chuyen de domain
TRANSCRIPT
-
7/29/2019 Chuyen de Domain
1/40 2/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
nh pTui tr ciHc Anh VnChuyn lTin khuyn mi
13:01 ICT Th Hai, 22/10/2012 Tin Tc Mo vt-Th thut
Gi bi vit qua emailIn raLu bi vit ny
[Chuyn Qun tr mng] Bi 2: Gii thiu hthng Mng Domain Network
ng lc: Th ba - 07/06/2011 22:35 - Ngi ng bi vit: muiten84
[Chuyn Qun trmng] Bi 2:Gii thiu hthng Mng
DomainNetwork
http://meovattinhoc.com/uploads/news/2011_06/bai2dc.jpghttp://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/#http://meovattinhoc.com/vi/news/savefile/Meo-vat-Thu-thuat/Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/http://%20void%280%29/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/http://meovattinhoc.com/vi/news/http://meovattinhoc.com/http://meovattinhoc.com/vi/news/Tin-khuyen-mai/http://meovattinhoc.com/vi/news/Chuyen-la/http://meovattinhoc.com/vi/news/Hoc-Anh-Van/http://meovattinhoc.com/vi/news/Tuoi-tre-cuoi/http://meovattinhoc.com/vi/news/Anh-dep/ -
7/29/2019 Chuyen de Domain
2/40 3/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
Vi cc m hnh trc s dng mng Workgroup tuy c li im l n gin , d trin khai nhng khng thunli trong cng tc qun tr v tnh bo mt km. Hm nay mnh s gii thiu n cc bn h thng Mng Domain
Network.
I- M HNH
My Domain ADSL Printer Client1,Client2
Ip:192.168.1.2
SM:255.255.255.0
GW:192.168.1.1
DNS:192.168.1.2
Ip:192.168.1.1
SM:255.255.255.0
Ip:192.168.1.254
SM:255.255.255.0 Ip: DHCP
II- GII THIU
Vi cc m hnh trc s dng mng Workgroup tuy c li im l n gin , d trin khai nhng khng thun
li trong cng tc qun tr v tnh bo mt km, do vy m hnh Lab-4 gii thiu h thng Domain Network vicc u im
- Qun l tp trung ton b mi thnh phn trong h thng
- Kh nng bo mt cao nhng thun li nh c ch Single Set of Credential
- Kh nng co gin linh ng cho mi quy m, d dng m rng
- p dng c ch qun l da trn Policy (Policy-based Administration)
-
7/29/2019 Chuyen de Domain
3/40 4/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
- Cho php trin khai cc Application tch hp trong AD Database do vy tn dng c c chReplication ca AD
III- CC BC TRIN KHAI
M lab gm 3 my : 1 my dng Windows Server 2k3 lm Domain Controller, DNS, DHCP server, 2 my
Vista dng cho User vi cc bc thc hin minh ha kh nng qun l ca Domain Network vi cc cngvic:
- Xy dng h thng Domain bao gm : nng cp Domain Controller
- Trin khai DHCP Server trn my Domain Controller cp thng s cho cc my Workstationkt ni (Join) Domain mt cch t ng
- T chc h thng v phn quyn qun tr (Delegate)
- To Home Directory, Roamming Profile cho Domain User
- Thit lp Group Policy Object (GPO) : trin khai application (deploy software), Script, kimsot cc s kin (Events) xy ra trong h thng
IV- TRIN KHAI CHI TIT
1. Dng domain controller trn my Server vi domain l nhatnghe.local.
2. Cu hnh li DNS server (to reserve lookup zone..)
3. Ci v cu hnh DHCP server trn my Server
4. Join tt c cc my client vo domain nhatnghe.local dng ip ng
5. Cho cc my client dng Ip ng truy cp c internet.
6. T chc cc OU v user sau:a. Trong doamin nhatnghe.local to 2 OU : HCM v NhaTrang
b. Trong OU HCM to 2 OU con PKthuat , PGvien v user AdminHCM
c. Trong OU PKthuat to user AdminPKT v user Nv1,Nv2,Nv3
d. Trong OU PGvien to user AdminPgv v user Gv1,Gv2,Gv3
e. Trong OU Nhatrang to 2 OU con PKthuat ,PGvien v 2 user AdminNT, NV4
-
7/29/2019 Chuyen de Domain
4/40 5/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
7. Trong OU HCM\PKthuat to group GKThuat add AdminNv1,Nv2,Nv3 vo group ny. Trong OUHCM\PGvien to group Gvien add Gv1,Gv2,Gv3 vo group ny. Trong Ou HCM to group Admin addAdminPKT, adminPgv vo group ny.
8. Ci AdminPAK.msi vo my Client1v my client2
9. y quyn cho user AdminHCM c ton quyn trn OU HCM v user AdminNT c ton quyn trn OuNhaTrang (cho 2 user ny c quyn to policy cho Ou ca mnh).
10. Cho user AdminHCM, AdminNT, AdminPKT, AdminGVien c php Remote Desktop. Trn myclient1 logon vo AdminHCM v AdminNT Remote Desktop vo Doamin kim tra.
11. Dng quyn ca AdminHCM y quyn cho user AdminPKT c ton quyn trn OU PKthuat, userAdminPGV ton quyn trn OU PGvien.
12. Dng quyn AdminPKT cm tt c cc user trong OU PKThuat khng c php chy Notepad.exe,ngai tr user AdminPKT.
13. Trn Server to folder FileServer, share foler ny cho group GKThuat c quyn read, group Gvien ch cquyn xa file v folder do chnh user to ra, group Admin c full quyn
14. Ci my in Lexmark trn my Server v share cho mi user c quyn in. Dng quyn AdmimHCM tologon script cho OU HCM sao cho khi user logon t ng add network t Ser1 v my client.
15. To logon script cho tt c cc user t ng map folder Fileserver v a Y: my client.
16. Kim ton tt c cc user trong ou HCM in trn my in Lexmark.
17. Kim ton tt c user truy cp vo foleder FileServer.18. Cho cc user dng Roaming Profile,
19. Lm Home folder cho tt c cc user
20. Deploy office cho tt c cc user.
21. Backup DHCP, Backup domain. Copy cc thng tin backup sang PC khc. Ghost li my Domain sau restore DHCP v domain tr v trng thi ban u.
Thc hin
1. Dng domain controller trn my Ser1vi domain l nhatnghe.local
-
7/29/2019 Chuyen de Domain
5/40 6/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
1. Click phi ln my network place chnproperties, click phi ln cacrd Lan chnproperties, chn TCP/IP properties, khai bo IPnh hnh v, OK.
2. Vo StartRun DCPROMOmn hnhwelcome n NextNextchn optionController for a new domain n Next
3. Chn option domain in a new forest nNext
4. Nhp vo tn domain Nhatnghe.local nNext
-
7/29/2019 Chuyen de Domain
6/40 7/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
5. NetBios name n Next 6. Database n Next
7.Mn hnh SysVol n Next, chn option Installand configure the DNS n Next
8. Tip tc n Next, Next, Next n khi hontt, khi ng li my
2. Cu hnh li DNS server (to reserve lookup zone..)
-
7/29/2019 Chuyen de Domain
7/40 8/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
1. Vo card Lan sa li Prefer DNS l IPca my Server
2. Vo StartRun g lnh DNSMGMT.MSC vo DNS
3. Click phi vo Reverse Lookup Zone,chn New Zone
4.Mn hnh Welcome n Next, chn option PrimaryZone n NextNext
5. Network ID nhp vo 192.168.1Next, Next6.Vo StartRun CMDg lnh IPconfig/registerDNS
-
7/29/2019 Chuyen de Domain
8/40 9/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
7. Vo DNS kim tra xem c PRT cha, voStartRun g NSLookup kim tra.
8.Click phi PC chn Properties, chn TabForwarder nhp vo IP ca ISP n Add, OK. Hontt vic chnh sa DNS.
3. Ci v cu hnh DHCP server trn my Server
1. Vo StartRun g lnh APPWIZ.CPL voAdd Remove Program, chn Add Remove WindowComponent, chn Network Services n Detail chnDHCP n Next, ch source Window2K3, ciDHCP 2.Vo StartRun g lnh DHCPMGMT.MSC
vo DHCP, click phi ln DHCP chn Manageauthorized servers
-
7/29/2019 Chuyen de Domain
9/40 10/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
3. n Authorize, nhp vo IP ca my Server, OK,OK.
4.Chn Server n Next, hon tt Authorized Server
5. Click phi ln Server chn New Scope nhp vo
6.Nhp vo Start IP, End IP, Next
-
7/29/2019 Chuyen de Domain
10/40 11/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
Scope Name n Next
7. Nhp vo dy IP loi tr Next, Next 8.Chn Option Yes, I want Next.
9.Nhp IP ca ADSL, Next 10.Nhp IP ca DNS Server n Next
-
7/29/2019 Chuyen de Domain
11/40 12/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
11.Mn hnh WinS n Next, chn Option Yes, Iwant to active Next, Finish 12.Hon tt vic ci DHCP
4. Join tt c cc my client vo domain nhatnghe.local dng ip ng
1. Ti my client1 v client2 vo start run g cmdraca s command g ipconfig /renew xin ip t myDHCP, ipconfig /all, nslookup test DNS.
2. Click phi vo computer chn properties, chnchange settings, n change, chn option Domain,nhp vo nhatnghe.local oknhp user + passadministratorrestart li myjoin domain xong
-
7/29/2019 Chuyen de Domain
12/40 13/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
5. Cho cc my client dng Ip ng truy cp c internet.
1. Sau khi join domain xong, logon vo my client1v client2 dng lnh nslookup test li DNS, kim traxem c truy vn c cc trang trang web ngoiinternet khng. V DNS server forwarder ra ISP bc 8 phn 2 nn vic truy vn DNS nhng trangweb ngai Internet s thnh cng
2. vo IE test th mt s trang web, hon tt phn 5
6. T chc cc OU v user sau:
a. Trong doamin nhatnghe.local to 2 OU : HCM v NhaTrang
b. Trong OU HCM to 2 OU con PKthuat , PGvien v user AdminHCM
c. Trong OU PKthuat to user AdminPKT v user Nv1,Nv2,Nv3
d. Trong OU PGvien to user AdminPgv v user Gv1,Gv2,Gv3
e. Trong OU Nhatrang to 2 OU con PKthuat ,PGvien v 2 user AdminNT, NV4
1. Tr v my domain, vo Run g lnh DSA.MSC,click phi vo nhatnghe.local chn
2. Tng t to OU NhaTrang.
-
7/29/2019 Chuyen de Domain
13/40 14/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
NewOrganizational Unit nhp vo tn Ou l HCM,Ok
3. Click phi vo OU HCM to OU PKthuat, OUPGvien v user AdminHCM.
4. Click phi vo OU PKthuat to user AdminPKT,NV1,NV2,NV3.
5. Click phi vo OU PGvien to useradminPgv,Gv1,Gv2,Gv3.
6. Click phi vo OU NhaTrang to 2 OU con lPKThuat v PGvien. Tip tc click phi vo ou
Nhatrang to 2 user AdminNT v Nv4.
-
7/29/2019 Chuyen de Domain
14/40 15/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
7. Trong OU HCM\PKthuat to group GKThuat add AdminNv1,Nv2,Nv3 vo group ny. Trong OUHCM\PGvien to group Gvien add Gv1,Gv2,Gv3 vo group ny. Trong Ou HCM to group Admin addAdminPKT, adminPgv vo group ny.
1. Click phi vo OU Pkthuat con Ou HCM chnNew Group nhp vo GPKthuatOk. 2. Click phi vo GPKthuat va to chn Properties
chn Tab Member, Add NV1, NV2, NV3 vo
Group
-
7/29/2019 Chuyen de Domain
15/40 16/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
3. Click phi vo OU HCM\PGvien to GroupGVien.
4. Click phi vo Group GVien mi va to chnProperties chn Tab Member Add GV1, GV2,GV3 vo Group.
5. Click phi vo OU HCM to Group Admin, clickphi vo Group Admin chn Properties chn TabMember, add AdminPGV, AdminPKT vo Group
6. Hon tt phn 7
-
7/29/2019 Chuyen de Domain
16/40 17/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
8. Ci AdminPAK.msi vo my Client1v my client2
1. Trn my Domain click phi vo a C chnSearch tm file AdminPAK.MSI, copy file ny vofolder share cho my Client.
2. Ti my Client1 v Client2 logon voAdministrator ca Domain truy cp vo folder shareca my Domain ci AdminPAk.MSI
9. y quyn cho user AdminHCM c ton quyn trn OU HCM v user AdminNT c ton quyn trn OuNhaTrang (cho 2 user ny c quyn to policy cho Ou ca mnh).
1. Ti my Domain vo StartRun g lnhDSA.MSCclick phi vo OU HCM chnDelegate Control.
2. Mn hnh Welcome n Next, addAdminHCM, OKNext
3. Cp quyn cho userAdminHCMNexthon tt cp quyn choAdminHCM
4. Vo Menu View chn Advanced Features
-
7/29/2019 Chuyen de Domain
17/40 18/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
5. Click phi vo OU Nhatrang chnProperties
6. Chn Tab Security add AdminNT vo, cpFull quyn cho User ny OK
7. Click phi vo Group Policy CreatorOwner chn Properties
8. Add AdminHCM v AdminNT vo Groupny cho php 2 User ny to Policy
-
7/29/2019 Chuyen de Domain
18/40 19/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
10. Cho user AdminHCM, AdminNT, AdminPKT, AdminGVien c php Remote Desktop. Trn myclient1 logon vo AdminHCM v AdminNT Remote Desktop vo Doamin kim tra.
1. Ti my Domain click phi vo Mycomputer chn Properties, ch tab Remote,chn check box enable remote desktop
2. n Select Remote User n Add chn userAdminHCM, AdminNT, AdminPGV,AdminPKT, cho php cc user ny RemoteDesktop, OK
3. StartProgramsAdministrative Tools
Domain Controller Security Policy DoubleClick Security Setting\Local Policy\UserRightsAssigment\AllowLogon Locally
4. n nt Add chn user AdminHCM,
AdminNT, AdminPGV, AdminPKT cho ccuser ny Logon locally, OK
-
7/29/2019 Chuyen de Domain
19/40 20/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
5. Double Click Security Setting\LocalPolicy\User Rights Assigment\Allow LogonThrough Terminal services
6. n nt Add chn user AdminHCM,AdminNT, AdminPGV, AdminPKT cho cc
user ny Logon bng Terminal services
7. Vo StartRun g lnh GPUpdate /Force
8. Trn my Client1 v Client2 Logon bngquyn AdminHCM, vo StartRun g lnhMSTSC Remote vo Doamin th
11. Dng quyn ca AdminHCM y quyn cho user AdminPKT c ton quyn trn OU PKthuat, userAdminPGV ton quyn trn OU PGvien.
1. Ti my Client1 ng nhp bng quynAdminHCM, vo SrtartRun g lnh DSA.MSCclick phi ln OU PKThuat chn Properties chnTab Security, add user AdminPKT, cp full 2. B checkbox Allow inheritable, chn
-
7/29/2019 Chuyen de Domain
20/40 21/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
quyn cho user ny, n Advance
AdminPKT n Edit,
3. Trong phn Apply onto chn This objectand all child objects, OK, OK, OK
4. Tng t click phi vo Ou PGVien chnProperties chn Tab Security add AdminPGVcp full quyn cho user ny, n Advanced
-
7/29/2019 Chuyen de Domain
21/40 22/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
5. Trong phn Apply onto chn This objectand all child objects, OK, OK, OK
6. Trn my Client1 ln lt Logon voAdminPGV v AdminPKT kim tra
-
7/29/2019 Chuyen de Domain
22/40 23/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
12. Dng quyn AdminPKT cm tt c cc user trong OU PKThuat khng c php chy Notepad.exe,ngai tr user AdminPKT.
1. Ti my Client1 logon bng quynAdminPKT, Remote Desktop ln my Domain,vo DSA.MSC, click phi ln OU PKThuatchn Tab Group Policy n nt New g tnPolicyPKThuat n Edit
2. Trong user Configuration\AdministrativeTemplates\ System double click vo Dont runspecified Windows application.
-
7/29/2019 Chuyen de Domain
23/40 24/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
3. Chn Enabled n Show
4. n Add nhp vo Notepad.exe, OK, OK,
OK
-
7/29/2019 Chuyen de Domain
24/40 25/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
5. Tr v Tab Group Policy chn Properties.6. Chn Tab Security, n Add add userAdminPKT, OK, check vo Deny apply group
policy, OK, OK
7. Vo StartRun g lnh GPupdate /force
8. Ln lt logon bng quyn NV1,
NV2,NV3 kim tra c chy Notepad chay khng. NV1, NV2, NV3 khng chy c,AdminPKT chy c.
13. Trn Server to folder FileServer, share foler ny cho group GKThuat c quyn read, group Gvien
quyn xa file v folder do chnh user to ra, group Admin full quyn
1. Trn my Domain to folder C:\FileServer,click phi ln folder ny chn Share, chn optionShare this folder n Permissions
2. Cho Everyone allow full control, OK
-
7/29/2019 Chuyen de Domain
25/40 26/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
3. Chn Tab Security add group Admin,GKThuat, GVien, Chn Group Admin, GViencp full control, GKThuat quyn Read, nAdvanced.
4. B check Allow Inheritable, chn groupGVien n Edit
5. B 2 check box ca Delete Subfolders
-
7/29/2019 Chuyen de Domain
26/40 27/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
and file v Delete OK, OK
6. Ti Tab Security remove Group users, OK.
Ti my Client1 logon vo NV1, GV1 vAdminPKT truy cp ln folder FileSever kimtra quyn.
14. Ci my in Lexmark trn my Server v share cho mi user c quyn in. Dng quyn AdmimHCM tologon script cho OU HCM sao cho khi user logon t ng add network t Server v my client.
1. Ti my Domain vo StartSettingsPrinterand Fax, double click vo Add printer, chnoption Local Printer
2. Chn option Create a new port, trong phnType of port chn Standard TCP/IP port Next
-
7/29/2019 Chuyen de Domain
27/40 28/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
3. Nhp vo IP ca my in Lexmark, Next4. n Next, chn option Share name, Next,
Next hon tt ci Driver my in Lexmark
5. Vo DSA.MSC click phi vo OU HCMchn Properties chn Tab Group Policy, n Newg HCM OK, n Edit
6. Trong phn user Configuration\WindowsSettings\Scripts(Logon/Logoff) double click voLogon
7. n Show file
8. To file Print.vbs c ni dung sau:
Set WshNetwork=createObject("WScript.Network")
WshNetwork.AddWindowsPrinterConnection"\\PC20\Lexmark"
-
7/29/2019 Chuyen de Domain
28/40 29/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
WshNetwork.SetDefaultPrinter "\\ PC20\Lexmark "
9. Tr v ca s Logon properties n add nBrowser chn file Printer.vbs, OK, OK
10. Vo StartRun GPupdate /force, ti myClient1 logon vo NV1, GV1 kim tra xemc my in cha.
15. To logon script cho tt c cc user t ng map folder Fileserver v a Y: my client.
1. Ti my Domain vo StartRun g lnhDSA.MSCclick phi vo Nhatnghe.local chnProperties, chn Tab Group Policy n Edit
2. Trong phn user Configuration\WindowsSettings\Scripts(Logon/Logoff) double click voLogon, n Show file ri to file Map.bat c nidung sau:
Net use y: \\192.168.1.2\FileServer
-
7/29/2019 Chuyen de Domain
29/40 30/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
3. Tr v ca s logon Properties n Add n
browse chn file Map.bat OK, OK 4. Vo StartRun GPupdate /force, ti myClient1 logon vo NV1, GV1 kim tra xemc a Y cha
16. Kim ton tt c cc user trong OU HCM in trn my in Lexmark.
1. Ti my Domain voStartProgramAdministrative ToolsDomaincontroller security policy, trong phn Audit policychn Audit object access, chn success andfailure. Vo Run g Gpupdate /force
2. Click phi vo my in Lexmark chnpropertiestab securityn advancedchn tabAuditing, n Add ln lt add userAdminHCM, group admin, group Gkthuat,Gvien vo.
-
7/29/2019 Chuyen de Domain
30/40 31/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
3. Kim ton tt c cc quyn ca my inSuccessful v Failed
4. Lm li bc 3 tng t cho cc groupkhc v user AdminHCM. Vo StartRun glnh GPupdate /force. Hon tt kim ton my introng OU HCM
17. Kim ton tt c user truy cp vo folder FileServer.
1. Ti my Domain click phi ln folderC:\FileServer chn PropertiesTab security nAdvancedTab Auditing n Add ri add groupuser vo kim tan tt c cc quyn Successful
2. Trn my Client1 v Client2 logon bngquyn user AdminPKT, AdminPGV truy cp ln
-
7/29/2019 Chuyen de Domain
31/40 32/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
and Failed folder FileServer trn Domain to th file folder trong . Tr v my Domain, click phi ln Mycomputer chn Manage. Trong phn Eventviewer\ Security s thy tt c cc Audit y
3. Click phi ln Security chn
PropertiesTab Fillter, nhp vo Event ID l560, user AdminPKT, OK
4. S thy AdminPKT lm g trn
FileServer v Printer Lexmark
-
7/29/2019 Chuyen de Domain
32/40 33/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
Cho cc user dng Roaming Profile.
1. Trn C: ca my Domain to th mcRoaming, click phi ln folder chn Share fullquyn cho Everyone, OK
2. Tab Security n AdvancedTabpermission b checkbox Allow inheritable chnCopy, OK
3. Ti Tab Security cp full quyn cho groupusers, OK 4. Vo StartRun g DSA.MSC ln lt
click phi ln cc user chn PropertiesTabProfile trong profile path g
\\192.168.1.2\roaming\%username%, OK
-
7/29/2019 Chuyen de Domain
33/40 34/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
5. Ti my Client1 logon vo user GV1 thayi hnh trn desktop, logoff
6. Ti my Client2 logon vo GV1 s thyhnh nn ca my Client1. Hon tt lm Roaming
profile.
Lm Home folder cho tt c cc user
1. Ti my Domain to folder C:\Commonclick phi folder chn share cho Everyone full
quyn, b quyn tha hng, cp cho users fullquyn tng t nh cu 18
2. Vo DSA.MSC ln lt click phi ln ccuser chn Properties chn tab Profile chn
option Connect chn a Z: trong phn To g\\192.168.1.2\common\%username%
-
7/29/2019 Chuyen de Domain
34/40 35/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
3. Ti my Client1 logon bng quyn GV1xem c a Z cha, to vi folder trnLogoff
4. Ti my Client2 logon bng quyn GV1xem cc folder to trn Client1 c trong Zkhng. Hon tt vic to Home folder cho tt ccc user
18. Deploy office cho tt c cc user.
1. Ti my Domain copy source Office2003. vo C:\Office share folder ny cho userc quyn Read. Chy file ORK.MSI ciMicrosoft Office Resource Kit
2. Vo StartProgramMicrosoftOfficeMicrosoft Office ToolsMicrosoft Office2003 Resource KitCustom Installation Wizard,
Next
-
7/29/2019 Chuyen de Domain
35/40 36/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
3. n Browse chn C:\Office\Pro11.MSI,Next
4. Chn Create a new MST file, Next
5. To file C:\Office\Auto.MST, Next 6. ng dn mc nh, Next
7. Tip tc n Next 8. Chn nhng ng dng cn ci, Next
9. Nhp vo Product key ca Office, checkvo I accept., Finish
10. Hon tt file Auto.MST
11. Trong folder C:\Office to file Setup.ZAP
-
7/29/2019 Chuyen de Domain
36/40 37/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
c ni dung sau:
[Application]
FriendlyName=Microsoft office 2003
SetupComand=\\192.168.1.2\office\setup.exeTransforms=\\192.168.1.2\office\auto.mst /qb-
Displayversion=11.0
[ext]
Doc=
12. Vo DSA.MSC click phi lnnhatnghe.local chn propertiesTab group policyn Edit
13. Trong user Configuration\software settingclick phi Software installation chn propertiesg \\PC20\office, OK
14. Click phi ln Software installation chnNewPackage chn file Setup.zap
15. Vo StartRun g lnh Gpupdate /force
16. Ti my Client1, Client2 logon bng quynAdminPKT, vo control panel chn program andfeature, chn Install a program from network sthy Office n Add ci
19. Backup DHCP, Backup domain. Copy cc thng tin backup sang PC khc. Ghost li my Domain sau restore DHCP v domain tr v trng thi ban u.
-
7/29/2019 Chuyen de Domain
37/40 38/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
1. Ti my Domain vo DHCP click phi voScope chn Backup
2. n Make new folder to C:\backup OK,backup xong DHCP.
3. Vo StartRun g lnh NTbackup,Welcome n Next
4. Chn option Let me choose, Next
5. Check vo System State, Next 6. n browse chn C:\backup, lu file vitn system.bkf, Next
-
7/29/2019 Chuyen de Domain
38/40 39/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
7. n Finish8. Hon tt qu trnh backup System statedata
9. Lu folder backup sang my khc, gi smy Domain h ghost la my Domain (ghostP1-2K3). Khai bo li IP ca my Domain, ciDHCP
10. Restore DHCP. Vo Run g lnhDHCPMRMT.MSC, click phi ln PC chn
Restore
-
7/29/2019 Chuyen de Domain
39/40 40/44oc.com/vi//Chuyen-de-Quan-tri-mang-Bai-2-Gioi-thieu-he-thong-Mang-Domain-Network-105/
11. Chn th mc C:\backup, OK
12. Hon tt Restore DHCP
13. Vo StartRun g Ntbackup, Welcomen Next, chn Restore file Next
14. n Browse chn C:\backup\system.bkf,OK, check vo System state, Next
15. n Advanced 16. Chn Original location, Next
17. Tip tc Next v Finish hon tt vic18. Ci Adminpak.msi trn my Domain mirestore, kim tra li DNS v cc user trn
-
7/29/2019 Chuyen de Domain
40/40
restore domain controller, khi ng li my Domain.
Chc cc bn thnh cng!
0
Ngun tin: nhatnghe.comT kha:
DC, DNS, AD
nh gi bi vitTng s im ca bi vit l: 0 trong 0 nh gi
Click nh gi bi vit
Theo dng s kin
[Chuyn Qun tr mng] Bi 5 Quyn SHARE PERMISSION V NTFS PERMISSION(09/08/2011)[Chuyn Qun tr mng] Bi 4: Hng dn nh x a trong mng Domain (14/07/2011)[Chuyn Qun tr mng] Bi 3: H thng Domain Network nhiu Networks / Subnets (05/07/2011)[Chuyn Qun tr mng] Bi 1: Thit lp h thng mng cho Doanh nghip nh (04/06/2011)
Xem tip...
Nhng tin mi hn
Hng dn thay i gi tr Port trn router(22/06/2011)5 phn mm duyt th c th thay th cho Microsoft Outlook(23/06/2011)To ti khon iTunes min ph khng cn th tn dng (23/06/2011)4 phn mm dit virus min ph tt nht cho Windows (23/06/2011)WinUtilities Professional Edition Free 10.21 - Ti u ha h thng tt nht (20/06/2011)2 cng c min ph chuyn i tp tin BIN sang nh dng nh a ISO (20/06/2011)
PhoneNumber Meaning - ngha tm n trong s in thoi (11/06/2011)Chng rc v chng phn mnh a vi Wise Disk Cleaner Professional 5.93 bn quyn min ph(13/06/2011)
NewSID - Khc phc trng SID (16/06/2011)Ly Serial Number cho ng dng t Youserial khng tn tin (09/06/2011)
http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/Lay-Serial-Number-cho-ung-dung-tu-Youserial-khong-ton-tien-107/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/NewSID-Khac-phuc-trung-SID-110/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/Chong-rac-va-chong-phan-manh-o-dia-voi-Wise-Disk-Cleaner-Professional-593-ban-quyen-mien-phi-109/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/PhoneNumber-Meaning-Y-nghia-tim-an-trong-so-dien-thoai-108/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/2-cong-cu-mien-phi-chuyen-doi-tap-tin-BIN-sang-dinh-dang-anh-dia-ISO-111/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/WinUtilities-Professional-Edition-Free-1021-Toi-uu-hoa-he-thong-tot-nhat-112/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/4-phan-mem-diet-virus-mien-phi-tot-nhat-cho-Windows-122/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/Tao-tai-khoan-iTunes-mien-phi-khong-can-the-tin-dung-121/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/5-phan-mem-duyet-thu-co-the-thay-the-cho-Microsoft-Outlook-120/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/Huong-dan-thay-doi-gia-tri-Port-tren-router-119/http://meovattinhoc.com/vi/news/topic/chuyen-de-quan-tri-mang/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/Chuyen-de-Quan-tri-mang-Bai-1-Thiet-lap-he-thong-mang-cho-Doanh-nghiep-nho-100/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/Chuyen-de-Quan-tri-mang-Bai-3-He-thong-Domain-Network-nhieu-Networks-Subnets-133/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/Chuyen-de-Quan-tri-mang-Huong-dan-anh-xa-o-dia-trong-mang-Domain-145/http://meovattinhoc.com/vi/news/Meo-vat-Thu-thuat/Chuyen-de-Quan-tri-mang-Bai-5-Quyen-SHARE-PERMISSION-Va-NTFS-PERMISSION-187/http://meovattinhoc.com/index.php?language=vi&nv=news&op=search&q=AD&mod=allhttp://meovattinhoc.com/index.php?language=vi&nv=news&op=search&q=DNS&mod=allhttp://meovattinhoc.com/index.php?language=vi&nv=news&op=search&q=DC&mod=all