Windows Server 2003 Active Directory Labs

0782144519 Ancillaries
WINDOWS SERVER 2003 ACTIVE DIRECTORY PLANNING,

IMPLEMENTING, AND MAINTENANCE STUDY GUIDE (70-
294), SECOND EDITION
LAB EXERCISES
Instructor: Plan ahead to have your students install all the features needed for
labs you want to assign, as well as those you will use for your own demonstrations. All of
the labs are written such that they may be copied and handed directly to the students to
perform. If any of the labs do not correspond with the environment available to you, skip
those labs and utilize only the ones your students can execute.
CHAPTER 1: OVERVIEW OF THE ACTIVE DIRECTORY
Lab 1: Look for Successful Implementations
In this exercise, you will look at case studies for successful implementation of
Microsoft Windows Server 2003. This exercise requires Internet access.
1. Open Internet Explorer and go to the Windows Server 2003 site at
http://www.microsoft.com/windowsserver2003/default.ms
px.
2. Click on Product Information.
3. Scroll down the options and choose Case Studies, then choose All Windows
Server 2003 Case Studies.
4. Per any other instructions from your instructor, choose at least five cases from
those presented. Analyze the cases and determine why Windows Server 2003
was the right operating system to install in that environment.
CHAPTER 2: PLANNING AND INSTALLING THE ACTIVE

DIRECTORY
MCSE: Windows Server 2003 Active Directory Planning, Implementing, and Maintenance Study Guide, Second
Edition © Wiley Inc. 2006. All Rights Reserved.
Lab 2: View the Complete List of Top-Level Domains
In this exercise, you will view the complete listing of top-level domains. This
exercise requires Internet Explorer and Internet connectivity.
1. Open Internet Explorer.
2. Go to http://www.icann.org.
3. Choose Top-Level Domains (TLDs).
4. Read the text and view the TLDs in the list.
5. Go back to the home page. Choose Country-Code Top-Level Domain
Resource Materials and read the text there.
Lab 3: Work with nslookup
In this exercise, you will run the nslookup utility in interactive mode and
become more familiar with it.
1. Open a command prompt.
2. At the command line, enter nslookup.
3. At the interactive prompt, type help.
4. View the list of possibilities.
5. Enter the name of a server and view the results.
6. Enter the command ls.
7. You should now see the addresses within the domain. Enter the command
exit.
Lab 4: Work with WHOIS
This lab demonstrates how to use the WHOIS search to see what names are
available. It requires Internet access.
1. Open Internet Explorer.
2. Go to http://www.verisign.com/nds/naming/.
3. Beneath WHOIS, enter Sybex.com.
4. Notice the detailed information, including the status and name server.
5. Enter a series of random keystrokes, and add .com on the end to see the results
when the domain is available.
Lab 5: Convert to NTFS
In this exercise, you will convert a FAT or FAT32 partition to NTFS, without data
loss. To do this exercise, you must have a FAT/FAT32 partition on the existing
workstation.
2. At the command line, enter convert C: /fs:ntfs.
3. Follow the prompts to complete the conversion.
Lab 6: Use PING to Test the Network Connectivity
In this exercise, you will use the PING utility to test network connectivity from the
host.
2. Enter the command ping 127.0.0.1.
3. You’ll see a display of echo responses from the loopback address. When it’s
completed, enter the command ping w.x.y.z, where w.x.y.z is the IP
address currently in use on your host.
4. Enter the command ping a.b.c.d, where a.b.c.d is the IP address of
your default gateway.
5. Enter the command ping e.f.g.h, where e.f.g.h is the IP address of a
neighboring host.
6. Enter the command ping name, where name is the name of the remote host
that you earlier pinged by IP address.
Upon completion of these steps, you will have verified that connectivity exists and
name resolution is working properly.
Lab 7: Use TRACERT to Test the Network Connectivity
In this exercise, you will use the TRACERT utility in place of PING to test
network connectivity from the host and see the route that data is taking.
2. Enter the command tracert w.x.y.z, where w.x.y.z is the IP address
currently in use on your host. The response should be almost immediate; you
can see that there was not truly a route taken in order to go from your machine
back to your machine.
3. Enter the command tracert a.b.c.d, where a.b.c.d is the IP address
of your default gateway.

4. Enter the command tracert e.f.g.h, where e.f.g.h is the IP address
of a neighboring host.
5. Enter the command tracert i.j.k.l, where i.j.k.l is the IP address
of a remote host on another network. Not only will you see that the host is
accessible, but also the path that is taken to reach that host.
Lab 8: Use PATHPING to Test the Network Connectivity
In this exercise, you will use the PATHPING utility to test network connectivity
from the host and see the route that is taken.
2. Enter the command pathping 127.0.0.1.
3. A display of echo responses from the loopback address appears. When it’s
completed, enter the command pathping w.x.y.z, where w.x.y.z is
the IP address currently in use on your host.
4. Enter the command pathping a.b.c.d, where a.b.c.d is the IP
address of your default gateway.
5. Enter the command pathping e.f.g.h, where e.f.g.h is the IP
address of a neighboring host.
6. Enter the command pathping i.j.k.l, where i.j.k.l is the IP
address of a remote host on another network. Not only will you see that the
host is accessible, but also the path that is taken to reach that host. This
combines the best of PING with the best of TRACERT.
Lab 9: Configure Log File Properties
This lab illustrates how to set the parameters on a log file.

1. Open Event Viewer and right-click the System Log. Choose Properties from
the pop-up menu.
2. Set the properties of the log to “Overwrite events as needed,” and double the
amount of room currently allocated for the log.
3. From the command line, search for files that end in .evt. Enter dir
c:\*.evt /s. Files found are the event log files: System
(SysEvent.evt), Applications (AppEvent.evt), and Security
(SecEvent.evt).
Lab 10: Edit the HOSTS file
In this lab, you will edit the HOSTS file, which can be used in place of DNS for
name resolution..
2. Enter the command ping sybexbooks. An error message will tell you that
the host is unknown.
3. Start a text editor of your choice.
4. Open the file HOSTS in the \Windows\System32\drivers\etc
folder.
5. The last line of the file should identify the loopback address; it will look
something like this:
127.0.0.1 localhost
Move to one space past this entry and add sybexbooks such that the line now
reads
127.0.0.1 localhost sybexbooks
Note: Make sure that no pound character (#) appears in this line.
6. Enter the command ping sybexbook. The echo messages from the local
host should now appear.
CHAPTER 3: INSTALLING AND MANAGING TREES AND

FORESTS
There are no additional labs for this chapter. Be sure to do all the labs within the
chapter.
CHAPTER 4: CONFIGURING SITES AND MANAGING

REPLICATION
Lab 11: Explore Your TCP/IP Configuration
In this exercise, you will check to see if TCP/IP is configured and the values that
are currently in use.
1. From the Start menu, choose Control Panel, and then Network Connections,
Local Area Connection.
2. The General tab showing the status of the network connection will be open.
Click the Support tab.

3. Observe the IP address and subnet values currently in use.
4. Click the Details button to see information on the DNS and WINS servers.
5. Click Close and exit the interface.
Lab 12: Examine the Configuration from the Command Line
In this exercise, you will use the IPCONFIG utility and examine how TCP/IP is
configured from the command line.
1. From the Start menu, choose Command Prompt.
2. At the command prompt, type IPCONFIG.
3. Note the IP address and subnet values.
4. At the command prompt, type IPCONFIG /ALL.
5. In addition to the IP address and subnet values, notice that you now also see
values for DNS and WINS configuration.
Lab 13: Changing System Monitor Views
This lab demonstrates the different views available within System Monitor.
1. Start System Monitor and notice that it loads with a default of three objects
being monitored.
2. From the command line, do a directory listing of the hard drive (dir /s) to
create some activity, and notice how it looks within System Monitor.
3. Change to Histogram view by clicking the Histogram View button on the
toolbar.
4. Switch to Report view and repeat the process.
Lab 14: Create an Alert
This lab will illustrate how Windows Server 2003 can monitor its operations and
send an alert when thresholds are exceeded.
1. Open the System Monitor tool, and expand Performance Logs and Alerts.
2. Right-click Alerts and click New Alert Settings.
3. Name the alert Test1.
4. In the General tab, track the Network Interface > Bytes Total/Sec counter. Set
an Alert when the value is over 100 with a sample of once per second.
5. In the Action tab, enter net send computername Network
activity over 100 (replacing computername with the name of your
computer).
6. Right-click the new alert and start it from the shortcut menu. Have a partner
ping your IP address, or connect to one of your shared folders and copy a file
from it. The alert should be triggered.
CHAPTER 5: ADMINISTERING THE ACTIVE DIRECTORY

There are no additional labs for this chapter. Be sure to do all of the labs within the
chapter.
CHAPTER 6: PLANNING SECURITY FOR ACTIVE

DIRECTORY
Lab 15: Create a Local Policy
This lab demonstrates how to create a local policy requiring passwords to be 8

characters long.
1. From the Start menu, choose Run.
2. Enter gpedit.msc.
3. Under Computer Configuration, expand Windows Settings, Security Settings,
and Account Policies.
4. Choose Password Policy and double-click on the option Minimum Password
Length.
5. The default value is 0. Change this to 8, choose OK and exit the console.
Lab 16: Test Password Configuration Settings
This lab illustrates how to test password configuration settings that were set in Lab
15.
1. From the Start menu, choose Administrative Tools  Computer Management
 Local Users and Groups.
2. Choose Users and add a new user. Use your own username and information.
3. Uncheck the box User Must Change Password at Next Logon.
4. In both of the password boxes, enter walker and click the Create button.
5. An error message tells you that the password does not meet the minimum
length requirements. Change the password to jameswalker in both boxes and
click Create. This time, the user will be added without any errors.
Lab 17: Test User Account Naming Rules
This lab illustrates the rules for naming user accounts.

1. From the Start menu, choose Administrative Tools  Computer Management
 Local Users and Groups.
2. Choose Users and add a new user. Try to create another user using your own
username and information.
3. When you click Create, an error will tell you that the username is already in
use.
4. Exit the User Accounts without saving your changes.
Lab 18: Validate a Policy with SECEDIT
In this exercise, you will validate a security policy from the command line with
the SECEDIT.EXE utility.
2. Move to the security\templates folder under Windows on the root
drive.
3. Type secedit /validate hisecws.inf. A message will report that
the template file is validated.
4. Enter copy hisecws.inf emmett.inf.
5. Type secedit /validate emmett.inf. A message will report that the
template file is validated.
6. Start a text editor of your choice and open the emmett.inf file.
7 Near the top of the file will be the variable $Chicago$. Change this to
$Ballpoint$, then save and exit the file.
8. Type secedit /validate emmett.inf. A message will indicate that
the file is corrupt and should not be used.
Lab 19: Refresh a Computer Policy
In this exercise, you will refresh a computer policy from the command line. The
book illustrates that this can be done with SECEDIT using the /refreshpolicy
switch, but that is no longer possible. This exercise illustrates the method by which a
policy is now refreshed in Windows Server 2003.
2. Type gpupdate. A message reports that both the computer policy and the
user policy have been refreshed.
Lab 20: Export the Current Security Settings
In this exercise, you will use the SECEDIT utility to export the current
configuration to a template file that can be used should the current settings ever need to
be reapplied.
2. Enter the command secedit /export /CFG sybex.inf. A message
indicating that the sybex.inf file does not exist should appear.
3. Enter the command type sybex.inf. View the newly created template.
CHAPTER 7: ACTIVE DIRECTORY OPTIMIZATION AND

RELIABILITY
Lab 21: Terminate a Runaway Application
This lab shows how to terminate a runaway application and prevent it from further
utilizing resources.
1. Launch the Notepad program. Imagine that it is a runaway and won’t close by
normal methods.
2. Right-click on a blank space on the taskbar and choose Task Manager from the
pop-up menu.
3. Locate the entry for Notepad in the Applications tab, and select it.
4. Click End Task.
5. Notice that the Notepad Window closes.
Lab 22: Add Verbose Details to Certificate Service Events
Events from Certificate Services are written to the Application log (which can be
viewed with Event Viewer). This lab illustrates how to add verbose details to events
written to the Application log. This is useful for troubleshooting.
2. At the command line, enter net stop certificate.
3. At the command line, enter certutil –setreg ca\loglevel 4.
4. Enter net start certificate.
CHAPTER 8: PLANNING, IMPLEMENTING, AND MANAGING

GROUP POLICY
Lab 23: Use GPRESULT
This lab illustrates how to use GPRESULT.EXE to get RSoP information from the
command line.
2. At the command line, enter gpresult. Notice the items calculated and
displayed.
3. At the command line, enter gpresult /v. You can see that turning on the
verbose mode provides considerably more information.
Lab 24: Use GPRESULT to Obtain Machine Information
The chapter discusses using the /SCOPE MACHINE switch with

GPRESULT.EXE, but this is not supported in Windows Server 2003. This lab illustrates
how to use GPRESULT.EXE to get RSoP information about the machine from the
command line.
2. At the command line, enter gpresult /scope computer. The display is
limited to the computer.
3. At the command line, enter gpresult /scope user. Notice that the
display is now limited to users.
CHAPTER 9: SOFTWARE DEPLOYMENT THROUGH GROUP

POLICY
Lab 25: Map a Network Drive from the Command Line
In this exercise, you will use the net use commands to map a network drive on
a server from the command line in Windows Server 2003.
2. At the command line, enter net share. You’ll see a list of shares available
on your host. Those ending with a dollar sign ($) are hidden shares, one of
which should exist for each drive (C$, D$, etc.).
4. Assuming that you do not have a drive X:, enter the command net use
x: \\server\C$, where server is the name of your server.
5. Switch to the X: drive and do a directory listing to confirm that you have just
mapped C: to X:.
Lab 26: Break a Map from the Command Line
In this exercise, you will use the net use commands to remove a network map
from the command line in Windows Server 2003. You must have already finished Lab 25
before attempting this lab.
2. At the command line, enter net use.
3. You should now see a list of network connections, and in that list drive X: is
mapped to \\server\C$, where server is the name of your server.
4. Switch to the C: drive and enter the command net use x: /delete.
5. Attempt to switch to the X: drive and do a directory listing. An error will state
that the system cannot find the drive specified.
6. At the command line, enter net use. Verify that the map no longer appears.
Lab 27: See What Shared Connections Are in Use
This lab must be done on a computer that has a shared folder and users who are
accessing it.
1. From the Start menu, choose Administrative Tools  Computer Management.

2. Expand Shared Folders, and click Shares.
3. Look for an entry with the number of client connections greater than zero.
Right-click that entry and choose Properties; then choose the Share
Permissions tab to see the share permissions for the entity. Click OK.
Lab 28: See Who Is Sharing a Connection
This lab continues on from the preceding one and must be done on a computer that
has a shared folder and users who are accessing it.
2. Expand Shared Folders, and click Sessions.
3. The display shows the user and computer accessing your shares and the
number of open files. Click on Open Files to see the actual files in use.
4. Go back to Sessions. Right-click the user and choose Close Session from the
pop-up menu.
5. Exit Computer Management.
Lab 29: Disconnect All Sessions
This lab must be done on a computer that has a shared folder and users who are
accessing it.
2. Expand Shared Folders, and click Sessions.
3. Right-click below the list of open sessions and choose Disconnect All Sessions
from the pop-up menu.
4. At the warning, choose OK to verify that you do wish to close all sessions.
5. Exit Computer Management.
Lab 30: View the Mounted Volumes
This lab illustrates how to use the MOUNTVOL utility to see the mounted volume
names.
2. At the command line, enter mountvol.
The standard help message appears, indicating that you did not give the correct
syntax. At the end of that will be a list of mounted volume names. There
should be one volume for each drive in the system (A:, C:, etc.).
3. Enter mountvol c: /l. Only the volume name for C: appears.

Windows Server 2003 Active Directory Labs

Transféré par

Informations du document

Description originale:

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Windows Server 2003 Active Directory Labs

Transféré par

Droits d'auteur :

Formats disponibles

0782144519 Ancillaries

WINDOWS SERVER 2003 ACTIVE DIRECTORY PLANNING,

CHAPTER 1: OVERVIEW OF THE ACTIVE DIRECTORY

Lab 1: Look for Successful Implementations

CHAPTER 2: PLANNING AND INSTALLING THE ACTIVE

Lab 2: View the Complete List of Top-Level Domains

Lab 3: Work with nslookup

Lab 4: Work with WHOIS

Lab 5: Convert to NTFS

Lab 6: Use PING to Test the Network Connectivity

Lab 7: Use TRACERT to Test the Network Connectivity

of your default gateway.

Lab 8: Use PATHPING to Test the Network Connectivity

Lab 9: Configure Log File Properties

This lab illustrates how to set the parameters on a log file.

Lab 10: Edit the HOSTS file

CHAPTER 3: INSTALLING AND MANAGING TREES AND

CHAPTER 4: CONFIGURING SITES AND MANAGING

Lab 11: Explore Your TCP/IP Configuration

Click the Support tab.

Lab 12: Examine the Configuration from the Command Line

Lab 13: Changing System Monitor Views

Lab 14: Create an Alert

CHAPTER 5: ADMINISTERING THE ACTIVE DIRECTORY

CHAPTER 6: PLANNING SECURITY FOR ACTIVE

Lab 15: Create a Local Policy

This lab demonstrates how to create a local policy requiring passwords to be 8

Lab 16: Test Password Configuration Settings

Lab 17: Test User Account Naming Rules

This lab illustrates the rules for naming user accounts.

Lab 18: Validate a Policy with SECEDIT

Lab 19: Refresh a Computer Policy

Lab 20: Export the Current Security Settings

CHAPTER 7: ACTIVE DIRECTORY OPTIMIZATION AND

Lab 21: Terminate a Runaway Application

Lab 22: Add Verbose Details to Certificate Service Events

CHAPTER 8: PLANNING, IMPLEMENTING, AND MANAGING

Lab 23: Use GPRESULT

Lab 24: Use GPRESULT to Obtain Machine Information

The chapter discusses using the /SCOPE MACHINE switch with

CHAPTER 9: SOFTWARE DEPLOYMENT THROUGH GROUP

Lab 25: Map a Network Drive from the Command Line

Lab 26: Break a Map from the Command Line

Lab 27: See What Shared Connections Are in Use

1. From the Start menu, choose Administrative Tools  Computer Management.

Lab 28: See Who Is Sharing a Connection

Lab 29: Disconnect All Sessions

Lab 30: View the Mounted Volumes

Vous aimerez peut-être aussi