Part 5: Configuration Manager (SCCM) Lab Promote DC

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
this video is part of our configuration manager lab setup video series and in this video we are going to configure our domain controller and we will domain join our configuration manager server and our client which is PC - the one hello IT pros this is Jason welcome to my channel Technic solutions if you are new to this channel hit the subscribe button and also click on the bell icon as well to get all the latest updates any links mentioned in this video you can find it in the description below and let's get started alright so in the previous video we can figure out our virtual machines alright so in this video we will configure our domain controller of a DHCP server and then we will domain join our site server which is configuration manager server techniques - CM 0 1 and we will also domain join our PC - 0 1 ok so before we start it let's just brainstorm so we will brainstorm about domain name ok what will be our domain name for configuring a domain controller you should plan a domain name for example if you're working for a company ABC ok so you should have something like ABC dot local ABC dot home and this will be intranet internal domain name alright and funnily enough when I was learning several years ago and and at that time actually I wanted to configure an Active Directory alright domain controller so I was following some videos and they were talking about domain names and I was like well so I need to buy a domain name and I went ahead and bought a domain name ok so which is you don't have to do that so you can use you can come up with your own domain name as I said abc.com anything like that it will be internal alright and you do not have to buy any public domain name for that purpose I will be using mine which is technic stores local it is internal as well and you can use that as well apart from this in Active Directory there will be organizational units to get a feel of production let's just come up with noise naming conventions or nice names where you will have your computers you will have your users or you will have your groups differentiated instead of using the default organizational units we will be using our own or use we will create our own or use so for example I have actually planned that so for example for computers we will have technics computers and within technics computers we will have finance computers and also we will have management servers all right so in management servers we will save our servers and in finance computers this will be an organizational unit for finance department computers ok so this is something for our testing for users we will create technics users and then finance users and administrative users or we can create more or use within technics users same as groups so for groups we will have technics groups right now I cannot think of any group that we will need but if in future we need a group for our domain we will create a group in that for you server names computer names I think we already discussed that technique this is zero one is of a domain controller technics - CM zero one is our configuration manager server and PC - through one is one of our testing clients alright and also in our previous video we had some unfinished business in regards to PC - 0 1 ok so where I have given you a task to add a low ICMP version full rule in the firewall and make sure you can ping from your Windows 10 client which is PC - 0 1 2 DC 0 1 and CM 0 1 and vice versa ok so which is very important so all our virtual machines they should ping each other and also our hosts can communicate with our virtual machines as well ok if you have any problem here if you cannot pink if your VMs cannot talk to each other which means there's a problem in virtual networking you should fix that first before moving forward and before promoting your TC 0 1 as a domain controller ok so let's have a look at PC - 0 1 and configure that firewall rule I'm pretty sure you have done that however I would like to demonstrate as well so you can have a look at it or if you have already done that obviously you can skip that let's have a look at that how we can add that rule and also we will give it a static IP address as well let's have a look ok so PC - 0 1 so here is PC - 0 1 so first of all let's give it a static IP address all right to give it a static IP address we will go to network connections or we will access network adapters so to do that windows are NCPA dot CPL and then hit enter so here we can see our network adapter double-click on that and then click on properties double click on Internet Protocol version 4 so here we will use the following IP address which will be 1000 50 ok subnet mask 255 255 255 0 default gateway it will be IP address of our TC - 0 1 which is 10000 - so DNS server again this will be 1000 - as well click OK click OK and click on close so double click on that just verify that click on details we can see that it is 1000 50 let's close this off and minimize this as well so right click on start open windows powershell and then let's try pinging our domain controller which is 10000 - all right so we can see that we are getting a reply back from that if we go back to our domain controller and then we will try pinging back to PC - zero 1 so let's minimize this and log on to our domain controller I kept saying the domain controller right now it is not a domain controller it is just a server but soon we are going to promote this to a domain controller so let's have a look at that so double click on that and I will log in as administrator which is the local administrator account I have logged in server manager is loading I will right click on the Start menu and I will open PowerShell and let's try pinging to our PC 0 1 so we will ping our PC 0 1 which is 10 dot 0 dot 0 dot that's our IP address we have just given and we can see that this will struggle ok so now you know the answer why this is struggling because in the firewall we have to add ICMP version full rule so which we can just do it real quick and I'm pretty sure that you guys have already done that I'm going to minimize this and let's go back to PC 0 1 and we will open Windows Defender Firewall with advanced security all right so here right click on inbound rule and new rule so we will add custom rule click Next and then all programs next as well so protocol type we have already done that multiple times this will be ICMP version 4 click Next any IP and allow this connection everything is checked click Next give it a name I will name it allow ICMP version 4 and then we will click on finish all right so this is finished minimize this let's go back to our domain controller yeah this is row 1 not a domain controller yes yes yes I remember that and let's just try pinging we can see that we are getting reply back ok as I said earlier make sure all virtual machines they can communicate with each other and also host can communicate with other virtual machines as well let's try pinging from our host machine to the PC zero one okay so we will ping PC 0 1 is 10 0 0 15 and we should be getting a reply back all right another thing I would like to mention before we go ahead if you would like to install updates on your servers for example this is 0-1 and if I go to settings and update and security and here you can see that there are updates available I can click on install and why this is getting updates the reason being because I have actually went ahead in the settings of this virtual machine and then in here you can see that I have added default a network adapter how we can do that I will just quickly show you for example pcs or one it does not have default network adapter attached to do that I will go to the settings of PC 0 one virtual machine see that add hardware is actually selected by default and then I will click on network adapter and then I will click on add and I will select in 0 not into your one actually default because that's a default switch which has Internet connectivity reason why defaults which has Internet connectivity because my host machine has internet connection ok so you can see that this machine has internet and that is why default virtual switch has internet connectivity as well so click on apply and click on ok so if I go back to PC 0 1 you will see that this will get internet connectivity as well it is identifying at the moment soon it will show us it has Internet connectivity so we can try pinging 88.8 and you can see that we are getting a reply back which means our PC 0 1 it has Internet connectivity as well so this is very useful if you would like to install updates as I did on DC 0 1 ok so this is still installing that is ok so we can minimize that so the same thing I did with CM 0 1 as well so if we go to settings and you can see that defaults which is attached and cm0 one has Internet connectivity as well right now just to get Windows updates okay so in this is 0-1 we have logged in and we will open server manager in server manager we will click on add roles and then we will click on next here ok I'll bring it here in the center so role-based or feature-based insulation this is what we are going to select and then click on next so in server selection we have only one server so if it is a domain and in production environment you will see probably more servers however in our case there is only one and this is what is going to be our domain controller as well so we will click on next in server roles the most important one we have to select is Active Directory domain services ok so these are the management tools click on add features for that and then DHCP server add features DNS server add features ok so click on next and that is all we need and then just keep clicking on next for a DDS DHCP server DNS confirmation and tick that box restart if required and then click on install alright so this is gonna take a while and I will be back when this is done ok so this really didn't take a while it took about 2 to 3 minutes and this is done and let's have a look at that and now we will promote it to a domain controller before we promote it to domain controller I would like to give you one tip the way we add a default networks which we have to disable that switch so that it will not conflict with our domain and it will not conflict up with our IP addressing that we are doing ok so it might conflict with the DHCP server as well so let's have a look at that so here we will click on close you can see that feature installation is finished and then before we move ahead and then configure it a domain controller so open network connections and here we can see that Network 2 so if I double click on that you can see that this has Internet so what I will do I will right-click I will disable this network adapter okay and I will minimize this or we can just close it off so on the triangle here you can see that if I click on that we have two options so complete the ICP configuration and promote this server to a domain controller all right so out of these two options let's promote this server to a domain controller first so we will click on that and this will open a new visit you can see that this is a new visit so the first option is add a domain controller to an existing domain do we have a domain the answer is no so we would like to create a new forest so we will click on that so root domain name this is what I was originally discussing at the start of the video that you should come up with the name that you would like to name this domain so in my case I will name it Technic start local and now I will click on next so next is domain controller options alright so this is just processing this and we will have more options soon all right so here most of the settings we are going to keep as it is and we are not going to change anything so here is the SRM password so we will enter the SRM password twice here so once you enter the password twice click on next and we have DNS delegation option we can see that here is the warning that is OK so you can ignore this warning click on next so additional options it will populate NetBIOS domain name by itself and we do not have to change it and then we will forward with the parts so now we can move forward with the parts we do not have to change anything here so click next even with the parts as well we can keep all the parts as default so we do not have to change anything click on next and you can review the options what we are going to configure you can click on view script so this is exactly what we are going to do alright so we can close this and click on next and prerequisite check so this is going to do some pre records check and if there's any warning or if there's any problem this will display here so let it run and we will see what will be the outcome okay so we have few warnings here which we can ignore so click on install so now this is promoting this over to domain controller and this will finish and this will restart our server and then it will come back with the administrator login which will be changed to a domain administrator alright so let it do its thing and I will be back once this is ready ok so now you can see that it's signing us out we can click on close here and close here as well it will sign us out and then it will restart here you go it is restarting and this will come back and this will prompt us to login as a traitor and you will see that administrator will be changed and I will show you the different zone alright so domain controller is restarted and it actually came up as technics backward slash administrator alright so now this is prompting us to login as a domain account so this administrator account the original account which was a local account now it is changed into a domain account and it is a local domain administrator so we will login here with the same password which we originally used to login to this DC 0 1 so I am using the same password ok so now our domain controller is configured so the next part is we will configure our DHCP server as well so let's configure our DHCP server so in server manager on technics - TC 0 1 you can see that it's still a yellow triangle is there so if we click on that we have an option to complete DHCP configuration ok so click on that and we have to authorize this server so click Next and use this account so this is a domain account we are using techniques backward slash administrator so we will use the account and click on commit and then just close it that is okay if you Schloss that option with the yellow triangle you can click on Tools and then we will click on DHCP here and this will open a new window so here you can right-click and click on manage authorize servers alright and you can authorize a server from here so right now we can see there's a once over there let's just make it a slightly bigger so let's make it bigger so that you can see that what I'm talking about let's extend techniques - this is zero one dot technique stores local and in ipv4 right-click and we will create a new scope so create a new scope and this is a welcome visit click Next and we will name this scope I will just name it technics I will name it Technic scope you can name it anything else and click on next and start IP I will start with 1000 and 51 and IP 1000 hundred so we have 50 IP addresses length I'm keeping most of the things default and I will update the subnet mask to 255 255 255 dot 0 click next and here is exclusions and delay you can add an exclusion but I'm not going to do that click Next and next here yes I want to configure these options now click Next and to add an IP address for a real table so our DC will act as a router as well in this instance however in production you have a dedicated Rafa which you will mention here and for now I'm just configuring 1000 to mentioning to as a router on ok and click Next on that one so you can specify player and domain so this is a DNS as well so you can specify additional DNS server if you have one so we do not have anything here in this lab so we are just leaving 1000 - this is technics - this is 0-1 as a DNS server so click Next and basically that is it so wind server we do not have to do anything click Next and yes I want to activate this scope now click Next and click on finish so we have just configured about DHCP server all right and here you can see that it is running it is green and I will clean this with taskbar so we might have to come back to it later ok so we can test over the a DHCP server so for testing purposes what we have to do we will go back to over PC 0 1 and in pc 0 1 so open network connections win our NCP a dot Cpl hit enter and I will disable this network switch which is default networks which we added for Internet connectivity so the internal switch which is connected with DC 0 1 as well right-click properties and now to test our DHCP server double click on Internet Protocol version 4 and we will change it to obtain IP address automatically ok so it should receive 1000 51 which is for IP address in our range so obtain our DNS server address automatically as well click OK click OK so here you go you can see that networks Tech next off local straight away it came up I will click on yes and if you double-click on that one here and click on details you can see that IP address 1000 51 subnet mask and default gateway 1000 - which is coming from above DHCP server DHCP server as well which is 1000 - DNS server 1000 - as well let's just close this one close this one and if you open PowerShell again and then let's just try pinging if you ping tekneqs - DC 0 1 let's see if we are getting a result ok so here you go so this is resolving techniques - to Caesar 1 to an IP address all right and if we ping technics dot local it should resolve as well so this is resolving here we can see that this is resolving to the IP address of our technics - this is the row 1 server so let's minimize that and we will go back to our domain controller so on this is 0 1 if we open DHCP server and extend ipv4 and then extend your score and then click on address leases you can see that this has given us one IP address to this computer which is desktop something something we have not renamed this computer which is PC - 0 1 we will rename it shortly and let's just close it off so now we are going to configure or organizational units which we originally talked about at the start of this video so to do that we will log on to DC 0 1 and in server manager we will open Active Directory users and computers next configure organizational units open server manager on this is 0 1 and then click on tools and in tools we will use Active Directory users and computers and I will pin this to the taskbar as well because we will be coming back to this quad bot okay so the new organizational units we will be creating on technic stores local ok right click on technics dot local hover over on new and then we will select organizational unit so the first one we are going to create is technics - computers ok so I have named it technics - computers click OK so in technics - computers I will create 2 more or use so right click hover over new organizational unit and I will name it finance computers I didn't mean to put - in it so I will rename let's just quickly rename that get rid of that - so it is just technics computers finest computers and then I will click again on technics Computers right-click hover over new organizational unit I will name it member servers so this is where our side server is going to reside which is CM 0 1 technics - CM 0 1 so member servers click ok so you can see that technics computers now has two organizational units so by mistake if you create a wrong or you and you want to delete it so for example if I click here and I will say new organizational unit and name it anything click ok so if I want to delete this one I wouldn't be able to delete that ok so to do that we have to click on View and advanced features and then you select that or you right click go to properties and then go to object untick this box which is protect object from accidental deletion and click apply click OK right click and now you will be able to delete that ok so you can see that this is gone so I will click on View I will go to advanced features and now I will come back to the original window the way it looks so now we are going to create technics users so at the top level right click new organizational units technics users and within technics users right click new or you organizational unit let's call it finance users click OK and click here again on technics users right click new organizational unit and I will name it administrative uses so also click on technic stores local right click near organizational unit I will name its technics groups so right now we are not going to create any group but if we need to we will create new groups here ok so now we are going to create new uses so in finance users click on that we are going to create a new user and we will name it test user so just test and last name is user and user name is test and that's it so we'll click on next so user must change password and do that user cannot change password password never expires so I will give it a password and make sure you give it something like for example P at SS wo Rd all right so it has its own complexity so this is why I have given a password like that and click Next and finish so we have created test user so the main user that we are going to create click on users so find administrator here right click and copy that and the first name cm and last name admin so this is configuration manager admin ok so username cm admin and click Next and give it a password so user cannot change password password never expires ok click Next and finish and we are going to move this user cm admin to administrative users so you can click on it and just drag it to administrative users so click yes so in administrative users we can see that cm at mean if I double click on that and member off you can see that it is member of all these groups let's cancel on this one and we will go to technics computers in finance computers we will create a new computer let's just name it PC dash 0 1 and click OK that's all in member servers we will create a new computer object we will name it technics - CM 0 1 so it is technics - CM 0 1 click OK and we have techniques - CM 0 1 in finest computers we have PC 0 1 so let's just do Maine join our PC 0-1 first and then we will domain join our cm 0-1 so minimize this and we will go to PC 0 1 and we will open control system windows our control system and here change settings and change again so name it PC - 0 1 domain which is technics dot local click OK and it will prompt us to enter administrator username and password so administrator is administrator at technics dot local and password of this administrator account and click OK so there you go welcome to the Technic stuff local domain click OK click ok and then just restart it alright so now we can log on to this computer which is PC dash 0 1 as a domain account so we will use over test account here to log on to PC 0 1 ok so PC 0 1 we started click another user so the user name is test2 and you can see here signing in two tekneqs so we do not have to do at Tech next or local for that one and password is the password of this test user alright so this cannot sign it remotely so what we have to do is we have to sign in as a basic session here so click on basic session here so click on basic session because this user cannot log on as remote desktop session so enhanced session is like a remote desktop session so here we will enter test and password is password whatever we have picked for test user and you can see that test user is signing in alright so this will sign in it will create a profile while it is doing that let's just minimize this one and we will go to our configuration manager server cm0 1 and you can see that it has I have actually attached default virtual switch to that so what I will do I will disable that virtual switch and here I want to make sure in the details of in 0 1 I have IP address 3 and right subnet mask default gateway and DNS server as our technics - this is 0-1 let's close this and if we open PowerShell here and if we try to ping tekneqs dot local we should get a reply back from 1000 - we are getting our reply back so which panes however cm 0 1 is talking to / DC 0 1 through the DNS server so we will close this close this close this as well and if we open server manager so we will click on local server and compute a name and here we will change it and computer name is technics - CM 0 1 ok so domain is technics dot local alright so techniques that CM 0 1 technic stores local click OK and enter the administrator account at technics dot local and password of that account click OK and click OK here ok so you must restart your computer click OK click close and restart now all right so this is restarting as well on technics - CM 0 1 we will login as CM admin account ok so just remember that we will login here with CM admin account this has restarted and username is CM admin and password is password of this account which we just created in our active directory and then sign into that one so you can see that we are signing in as see em admin account so let's just minimize that and we can see that PC 0 1 so here we have logged in as test user we can see that and minimize this one and if you go to technics - CM 0 1 you will see that we have logged in as CM admin account ok so in this video we configure our domain controller and DHCP server we created organizational units user objects and computer objects however in the forthcoming videos we will create more user objects and user groups as well so that we can use these users and groups for certain tasks which we can perform with configuration manager if you have questions leave it in the comments box below more than happy to help more than happy to answer and also if you have feedback the way I'm delivering this content leave it in the comments as well so that I can improve the way I'm delivering my content fool you if you find this video informative give it a thumbs up and show you support by subscribing to my channel and also click on the bell icon to get all the latest updates from this channel in the next video we are going to look at virtual drives the older virtual drives I have shown you in the lab overview how we are going to configure and how we are going to attach these virtual drives to our technics - cm zero one virtual machine I will see you in the next video have a good one in the meantime take care
Info
Channel: TekNex Solutions
Views: 4,180
Rating: undefined out of 5
Keywords: configmgr, memcm, mem, sccm, windows, windows server, system center configuration manager, microsoft endpoint manager, microsoft endpoint configuration manager, configuration manager, mdm, teknex, promote dc, promote domain controller, virtual machines, Configuration Manager (SCCM) Lab Promote DC, configuration manager lab
Id: 4B0mILslaXE
Channel Id: undefined
Length: 34min 59sec (2099 seconds)
Published: Tue Jul 07 2020
Related Videos
Part 6: VHDs for Configuration Manager CB Lab Setup
TekNex Solutions
3K
Part 7: ConfigMgr (SCCM | MECM ) Full Prerequisites Installation
TekNex Solutions
8.4K
CompTIA A+ Certification Video Course
PowerCert Animated Videos
2.8M
Part 4: Configuration Manager(SCCM) CB 2002 VMs Configuration
TekNex Solutions
4.8K
Kubernetes Tutorial for Beginners [FULL COURSE in 4 Hours]
TechWorld with Nana
2.6M
2020 Getting started with pfsense 2.4 Tutorial: Network Setup, VLANs, Features & Packages
Lawrence Systems
590K
Part 11: ConfigMgr (SCCM) HTTPS/PKI Configuration
TekNex Solutions
6.4K
System administration complete course from beginner to advanced | IT administrator full course
Geek's Lesson
3.3M
Linux Tutorial for Beginners: Introduction to Linux Operating System
Guru99
2.6M
Part 2: Configuration Manager (SCCM) CB Lab Overview
TekNex Solutions
5.8K
Part 10: ConfigMgr(SCCM) Client Push Installation Service Account
TekNex Solutions
3.7K
Getting Started with Vapor 4 - A Beginner's Course
CodeWithChris
11K
VMware vSAN Cluster Project - Part 1
Virtual Bytes
1.4K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.