Windows. Not just for houses

Similar documents
Windows. Not just for houses

3/17/10. Active Directory, AD Domain, Server Role, DNS OU s, Users, Computers and Groups in AD Demo Questions

Microsoft Certified Solutions Associate (MCSA)

SEVENMENTOR TRAINING PVT.LTD

Practical Network Defense Labs

Administering Windows Server 2012

Microsoft Certified Solutions Expert (MCSE)

70-742: Identity in Windows Server Course Overview

MCSA Windows Server 2012

Installation Guide. . All right reserved. For more information about Specops Deploy and other Specops products, visit

LabSim Mapping Matrix

Microsoft Exam

ACS 5.x: LDAP Server Configuration Example

Introduction to LAN Introduction to TDC 363 Lecture 05 Course Outline What is NOS?

Administering Windows Server 2012

COURSE OUTLINE MOC 20411: ADMINISTERING WINDOWS SERVER 2012 MODULE 1: CONFIGURING AND TROUBLESHOOTING DOMAIN NAME SYSTEM

TrueSight Capacity Optimization 10.x - LDAP Integration with Microsoft Active Directory. January 2017

A+ Guide to Managing & Maintaining Your PC, 8th Edition. Chapter 17 Windows Resources on a Network

Extend On-Premises Windows Server 2016 Active Directory to Azure VM Complete Lab (V1.1)

TestOut PC Pro - English 6.0.x COURSE OUTLINE. Modified

MOC 6419B: Configuring, Managing and Maintaining Windows Server based Servers

Course Content of MCSA ( Microsoft Certified Solutions Associate )

Microsoft Exactexams Questions & Answers

Course : Installing and Configuring Windows 10

HikCentral V1.3 for Windows Hardening Guide

Managing Group Policy application and infrastructure

MCSA Windows Server 2012

Exam4Tests. Latest exam questions & answers help you to pass IT exam test easily

Managing Group Policy application and infrastructure

Overview. Audience Profile. Module Title : 20410DC -Installing and Configuring Windows Server Course Outline :: 20410DC::

Administering Windows Server 2012

Install and Configure Active Directory Domain Services

MCSA Windows Server 2012 Installation and Configuration

Welcome to PDQ Inventory

Course Outline 20742B

Server : Manage and Administer 3 1 x

LabSim Mapping Matrix

Installing and Configuring Windows Server 2012 R2

Installing and Configuring Windows 10

MD-100: Modern Desktop Administrator Part 1

MOC 20411B: Administering Windows Server Course Overview

Implementing and Managing Windows 10

COURSE OUTLINE MOC 20697: INSTALLING AND CONFIGURING WINDOWS 10

Install and Manage Windows Nano Server 2016 Step by Step

Course Outline 20698B

Getting Started Guide. This document provides step-by-step instructions for installing Max Secure Anti-Virus and its prerequisite software.

Storage and File Hierarchy

Amahi Instruction Manual

Chapter 1: Windows Platform and Architecture. You will learn:

Windows Help document Part A

COS 318: Operating Systems

IT222 Microsoft Network Operating Systems II

Mobility Windows 10 Bootcamp

Managing Windows Environments with Group Policy

Identity with Windows Server 2016

NET 311 D INFORMATION SECURITY

Windows Server 2003 { Domain Controller Installation and Configuration}

Windows Server : Installing and Configuring Windows Server 2012 R2. Upcoming Dates. Course Description. Course Outline

Accops HyWorks v3.0. Quick Start Guide. Last Update: 4/25/2017

Cyber security tips and self-assessment for business

COURSE 20698A: INSTALLING AND CONFIGURING WINDOWS 10

TestOut Server Pro 2016: Install and Storage English 4.0.x LESSON PLAN. Revised

Microsoft Windows Server Administration Fundamentals. Download Full Version :

Microsoft Windows Server 2003 Administration Fundamentals

This course provides students with the knowledge and skills to administer Windows Server 2012.

Xton Access Manager GETTING STARTED GUIDE

EasyMorph Server Administrator Guide

Windows Client, Enterprise Desktop Support Technician

Windows 7 Manually Install Network Printer Drivers Without Admin Rights Gpo

Administering Windows Server 2012

Exam Identity with Windows Server 2016

At Course Completion: Course Outline: Course 20742: Identity with Windows Server Learning Method: Instructor-led Classroom Learning

stickapp anti-virus password manager vpn client free Security & Productivity Apps for SafeStick stickapps.co.uk

macos Security Checklist:

70-411: Administrating Windows Server 2012

Windows Server 2008 Administration

COPYRIGHTED MATERIAL. Contents

NTP Software Quota & File Sentinel

COPYRIGHTED MATERIAL. Configuring, Deploying, and Troubleshooting Security Templates. Chapter MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

Privileged Identity App Launcher and Session Recording

Implementing and Managing Windows 10

Installing and Configuring Windows Server 2012

50331 Windows Client, Enterprise Desktop Support Technician

User Management in Resource Manager

PROPOSAL OF WINDOWS NETWORK

De La Salle University Information Technology Center. Microsoft Windows SharePoint Services and SharePoint Portal Server 2003

Cyber Essentials Questionnaire Guidance

Table Of Contents INTRODUCTION... 6 USER GUIDE Software Installation Installing MSI-based Applications for Users...9

Manually Run Ad Logon Script As Administrator Group Policy

How to Stay Safe on Public Wi-Fi Networks

Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services (Course 6425A)

Microsoft Official Course

Exam /Course C or B Configuring Windows Devices

Installing and Configuring Windows 10

Course Outline. Implementing and Managing Windows 10 Course C: 5 days Instructor Led

INSTALLATION INSTRUCTIONS

Identity with Windows Server 2016

COURSE B: INSTALLING AND CONFIGURING WINDOWS 10

Installing and Configuring Windows 10

M20742-Identity with Windows Server 2016

Transcription:

Windows Not just for houses

Everyone Uses Windows! (sorry James!)

Users Accounts to separate people on a computer Multiple user accounts on a computer Ex) shared family computer Access level can be set differently for each user Ex) parent administrative account vs child standard account Limit what can be done or installed Command: Control userpasswords2

Files Store digital data Security settings can be changed on files based on user accounts Can limit read, write, modify permissions Only allow certain people to view sensitive files ex) tax information stored on family computer Right click on a file and go to properties

Settings Can change how your computer works Settings for everything! Updates anti virus Time zone Brightness etc.

Active Directory

Networks are complex Need easy way to manage everything Centralized login authentication File sharing Printer sharing File security Specialized tools for easier management Active Directory Open LDAP Free IPA

Windows Server What can it do? Can take on many roles, just like linux Email File storage User privileges Authentication Website DNS Many more

Active Directory and Group Policy Tools used for majority of windows based network management Interact and control many objects at once Users Computers Files

Other Common Roles and Features SMB Server FTP Server Exchange Server Firewall Application deployment Centralized monitoring VPN DNS IIS (web server)

Active Directory Database of objects in a network (Domain) Users Computers Printers Security Groups more Stores objects in hierarchy Called organizational units (OU) Can be based on real world hierarchy of organization Can be based on access rights

Users Stores information on user Name Email Phone number Address Location in organization Password (hashed)

Users Controls permissions File and folder access VPN access Password management Active account Access control Ability to control total network access Map drives to computer Folder redirection

Domain Groups Users

Danger Zone Too many users to manage them all Can leave security holes UB has ~ 50,000 users Terminated employee Other permission changes can affect Use groups instead

Security Groups Security groups are special folders inside Organizational Units (OU) Objects can be put in groups Helps keep organized Can assign settings to groups Acts similarly to users configuration Manage every user at once

Domain Groups Computers Users Network share Printer

Groups in Groups?

Nesting Can put groups in groups Starts to get complicated Need to lay out organization before building AD Build domain based on network layout and permissions Does not always look the same as organization Leads to inheritance

Inheritance Think of trickle down theory.. Sub groups (children objects) inherit permissions from group above (parent object) Users in a group, in a group, will get settings placed on top level group

Domain Parent Group Children Groups Computers Users Network share Printer

Computers and Devices Like users, devices can be managed in AD Computers Printers Other Servers Can start to connect resources to each other

Domain Groups Computers Users Network share Printer

Active Directory

Confused yet? Domains control network OU s store information about things (Objects) Security Groups also contain objects Groups can go in groups Children objects inherit permissions from parent objects

AD Tips DON T LET DNS DIE Mo

Forests, trees, and leaves

Forests, trees, and leaves

Forests, trees, and leaves

Active Directory

Group Policy Because this wasn t complicated enough already

Group Policy Centralized management tool for windows networks Can control pretty much every setting imaginable Works with Active Directory For example..

Mapped drives and folder redirection Mapped Drives Useful with many network drives Useful when user is moving computers Easy and seamless transition Folder Redirection Nothing is stored locally Documents, pictures, desktop redirected to server Backups Mobility

Group Policy Can be used to force any setting on objects in AD Login scripts Mapped network drives Sleep settings Remote desktop access Password policy Set firewall policy Change background Change cursor Windows Update timing Pretty much anything you can think of

Group Policy Key terms: Enforced Linked Link policy to specific OU Filtering Can not be overwritten by other policy Can choose to apply Group policy to computers that meet criteria < 4GB RAM Group Policy Object A set of rules that can be applied to a network object

Multiple Group Policies Can have many sets of policies Helps keep network organized Different rules for each department or group

Active directory and Group Policy Some the the most powerful tools for an admin Can be used together to control 90% of functions Organization is key

File Permissions Can be set on individual files, folders, network shares, hard drives Can specify who has read, write, or modify permissions File permissions can be inherited from containing folder Ex) Can share whole folder instead of every file Can be set using group policy and Active Directory

More Windows!

Windows Firewalls Does not act like Linux Order does not matter Can block specific EXE s, ports, or services Can specify which network to block on Domain Public Private

Task Scheduler Can be used to automate things Run at time intervals Run at specific events Run at startup Watch out for bad things, but use this for good things Use at work for backups

Event Viewer Monitors all system and application events Can be overwhelming Useful for troubleshooting Useful for looking for bad guys Centralized logging Can send all logs to one server, aggregate data for analysis

Command line Basic windows commands Ipconfig (Not Ifconfig!!!!) Ping Nslookup Cd Tracert Tree help

Powershell Can do anything using powershell that you can do using GUI Just need to find the right commands Can create user and add them to group InstallUser Username "User" Description "LocalAdmin" FullName "Local Admin by Powershell" Password "Password01" AddGroupMember Name 'Administrators' Member 'User' Google is your friend

Virtualization HyperV is windows hypervisor Useful for segmentation of services Backup DC probably don't want to virtualize

Windows Admin Tools View open folders and files Can be useful for troubleshooting a locked file Can be useful for keeping attackers out Storage spaces Software raid WSUS Centralized windows updates Application deployment PDQ deploy Uses powershell to push out applications Process explorer Dive deeper into whats running

Windows Services (not roles and features)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback