Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unit 7 NT1330 Client-Server Networking II Date: 7/26/2016

Published byErica Higgins Modified over 5 years ago

Similar presentations

Presentation on theme: "Unit 7 NT1330 Client-Server Networking II Date: 7/26/2016"— Presentation transcript:

1 Unit 7 NT1330 Client-Server Networking II Date: 7/26/2016
ITT TECHNICAL INSTITUTE NT1330 Client-Server Networking II Date: 7/26/2016 Instructor: Williams Obinkyereh

2 Class Agenda 1 Learning Objectives Lesson Presentation, Discussions and video. Assignments and Lab Activities. Break Times. 10 Minutes break in every 1 Hour. Note: Submit all Assignment and labs due today.

3 Class Agenda 2 Theory : Unit 6:00pm-8:00pm) Lab : (8:15pm to 11:00pm) Text book: Windows Server 2008 Active Directory Configuration MOAC Lesson 6

4 Security Planning and Administrative Delegation
Lesson 6

5 Skills Matrix Technology Skill Objective Domain Objective #
Creating an OU Structure Maintain Active Directory accounts 4.2

6 Naming Standard User logon names will follow a corporate naming standard. You will usually create a naming standards document to outline the rules for naming all Active Directory objects.

7 Create strong passwords:
At least eight characters in length. Contains uppercase and lowercase letters, numbers, and non-alphabetic characters. At least one character from each of the previous character types. Differs significantly from other previously used passwords.

8 Strong Passwords A strong password should not be left blank or contain any of the following information: Your user name, real name, or company name. A complete dictionary word. You can use group policies to enforce strong passwords

9 Authentication is the process of proving who you are.
There are multiple methods of authentication: What you know (password or PIN). Who you are (retinal scan or thumb print). What you have (smart card). Some of these methods can be used so that users no longer need to remember passwords.

10 Administrative Accounts
You should not use an account possessing administrative privileges for daily tasks, such as browsing the Web or monitoring . Administrative accounts should be reserved for tasks that require administrator privileges.

11 Run as Administrator and Runas Command
The recommended solution for reducing the risks associated with the Administrator account is to use a standard user account and the Run as administrator option in the GUI or The runas command-line tool when it is necessary to perform an administrative task.

12 Using Run As from the GUI
From the Start button, navigate to the application you wish to run. Press and hold the Shift key and right-click the desired application. Select the Run as administrator option. Again, emphasize that for administrators, you should have two accounts.

13 Organizational Units Can be created to represent your company’s functional or geographical model. Can be used to delegate administrative control over a container’s resources to lower-level or branch office administrators. Can be used to apply consistent configuration to client computers, users and member servers.

14 Creating an Organizational Unit
To create an organizational unit, you would use the Active Directory Users and Computers console.

15 Delegation of Control Creating OUs to support a decentralized administration model gives you the ability to allow others to manage portions of your Active Directory structure, without affecting the rest of the structure. Delegating authority at a site level affects all domains and users within the site. Delegating authority at a domain level affects the entire domain. Delegating authority at the OU level affects only that OU and its hierarchy.

16 Delegation of Control Using the Delegation of Control Wizard, you utilize a simple interface to delegate permissions for domains, OUs, or containers.

17 Verifying and Removing AD Permissions
Must Enable Advanced Features in Active Directory Users and Computers. Found in the View menu. Then right-click an OU or an account and select Properties. Select the Security tab. Demonstrate difference between Advanced View and non-Advanced View. Show that the security tab shows up and additional containers show up when in Advanced mode.

18 Verifying and Removing AD Permissions
Review how permissions work. Permissions are cumulative when added together from users and groups. Also Deny always wins out.

19 Moving Objects within Active Directory
Windows Server 2008 allows you to restructure your Active Directory database by moving leaf objects such as users, computers, and printers between OUs, in addition to moving OUs into other OUs to create a nested structure. When you move objects between OUs in a domain, permissions that are assigned directly to objects remain the same. Objects inherit permissions from the new OU.

20 Unit 6 Assignments and Labs
Unit 7. Assignment 1. AD Password Policy Planning Unit 7. Lab 1. Employing Security Concepts Unit 7. Exercise 1. AD OU Planning Scenario

Download ppt "Unit 7 NT1330 Client-Server Networking II Date: 7/26/2016"

Similar presentations

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
XP Tutorial 9 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Exploring Your Network Tutorial 9.

XP Tutorial 9 New Perspectives on Microsoft Windows XP 1 Microsoft Windows XP Exploring Your Network Tutorial 9.
MOAC : Installing and Configuring Windows Server 2012

MOAC : Installing and Configuring Windows Server 2012
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
7.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

7.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
6.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

6.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
3.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.

3.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 3: Introducing Active Directory.
10.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

10.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Administering Active Directory

Administering Active Directory
Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.

Lesson 19 – ADMINISTERING WINDOWS 2000 SERVER : THE BASICS.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
7.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.

7.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 7: Introducing Group Accounts.
Guide to MCSE 70-290, Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.
Guide to MCSE 70-290, Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.
9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam 70-217 Microsoft® Windows® 2000 Directory Services Infrastructure.

9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.
Module 2 Creating Active Directory ® Domain Services User and Computer Objects.

Module 2 Creating Active Directory ® Domain Services User and Computer Objects.
9.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

9.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
CH 12 Securing Windows Server 2008. Objectives Understand the security enhancements included in Windows Server 2008 Understand how Windows Server 2008.

CH 12 Securing Windows Server Objectives Understand the security enhancements included in Windows Server 2008 Understand how Windows Server 2008.

Similar presentations

Ads by Google