Beruflich Dokumente
Kultur Dokumente
You have been working for A. Datum Corporation for several years as a desktop support specialist. In
this role, you visited desktop computers to troubleshoot app and network problems. You have recently
accepted a promotion to the server support team. One of your first assignments is configuring the
infrastructure service for a new branch office.
As part of configuring a new branch office, you need to create user and group accounts. Creating multiple
users with graphical tools is inefficient, so, you will use Windows PowerShell.
Objectives
After completing this lab, you should be able to:
Lab Setup
Estimated Time: 45 minutes
Virtual machines
20410D-LON-DC1
20410D-LON-CL1
User name
Adatum\Administrator
Password
Pa$$w0rd
For this lab, you will use the available virtual machine environment. Before you begin the lab, you must
complete the following steps:
1.
2.
In Hyper-V Manager, click 20410D-LON-DC1, and then in the Actions pane, click Start.
3.
4.
5.
Password: Pa$$w0rd
Repeat steps 2 and 3 for 20410D-LON-CL1. Do not sign in to LON-CL1 until directed to do so.
A. Datum Corporation has a number of scripts that it has previously to create user accounts by using
command-line tools. However, an enterprise-wide mandate specifies that all future scripting will be done
by using Windows PowerShell. As the first step in creating scripts, you need to identify the syntax required
to manage AD DS objects in Windows PowerShell.
The main tasks for this exercise are as follows:
1.
2.
2.
At the Windows PowerShell prompt, create a new OU named LondonBranch by typing the following
command:
New-ADOrganizationalUnit LondonBranch
3.
Create a new user account for Ty Carlson in the LondonBranch OU by using the following command:
New-ADUser -Name Ty -DisplayName "Ty Carlson" -GivenName Ty -Surname Carlson -Path
"ou=LondonBranch,dc=adatum,dc=com"
4.
Change the blank password for the new account to Pa$$w0rd, by using the following command:
Set-ADAccountPassword Ty
5.
6.
7.
Verify that the sign-in is successful, and then sign out of LON-CL1.
On LON-DC1, at the Windows PowerShell prompt, create a new global security group for users in the
London branch office, by using the following command:
New-ADGroup LondonBranchUsers -Path "ou=LondonBranch,dc=adatum,dc=com" -GroupScope
Global -GroupCategory Security
2.
3.
Results: After completing this exercise, you will have created user accounts and groups by using Windows
PowerShell.
You have a .csv file that contains a large list of new users for the branch office. It is inefficient to create
these users individually with graphical tools, so you will use a Windows PowerShell script instead. A
colleague that has experience with scripting has given you a script that she created. You need to modify
the script to match the format of your .csv file.
The main tasks for this exercise are as follows:
1.
2.
3.
2.
Edit the contents in E:\Labfiles\Mod04\LabUsers.csv, and then add the appropriate header.
On LON-DC1, use Windows PowerShell Integrated Scripting Environment (ISE) to modify the variables
in LabUsers.ps1:
o
$csvfile: E:\Labfiles\Mod04\labUsers.csv
$OU: "ou=LondonBranch,dc=adatum,dc=com"
2.
3.
2.
At the Windows PowerShell prompt, use the following command to verify that the users were created:
Get-ADUser -Filter * -SearchBase "ou=LondonBranch,dc=adatum,dc=com"
3.
Results: After completing this exercise, you will have used Windows PowerShell to create user accounts in
bulk.
You have received a request to update all user accounts in the new branch office OU with the correct
address of the new building. Additionally, you have been asked to ensure that all of the new user accounts
in the branch office are configured to force users to change their passwords the next time they sign in.
The main tasks for this exercise are as follows:
1.
Force all user accounts in LondonBranch to change their passwords at next sign in.
2.
Task 1: Force all user accounts in LondonBranch to change their passwords at next
sign in
1.
2.
At the Windows PowerShell prompt, create a query for user accounts in the LondonBranch OU by
using the following command:
Get-ADUser -Filter * -SearchBase "ou=LondonBranch,dc=adatum,dc=com" | Format-Wide
DistinguishedName
3.
At the Windows PowerShell prompt, modify the previous command to force all users to change their
password the next time they sign in by using the following command:
Get-ADUser -Filter * -SearchBase "ou=LondonBranch,dc=adatum,dc=com" | Set-ADUser
-ChangePasswordAtLogon $true
2.
3.
City: London
Results: After completing this exercise, you will have modified user accounts in bulk.