First step with the Active Directory
In this part, we will see several things:
- Organizational Units (OUs) that are similar to folders that will allow us to organize the directory.
- Creating a user
- The joining of a post to the domain
- Connect with the previously created user to the computer.
The term object is used to define the different elements that can be stored in the Active Directory.
All manipulations will be performed on the Active Directory Users and Computers console.
1. Open the Active Directory Users and Computers console.
Creation of Organization Units OU
In this part, we will create 3 OU. The first IT in which we will create two other OU (users and computers), which will be used to store the objects of the IT department.
There are also OU in the Group Policy Management console that allow you to apply GPOs to some of the AD objects.
1. Right-click on domain 1 , go to New 2 and click on Organization Units 3 .
2. Enter the name of the OU 1 and click OK 2 .
3. The OU is created 1 .
4. Create two OU (Users and Computer) in IT.
Creating a user
1. Click on the user icon 1 , enter the first and last name 2 , the identifier 3 then click Next 4 .
2. Enter the password 1 and click Next 2 .
As you can see in the screenshot below, I left check User must change password at next logon.
3. Click Finish 1 to add the user.
4. The user is added to the directory 1 .
Join a computer at the domain
To join a computer to the domain, it must be ensured that it can contact him, open a command window and ping the domain name.
If you do not have a response to ping, you must configure the IP settings of the computer with DNS as the domain controller.
To resolve external domain names, you need to set up DNS forwarders.
1. Open the system properties and click Edit 1 .
2. In the Member of a section, select Domain 1 , enter the domain name 2 and click OK 3 .
3. Enter the information 1 from an authorized account to join extensions to the domain and click OK 2 .
4. Close the confirmation window by clicking OK 1 .
The firewall may be blocking communication with the domain controller.
5. Restart the station for the application of the entry in the domain.
6. Return to the Active Directory Users and Computers console and go to the Computers 1 folder where the computer counter 2 should be located.
7. Select the object and drag and drop into the IT / Computers OU.
Connect to the computer
1. Go back to the computer and do a CTRL + ALT + DELETE.
2. Windows offers to connect with the last used account, click Change User 1 .
3. Click on Other user 1 .
4. Enter the identifier and pass mode 1 of the account that was previously created and confirm by pressing Enter.
Under the password field, we see that the session opens on the LAB domain.
5. A message appears indicating that the user must change his password, click OK 1 .
6. Enter the password name (x2) 1 and confirm 2 .
7. Click OK 1 on the confirmation message.
8. Wait during the opening session …
9. The session is open with the user created in the Active Directory.
10. (optional) Open a command window and enter set. The command returns the environment variables of the system, it allows to see on which domain controller the session has been validated LOGONSERVER and the domain with USERDNSDOMAIN and USERDOMAIN.