Section 2 - Power Shell

Question 1

What are powershells main verbs?

Answer 1

get
set
copy
move
new
add (like adding user to group)

Question 2

How to go forwards and backwards through commands that powershell tries to auto compete?

Answer 2

tab
shift

This is done through intelisense

Question 3

Get services then start and stop the Remote Management service

What would this service be known as in terms of powershell

Show the man page for stop-service

Answer 3

get-service
WinRM

stop-service -name “winrm”
start-service -name “winrm”

-name would be a parameter

winrm is a parameter

get-help stop-service

Question 4

Show running processes
show the 5 newest system event logs
Change the formatting of this so you can see more information
Send this info to a text file

Answer 4

get-process
get-eventlog -logname system -newest 5 | format-list | out-file c:\log.txt
(this is normally formatted as a table)

Question 5

Show all commands

Show a command that contains the word “net” and also the word “reset”

Answer 5

get-commands -noun net* -verb reset (use a wildcard)

Question 6

Show current modules
What are they?
import activedirectory module

Where would you find downloadable modules?

download a command

Answer 6

They contain tons of commands

get-module

import-module -name activedirectory

powershellgallery.com
search what you want, click on it, copy the command that will download it

Question 7

What is a forest, tree, and a forest?

Answer 7

Every Active Directory Domain must be part of a forest and a tree.

Tree - every child domain that contains the parents name

Forest - Domains in forest contain same schema. Schema makes up all objects and attributes. Multiple forests can be linked, but they won’t have the same schema, you can add a trust though

Question 8

Why have multiple domains?

Answer 8

Big company over different countries

Question 9

What would your child domain called UK be called in AD if your first domain was examlabpractice.com

What about if UK has a child domain?

Answer 9

uk.examlabpractice.com
scotland.uk.examlabpractice.com

Question 10

What is a trust relationship

Answer 10

Domains can share resources

Question 11

Why go to multiple trees?

Answer 11

If a different naming convention needs to be used.

Question 12

What can domains part of the same forest share?

Answer 12

Resources - files, folders, printers

Scheme - Object templates and attributes (like you can look up a user in a different county in a same forest)

Question 13

Where is the Active Directory database stored?

What partitions does this consist of?

Answer 13

NTDS.dir

Configuration - Replicates to every DC in Forest. Has info how forest is configured.

Schema - Makes all object and attributes for entire forest. IE: Has info on how to build users, groups, etc. It has a bunch of templates/blueprints basically. Replicates forest wide.

Domain - Unique per domain. Users, passwords, groups, etc. all stored here for your unique Domain. Replicates to only DCs in this domain.

Application (custom) - You can create this and choose what is stored here. For custom made objects and you can choose which DCs replicate this.
These two are actually in here:
-ForestDNSZone
-DomainDNSZone

Question 14

What is the Global Catalog

Answer 14

Special job you can assign to a DC that replicates a subset of all objects in every domain’s “Domain” partition.

Purpose - Different computers can locate object in different domain.
I can look up a user if I’m in Australia for a domain in the US, but it won’t have all attributes about the object, just the subsets of objects.

Question 15

IMPORTANT

Answer 15

Just to be safe, create a domain name that is unique. If you copy someone else’s and integrate to the cloud this could cause problems

Question 16

Change hostname

Disable ipv6
give a unique ipv4 address and put it’s loopback as it’s DNS server

Install ADDS and add a new forest

Answer 16

Server Manager > local host > click name > yada yada

Roles and Features
After it’s done promote your server to a domain controller.

Question 17

What is the functional level of a DC

Answer 17

Highest functional level you can use according to your newest server.

This just says how up to date with features you can get.

Remember Global Catalog

Question 18

NETBios name?

Answer 18

For older devices. Legacy name.
Older devices = 1990s devices

Question 19

What is SYSVOL?

Answer 19

C:\Windows\SYSVOL

Group policy info and logon scripts are stored.

C:\Windows\NTDS

Question 20

Change hostname of your second server and add to domain

Confirm server is on the domain

Answer 20

Local server > click name > configure > also change domain to GameSharks.com

REMEMBER TO ADD DC1 AS YOUR DNS

Server Manager > AD users and computers > computers > you’ll see it here.

Question 21

Create a VM on Azure

Answer 21

Azuer > resource groups (area to add azure objects) >resource group “vmtest” > review > create > Go into it. > create > search for windows server 2022 > click it > search for 2022 in drop down box > create > AzureDC1 (for the name) > anyway, just go through the options until you pay for it.

To stop is:
Click on the AzureDC1 object and click Stop
Click the azuerdc1 object, copy the ip > click connect > open the file.

Azure pricing calculator < - if you want to know how much this will cost.

Question 22

What is RODC?

Answer 22

Read only domain controller

This can be useful if you have a small office somewhere where they don’t have a full time IT person. We can add a RODC here that can authenticate users. This is so something doesn’t mess up the whole Forest. This won’t replicate out, only things outside replicate in.

If it doesn’t have a password, it will request it to login from the rw DC.
It can actually have DNS.

Question 23

Set up a RODC server:
pre-stage
Add user to RODC group for fast authentication caching

Answer 23

pre-stage - you plan to set up a RODC server in the future. Like you have a server shipped to a location and you want it to be ready for it.

You can make this faster by disabling the NIC

Server Manager > tools > AD Users and Computers > Domain Controllers OU > Right click pre-create… > Group or user (you can give this to someone down at the location that I can help to configure there server) >

To specify what accounts will be cached for passwords
Right click RODC server > properties > Password Replication Policy > Deny all but one group, the employees will go into that allowed group.

Create a user and put them in that group

Question 24

Create a RODC server from the server itself

Answer 24

Install AD > promote to DC > add to domain >

If you have an error during this it needs to have the DC as the DNS

Question 25

What service is used for remote powershell?

What ports does it use?

Answer 25

5985 over http connection
5986 https for powershell

Computer Management > Services > WinRM Windows remote manage services

get-service -name winrm

winrm quickconfig

Question 26

Show services that are running on nyc-srv1 from the other server

Do this in a different way for getting the last 5 eventlogs for security

Now shell into the powershell of that system

Show the processes for two servers

Answer 26

Get-process -ComputerName nyc-svr1

Invoke-command -computername nyc-svr1 -scriptblock {get-eventlog -logname security -newest 5}

enter-pssession -computername nyc-svr1
exit

get-process -computername nyc-dc1,nyc-server1

Question 27

Create a variable for
number1 and have it equal 5
number2 and have it equal 10
Show your variables one at a time
Show all variables
subtract them

Answer 27

$number1 = 5
$number2 = 10
get-variable
$number1 - $number2

Question 28

Go into ISE
create a script that lets you enter
computer name
log type
latest amounts

to look up 10 newest application logs

Show as a list instead of a table

How would you run a single line?

Answer 28

ise
View - turn on the script thingy

$name = Read-host “Which computer would you like to connect to?”

$log = read-host “Which log would you like to see”

$amount = read-host “how many of the newest entries would you like to see?

get-eventlog -computername $name -logname $log -newest $amount |format-list

save as ps1 file

Highlight a line and click “play”

Question 29

What does FSMO mean

Answer 29

Flexible Single Master Operations

Changes replicate from DC to DC
Certain jobs shouldn’t have multiple writable copies or it would mess something up. The jobs:

Forest Level Roles (One writable copy per forest):
Normally stored in root of forest

Domain Naming Master - knows all the trusts. Makes sure all domain names are unique.

Scheme Master - Master copy of schema database - attributes and objects info to build.

Domain (every domain has a copy of these three roles ALL DCs have Read only copy of all the roles:

RID Master - Relative ID Master - Every object must have unique ID. This gives them out to objects.
Gives a RID pool out to a DC that they can use.

Infrastructure Master - group to user references. Like someone has access to resources in two different domains.

PDC Emulator Master - Password changes. Handles Time Syncing for sake of Kerberos. Handles Group Policies. Handles Legacy NT Boxes

Question 30

See all FSMO roles

PDC, Infrastructure, RID

Domain Master

Schema Master

Answer 30

Server Manager > tools > AD Users and Computers > Right click domain object > operation master > PDC, Infrastructure, RID

Server Manager > AD Domains and Trust > Right click Active Directory Domains and Trusts > Operations Master > Domain Master

Start > run > regsvr32 schmmgmt.dll

mmc.exe < - Microsoft Management Console > File > Add Remove Snap in > Add that tool > Right Click AD Schema > Operation Master

Question 31

If you want to transform a DCs FSMO role, how would you do it.

Answer 31

From the computer that you want to have the role.

Server Manager > tools > AD Users and Computers > Right click domain > operations masters > Click whichever > change … > yes

Question 32

What is seizing a role and how would you perform it?

Answer 32

if a role goes down unexpectedly, seizing can convert a read only copy.

CMD > ntdsutil > ? > Roles > enter > ? > Sieze PDC

POWERSHELL
move-addirectoryserveroperationmasterrole -identity nyc-svr1 -operationmasterrole

Question 33

Give yourself Privileges on ADDS

Answer 33

Portal.azure.com > Menu > Azure Azure Active Directory > click AAD DC Administrators > Click Members > add member > add yourself.