In this project, students are required to build a functional Windows Server environment with multiple servers, Active Directory, DHCP, DNS, WDS, VPN, DFS, and other essential services. The assignment is divided into step-by-step tasks

jkings Posted in Uncategorized

Assignment Overview

In this project, students are required to build a functional Windows Server environment with multiple servers, Active Directory, DHCP, DNS, WDS, VPN, DFS, and other essential services. The assignment is divided into step-by-step tasks covering server configuration, network setup, domain management, and service deployment.

Assignment Tasks

1. Server Installation and Active Directory

  • Install Server1 on a VM. Connect one NIC to an external network and another to a private network.
  • Assign static IP to private NIC.
  • Set up a new Active Directory domain in a new forest with the highest functional levels.
  • Make Server1 a global catalog server.

2. DHCP and WDS Configuration

  • Configure Server1 as a DHCP server to provide IP addresses to network clients.
  • Set up Windows Deployment Services (WDS) to host installation images.
  • Ensure WDS does not automatically join computers to the domain.

3. Deploy Server2

  • Install Server2 using the WDS server.
  • Configure its static IP and hostname.
  • Join Server2 to the domain.

4. Advanced DHCP Configuration

  • Modify the existing DHCP scope and give it a descriptive name.
  • Set lease duration, default gateway, and DNS for clients.
  • Add IP exclusions and reservations for specific devices and servers.
  • Configure additional scopes for other network segments.
  • Set server-wide options such as WINS and DHCP failover with Server2.
  • Configure device-specific options for legacy clients and VoIP phones.

5. WINS Configuration

  • Configure Server1 and Server2 as WINS servers in a push/pull relationship.
  • Add static mappings for devices with fixed IPs.
  • Ensure automatic NetBIOS name registration.

6. DNS Configuration

  • Create a forward lookup zone for your domain.
  • Add A, CNAME, and MX records for various servers.
  • Configure reverse lookup zones and integrate DNS with WINS for fallback resolution.
  • Forward queries for external domains to the appropriate servers.

7. Secondary DNS Setup

  • Configure Server2 to host secondary copies of your primary DNS zones.
  • Test zone replication and query functionality.
  • Enable round-robin load balancing.

8. Active Directory Integration

  • Convert DNS zones to Active Directory-integrated.
  • Restrict updates to secure dynamic updates only.

9. VPN Configuration

  • Configure Server1 as a VPN server.
  • Assign VPN clients to the appropriate network.
  • Enable RADIUS authentication with logging and idle session disconnection policies.
  • Test VPN connectivity and split tunneling from Server2.

10. DFS Namespace and Shared Folders

  • Create a domain-based DFS namespace called Warehouse.
  • Add multiple shared folders across servers.
  • Enable DFS replication for shared folders across servers.

11. Organizational Unit Structure

  • Create OUs for various departments.
  • Implement nested groups for role-based permissions.

12. User and Group Management

  • Create local and domain groups to manage resource permissions.
  • Assign users to appropriate groups for access control.
  • Create user accounts in the respective OUs.

13. Workstation Accounts

  • Develop a naming convention for workstations.
  • Pre-stage computer accounts for general and departmental workstations.

14. Group Policy Configuration

  • Create a GPO for a department OU (e.g., Mfg).
  • Configure security, access restrictions, services, logs, desktop redirection, and software deployment.
  • Test GPO application and scope filtering.

15. Conditional Forwarders and Trusts

  • Configure DNS conditional forwarders for external domains.
  • Establish a two-way transitive realm trust.

16. Sites and Replication

  • Configure multiple AD sites corresponding to physical locations.
  • Ensure the DC account is assigned to the closest site.
  • Configure intersite replication intervals.

17. Certification Authority

  • Configure Server1 as a CA.
  • Enable auto-enrollment for users and computers.
  • Test certificate issuance and export the list of issued certificates.

18. iSCSI Storage Configuration

  • Configure Server1 as an iSCSI SAN.
  • Share a virtual disk with Server2.
  • Format with NTFS, enable deduplication, and verify access.

19. Performance Baseline

  • Take performance baseline screenshots for Server1 and Server2.

20. WSUS Configuration

  • Set up Server1 as a WSUS server.
  • Download the Windows Update catalog without deploying updates.

21. PowerShell Automation

  • Modify and execute the provided PowerShell script.
  • Generate output files and compress the project folder for submission.

BONUS Tasks

  • Install and configure additional servers with IIS containers or Failover Clustering.
  • Verify functionality with screenshots.

Submission Requirements

  • Complete all tasks as per instructions.
  • Include screenshots for verification where specified.
  • Compress the project folder for submission.
  • Ensure proper naming conventions and documentation.

Assessment Requirements – Summary

The primary goal of this assignment is for students to design, configure, and manage a Windows Server 2022 environment covering multiple aspects of server administration. Key requirements include:

  • Server setup: Installation of multiple servers (Server1 and Server2), configuration of Active Directory, domain services, and static IP addresses.
  • Network services: Configure DHCP, WDS, WINS, DNS, VPN, and DFS to enable a functional network environment.
  • User and group management: Create Organizational Units (OUs), nested groups, and assign users to manage permissions effectively.
  • Group Policy Management: Apply security policies, software deployment, and folder redirection via GPOs.
  • Advanced configurations: Setup of iSCSI storage, Certification Authority (CA), WSUS, and performance monitoring.
  • Automation: Execute PowerShell scripts for automated configuration and output generation.
  • Bonus tasks: Optional implementation of IIS containers and Failover Clustering for advanced skills.
  • Documentation & submission: Include screenshots, compressed project folder, proper naming conventions, and verification of tasks.

The assessment is designed to test practical Windows Server skills, networking knowledge, security implementation, and administration capabilities in a controlled environment.