Thursday 4 December 2014

Disable Strong Passwords Enforcement in windows domain (2008)

Hello,
Today, I will introduce how to allow domain users to use simple passwords. As you know Windows Server by default doesn't allow for a simple password.
Note that this is only for educational purpose. If you intend to apply it for your production environment, make sure that your company's policy allows for that.
To do this you need first to be a member of domain administrators
- Log on to your domain controller
 - Go to Control Panel >> Administrative Tools >> Group Policy Management




- Navigate to Default Domain Policy.Right click and choose edit
- From Computer Configuration > Windows settings > Security > Account Policies

Notice that all passwords and account settings are shown in the right tab
To allow password to be simple, double click on Password must meet complexity requirements
- Change the selected value to Disabled then click OK
- The last step is to update the policy 
Go the the command line and type 
gpupdate /force

That's it! 

Friday 28 November 2014

How to create AD DS with DNS integrated in Windows 2008 Server

Second Lab. (Installing Active Directory and DNS service)
Lab information:
- Level: Beginner
- Estimated time to finish this lab: 0.5 an hour
After this lab, student will be able to:

- Install Active Directory Directory Services & Domain Name Service.
Installing Active Directory Domain Service.
Now after you have installed Windows 7 and windows 2008 operating systems, it is time to start working with domain service to make it a domain controller.
Before you begin:
- Make sure that your server has a meaningful name, we will use "DC1"
1- Go to start menu > right click on computer and choose property.
2- Choose Advanced System Settings from the left options



- Click on Computer Name Tab
- Click on Change button
- Type DC1 in the field of Computer Name:
- Click OK to Save and you will need to restart the computer.
- Make sure that you have assigned a static private IP address for the server. For this purpose, the ip address will be configured as the following:
- Go to start and choose Network.
- Now click on Network and Sharing Center, as pointed in the figure:
- Click on Manage Network Connections
now go to Local Area Connection> Right Click> Properties> Double click on Internet Protocol Version 4 (TCP/IPV4)
Click on use the following options, as shown below>
Now enter the following information in each field
Name
Number
Notes
IP address
192.168.1.1
Private static IP address
Subnet mask
255.255.255.0
Class C
Default gateway
Leave it empty
DNS
127.0.0.1
Loop back
Now your network configurations should be like this




- Now click OK to save your settings.
- Make sure that IPv6 is not enabled
- Now we will start to install Active Directory and DNS Services.
- Go to Start> Run and Type DCPROMO and press enter to begin.
- A small message will popup click continue

- Now Active Directory Domain Service installation wizard will begin as the following
- Then the welcome screen will appear. Read it and then click next.
- Next screen is a small introduction to Active Directory and compatibility issues with window NT 4.0 Click next

- The next screen the deployment method. Since it is the first time to install the Active Directory, choose the second option (Create a new domain in a new forest) and click next



- The next screen is about the Full Qualified Domain Name. We will use Training.local
type Training.local, click next and wait for moments.



- The next screen is for Forest functional level, this will be used for dealing with other domain controller in your company. for example, if you have windows server 2008 domain controller make sure that the forest functional level is set to 2008, and so on. now click next



- The next screen is about domain functional level, the same applied for the forest functional level. and click next.
- Now the next screen is for DNS Server. Make sure that DNS Server is checked and click next



- The next screen is about Database, log file and SYSVOL files destinations. you can change the destination or leave them as default. We will leave them as default. Click Next

- The next screen is for Directory Services Restore Model Administrator Password. This will be used later in case of restoring for Directory Services. It doesn't have to be the same as administrator's password, but make sure that you can remember this password. and click next.

- Now the Summary screen of your all settings will be shown. You can export it to text file for later use. Please Click Export Settings and save it as Summary.text
- Now the installation will begin. Make sure that you checked the option of Reboot on completion.
Wait until the installation finishes and the server will be restarted.




- Now have a look at server manager, you will see that DNS, Active Directory Service Roles are installed as shown

- Next lab will be about installing an Additional Domain Controller