Cloud2web

Contains every AD object in the whole AD forest //Configuration 1. Active directory sites and services 2. NTDS settings-> Properties -> General -> Global Catalogue

—DHCP Relay agent 1. On the relay install the role remote access 2. Routing and remote access -> Add Server -> Configure  and enable routing 3. IPv4 -> General -> New routing protocol -> DHCP Relay Agent 4. Add the interface to listen for DHCP requests 5. IPv4 -> DHCP Relay agent -> Properties -> […]

—GPO (Group Policy Object) //Policies take priority over preferences //Preferences can apply defaults once and then not override again. (eg file extensions) Machine policies are applied to machine. Linked OU must contain machines. User polices are applied to user.Linked OU must contain Users Users and computers are not OU’s and as such cannot have GPO’s […]

—Data deduplication //Powershell Get-DedupVolume ! view a list of drives running data dedup Start-DedupJob –Volume E: –Type Optimization !force dedup to run Get-DedupJob !Check the progress of the deduplication job This is a role which is installed on the file server, auto finds duplicates. service runs in the background. //Configuration 1. Server manager -> Add […]

—NTFS Permissions Order of operations 1. Explict deny 2. Explict allow 3. Inherited Deny 4. Inherited Allow

Containers are built into AD (Users + Computers) and cannot have a GPO applied OU are created Folders which can have a GPO applied

—What is DSRM If you need to troubleshoot your Domain controller a password is set for auth in the event of LDAP being down.

— It is important to separate sites in AD because it affects the communication between each other. If you have 2 seperate sites then updates occur periodically between DC’s and not use a high amount of LAN traffic if they are in the same site. //Checking site replication repadmin /showrepl

Making 2 root domain controllers trust each other only grants them access to each other and not the children sub-domains. //Configuration 1.Open the DNS manager on the first server Expand the Forward Lookup Zones, right click on the primary zone (e.g. domain1.local) and click properties. Go to the zone transfers section and configure the server […]

Basic activities are executed through You might login to a black screen in windows core. Control + Alt + Del -> Launch taskmanager -> New process “cmd.exe” or powershell.exe //Enable remote Powershell Running unsigned powershell scripts