StudyDaddy Information Systems Need help with the course Enterprise management and Automation. Topics include Active directory automation, iSCSI, RAID - Storage Redundancy.

Need help with the course Enterprise management and Automation. Topics include Active directory automation, iSCSI, RAID - Storage Redundancy.

P ow erS hell Auto m atio n fo r Activ e Dir e cto ry Ste ph en.S harp e@ nscc.c a ( S erv e r Core Edit io n) E nvir o nm en t Setu p (R ea d This Fir s t!) 1 .

Serv er Core In sta lla tio n ○ You must perfo rm all ta sks on a Win d ow s Serv e r Core in sta ll a tio n, not th e fu ll GUI.

○ Verif y yo u’r e in Serv e r Core (n o GUI sh ell ) .

If yo u se e a deskto p en vir o nm ent, th at’s th e wro ng edit io n!

2 .

Local User (F ir s t Nam e) in Adm in is tr a to rs Gro u p ○ Befo re pro m otin g yo ur mach in e to a dom ain co ntr o lle r, cre a te a lo cal user nam ed afte r yo ur fir s t nam e (e .g ., if yo u are Ja m es Bon d, use Jam es ).

A dd th is use r to th e lo cal ad m in is tr a to rs gro up on th e Serv e r Core syste m .

E xa m ple co m mands:

n et use r Ja m es P@ ssw 0rd 123 /a dd n et lo ca lg ro up Adm in is tr a to rs Ja m es /a dd ○ This ensu re s yo ur fir s t AD acco unt will be yo u r fir s t nam e and a dom ain adm in is tr a to r, in ste ad of sim ply “A dm in is tr a to r” A ssig n a sta tic IP to yo ur Serv e r Core .

Eit h e r use belo w , or sco nfig E xa m ple :

N ew -N etIP A ddre ss -In te rfa ce A lia s "E th e rn e t" -IP A ddre ss 192.1 6 8.1 .1 0 -P re fix L eng th 24 - D efa ult G ate w ay 192.1 68.1 .1 S et- D nsC lie ntS erv e rA ddre ss -In te rfa ce A lia s "E th e rn e t" -S erv e rA ddre sse s 192.1 6 8.1 .1 0 3 .

Custo m Dom ain ○ Your AD dom ain must be yo urL astN am e.c o m . If yo u r la st nam e is Sm it h , use s mith.com . 4 .

Com pute r Nam e R enam e yo ur Serv e r Core mach in e to la stn am e-d c1 (e .g ., S mith-DC1 ) .

Exa m ple :

R ena m e-C om pute r - N ew Nam e " S m it h -D C1" R esta rt- C om pute r 5 .

Pro m ote to Dom ain Contr o lle r ○ Afte r yo u’v e done th e above ste ps (lo ca l ad m in , sta tic IP , re n am e), in sta ll and pro m ote th e mach in e to a dom ain co ntr o lle r fo r yo u r dom ain ( l astname.com ) .

P ow erS hell Auto m atio n fo r Activ e Dir e cto ry Ste ph en.S harp e@ nscc.c a ( S erv e r Core Edit io n) 6 .

Custo m Pow erS hell Pro m pt M odif y yo ur pro m pt in Pow erS hell to dis p la y th e co m pute r nam e and date /t im e as done wit h W in dow s 11 in yo ur Te m pla te In str u ctio ns.

○ Ensu re th is cu sto m pro m pt is vis ib le in all scre e nsh ots .

7 .

Subm is sio n Te m pla te ○ You’ll pla ce all re quir e d scre ensh ots in a sin gle Pow erP oin t file S cen ario / Backsto ry Y ou are now an AD Adm in is tr a to r at Alp haTe ch , ru n nin g on Serv e r Core wit h th e dom ain l astname.com ( re pla ce “la stn am e” wit h yo ur re al su rn a m e).

You’ll auto m ate :

1 .

Onboard in g new use rs fr o m an HR CSV.

2 .

Org an iz in g th em in to se cu rit y gro ups.

3 .

Offb oard in g (d is a blin g) departe d use rs .

4 .

Dele tin g acco unts afte r 90 days.

5 .

Audit in g gro up mem bers h ip s, sp ottin g pote ntia l ove rp riv ile g e.

A ll ta sks re quir e Pow erS hell CLI ve rif ic a tio n (n o GUI to ols ) on yo ur Serv e r Core wit h a cu sto m p ro m pt . P ow erS hell Auto m atio n fo r Activ e Dir e cto ry Ste ph en.S harp e@ nscc.c a ( S erv e r Core Edit io n) P art 1:

Onboard New Users fr o m CSV W hy ● HR data is pro vid ed in CSV fo rm at.

Auto m atin g use r cre atio n sa ve s tim e, avo id s err o rs .

S te p s 1 .

CSV File C re ate C :\UsersList.csv w it h at le ast tw o e ntr ie s, e.g .:

F ir s tN am e,L astN am e,U se rN am e,D epartm en t,E m ail J o hn,D oe,jd oe,IT ,jd oe@ sm it h .c o m J a ne,S m it h ,js m it h ,H R,js m it h @ sm it h .c o m ○ Adju st fo r yo ur actu al la st nam e and dom ain (e .g ., b rown.com ) .

2 .

Onboard in g Scrip t ○ Use or adapt th e pro vid ed scrip t to :

■ Im port th e CSV ■ Check if each use r exis ts ■ If not, cre ate a dis ab le d AD use r acco unt 3 .

CLI Verif ic atio n F ro m Serv er Core Pow erS hell, ve rif y th e use rs were cre a te d:

G et- A D Use r -F ilt e r "S am Acco untN am e -e q 'j d o e' -o r Sam Acco un tN am e -e q 'j s m it h '" ○ Check yo ur cu sto m Pow erS hell pro m pt is vis ib le .

S cre en sh ot #1 ● Sin gle scre ensh ot sh ow in g:

○ Scrip t outp ut (e .g .

“C re ate d use r:

jd oe”).

○ G et-ADUser r e su lt s fo r th ose Sam Acco untN am es.

○ Your cu sto m pro m pt (s e rv e r nam e + date /tim e).

P ow erS hell Auto m atio n fo r Activ e Dir e cto ry Ste ph en.S harp e@ nscc.c a ( S erv e r Core Edit io n) P art 2:

Cre ate Secu rit y Gro ups & Add Users W hy ● Dif f e re nt org aniz a tio nal unit s need dis tin ct re so urc e acce ss.

Gro up s le t yo u co ntr o l perm is sio ns co lle ctiv e ly .

S te p s 1 .

Gro up Cre atio n ○ Cre ate at le ast th re e se cu rit y gro ups (e .g ., D evelopment , O perations , E xecutives ) .

E xa m ple :

$ gro ups = @(" D eve lo pm ent" ," O pera tio ns"," E xe cu tiv e s") f o re ach ($ g in $gro ups) { if (-n ot (G et- A D G ro up -F ilt e r "N am e -e q '$ g'" )) { New -A D G ro up -N am e $g -G ro upS co pe Glo bal -G ro upC ate gory Secu rit y Writ e -H ost "C re ate d gro up:

$g" } } 2 .

Add Users to Gro ups A ssig n yo ur new ly cre ate d CSV use rs to re le va nt gro ups:

A dd-A D G ro upM em ber -Id entit y "D eve lo p m ent" -M em bers "jd oe" A dd-A D G ro upM em ber -Id entit y "O pera tio ns" -M em bers "js m it h " 3 .

CLI Verif ic atio n C heck mem bers h ip :

G et- A D G ro upM em ber "D eve lo pm ent" G et- A D G ro upM em ber "O pera tio ns" G et- A D G ro upM em ber "E xe cu tiv e s" ○ Ensu re yo ur cu sto m pro m pt is vis ib le .

P ow erS hell Auto m atio n fo r Activ e Dir e cto ry Ste ph en.S harp e@ nscc.c a ( S erv e r Core Edit io n) S cre en sh ot #2 ● Sin gle scre ensh ot sh ow in g:

○ Gro up cre atio n messa ges.

○ Mem bers h ip ch eck (e .g ., j doe in “D eve lo pm ent” ).

○ Custo m pro m pt . P art 3:

Offb oard a User (D is ab le Acco unt) W hy ● When so m eone le ave s, dis ab le th eir acco unt fir s t to pre ve nt unau th oriz e d acce ss whil e pre se rv in g th e acco unt fo r re co rd -k e ep in g.

S te p s 1 .

Choose a User ○ Pic k at le ast one use r fr o m Part 1 (e .g ., j doe ) .

2 .

Offb oard in g Scrip t C alls D isable-ADAccount o n th at use r.

Exa m ple :

D is a ble -A D Acco unt - Id entit y jd oe W rit e -H ost "D is a ble d use r:

jd oe" 3 .

CLI Verif ic atio n C heck E nabled p ro perty :

G et- A D Use r - Id entit y jd oe -P ro pertie s Enable d S cre en sh ot #3 ● Sin gle scre ensh ot:

○ Outp ut of th e off b oard in g scrip t.

○ G et-ADUser s h ow in g E nabled:

False . ○ Custo m pro m pt . P ow erS hell Auto m atio n fo r Activ e Dir e cto ry Ste ph en.S harp e@ nscc.c a ( S erv e r Core Edit io n) P art 4:

Dele te Users Afte r 90 Days W hy ● Alp haTe ch ’s polic y is to dele te dis a ble d acco un ts afte r a 90-d ay re te n tio n.

We’l l sim ula te th at win dow in th is la b.

S te p s 1 .

Sim ula te th e 90-D ay Thre sh old ○ Te m pora rily modif y yo ur scrip t to ( Get-Date).AddDays(-1) o r tw eak W henChanged to meet th e tim e re quir e m ent fo r yo ur te st use r.

2 .

Run th e Dele tio n Scrip t F in d dis a ble d use rs old er th an th e th re sh old , re m ove th em :

$ th re sh old = (G et- D ate ).A ddD ays(-9 0) $ old U se rs = Get- A D Use r -F ilt e r { Enable d -e q $fa ls e } -P ro p ertie s WhenC hange d | Where -O bje ct { $_.W henC hanged -lt $th re sh old } f o re ach ($ u in $old U se rs ) { R em ove -A D Use r -Id entit y $u.S am Acco u ntN am e -C onfir m :$ fa ls e W rit e -H ost "D ele te d use r:

$($ u.S am Acco un tN am e)" } 3 .

CLI Verif ic atio n A tte m pt to re tr ie ve th e use r again :

G et- A D Use r -Id entit y jd oe ○ No re su lt or an erro r in dic a te s su cce ssfu l dele tio n.

S cre en sh ot #4 ● Sin gle scre ensh ot sh ow in g:

○ Rem oval scrip t outp ut (e .g ., “D ele te d use r:

jd oe ”).

○ G et-ADUser -Identity jdoe fa ilin g or re tu rn in g noth in g.

○ Custo m pro m pt . P ow erS hell Auto m atio n fo r Activ e Dir e cto ry Ste ph en.S harp e@ nscc.c a ( S erv e r Core Edit io n) P art 5:

Audit Secu rit y Gro ups (E nh an ce d ) W hy ● Audit o rs re quir e se ein g mem bers h ip of ke y gro ups.

They als o fla g any use r who belo ngs to to o man y gro ups (p ossib le exce ssiv e acce ss).

S te p s 1 .

Cre ate More Gro ups ○ Add at le ast th re e new gro ups (e .g ., F inance , R esearch , H R ) .

2 .

Add One User to 6+ Gro ups ○ Pic k a use r (e .g ., j smith ) and add th em to six or more to ta l gro ups.

3 .

Run th e Audit Scrip t ○ Lis t mem bers fo r yo ur orig in al and ne w gro ups.

○ Warn if any use r is in more th an fiv e gro ups.

E xa m ple sn ip pet:

$ gro upsTo A udit = @(" D eve lo pm ent" ," O pe ra tio ns"," E xe cu tiv e s"," F in ance "," R ese arc h "," H R") f o re ach ($ g in $gro upsTo A udit ) { W rit e -H ost "`n M em bers of $g:" G et- A D G ro upM em ber $g | Sele ct Sam Acco untN am e } $ allU se rs = Get- A D Use r -F ilt e r * -P ro pertie s Mem berO f f o re ach ($ u in $allU se rs ) { if ($ u.M em berO f.C ount -g t 5) { Writ e -W arn in g "U se r '$ ($ u.S am Acco u ntN am e)' is in $($ u.M em berO f. C ount) gro ups!" } } 4 .

CLI Verif ic atio n ○ Check th e co nso le outp ut to co nfir m :

■ Each gro up’s mem bers h ip .

■ A warn in g fo r th e use r wit h 6+ mem bers h ip s.

P ow erS hell Auto m atio n fo r Activ e Dir e cto ry Ste ph en.S harp e@ nscc.c a ( S erv e r Core Edit io n) S cre en sh ot #5 ● Sin gle scre ensh ot sh ow in g:

○ Gro up mem bers h ip lis tin gs (a t le ast 6 gro up s to ta l) .

○ Warn in g fo r th e use r in more th an fiv e gro ups.

○ Custo m pro m pt . S ubm is sio n In str u ctio ns 1 .

Pow erP oin t Te m pla te ○ In se rt exa ctly fiv e scre ensh ots (o ne per part) in to th e slid e s as in str u cte d.

A ssig nm en t Recap B y co m ple tin g th ese ste ps on Serv er Core wit h a lo ca l fir s t-n am e ad m in , a sta tic IP , a l astname.com d om ain , and a cu sto m Pow erS hell pro m pt , yo u will dem onstr a te :

1 .

User Onboard in g fr o m CSV (P art 1).

2 .

Gro up Cre atio n & Mem bers h ip man agem ent (P art 2).

3 .

Offb oard in g (d is a blin g acco unts ) (P art 3).

4 .

Dele tin g aged dis a ble d acco unts (P art 4).

5 .

Audit in g gro up mem bers h ip s and de te ctin g ove rp riv ile g ed use rs (P art 5).

A ll Pow erS hell CLI outp uts are sh ow n in fiv e scre en sh ots , ve rif y in g yo ur maste ry of co re AD a dm in is tr a tio n ta sks on Serv er Core .

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!