{"id":181,"date":"2023-10-10T12:38:52","date_gmt":"2023-10-10T12:38:52","guid":{"rendered":"https:\/\/nyghtlight.com\/Networking\/?p=181"},"modified":"2023-10-10T12:41:58","modified_gmt":"2023-10-10T12:41:58","slug":"topics-3-active-directory-domain-controller-setup-and-advanced-basics","status":"publish","type":"post","link":"https:\/\/nyghtlight.com\/Networking\/topics-3-active-directory-domain-controller-setup-and-advanced-basics\/","title":{"rendered":"Topic #4 &#8211; Active Directory \/ Domain Controller Setup and Advanced Basics"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">A little housekeeping before we start<\/h2>\n\n\n\n<p>A lot of companies uses Active Directory (AD) to manage their user login and permissions. I\u2019m sure you\u2019re aware of this and its importance so I won\u2019t really discuss the why you would want to learn about it, but here are some basics to get you started.<\/p>\n\n\n\n<p>Active Directory is the main service that manages everything in your Windows environment. From users and computers, to DC servers, GPO and so many other integral things to your IT environment. There are a lot of things that integrate with Active Directory, but this topic will only discuss the basics. You will see learn more about AD\u2019s integration with other services as we go along the course.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Topics Objectives<\/h2>\n\n\n\n<p>My goal in this topic is to show you how to install and Setup Active Directory on your Windows Server alongside some tips to help you create your own project. ( We will make the server into a domain controller). After that, I will talk about the basics on user management with AD Users and computers, Organizational Units (OU), Security\/Distribution Groups.<\/p>\n\n\n\n<p>This is quite a lengthy process, but I made sure to break it down into steps, so you can do it slowly, or skip ahead to the sections you want to learn. Also, setting up this server is integral to a fun experiment in later a Topic! Have fun learning! (Try to not copy pasta everything but adjust things up a little with my recommendation. And if you ever run into problems because of that, that\u2019s even better for learning and troubleshooting!)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Part 1 &#8211; Installing Active Directory Domain Services (ADDS)+ Creating your Forest (Just primary Domain) and Promoting the server to be a Primary Domain Controller in your environment.<\/h3>\n\n\n\n<p> I have here a boring step by step stuff, with some remarks and advice, which<strong> I recommend reviewing<\/strong> for some of the notes <strong>and then <\/strong>watch this really cool video on how to do everything I say since it\u2019s much easier visually. There are a few changes I have and some tips\/note but this video is really good and it\u2019s only 7mn:40s! (You can also check out this blog I found if you prefer that way &#8211; https:\/\/www.manageengine.com\/products\/active-directory-audit\/kb\/how-to\/how-to-add-a-domain-controller-to-an-existing-domain.html (it&#8217;s pretty good)<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe title=\"2- Windows Server 2022 Active Directory Installation and Configuration\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/yZq4yVS_4xg?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>These are the Boring Steps (no screenshots XD It was too many screenshots so I give up&#8230; Watch the video\/Follow the blog I shared above, after you review the steps here). The notes here are things you want to know when Setting up Active Directory and Setting up your Domain Controller <\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Active Directory Domain Services Install<\/strong><\/h5>\n\n\n\n<p>In Server Manager &gt; Add roles and features &gt; then in the Add Roles and Features Wizard &gt; Click Next in the Before You Begin tab (make sure you have Static IP + All the updates installed on the Server) &gt; in Installation Type, select Role based or feature-based installation &gt; in Server Selection tab, select your server (which is only one for now) &gt; in Server Roles, check Active Directory Domain Services and make sure the Include management tools is checked on the popup &gt; then just Next, Next, till you\u2019re in Confirmation tab &gt; in Confirmation tab, you should check Restart the destination server automatically (to make your life easier) and then click on Install.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\"><strong>Promoting Server to a Domain Controller &#8211; Creating your Forest\/Domain.<\/strong><\/h5>\n\n\n\n<p>After installing ADDS and Restarting your Server. In Server Manager &gt; in the Flag\/notification button with ! &gt; Click <strong>Promote this server to a domain controller<\/strong> &gt; in the ADDS Configuration Wizard &gt; Deployment Configuration tab, select Add a new forest (Since we are creating a new domain) -You can use any name you\u2019d like for your domain and make it end with a .com\/.net\/.org\/.local or whatever you like (<strong>ex: HomelabExp.net<\/strong>) &gt; In Domain Controller Options, chose whichever Windows Server Version you want the domain to be able to operate in. In an older environment, there might be a Server with older Windows servers being used so you will pick that version, but at the very least you\u2019d want 2012 R2, and preferably you\u2019d always want the latest versions in your domain\/forest. This option means that the domain will only work in Windows Server that have <strong>this version or newer<\/strong>, but for the lab, you can pick whatever lol. As for the Specify Domain controller capabilities, just check <strong>Global Catalog<\/strong> (GC) and uncheck DNS server (We will be setting one up in the next topic). The<strong> DRSM Password<\/strong> is what you use to get in the server after so make sure you remember (And of course, make a strong one if it\u2019s going to be used for production) &gt; in Additional Options, just go with what comes there since this is not really used nowdays&gt; in Paths, you can change the destination folders for your database if you\u2019d like. This is actually really important to note if you want to do backups and other stuff, but for now, you don\u2019t really need to care &gt; then Next &gt; in the Prerequisites Check, you can just click Install after the check &gt; your Server will restart automatically after Install &gt; After the reboot, the screen at the bottom should say \u201cSign in to: (your domain name)\u201d. For login in, you will be using the <strong>user \u201cAdministrator\u201d<\/strong> and the new DRSM Password you set before.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Check it\u2019s all good<\/h5>\n\n\n\n<p>Now after the Install, if you go to the Local Server, it should show your Domain name. Also, if you go in the Tools menu, you should be able to see Active Directory stuff (you mostly care about Active Directory Users and Computers).<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/1.png\" alt=\"\" class=\"wp-image-184\" style=\"width:1200px;height:468px\" width=\"1200\" height=\"468\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/1.png 1732w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/1-300x117.png 300w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/1-1024x399.png 1024w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/1-768x299.png 768w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/1-1536x599.png 1536w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Part 2 -How to use Active Directory\/the Basics of Users and Computer management with OUs, Security Groups and some other basics stuff and Tips<\/h3>\n\n\n\n<p>The main tool you will be using is Active Directory Users and Computers. This is where you will be doing most of the work to create and manage users and computers in your domain. To open AD Users and Computers, Just go to Tools and there, you can select Active Directory Users and Computers.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"433\" height=\"433\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/2.png\" alt=\"\" class=\"wp-image-185\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/2.png 433w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/2-300x300.png 300w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/2-150x150.png 150w\" sizes=\"(max-width: 433px) 100vw, 433px\" \/><\/figure>\n\n\n\n<h5 class=\"wp-block-heading\">Organizational Units (OU) \/ Containers<\/h5>\n\n\n\n<p>In Active Directory Users and Computers, You can Expand your Domain to see all the Containers and Organizational Units (OU), which are the Folder thingy you see under your domain. These OUs, as their name suggest, is a way to organize and sort your stuff (you will see more use for them on later topics as well, when we do GPO stuff). The way they are ordered\/the hierarchy in which they are stored is important (but again, no need to care about much for now, just keep it in mind). Note that OUs and Containers are pretty much the same. OUs are just the stuff you created, but they function the same. You can tell the OUs from the tiny difference in icon.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"544\" height=\"356\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/3.png\" alt=\"\" class=\"wp-image-186\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/3.png 544w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/3-300x196.png 300w\" sizes=\"(max-width: 544px) 100vw, 544px\" \/><\/figure>\n\n\n\n<p>You can Right Click on any OUs, or even on your Domain Name to Create a new OU inside it. For your main OUs. I recommend Creating your OU from the Domain Name itself, to categorize your main organizations, and then making sub containers inside to manage users\/computers and other things like in the example bellow.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/4.png\" alt=\"\" class=\"wp-image-187\" style=\"width:475px;height:490px\" width=\"475\" height=\"490\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/4.png 647w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/4-291x300.png 291w\" sizes=\"(max-width: 475px) 100vw, 475px\" \/><\/figure>\n\n\n\n<h5 class=\"wp-block-heading\">Security Groups<\/h5>\n\n\n\n<p>The other VERY important part of user management in Active Directory are the Security\/Distribution Groups. You\u2019d mostly care about Security Groups and you can ignore the other option. For the Scope, you can leave on Global since we only have one domain anyway (No subdomains and not Azure AD joined)<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/5.png\" alt=\"\" class=\"wp-image-188\" style=\"width:462px;height:416px\" width=\"462\" height=\"416\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/5.png 592w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/5-300x270.png 300w\" sizes=\"(max-width: 462px) 100vw, 462px\" \/><\/figure>\n\n\n\n<p>To Add Users to a Group, You can either go in the Group itself and look for users (This is also how you\u2019d check if certain users have the appropriate privilege). Or you can just right click on the user itself, and click on Add to a group, and then search for the group.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/6.png\" alt=\"\" class=\"wp-image-189\" style=\"width:616px;height:414px\" width=\"616\" height=\"414\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/6.png 861w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/6-300x201.png 300w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/6-768x516.png 768w\" sizes=\"(max-width: 616px) 100vw, 616px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"365\" height=\"136\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/7.png\" alt=\"\" class=\"wp-image-190\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/7.png 365w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/7-300x112.png 300w\" sizes=\"(max-width: 365px) 100vw, 365px\" \/><\/figure>\n\n\n\n<p>Using Security Group is the most effective way to manage a group of users\/computers. You really want to make sure you plan this correctly at the beginning of deploying your Domain \/ You can later plan to reorganize things to make managing your users simpler and more effective\/efficient.<\/p>\n\n\n\n<p>This is one of those things that\u2019s more planning and takes 5mn to implement, but will save you soooo much time and boring work if you implement correctly.<\/p>\n\n\n\n<p>Some of the Typical way Security Groups comes in really really handy is when you give File permission and Applying GPO (More about this on a later Topic). Essentially, instead of giving permission and applying GPO for each individual users, you just assign them to a Group and they will get everything they need automatically. That way, when you create a new user\/promote someone, you can just add\/move them to different groups and they will get all the File permissions and appropriate level of privilege they should have!<\/p>\n\n\n\n<p>Having these Set up Properly is a really good way to easily apply the Least Privilege Rule in IT, since you won\u2019t have to deal with multiple users, but just one group. So again, this\u2019s really important to plan out when you set up your DC, especially in a company\/org that has multiple users.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\">Users (Object)<\/h5>\n\n\n\n<p>Last but most importantly not least, Users (Object). I put User stuff last since you probably know about this already, but for those who don\u2019t\/wants a review, here we go. (<strong>Objects -stuff you manage in your Active Directory<\/strong>, like Users, Computers, Servers, Printers, etc..). I will only mention user stuff here since they what you will most likely deal with. You can Create new users from either right clicking on a container &gt; New &gt; User. Or, you can open a container and then click on the User Icon thingy at the top menu.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/8.png\" alt=\"\" class=\"wp-image-191\" style=\"width:583px;height:408px\" width=\"583\" height=\"408\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/8.png 752w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/8-300x210.png 300w\" sizes=\"(max-width: 583px) 100vw, 583px\" \/><\/figure>\n\n\n\n<p>This is what it looks like when you <strong>Create a new User<\/strong>. Note that it shows the path for the container in which you create the user. This is good to know when you create a user in the right OU (for GPO stuff -later). Also, if you operate in a multi domain environment\/need to differentiate between local and domain users, you can use the User logon name &#8211; DomainName\\user (ex: homelabexp\\user3) You mostly use this when signing as Administrator when you RDP into them and you want to sign in as local\/domain, so you specify (for local login, you use .\\user -ex: .\\nyght)<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/9.png\" alt=\"\" class=\"wp-image-192\" style=\"width:363px;height:373px\" width=\"363\" height=\"373\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/9.png 492w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/9-292x300.png 292w\" sizes=\"(max-width: 363px) 100vw, 363px\" \/><\/figure>\n\n\n\n<p><strong>For the user Password<\/strong>. Typically (in production use), You either leave it on default option, which is User must change password at next logon, and you send the temp password to your user for them to change. Or, you set a good password yourself and then securely send them the password. If you do this, the password will expire in 42 days (default password GPO settings, more on this on a later Topic). BUT, for our lab testing, you can make it so it never expires for convenience. <\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/10.png\" alt=\"\" class=\"wp-image-193\" style=\"width:347px;height:298px\" width=\"347\" height=\"298\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/10.png 435w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/10-300x257.png 300w\" sizes=\"(max-width: 347px) 100vw, 347px\" \/><\/figure>\n\n\n\n<p><strong>For the Typical user account unlock stuff<\/strong>, you can either unlock from user property by right click on user &gt; property &gt; Unlock and then check on User must change password at next logon. OR, you can right click on your domain &gt; select Find (second option) &gt; Type the user name and then click on Find Now &gt; the User should show at the bottom. Right click on the user to Reset password and you can reset their password for them. You can also double click on the user to get in User Properties here.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/11.png\" alt=\"\" class=\"wp-image-194\" style=\"width:604px;height:465px\" width=\"604\" height=\"465\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/11.png 862w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/11-300x231.png 300w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/11-768x591.png 768w\" sizes=\"(max-width: 604px) 100vw, 604px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/12.png\" alt=\"\" class=\"wp-image-195\" style=\"width:589px;height:483px\" width=\"589\" height=\"483\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/12.png 752w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/12-300x246.png 300w\" sizes=\"(max-width: 589px) 100vw, 589px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Before you leave, here are some good to know Tips you might need for your stuff.<\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tips 1 -in AD Users and Computers, You can check the Advanced Features, which is off by default.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/13.png\" alt=\"\" class=\"wp-image-196\" style=\"width:426px;height:342px\" width=\"426\" height=\"342\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/13.png 532w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/13-300x241.png 300w\" sizes=\"(max-width: 426px) 100vw, 426px\" \/><\/figure>\n\n\n\n<p>Having the Advanced Features will allow you to remove the protection from the OUs you accidentally create and some other stuff. But again, do leave it off after you finish since it\u2019s better for others to have less things to mess up XD\u2026<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/14.png\" alt=\"\" class=\"wp-image-197\" style=\"width:447px;height:512px\" width=\"447\" height=\"512\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/14.png 557w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/14-262x300.png 262w\" sizes=\"(max-width: 447px) 100vw, 447px\" \/><\/figure>\n\n\n\n<p>This is what it would look like if you don\u2019t have the feature turned on \/the default look. And again, do turn it off after you finish setting up the essentials\/ done using the extra features since it\u2019s better with the default view.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/15.png\" alt=\"\" class=\"wp-image-198\" style=\"width:471px;height:496px\" width=\"471\" height=\"496\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/15.png 590w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/15-285x300.png 285w\" sizes=\"(max-width: 471px) 100vw, 471px\" \/><\/figure>\n\n\n\n<p>Tip 2- You can pre-create a new Computer object and assign it to a group, and then when you setup a new computer, you can give it the name you created to have that computer have all the GPO stuff it needs (it\u2019s good to set up when you deploy lots of desktops!)<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/16.png\" alt=\"\" class=\"wp-image-199\" style=\"width:564px;height:489px\" width=\"564\" height=\"489\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/16.png 712w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/16-300x260.png 300w\" sizes=\"(max-width: 564px) 100vw, 564px\" \/><\/figure>\n\n\n\n<p>Tip 3 -Another Tip for Security in your environment is to Disable the Admin Account, and instead Create another Admin with a different name. But again, no need to worry about this for the lab. I will probably do some Basics Security Topics later but that\u2019s gonna be Later Later XD, so I\u2019ll try to give some along the way. (note that you want to make sure the new admin account you create is part of all the groups necessary + it&#8217;s good to keep at least 2 admins account, so you don&#8217;t accidentally get locked out of your DC server XD -This is one of the scariest rookie mistake ever..)<\/p>\n\n\n\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/18.png\" alt=\"\" class=\"wp-image-200\" style=\"width:566px;height:370px\" width=\"566\" height=\"370\" srcset=\"https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/18.png 723w, https:\/\/nyghtlight.com\/Networking\/wp-content\/uploads\/2023\/10\/18-300x196.png 300w\" sizes=\"(max-width: 566px) 100vw, 566px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Closing words<\/h2>\n\n\n\n<p>With that, you should have all the basics you need for using and managing Active Directory. I highly recommend you have a look around and create an organizational template (with OUs, Security Groups and some test users) of your choice. There will be a &#8216;little&#8217; fun Experiment for something using those on a later Topic with GPO stuff and Terminal Server, and it\u2019ll be more interesting for you to work with your own Setup!<\/p>\n\n\n\n<p>I really hope you now have a better understanding on how things works in Active Directory, with Organizational Units (OU), Security Groups and general user management. There will be more application with this to show you more about the reason why you want to properly organize things, but that\u2019s all the essentials you need to know.<\/p>\n\n\n\n<p>If you\u2019ve reached this far and tested things on your own, I hope you had fun Learning and Testing things out! And thank you for Learning with me here :3 huehue<\/p>\n\n\n\n<p>PS. With how much work it takes to make these blogs, I know why people don&#8217;t make documentations for these XD -aaahhhh <\/p>\n\n\n\n<p>-Nyght<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A little housekeeping before we start A lot of companies uses Active Directory (AD) to manage their user login and permissions. I\u2019m sure you\u2019re aware of this and its importance so I won\u2019t really discuss the why you would want to learn about it, but here are some basics to get you started. Active Directory [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":186,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[10,13],"tags":[],"class_list":["post-181","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-getting-started","category-server-setup-basics"],"_links":{"self":[{"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/posts\/181","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/comments?post=181"}],"version-history":[{"count":4,"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/posts\/181\/revisions"}],"predecessor-version":[{"id":202,"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/posts\/181\/revisions\/202"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/media\/186"}],"wp:attachment":[{"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/media?parent=181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/categories?post=181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nyghtlight.com\/Networking\/wp-json\/wp\/v2\/tags?post=181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}