Добавил:

Upload Опубликованный материал нарушает ваши авторские права? Сообщите нам.

Вуз:

Алматинский университет энергетики и связи

Предмет:

[НЕСОРТИРОВАННОЕ]

Файл:

20411B-ENU-TrainerHandbook

.pdf

Скачиваний:

241

Добавлен:

01.05.2015

Размер:

16.48 Mб

Скачать

☆

<<< < Предыдущая 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 4647 / 5347 48 49 50 51 52 53 > Следующая >>>

8.Wait for the command to complete. Make a note of the current system time, which you will need toMCT know for a task later in this lab. To record the system time, type the following command, and then

press Enter twice:

9.Restart LON-CL1. USE

10.Wait for LON-CL1 to restart before proceeding with the next task. Do not sign in to LON-CL1.

11.Switch to LON-DC1.

12.Switch to the Group Policy Management console. ONLY

13.In the console tree, if required, expand Forest: Adatum.com, and then click Group Policy Results.

14.Right-click Group Policy Results, and click Group Policy Results Wizard.

15.On the Welcome to the Group Policy Results Wizard page, click Next.

16.On the Computer Selection page, click Another computer, type LON-CL1, and then click Next. .

17.On the User Selection page, click Display policy settings for, click Select a specific user, select STUDENT ADATUM\Pat, and then click Next.

18.On the Summary Of Selections page, review your settings, and then click Next.

19.Click Finish. The RSoP report appears in the details pane of the console.

20.Review the Group Policy Results. For both user and computer configuration, identify the time of the last policy refresh and the list of allowed and denied GPOs. Identify the components that were used to process policy settings.

21.Click the Details tab. Review the settings that were applied during user and computer policy application and identify the GPO from which the settings were obtained.

22.Click the Policy Events tab, and then locate the event that logs the policy refresh you triggered with the GPUpdate command in Task 1.

23.Click the Summary tab, right-click the page, and then click Save Report. USE

24.In the navigation pane, click Desktop, and then click Save.

25.Open the saved RSoP report from the Desktop. Examine the RSoP report, and then close it.

 Task 2: Analyze RSoP with GPResults

1.Sign in to LON-CL1 as Adatum\Administrator with the password Pa$$w0rd.

2.Right-click the Start screen, and then click All apps.

3.In the Apps list, click Command Prompt.

4.At the command prompt, type the following command, and then press Enter:

gpresult /r

RSoP summary results are displayed. The information is very similar to the Summary tab of the RSoP report produced by the Group Policy Results Wizard.

PROHIBITED

5.At the command prompt, type the following command, and then press Enter:

gpresult /v

Notice that many of the Group Policy settings applied by the client are listed in this report.

L5-30 Implementing a Group Policy Infrastructure

6.At the command prompt, type the following command, and then press Enter:

gpresult /z

The most detailed RSoP report is produced.

7.At the command prompt, type the following command, and then press Enter:

gpresult /h:"%userprofile%\Desktop\RSOP.html"

An RSoP report is saved as an HTML file to your desktop.

8.Open the saved RSoP report from your desktop.

9.Compare the report, its information, and its formatting with the RSoP report you saved in the previous task.

 Task 3: Evaluate GPO results by using the Group Policy Modeling Wizard

1.Switch to LON-DC1.

2.In the Group Policy Management console tree, expand Forest:Adatum.com, and then click Group Policy Modeling.

3.Right-click Group Policy Modeling, and then click Group Policy Modeling Wizard. The Group Policy Modeling Wizard appears.

4.Click Next.

5.On the Domain Controller Selection page, click Next.

6.On the User And Computer Selection page, in the User information section, click the User button, and then click Browse. The Select User dialog box appears.

7.Type Mike, and then press Enter.

8.In the Computer information section, click the Computer button, and then click Browse. The Select Computer dialog box appears.

9.Type LON-CL1, and then press Enter.

10.Click Next.

11.On the Advanced Simulation Options page, select the Loopback Processing check box, and then click Merge. Even though the Conference Room Polices GPO specifies the loopback processing, you must instruct the Group Policy Modeling Wizard to consider loopback processing in its simulation.

12.Click Next.

13.On the Alternate Active Directory Paths page, click the Browse button next to Computer location. The Choose Computer Container dialog box appears.

14.Expand Adatum and Kiosks, and then click Conference Rooms. You are simulating the effect of LON-CL1 as a conference room computer.

15.Click OK.

16.Click Next.

17.On the User Security Groups page, click Next.

18.On the Computer Security Groups page, click Next.

19.On the WMI Filters for Users page, click Next.

20.On the WMI Filters for Computers page, click Next.

PROHIBITED USE STUDENT .ONLY USE MCT

			Administering Windows Server® 2012 L5-31
21.		Review your settings on the Summary of Selections page, and then click Next.		MCT
21.
22.		Click Finish.		USE
23.		On the Details tab, scroll to and expand, if necessary, User Details, Group Policy Objects, and
		Applied GPOs.
24.		Verify if the Conference Room Policies GPO apply to Mike as a User policy when he logs on to
		LON-CL1, if LON-CL1 is in the Conference Rooms OU.
25.		Scroll to, and expand if necessary, User Details, Policies, Administrative Templates and Control
25.				.ONLY
		Panel/Personalization.
26.		Confirm that the screen saver timeout is 2,700 seconds (45 minutes), the setting configured by the
		Conference Room Policies GPO that overrides the 10-minute standard configured by the ADATUM
		Standards GPO.
	 Task 4: Review policy events and determine GPO infrastructure status
1.		Switch to LON-CL1.

2.		Pause your mouse pointer in the lower-right corner of the display and then click Settings. Click		STUDENT
		Control Panel.
3.		Click System and Security.
4.		Click Administrative Tools.
5.		Double-click Event Viewer.
6.		In the console tree, expand Windows Logs, and then click the System log.
7.		Sort the System log by Source.
8.		Locate events with Group Policy as the Source. You can even click the Filter Current Log link in the
		Actions pane and then select Group Policy in the Event Sources drop-down list.
9.		Review the information associated with Group Policy events.
9.		Review the information associated with Group Policy events.
10.		In the console tree, click the Application log.
11.		Sort the Application log by the Source column.
12.		Review the events and identify the Group Policy events that have been entered in this log. Which
		events are related to Group Policy application and which are related to the activities you have beenUSE
		performing to manage Group Policy? Note that depending on how long the virtual machine has been
		running, you may not have any Group Policy Events in the application log.		PROHIBITED
13.		In the console tree, expand	Applications and Services Logs, Microsoft, Windows, and Group	PROHIBITED
13.		In the console tree, expand
		Policy, and then click Operational.
14.		Locate the first event related in the Group Policy refresh you initiated in Exercise 1, with the
		GPUpdate command. Review that event and the events that followed it.

Results: After this exercise, you should have successfully used RSoP tools to verify the correct application of your GPOs.

L5-32 Implementing a Group Policy Infrastructure

Exercise 4: Managing GPOs

 Task 1: Perform a backup of GPOs

1.Switch to LON-DC1.

2.Switch to the Group Policy Management console and then click the Group Policy Objects node.

3.In the details pane, right-click ADATUM Standards, and then click Back Up.

4.In the Back Up Group Policy Object dialog box, in the Location box, type C:\.

5.Click Back Up.

6.In the Backup dialog box, click OK.

 Task 2: Perform a restore of GPOs

1.In the Group Policy Management console, right-click ADATUM Standards, and then click Restore from Backup.

2.In the Restore Group Policy Object Wizard dialog box, click Next.

3.On the Backup Location page, click Next.

4.On the Source GPO page, click Next.

5.On the Completing the Restore Group Policy Object Wizard page, click Finish.

6.In the Restore dialog box, click OK.

7.Close all open windows.

 To prepare for the next module

When you have finished the lab, revert all virtual machines back to their initial state.

1.On the host computer, start Hyper-V® Manager.

2.In the Virtual Machines list, right-click 20411B-LON-DC1, and then click Revert.

3.In the Revert Virtual Machines dialog box, click Revert.

4.Repeat steps 2 to 3 for 20411B-LON-CL1.

Results: After this exercise, you should have successfully performed common management tasks on your GPOs.

PROHIBITED USE STUDENT .ONLY USE MCT

		MCT
		L6-33
Module 6: Managing User Desktops with Group Policy
Lab: Managing User Desktops with Group		USE
Policy		USE
Policy
Exercise 1: Implementing Settings by Using Group Policy Preferences
 Task 1: Create the required logon script		.ONLY
1.	Sign in to LON-DC1 as Adatum\Administrator with the password Pa$$w0rd.
2.	On the taskbar, click File Explorer.
3.	In the navigation pane, click Computer.
4.	In the details pane, double-click Local Disk (C:) , and then on the Home tab, click New folder.
5.	Name the new folder Branch1.
6.	Right-click the Branch1 folder, click Share with, and then click Specific people.
7.	In the File Sharing dialog box, click the drop-down arrow and select Everyone, and then click Add.
8.	For the Everyone group, click the Permission Level drop-down arrow, and then select Read/Write.
9.	Click Share and then click Done.	STUDENT
10.	Close the Local Disk (C:) window.
11.	Pause your mouse pointer in the lower right of the display, and then click Start.
12.	Type Notepad and then press Enter.
13.	In Notepad, type Net use S: \\LON-DC1\Branch1.
14.	Click the File menu, and then click Save.
15.	In the Save As dialog box, in the File name box, type BranchScript.bat.	USE
16.	In the Save as type list, select All Files (.).
17.	In the navigation pane, click Desktop, and then click Save.
18.	Close Notepad.
19.	On the desktop, right-click the BranchScript.bat file, and then click Copy. You will paste the file into
	the appropriate folder later in the lab.
1.	On LON-DC1, pause your mouse pointer in the lower right of the display, and then click Start.
2.	Click Administrative Tools.
3.	In Administrative Tools, double-click Active Directory Users and Computers.
4.	In Active Directory Users and Computers, click Adatum.com.
5.	Right-click Adatum.com, point to New, and then click Organizational Unit.
6.	In the New Object – Organizational Unit dialog box, in the Name box, type Branch Office 1, and
	then click OK.	PROHIBITED
7.	In the navigation pane, click IT.
8.	In the details pane, right-click Holly Dickson, and then click Move.

L6-34 Managing User Desktops with Group Policy

9.In the Move dialog box, click Branch Office 1, and then click OK.

10.In the navigation pane, click Computers.

11.In the details pane, right-click LON-CL1, and then click Move.

12.In the Move dialog box, click Branch Office 1, and then click OK.

13.Pause your mouse pointer in the lower right of the display, and then click Start.

14.Click Administrative Tools, and then double-click Group Policy Management.

15.Expand Forest: Adatum.com, expand Domains, and then expand Adatum.com.

16.Right-click Branch Office 1 and then click Create a GPO in this domain and link it here.

17.In the New GPO dialog box, in the Name box, type Branch1, and then click OK.

18.In the navigation pane, click Group Policy Objects.

19.Right-click the Branch1 GPO and then click Edit.

20.In the Group Policy Management Editor, under User Configuration expand Policies, expand

Windows Settings, and then click Scripts (Logon/Logoff).

21.In the details pane, double-click Logon.

22.In the Logon Properties dialog box, click Show Files.

23.In the details pane, right-click a blank area, and then click Paste.

24.Close the Logon window.

25.In the Logon Properties dialog box, click Add.

26.In the Add a Script dialog box, click Browse.

27.Click the BranchScript.bat script, and then click Open.

28.Click OK twice to close all dialog boxes.

29.Close the Group Policy Management Editor.

 Task 3: Edit the Default Domain Policy with the required Group Policy preferences

1.In Group Policy Management, click the Group Policy Objects folder, in the details pane, right-click the Default Domain Policy, and then click Edit.

2.Expand User Configuration, expand Preferences, expand Windows Settings, right-click Shortcuts, point to New, and then click Shortcut.

3.In the New Shortcut Properties dialog box, in the Action list, click Create.

4.In the Name box, type Notepad.

5.In the Location box, click the arrow, and then select Desktop.

6.In the Target path box, type C:\Windows\Notepad.exe.

7.On the Common tab, select the Item-level targeting check box, and then click Targeting.

8.In the Targeting Editor dialog box, click New Item, and then click Security Group.

9.In the lower part of the dialog box, click the ellipsis button.

10.In the Select Group dialog box, in the Enter the object name to select (examples) box, type IT, and then click OK.

PROHIBITED USE STUDENT .ONLY USE MCT

Administering Windows Server® 2012 L6-35

11.	Click OK twice.	MCT
12.	Close all open windows.	MCT

1.Switch to LON-CL1. USE

2.Pause your mouse pointer in the lower right of the display, and then click Settings.

3.Click Power, and then click Restart.

4.When the computer has restarted, sign in as Adatum\Administrator with the password Pa$$w0rdONLY.

5.From Start, type cmd.exe, and then press Enter.

6.At the command prompt, type the following command, and then press Enter: gpupdate /forceTask 4: Test the preferences

7.		Sign out of LON-CL1.		.
				.
8.		Sign in as Adatum\Holly with the password Pa$$word.		STUDENT
9.		Click Desktop, and on the taskbar, click	File Explorer.	STUDENT
9.		Click Desktop, and on the taskbar, click	File Explorer.
10.		Examine the navigation pane, and verify that you have a drive mapped to \\lon-dc1\Branch1.
11.		Verify that the notepad shortcut is on Holly’s desktop.
12.		If the shortcut does not appear, repeat steps 4 through 8.
13.		Sign out LON-CL1.

	Results: After this exercise, you should have created the required scripts and preference settings
	successfully, and then assigned them by using GPOs.

	Exercise 2: Configuring Folder Redirection			USE
	Exercise 2: Configuring Folder Redirection
	 Task 1: Create a shared folder to store the redirected folders
1.		On LON-DC1, on the taskbar, click File Explorer.		PROHIBITED
2.		In the navigation pane, click Computer.		PROHIBITED
2.		In the navigation pane, click Computer.
3.		In the details pane, double-click Local Disk (C:) , and then on the Home tab, click New folder.
4.		Name the new folder Branch1Redirect.
5.		Right-click the Branch1Redirect folder, click Share with, and then click Specific people.
6.		In the File Sharing dialog box, click the drop-down arrow, select Everyone, and then click Add.
7.		For the Everyone group, click the Permission Level drop-down arrow, and then click Read/Write.
8.		Click Share, and then click Done.
9.		Close the Local Disk (C:) window.

L6-36 Managing User Desktops with Group Policy

 Task 2: Create a new GPO and link it to the branch office OU

1. On LON-DC1, from Server Manager, click Tools and then click Group Policy Management.

2. In Group Policy Management, expand Forest: Adatum.com, expand Domains, and then expand

Adatum.com.

3. Right-click Branch Office 1, and then click Create a GPO in this domain and Link it here. 4. In the New GPO dialog box, in the Name box, type Folder Redirection, and then click OK.

 Task 3: Edit the folder redirection settings in the policy

1.Expand Branch Office 1, right-click Folder Redirection, and then click Edit.

2.In the Group Policy Management Editor, under User Configuration, expand Policies, expand

Windows Settings, and then expand Folder Redirection.

3.Right-click Documents, and then click Properties.

4.In the Document Properties dialog box, on the Target tab, next to Setting, click the drop-down arrow, and then select Basic – Redirect everyone’s folder to the same location.

5.Ensure the Target folder location box is set to Create a folder for each user under the root path.

6.In the Root Path box, type \\LON-DC1\Branch1Redirect, and then click OK.

7.In the Warning dialog box, click Yes.

8.Close all open windows on LON-DC1.

 Task 4: Test the folder redirection settings

1.Switch to LON-CL1.

2.Sign in as Adatum\Administrator with the password Pa$$w0rd.

3.From Start, type cmd.exe, and then press Enter.

4.At the command prompt, type the following command, and then press Enter:

gpupdate /force

5.Sign out and then sign in as Adatum\Holly with the password Pa$$word.

6.From Start, click Desktop.

7.Right-click the desktop, and then click Personalize.

8.In the navigation pane, click Change desktop icons.

9.In Desktop Icon Settings, select the User’s Files check box, and then click OK.

10.On the desktop, double-click Holly Dickson.

11.Right-click My Documents, and then click Properties.

12.In the My Document Properties dialog box, note that the location of the folder is now the network share in a subfolder named for the user.

PROHIBITED USE STUDENT .ONLY USE MCT

Administering Windows Server® 2012 L6-37

13.	If the folder redirection is not evident, sign out, and then sign in as Adatum\Holly with the password
	Pa$$word. Repeat steps 10 through 12.	MCT

14.	Sign out of LON-CL1.

Results: After this exercise, you should have successfully configured folder redirection to a shared folder
on the LON-DC1 server.		USE

 To prepare for the next module

When you finish the lab, revert the virtual machines to their initial state. To do this, perform the following

steps:		ONLY
1.	On the host computer, start Hyper-V Manager.	ONLY
1.	On the host computer, start Hyper-V Manager.
2.	In the Virtual Machines list, right-click 20411B-LON-DC1, and then click Revert.	.
3.	In the Revert Virtual Machine dialog box, click Revert.	.
4.	Repeat steps 2 and 3 for 20411B-LON-CL1.	PROHIBITED USE STUDENT
		PROHIBITED USE STUDENT

MCT USE ONLY. STUDENT USE PROHIBITED

<<< < Предыдущая 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 4647 / 5347 48 49 50 51 52 53 > Следующая >>>

Соседние файлы в предмете [НЕСОРТИРОВАННОЕ]

#
01.05.2015110.08 Кб172 лаба.doc
#
01.07.2025341.96 Кб02 тарау.docx
#
01.05.2015224.26 Кб62-РГР техника жне технология негіздері.doc
#
01.07.20251.58 Mб0200_Avtosokhranenny.doc
#
01.05.2015624.64 Кб582012215.pdf
#
01.05.201516.48 Mб24120411B-ENU-TrainerHandbook.pdf
#
01.05.20251.68 Mб021-28.doc
#
01.07.20251.07 Mб221-30.doc
#
01.05.2025379.15 Кб021-40 (1).docx
#
01.05.2025249.34 Кб02167_test (1).doc
#
01.05.2015134.66 Кб202192_srs2_politology.doc