Lab 11 deploying and configuring the dhcp service

Windows Server 2019 Lab A

Lab 1 (Difficulty: EASY)

📖📖 Prereading It is recommended that you read the following articles before beginning. Additional research may be necessary if you run into problems.

• https://www.techrepublic.com/article/control-panel-and-settings-uis-why-are-both-still- options-in-windows-10/

• https://searchnetworking.techtarget.com/tutorial/Routing-First-Step-Classless-Internet- addressing

• https://dnsmadeeasy.com/support/subnet/

📃📃 Outline 1. Assign static IPv4 address to DC1

2. Rename DC1 from generic Windows-generated name 3. Inspect DC1 configuration

🥅🥅 Lab Objective Establish an initial configuration for Windows Server 2019, which will prepare the machine for enterprise operation (Active Directory, DHCP, DNS, etc). These are best practices for the industry, and a gentle warm-up for future configuration in coming labs. This is a real-world assignment. Aside from basic steps outlined below, you may need to research issues to complete the lab. You can find droves of information on the Internet via Google and on Microsoft’s site. Enjoy!

🛠🛠 Setup 1. Log on to the NETLAB+ environment using these instructions (PLEASE READ!)

2. Click “Scheduler” 3. Click "IS 4440/6640" 4. Click "Environment for Labs 1 and 2”

5. Click a time under "IS 4440-6640 Lab1 and 2 POD X” (whichever Pod is available) to make a reservation (set the duration to 4 hours)

6. At the scheduled time return and logon to NETLAB+ and enter the lab

https://www.techrepublic.com/article/control-panel-and-settings-uis-why-are-both-still-options-in-windows-10/
https://www.techrepublic.com/article/control-panel-and-settings-uis-why-are-both-still-options-in-windows-10/
https://searchnetworking.techtarget.com/tutorial/Routing-First-Step-Classless-Internet-addressing
https://searchnetworking.techtarget.com/tutorial/Routing-First-Step-Classless-Internet-addressing
https://dnsmadeeasy.com/support/subnet/
https://utah.instructure.com/courses/601629/pages/netlab+-read-me
👀👀 NOTE: These labs do NOT save your work. You must finish all hands-on lab work during the time of the reservation (thus reserve 4 hours, even if you do not use the entire time) or you will have to repeat steps. If you don't finish in 4 hours and have to repeat, don't panic, just realize that once you've done it the first time it goes much more quickly the second time.

🔑🔑 Login Information • DC1 Accounts

o Username: Administrator

o Password: DC1 Local (notice the space! It's a "passphrase")

🧪🧪 Lab Guide 1. Assign a static IPv4 address to DC1

1. Open “Network and Sharing Center”

2. Change adapter settings

3. Right click “Ethernet” 4. Uncheck “Internet Protocol Version 6 (TCP/IP)” 5. Choose Properties for “Internet Protocol Version 4 (TCP/IP)”

6. Choose “Use the following IP address”

7. Assign the static IP address of 192.168.42.1 with /24 subnet mask and leave the default gateway "blank", as the virtual environment is not connected to a router (and thus not to any other subnets)

8. Assign static DNS servers, referencing DC1 to itself via DC1's static IP address and DC1's loopback address (127.0.0.1)

9. Accept and close windows 2. Rename DC1 from generic Windows-generated name

1. Using the "Server Manager" find the current name of the Operating System and click the hyperlink

2. Select “Change…” to rename the computer 3. Change the name of the computer to “DC1-UNID” replacing "UNID" with your uNID

(e.g. DC1-U1234567) 4. Confirm settings and restart the computer

3. Inspect the configuration to determine if the Windows Firewall is on

4. Inspect the configuration to determine if automatic updating is configured 5. Find the "Event Viewer" and the "System Log" and find an entry showing that the

"DHCPv4 client service is started"

🖊🖊 Submission Requirements Provide the following screen shots and answers in a single PDF (or Word) file properly labeled similarly to “0123456 Lab1 - Snapshotted.pdf” (substitute your UID) and submit to Canvas. Please don’t just screen grab the entire desktop, as it is very hard to read the details in an inline PDF on Canvas.

Perform the following on DC1

1. Screenshot: Command prompt that has run ipconfig /all (5 points)

2. Screenshot: Right-click the Start menu, take a screenshot of the resulting menu (5 points)

3. Screenshot: Show if the Windows Firewall is on or not (5 points)

4. Screenshot: Show if “automatic updating” is enabled or not (5 points)

5. Screenshot: Show a "System Log" entry showing that the "DHCPv4 client service is started" (5 points)

6. Question: Explain Raid 0, 1, and 5? Explain the advantages/disadvantages of hardware and software-based raids. (5 points)

7. Question: Explain why a you need a static IP address on a server. What are the drawbacks, if any? Why was the DNS server IP address set to DC1 rather than some external DNS server and how is that preparing for loading Active Directory? (5 points)

8. Question: Explain why you didn't install a "Default Gateway". What are the implications are of not having a "Default Gateway"? (5 points)

9. Question: Explain why in our lab environment we have NOT enabled automatic updating. (2 points)

10. Question: Even though the "DHCPv4 client service is started", why does DC1 initially (before you set a static IP address) have a "169.254"-based IP address? What is missing on the network? (3 points)

11. Question: What processor is being used? (1 point)

12. Question: How much RAM (“Total Physical Memory”) is available? (1 point) 13. Question: What is the operating system version (“OS Name”)? (1 point) 14. Question: Servers frequently use RAM that is labeled "ECC", explain what "ECC" is and

why it would be useful for a server. (2 points)

Lab 2 (Difficulty: MODERATE)

📖📖 Prereading It is recommended that you read the following articles before beginning. Additional research may be necessary if you run into problems.

• https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server- 2008-R2-and-2008/ee617195(v=technet.10)?redirectedfrom=MSDN

📃📃 Outline 1. Install the following services:

1. Active Directory Domain Services

2. DHCP

3. DNS

4. Data Deduplication 2. Configure DHCP 3. Create AD OU called “SLC”

4. Create and add users to SLC OU 📗📗 NOTE: You must use the naming conventions listed below to receive full credit

🥅🥅 Lab Objective Configure roles and features on DC1 which will support key network functions for other servers and clients. Active Directory (AD), DHCP, and DNS services will be installed, configured, and an Organizational Unit (OU) for AD will be created, including a few users.

🛠🛠 Setup 1. Log on to the NETLAB+ environment using these instructions (PLEASE READ!)

2. Click “Scheduler” 3. Click "IS 4440/6640" 4. Click "Environment for Labs 1 and 2”

5. Click a time under "IS 4440-6640 Lab1 and 2 POD X” (whichever Pod is available) to make a reservation (set the duration to 4 hours)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee617195(v=technet.10)?redirectedfrom=MSDN
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee617195(v=technet.10)?redirectedfrom=MSDN
https://utah.instructure.com/courses/601629/pages/netlab+-read-me
6. At the scheduled time return and logon to NETLAB+ and enter the lab

👀👀 NOTE: These labs do NOT save your work. You must finish all hands-on lab work during the time of the reservation (thus reserve 4 hours, even if you do not use the entire time) or you will have to repeat steps. If you don't finish in 4 hours and have to repeat, don't panic, just realize that once you've done it the first time it goes much more quickly the second time.

🔑🔑 Login Information • DC1 Accounts

o Username: Administrator o Password: DC1 Local (notice the space! It's a "passphrase")

🧪🧪 Lab Guide 1. Assign a static IPv4 address 192.168.42.1 to DC1 (Hint: refer lab 1 static IPv4 address

allocation)

2. Install the required software

1. In Server Manager, click “Add roles and features” 2. Install the following Roles at the same time (accept all other required

services/features)

1. Active Directory Domain Services (which in install DNS automatically)

2. DHCP Server 3. DNS Server

4. Expand the menu File and Storage Services > File and iSCSI Services > Select "Data Depuplication". Leave the remaining file services as default.

5. Advance to Features (leave default) 6. Advance to DHCP Server

7. Advance to DNS Server 8. Advance to AD DS 9. Advance to Confirmation, check the box that says 'Restart the destination server

automatically if required'. Press Next wait for the roles to installed and press Close.

3. Complete the “Post Deployment Configuration (dcpromo)” of DC1 to create a

Domain Controller. Hint:

1. Click “Add a new forest”

2. Use your uNID + “.corp” as the “root domain name” (e.g., u0123456.corp) 3. Leave the functional levels and capabilities as default. 4. Enter the Directory Services Restore Mode (DSRM) password as "DC1 Local"

5. Ignore DNS zone delegation warning (Click "Next") 6. Accept NetBIOS name (e.g., u0123456) 7. Accept AD DS database, log files, and SYSVOL defaults 8. Review the script of the install before installing

9. View the results of the Prerequisites Check, two warnings appear, but we can safely choose to Install. DC1 will reboot at the end of the process.

10. Note: If you are prompted for a Password Change, be sure to record the password somewhere that you can find it, as that is the ONLY administrator password to your environment. If you lose the password you will have to repeat all of the above steps in a fresh lab environment.

3. Allow uNID.corp to administer the DHCP service (Server Manager > Notification (at the top, look for the "!" by the flag))

4. Create a DHCP scope 1. Server Manager > Tools > DHCP

2. Right click "DC1" and choose "DHCP Manager"

3. Under dc1.uNID.corp > IPv4, Right click and choose "New scope"

4. Name the scope “LAN” for Local Area Network 5. Assign starting and ending addresses

1. 192.168.42.50 2. 192.168.42.150

6. Create an exclusion for 192.168.42.100 through 192.168.42.110 7. Change the lease period to 30 days

8. Click "Yes", to "Configure DHCP Options" 9. You do not need a Gateway, as this network is not connected to the Internet (Just

click "Next") 10. The DNS server should be set to the IP address of DC1 (Confirm and click "Next") 11. You do not need WINS servers (Just click "Next") 12. Click "Yes", to "Activate Scope"

5. Create an Active Directory OU called “SLC”

1. Server Manager > Tools > Active Directory Users and Computers 2. Right click on uNID.corp > New > Organizational Unit and name it “SLC” (you may

leave accidental deletion turned on) 6. Create and add users to SLC OU

1. Right click on SLC OU > New > Users 2. Fill out First Name and Last Name using proper case, with the username or account

name being lower case (this convention is a good practice)

3. Add five users, each with some password of your choosing and uncheck "User must change password at next logon"

4. your "first initial + last name" (e.g., jsmith) 5. your "first initial + last name + 'Admin'" (e.g., jsmithAdmin) 6. Make the "first initial+lastname+Admin" account a member of the "Domain

Admins" group and remove from "Domain Users"

🖊🖊 Submission Requirements Provide the following screenshots and answers in a single PDF file properly labeled similarly to “u0123456 Lab 2 - Snapshot.pdf” (substitute your uNID) and submit to Canvas. Please don’t just screen grab the entire desktop, as it is very hard to read the details in an inline PDF on Canvas.

DC1 Powershell Tasks

1. Screenshot: a PowerShell window that has run this command: Get-ADDomainController (15 points)

2. Screenshot: a PowerShell window that has run this command: Get-DhcpServerv4Scope (but with your uNID)(10 points)

3. Screenshot: a PowerShell window that has run this command: Get-ADUser -Filter * -SearchBase "ou=SLC,dc=u0123456,dc=corp" (but with your uNID)(10 points)

DHCP Questions (1 point each, unless noted)(5 points total)

1. What is the purpose of DHCP? 2. Is DC1 a DHCP client? 3. When other "servers" are added to the lab, should they be DHCP clients?

4. Give examples of two IP addresses (that are 100 IP addresses away from each other but the last octet is not greater than .150) that newly added servers could use on this network that would NOT conflict with DHCP clients (2 points)

DNS Questions (1 point each)(5 points total)

1. What is the purpose of DNS?

2. When DC1, acting as a DNS client, performs a DNS lookup, which DNS server is it using? 3. What is the difference between an 'A' record type and a 'CNAME' record type in DNS? 4. If a DNS lookup fails, does that mean the host is offline?

5. How else could you reach a host if DNS is not working?

Best Practice Questions (5 points total)

1. It is considered a best practice to utilize a separate user account for performing Administrative actions. That is why you created two accounts, one of which was a Domain Admin. Why is this considered a best practice? (2 points)

2. Assume that your domain (u0123456.corp) has 200 User accounts and all Users have laptops. Users are Salespeople that are out of the office most days. Within one month all Users will be on the network at least once, as they all attend monthly meetings at the main office. All 200 Users will never be on the network at the same time because Sales meetings occur in groups of 100 salespeople at a time once a week on Monday mornings. After the DHCP Server was set up, on the second week of the month some Users complained that they could not get on the network. Explain why the DHCP lease setting on DC1 is wrong for this size organization and what reasonable value it should be changed to in order to service all 200 Users properly. (3 points)

Lab 1 Guide
Lab 1 (Difficulty: EASY)
📖 Prereading
📃 Outline
🥅 Lab Objective
🛠 Setup
🔑 Login Information
12 Lab Guide
🖊 Submission Requirements
Lab 2 Guide
Lab 2 (Difficulty: MODERATE)
📖 Prereading
📃 Outline
🥅 Lab Objective
🛠 Setup
🔑 Login Information
12 Lab Guide
🖊 Submission Requirements