is active directory?

A

It’s a directory service available with the windows server platforms. it stores information in a central database and allows users to have a single user account (called a domain user account) for the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

need to know:

A

active directory office 365 microsoft exchange ticketing system deployments basic troubleshooting not just a comptiaA++

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

new hire:

A

create an account username kmoore, create a computer, add to group, document everything in ticket (always log your process in the ticket)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

change user’s title change user’s department

A

all this is done in active directory!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

higher level active directory users

A

creating policy creating group privileges creating “o-use?” checking and creating logs creating domain controller (?) sys admin complete - help desk uses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

sys admin create, and turn over tasks to help desk

A

help desk: manage & create user, groups, computers (user changes passwork, user changes name, adding people to groups, groups adding to other groups, changing computers, deleting computers, blocking computers….)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

domain admin–>LDAP–>active directory

A

(insert it_support_img2) LDAP - lightweight directory access protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

image of active directory on the server

A

(insert it_support_img3) what is the domain name of this active directory environment? –>jobskillshare.org (not necessarily a decipherable name)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

how to tell if a computer login is to a workgroup or a domain?

A

(insert it_support_img4) The login would include / The image is a login to a workgroup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

on a domain connected computer, how to you login to the local computer?

A

/localuser and password need to know local computer name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

how to create a new user

A

start->programs->administration tools-> select active directory users and computers go to computers->new->computer and add the client’s computer name go to users->new->users and ‘create a new user’ with the OpenSSO Enterprise host name as the User ID (login name)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

create new object - user

A

must click box “user must change pass…”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

where to give new user more permissions / how to find out what permissions a user has

A

right click on user, tab “Member Of”, add appropriate group (insert it_support_img6)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

how to find out who is in a certain group / what users can have access to certain groups

A

active directory->users*->right click on group then see “Members” tab *note: a group is a kind of user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

find the domain ip address (host ip address? domain=server, host=local) describe the network and the host

A

cmd >ipconfig 192.168.10.206 domain ip address is 192.168.10.206 the network part is 192.168.10 (this is class C) the host part is .206

17
Q

reset password vs unlock account

A

can also simply unlock their account (if they got locked out, eg by entering wrong passwd multiple times) note: if wants to reset AND got locked out, need to do both

18
Q

create new group

A

right click domain,click new–>group

19
Q

group scope and group type

A

group scope -Domain local : only accessible within our domain -Global : accessible for domains within our forest -Universal : accessible for the whole forest

group type -security : (most common) purpose is restricting access to certain files, domains, actions….or granting access & permissions, create a security group -distribution : ~if you have exchange and want to make an email list to distribute things like “newsletter for helpdesk employees”, create a distribution group

20
Q

domain - trees and forest

A

varonis.com an active directory forest (AD forest) is the top most logical container in an active directory configuration that contains domains, users, computers, and group policies docs. microsoft.com : domain-trees a domain tree is made up of several domains that share a common schema and configuration, forming a contiguous namespace. domains in a tree are also linked together by trust relationships. active directory is a set of 1 or more trees. wikipedia domains are identified by their DNS name structure, the namespace. … a forest is a collection of trees that share a common global catalog, directory schema, logical structure, and directory configuration. The forest represents the security boundary within which user,s computers, groups, and other objects are accessible.

21
Q

organizational unit

A

often (best practice) same as domain name –>put users and groups there also as organization units (??what is difference between user organizational domain and the Users folder under the domain?)

22
Q

create a shared folder (“file shares”)

A

active directory->right click on domain name–>new–>shared folder name “ (example ‘Knowledge Documents’) network path ——– on your server: create a folder : ‘Share’ (or something) right-click, properties–>Sharing tab click Share… –>Choose people on your… type: domain users* you can search for specific user as well as groups in the ‘Add’ field note! the group names have spaces: ‘Domain Users’ is a (default) group! choose permission level ‘read’ (default) or ‘read and write’ now you are shown the status ‘Your folder is shared’ along with the network path of the shared folder –>use this in your new AD object creation Network path (\server\share) \IPDC01\Share now we have shared folder published to active domain, and so we can map it automatically in a group policy ex: help desk group includes access to the Z: drive which is mapped to ‘Knowledge Documents’ –>when a helpdesk employee logs in they automatically have a Z: drive, which is mapped to knowledge docs

23
Q

add a printer

A

right click on domain–>new–>printer network path \ipdc003\printer01 which has to be physically connected to this domain Can add this printer to a group policy, so this printer can be found via the Add Printer service under Control Panel–>Devices

24
Q
A