Competency Based Learning

Materials

Sector : ELECTRONICS

Qualification Title: COMPUTER SYSTEMS SERVICING NC II

Unit of Competency: Set up Computer Server

Module Title: Setting up Computer Server

College for Research and Technology

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC Issued by: Page 1 of 72
II CRT Technical Group

Revision # 03

How to use this CBLM

 Welcome to the Module “Setting up Computer Server”. This module
contains training materials and activities for you to complete.
The unit of competency “Maintain and Repair Computer Systems and
Networks” contains the knowledge, skills and attitudes required for
Computer Systems Servicing course required to obtain the National
Certificate (NC) level II.
You are required to go through a series of learning activities in order
to complete each of the learning outcomes of the module. In each learning
outcome there are Information Sheets, Job Sheets, Operation
Sheets, and Activity Sheets. Follow these activities on your own and
answer the Self-Check at the end of each learning activity.
If you have questions, do not hesitate to ask your teacher for
assistance.
Recognition of Prior Learning (RPL)
You have already some basic knowledge and skills covered in this
module. If you can demonstrate competence to your teacher in a
particular skill, talk to him/her so you did not have to undergo the same
training again. If you have a qualification or Certificate of Competency
from previous trainings show it to him/her. If the skills you required are
consistent with and relevant to this module, they become part of the
evidence. You can present these RPL. If you are not sure about your
competence skills, discuss this with your teacher.
After completing this module, ask your teacher to assess your
competence. Result of your assessment will be recorded in your
competency profile. All the learning activities are designed for you to
complete at your own pace.
In this module, you will find the activities for you to accomplish and
relevant information sheets for each learning outcome. Each learning
outcome may have more than one learning activity.
This module is prepared to help you achieve the required
competency in receiving and relaying information. This will be the source
of information that will enable you to acquire the knowledge and skills in
Computer Systems Servicing NC II independently at your own pace with
minimum supervision from your trainer.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC Issued by: Page 2 of 72
II CRT Technical Group

Revision # 03

Computer Systems Servicing NC II

COMPETENCY-BASED LEARNING MATERIALS

List of Competencies
No. Unit of Competency Module Title Code
 1 Install and Installing and ELC724331
configure configuring
computer systems computer systems

2 Set-up Computer Setting-up ELC724332

Networks Computer
Networks

3 Set-up Setting-up ELC724333

Computer Computer Servers
Servers

4 Maintain and Maintaining and ELC724334

Repair Computer Repair Computer
Systems and Systems and
Networks Networks

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC Issued by: Page 3 of 72
II CRT Technical Group

Revision # 03

MODULE CONTENT

UNIT OF COMPETENCY : SET-UP COMPUTER SERVERS

MODULE TITLE : SETTING-UP COMPUTER SERVERS
MODULE DESCRIPTOR : This module covers the knowledge, skills and
attitudes needed to set-up computer servers for LANs and SOHO systems.
It consists of competencies to set-up user access and configures network
services as well as to perform testing, documentation and pre
deployment procedures.

NOMINAL DURATION : 40 hours

SUMMARY OF LEARNING OUTCOMES:

Upon completion of this module, the trainee/student must be able to:

LO1. Set-up user access

LO2. Configure network services
LO3. Perform testing, documentation and pre-deployment procedures
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC Issued by: Page 4 of 72
II CRT Technical Group

Revision # 03

LO 1. Set up User Access

ASSESSMENT CRITERIA:
1 User folder is created in accordance with network operating
system (NOS) features
2 User access level is configured based on NOS features and
established network access policies/end-user requirements.
3 Security check is performed in accordance with
established network access policies/end-user
requirements.

CONTENTS:
• Network operating system (NOS) features
• Computer servers
• Types of Network services
• User access level configuration
• Network services configuration
o configuring web services
o configuring file sharing services
o configuring print sharing services
• Web applications/technologies
• Setting-up client/user access and security
• Setting-up and configuring servers
• Problem solving skills
• Decision making skills
• Reading and writing skills

CONDITIONS:

The students/trainees must be provided with the following:

• PC or workstation network and server
• Network operating system (NOS)
• Network printer
• Tools and test instruments
• Appropriate software applications/programs

METHODOLOGIES:

• Lecture/ Discussion
• Demonstration
• Viewing multimedia

ASSESSMENT METHODS:
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC Issued by: Page 5 of 72
II CRT Technical Group

Revision # 03

• Written exam
• Practical exam
• Observation in workplace
• Demonstration

CONTENTS:

• Planning and preparing for maintenance

• Computer systems maintenance procedures
o PC systems
o Computer operations
o Electronic fault findings
• Use and operation of tools, instruments and testing devices •
Established procedures and job requirements
• Occupational health and safety policies and procedures
• Job service order forms or checklist
• Reading skills required to interpret work instructions
• Communication skills needed to interpret and define work
procedures
• Problem solving in emergency situation

CONDITIONS:

The students/trainees must be provided with the following:

• Tools and materials
• Computers and peripherals
• Test instruments
• Materials
• PPE
• Technical manuals

METHODOLOGIES:

• Lecture/ Discussion
• Demonstration/ Role playing
• Film viewing

ASSESSMENT METHODS:
• Written exam
• Practical exam/ Demonstration
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC Issued by: Page 6 of 72
II CRT Technical Group

Revision # 03

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC Issued by: Page 7 of 72
II CRT Technical Group

Revision # 03

LO 2. Configure Network Services

Assessment Criteria

1. Normal functions of server are checked in accordance with

manufacturer’s instructions
2. Required modules /add-ons are installed/updated based on NOS
installation procedures
3. Network services to be configured are confirmed based on user/system
requirements
4. Operation of network services are checked based on user/system
requirements 5. Unplanned events or conditions are responded to in
accordance with established procedures

CONTENTS:
• Computer servers and functions
• Installing and configuring modules/add-ons
• Configuration of network services
• User/System requirements
• Operation of network services
• Types of Network services
• User access level configuration
• Network services configuration
o configuring web services
o configuring file sharing services
o configuring print sharing services
• Web applications/technologies
• Setting-up client/user access and security
• Setting-up and configuring servers
• Problem solving skills
• Decision making skills
• Reading and writing skills

CONDITIONS:
The students/trainees must be provided with the following:
• PC or workstation network and server
• Network operating system (NOS)
• Network printer
• Tools and test instruments
• Appropriate software applications/programs

ASSESSMENT METHODS:
• Written exam
• Practical exam/ Demonstration
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 8 o
CRT Technical Group

Revision # 03

LO3. PERFORM TESTING, DOCUMENTATION AND

PRE-DEPLOYMENT PRACTICES

ASSESSMENT CRITERIA:
1.Pre-deployment procedures is undertaken based on enterprise policies
and procedures
2. Operation and security check are undertaken based on end-user
requirements 3. Reports are prepared/completed according to enterprise
policies and procedures.

CONTENTS:
• Testing procedures
• Pre-deployment procedures and practices
• Enterprise policies and procedures
• End user requirements
• Enterprise policies and procedures
• Documentation and making reports

CONDITIONS:
The students/trainees must be provided with the following:
• PC or workstation network and server
• Tools and test instruments
• Appropriate software applications/programs
• Documents and report forms

METHODOLOGIES:
• Lecture/ Discussion
• Demonstration
• Film viewing

ASSESSMENT METHODS:
• Written exam
• Practical exam
• Observation in workplace
• Demonstration
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 9 o
CRT Technical Group

Revision # 03

INFORMATION SHEET 3.1-1

Introduction of Networks
A computer network consists of two or more computers intended to share resourc

A client/server network is a system where one or more computers called

clients connect to a central computer named a server to share or use
resources. Each client computer must use an operating system that
allows it to be identified to participate in the network.

Client/Server Networking

A computer network is referred to as client/server if (at least) one of the

computers is used to "serve" other computers referred to as "clients".
Besides the computers, other types of devices can be part of the
network:
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 10
CRT Technical Group 106

Revision # 03

In a client/server environment, each computer still holds (or can still

hold) its (or some) resources and files. Other computers can also access
the resources stored in a computer, as in a peer-to-peer scenario. One of
the particularities of a client/server network is that the files and
resources are centralized. This means that a computer, the server, can
hold them and other computers can access them. Since the server is
always ON, the client machines can access the files and resources
without caring whether a certain computer is ON.

One of the consequences of a client/server network is that, if the server is

turned OFF, its resources and sometimes most of the resources on the
network are not available. In fact, one way to set up a client/server
network is to have more than one server. In this case, each server can
play a different role.

Another big advantage of a client/server network is that security is

created, managed, and can highly get enforced. To access the network, a
person, called a user must provide some credentials, such as a username
and a password. If the credentials are not valid, the user is prevented
from accessing the network.

The client/server type of network also provides many other advantages

such as centralized backup, Intranet capability, Internet monitoring, etc.
In a small network, all these services can be handled by one server:
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 11
CRT Technical Group 106

Revision # 03

In a medium to large network, there can be many servers with each

performing a different task:
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 12
CRT Technical Group 106

Revision # 03

In these series of lessons, we will build a Microsoft Windows network (I

love Linux and Apple but at the time of this writing, I want to make
lessons simple by dealing with only a simple network; normally, you can
connect a Linux workstation, such as Novell SUSE Linux, to a Microsoft
Windows network; this is extremely easy to do; based on my experience,
there is nothing significant to do; once the network is setup and you
connect the Linux workstation to the network, the Linux computer will
find everything on the network; the Linux OS is so intelligent it would
take care of everything).

Client Operating Systems

If you purchase new computers in a store or from a web store, the

computers will most likely have an operating system. At the time of this
writing, most computers sold in stores have Microsoft Windows 7 Home
Premium. Some other computers, such as netbooks, run Microsoft
Windows 7 Starter.

For our network, we will use Microsoft Windows 7 Professional, Ultimate,

or Enterprise. Microsoft Windows 7 Home Premium cannot join a
domain-based network (but it can participate in a peer-to-peer network).
If the computer(s) you are planning to use for your network doesn't
(don't) have the Microsoft Windows 7 Professional, Microsoft Windows 7
Ultimate, or Microsoft Windows 7 Enterprise operating system, you must
upgrade it. Among the ways you can acquire the upgrade, you can
purchase it from a computer store or a web store. Another option is to
get an MSDN subscription.

If you have built your own computer(s) or you acquired (a) "barebone"
computer(s), once it's ready with the necessary hardware parts, you
must acquire and install the operating system.

New Client Operating System Installation

A new installation of operating system (OS) is suitable if:

• You have a computer with no operating system at all

• Youhave a computer with an operating system but you want to

overwrite it

• Youhave a computer with an operating system but it doesn't support an

upgrade to the OS you want to use

To perform a new installation:

Install Windows 10: Steps to Follow

Here are all the Windows 10 installation steps, from start to finish. If
you don’t know how to install Windows 10, or any other Windows
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 13
CRT Technical Group 106

Revision # 03

operating system for that matter, this guide will getyou through, even if
you don’t consider yourself proficient enough when it comes to
computers.

1. Insert the bootable DVD into the optical bay or the USB disk into your
computer.

Note: if using a tower case insert the USB drive into one of the rear
ports. Front-panel USBconnectors can cause a lot of issues during the
install process.

2. Press the F8 key multiple times while the computer starts to open
the Boot Manager menu.

3. Select the drive unit that contains the Windows 10 installer. Some
drives could show up twice. If that’s the case I recommend you chose the
version that uses EFI or UEFI. This is the modern way to install Windows
10 and it’s not possible to change without reinstalling Windows.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 14
CRT Technical Group 106

Revision # 03

3. A message to Press any key to boot from the CD or DVD…

appears. Doing so will start theWindows 10 install process and the
Windows 10 logo will appear.

4. The first step is to choose to Install now. There’s also an option to

Repair your computer. Wewon’t be doing that now.

5. Next we’ll need to choose the language of the interface, the

time and currency format, andthe keyboard layout. You can mix
and match these to your liking and don’t have to reflect the actual
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 15
CRT Technical Group 106

Revision # 03

location where you’ll be using the PC or the actual keyboard layout. You
can change them later after the install if needed.

6. Next step is to enter the Windows 10 product key. You can

skip this step if you want to activate Windows later on. I’ve explored
already what happens if you don’t activate your copyof Windows
and keep using it.

If not, make sure you enter the correct code. It’s made up of 25
characters (5 groups of 5 letters and numbers).

7. Select the Windows edition you want to install. It must

 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 16
CRT Technical Group 106

Revision # 03

match the product key enteredearlier or else Windows won’t

activate. If you’re interested in Windows 10 editions and
differences we have an article detailing them.

8. To proceed you need to agree to licensing terms (EULA).

COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 17
CRT Technical Group 106

Revision # 03

9. Select the installation type: Upgrade an existing installation of

Windows (version 7, 8, or 10)or Custom. Since it’s a new computer
we’ll be choosing the latter option.

10. Now it’s time to let the installer know the disk where Windows files
will be copied. At this step, you can partition the existing disk into
smaller virtual disks (recommended for bigger disks). If you
only have one unformatted disk just select it and hit Next. The
installer will createall needed partitions.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 18
CRT Technical Group 106

Revision # 03

I’ll be doing an advanced setup guide for this install step so check back to
this page. I’ll make sure to link it back here. I think it will be a must-read
if you’re reinstalling Windows, installing iton a multi-disk computer, and
especially if you want to dual-boot.

11. The setup will now start to copy files from the install disk to
their final destination.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 19
CRT Technical Group 106

Revision # 03

12. At this step you’ll be asked to select the geographical region, and
keyboard layout again.They can differ and will override the
settings from step 6. Optionally, you can add more keyboard
layouts (use WIN = Shift to switch between them while using
Windows).
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 20
CRT Technical Group 106

Revision # 03

13. Now it’s time to select the type of predefined set-up: for
Personal use or Organization, in which case a system
administrator will enforce some settings for you. We’ll be
using Personal for our guide.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 21
CRT Technical Group 106

Revision # 03

14. Now we’ll create the first user account which will also act as the
administrator for this computer. Microsoft will push you towards using a
Microsoft online account, but you can alsoset up an offline
account. For privacy reasons, I suggest you set up the latter. You
can read about the difference here.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 22
CRT Technical Group 106

Revision # 03

15. I didn’t remember this step, but it seems you now have to
select 3 security questions thatwill help you recover your
account in case you forget the password.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 23
CRT Technical Group 106

Revision # 03

16. Privacy settings and Cortana are next. I personally

disable everything that’s possible at thisstep. Some
telemetry data will still be sent to Microsoft servers, but
I’m planning an article on how you can disable almost
everything that’s affecting privacy in Windows 10, so stay
tuned.

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC II Issued by: Page 24 of
CRT Technical Group 106

Revision # 03
17. After a few moments and a couple of different
screens you’ll be greeted with the familiarWindows 10
desktop for the first time.

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC II Issued by: Page 25 of
CRT Technical Group 106

Revision # 03
 That’s it. You’ve successfully installed Windows 10 on your new
computer.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 26 of
CRT Technical Group 106

Revision # 03

Self - Check 3.1-1

I. Identify the following. Choose your answer from the grid below. Use a separate
sheet of paper in answering.

______________1. The World Wide Web.

______________2. The internal network of a company or other enterprise.
______________ 3. A model for supporting mobile communications across an
arbitrary number of wireless LANs.
______________4. A data communications network that covers a relatively broad
geographic area.
______________5. A network that connects two or more Local Area Networks or
Campus Area Networks together.
______________6. It signifies the way in which intelligent devices in the network see
their logical relations to one another
______________7. It is the interconnected group of computers.
______________8. A network covering a small geographic area, like a home.
______________9. All the cables run from the computers to the central location
where they are all connected by hub.
______________10. Each computer is connected to the next computer with the last
one connected to the first.
______________11. The network or internetwork that is limited in scope to a single
organization or entity but which also has limited connections to
the networks of one or more entities.
_____________12.Two or more networks or network segments connected using
devices that operate at layer 3 such as router.
______________ 13.What programs can be used to troubleshoot problems or show
new users how to perform a task?
______________ 14. What type of computer is designed to share its resources
among client computers on the network?
______________ 15. It is the type of the cable use in the server which will support
IEEE 802.3 at 1 GB/s.

ANSWER KEY
Self-Check 3.1-1
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 27 of
CRT Technical Group 106

Revision # 03

1. Internet
2. Intranet
3. GAN
4. WAN
5. MAN
6. Topology
7. Network
8. LAN
9. Star topology
10. Ring topology
11. Extranet
12. Internetwork
13. Remote-control
14. Server
15. Cat 5e enhanced cable
INFORMATION SHEET 3.1-2
Creating an Active Directory Domain

Active Directory Domain Services (AD DS) and its related services form the
foundation for enterprise networks running Microsoft Windows. Together, they
act as tools that store information about the identities of users, computers, and
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 28 of
CRT Technical Group 106

Revision # 03

services; authenticate individual users or computers; and provide a mechanism

with which a user or computer can access resources in the enterprise. In this
chapter, you will begin your exploration of Windows Server 2008 R2 Active
Directory by installing the Active Directory Domain Services role and creating a
domain controller in a new Active Directory forest. You will find that Windows
Server 2008 R2 continues the evolution of Active Directory by enhancing many
of the existing concepts and features with which you are already familiar.

Windows Server 2008 R2 supports only x64 or Itanium 2 processors; it no

longer supports the x86 processor architecture. If this system requirement is
not met, Windows Server 2008 R2 will not install. This is most important when
upgrading pre-existing servers to Windows Server 2008 R2. Pre-existing
servers based on the x86 processor architecture must be replaced with
hardware based on either the x64 or Itanium 2 processor architecture.

In the most common AD DS installation scenario, the server functions as a

domain controller, which maintains a copy of the AD DS database and replicates
that database with other domain controllers. Domain controllers are the most
critical component in an Active Directory infrastructure and should function with
as few additional unrelated components installed as possible. This dedicated
configuration provides for more stable and reliable domain controllers, because
it limits the possibility of other applications or services interfering with the AD
DS components running on the domain controller.
In versions of Windows Server prior to Window Server 2008, server
administrators were required to select and configure individual components on
a server to ensure that nonessential Windows components were disabled or
uninstalled. In Windows Server 2008, key Windows components are broken
down into functionally related groups called roles. Role-based administration
allows an administrator to simply select the role or roles that the server should
fulfill. Windows Server 2008 then installs the appropriate Windows components
required to provide that role’s functionality.

INFORMATION SHEET 3.1-3

Installing Active Directory Domain Services

After this lesson, you will be able to:

• Explain the role of identity and access in an enterprise network.

• Understand the relationship between Active Directory services.

COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 29 of
CRT Technical Group 106

Revision # 03

• Install the Active Directory Domain Services (AD DS) role and configure
Windows Server 2008 R2 domain controller using the Windows interface.

Active Directory Domain Services (AD DS) provides the functionality of an

identity and access (IDA) solution for enterprise networks. In this lesson, you
learn about AD DS and other Active Directory roles supported by Windows
Server 2008. You also explore Server Manager, the tool with which you can
configure server roles, and the improved Active Directory Domain Services
Installation Wizard. This lesson also reviews key concepts of IDA and Active
Directory.

Active Directory, Identity and Access

Identity and access (IDA) infrastructure refer to the tools and core technologies
used to integrate people, processes, and technology in an organization. An
effective IDA infrastructure ensures that the right people have access to the
right resources at the right time.

As previously mentioned, Active Directory provides the IDA solution for

enterprise networks running Windows. AD DS is the core component of an
Active Directory IDA infrastructure.

AD DS collects and stores enterprise-wide IDA information in a database called

the Active Directory data store. The data store contains all pertinent information
on all objects that exist within the Active Directory infrastructure. In addition,
AD DS acts as a communication and information hub for additional Active
Directory services which, together, form a complete IDA infrastructure.

Active Directory stores information about users, groups, computers, and other
identities. An identity is, in the broadest sense, a representation of an object
that will perform actions on the enterprise network. For example, a user will
open documents from a shared folder on a server. The document will be secured
with permissions on an access control list (ACL). Access to the document is
managed by the security subsystem of the server, which compares the identity
of the user to the identities on the ACL to determine whether the user’s request
for access will be granted or denied.

Computers, groups, services, and other objects also perform actions on the
network, and they must be represented by identities. Among the information
stored about an identity are properties that uniquely identify the object, such as
a user name or a security identifier (SID), and the password for the identity.
The identity store is, therefore, one component of an IDA infrastructure. The
Active Directory data store, also known as the directory, is an identity store.
The directory itself is hosted within a database that is stored on and managed
by a domain controller—a server performing the AD DS role. If multiple domain
controllers exist within an Active Directory infrastructure, they work together to
maintain a copy of the data store on each domain controller. The information
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 30 of
CRT Technical Group 106

Revision # 03

within this store allows Active Directory to perform the three main functions of
an IDA infrastructure: authentication, access control, and auditing.

• Authentication A user, computer, or other object must first verify its

identity to the Active Directory infrastructure before being granted the
ability to function as part of the Active Directory domain. This process of
verification is typically through an exchange of protected or secret
information such as a password or a digital certificate. After the
authentication information has been submitted to the Active Directory
and verified as valid, the user may proceed as a member of the domain
and perform actions such as requesting access to shared files,
submitting a print job to a printer, accessing and reading email, or any
number of other actions within the domain.

Kerberos Authentication in an Active Directory Domain

In an Active Directory domain, the Kerberos protocol is used to authenticate

identities. When a user or computer logs on to the domain, Kerberos
authenticates its credentials and issues a package of information called a ticket
granting ticket (TGT). Before the user performs a task such as connecting to a
server to request a document, a Kerberos request is sent to a domain controller
along with the TGT that identifies the authenticated user. The domain controller
issues the user another package of information called a service ticket that
identifies the authenticated user to the server. The user presents the service
ticket to the server, which accepts the service ticket as proof that the user has
been authenticated.

These Kerberos transactions result in a single network logon. After the user or
computer has initially logged on and has been granted a TGT, the user is
authenticated within the entire domain and can be granted service tickets that
identify the user to any service. All of this ticket activity is managed by the
Kerberos clients and services built into Windows and remains transparent to the
user.

• Access control The IDA infrastructure is responsible for protecting

information and resources by ensuring that access to resources is
granted to only the identities that should have access. Access to
important resources and confidential information must be managed
according to the enterprise policies. Every single object (such as
computers, folders, files, and printers) within Active Directory has an
associated discretionary access control list (DACL). This list contains
information regarding the identities that have been granted access to
the object and the level of access granted.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 31 of
CRT Technical Group 106

Revision # 03

When a user whose identity has already been authenticated on the

domain tries to access a resource, the resource’s DACL is checked to
determine whether the user’s identity is on the list. If the identity exists
on the list, the user is allowed to access the resource as specified by the
access permissions on the DACL listed for that user.

• Auditing Monitoring activities that occur within the IDA infrastructure is

referred to as auditing. Auditing allows organizations to monitor events
occurring within the IDA infrastructure, including the access of files and
folders, where and when users are logging on, changes made to the IDA
infrastructure, and general functionality of Active Directory itself. Auditing
behavior is controlled by system access control lists (SACLs). Like the
previously mentioned DACL, every object within the IDA infrastructure
has an SACL attached to it. The SACL contains a list of identities whose
activity on that resource will be audited, as well as the level of auditing
that will occur for each identity.

AD DS is not the only component of IDA supported by Windows Server 2008.

With the release of Windows Server 2008, Microsoft consolidated several
previously separate components into an integrated IDA platform. Active
Directory itself now includes five technologies, each of which is identified with a
keyword that indicates the purpose of the technology, as shown:
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 32 of
CRT Technical Group 106

Revision # 03
These five technologies comprise a complete IDA solution:

• Active Directory Domain Services (Identity) AD DS, as described earlier, is

designed to provide a central repository for identity management within
an organization. AD DS provides authentication, authorization, and
auditing services on a network and supports object management through
Group Policy. AD DS also provides information management and sharing
services, enabling users to find any component—file servers, printers,
groups, and other users—by searching the directory. Because of this, AD
DS is often referred to as a network operating system directory service.
AD DS is the primary Active Directory technology and should be deployed
in every network that runs Windows Server 2008 operating systems.

• Active Directory Lightweight Directory Services (Applications) Essentially

a stand- alone version of Active Directory, the Active Directory
Lightweight Directory Services (AD LDS) role, formerly known as Active
Directory Application Mode (ADAM), provides support for directory
enabled applications. AD LDS is really a subset of AD DS because both
are based on the same core code. The AD LDS directory stores and
replicates only application-related information. It is commonly used by
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 33 of
CRT Technical Group 106

Revision # 03

applications that require a directory store but do not require the

information to be replicated as widely as to all domain controllers. AD
LDS also enables you to deploy a custom schema to support an
application without modifying the schema of AD DS. The AD LDS role is
truly lightweight and supports multiple data stores on a single system,
so each application can be deployed with its own directory, schema,
assigned Lightweight Directory Access Protocol (LDAP) and SSL ports,
and application event log. AD LDS does not rely on AD DS, so it can be
used in a stand-alone or workgroup environment. However, in domain
environments, AD LDS can use AD DS for the authentication of Windows
security principals (users, groups, and computers). AD LDS can also be
used to provide authentication services in exposed networks such as
extranets. Using AD LDS in this situation provides less risk than using
AD DS.

• Active Directory Certificate Services (Trust) Organizations can use Active

Directory Certificate Services (AD CS) to set up a certificate authority
(CA) for issuing digital certificates as part of a public key infrastructure
(PKI) that binds the identity of a person, device, or service to a
corresponding private key. Certificates can be used to authenticate users
and computers, provide web-based authentication, support smart card
authentication, and support applications, including secure wireless
networks, virtual private networks (VPNs), Internet Protocol security
(IPSec), Encrypting FileSystem (EFS), digital signatures, and more. AD
 CS provides an efficient and secure way to issue and manage
certificates. You can use AD CS to provide these services to external
communities. If you do so, AD CS should be linked with an external,
renowned CA that will prove to others you are who you say you are. AD
CS is designed to create trust in an untrustworthy world; as such, it
must rely on proven processes to certify that each person or computer
that obtains a certificate has been thoroughly verified and approved. In
internal networks, AD CS can integrate with AD DS to provision users
and computers automatically with certificates.

• Active Directory Rights Management Services (Integrity) Although a

server running Windows can prevent or allow access to a document
based on the document’s DACL, there have been few ways to control
what happens to the document and its content after a user has opened
it. Active Directory Rights Management Services (AD RMS) is an
information-protection technology that enables you to implement
persistent usage policy templates that define allowed and disallowed use
whether online or offline, inside or outside the firewall. For example, you
could configure a template that allows users to read a document but not
print or copy its contents. By doing so, you can ensure the integrity of
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 34 of
CRT Technical Group 106

Revision # 03

the data you generate, protect intellectual property, and control who can
do what with the documents your organization produces. AD RMS
requires an Active Directory domain with domain controllers running
Windows 2000 Server with Service Pack 3 (SP3) or later; IIS, a database
server such as Microsoft SQL Server 2008; the AD RMS client (which can
be downloaded from the Microsoft Download Center and is included by
default in Windows Vista, Windows 7, and Windows Server 2008); and
an RMS-enabled browser or application such as Microsoft Internet
Explorer, Microsoft Office, Microsoft Word, Microsoft Outlook, or Microsoft
PowerPoint. AD RMS can rely on AD CS to embed certificates within
documents as well as in AD DS to manage access rights.

• Active Directory Federation Services (Partnership) Active Directory

Federation Services (AD FS) enables an organization to extend IDA
across multiple platforms, including both Windows and non-Windows
environments, and to project identity and access rights across security
boundaries to trusted partners. In a federated environment, each
organization maintains and manages its own identities, but each
organization can also securely project and accept identities from other
organizations. Users are authenticated in one network but can access
resources in another—a process known as single sign-on (SSO). AD FS
supports partnerships because it allows different organizations to share
access to extranet applications while relying on their own internal AD DS
structures to provide the actual authentication process. To do so, AD FS
extends your internal AD DS structure to the external world through
common Transmission Control Protocol/Internet Protocol (TCP/IP) ports
 such as 80 (HTTP) and 443 (Secure HTTP, or HTTPS). It normally resides
in the perimeter network. AD FS can rely on AD CS to create trusted
servers and on AD RMS to provide external protection for intellectual
property.

1. Active Directory data store as mentioned in the previous section, AD DS

stores its identities in the directory—a data store hosted on domain
controllers. The directory is a single file database named Ntds.dit and is
located by default in the %SystemRoot%\Ntds folder on a domain
controller. The database is divided into several partitions, including the
schema, the configuration, and the domain naming context that contains
the data about objects within a domain—the users, groups, and
computers, for example. Depending on the environment, there may also
be application partitions and a partial attribute set (PAS), also called the
global catalog.

2. Domain controllers Domain controllers (DCs) are servers that perform the
AD DS role and maintain a copy of the Active Directory data store, along
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 35 of
CRT Technical Group 106

Revision # 03

with other data important to the domain. As part of that role, they also
run the Kerberos Key Distribution Center (KDC) service, which performs
authentication and other Active Directory services.

3. Domain One or more domain controllers are required to create an Active

Directory domain. A domain is an administrative unit within which certain
capabilities and characteristics are shared. First, all domain controllers
replicate the domain’s partition of the data store, which contains, among
other things, the identity data for the domain’s users, groups, and
computers. Because all DCs maintain the same identity store, any DC can
authenticate any identity in a domain. Additionally, a domain defines the
boundaries of administrative policies such as password complexity and
account lockout policies. Such policies configured in one domain affect all
accounts in the domain and do not affect accounts in other domains.
Changes can be made to objects in the Active Directory database by any
domain controller and will replicate to all other domain controllers.
Therefore, in networks where replication of all data between domain
controllers cannot be supported, it might be necessary to implement more
than one domain to manage the replication of subsets of identities.

4. Forest is a collection of one or more Active Directory domains. The first

domain installed in a forest is called the forest root domain. A forest
contains a single definition of network configuration and a single instance
of the directory schema. A forest is a single instance of the directory—no
data is replicated by Active Directory outside the boundaries of the forest.
Therefore, the forest defines a security boundary.

5. Tree DNS namespace of domains in a forest creates trees within the

forest. If a domain is a subdomain of another domain, the two domains
 are considered a tree. For example, if the treyresearch.net forest
contains two domains, treyresearch.net and antarctica.treyresearch.net,
those domains constitute a contiguous portion of the DNS namespace, so
they are a single tree. If, conversely, the two domains are
treyresearch.net and proseware.com, which are not contiguous in the
DNS namespace, the domain is considered to have two trees. Trees are
the direct result of the DNS names chosen for domains in the forest.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 36 of
CRT Technical Group 106

Revision # 03

6. Functional level. The functionality available in an Active Directory domain

or forest depends on its functional level. The functional level is an AD DS
setting that enables advanced domain-wide or forest-wide AD DS
features. There are six domain functional levels (Windows 2000 native,
Windows 2000 mixed, Windows Server 2003, Windows Server 2003
interim, Windows Server 2008, and Windows Server 2008 R2) and five
forest functional levels (Windows Server 2000, Windows Server 2003,
Windows Server 2003 interim, Windows Server 2008, and Windows
Server 2008 R2). As you raise the functional level of a domain or forest,
features provided by that version of Windows become available to AD DS.
For example, when the forest functional level is raised to Windows Server
2008 R2, the ability to enable the Active Directory Recycle Bin becomes
available. With the Active Directory Recycle Bin, objects deleted within
Active Directory are preserved in the state they were in prior to deletion.
This allows easy restoration of previously deleted objects, if required. The
important thing to know about functional levels is that they determine the
versions of Windows permitted on domain controllers. Before you raise
the domain functional level to Windows Server 2008, all domain
controllers must be running Windows Server 2008.

7. Organizational units Active Directory is a hierarchical database. Objects in

the data store can be collected in containers. One type of container is the
object class called container. You see the default containers, including
Users, Computers, and Builtin, when you open the Active Directory Users
and Computers snap-in. Another type of container is the organizational
unit (OU). OUs provide not only a container for objects but also a scope
with which to manage the objects. That is because OUs can have objects
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 37 of
CRT Technical Group 106

Revision # 03

called Group Policy objects (GPOs) linked to them. GPOs can contain
configuration settings that will be applied automatically by users or
computers in an OU.
 8. Sites - When you consider the network topology of a distributed
enterprise, you will certainly discuss the network’s physical locations or
sites. Sites in Active Directory, however, have a very specific meaning. An
Active Directory site is an object that represents a portion of the
enterprise within which consistent, high-bandwidth network connectivity
is expected. A site creates a boundary of replication and service usage.
Domain controllers within a site replicate changes within seconds.
Between different sites, however, changes are replicated on a controlled
basis with the assumption that intersite connections are slow, expensive,
or unreliable compared to the connections within a site. Additionally,
clients prefer to use distributed services provided by servers in their site
or in the closest site. For example, when a user logs on to the domain,
the Windows client first attempts to authenticate with a domain controller
in its site. Only if no domain controller is available in the site will the
client attempt to authenticate with a DC in another site.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 38 of
CRT Technical Group 106

Revision # 03

INFORMATION SHEET 3.1-4

Adding the AD DS Role Using the Windows Interface

After you have collected the prerequisite information listed earlier, you are
ready to add the AD DS role. There are several ways to do so. In this lesson,
you learn how to create a domain controller by using the Windows interface. In
the next lesson, you learn to do so by using the command line.

• You can add roles to a server by using the Add Roles link on the
home page of Server Manager or by right-clicking the Roles node
in the console tree and choosing Add Roles. The Add Roles
Wizard presents a list of roles available for installation and
guides you through the installation of selected roles.
 • After you add the AD DS role, the files required to perform the
role are installed on the server; however, the server is not yet
acting as a domain controller. You must subsequently run the
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 39 of
CRT Technical Group 106

Revision # 03

Active Directory Domain Services Installation Wizard, which can

be launched by using the Dcpromo.exe command, to configure,
initialize, and start Active Directory.

A. Static Server Desktop

1. Now you must disable the DHCP of the router. Go to the interface of the router
then click the disable radio button then click save.
2. Then go the LAN Connection of the server then right click then click properties.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 40 of
CRT Technical Group 106

Revision # 03

3. Then click Internet Protocol Version 4 (TCP/IPv4) then click properties.

4. Then click Use the following IP Address then enter the IP Address and Default
Gateway that you see in your ipconfig in your CMD. Then click OK to save the IP
Address settings.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 41 of
CRT Technical Group 106

Revision # 03

5. Then click close to exit the Ethernet Properties.

B. Adding Roles
1. Open your Network and Sharing Center the select Change Advanced Sharing
Setting. Then you must allow all the sharing then off the password then click save
changes.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 42 of
CRT Technical Group 106

Revision # 03
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 43 of
CRT Technical Group 106

Revision # 03

2. Click the Server Manager Icon the lower right portion of the desktop or beside the
window icon.
3. Click Add roles and features to start adding roles to the server
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 44 of
CRT Technical Group 106

Revision # 03

4. Then Before you begin click next then on installation type leave the roles based or
feature-based installation selected then click next then in server selection leave the
settings be and click next.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 45 of
CRT Technical Group 106

Revision # 03

5. On Server Roles check the checkbox of Active Directory Domain Services then click
Add Features then click next
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 46 of
CRT Technical Group 106

Revision # 03

6. On AD DS just click next then on confirmation click install then wait it to complete
the installation.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 47 of
CRT Technical Group 106

Revision # 03

7. After the installation is complete click close then click the Add roles and features
again in Dashboard of server manager.
8. On Before you begin click next then on installation type leave the roles based or
feature-based installation selected then click next then in server selection leave the
settings be and click next.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 48 of
CRT Technical Group 106

Revision # 03

9. On Server Roles click the checkbox of DNS Server then click Add Features then click
next.
10.On features just click next then on DNS Server click next and on confirmation click
install.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 49 of
CRT Technical Group 106

Revision # 03
11.Once it is completed you click close then you must restart you server.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 50 of
CRT Technical Group 106

Revision # 03

12.After the restart and you login wait for the server manager panel to open. Then you
the right panel you will see AD DS click it, then on the configuration required… click
More then click Promote this server…
13.On Active Directory Domain Services Configuration Wizard select Add a new
forest then on Root Domain name textbox type your desire domain name, example
in here is crt.css then click next.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 51 of
CRT Technical Group 106

Revision # 03

-On Domain Controller Options input your server password which in this example it
is 123.css then click next.

-On DNS Options just click next.

-On Additional Options just click next.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 52 of
CRT Technical Group 106

Revision # 03

-On Paths Click Next.

-On Review Options click Next.

 -On Prerequisites Check click Install. Then you must wait for the installation to be
completed. Once you it complete just click all the close button and let the server
restart.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 53 of
CRT Technical Group 106

Revision # 03

14.You will now see that the name of domain you create will now appear in the login
form of the server.
15.After you login wait for the server manager again to open. Once it open you will
click the Add roles and features. Then click the checkbox of the DHCP then click add
features. Then click the checkbox of the Print and Documents Services then click
add features then click next.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 54 of
CRT Technical Group 106

Revision # 03
16.On features click Next on DHCP Server click Next on Print and Document Services click
Next on Role Services just check Print Server then click Next on Confirmation click Install
after the installation is complete click close.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 55 of
CRT Technical Group 106

Revision # 03
17.On the right side of panel of server manager you see the DHCP click it, on the
upper part you can see yellow highlighted click the word More.. then click Complete
DHCP Configuration.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 56 of
CRT Technical Group 106

Revision # 03

18.On DHCP Post-Installation Wizard Description click Next and on Authorization click
Commit then on Summary click Close.
 19.On the right side of panel of server
manager you see the DHCP click it, right click
the one server that it have then select DHCP Manager.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 57 of
CRT Technical Group 106

Revision # 03

20.Expand the server name then on IPv4 right click then select New Scope then on New
Scope Wizard click Next, then input the Name and Description of your domain then
click next then on IP Address range this where you use in the 4th layer of IP Address
the number 123 → Start will be at 1 and the end will be 3 or beyond = Example:
Start: 192.168.1.1 End: 192.168.1.3 or Start: 192.168.1.1 End: 192.168.1.10 then
click next.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 58 of
CRT Technical Group 106

Revision # 03

21. On Add Exclusion and Delay just click next and in the Lease Duration just click Next,
then on Configure DHCP Options select Yes then click next. On Router (Default
Gateway) input the IP Address or Default Gateway of the router in this example it is:
192.168.1.5 then click Add then click Next. Then Domain name and DNS Server
click Next then on WINS Servers click Next
22.On Activate scope select Yes then click next then click finish.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 59 of
CRT Technical Group 106

Revision # 03
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 60 of
CRT Technical Group 106

Revision # 03

Mapping and Redirection Setup

1. On the server desktop create two folder naming REDIRECTION AND MAPPING. Right
click on the desktop then new then click folder.

2. On the folder for examp REDIRECTION right click on it then click Properties.
Then click Share. Then click the dropdown arrow select Everyone then click Read on
the Everyone then select Read/Write.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 61 of
CRT Technical Group 106

Revision # 03

3. Click Done, then click the Advanced Sharing, check the checkbox of Share this folder
then click Permissions, on the Allow column click and check the Full Control.

4. Click Add, then on Enter the object names to select type AU then click Check Names
you will the AU will be Authenticated Users you will click OK then Click OK.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 62 of
CRT Technical Group 106

Revision # 03

5. Copy the Network Path of the shared folder to notepad. Then do the same procedure
for the other folder. In this example do it on MAPPING folder.

6. Click start button or the window key on the keyboard, click Administrative Tools, look
for Group Policy Management then open it, expand Forest, expand Domains, righ click
on the domain you have created then select Create a GPO in this domain.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 63 of
CRT Technical Group 106

Revision # 03

7. Type the desire name with gpo at the end, example crtgpo then click OK expand the
domain you created then look for the gpo you created then right click on it then click
edit.

8. On User Configuration expand Policies, then expand Windows Settings, then expand
Folder Redirection then on Desktop right click then click Properties.
-Copy the REDIRECTION folder Network Path that you copied on notepad.
-Select Basic on the Setting then paste the Network Path on the Root Path then click
 Yes.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 64 of
CRT Technical Group 106

Revision # 03

9. Then for Mapping Click Start then click Administrative Tools, then look for Active
Directory Users and Computers open it.

10.Expand the domain you created then right click select new then click Organizational
Unit, then type your Organizational Unit name you want to create, example crtgpo then
click OK.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 65 of
CRT Technical Group 106

Revision # 03

11.Right click the Organizational Unit you created then select New then click User.
-Fill up the form of the user Firstname, Initials, Lastname and User logon name
(Username) then click next.

12.Uncheck Users must change password at next logon, then check User cannot change
password and Password never expires then enter the server password example 123.css
then click Next then click Finish. Repeat the procedure to add another user.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 66 of
CRT Technical Group 106

Revision # 03
13.On one user right click then click Properties, then click Profile then copy the Network
Path for Mapping, then paste it on Profile Path with the /name of the user then also
paste it on Home Folder Connect with the /name of the user and select the assign letter
for the user then click Apply then OK. Do the same procedure to the other user.

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC II Issued by: Page 67 of
CRT Technical Group 106

Revision # 03
Printer Deployment Setup
1. Setup first the printer click start then click Control Panel, then on Hardware click
View devices and printers,
-then click Add a printer
-then click The Printer that I want isn’t listed
-select Add a local printer or network printer with manual settings then click next
-click next, then select a printer brand and printer then click next
-add your name at the end of the printer name then click next then click again
next then click finish.

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC II Issued by: Page 68 of
CRT Technical Group 106

Revision # 03
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 69 of
CRT Technical Group 106

Revision # 03
 2. Right click the printer you have created then click Printer Properties then on
sharing panel check the List in the directory then click Apply and OK.

3. Click
the start button then click Administrative Tools, then look for Print Management
open it, expand Print Servers, expand WIN- click Printers right click on the printer you
have created then click Deploy with Group Policy.

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC II Issued by: Page 70 of
CRT Technical Group 106

Revision # 03
4. Click Browse, then select the gpo you have created example crtgpo then click OK,
check The users that this GPO applied to (per user) and The computers that this GPO
applied to (per machine) then click Add then click Apply and OK. Then click OK

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC II Issued by: Page 71 of
CRT Technical Group 106

Revision # 03
5. Before going to setup on the client, off the server firewall, go to Network and Sharing
Center then click Windows Firewall, then click Turn Windows Firewall on or off, select
all the turn off then click OK.

COMPUTER July 2024 Document No. RIR-CSS03

SYSTEMS
SERVICING NC II Issued by: Page 72 of
CRT Technical Group 106

Revision # 03
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 73 of
CRT Technical Group 106

Revision # 03

Client Side Welcoming the Domain

1. Go to the Network Connections where you can see the Ethernet then right click it the
click enable wait for it to boot then you can see the name of your domain below the
word Ethernet.

2. Go the This PC then right click it, then click Properties.

-on Computer Name, domain and workgroup settings click Change Settings
-click change
-select Domain then type the name of your domain then click OK
-on window Security your Username is Administrator then the password is the
server password, example 123.css then click OK.
-once it have a popup screen Welcome to your domain click OK then click Ok then
click Restart Now.
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 74 of
CRT Technical Group 106

Revision # 03

3. Once you restart you now select Other User then enter the credentials of the user you
have created on your server. Wait for it to setup your Client Desktop.

4. Once you have login open This PC and check if the mapping have been deploy, you can
very if it’s deployed if you have a network location. Open it and then create a file there
or copy a file.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 75 of
CRT Technical Group 106

Revision # 03
5. On the Server side check if you a file created in the Mapping Folder, open the
Mapping folder, then open the folder of the user you have login on the client and see
if a file was created.

6. On client side create file or copy a file on desktop.

COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 76 of
CRT Technical Group 106

Revision # 03
7. Then on client side check the Redirection file if a file was created on the client’s folder
you have login

8. On client side test print a file or picture by right click the file the click print

9. On server side see if a print was performed, go to control panel or on the devices and
printer right the printer you have deployed the click See what’s printing.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 77 of
CRT Technical Group 106

Revision # 03
Remote Server
1. On server side open This PC then right click it then click Properties, then click Advanced
system settings, then select Allow remote connections to this computer then click Apply
and OK.

2. On client side click start then type or search Remote Desktop Connection, then type the
IP Address of the Server then click connect.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 78 of
CRT Technical Group 106

Revision # 03
3. On window security your username is Administrator and the password is the server
password, example 123.css then click OK, then click Yes and wait for it to remote the
server.

4. Now exit the remote desktop connection, then turn it from domain to workgroup with
the workgroup name WORKGROUP.
COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 79 of
CRT Technical Group 106

Revision # 03
 COMPUTER July 2024 Document No. RIR-CSS03
SYSTEMS
SERVICING NC II Issued by: Page 80 of
CRT Technical Group 106

Revision # 03