Professional Documents
Culture Documents
Báo Cáo Active Directory - Tài Liệu, eBook, Giáo Trình
Uploaded by
Nguyen Quoc Nhan0 ratings0% found this document useful (0 votes)
26 views119 pagesdich ve Ad
Copyright
© © All Rights Reserved
Available Formats
PDF or read online from Scribd
Share this document
Did you find this document useful?
Is this content inappropriate?
Report this Documentdich ve Ad
Copyright:
© All Rights Reserved
Available Formats
Download as PDF or read online from Scribd
0 ratings0% found this document useful (0 votes)
26 views119 pagesBáo Cáo Active Directory - Tài Liệu, eBook, Giáo Trình
Uploaded by
Nguyen Quoc Nhandich ve Ad
Copyright:
© All Rights Reserved
Available Formats
Download as PDF or read online from Scribd
You are on page 1of 119
Active Directory Mang may tinh
“TRUONG DAI HQC SU PHAM HA NOI
KHOA CONG NGHE THONG TIN
Cd
co
Eee
BAO CAO NGHIHN COU ZHIOA HQC
Active Directory
Gido vién huéng din: Nguyén Manh Hing
Sinh vién: Nguyén Thi Thu Huyén
Lop: A K54
Khoa: Céng ngh¢ théng tin
Trudng Dai hge Sw pham Ha Noi.
Ha Noi 4/2008
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin - DHSPHN 1
Active Directory Mang may tinh
MUC LUC
Phan 1. Téng quan Active Directory
1, Gigi thigu,
2. Nhig Thanh Phan Chinh Cuta Hé Théng Active Directory
3. Schema Master
3.1 Domain Naming Master
3.2 Relative Identifier (BG nhan dang quan hé)
3.3 Primary Domain Controller Emulator
3.4 Infrastructure Master
Cau trite
wos
. Ten.
5.1 Céc nguyén tae dat tén co bin
5.2 Cac tén phan biét
5.3 Cae ki ty die bigt trong tén
2
Directory Users va Computers console
_
Tgo mét tdi khoan ngudi ding (User Account)
8,
. Chinh stra va bé sung cdc thude tinh cia tai khoan
lai mat khau ngudi ding
10. Tao cde nhém
11. Cée nhém bao mit.
11.1 Local Group
11.2 Domain Local Groups
11.3 Global Groups
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin - DHSPHN 2
Active Directory Mang may tinh
Phan 2: Cai dit m$t may cha Domain Controller cho mét
Domain
1. Cai dat Active Directory trén Windows Server 2003
1.1 Cai dat va cdu hinh DNS
a. Dat dia chi IP cho méy cht - Static IP va DNS vao DNS cua chinh may minh,
b. Cai dat va cdu hinh DNS
1.2 Cai dat Active Directory trén m4y chi Windows Server 2003
»
Backup & Restore
2.1 Céng nghé NIBACKUP trong Windows Server 2003.
2.2 Backup va Restore Active Directory trong may chit Domain Controllers.
a, Ly thuyét
b, Trién khai.
3. Addtional New DC
3.1 Replication dit ligu trong Active Directory.
3.2 Trién khai Additions Domain Controller mdi vao hé théng cé sin,
a. DNS trén may ch Domain Controller méi.
b. Cai dit Additions Domain Controller vio mt domain da cé sin
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin - DHSPHN 3
Active Directory Mang may tinh
4. Child Domain
5. Forest
6. Rename DC
7. DC vai trd Master
7.1 View Master Role
7.2. Thay d6i Master khi céc Domain Controllers déu dang hoat d6ng tit.
a. Nang Domain Master Role
b. Nang Forest Master Role
7.3 Tinh hudng khi Master Role bi hong.
Két lun
TAI LIEU THAM KHAO:
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin - DHSPHN 4
Active Directory Mang may tinh
Active Directory
Phan 1. Tong quan Active Directory.
1. Giéi thigu.
Khi Windows 2000 duge phat hanh, Microsoft tich hop mét thanh phan la Active
Directory. Khi may chit Windows str dung Windows 2000 Server, Windows Server
2003 hay Longhorn Server, cong viée cia domain controller (b6 diéu khién mién) 1a
chay dich vy Active Directory.
Active Directory chinh Id tréi tim cua Windows Server 2003 , hau nhu tat ca moi
host dong dign ra trén he thng déu chiu sy chi phéi va digu khién cla Active
Directory. Tu phién ban Windows NT4.0 tré vé sau, Microsoft da phat trién hé thong
Active Directory ding dé hau trt dit ligu cia domain nhu céc déi tugng user, computer,
group ... cung cp nhimg dich vu (directory services) tim kiém, kiém soat truy cp, by
quyén, va dc bigt a dich vu chimg thye duge xay dung dya trén giao thie Keberos hé
try co ché single sign-on, cho phép cdc user chi can chimg thyc mot lan duy nhat khi
ling nhap vao domain va cé thé truy cp tat cd nhimg tai nguyén va dich vy chia sé cia
+hé théng voi nhimg quyén han hgp 1é.
‘Voi nhimg dich vy va tign ich cua minh, Active Directory da lam gidm nhe cong
vige quan ly va nang cao higu qua hoat dng, nhimg cong vige ma hdu nhu khong thé
thyc hién duge trén mt hé théng mang ngang hing, phan tan thi gid day ching ta c6
thé tién han mot cach dé dang théng qua mé hinh quan ly tap trung nhu dua ra
cdc chinh sch chung cho toan bé hé théng nhung dong théi cé thé uy quyén quan tri dé
phan chia kha nang quan ly trong mOt m6i traéng rong Ién.
2. Nhing Thanh Phan Chinh Cia Hé Thing Active Directory
User : la cdc tai khoan ngudi ding, khi cai dat Active Directory sé c6
khoan built-in duge tgo ra nhu Administrator la ngitoi c6 toan quyén quan trj hé thong,
backup operator la nhém va ngudi ding cé kha nang backup va restore dit ligu ciia hg
théng ma khOng cn nhimg quyén han hop Ié di voi nbimg dtr ligu nay. Tuy nhién dé
cdc nhan vién trong m6t to chite cé thé sir dung tai nguyén va dang nh§p (log-in) vao
domain thi nguéi quan tri can phai tao nhing tai khoan hgp Ié, va cap phat cho ngudi str
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin - DHSPHN 5
Active Directory Mang may tinh
dung. Cac user sé ding nhimg tai khoan duge c4p boi administrator dé log-in va
domain. Va truy cap dit ligu trén file server hay céc dich vu khic.
Group: la m9t tap hop cia nhiing ngitoi ding e6 nhimg dic tinh chung, vi dy cée
nhan vién eua m6t phong ban sale c6 quyén truy cp len folder sales trén file server
hode ching ta muén cde nhan vign eiia cOng ty déu e6 quyén in d6i véi laser printer,
ching ta nén tao group printing va gan quyén in trén laser printer sau dé add tat ca cdc
nhan vién cia cng ty vao group printing nay thay vi gan quyén in cho timg user riéng
IS sé khéng hiéu qua (cdc ban can chit y str dung group Domain User cho nhiing thao
tac chung, mac dinh tat ca cdc user duge tao ra déu thudc group nay).
OU (organization unit): 1a nhimg don vj t6 chtte, khi thiét ké mot domain thi
ching ta khdo sat hg théng c6 bao nhiéu don vi t8 chire nhur e6 bao nhiéu phong ban, b>
phan. Dya trén két qua khao sat nay sé tao nhimg OU tuong img véi chite nang, vj tri
nhu phang ban Sales sé cé mt OU Sales va trong OU nay chtra group sales, group
sales sé bao gém tat cd nhimg thanh vién cia phong ban sale, va nhimg user nay cing
duge dit trong OU Sales cing véi group sales. Nhu vay ching ta can phai phan biét r6
group sales va OU Sales, gitta ching cé nhimg khac biét co ban la OU duge ding dé
quan tri vé mit chinh sach nhu ching ta muén tat ca cde nhan vién thuéc phong ban
sales trong méi trudng tht duge cai dat tyr déng MS OfficeXP hay update nhimg ban va
nao khi ding nhp hé théng thi ching ta phai twong tac qua OU. Nhung 16 ring ching
ta khong thé quan ly vé quyén han truy cp cia cdc user nay bing OU, chinh vi vay
chiing ta edn phai tgo ra cée group vi gn quyén théng qua nhimg group nay. Bé la
nhimg khac bigt co ban nht ma ching ta can phan bigt
3, Schema Master
Active Directory khdng thy sy ld m6t thir gi ngoai co sé dit ligu, cing giéng nh
co sé dit ligu khic, Active Directory c6 mét gidn 46. Tuy nhién Iai khOng ging nhu cde
co sé dit ligu khdc, giin dé cita Active Directory khéng phai gian dé tinh. Cé mot s
hoat dng can thiét mé rong gidn 46. Vi du, vige cai dat Exchange Server can giti
Active Directory dé duge mé rong. Bat ky théi diém nao dién ra sy thay di gian 8
Active Directory thi nhitng thay d6i dé ciing duge 4p dung cho Schema Master.
Schema Master li mét thinh phan rét quan trong ciia cae FSMO role, vi vay
Microsoft dé An né khéng cho nhin thdy. Néu cin phai tim may chi ndo dang cdu hinh
Schema Master role thi ta phai dua dia CD cai Windows Server 2003 va kich dup vao
file ADMINPAK.MSI trong thu myc 1386. Khi thyc hign diéu dé, Windows sé khéi
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin - DHSPHN 6
Active Directory Mang may tinh
chay Administration Tools Pack Setup Wizard. Theo cita s6 wizard dé cai dat g6i cae
céng cy quan tri
Khi qué trinh cai dat duge hoan tit, ta dong Setup wizard va mé Microsoft
Management Console bang cach nhap vao dong Iinh MMC trong cia sé I@nh RUN. Khi
ctta s6 duge mé, chon Add/Remove tit menu File. Sau khi chon xong, ctta sé sé hién tl
trang thudc tinh cia thinh phan Add/Remove. Kich chudt vao nit Add dé xuat hign mgt
danh sach ¢6 sin cae mé dun, Chon mé dun Active Directory Schema trong danh sich
va kich vao nit Add, sau d6 nhdn Close va nit OK.
Bay gid m6 dun da duge tai ra, kich chudt phai vao Active Directory Schema va
chon Operations Master tit menu chudt phai. Mét hp thoai sé xuat hign, hop thoai nay
thong bao cho ta biét ring may chit nio dang cdu hinh véi tur cach la Schema Master
ctia forest.
3.1 Domain Naming Master
Mét rimg Active Directory 6 thé gdm nhiéu mign. Vige kiém tra céc mién nay [a
céng vige cia Domain Naming Master. Néu Domain Naming Master bj Idi thi né khong
thé tao va g6 bé cdc mién cho t6i khi Domain Naming Master quay tré lai trye tuyén,
Dé xac dinh may chit nio dang hoat dng nhu Domain Naming Master cho mot
forest, m6 Active Directory Domains and Trusts, khi cita s6 nay duge m6, kich chugt
phai vio Active Directory Domains and Trusts va chon Operations Masters. Sau khi
chon xong, Windows sé hién thi Domain Naming master.
3.2 Relative Identifier (B9 nhfn dang quan hg)
Active Directory cho phép quan tri vién tao cdc déi tung Active Directory trén
bat ky b6 diéu khién mién nao. Moi mét déi tugng phai cé mét sé higu nhgn dang quan
hé duy nhat 4é ngn ch§n cdc b nhan dang quan hé khoi bj gidng nhau, Relative
Identifier Master chi dinh m6t nhém b6 nhan dang quan hé cho méi mét diéu khié
mién, Khi mét déi tugng méi duge tao trong m6t mién, b6 digu khién mién ma 461
tugng dang tao sé lay mét trong nhing b6 nh4n dang quan hé cia n6 ra khoi nhom va
gan cho d6i tugng. Khi m6t nhom duge khai thac hét thi b6 diéu khién mién phai lién
ae v6i Relative Identifier Master dé c6 thém bé nhan dang quan hé. Nhu vay, trigu
chimg cudi ciing ciia Relative Identifier Master 16i la hoan toan bat lye trong viée tao
cae dOi tugng trong Active Directory.
é xe dinh may chi nao dang thyc hign nhur bo nhgn dang quan hé cho mot
mién, hay mé Active Directory Users and Computers. Khi cita sé nay duge mé, kich
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin - DHSPHN 7
Active Directory Mang may tinh
chudt phai vao danh séch mién hign hinh va chon Operations Masters. Windows sé
hién thj trang thuge tinh ciia Operations Masters. Trong ctta s6 nay ta c6 thé chon bd
diéu khién min nao dang thy hign nhu bé nhan dang quan hg bang cach quan sat 6 tab
RID cia trang thude tinh.
3.3 Primary Domain Controller Emulator
Role cia PDC emulator duge tao dé cho phép cac b6 diéu khién mién Active
Directory ciing t6n tai véi cae b6 diéu khién mien Windows NT. ¥ twang co ban 6 day
1a Khi mt t6 chite dang néng cap tir Windows NT lén Windows 2000 hoe Windows
Server 2003 thi PDC la b§ diéu khién mién dau tién durge nang cdp. O diém nay, bd
diéu khién mién duge nang cap gin day hoat déng nhur mot b6 diéu khién mién Active
Directory va mét PDC cho cae b6 diéu khién mién van dang chay Windows NT.
Role cia PDC emulator ngay nay cang khéng lién quan nhiéu hon boi vi rat it cdc
16 chite sir dung Windows NT Server. chi dinh may chit nao trong mi
cu hinh role ctia PDC Emulator dit cho ta o6 thé thye hign dieu dé bang céch ma
Active Directory Users and Computers. Khi ctta sé nay duge mé, kich chudt phai vao
mién hign hanh va chon Operations Masti ién thj trang thut tinh cia
Operations Masters. Cé thé xac dinh b@ diéu khién mién nao dang hanh dng nhu PDC
Emulator bang cach quan sat tai tab PDC cia trang thuéc tinh.
3.4 Infrastructure Master
Trong mdi trung Active Directory, mt forest 6 thé gdm nhigu mién. Cac mi
Actiye Directory khong hod toan ma cdc thye thé dée lap ma chiing 40i Kai phai
truyén théng véi phan cdn lai cia forest. Day chinh 1a noi ma Infrastructure Master dién
ra. Khi tao, thay d6i hoge xéa mot d6i tugng bén trong mot mién, su thay déi sé duge
truyén mét céch ty nbién xuyén sudt mién, Van dé la phan cdn lai cia forest khdng biét
dén sy thay d6i nay. Day chinh la cOng vige ciia Infrastructure Master, lim thé nio dé
cho phan cén Iai ctia forest biét durge 6 su thay d6i
Néu may chii Infrastructure Master bj 16i thi cdc thay d4i d6i tugng sé khdng thé
nhin thay trong duéng bién mién. Vi dy, néu da dat Igi tén cho m6t tai khoan ngudi
diing thi tai khoan ngudi ding van sé xudt hign véi tén cil khi duge xem tir cde mién
khdc trong forest,
Dé xc dinh may chi nao dang thye hign véi tu cdch Infrastructure Master cho
mot mién, mé Active Directory Users and Computers. Khi cira sé nay duge mé, ta kich
chu9t phai vao danh séch mién hign hinh va chon Operations Masters, Windows sé
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin - DHSPHN 8
Active Directory Mang may tinh
hién thi trang thudc tinh ctia Operations Masters. Ta cé thé xac dinh duge b6 diéu khién
mién nao dang thyc hign véi tu cach Operations Master bing cach nhin vao tab
Infrastructure cia trang thude tinh.
4, Cau trie.
Khong cé cong cy quan tri nao duge sir dung dé quan ly Active Directory c6 thé
cho xem duge to’n b6 co s6 dit liu ciia Active Directory. Thay vi d6, Microsoft da
cung ng cu hac nhau tong tmg voi mét linh vue cu thé cita co sé dit
ligu. Véi mét quan trj vién, cong cu quin trj c6 thé str dyng thuéng la Active Directory
Users and Computers console.
C6 thé truy cap Active Directory Users and Computers console tir b6 diéu khién
mién ctia Windows Server 2003 bang cach chon A¢ Directory Users and
Computers tir menu Start / All Programs / Administrative Tools ciia may chi. Giao
dign cia n6é duge thé hign nhu nhiing gi ta thay trong hinh 1.
1 Caroresncarrmcee
18 Ghee
iB ret ence cary wae
18 Gh aeet Exchange Span os
8 Games cots
& esesnos
5 om
ues
sb J oils 1
I = E
Hinh 1;Giao dién Active Directory Users and Computers la m6t céng cy
quan trj chinh cho vige quan ly cdc déi tung Active Directory.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin - DHSPHN 9
Active Directory Mang may tinh
‘Néu nhin vao hinh thi ta sé thay duge rang & day c6 mt sé thu muc Ién, méi mét
thu myc nay tuong tmg voi m6t loai d6i tong cu thé. Méi déi trong trong Active
Directory déu duge gan mét kiéu di tugng (duge biét dén nhur la lop Adi tugng).
MGi d6i tugng ciing cé mét sé thudc tinh lién quan. Cac thude tinh cy thé thay
d6i phy thugc vao kiéu doi tugng.
Vi dy, thu mye Users chita cdc tai khodn ngudi ding, tét cd duge phan loai thinh
cae d6i tugng ngudi ding nhu trong hinh 2. Néu kich chu6t phai vao m6t trong cdc déi
tugng ngudi dimg nay va chon Properties tir menu chu6t phai thi ta sé thy duge trang
thude tinh cita d6i tong (nhu trong hinh 3).
LO stent ere
@5 (0/0): |x eO8 @ oravaa
(ep meow recor as Scones arwrinarece |i eDeSS
2 Giseedccns
sre
be
a
a
secon Gop. ML)
m
I f
Hinh 2: Thu mye Users chita cdc tii khoan ngudi ding,
tat ca duge phan loai thanh cdc déi tugng ngudi ding.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 10
Active Directory Mang may tinh
Bix
Published Catiietes | MenberOF | Diakn | Obst | Seoul |
Envonment | Serscrs | Remote conto | Teminel Sevces rfl] COM!
Exchange oneal | E mol Aches
EschangsFestsss | Exchangs Advanced
fered | Adiens | Account | Phot | Telephones | Chgerzation
a
Fltst mere Coos] nits:
Lastname:
Digplay ame Conor
Deseo:
Office:
phone nunisar ther
PontosoiSerodvetion com
Othe.
cot fa [He
Hinh 3: Khi kich chudt phai vao mt d6i tung nguéi ding va chon
Properties thi ta sé thay trang thudc tinh ciia ngudi ding
Néu nhin vao hinh 3 thi sé thay rang co m6t s6 truong théng tin khac nhau nhu
tén, hg, s6 dign thoai... Mdi trudng do tuong (mg voi mét thudc tinh ciia mot déi tugng.
Mac di phin Ién cdc truéng 6 trong hinh déu khong phé bién nhung trong mét sé tinh
ig thyc thi cdc truéng nay 6 thé duge sit dung dé tao thu muc cng tac. Trong thye
18, nhigu tng dung duge thiét ké dé trich théng tin truc tiép tir Active Directory. Vi du,
Microsoft Exchange Server (sin phan e-mail server cia Microsoft) tao mt danh sch
dia chi toan cue dya trén n6i dung ciia Active Directory. Danh sach nay duge sir dung
khi giti cdc thong bo email dén ngudi ding khac trong cong ty.
_ Néunhin vio hinh 4, sé thay duge mt man hinh, trong dé da thy hién m6t tim
kiém véi tén Hershey, va Outlook da tra toan bG danh séch dia chi toin cyc Global
Address List gbm e6 tén Hershey. Néu nhin vao phan két qui cia eita sé thi sé thay
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin- DHSPHN-—11
Active Directory Mang may tinh
duge noi ma Outlook hién thj tiéu 48 cua ngudi ding, sé dign thoai doanh nghiép va vi
tri ma trrng 46 duge phé bién. Tat ca théng tin nay déu duge lay tir Active Directory.
Select Names: Search Results - Global Address List le
Search: ©)Nameonly @ More columns Address Book
]) Search Resuis Global address ~| Advanced Find
Business Prone. Lecatiol
Hinh 4
‘Néu muén thay cdc théng tin chi tiét hon vé nguéi ding, hay kich chudt phai vao
tén ciia ngudi ding va chon Properties.Khi dé ctta so nhu hinh 5 sé duge hién thi, Day
khdng phai la m@t man hinh quan tr]. Don gian day chi i mOt man hinh ma bat ky
nguéi ding nao trong céng ty cling c6 thé truy cp tryc tiép thong qua Outlook 2007 dé
tim thong tin vé cde nhan vién khdc.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 12
Active Directory Mang may tinh
Heise Posey =a es
Gere |Grgesatin | Phonepiies | Merber GF [Eel Adress
Name
Fist: Hershey Initials; Last: Posey
a resahey Posey os: fees
| Address: fr «Tite:
| company
ot Deparent
| se fe:
mo cade: seston:
| courryResen vee:
|| (Goatees
[2 Coo) Ces)
Hinh 5: Xem théng tin Active Directory tryc tiép théng qua Microsoft Outlook
Xét cho ciing thi Outlook la mot sin phim eiia Microsoft, vi vay n6 chi tao mot
cam gidc ring Outlook sé cé thé lay théng tin tir Active Directory, mét phan cia mét
sin pham khdc cita Microsoft. Tuy nhién cé rat nhiéu ngudi khong nhén ra mét diéu, d6
la kha dé dng cho bat cit ai c6 sy cho phép thich hgp dé lay théng tin tir Active
Directory. Thue té, c6 rat nhiéu san pham cua nhém thir ba duge thiét ké dé tuong tac
Gi Active Directory. Mt trong s6 ching c6 kha nang luu dit ligu trong cae phan
Active Directory dic biét.
Active Directory duge dya trén mt chudn da biét. Active Directory duge dya
trén mét chuan cé tén goi 1a X.500. Chuan nay co ban li m6t cach chung chung trong
vige thy hign dich vu thu myc. Microsoft khong chi li mt cdng ty tao dich vy thu mye
dya trén dich vy nay mi Novell ban dau eiing da tao dich vy th myc NetWare
Directory Service trén chudn nay.
Day ciing 1a m6t cdch trong viée truy cap vao théng tin dich vy thu muc. Trong
méi trudng Active Directory, vige truy cp théng tin thu myc lién quan dén viée sir
dung Lightweight Directory Access Protocol (LDAP). Giao thite LDAP chay trén phin
dinh cita giao thite TCP/IP.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_— 13
Active Directory Mang may tinh
Giao thie LDAP li bat ett tén nio duge dit cing déu phai duge phan biét, béi vi
khong cé gi la it quan trong vé né (né quan trong hon giao thite truy c4p thu mye géc,
giao thire khéng duge thiét ké dé tan dung ngan xép giao thire TCP/IP).
5. Tén
M6i déi tugng trong Active Directory déu duge quy vao mot tén phan bigt
(thudng duge viét tat la DN). Tén phin biét duge dya trén vj tri cia d6i trong bén trong
c. Cé nhiéu thinh phan khdc nhau trong tén phan biét nhung mét s6 ca
chung 1a mot tén chung (durge viét tit 1& CN) va mot mign tén (viét tit 1a DC). Vi du,
cho rng mién Contoso.com gdm cé mét tai khoan cé tén 1a Userl va tai khoan nay
duge dinh vj trong thir myc Users. Trong truéng hop nhu vay, tén phan biét cia tai
khodn ngudi ding sé li:
Cc
=Userl, C
isers, DC=Contoso, DC=com
Cée tén phan biét khong duy nhat c6 trong Active Directory. Microsoft da xay
dyng Active Directory dé loi dung cde chuan cong nghigp duge sit dung boi nhiéu cong
ty khée nhu Novell va IBM. Khi nghién citu vé chung, ta khéng chi c6 duge sy chuan bi
t6t hon cho vige quan ly Active Director ma cn c6 duge mot mite than thign nhat dinh
néu nhu da timg duge yéu cau lam vige voi hé diéu hanh mang khéng phai cia
Microsoft
5.1 Cae nguyén tic dit tén co ban
Céc tén phan bigt véi nhau nbé thuge tinh, cde thude tinh nay duge gan gid tr.
M6i m6t tén phan biét thung gom co nhieu cdp gid tri thudc tinh, vi dy.
CN=Userl, CN=Users, DC=Contoso, DC=com
Tén duge tgo thanh tir 4 cp thuge tinh/ gid trj khac nhau, méi mt cp duge phan
bigt voi nhau bing dau phay. Cp thuge tinh/ gia tr] thir nhit la CN-USERI. Trong cp
nay, CN (viét tit cho Common Name) la thugc tinh va Userl la gid tri. C4c thugc tinh
va gid tr] ludn luén phan biét véi nhau boi dau bing (=), cdn cdc c&p thude tinh’ gid tri
duge phan biét voi nhau bang dau phy (,).
5.2 Cac tén phan biét
Khi ta xem tén CN=Userl, CN=Users, DC=Contoso, DC=com, moi thir tré thin
16 ring ngay lap tite. Néu quan sat ky hon tén phan bigt nay cé thé nhfn ra ring né 1a h¢
cé thir bac. Trong truéng hgp riéng nay, DC=com thé hign mite cao cia thir bic.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN—14
Active Directory Mang may tinh
DC=Contoso thé hign mite thit hai. Cé thé ndi ring COM va Contoso la cdc mién béi vi
ca hai sir dung thuge tinh DC. Thir bac mién ‘nhai Igi’ thir bac mign duge sir dung boi
cae may chit DNS
phai hiéu thar bac tén nay lam vige nhu thé nao vi hai ly do. Thir nhat, hiéu thr bac,
c6 thé biét chinh xéc noi mgt d6i tugng cy thé duge dinh vj bén trong thu mye. Ly do
khdc 1a hiéu duge ban chat eta thir bac thu muc vi d6i khi cde dung tat s8 duge sit
dung dé thay cho tén day du.
CN=Userl, CN=Users, DC=Contoso, DC=com. Tén phan bigt nay duge gin cho
méi mot tai khodn ngudi ding (chinh xe hon la mt déi tugng ngudi dig) 6 tén
Userl. Phan con lai trong tén cho chung ta biét vj tri ctia d6i trong trong thir bac thir
mue.
Néu ta dang c6 noi voi mot ai do vé van dé nay thi co thé tinh co dé cap dén nd
nhu User. D6i khi LDAP ciing thye hién tong ty nhu vay. Diéu nay hoin toan cé thé
viné khong can thiét phai cung cp thong tin ve vj tri ciia d6i tung trong thir bac néu
vj tri da duge biét.
Vi du, néu dang thye hign mot s6 hogt déng trén cdc déi tugng ngudi ding duge
dat trong thu myc Users trong mién Contoso.com thi c6 thy sy cdn thiét dé tuyén bé ro
ring ring cde d6i tung déu duge dt trong Users cia mién Contoso.com hay khong?
Trong tinh hudng nay ciing nhu vay, tén phan biét thuong duge thay thé boi
Relative Display Name (viet tt li RDN). Trong truéng hgp -Userl, CN=Users,
DC=Contoso, DC=com, thi RDN la CN=Userl. RDN luén luén duge phan biét cita b6
nhfn dang ré rang nhat. Né li cp gid tri/ thudc tinh bén tréi nhat trong tén phan biét.
Phan khac cia tén phan biét cing dugc biét dén nhu tén cha. Trong truéng hop dién
hinh nay, tén cha sé 1a CN=Users, DC=Contoso, DC=com.
Cac tén cia Microsoft thién vé dya vao container va mién,n6 chiéu theo RFC
2253 dé thiét lap cdc nguyén tic cho tén riéng big
5.3 Cae ki ty die bigt trong tn
___MOt sé ki ty dic bigt gdm cé dau cOng, dau 1én hon, nhé hon, s6, dau trich din va
dau x6 nguge - back slash (\). Ta chi tap trung vao gidi thigu cho céc ta dau back slash
Dau nay cho phép ta dua ra m@t lgnh LDAP dé bé qua ki ty theo sau, Biéu nay cho
phép luu cdc ki ty bj cdm trong thu muc.
Dé 16 hon né duge sit dung nhu thé nao, ching ta hay xem xét m6t tén day du duge
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_—15
Active Directory Mang may tinh
biéu dién véi tén va ho céch nhau bang dau phay. Tuy nhién LDAP khéng cho phép ta
sit dung lénh CN=Smith, John vi dau phay duge str dung béi LDAP dé phan bigt cae
cp thudc tinh/ gid tri. Néu muén luu gid tri Smith, John trong thu muc, ta co thé thyc
hign bang céc tao m6t dau back slash nhu dusi day:
CN=Smith\, John
Trong lénh 6 trén, dau back slash lam cho LDAP phai coi dau phay 1a dit ligu chit
h ai 1a mo cita cit pha h. Caich khde dé thuc hién dieu nay la ding
dau trich din, Moi thir bén trong dau trich dan déu duge coi nhur dat ligu.
Co mot quy te de bigt véi vige siz dung dau back slash bén trong eée déu trich
ip dit LDAP bé qua cdc dau back slash
an gop mét dau back slash vao phan dit ligu thi don gian ta
chi cdn str dung hai dau back slash thay cho mét dau. Céc truémg hop su dung dau back
slash gitta dau trich dan duge xem nhu khéng hop Ig.
6. Directory Users va Computers console
Windows Server 2003 c6 mot s6 céng cu khae durge str dung cho vige quan ly
. Céng cy quan ly AD nay cho phép six dung hau hét ede nhigm vu quan ly hang
ngiy dé la Directory Users vi Computers console. Nhu tén cia n6, cdng cy nay duge sir
dung 4é tao, quan ly va xda cc tai khodn ngudi ding va may tinh.
Ta cé thé truy cap vao céng cy nay bing cach kich chudt vao nut Start cia may
cht va tr menu Start tim dén All Programs / Administrative Tools. Ty chon Active
Directory Users and Computers & gan phia trén cua menu Administrative Tools. Chi cé
cdc b9 diéu khién mién méi cé tiy chon nay, vi vay néu khong quan sét thay Ignh
Active Directory Users and Computers thi phai dang nhp vao b6 diéu khién mién,
Ta phai cha y, menu Administrative Tools gm cé mOt c&p céng cy AD khée:
Active Directory Domains and Trusts va Active Directory Sites and Services.
Khi mo muc Active Directory Users and Computers, sé thay xuat hign m6t man
hinh giéng nhu hinh 6 duéi day. Ta cé thé xem Iai tir cdc phan trudc trong loat bai nay,
AD cé forest, forest nay gdm c6 mot hoc nhiéu mién. Mic dit forest thé hién toan b6
AD nhung bang diéu khién Active Directory Users and Computers khéng cho phép lam
vigc vi AD 6 mitc forest. Giao dign nay chi la mét céng cu mite mién. Thye té, neu
nhin vao hinh 6 sé thay production.com duge dénh dau. Production.com la mét mién
trén mang. Tat ca cée myc khac duge ligt ké bén duéi déu 1a déi tugng cia mién AD
cho timg mién.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_— 16.
Active Directory Mang may tinh
(Go ken ter eh tb
+7 38 ef OS @ wearer
of he oar aor cr eT |
ij
© ch sesaares
a ,
E F iF
Hinh 6: Giao dign Active Directory Users and Computers cho phép quan ly cdc mién
riéng lé
Ta cé thé thay rang production.com li mét trong cdc mién trén mang va khong co
mién nao khéc duge ligt ké trong hinh 6. Diéu dé IA vi Active Directory Users and
Computers chi ligt ké mt mién tai mét thai diém dé gitt cho giao dign tréng gon gang.
Mién duge liét ké trong giao dign tuong tmg véi bé diéu khién ma ta da ding
nhap. Vi du, ta di ding nh§p vao mét trong cdc bé digu khién mién dé 1a
production.com, vi vay Active Directory Users and Computers sé két néi dén mién
production.com.
Van dé 6 day la cde mién dé thuong bj phn tin vé mat dia ly. Vi dy, trong cdng
ty én phai c6 cde min khée nhau cho moi vin phong clia cng ty. Néu lie nay ta dang
6 Miami, Florida va mién khde eiia céng ty hign dign cho mot van phong tai Las Vegas,
Nevada thi né sé khong phai di chuyén m6t quang duéng ln doe toan nue My mdi
Khi ta cin quan ly mién Las Vegas.
Mic dit Active Directory Users and Computers mie dinh hién thj mién o6 lign
quan dén b6 digu khién mign ma ta da dang nhap, nhung van ¢6 thé su dung giao di
nay dé hién thj bat ky mién nao ma ta ¢6 quyén thao téc voi chiing. Tat ca nhiing gi
phai lim Ide nay 1a kich chudt phai vio mién dang duge hién thj, sau d6 chon Iénh
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN— 17
Active Directory Mang may tinh
Connect to Domain tir menu chuét phai. Khi thyc hién nhu vay sé cé m6t man hinh
duge hién thi, man hinh nay cho phép danh vao d6 tén mién ma ta mu6n két ndi hodc
kich vao nut Browse va duyét mién,
Khi mét mién duge dat 6 xa thi ta cé thé rat khé dé ding nhap tryc tiép vao b6
digu khién mign, Vi dy, trong mét s6 van phong, trong dé céc bd diéu khién mién duge
dit trong cae téa nha rigng bigt hoac kh6ng cé diéu kign thudn Igi cho ta ding nhap vao
bé diéu khién mién dé thyc hign céng viée bao tri hang ngay.
Tuy nhién ta khéng can phai ding nh§p vao bé diéu khién mién dé truy cp vao
giao dign Active Directory Users and Computers mi chi cdn dang nhap vao bd diéu
khién mién dé truy cp vao giao dign Active Directory Users and Computers tir menu
Administrative Tools. Ta cé thé truy cp giao dign ny voi tu cach may chu thinh vién
bing cach nap mot cch thi eng né vio Microsoft Management Console.
Dé thyc hign diéu d6, ta nhap I¢nh MMC vio ctta sé Iénh RUN cita may chit. Khi
thyc hign xong may chit s€ mé m6t Microsoft Management Console trong. Tiép theo 46
ta chon Iénh Add / Remove Snap-In tir menu File cia giao dign diéu khién. Windows
Tac nay sé mé evra sé thude tinh cla Add / Remove Snap-In, Kich nut Add trén tab
Standalone trong cita sé thudc tinh, sé thdy mt danh sdch cde snap-in cé sin. Chon tly
chon Active Directory Users and Computers tir danh sich snap-in dé va kich Add,
tiép theo dé li Close va OK. Giao dign diéu khién lie nay sé duge nap.
Trong m6t sé truéng hop load giao dién theo cach nay cé thé gay ra
xudt hign Idi va giao dign khong cho phép quan ly mién sau khi kich chudt phai trén
muc Active Directory Users and Computers va chon Ignh Connect to Domain
Controller tir menu chu6t phai. Lie nay ta c6 thé két ndi giao dign digu khién dén mot
b6 diu khién mién nio 46 ma khéng cn ding nhp vio b6 diéu khién mién 46. Bing
cach dé ta sé c6 thé quan ly duge mién ging nhu trong giao dign diéu khién cita b6
digu khién mién,
Kj thugt d6 lam vige sé rit tha vi néu ta c6 mét may chi , nhung digu gi sé xay ra
néu méy tram lm vige dang str dung Windows Vista, va tat cd may cha déu nam bén
phia bén kia cia toa nha.
M6t trong nhimg giai phap don gian nhat dé gidi quyét van dé nay do Ia thiét lap
mt phién RDP cho mét trong nhiing may chi. RDP la giao thie may tram tir xa
(Remote Desktop Protocol). Giao thtte nay sé cho phép digu khién tir xa cde may chit
trong t6 chitc. Trong méi truéng Windows Server 2003 ta ¢6 thé kich hogt mét phién tir
xa bing cach kich chudt phai vao My Computer va chon Iénh Properties tir menu chudt
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_— 18
Active Directory Mang may tinh
phai. Khi dé ta sé thay duoc cita sé thudc tinh cita hé théng. Vao tab Remote va chon
h6p kiém Enable Remote Desktop on this Computer (xem hinh 7).
Gene =| ConpatarNam =| Hadas
Advwoed — | Autor Updates pie
a Sill the aye thal econ ca Se ued om anche
locaton
Remote Assistance
TunonBisnel Arsstance ard lon inetaons tobe sek mths
comnts
Leon mote about Remote Assistance.
zal
“Fleet Desktop
I Enable Remote Desktop on this computer
Important To alow arses to cone reratele tothe compute, chek
Select erate ers.
Full comauter nar:
serfnel aroducion con
Leom mote abou Femete Deskin
Select Femote Users.
aK Canoe Be
‘iu hinh m6t may cha dé hé trg cac két ndi may tram ti xa (Remote Desktop)
Hinh 7:
Dé két ndi dén may chu tir may Windows Vista,chon lénh Remote Desktop
Connection tit menu All Programs / Accessories. Khi thyc hién xong, ta sé thay man
hinh xuat hign nhu man hinh thé hign duéi hinh C. Luc nay hay nhap vao tén may chi
ctia ta va kich nat Connect dé thiét lap mt phién diéu khién xa.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_— 19
Active Directory Mang may tinh
Gs Remote Desktop Connection
Hinh 8: Co thé két néi dén mét may chi tir xa dé ding hon bang Windows Vista
7. Tgo mét tai khodn ngwdi ding (User Account)
MOt trong nhiing str dung thay nhiéu nbat 6 Active Directory Users trong
Computers console la tg0 ac tai khoan nguéi ding méi, Dé thye hign digu 46, ta mo
mye tuong img véi mién chira ngudi ding, chon myc Users. Sau khi thye hign nhu vay,
mot panel chi tiét cita giao dign sé hién thj t4t ca t4i khodin ngudi ding dang tn tai
trong mién (nhu trong hinh 9).
c
Hinh 9: Chon mye Users, giao dién digu ign sé hién thi
tat cd cdc tai khoan nguéi dimg trong mién
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 20
Active Directory Mang may tinh
Bay gid kich chugt phai vio myc Users va chon New. Khi dé ta sé thay duge cée
kiéu d6i tugng.
tugng khac hon la cdc déi tugng
ngudi ding trong myc Users. Vi truéng hgp bai nay dua ra, ta chon Ignh Users tir cdc
menu con, Khi do sé thay mt h6p thoai xuat hign nhu trong hinh 10.
Go ceste mtcineotis
Ere name: PO tic:
Lestname
Fullname.
Urerogon name:
[@produaion cam =
Ussr logon name (preWincowe 2000)
[Rooucrow,
Hinh 10: H6p thoai New Object — User cho phép tao tai khoan nguéi ding méi
su cau nhap vao mét sé
nay hoi nbiéu thir khéc nhu tén va ho,
nhung vé m§t ky thugt thi né khéng can thiét lim. Phan théng tin can thi
phai cung cap dé 1a tén dang nhap cia ngudi ding, ta nén dién day du thong tin vao cae
trudng nay, vi tai khoan ngudi ding khéng hon gi mét déi tung sé ctr tru bén trong
Active Directory. Céc thinh phan nhu tén va ho la thude tinh cia d6i tuong ngudi ding
mi ta dang tgo. Cang nhiéu théng tin vé thude tinh thi céc théng tin dug Iuu bén trong
Active Directory sé cing tré Ién hitu dung. Xét cho ciing, Active Directory 1a mi
dir ligu ma ta cé thé truy van théng tin. Trong thyc té, nhiéu img dung lam viéc bing
céch trich rit ede thuge tinh khdc nhau tit Active Directory. Khi da dién day céc truéng
nay, kich niit Next, khi dé ta sé thy man hinh tiép theo xuat hign nhu trong hinh 11
dudi day,
Nhu nhiing gi thay trong hinh, Windows ban dau chi
thong tin co ban vé ngudi ding. Mic di ctt
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théng tin- DHSPHN-— 21
Active Directory Mang may tinh
ee eres
Pasonord
Conti passwd:
IF User must charge pacsword at nest logon
1 Useresnnet change peesvord
7 Porm neve erp
T Ace s dsabled
«Mace Hee Canes
Hinh 11: Can phai gan mat khai cho tai khoan méi
Vige gin mt mat khiu 14 hoan toin don gid, t4t ca nhimg gi cdn lam la dénh va
nhép lai mat mét mat khau. Mac dinh, nguoi ding thuong bj yéu cau thay d6i mat khau
cho lin ding nhap ké tiép. Tuy vay, ta cé thé trénh truéng hop nay bing cach xéa hop
kiém “User Must Change Password at Next Logon”. Ciing cé nhieu hép kiém khde cho
phép ngan chin ngudi ding thay d6i tat cd céc mat khdu ciia ho. Ta cé thé tay chon dé
thiét lap thai han v6 han cho mat khdu hoic v6 higu héa toin bé tii khoan.
Cé mét in phai Iu y 1a man hinh dé thiét lap mat khau 6 trén khong phai la
tt cd. Khi ta gan mat khau cho mét tai khoan ngudi dimg méi, mat khau nay phai tudn
theo chinh sach bao mat cia cng ty ta. Néu mat khau str dung khéng c6 cdc yéu cau
can thiét da duge dua ra béi chinh sch nhém cé thé 4p dung thi tii khoan ngudi ding
nay sé khéng duge tao.
Kich Next ta sé thay
Xée nhén tat cd cde théng tin
ngudi ding mdi sé dugc tao.
man hinh hién thi toin b@ cdc ty chon ma ta da chon.
u ding, khi dé chi can kich Finish va mét tai khoan
8. Chinh sita va bé sung cae thude tinh cia tai khodn
Active Directory gdm nhiéu thugc tinh kém theo cé lién quan dén cac tai khoan
cia ngudi ding.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 22
Active Directory Mang may tinh
mot sé thugc tinh ma ta c6 thé rat dé str dung va 6 ich. Cac thude tinh dang
cu tra ma c¢ lién quan dén théng tin lién hé co ban. Trong thyc té, m6t s6 cong ty
thuéng tao cde thu muc céng ty dya trén théng tin duge hru trong thuge tinh Active
Directory nay, n6 van la mét y tuéng tét cho vige dinh cu théng tin tai khoan nguéi
dang trong Active Directory. Vi dy, voi myc dich can khéi dng lai m6t may chu, trong
khi do mét ngudi ding van ding nhap vao tmg dung cu tri trén may chit. Neu c6 cde
thong tin lién hé cua nguéi ding duge hu trong Active Directory thi ta c6 thé tra etru sé
dign thogi cia ngudi ding mét cach dé dang va goi cho ngudi ding nay yéu cau ho
dang xuat.
_ __é truy edp vio cdc thude tinh tai khodn ngudi ding khéc nhau, don gin ta chi
cin kich chudt phai vao tdi khoan ngudi ding duge chon, sau 46 chon Properties. Sau
khi thye hién nhu vay, ta sé gdp mOt man hinh nhw trong hinh 11.
Piblihed Ceiioates | MenbsiOf | Diskin | Cbiect | Seouty
Environment | Sessicrs | Remote contol| Terminal Services Pole | COM«|
Generel | address | Account | Pris | Teleohoner | Organization
© seven
Ee name crn} rit
bed rama, Sith
Diuplay name: [John Sith
Descintion
Ogee
slephone nunizer ther
va théng tin cu hinh cho tai khoan ngudi ding.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 23
Active Directory Mang may tinh
Nhurcé thé thdy duge trén hinh, tab General c6 thé cho phép thay d6i tén ho§c tén
hign thi ciia ngudi ding, Ta ciing c6 thé dién vio (hoac thay 46i) m6t s6 trang Khdc
nhu phan mé ta, van phéng, dign thoai, email, hoc website. Néu quan tam én vige lu
trit thém cdc théng tin chi tiét hon gudi ding thi ta co the duyét qua cac tab
Address, Telephones, va Organization. Cac tab nay cé tat ca cdc truéng danh cho viée
luu trét théng tin chi tiét hon vé ngudi ding.
9. Xac lip lai mat khau ngwoi ding
Ta cé thé thay trén hinh 11 cé rat nhiéu tab khdc nhau. Hau hét cdc tab nay di
lién quan dén bao mat va cdu hinh cho tai khoan nguéi ding. M6t thanh phan ma hau
hét cde quan tri vién méi duéng nhu déu phat hign ra khi kham khé cdc tab nay dé 1a
khong cé tiy chon cho viée thiét lap lai mat khau cia ngudi ding.
Néu can phai thiét lép lai mat khdu cla nguéi ding thi ta phai dong ctta sé nay.
Sau khi thye hign diéu 46, ta kich chudt phai vao tai khoan ngudi dimg va chon Iénh
Reset Password trong menu chut phai
10. Tgo cde nhom
Trong méi truéng mién, cdc tai khoan ngudi ding [a rat cn thiét. Tai khoan
ngudi ding cho phép mét ngudi ding duge phan bigt véi cde ngudi ding khéc trén
mang, Digu nay c6 nghia la ta hoan todn c6 thé kiém tra hanh déng tre tuyén cita nguoi
ding va ciing 6 thé trao cho tai khoin ngudi ding mét tap hgp cho php, gin cho
ngudi ding m6t dia chi email duy nhat, va cé duge tat cd cdc cin thiét khac cita méi
ngudi.
Du ta quan ly m6t mang rat nhé thi ciing nén xtr ly mang nho nay nhu né 1a mot
mang Idn, bdi vi ta sé khong thé biét duge mang ctia ta sé phinh ra tr thanh m§t mang
Ién vao khi nao. Bang vige sir dung cc céng nghé quan ly tét ngay tir khi bat dau sé
gitip ta tranh duge nhimg con ac mong sau nay.
M6t nhom c6 thé gdm cé nhiéu tai khodn ngudi ding. Khi cdc thiét lap bao mat
duge gin & mire nhom thi ta sé khong bao gid nén gan cdc cho phép true tiép dén tai
Khodn ngudi ding ma thay vi d6 ta nén gan sy cho phép cho mét nhém, sau dé tao cho
ngudi ding la mét thanh vién trong cdc nhém dé,
Diéu nay cé thé gay ra mt chit phitc tap. Gia dy ring mét trong sé cdc may chi file c6
mét thu muc tén Data, va ta can phai dong y cho mét ngudi ding truy c4p (doc) thu
mye Data nay. Thay vi gan true tigp su cho phép cho ngudi dig, hay tao mét nhém.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 24
Active Directory Mang may tinh
Dé thuc hién diéu dé, ban mé Active Directory Users and Computers console.
Khi giao dign duge mé, kich chu6t phai vao myc Users, chon Ignh New | Group. Bang
cach lam nhu vay, sé thay xudt hign mét man hinh tuong ty nhu man hinh duge hién thi
trong hinh 12. Toi thiéu, ta cing phai gan tén cho mét nhom, Dé dé dang cho quan ly,
ching ta hay goi nhom nay la Data, vi nhom nay sé duge sir dung dé bao vé thy muc
Data. Lie nay, khéng quan tam vé pham vi clia nhém hoje cdc thiét lip kiéu cla nd
Cerne ee
Group
Group scope ‘croup type
© Domain local © searity
© Global © pstrbuson
© Unborsal
5
nhém ma ta dang tao
Hinh 12: Nhap vao
Kich OK, vi nhém Data sé duge bd sung vio danh sich ngudi ding nhu trong
hinh B, Luu y ring, biéu tugng cia nhom str dung hai dau ngudi, diéu dé chi thi ring né
14 mot nhém, biéu tugng mot dau ngudi duge sit dung cho tai khoan ngudi dig.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 25
Active Directory Mang may tinh
(here recary eer A canea | Se
Stseniener
@Prcenenon
Debupe wera at,
Usclnts nt en
Bis ile 4
rE rE
Hinh 13: Nhém Data duge b6é sung vao danh sach nguéi ding.
Bay gid kich dup vao nhém Data, ta sé thdy trang thuge tinh eta nhém. Chon tab
Members ciia trang thud tinh, kich nit Add. Luc nay ta hoan toan cé thé bé sung them
cdc tii khoan ngudi ding vio nhém, Céc tai khodn bé sung lA cdc thinh vién nhém. Ta
c6 thé thay nhimg gi trong tab nay théng qua hinh 13.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 26
Active Directory Mang may tinh
ri
Gena Menber |MenbarOt| Managed | Obect| Seca |
Members:
Wane ‘ative Directory Folds ]
G User production comdUsa1s
Buse broducton comets
B Used production comers
bpp
Hinh 14: Tab Members ligt ké tat cua nhém
Lic nay la théi diém dua nhom ra lam viéc. Dé thye hign diéu nay, ta kich chudt
phai vao thu myc Data, chon Iénh Properties. Khi dé ta sé thay xuat hién trang thudc
tinh cua thu myc. Vao tab Security ciia trang nay, kich nit Add. Khi duge nhac nhé, ta
nhap vao tén cia nhom da tao (Data) va kich OK. ta hoan toan cé thé thiét lap mét tap
ce cho phép (dieu khodn) d6i véi nhém, Bat er diéu khodan ndo 4p dung cho nhém
cing duge 4p dung cho cdc thanh vién cita nhom, Cé thé thay trong hinh 14, c6 mét sé
quyen duge ap dung d6i voi thu myc mét cdch mac dinh, Tét nhat nén x6a cdc quy:
nay (Users group) ra khdi danh sch diéu khién truy cap dé ng’n chin cée mau thuan
diéu khoan,
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 27
Active Directory Mang may tinh
ans [zx]
Gereral| Shaing Seuty | Web Shaing| Custoiz |
Soup oruser naros
2 Acnisitors (PRODUCTION Beniriicre)
eisvstew
Bser FRODUCTION eer)
Baamisiors fo Data la
Full Control Qa
Modity Q
Read a Enscule ag
List Folder Contents a
a
Q
a
uw
Read
wine:
For special pemiksions ot for advanced celngs. —ajyenced
chek Advenced, el
Joooooo!?
Lt
Cone | ool
Hinh 15: Nhém Data duge bo sung vao danh s
ch diéu khién truy cp cua thu myc
Sé mat rat nhiéu cng strc dé tim ra duge ngudi ding nao 44 truy cAp vao tai
nguyén? Khi cde nhom duge str dung, qua trinh nay tr nén don gian rat nhiéu, Néu ta
can biét nguéi ding nao da truy cap vao thu myc, hay xem céc nhém nao da truy cap
vao thu mye dé truée nhu trong hinh 15. Khi da xac dinh duge nhém cé thé truy cap
vao thu myc, viée tim ra ai c6 cdc quyén truy cp vao thu myc ciing don gidn nhu viée
kiém tra danh sich cdc thin vién nhém (nhu trong hinh 14). Bat cit théi diém nio
nhiing ngudi ding khac can truy ep vao thr muc, hay bé sung tén cita ho vio danh
séch thinh vién nhém. Nguge lai, ta cing cé thé xéa céc diéu khoan cho thir myc bang
cée xéa tén cia ngudi ding khéi danh sch than vién,
11, Cae nhém bao mat.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 28
Active Directory Mang may tinh
MGi mét kiéu nhém cé mét mye dich cu t
EXE
(BF cwtets erica siti
sro rie
Group nama (pre-yanente 2000),
Gro scope Sou type
© Dann ol © sonriy
& Geka © tedrbusen
© Unter
ce || (eae
Hinh 16: Windows cho phép ta tao mt s6 kigu nhém khae nhau.
Néu nhin vao h6p thoai hién thj bén trén, ta sé thay duge ving Group Scope cung
cAp mét s6 ty chon dé tao nhém domain local, global, hay universal. Ngoai ra cing cé
mot kiéu nhém ther 4 khong duge hién thi 6 day, nd duge goi mot
nhém local.
11.1 Local Group
Céc nhém local ld céc nhém riéng cho timg may tinh. Ta sé biét vé né ngay bay
gid, céc may tinh cue bd c6 thé gbm 6 nhiéu tai khodn ngudi ding ddc lap hoan toan
v6i cdc tai khoan thudc may tinh 46 duge két néi t6i. Ching duge biét dén nhu
cdc tai khodn ngudi ding cuc bé, va ching chi cé kha nang truy cp tir may tinh ma
chiing cu tri, Thém nita, ede tai khodin ngudi ding eye b6 cling chi c6 thé ton tai trén
cée may tram va trén cde may chi thanh vién, Céc b6 di
tén tai cdc ti khoan ngudi dig eye bd. Can luu y nhing vin dé dé thi ta sé khong he
ngac nhién Khi cdc nhom 46 chi don gian Ja cdc nhém riéng cho timg may chi thinh
vién hay may tram kim viéc. MOt nhém local thudng duge sir dung dé quan ly cdc t&
khoan ngudi ding cuc b6. Vi dy, nhém local Administrators cho phép ta cé thé chi rd
ngudi ding nao 1a quan trj vién trén may tinh cuc bd.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 29
Active Directory Mang may tinh
Mic di nhém local chi cé thé duge str dung dé bao dim viée cu tri ctia tai
nguyén trén may tinh cuc bd nhung diéu dé khéng cé nghia ring cdc thanh vién trong
nhém cing bj han ché d6i véi nhimg ngudi ding cyc bé nay. Trong khi dé mét nhhém
local c6 thé va thuéng gdm nhimg ngudi ding cuc b6 thi né ciing gém c6 ea cde nguei
ding trong mién, Hon nifa cde nhém local cing co thé gdm c6 ca cae hom khde cu tri,
& mite mién, Vi dy, ta c6 thé tao cho m6t nhém universal mét thanh vién cla nhém
local, cdc thinh vién cita nhom universal vé co ban sé tré thinh ede thinh vién cia
nhém local. Trong thyc té, mét nhém local ¢é thé gbm local user, domain user, domain
local group, global group va universal group.
Chi y, mt nhém local khdng thé chtra mt nhém local khdc. Ta dung nhw cém
thdy c6 thé thé m6t nhém nay vao trong mét nhom khéc, nhung khng thé lam nhur vay
voi nhém local. M6t s6 thanh vién tai Microsoft da giai thich ly do cho van dé
nay la dé ngan chin m6t tinh huéng ma 6 46 hai nhém local tré thinh cdc thanh vién
cia nhau,
M6t van dé Khic nia la cdc nhém local d6 chi cé thé gdm domain users va
domain level groups néu may tinh gdm nhém local la mét thinh vién thuge mién.
Nguge Igi, nhém local chi cé thé gm local users.
11.2 Domain Local Groups
Y tucng cita nhém domain local duéng nhu hoan toan trai nguge voi Local. Ly
do tai sao cdc nhom domain local tén tai la vi cac b6 diéu khién mién khéng c6 co so dit
ligu tai khoan cye bé. Dieu nay c6 nghia ring khéng c6 cdc thir khde nhu vay khi ngudi
ding cuc b6 hay cdc nhém local trén mét b6 digu khién mién. Tham chi cdc bd digu
khien mién cé cdc tai nguyén cuc b6 can duge quan ly. Day chinh la noi cae nhom
domain local thye hign vai tré cia no.
Khi ta cai dat Windows Server 2003 trén mét may tinh, may tinh sé duge bat dau
nhu mgt may chi d6c lp hay mét may chu thanh vién ching han. Trong ca hai trading
hop dé thi tai khodn ngudi ding cuc b6 vi nhom cue bé déu duge tao ra trong sudt qua
trinh cai dat. Bay gig’ myc dich cua ta li mudn chuyén déi m6t may vio mét b6 diéu
khién mién. Khi ta chay DCPROMO, cdc nhém local va tai khoan ngudi ding cuc b6
duge chuyén déi vio cde nhém domain local va tai khoan ngudi ding domain,
O day, tit cd cdc b6 diéu khién mién bén trong mot mién déu chia sé mot co sé
dit ligu tai khoan ngudi ding chung véi nhau. Diu dé c6 nghia 1a néu ta thém mgt
ngudi ding vio nhém domain local trén mot b6 diéu khién mién thi nguéi dimg nay sé
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 30
Active Directory Mang may tinh
14 m6t thanh vién cia nhém domain local trén moi b6 diéu khién mién trong toan b6
mien.
C4e nhom domain local 1a ¢6 hai kiéu kha nhau, Nhu ching t6i da dé cap ti,
khi DCPROMO duge chay, nhém local duge chuyén d6i thinh céc nhém domain local.
Bat ky nhém domain local nao duge tgo ra bing vie chay DCPROMO déu duge dinh
vi trong thu mye Builtin trong Active Directory Users and Computers console, xem
hinh B,
(Ge wen Yim lent
+> (cin ee @ oeavds
[Beers oct a
Seca Gog = Menta on arsed
anesthe cro
kp Oper cao.
ranbos we ove ia
‘atthe the cme a
enter con aonnier
anton nie gow we
‘soe fier
indo arson
ars xo everod on
ener othe rouse
Le ai
Hinh 17: Cac nhom domain local da tao boi DCPROMO cu tri trong Builtin container
Van dé nay khé quan trong 1a vi cé mét sé han ché ap dat trén mt s6 nhom
domain local. Cac nhém bj han ché nay khéng thé bj chuyén hoc bj xa. Hay néi céch
khdc ta khéng thé tao cho cdc nhém nay IA thanh vién cia nhém domain local khadc.
Nhiing han ché niy khong 4p dung cho cdc nhom domain local ma ta tao. Cae
nhém domain local ma ta tai sé ton tai trong muc Users. Tir dé, ta hoan toin thoai mai
chuyén hoc xéa ching mic theo ¥ thich ciia ta.
11,3 Global Groups
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 31
Active Directory Mang may tinh
Global groups 1a mét kiéu nhém dugc sir dung phé bién nhat. Trong hau hét cdc
trong hyp, nhém global don gian chi lam vige nhu mét bé suu tap céc tai khoan ngudi
ding Active Directory. Thi ma ching ta can quan tam vé cdc nhém nay Ia chiing c6 thé
duge dat bén trong nhau. Ta 6 thé tao cho nhém global mt thanh vién cia m6t nhém
global khac, mign 1a cd hai nhém nay tén tai bén trong cing mot domain.
Can phai luru y ring, céc nhém global nay chi cé thé cé tai nguyén Active
Directory. Chinh vi vay ta khong thé dinh vj mot tai khoan ngudi ding ndi bd hoae
nhém néi b6 trong nd. Me dit vay ta lai van 6 thé thém vao nhém global nay mot
nhém local. Trong thye té lim nhur vay la cach thong duge sir dung nhat di véi vige
cdp cde quyén cho ngudi ding mién dé ho cé thé thao tac véi cdc tai nguyén duge hru
trén may tinh cuc bd. Vi du, véi muc dich ta mudn cho cdc nha quan ly trong céng ty c6
duge céc quyén quan tri vién d6i véi cdc may tram ciia ho (nén nhé ring day chi li mot
vi du chit khéng phai li mt loi khuyén rin ta nén lam nhu vay). Dé thyc hign diéu 46,
ta cé thé tao m§t nhém global cé tén goi Managers va djt moi mdt tai khoan ngudi
ding min ciia ngudi ta mudn lam trong nd. Sau dé ta cé thé bé sung nhém Managers
vio nhém local Administrators ciia may tram, theo cdch dé ta da lam cho céc nha quan
ly ca ta 6 duge quyén cia quan trj vign trén cée may tram d6.
Phan 2: Cai d§t mOt may chi Domain Controller cho mét
Domain
Active Directory la dich vu hé théng quan trong bac nhat véi vai tro quan ly dit
ligu nguéi ding, may tinh, groups, va ede chinh sch eiing nhu rat nhigu théng tin khac.
Dé trién khai hé thong Active Directory chuan, tranh cdc sy ¢6 lién quan la dieu can
thiét. Sau day t6i sé trinh bay tir cdi dat 1 may chi Domain Controller cho mét Domain
t6i cai thém mot may chii DC khdc cho Domain 46, bao gém:
1. Cai dat Active Directory trén Windows Server 2003
2. Backup Active Directory
3. Cai dat thém m6t may chti Active Directory vao m6t Domain da co
4. Cai dat Multiple Domain cho mét hé thong.
a. Cai déit Active Directory trén mét Forest méi.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 32.
Active Directory Mang may tinh
b. Cai dat Active Directory trén mot domain con
5. Déi tén Domain
6. Chuyén Master cia Domain.
Dé cé thé cai dat va cau hinh lén mot hé thong nhu dusi day.
1, Cai dat Active Directory trén Windows Server 2003
1.1 Cai dit va cdu hinh DNS
Khi cai dat Active Directory trén Windows Server 2003 thi nén cai dat DNS
trude véi cde thiét lap chudn,
- Dia chi IP dat lA dia chi tinh va dia DNS la dia cia chinh may minh.
- Tao Zone trong DNS va thiét ip Dynamic Update cho Zone dé day 1a mot yéu
cau bit budc trong dé Active Directory cé kha nang ty dng Update cdc thiét ap ctia
minh vio trong DNS.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 33
Active Directory Mang may tinh
§t dia chi IP cho may chi - Static IP va DNS vao DNS cia chinh may minh.
Vao card mang thiét lap dja chi IP cho may chi v6i dja chi Static la
192.168.100.11, DNS ciing la 192.168.100.11.
i 22
Gere |
You can gat aP satunge assigned autanaticaly f your natwork suppoats
th capably, others, youneed to ach your native acminietrator
Fer the eoproprate IP stings.
(© Obtain a7 P excess automatically
© ust Baie
Potses [ee tt
Sabet masks Ee
Defauk ae: [ise cea
obta rte adreee automata
Use the Folaning ONS server edkresses!
Preferred DNS server: 192,168 100. 13
Alternate DNS server
b. Cai
§t va cdu hinh DNS
- Vao Start 4 chon Administrative Tools 4 Manage Your Server
|. _ ~ Trong cira sé Manage Your Server chon phan dau tién Add or Remove a Role
15i chon cai dit DNS nhan Next va hé théng sé yéu cau ban bé cai Windows Server
2003 ban cho dia CD hode tré duéng din téi thu muc i386 cla b6 cai la OK. Két thite
cai dat
____ ~ Tao Zone trong DNS: Vio Start a Administrative Tools a DNS sé xuat hign ctta
sé DNS. Trong phan tao Zone nay cae ban sé phai tao dang Forward Lookup Zone
Dang Primary Zone.
- Chu6t phai vio Forward Lookup zone chon New Zone
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 34
Active Directory Mang may tinh
= a
ie
Sica
Se acai
i nes cite ii
ano
.
reece
© Seunday one
Erase nyo 2 ee tet stn ater enero heptane
treprcrsg todd pinay sovesoiin faa tasees,
6 bmn
Grates cord eb Server), 5 sty
CN sty don Aeon ame couaey soba mt
seme
Zone Name
‘hat isthe name of the new zane?
‘The zone name specfies the portion of the DNS namespsce for which this server kx
authoritative, Te might be your orgarizaton's domain name folder |
Log fie flder C3
‘SYSWOL folder
“The pacawoid oft
he adhninetiatore
To change en ot
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 50
Active Directory Mang may tinh
Doi vai phuit cho dén khi hé théng thong béo hoan thanh va yéu cau khéi dng lai
1a ban da hoan tat qué trinh cai dat Active Directory trén may chi Windows Server
2003
Sie
Completing the Active Directory
Installation Wizard
ive Diectay nam ntaled ons coma Terhe 2)
(bara repens ret
[Thi domain contol: assignod to the sito
Dofault Fist Site Name. Sies are managed vith the
tive Drectoy Stes and Services adrinisative tal
To close ths wird, elek Fish
2, Backup & Restore
2.1 Céng ngh¢ NTBACKUP trong Windows Server 2003.
Backup va Restore la mét trong nhimg kién thie v6 ciing quan trong trong
dam bao hé théng hoat dng mét cach higu qua, va tranh duge nhiing sy c6 ding
xay ra. Trong Windows Server 2003 6 sir dung m6t céng cy backup dit ligu dé
ntbackup.
- NTBACKUP trong Windows Server 2003 sir dung céng nghé backup l
Shadow Copy dé backup ca nhing dir ligu dang hoat dng nhu SQL, hay dich vu
Active Directory, cac file dang chay hay cac folder bj cam truy cap.
- Nhung trong Windows cé mét quy dinh la khéng cho can thigp vio cde file hay
di ligu dang cé mét chuong trinh khdc dang hoat dng hay dang sir dung,
- Va hai diéu nay c6 nghia la ban hoan toan 6 thé backup duge Active Directory
theo mt cdch nao d6, nhung ban khong thé Restore lai duge bdi Service nay hoat dong
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théngtin- DHSPHN_— 51
Active Directory Mang may tinh
tir lac hé théng bat dau khdi dong. Microsoft da tinh toan dén tinh hudéng nay - cach
Backup va Restore dit ligu ctia Active Directory.
- Khi backup System State sé chita toan bé théng tin cua Active Directory.
2,2 Backup va Restore Active Directory trong may chii Domain Controllers.
a, Ly thuyét
- Phan trén ta da cé m6t Domain voi tén mién la: vnexperts.net c6 may chu
Domain Controller cai dich vu Active Directory li del .vnexperts.net.
__ + Step 1: Tao mét OU trong Active Directory véi ttn MCSA trong OU nay téi tao
tiép mt User Name li Hoang Tuan Dat.
- Step 2: Backup Active Directory
- Step 3: Xoa OU va User vita tao ra
- Step 4: Khdi phue Iai dit ligu Active Directory vita bj xoa.
b. Trién khai,
Step 1
- Log on vao may cht Domain Controller bang user administrator
- Vao Start 4 All Programs 4 Administrative tools 4 Active Directory Users and
Computers.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 52
Active Directory
Mang may tinh
‘Active Directory Users and Computers| wresperts.net 5 objects
Cl Saved Qustg a
OEE Daecas carly uot
(ac Fre. ns Cantata
(GID Cernerttn Donan cnt. rganatena
GIF Gemnect tedoman Conbale.,,. pete Container
(AU Raise Domain Funeticnal Lave. antes
‘Operators esters.
ee"
AlTasts conta
J yep
‘et Wow ror Hem eee
" EMO Queue As
Refresh
Export List. Printer
User
HS Shared Folder
ue
Chu6t phai vao Active Directory domain vnexperts.net chon New va
Organizational Unit (OU) véi ttn MCSA
- Vao trong OU MCSA kick chudt phai chon New User Account - dé tao mot tai
khoan User méi.
- O day ta tao User tén Hoang Tuan Dat, logon name Ia tocbatdat
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 53
Active Directory Mang may tinh
Nhan Next hé théng yéu cau g6 Password ca user méi tao ra Ia gi ta chon
Password li: Password12!
- Chit y sau khi cai dt Active Directory sé 6 mt Default Domain Security
Policy yéu cau bat ky mt user méi tao ra déu phai cé password nhé nhat la 7 ky ty va
phai phic tap. Néu ban muén chinh lai dé tao ra User mét cach don gin hon phai chinh
lai Default Domain Security Policy nay va Local Policy cia May cht Domain
Controllers.
- Cach chinh Default Domain Security Policy: Vao Starta All Programs a
Administrative tools Domain Security Policy. Trong Cita sé chinh Policy ban chon
chon Account Policies Password Policies. Tiép dén ban phai chinh hai thng sé la
Minimum Password Lengh, va Password must meet complexity Requirements (46 dai
16i thiéu va phai phite tap) nhap dup chu6t trai sé xuat hign nhu hinh duéi day ban bo
ddu Check Box — Define this policy setting — thyc hign vi ca hai thiét lap.
Foie Dan Secrty seins
Be Aten ert
23 | ola x fo om
a
Bip cern
rome nea er oe sean
B kates Eye aerech Teun
Blpscomrd rakes creleshy eaaranets Enaied
RS a sexe pasoucds ue reveatlencypton abled
eretcietiee
corareenfcearricci
a
- Vio Run g6 Gpupdate /force dé apply su thay ddi policy trong domain sau dé
ban phai chinh ca trong Local Policy cia may chi’ Domain Controller nita thi méi tao
duge User & dang Password 1a chéng (blank).
- Vao Run g6 gpedit.mse dé chinh Local Policy cho may chi Domain
Controllers. Tuong tyr chinh cdc théng sé trong Password Policy. Luu y mét digu néu
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 54
Active Directory Mang may tinh
ban chua bé dau check box trong Domain Policy thi vio Local Policy sé khong chinh
duge cdc théng sé nay.
- Chinh Minimum Password Lengh vé 0, va Disable Password must meet
complexity requirements
Local Secuty Satna | Exton Tis Seta]
ed eee oe
io pasncrd gated
ft enee
Vao Run gd Gpupdate /force la OK gi ban cé thé tao user véi password tring
Step 2— Backup Active Directory
- Vio Run gé ntbackup hé théng sé hign cita sé sau day
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 55
Active Directory Mang may tinh
Welcome to the Backup or
Restore Wizard
The étadhayouBack po etn he lead
retingr on joe comete,
yoo pte you cn svc os Mateo change be
fete x bach rece Tien camer
fosherced er oa
Stine
7 ape an pane
Tocenewe. chk Noa
Ban chon Advanced Mode (dong chit mu xanh) sé xuat hién ctta s6 Backup
Utility 4 Chon Tab Backup sé duge cita s6 nhu hinh duéi day.
- Ban muén backup Active Directory ban cn phai Backup System State. Dé y thay khi
backup System State sé bao gdm rit nhiéu théng tin: Active Directory, Boot Files,
Registry, SYSVOL..
~ Sau khi chon System State, can phai thiét lap noi chtta file Backup, 6 day ta
chon Ia uu tai 6 C: va tén file i Backup.bkf
- Nhan Start Backup dé bat dau Backup di ligu.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 56
Active Directory Mang may tinh
a
fndbet 8
eee
Khi nhan Start Backup hé thong sé bat ra cita sé nhu hinh dudi day ban chon
Start Backup dé bit dau thye hién backup.
ened oat wt
[cin oxoed TAI w3P
Fee ton
_ Cita sé hién thj qué trinh Backup dang duge thyc hién, ban di mét lit dé hé
théng hoan thinh céng viée
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 57
Active Directory Mang may tinh
aay
Vee tix
etton
Baxpiioned aaa
soc
foot Ended nna
ams [Am tee
Feat ORR
Peers stat
7s [or
Sm [ear
Ferree
Step 3 — Xoa dit ligu trong Active Directory.
Sau khi hé théng két thc vige Backup System State ban vio Active Directory
(nhu céch vao bén trén) chuét phai vio OU MCSA chon Delete, dé xoa dit ligu trong
Active Directory
‘Active Crectory Users and Computer! | NCEA 4 sbjecte
TF Gi saved Queries =e
Enea net
Pn Sia toe
mG eutes Some
computers
8 (Bl Domain Controlfers
5 Forelgnsscurtyeringpale
ry xe you sure you wank te dale this ebyact?
Step 4 — Restore Acitve Directory.
Ban khéng thé thye hign Restore dé thao tac lén cdc dit ligu dang hoat dong, gids
ta phai khéi dong lai may cht Domain Controller.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 58
Active Directory Mang may tinh
- Trong lic my tinh dang khéi dong nhan F8 dé chon cc Mode ciia hé thong
nhu céch vio Safe Mode
- Trong Menu cc Mode ta phai chon "Directory Service Restore Mode" - Ban
bat bude phai chon mode nay béi khi ban lira chon Mode nay mje dinh Service Active
Directory sé bi tat va ban cé thé thao tac bang cdc tac vu khac vao dit ligu ctla Active
Directory duge.
Khi chon khéi dong tir "Directory Service Restore Mode" hé théng sé yéu cau go
User name va Password.
- 6 trén, “cai dt Active Directory" ta c6 néi toi mOt Password Ine cai dat, dé
chinh la password dé ban ding nh§p trong khi Restore lai Active Directory,
Ermer
sername: [Adminstrator oy
Basswrd
Vio duge trong moi trusng Windows
- Run a ntbackup trong cira sé ntbackup chon tab Restore
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 59
Active Directory Mang may tinh
- Chon System State dé restore
‘come | Eatin ese snd hap Mato | sbi ate]
saan eds an anche haan tn Ai heh oa an per
TAIN AA
(1
ee—_, er a
Nhan Start Restore dé hé théng bat dau lay lai dit ligu nhu lie Backup.
- Duéi day la cita sé hg thng dang Restore gi System State
Wiser
Swiacon 354m
[intemionaTiAvaareISrr
eaaea tyme coeen
a
es,
siya 354P
Candeteeares
te ae eos
Promina Fipten Shih WORK Tzrwcoelg
Feed ae
me [Po
ome a
Sau khi hé théng Restore hoan tat sé yéu cdu khdi dong lai may tinh.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé thong tin- BHSPHN 60
Active Directory Mang may tinh
- Lan nay ban dé may tinh khéi déng vao binh thudng va cong vie cudi cing cla
ching ta 1a xem lai xem OU MCSA va User Hoang Tuan Dat xem cé con hay khong
- That may mén 1a moi thir lai nhu ci
‘Active Directory Users end Computer: | MESA 1 objects
© Ga)saved quence Ses fas
EP vnerpersnet
eo Hoang Tuan Dat Uo
FD computers
FBI Domain Contrlers
8) Di ForeignSecuntyPrindpals
Was
Gusas
3, Addtional New DC
Trong mét tinh hudng hé théng cé rat nhiéu may tinh join vao domain
vnexperts.net, khi may chit Domain Controller bi gidn doan diéu dé c6 nghia toan b6
cée dich vu vé tén mien, vé xac thye ngudi ding, va nhiéu dich vu khae sé bj gidn don.
Sau day 1d cach phong tranh sy ¢6 xay ra va dim bao hé théng luén ludn hoat dong.
3.1 Replication dir ligu trong Active Directory.
- Active Directory trén may chit Windows Server 2003 6 co ché Replications
gitta ce may chi Domain Controller véi nhau. Cho phép nhiéu may cht Domain
Controller cing quan ly chung mét dit liu Active Directory, véi dit ligu va thié
giéng nhau. Dong thei cho phép nhiéu may chi Domain Controllers hoat dong voi
quyen ngang hang nhau trong Active Directory.
- Cée may chu hoan toan cé kha nang thém dit ligu vao trong Active Directory
(nhu vige tao User méi, hay thay d6i théng tin trong Active Directory). Khi ban thay
46i dit ligu Active Directory trén m6t may chi Domain Controller thi chung sé ty dong
déng b6 hod vai toan b6 may chi Domain Controller trong hé thong mang.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé théngtin- DHSPHN_— 61
Active Directory Mang may tinh
- Nhu vay néu mt hé théng Domain néu ban cé mot may chi Domain Controller
chang may may chil nay bj gién doan trong mt thoi gian nhat dinh thi cé h@ théng sé bj
t. Khde phye van dé nay ban cai dat thém mét hay nhiéu may cha Domain
Controller nita cing quan ly dit ligu Active Directory va DNS ctia hé thong. Khi mot
trong cde may cht: Domain Controller trong hé théng phai bao tri hay gin doan mot
thoi gian thi hé thong van hoat déng binh thuong.
Sau day la cach tgo cai dt thém mt may chi Domain Controller vao Domain co
sin la vnexperts.net véi dit ligu DNS va Active Directory giéng Domain Controller dau
tién va hoat dng voi chie nang tuong duong nhau trong hé thong.
3.2 Trién khai Additions Domain Controller méi vao hé théng co sin.
- Dé may chii Domain Controller méi hoat dng véi chite nang tuong duong véi
may chi Domain Controller diu tién phai dap img:
+ Cung cp giai phap tén mién DNS cho cdc may Client
+ Cung cap xdc thye va cde dit ligu lign quan khdc t6i dit ligu Active Directory,
a, DNS trén may chi Domain Controller méi.
- May chi dau tién chita toan bé dit ligu DNS va céc thiét lap khac trén DNS. Dé
may chi thit hai nay cing c6 kha ning dap img cae yéu cdu DNS cita Client chiing ta
cn phai tgo mt ban sao bao gm dit liu DNS ging hét may chi dau tién.
- Trén Windows Server 2003 dich vu DNS cho phép tao Secondary Zone nhur mot
ban sao dit ligu DNS tir m6t Primary Zone da duge tao sin.
- Domain ctia ta da duge cai dat véi mét may chai DNS va Domain Controller la:
del.vnexperts.net.
- Trén dit ligu DNS cita de1.vnexperts.net cé mt Primary Zone tén vnexperts.net
chifa toan bé cdc record vé tén cla domain vnexperts.net.
- Yéu cau lic nay 1a tao ra mt may chit voi dit ligu DNS gidng hét
del .vnexperts.net.
Step 1: Trén mdy chit de1.vnexperts.net cho phép cde may cha lay duge dit ligu
Zone vnexperts.net
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_ 62
Active Directory Mang may tinh
Step 2: Trén may chi méi tao Secondary Zone t8n Vnexperts.net tir may chit
del .vnexperts.net
- 6 day: de]. vnexperts.net — IP 192.168.100.11
- Cai dat de2. vnexperts.net — IP 192.168.100.12
Step 1: C4u hinh trén may chit del.vnexperts.net cho phép may khéc tao Secondary
Zone vnexperts tit may chu nay.
Start 4 All Programs 4 Administrative tools 4 DNS
Trong cita s6 DNS chon forward lookup zone trong dé ¢6 Zone vnexperts.net a
tgo ra trong phan 1+2 cia bai viét. Chugt phai vio tab Zone Tranfers.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_ 63.
Active Directory
Mang may tinh
_wnewperts net _15 records)
Eg oct 5
EG orseatooiupzones Et reaps
Gl sne-un a see
set
i Gi vnexpertainee
Gamal | RiswnetAuhoiysoa | NaneSaiven |
oe Tel |e sae oI
cere teren sera copy of the Zone weaning sere
Allows zone transfers:
© Onbpto servers sted on the Name Servers tab
© Oni the tllowing serems
(Baddess
| Jago cay erent itl ara tat cb
ey
oti
- Chon Allow Zone Transfers c6 3 options cho ban Iyra chon:
+ to any server: cho tit ca cdc may tinh déu léy duge dir ligu DNS
+ Chi cho phép may chi nao trong NS record (me dinh khi ning ep Ién Domain
Controller)
+ Chi cho phép cdc mAy chit duéi day
-Ta chon to
any server cho d&
Step 2: tao Secondary Zone tir may chii khdc chuan bj cai dat lam Domain
Controller
Nguyén Thj Thu
Huyén K54A - Khoa Céng nghé thong tin- BHSPHN 64
Active Directory Mang may tinh
- Cai dit dich va DNS nhu trén
- Vao giao dign quan tr DNS chudt phai vao Forward Lookup Zone chon New
Zone nhiin Next hé théng sé bat ban Iya chon Type Zone ban chon Secondary Zone
Zone Type
The DNS server supports various types of zones and torage,
Select the pe of sore you wank to cee:
© Briary cone
“Craaes 9 copy of 2008 that can be undated deecty onthe server.
© Gecendary te]
ests 0 opr of 2 zone that ess en antes sre, Tis option bbs brce
‘the processing bas of pray Servers and provies Fal terre,
© Sibane
‘utero coy of fe nti ey Hoe Serve), Str Alberty
el ost (A) record, A server conning ab zane irc
‘aortaive for tht zone.
TF Stee the some rnbetive
Nhdn Next tip tye qua trinh thiét lap
~ H@ théng sé yéu cdu ban tén Primary Zone ma ban can tao Secondary Zone t6i
chon vnexperts.net vi t6i di c6 Zone nay trén may de1.vnexperts.net ~ 192.168.100.11
ri.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 65
Active Directory Mang may tinh
mana El
‘The zone nane species the portion af the ONS namespace fr whch this server is
_athorative Emig be you orgerzetoris damn nae Tor axanole, crv. com)
‘portion ofthe domanirame (for evage, nawcone microsoft.com). Th one nar
‘ot the name ofthe DS over,
Zone nan
[oemetsmt
he
For more infermation about zone names, eek Help,
ot |e |
H6 théng sé yéu cau ban gé dia chi cia may chit chita Primary Zone cia
Vnexperts.net
- Ta gO dia chi IP li 192.168.100.11 - dia chi eda my chu de1.vnexperts.net
Master ONS Servers
The ane copied fom one oF rcxe ONS sess
Specty the OS carers Fomaich you wankto copy the 2ore, Servers are
(retain the erder sh
—— =
ree ae
h
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 66
Active Directory Mang may tinh
Nhan Next dé hoan thanh qué trinh tao Secondary Zone vnexperts.net trén may
chi de2,
- Dé lay toan b6 dit ligu DNS tir may chi del vé may chi de2 ban chudt phai vao
Zone vnexperts.net méi duge tao ra trén may chit de2 chon "Transfers from master",
- Vio kiém tra va két qua t0i di duge mot ban copy cita dir ligu DNS trén may
chi méi, diéu nay c6 nghia may chi Secondary nay hoan toan cé kha ning giai quyét
vin dé vé tén mién trong hé thong.
—_— a 7
Rowadlodep toes fave
[Sep
[asp
Bice
| Bdemensrszones
Btorestdrezones
Didamandrszores — |Elrmesa
Eiiersinmnes — |leaosiomectise) sar Aart 20)
= Gl mse 1S) (same as parent Folder) (Name Server (NS)
{Bi Reverse Lookup Zones: ©) (same a parent folder) ost (A)
fare arpometaie) fet)
ore renin
rena
b. Cai
{t Additions Domain Controller vao m@t domain da cé sin
- Vigc cai djt Addtions m$t Domain Controller méi vio mét domain da cé sin vo
cing don gin
- Step 1 dit dja chi IP tinh
- Step 2 dat dja chi DNS 1a dja chi DNS cua may chu del.vnexperts.net
192.168.100.11 va dia chi IP cua chinh né 1a 192.168.100.12
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_ 67
Active Directory Mang may tinh
‘You can get I settings essigned automatically f your network supports
{is Gapabity, Otherto, you naecto ask your network tiniest ctor
forthe epprozriats IP settings,
© Obtain an IP aces automaticaly
Use the Fellowing 1? adresst
Ip acchess: 192 «168
Subnet maske 255 « 255
Default oatenay: 182 168.
© Ober Dis sere: alters auton
© Use the fllowing M5 server ade
Preferred DNS servers
Akernata DNS server:
Khi ban da hoan tat qua trinh cai dat DNS va tao Secondary Zone trén may chi.
méi, ban can thiét phai dat dia chi cia DNS nhu trén béi khi DC1 bj hong thi hé thong
vin hoat dng binh thudng.
- Tiép tuc qué trinh cai dat vao Run go depromo.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 68
Active Directory Mang may tinh
Welcome to the Active Directory
Installation Wizard
This wad bls you naalActive Diacty erica onthe
serve, airy the server a damn coil.
bie thea tine youve installed Active Diet Bie
ecomerned thal yu st fad be overview n tive
Decne
Tocortinve,chck Ned
ss CEI oe |
Nhan Next dé tiép tuc qua trinh cai dat Addtions Domain Controller
Opetating Sysiem Compatiiity
pte cay ig in Wako ved 2009 led eter vino
‘Window.
Dorin contol nnvring Windows Serv: 2003jnpenent socurty stings that
‘equte clerks and Ghe over o carmuncale yh rove dan corals Fra ee
secure way,
“The foming er versions of Windows caret me the ree regen:
© Windows 95
© Windows NT 405P3 renter
By det, computes ring those version ol Widows wl ret be abet ag on with
2 domuancontoler uring Window Serve! 2080" scons deman rz0.c9?
Formoreinfomaton. see Cone Helo.
ae EE] _ oe
Nhdn Next dé tiép tue qua trinh cai dat.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 69
Active Directory Mang may tinh
- Dén buée chon hai Options: Ban bat bude phai chon Additional domain
controller for an existing domain. Day chinh la sy khac nhau co ban gitta cai méi va add
vio mt domain cé sin
Domain Controller Type
‘Spec he icle you wart this sever aha
Desc wa the severe bacon ¢donan cone renew dona cn
‘addtenal damon conte! ean eg doner
Domain concer er anew domain
Sela coi to cau ae ch! dran nen damn, ore foet
This server vl cone het domain earache
6
eee Proceeding wth tht opton il diel ocal accounts on vt eve.
Atenpoguce hon ibe died wn sb mote bere
ect 2c 57S enced ee ep shoud be docted
tide cu tlc
ea ee | see
Nhan Next dé tiép tuc qué trinh, hé théng sé yéu cau ban g6 Username, Password
va domain ma ban cin add vio:
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 70
Active Directory Mang may tinh
Network Credentials
Prowde anetwerk ict name and password
“ype the user rare, passa, ard user dana of an account wih suticent rvleges
{oma cvs Drecoy on hs congue.
User mane: IG strates a
Basoont
‘Domai
Sau khi dién dit cdc dit kign tir domain, username password.
~ Nhin Next hg théng ty déng tim kiém Domain da chon, néu ban dt dia chi
DNS cho card mang sai dén bude nay sé khdng tim thay domain ma ban ean add vao,
khi dé ban chi cin kiém tra lai DNS hi dat dia chi IP 1a ok.
~- Nhan Next dé tiép tue
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 71
Active Directory Mang may tinh
‘Additional Donain Controller
‘Spee the name ofthe domain fot which ts server wil become on eka
main sole
Erie the fulDNS name ol the ssi doman fx which ths serve wilbecore an
‘ikon! dena corte (lr exanple hesdguates example metoral con
Toovinw abt of ensing domains, eSck Broce
Doman nae:
[remot
G6 lai tén mién ban muén add vao : g6 vnexperts.net (bdi tacdn add them mot
domain controller vio domain nay).
__~ Nhan Next tiép tue qué trinh cai dat. Hé théng yéu cau noi chita folder NTDS.
48 cho qua trinh Replications trong Domain.
Datat
Spec te older o canta he Actin reco dalabaae and og tes
Foxbestpatomance an recoverability, tre the database and helog on sept
bead oe
Wheto do you war ta sore te Acie Dect database?
[Datahace fle
‘Wheto do you arto date the Active Daectonylog?
opto
2 ae nas
R
coe
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 72
Active Directory
Ta dé
Dé mie dinh t6i hn Next. Hé théng yéu cau gd password danh cho qua trinh
Mang may tinh
dinh nhan Next. Hé théng yéu cau vi tri folder SYSVOL.
Shared System Volume
Speedy the ode tobe shared a the sytem vane
The SYSYOL oder stores the server's copy tthe domain's pub fle The conte
the SYSVOL folder ae replesledio al Conan canton he domain
The SYSWOL fader must belocsted on an NTFS volun
Enter scan forthe $YSYOL oie.
olde location
Restore Mode nhu da dé cap 6 trén.
Nguyén Thj Thu Huyén
Directoy Services Restore Mode Administiator Password
Th password used hen you stat the computer inDiectoy Services Restore
Mose,
Typ and confer the nasower yu wart assign tothe Adrivisats account ured
hen ts ovr: dated Deecton SermcesHestore Mode.
Therese mode Adria: accour i lene ote dams ine
sccount The pastwents athe accounts night be deter, 20 be ux lorenenber
toh
ResoreModePacwact [eeseevense
‘Conte psc [reeeeeeee
Foc mote infermation stu Directoy Series Resere Modo, see delve Dincow Ho
a0 CR] eat
K54A - Khoa Céng nghé théng tin - BHSPHN
B
Active Directory Mang may tinh
Nhan Next dé tiép tuc qua trinh cai dat: hé théng hién thi toan bé thong tin vé qua
trinh thiét lap:
Summary
Revi and cone ho cotors you veloc
Youchose ta:
[Configure ths sever a an adonal oman conde forthe doman z
reipatenet|
Database foer CWINDOWSWNTOS
Lope fold CW INDOWSINTOS
“SPSVDL fol CAWINDOWSASYSVOL
thie clay. The proces can tke several nits
eat Coneesty ange, dependeg otha onions yes have elected
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé thong tin- BHSPHN 74
Active Directory Mang may tinh
Doi vai phuit va khéi dng lai may sau dé vao Active Directory Users and
Computers dé xem va ta thdy da 6 hai may chii Domain Controller.
& Gy Saved Queries
EE snexpers nt
i @ sul
Bi computers
(@ rman cortices
2 GO FereensecurityPrincipals
GB Lsers
Computer
Vay li hoan tat qua trinh tao ra mot Domain Controller méi trong domain
vnexperts.
4, Child Domain
- Domain vnexperts.net c6 hai may chit Domain Controller: de1.vnexperts.net véi
IP 1a 192.168.100.11 va de2.vnexperts.net véi dia chi IP 1a 192.168.100.12
- Chuan bj mét may tinh cai Windows Server 2003 méi véi tén de3 c6 dia chi
192.168.100.13. va ta dinh cai may chai de3 sé la domain controller cia domain:
mesa. vnexperts.net
- Dit dja chi IP sao cho may tinh de3 nh§n biét duge domain vnexperts.net
+ Thiét lap dia chi DNS trén may de3 nhu duéi day.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 75
Active Directory Mang may tinh
axl
ener
You can oat IF settings assigned automaticaly f your network supports
this capably, Othervise, sou need to ack your ntivork adminetrator
Fi the soproeriake IP tinge.
Subnet mask: 5.755.255. 0
Default actewiays 192 366 100. 1
Usethe folowing DNS server addresses:
Prefered DNS server: 192. 166. 100
‘Alternat DNS server 192.166. 100. 13
Tao ra m6t Secondary Zone cua DNS trén may chi de3 mdi va dat dja chi IP va
DNS nhv trén truée khi cai dat Active Directory.
- Sau khi hodn than qua trinh tao Secondary Zone vnexperts.net cla DNS trén
may chi de3 va dat dja chi IP nhur trén ta vio run g6 depromo dé bat dau qué trinh cai
dit, Nhin Next nhimg buée bit dau qué trinh cdi dt dén khi ct sé sau xudt hién
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN —_76
Active Directory Mang may tinh
Pr
Domain Controller Type
Specily te ole you vant this server to hae,
Do you wor this server ta beceme @ demen eerilks fora new domain or an
scdiional domain certo fer an ssicting domain?
© Bans cenit
SEV RicL Lane sel deere orci
ee eee ae ee
© ditional domain contalie for an existing domain
BS Proceeding wth this option il doen al asl ancours on fis seer
Aleypeagaphic kaye wilbe deleted and sheuld be expoited before
conduing.
Allencypied data, such av EFS erexypted fs or eal should be decwolad
belore contiming or wil be pemaneriy inacceribie
ek tse
- Do domain mesa.vnexperts.net chua cé nén khi cai dat domain d6 trén may chi
dc3 ta phai chon 1a Domain Controller for a new domain.
- Nhan Next dé dén mét bude quan trong nhat trong qua trinh cai dat.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_—77
Active Directory Mang may tinh
Create New Domain
Select wach ype of domain to crests
Create a ren:
© Dornain in a raw forest
Selects opin if this isthe fist domein in your omenzeton or Fyou want the new
omen tobe conplete\y mcependent ot your curent ores.
© hima
It yo.PSiare the naw dorsi to be a cid an ain domain, cela this opin
Foreramcle, jou could ceaie anes doman narred
Hheatlquties exemple niiosnft com as 3 child domain ofthe anain
exams mierosete com
© Donain Wee ian exsira vest
you dar‘ want the new demarr tobe a child of an essing dain. sec this
‘option. The wil create anew doen tee thats ceparale om an) evicling tees.
i203 11:18 FM
jiecns 215 pa
1B addins: yi2003. PM
FG Appicatinn Compatlty Sxpes jinas 11:11 4
{Gi appratch Ji2003 10:19 eM
8 assembly jena 1:11 FM
distor j2cos 1:11 9m
(cont j2coa 1:11 eM
© Comection Wear ef femur
2003 7:05 PM
To view any subfoblers, chk. ps sgn above, Nios ta a
Jenna sie
rinse | Cemepe | cot | mene
Thir tool netdom vao run g6 cmd dé vao méi trudng dng Iénh go netdom /? sé
duge két qua nhu hinh duci day:
Nguyén Thi Thu Huyén
K54A - Khoa Céng nghé thong tin- DHSPHN- 99
Active Directory Mang may tinh
Step 2: Add mt thém mét tén méi cho may chi DC
May chi DC cé tén del.vnexperts.net
ahi
ena] operat Stem] Marts OF| Lectin] Hanased8y] Dish |
BI ow
Copies ne Wenn 2000, [BET
Sh comets
Bi powan cots
5 rreorserot
= i
ole ioe
Deccan
Twatcompe te deleosion
We seoutreeotve coien naan at vices weeng a:
leper eee cei! sev Nm et
Gio vige dau tién s& phai add m9t tén nita vio cho may chi del.vnexperts.net ta
chon tén vne.vnexperts.net.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN — 100
Active Directory Mang may tinh
Sir dung cau Ignh: Netdom Computername del vnexperts.net /add
‘yne. vnexperts.net
Tai sao Iai fails, chi khi Domain Function Level li 2003 hoc cao hon thi méi
duge.
Domain Function Level c6 4 mtre a6:
Mix Mode: Active Directory duge quan ly béi: Windows NT, 2000, 2003
Interim Mode: Active Directory duge quan ly boi: NT, 2003
Native Move: Active Directory duge quan ly boi: 2000, 2003
_ 2003 Mode: AD duge quan ly béi may chit 2003 — va chi khi AD & dang nay méi
hé try day du cdc tinh nang cia Active Directory trén Windows Server 2003. Ta bude
phai nang cp domain (mie djnh la Mix Mode) lén 2003 Mode.
Vio administrative tools -> Active Directory Users and Computers - chut phai
vio domain vnexperts chon Raise Domain Function Level.
i Thu Huyén K54A - Khoa Céng ngh¢
Nguyén hong tin- DHSPHN 101
Active Directory Mang may tinh
| a Remnessee
(Coe) oven | tee]
Sau d6 thye hign Iai cau Ign: Netdom Computername de1.vnexperts.net /add:
vne.vnexperts.net. Va ta da add duge thém mt tén mdi la vne.vnexperts.net cho may
chii de1.vnexperts.net
Step 3: nang cAp tén mdi thanh tén chinh.
Nhu vay may cht: Domain Controller c6 hai tén: del.vnexperts.net va
vne. vnexperts.net nhung hign tai may chu van lay tén del.vnexperts.net la tén chinh git
ta phai chuyén tén chinh thanh vne.vnexperts.net.
Str dung cau Ignh: Netdom Computername de1.vnexperts.net /makeprimary:
vne.vnexperts.net
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_— 102
Active Directory Mang may tinh
Thy hién song cau Iénh nay hé théng sé bat phai khoi dng lai.
Step 4: Cho tén méi cita may chi DC thye hign chire ning
Sau khi khoi d6ng lai may tinh, hé théng sé van ton tai hai tén: vne.vnexperts.net
va del.vnexperts.net va tén vne.vnexperts.net chua hoat d6ng trong khi tén
del.vnexperts.net da bj chuat quyén.
Str dung cau Ignh: Netdom Computername vne.vnexperts.net /enumerate
Dé cho tén méi ctia may chil di vao hoat dong.
Step 5: Remove tén ci
May chi Domain Controller van tn tai hai tn git ta cdn phai remove tén ci li
dcl.vnexperts.net
Str dung cau Ignh: Netdom Computername yne.vnexperts.net /remove:
del. vnexperts.net dé remove tén ci di.
Nguyén Thi Thu Huyén K54A - Khoa Céng nghé théng tin- DHSPHN 103
Active Directory Mang may tinh
Step 6 Xem ket qua
Vio Active Directory User and Computer vaio OU Domain Controller xem két
qua duge nhu hinh dui day:
comsanme ries ion fe
sr
de
—|
7. DC vai tré Master
Active Directory cho phép nhiéu may chii Domain Controller hoat dong tuong
duong, tinh ning Replication sé ty dng déng b6 ton b6 dit ligu gitta cde Domain
Controller. Tuy nhién ¢é nhimg thude tinh trong Forest va Domain chi ¢6 may cht
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 104
Active Directory Mang may tinh
Master thi méi cé nhimg tinh nang dé. Sau day Ia céch thay déi vai tro Master trong
Active Directory
Trong hinh vé trén thé hign hé théng voi:
1 — Forest dé 1a vnexperts.net
2— Domain tree dé la: vnexperts.net va vne.com
4— Domain con: mesa.vnexperts.net va cena.vnexperts.net 1a domain con ctia
domain tree vnexperts.net; a.vne.com va b.vne.com Li domain con cita domain tree
vne.com,
Forest Master Role
Ca hg théng trén cé mt Forest duy nhat la: vnexperts.net ~ Va chi cé mot may
chi Domain Controller trong forest nay hoat dng véi vai tro Master, thuréng la may
chu cai Active Directory dau tién trén forest. Cé hai Vai tro Master trong Forest dé la:
- Schema Master Role
- Domain Naming Master Role
Schema Master Role: Trong Forest chi cé may chit déng vai trd Schema Master
méi cé kha ning update schema - gian 46 ciia Active Directory. Trong Forest khi muén
thay d6i bat ky cdu trite cita Active Directory ban phai la Schema Master.
Domain Naming Master Role: May ch Domain Controller véi vai tro Domain
Naming Master sé dim nhiém vigc tao ra domain con méi hay remove mt domain
con... Tém lai sé hoat dng véi chire nang quan ly tn tao va xod domain,
Domain Master Role
Domain Tree hay Domain con trong Domain Forest déu c6 mét may chit
déng vai trd Master Domain Role. May chit hogt dng véi vai tro Domain Master Role
mac dinh I may chit Domain Controller dau tién ctia Domain 46. C6 3 Domain Master
Role
- Relative Identifier - RID Master
- Primary Domain Controller — PDC Master
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 105
Active Directory Mang may tinh
- Infrastructure Master
M6i Domain chi cé mét may chit dam nhigm vai tro Domain Master Role, c6 thé
mot may chii dim nhiém tat cd cdc téc vu trén nhung ban cé thé gan cho mdi may cht
lam mét nhigm vy trén.
RID Master: Méi domain trong Forest chi c6 m$t Domain Controller déng vai tro
RID Master. Khi mét user, m6t computers durge tao méi trong active directory thi RID
déng vai trd kiém tra tinh duy nhit ciia record d6. Sau 46 RID gan cho mdi théng tin d6
mot Security ID.
PDC Master: Trong méi domain cé m6t PDC master, khi hé thong bao gém cdc
may chit domain controller: NT va ca 2003. PDC lam nhiém vu cho phép client 461
password, sau dé thye hién Replications véi cde Domain Controller khac trong Domain.
Infrastructure Master: Khi di tén hay add m6t user vao m6t group nao 46,
Infrastructure ctia Active Directory sé lam nhigm vy quan ly user va group. M@t user cd
thé thude nhigu group, m6t group c6 thé chira nhigu user va group khde vi quan ly van
dé d6 thuge vé Infrastructure Master.
__ Oday c6 hai tinh hudng xay ra khi thay d6i Master cia Forest hay cia Domain.
Dé don gian ta chi thyc hign trén forest vnexperts.net khéng cé domain con hay domain
tree, voi hai my chi: domain controller: vne.vnexperts.net vi de3.vnexperts.net —
Forest Master Role va Domain Master Role déu 1a vne.vnexperts.net.
1. Khi tat cd céc Domain Controller déu hoat dong
2. Khi Master Server bj héng va ban phai nang cap may thu cap lén Master
Domain.
7.1 View Master Role
Dé xem hién tai Domain Controller nao déng vai tro master ban cé thé thyc hién
theo cach sau:
- Xem RID, PDC, Infrastructure Master role ban chi can vao Active Directory
Users and Computer chudt phai Ién né chon Operations Master
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 106
Active Directory
Dé xem Forest Master role:
- Domain Naming Master Role: vao Administrative Tools chon Active Directory
Domains and Trusts chudt phai vio né chon Operations Master.
Nguyén Thi Thu Huyén K54A - Khoa Céng nghé thong tin- DHSPHN 107
Active Directory Mang may tinh
“ive Greciory Donahe and Thus | Active DretoryComars and Tuts
Bp vesserts ret a
axl
The domain narang operations matter encutes that domain nam ate
Lungie Oriy one demain contol in te eter pete is ke
Domer naming opetations master
[vie vnapars ak
“Ta tranater the dopagin naming master let the
Tellovang computeheick Charge
[view epee
- Schema Master Role: Muén xem duge Schema Master Role ban phai vio
Active Directory Schema Snap-in, tht khong may li mc dinh Active Directory
Schema Snap-in lai khong duge ty déng cai dat cing véi Active Directory. Nhung ban
c6 thé cai dit Snap-In nay bing cdch vao cmd go: regsvr32 schmmgmt.dil dé cai dt
Snap-in nay. Sau hé théng bao Success:
AL) cman nate dnc
=|
_ Vao run gé mmc trong cita s6 nay chon file 4 add/remove Snap-in chon Add réi
chi dén: Active Directory Schema Snap-in sau dé chudt phai chon Operations Master sé
xem duge mdy chi nao 1a may chit Schema Master.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN 108
Active Directory Mang may tinh
PRI cee te ieee
Becton ow Fees Wrvow Heb
«+ om aS a
cou ox la
=) Me Active Directory Schema | classes
D Casses Diattroutes
© aerbates
Gero x
The schema master manages madicaions tote schema Only one
svat the ectersize pet thi cle
Current schema master fonine}:
[rewemetenet SSS
Totarsfer the schema master role to the targeted
‘Gomain controler below, click Change.
[une vnexperts net
7.2. Thay di Master khi cac Domain Controllers déu dang hoat dong tot.
‘Tinh huéng xay ra khi méy chi Master duge cai dat truéc véi cdu hinh may
kh6ng cao, khong 6n dink, Cong ty nang ep may chit Domain Controller méi va yéu
cau moi user va group... khéng duge thay déi. Khi dé ban phai chuyén Master Role cho
may chit méi, Véi tinh hudng nay ching ta thy hign tuong déi don gin.
‘Trong mé hinh ta cé hai may chit domain controller: vne.vnexperts.net va
dc3.vnexperts.net hign tai may chii vne.vnexperts.net li Master role cia ca Forest
Master va Domain Master.
Ta sé chuyén déi vi tri Master role cho may chu de3.vnexperts.net
a, Nang Domain Master Role
- Bao gdm: RID, PDC va Infrastructure.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 109
Active Directory Mang may tinh
Vao may chi vne.vnexperts.net vao phan Active Directory User and Computer
chu§t phai chon Connect to Domain Controller rdi Iya chon connect vao may cht
dce3.vnexperts.net
Eurent domain conti:
ne: yrespats net
Ete the name of anethes domain eantaller
[dc vreupertnet
Dr select an avaiable domain contol
Name Sie
a je Doman Conran
— DevaubFistSteNane
Nhan OK rdi tiép tue chudt phai vio Domain vnexperts.net chon Operations
Master, ngay trong tab dau tién la tab RID thay: current Master va Change, nhén
Change dé thay d6i RID master tir may chit vne. vnexperts.net sang may chi,
dc3.vnexperts.net
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_—110
Active Directory Mang may tinh
Co 2x)
ID |POC | infasmuctue
Th opstations masta manages the location of RIO ook to other domain
ceonticlets. Only one zerver inthe domain performs this roe.
Deetations master
[eeSiwrewpensnet
‘Totuansfer te opetations master ole to the falling
Campurer, clsk Change pies
[6c3 vreperts net
‘The cparations master rale wes successfully rarsferred,
Clos Brel
Cit thé t6i tiép tue chuyén sang tab PDC va Infrastructure chuyén master sang
de3.vnexperts.net.
b. Nang Forest Master Role
- Nhu vita néi 6 trén Forest Master role cd: Schema Master Role va Domain
‘Naming Master role
Chuyén Domain Naming master
Vao may chi vne.vnexperts.net & Administrative tools 4 Active Directory
Domain and Trust chuét phdi vio d6 chon Connect to Domain Controller. Trong cira s6
ta chon may chi de3.vnexperts.net ri OK.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 111
Mang may tinh
2 Active Directory Domains and Trusts eee
GB) experts. net
Girne
Active Directory
Romain:
vnewperts.net
{Current domain controler:
\vne.vnexperte net
Enter the name of another domsin controller:
[dc3 vrexperts.net
Or select an available domain controller:
Tiép dén chuGt phai vio Active Directory Domains and Trust chon Operations
Master, trong ca sé thdy xudt hign: Current Master va méy chi cn chuyén sang lA
de3.vnexperts.net
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin - BHSPHN
112
Active Directory Mang may tinh
Nhan vio Change. Vige chuyén 46i Domain Master Role hoan toan thanh céng.
Nguyén Thi Thu Huyén K54A - Khoa Céng nghé théng tin- DHSPHN_— 113
Active Directory
Fz Rckve Directory Doma and Tse
FOG vnesperts net
tae
Prev ners
2x
ce ee ee eee
ecg aay eee ae ee ornare
Domain naming eperations master
[ac wnavoets net
“Totals the daha nani matt leo the Eas
Iola cone ciek Change ESaal
[dcdimerpeta net
Dre vvetoncater nascent encore
| Aative Directory Domehs and Trusts
gine
Chuyén Schema Master Role
Vao run g6 mme rdi add snap-in Active Directory Schema vio
Mang may tinh
Trong cita sé Active Directory Schema chudt phai chon Change Domain
Controller, Iya chon phn Specify Name ta chon dén may cht: de3.vnexperts.net nhdn
OK
Nguyén Thj Thu Huyén
KS54A - Khoa Céng nghé thong tin- DHSPHN_-— 114
Active Directory Mang may tinh
“fa Consolel - [Console Root Active Directory Schema [viexwnieNp
Bi Gleason ew Faves Windom tio
AAR @
[consol Root [sme
Mg Active Droctory Schema | classes
Dacitates
7 22
a ——— $$
Select DO
© eye
© SpecityName — fae3 vnemerts.nel
‘Trong ctta sé Active Directory Schema chudt phai chon Operations Master, tdi
thay current master [4 vne.vnexperts.net may chit can transfer téi 1a de3.vnexperts.net
t0i nhdn vio Change.
Nguyén Thj Thu Huyén K54A - Khoa Céng nghé théng tin- BHSPHN 115
Active Directory Mang may tinh
ee EIT
Jb Gl Actin vow Favorites window Help
e> of/fe|e2
Ld Console Poot Marie
mg Ave Delay Sc | ccaes
aawrtuee
2x
The schema master mevages medications ia the schema, Only ane
etver nie anlepnice pets ths rele,
Curent schema mast forine
[deS.onsupers net
Lotvensfer the schema master ile tothe targeted Change
deman conte below. chek Change ay
[des.wnerpers net
& Operatic Master successfully tanefenved.
Ching ta hoan toan cé thé chuyén déi Master Role cia Domain va cia Forest.
Ta nén thy hign theo thir ty trén néu thyc hign buée chuyén d6i master role cita
Schema luén sé bj 16i,
7.3 Tinh hudng Khi Master Role bi héng.
Viée chuyén déi Master Role khi tat cd cdc Domain Controller déu dang hoat
lng binh thuéng la v6 cing don gin, nhung thgt khéng may d6i khi may chi Master
Role cia ching ta bi héng khdng thé kha phye lai duge. Yéu cdu phai nang cip mét
may chit Domain Controller c6 sin trong hé théng thinh may chi Master Role cia
Forest hay cia Domain tuy theo yéu edu cua hé théng.
Luu y chi khi ndo may chu Master Role thye sy hong ban méi lam theo phuong
phap nay, bai khi ban ty y nang cap Master Role cho m6t may chi Domain Controller,
khi dé may chi Master truée duge bat lén sé bj sung nhau béi hé théng khéng thé co
hai Master Role.
_ Seize ~ Con duge dich la chiém dogt, va chiing ta sit dung cong cy nay dé doat
quyén Master tir mt may chii thir edp.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_— 116
Active Directory Mang may tinh
Trong tinh hudng | ta di nang cép may cha de3.vnexperts.net thanh may chit
Master. Tat may chti de3.vnexperts.net va thye hign cdc bitoe chiém doat quyén master
tir my chit vne.vnexperts.net, coi nhu may chit de3.vnexperts.net hong hin,
nay)
Chung ta ding mét tool dé 1a: ntdsutil
Step 2: trong giao dign nay g6 ntdsutil trong tools nay ching ta go: roles
Step 3: connect vao may chii vne.vnexperts.net (phai sir dung FQDN nhu thé
- G6 connections dé vao giao dign két ni
- G6 connect to server vne.vnexperts.net dé két ndi toi may chu can thiét.
Step 4: gd Quit dé vao giao dign: fsmo maintenance
- Go Seize Schema Master réi enter
- G6 Seize Domain Naming Master rdi enter
- Gd Seize RID Master roi Enter
- G6 Seize PDC ri Enter
- Gé Seize Infrastructure Master roi Enter
Dudi day la m6t hinh anh vé viéc Seize (chiém doat) Schema Master Role
Sau khi go seize schema master hé théng sé hdi cé chic chin lam viéc nay khong
tdi chon YES dé hé thong bat dau Seize dgi mot lat sé hoan tat qua trinh
Cir nhu vay ta Lin lugt Seize cdc Master role nhu: RID, PDC, Infrastructure,
Domain Naming
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_—117
Active Directory Mang may tinh
»~ Ce
Sau Seize ca 5 Master Role chon quit, quit dé thoat khdi giao dign cmd.
Khéi dong Igi méy tinh vio Active Directory Domain and Trust chudt phai chon
Operations Master ta xem két qua lam vig
Rv Dror Donos FF Tas | ce Oc Does ad ats
2G) wenn
ane
[@hnersers
II 213)
The domain naning operations mates ensues thal donin ames a
nse Orly ove dma corer ete eerie proms le
Domain nanina operations mace
[remem
“tance: he dom ann males the oh
folorana computer ck
fre vosepecnat
May chii vne.vnexperts.net 3 hoat dng nhu mot Master Server.
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_-— 118
Active Directory Mang may tinh
Két luan
Véi nhimg dich vy va tign ich cia minh, Active Directory da Lim gidm nhe cong
vige quan ly va nang cao higu qua hoat dong, nhiing céng vige ma hdu nhu khéng thé
thuc hign duge trén mot hé théng mang ngang hang, phan tan thi gid day ching ta 6
the tién hanh mot cfch dé dang théng qua m6 hinh quan ly tp trung nhu dua ra
cde chinh sch chung cho toan bé hé théng nhung déng thoi cé thé by quyén quan tri
phan chia kha nang quan ly trong mt méi truéng rong lén.Tir_ cai dit 1 may chit
Domain Controller cho m6t Domain téi cai thém mt may chi: DC khae cho Domain
46,Ching ta da lam chi Active Directory.
Active Directory thye sy la trai tim ctia Windows Server 2003 .
TAI LIEU THAM KHAO.
Tai ligu cua gido vién huéng dan:
1. Active Directory Collection,
2. MS_Active_Directory Design Guide
3. Integrating-ibm-msad
Website: http://www.3c.com.vn
http://technet.microsoft.com
hitp://www.quantrimang.com
http://www. itgatevn.com.vn
http://www. iforce.com.vn
Nguyén Thi Thu Huyén KS4A - Khoa Céng nghé thong tin- DHSPHN_— 119
You might also like
- (Huawei) Hướng Dẫn Cấu Hình Layer 3 Switching - Diễn Đàn Thế Giới MạngDocument7 pages(Huawei) Hướng Dẫn Cấu Hình Layer 3 Switching - Diễn Đàn Thế Giới MạngNguyen Quoc NhanNo ratings yet
- (Lab 6.6) How To Config iSCSI in Openfiler and Mapping LUN Openfiler For VMware VsphereDocument19 pages(Lab 6.6) How To Config iSCSI in Openfiler and Mapping LUN Openfiler For VMware VsphereNguyen Quoc NhanNo ratings yet
- Tài liệu ôn tập CCNADocument49 pagesTài liệu ôn tập CCNAHoàng Lão TàNo ratings yet
- (Huawei) Hướng Dẫn Cấu Hình Vlan Trên Thiết Bị Switch Huawei - Diễn Đàn Thế Giới MạngDocument6 pages(Huawei) Hướng Dẫn Cấu Hình Vlan Trên Thiết Bị Switch Huawei - Diễn Đàn Thế Giới MạngNguyen Quoc NhanNo ratings yet
- (Lab 8.2) Configure and Use VMware Vsphere ReplicationDocument10 pages(Lab 8.2) Configure and Use VMware Vsphere ReplicationNguyen Quoc NhanNo ratings yet
- (Lab 7.6) Deploy Vsphere App HA and Install Hyperic AgentDocument18 pages(Lab 7.6) Deploy Vsphere App HA and Install Hyperic AgentNguyen Quoc NhanNo ratings yet
- (lab 8.6) Cài đặt VMware vSphere Data Protection 6.0 (VDP)Document15 pages(lab 8.6) Cài đặt VMware vSphere Data Protection 6.0 (VDP)Nguyen Quoc NhanNo ratings yet
- (Lab 7.1) How To Config Cluster HA On Vcenter 5Document9 pages(Lab 7.1) How To Config Cluster HA On Vcenter 5Nguyen Quoc NhanNo ratings yet
- (lab 7.4) Cấu hình VMware vSphere HA và Migration máy ảo đang hoạt động bằng vMotionDocument9 pages(lab 7.4) Cấu hình VMware vSphere HA và Migration máy ảo đang hoạt động bằng vMotionNguyen Quoc NhanNo ratings yet
- (lab 7.3) Cấu hình vMotion trên VMkernel và thực hiện di chuyển máy ảo đang chạy bằng vMotionDocument10 pages(lab 7.3) Cấu hình vMotion trên VMkernel và thực hiện di chuyển máy ảo đang chạy bằng vMotionNguyen Quoc NhanNo ratings yet
- (Lab 7.7) Configure Vsphere Application HA and Configure Vcenter Hyperic ServerDocument16 pages(Lab 7.7) Configure Vsphere Application HA and Configure Vcenter Hyperic ServerNguyen Quoc NhanNo ratings yet
- (Lab 6.5) How To Config Openfiler iSCSI For Use With VMware Vsphere 5Document15 pages(Lab 6.5) How To Config Openfiler iSCSI For Use With VMware Vsphere 5Nguyen Quoc NhanNo ratings yet
- (lab 8.4) Cấu hình Backup và Restore VMware vCenter bằng vSphere Replication 5Document16 pages(lab 8.4) Cấu hình Backup và Restore VMware vCenter bằng vSphere Replication 5Nguyen Quoc NhanNo ratings yet
- (Lab 8.3) Recovery Virtual Machine by VMware Vsphere Replication 5Document7 pages(Lab 8.3) Recovery Virtual Machine by VMware Vsphere Replication 5Nguyen Quoc NhanNo ratings yet
- (Lab 2.7) How To Install Vcenter Appliance 6Document32 pages(Lab 2.7) How To Install Vcenter Appliance 6Nguyen Quoc NhanNo ratings yet
- (Lab 7.2) How To Config Vmotion On VCenter 5Document14 pages(Lab 7.2) How To Config Vmotion On VCenter 5Nguyen Quoc NhanNo ratings yet
- (lab 2.4) Hướng dẫn Add các ESXi Hosts vào vCenter server 5Document7 pages(lab 2.4) Hướng dẫn Add các ESXi Hosts vào vCenter server 5Nguyen Quoc Nhan100% (1)
- (lab 6.9) Hướng dẫn cấu hình VMware Virtual SAN với vSphere HADocument13 pages(lab 6.9) Hướng dẫn cấu hình VMware Virtual SAN với vSphere HANguyen Quoc NhanNo ratings yet
- (lab 8.9) Hướng dẫn cấu hình vSphere Data Protection 6Document8 pages(lab 8.9) Hướng dẫn cấu hình vSphere Data Protection 6Nguyen Quoc NhanNo ratings yet
- (Lab 6.8) How To Config VMware Virtual SANDocument15 pages(Lab 6.8) How To Config VMware Virtual SANNguyen Quoc NhanNo ratings yet
- (Lab 4.3) How To Configure NIC Teaming On VMware Vsphere Standard SwitchDocument19 pages(Lab 4.3) How To Configure NIC Teaming On VMware Vsphere Standard SwitchNguyen Quoc NhanNo ratings yet
- (Lab 6.4) How To Install Openfiler iSCSI For VMware Vsphere 5Document11 pages(Lab 6.4) How To Install Openfiler iSCSI For VMware Vsphere 5Nguyen Quoc NhanNo ratings yet
- (Lab 7.8) Test Vsphere Application HADocument8 pages(Lab 7.8) Test Vsphere Application HANguyen Quoc NhanNo ratings yet
- (Lab 8.5) How To Backup and Restore Virtual Machine by Vsphere Replication 5Document10 pages(Lab 8.5) How To Backup and Restore Virtual Machine by Vsphere Replication 5Nguyen Quoc NhanNo ratings yet
- (lab 7.5) Cài đặt VMware vSphere Cluster HA và Application HADocument18 pages(lab 7.5) Cài đặt VMware vSphere Cluster HA và Application HANguyen Quoc Nhan0% (1)
- (lab 8.8) Hướng dẫn cấu hình VMware vSphere ReplicationDocument11 pages(lab 8.8) Hướng dẫn cấu hình VMware vSphere ReplicationNguyen Quoc NhanNo ratings yet
- (Lab 8.7) Configure VMware Vsphere Data Protection 6Document19 pages(Lab 8.7) Configure VMware Vsphere Data Protection 6Nguyen Quoc NhanNo ratings yet
- (Lab 8.1) How To Install VMware Vsphere Replication 5Document10 pages(Lab 8.1) How To Install VMware Vsphere Replication 5Nguyen Quoc NhanNo ratings yet
- (Lab1.2) Hướng dẫn gắn thêm ổ cứng vào VMware ESXi 5Document10 pages(Lab1.2) Hướng dẫn gắn thêm ổ cứng vào VMware ESXi 5Nguyen Quoc NhanNo ratings yet
- (Lab 2.6) How To Join AD Domain in Vcenter Server Appliance 6Document7 pages(Lab 2.6) How To Join AD Domain in Vcenter Server Appliance 6Nguyen Quoc NhanNo ratings yet
