The document outlines steps for configuring an Active Directory environment, including: 1. Creating OUs and user accounts 2. Adding users to security groups 3. Joining a Windows client to the domain 4. Setting user profile and login restrictions 5. Configuring a trust between two domains with either a two-way or one-way trust relationship The prepared by line indicates the tasks were completed by LENG Tola from the SNA15-B class.

1. Prepared by: LENG Tola SNA15-B

2.  Active Directory, Trust Domain on
Windows.
Homework
1. Create two OU (SNA15-A, SNA15-B)............................................................3
2. Create Users of class SNA-A and SNA-B(Description: Students, Office:
B13,A21)................................................................................................................6
a. Create and use syntax for create users of class SNA15-B.....................6
b. Create and use syntax for create users of class SNA15-A.....................7
3&4. Create two groups for G_SNA15A and G_SNA15A and Add users of
class SNA-A and SNA-B into each groups........................................................12
- G_SNA15A......................................................................................................12
- G_SNA15B......................................................................................................19
4. client joins domain with windows srv2008...............................................25
5. Create user profile on windows client (take one user in class SNA-A&B
login)....................................................................................................................33
a. A user in class SNA-A................................................................................33
b. A user in class SNA-B................................................................................35
6. Set limit hours logon for two users in Class SNA-A&B to login server
(any users)..........................................................................................................39
- Note: Start from 8:00AM to 6:00PM and from Monday until Friday..
Class a.SNA15-A..............................................................................................39
b.Class SNA15-B..............................................................................................40
7. Set temporary or account expire two users for class SNA-A&B (any
users)...................................................................................................................46
8.Delegate two users (Class Monitor) on each OUs.......................................51
10. Configure Trust domain...............................................................................79
Prepared by: LENG Tola SNA15-B

3. 1. Create two OU (SNA15-A, SNA15-B)
Prepared by: LENG Tola SNA15-B

4. Prepared by: LENG Tola SNA15-B

5. Prepared by: LENG Tola SNA15-B

6. 2. Create Users of class SNA-A and SNA-B(Description:
Students, Office: B13,A21)
a. Create and use syntax for create users of class SNA15-B
Prepared by: LENG Tola SNA15-B

7. b. Create and use syntax for create users of class SNA15-A
Prepared by: LENG Tola SNA15-B

8. Prepared by: LENG Tola SNA15-B

9. Prepared by: LENG Tola SNA15-B

10. Prepared by: LENG Tola SNA15-B

11. Prepared by: LENG Tola SNA15-B

12. 3&4. Create two groups forG_SNA15A and G_SNA15A
and Add users of class SNA-A and SNA-B into each
groups
- G_SNA15A
Prepared by: LENG Tola SNA15-B

13. Prepared by: LENG Tola SNA15-B

14. Prepared by: LENG Tola SNA15-B

15. Prepared by: LENG Tola SNA15-B

16. Prepared by: LENG Tola SNA15-B

17. Prepared by: LENG Tola SNA15-B

18. Prepared by: LENG Tola SNA15-B

19. - G_SNA15B
Prepared by: LENG Tola SNA15-B

20. Prepared by: LENG Tola SNA15-B

21. Prepared by: LENG Tola SNA15-B

22. Prepared by: LENG Tola SNA15-B

23. Prepared by: LENG Tola SNA15-B

24. Prepared by: LENG Tola SNA15-B

25. 4. client joins domain with windows srv2008
Prepared by: LENG Tola SNA15-B

26. Prepared by: LENG Tola SNA15-B

27. Prepared by: LENG Tola SNA15-B

28. Prepared by: LENG Tola SNA15-B

29. Prepared by: LENG Tola SNA15-B

30. Prepared by: LENG Tola SNA15-B

31. Prepared by: LENG Tola SNA15-B

32. Prepared by: LENG Tola SNA15-B

33. 5. Create user profile on windows client (take one user
in class SNA-A&B login)
a. A user in class SNA-A
Prepared by: LENG Tola SNA15-B

34. Prepared by: LENG Tola SNA15-B

35. b. A user in class SNA-B
Prepared by: LENG Tola SNA15-B

36. Prepared by: LENG Tola SNA15-B

37. Prepared by: LENG Tola SNA15-B

38. Prepared by: LENG Tola SNA15-B

39. 6. Set limit hours logon for two users in Class SNA-A&B to
login server (any users)
- Note: Start from 8:00AM to 6:00PM and from Monday
until Friday.. Class a.SNA15-A
Prepared by: LENG Tola SNA15-B

40. b.Class SNA15-B
Prepared by: LENG Tola SNA15-B

41. Prepared by: LENG Tola SNA15-B

42. Prepared by: LENG Tola SNA15-B

43. Prepared by: LENG Tola SNA15-B

44. Prepared by: LENG Tola SNA15-B

45. Prepared by: LENG Tola SNA15-B

46. Prepared by: LENG Tola SNA15-B

47. 7. Set temporary or account expire two users for class
SNA-A&B (any users)
- Monday 28th july 2014 (Temporary time)
Prepared by: LENG Tola SNA15-B

48. Prepared by: LENG Tola SNA15-B

49. Prepared by: LENG Tola SNA15-B

50. Prepared by: LENG Tola SNA15-B

51. Prepared by: LENG Tola SNA15-B

52. 8.Delegate two users (Class Monitor) on each OUs
a. Delegate for user chhunly.bin who class monitor of
SNA15-A
Prepared by: LENG Tola SNA15-B

53. Prepared by: LENG Tola SNA15-B

54. Prepared by: LENG Tola SNA15-B

55. Prepared by: LENG Tola SNA15-B

56. Prepared by: LENG Tola SNA15-B

57. Prepared by: LENG Tola SNA15-B

58. Prepared by: LENG Tola SNA15-B

59. -Show result
Prepared by: LENG Tola SNA15-B

60. Prepared by: LENG Tola SNA15-B

61. Prepared by: LENG Tola SNA15-B

62. Prepared by: LENG Tola SNA15-B

63. Prepared by: LENG Tola SNA15-B

64. Prepared by: LENG Tola SNA15-B

65. b.Delegate for class monitor of SNA15-B
Prepared by: LENG Tola SNA15-B

66. Prepared by: LENG Tola SNA15-B

67. Prepared by: LENG Tola SNA15-B

68. Prepared by: LENG Tola SNA15-B

69. Prepared by: LENG Tola SNA15-B

70. Prepared by: LENG Tola SNA15-B

71. Prepared by: LENG Tola SNA15-B

72. Prepared by: LENG Tola SNA15-B

73. Prepared by: LENG Tola SNA15-B

74. Prepared by: LENG Tola SNA15-B

75. Prepared by: LENG Tola SNA15-B

76. Prepared by: LENG Tola SNA15-B

77. Prepared by: LENG Tola SNA15-B

78. Prepared by: LENG Tola SNA15-B

79. Prepared by: LENG Tola SNA15-B

80. Prepared by: LENG Tola SNA15-B

81. 10. Configure Trust domain
First: Choose Two ways option then shows result.
Prepared by: LENG Tola SNA15-B

82. Prepared by: LENG Tola SNA15-B

83. Prepared by: LENG Tola SNA15-B

84. a. Open Active Directory Domains and Trusts.
Prepared by: LENG Tola SNA15-B

85. b. right-click the domain for which you want to establish a trust, and then click
Properties.
c. On the Trusts tab, click New Trust, and then click Next.
Prepared by: LENG Tola SNA15-B

86. d. On the Trust Name page, type the Domain Name System (DNS) name (or NetBIOS
name) of the domain, and then click Next.
Prepared by: LENG Tola SNA15-B

87. e. On the Trust Type page, click External trust, and then click Next.
Prepared by: LENG Tola SNA15-B

88. f. On the Direction of Trust page, click Two-way, and then click Next.
Prepared by: LENG Tola SNA15-B

89. g. On the Sides of Trust page, click Both this domain and the specified domain, and then
click Next.
Prepared by: LENG Tola SNA15-B

90. h. On the User Name and Password page, type the user name and password
for the appropriate administrator in the specified domain.
i. On the Outgoing Trust Authentication Level--Local Domain page, do one of the
following, and then click Next:
Prepared by: LENG Tola SNA15-B

91. j. On the Outgoing Trust Authentication Level--Specified Domain page, do one of the
following, and then click Next:
Prepared by: LENG Tola SNA15-B

92. k. On the Trust Creation Complete page, review the results, and then click
Next
Prepared by: LENG Tola SNA15-B

93. Prepared by: LENG Tola SNA15-B

94. l.
m. If you want to confirm this trust, click Yes, confirm the outgoing
trust, and then supply the appropriate administrative credentials from the
specified domain.
Prepared by: LENG Tola SNA15-B

95. n.
o. If you want to confirm this trust, click Yes, confirm the incoming trust,
and then supply the appropriate administrative credentials from the specified
domain.
Prepared by: LENG Tola SNA15-B

96. p. On the Completing the New Trust Wizard page, click Finish.
Prepared by: LENG Tola SNA15-B

97. Prepared by: LENG Tola SNA15-B

98. Prepared by: LENG Tola SNA15-B

99. q. Show Result
Prepared by: LENG Tola SNA15-B

100. Prepared by: LENG Tola SNA15-B

101. r. Test and show result
Prepared by: LENG Tola SNA15-B

102. Prepared by: LENG Tola SNA15-B

103. Prepared by: LENG Tola SNA15-B

104. 10. Second: Choose One ways (in-coming) option then
shows result
a. Open Active Directory Domains and Trusts.
Prepared by: LENG Tola SNA15-B

105. Prepared by: LENG Tola SNA15-B

106. Prepared by: LENG Tola SNA15-B

107. Prepared by: LENG Tola SNA15-B

108. Prepared by: LENG Tola SNA15-B

109. Prepared by: LENG Tola SNA15-B

110. Test and Show result
Prepared by: LENG Tola SNA15-B

111. Prepared by: LENG Tola SNA15-B

112. Prepared by: LENG Tola SNA15-B

113. Prepared by: LENG Tola SNA15-B

114. Prepared by: LENG Tola SNA15-B

115. Prepared by: LENG Tola SNA15-B

116. Prepared by: LENG Tola SNA15-B

117. Prepared by: LENG Tola SNA15-B

118. Prepared by: LENG Tola SNA15-B

119. Test and Show result
Prepared by: LENG Tola SNA15-B

120. Prepared by: LENG Tola SNA15-B

121. Prepared by: LENG Tola SNA15-B

122. Prepared by: LENG Tola SNA15-B

123. What is different between Trust domain Two ways and One ways (in-coming) option?
Prepared by: LENG Tola SNA15-B

124. - Two-way. A two-way trust allows authentication requests that are sent by users in either
domain or forest to be routed or communication are successfully to resources and user
logon… in either of the two domains or forests.
- One-way: incoming. A one-way, requests that are sent by users in your domain or forest
(the domain or forest where you started the New Trust Wizard) to be relationship
successfully to resources or login in the other domain or forest. But make sure each
domain is have new trust of One-way: Outgoing.
Prepared by: LENG Tola SNA15-B

125. Prepared by: LENG Tola SNA15-B

126. Prepared by: LENG Tola SNA15-B