Your server must meet the following criteria:

• Logical naming convention for your company
• Two NICs (one LAN segment and one NAT)
• Static IP address, subnet mask and default gateway on the LAN segment interface and a dynamic address on the NAT interface
• Local administrator and standard user accounts
• File server to hold and share files
• Shadow copy enabled on your shared folder(s)
• Disk quotas enabled to limit the size of files in your shared folder(s)
• MP3 files blocked from being saved in your shared folder(s)

Your Windows 10 workstation must meet the following criteria:

• Logical naming convention for your company
• Local administrator and standard user accounts
• Mapped drive to share(s) created on your Windows server
• Ability to RDP into your server

You have also decided to implement some essential networking services, such as DHCP and DNS, on your network. Your Microsoft server must have the following:

• Functioning DHCP server capable of handing out IP addresses, DNS addresses and gateway addresses to client computers on your network
• Functioning DNS server capable of resolving hostnames of all machines on your network to IP addresses and IP addresses to hostnames

To demonstrate the functionality of your servers, you must show all consoles, configuration files and lease files used on your servers to configure each service. On your clients, you can use ipconfig commands to show when your clients are using Windows for DHCP and DNS. Your clients must be able to reach the internet using each of your servers.

Phase I: Instructions

1. Read the scenario above, including all specifications.
2. Following the specifications, design and configure a virtual network setup:
   1. Install a Windows Server 2019 virtual machine (VM) and a Windows 10 VM. Create standard and local administrator accounts.
   2. Assign names to the VMs as per the logical naming convention.
   3. Assign static network configuration to the Windows server.
   4. Install and configure a DHCP server.
   5. Install and configure the DNS server role, and create static records for servers and dynamic records for clients. Create a WWW entry and make sure all machines can resolve hostnames and browse the internet.
   6. Enable shadow copies and disk quotas.
   7. Block MP3 files.
   8. Map drives.
   9. Configure RDP.
3. Record yourself demonstrating the following:
   1. All machines follow a logical naming convention. All servers are configured with a static IP address, mask and default gateway.
   2. The DHCP server is successfully assigning dynamic IP addresses to the clients.
   3. The DNS server configuration has static records for servers and dynamic records for clients. A WWW entry exists appropriately. All machines can resolve hostnames and can browse the internet.
   4. A shadow copy is enabled on shared folders. Users can restore previous versions.
   5. Network drives are mapped to shared folders.
   6. Clients can RDP to the Windows server.
   7. Disk quotas are enabled to limit the size of files in the shared folder(s).
   8. MP3 files are blocked from being saved in the shared folder(s).

Phase II: Growth

Source: Pixabay.com, Ohmydearlife, Image #4541739

Your business is booming. You have hired five of your colleagues to work with you. You are the president of your company, and two of your employees work as techs, two are in accounting and one is in sales.

You have expanded your business to include a new site in Alberta. A site is required for each physical location. Subnets need to be created and assigned to each site accordingly. You will also need to create site links between the new site and the existing headquarters. Sites and subnets allow clients in remote sites to contact the domain controllers in their sites more efficiently.

To simplify administration of your network, you have decided to make a domain and turn your existing Windows server into a domain controller.

Your domain must include the following:

• Logically organized Active Directory (e.g., organizational units (OUs) created for departments, resources, servers, computers, etc.)
• All six employees added to the domain
• Private and secure home folders for each user, which can only be accessed by the user and the domain administrator
• Template user for each department located in the respective OU and added to the necessary security groups
• One shared folder per department
  • Each member of the department only has write access to their own share.
  • The president has full control of all shared folders.
• Group policy that stipulates password complexity
• Group policy that sets a login banner to welcome users to the company
• Windows client computer joined to the domain
• Functioning DHCP and DNS

Note: It is recommended that you take a snapshot or backup of your environment when you are finished. This network will be used for all future assignments.

Phase II: Instructions

1. Read the scenario above, including all specifications.
2. Following the specifications, design and configure the following:
   1. Install Active Directory, and create the OUs, users, folders, templates and other specifications given above.
   2. Join the clients to your domain.
   3. Install Active Directory Sites and Services, and create appropriate sites, subnets and links.
   4. Create the group policies.
   5. Make appropriate changes to the DHCP and DNS servers to add for the Alberta site.
3. Record yourself demonstrating the following:
   1. Active Directory has OUs and employee accounts, and all users have a private and secure home folder to which only they and the domain administrator have access.
   2. There is a template user for each department in their respective OU, which is added to the necessary security groups.
   3. There is one shared folder per department. Each member of the department only has write access to their own share. The president has full control of all shared folders.
   4. Sites, subnets and site links are created.
   5. Group policies are created for password complexity and set a login banner to welcome users to the company. Group policies are applied to workstations.
   6. Clients can log into the domain.
   7. User accounts on workstations can access network resources.
   8. DNS and DHCP is functional for both sites.