How to Install Active Directory On Windows Server 2008 R2

Active Directory is essential to any Microsoft network built on the client-server network model–it allows you to have a central sever called a Domain Controller (DC) that does authentication for your entire network. Instead of people logging on to the local machines they authenticate against your DC. Lets take a look at how to install Microsoft’s Active Directory.

Installation

Open Server Manager and click on roles, this will bring up the Roles Summary on the right hand side where you can click on the Add Roles link.

This will bring up the Add Roles Wizard where you can click on next to see a list of available Roles. Select Active Directory Domain Services from the list, you will be told that you need to add some features, click on the Add Required Features button and click next to move on.

A brief introduction to Active Directory will be displayed as well as a few links to additional resources, you can just click next to skip past here and click install to start installing the binaries for Active Directory.

When the installation is finished you will be shown a success message, just click close.

Configuration

Open up Server Manager, expand Roles and click on Active Directory Domain Services. On the right hand side click on the Run the Active Directory Domain Services Installation Wizard (dcpromo.exe) link.

This will kick off another wizard, this time to configure the settings for you domain, click next to continue.

The message that is shown now relates to older clients that do not support the new cryptographic algorithms supported by Server 2008 R2, these are used by default in Server 2008 R2, click next to move on.

Choose to create a new domain in a new forest.

Now you can name your domain, we will be using a .local domain the reason why will be explained in an upcoming article.

Since this is the first DC in our domain we can change our forest functional level to Server 2008 R2.

We want to include DNS in our installation as this will allow us to have an AD Integrated DNS Zone, when you click next you will be prompted with a message just click yes to continue.

You will need to choose a place to store log files, it is a best practice to store the database and SYSVOL folder on one drive and the log files on a separate drive, but since this is in a lab environment I will just leave them all on the same drive.

Choose a STRONG Active Directory Restore Mode Password and click next twice to kick off the configuration.

You will be able to see what components are being installed by looking in the following box.

When its done you will be notified and required to reboot your PC.

That’s all, now you have a working installation of Active Directory.

Windows Server 2008 Firewall Profiles

On Server 2008 and Windows Vista, there are three types of firewall profiles—Domain, Private, Public profile. You can set a Firewall state(rules) for each profile and each firewall profile applies depending on your network location. This allows you to set different firewall rules depending on your network location.

• Domain Profile – applied automatically when your server is connected to the Active Directory domain.
• Private Profile – you can assign this profile manually when your server is connected to any private address (192.168.x.x, 10.x.x.x, 172.31.x.x, etc.)
• Public Profile – applied by default when your first connect the server to any unknown network.

How to Restore Server 2008 Active Directory

How to Restore Server 2008 Active Directory (non-authoritative)

1. On Server 2008 DC, open the command prompt on the server
2. Run below commands to enter Directory Services Restore Mode (DSRM):
bcdedit /set safeboot dsrepair
shutdown –r –t 1
3. Login using .\administrator and DSRM password
4. Run below command ( note that d: is the drive letter of your backup), this will show you the version identifier of the backup.
Wbadmin get versions –backuptarget:d:
5. Run below command to start the restore.
Wbadmin start sysstaterecovery –version:01/01/2008-22:30 –backuptarget :d:
6. After the restore process is completed, run following commands to reboot.
Bcedit /deletevalue safeboot
Shutdown –t 0 -r

How to Restore Server 2008 Active Directory if Someone Accidentally Deletes an Object. (authoritative restore)

1. Restore Server 2008 Active Directory (non-authoritative), do not reboot the server
2. Open command prompt, run following commands, where CN=VIPuser,CN=Users,DC=MYDOMAIN,DC=NET is the object you wish to restore.
ntdsutil
activate instance NTDS
authoritative restore
restore object “CN=VIPuser,CN=Users,DC=MYDOMAIN,DC=NET”

3. Once it’s completed. Type quit
4. After the restore process is completed, run following commands to reboot.
Bcedit /deletevalue safeboot
Shutdown –t 0 -r

How to Backup and Restore DHCP in Windows Server 2008

In Windows Server 2008, backup of DHCP database and settings has gotten simpler. You may want to backup your DHCP server from time to time to prepare for disaster recovery scenarios or when migrating DHCP server role to a new hardware.

Backup DHCP Server

1. Open Server Manager > DHCP role
2. Right click server name, choose Backup..
3. Choose a location for backup, click OK

Restore DHCP Server

1. Open Server Manager > DHCP role
2. Right Click server name, choose Restore
3. Choose the location of the backup, click OK
4. Restart the DHCP Service

IP Version 4 Address Classes

IP version 4 is a 32 bit addressing system. The 32 bits are divided as 4 octets of 8 bits each. In IPv4 the IP address is categorized as Class A, Class B, Class C, Class D, and Class E.

Class A, Class B, and Class C addresses are used on IP networks as host IP address. Class D, Class E addresses are not be used as host IP address on the network. Class D is used for multicasting whereas class E is used for limited broadcasting.

Class A, Class B, Class C for host IP

Class D for Multicast

Class E 

IP Address Class D for Multicast

Multicast addressing is  a technique which define a group of nodes and sending IP message to that group alone.It uses the link only once for message delivery.It use the class D addressing system.The 32 bit indicate a group name. It uses IGMP (Internet Group Management Protocol).

IP Address Class E 

In the IPv4  standard Class E addresses as reserved, that is they are not  used as host ip address on IP networks.The IP addresses  range from 255.0.0.0 through 255.255.255.255  are reserved and is  not  considered for the normal Class E range. The  IP broadcast to 255.255.255.255 deliver IP message to all node on the local network(LAN), that is this broadcast is limited with in the local network as the packet does not reach all node on the Internet

IP Loopback Address 127.0.0.1

 

127.0.0.1 is the loopback address in IP.

127.0.0.1

To test self connectivity

PING 127.0.0.1

Loop back packets are not visible on the network

Messages sent to 127.0.0.1 do not appear in the network. The network adpter loopback(send back) all messages to the sending application. That is it is used when a program access a network service running on the same computer itself.That is loopback address is used to test the self connectivity.

Example: PING 127.0.0.1

A successful ping request to 127.0.0.1 verify that a computer's network interface card, it's drivers, and the operating system's TCP/IP implementation are operating perfectly.

IP address range from 127.0.0.0 through 127.255.255.255 are reserved for loopback purposes. This range of IP address cannot be assigned as host ip address on a network.

Modern operating systems implement TCP/IP consider   "localhost" as equivalent to 127.0.0.1

 

 

Default Router Passwords and IP Addresses

If you have lost the password to your router and would like to know the default password then look no further. Here is a list of the default router passwords, default router logins, and default router IP for all the routers we have come across.

Router Name Default IP Address Default User Name Default Password 3Com 192.168.1.1 n/a admin 3Com adminttd adminttd 3Com admin n/a 3Com n/a PASSWORD 3Com root !root ACC netman netman ACCTON 192.168.2.1 n/a 0 Aceex 192.168.8.1 admin n/a Aceex 10.0.0.2 admin epicrouter Actiontec n/a n/a ADC Kentrox n/a secret Adtran n/a n/a AirLink+ 192.168.1.1 admin admin Aiway 0 n/a Allied Telesyn root n/a

Allied Telesyn Manager Friend Allnet admin admin Ambit 192.168.100.1 user user Ambit 192.168.100.1 admin password Ambit root n/a Amitech admin admin Apple 10.0.1.1 n/a n/a Arescom n/a atc123 Arescom 192.168.1.1 dsladmin n/a Ascend admin ascend Ascend n/a ascend Ascom Asmack admin epicrouter ASUS 192.168.1.1 admin admin Avaya root root Bausch Datacom 10.0.0.2 admin epicrouter Bay Networks User n/a Bay Networks Manager n/a Bay Networks Manager Manager Belkin 192.168.2.1 n/a n/a Belkin admin n/a Benq Admin admin Bintec admin bintec Boson n/a n/a Broadlogic admin admin Broadlogic installer installer Broadlogic webadmin webadmin Buffalo 192.168.11.1 root n/a Cable & Wireless Admin 1234 Cabletron netman n/a Cabletron n/a n/a

Canyon Administrator admin Canyon 192.168.62.1 admin 1234 Cayman Any n/a Cisco cisco cisco Cisco n/a san-fran Conexant n/a admin Conexant n/a epicrouter Dell 192.168.1.1 admin admin Digicorp n/a BRIDGE Digicorp n/a password D-Link 192.168.0.1 192.168.0.30 192.168.0.50 n/a n/a D-Link 192.168.0.1 or 192.168.1.1 Admin Admin D-Link n/a admin D-Link admin n/a D-Link user n/a D-Link n/a 1234 D-Link n/a year2000 E-Con admin epicrouter Edimax admin 1234 Efficient login admin Efficient admin admin Efficient Networks n/a hs7mwxkk Elsa n/a cisco Ericsson (Formerly ACC) netman netman E-Tech n/a admin E-Tech 10.0.0.2 admin epicrouter Flowpoint 192.168.254.254 n/a admin Flowpoint n/a password Fujitsu Siemens n/a connect

Gateway admin admin IBM n/a ascend Infosmart admin 0000 Intel admin hello Intel NICONEX NICONEX Intel n/a babbit Ipstar admin operator JAHT 10.0.0.2 Admin epicrouter Linksys Administrator admin Linksys 192.168.0.1 192.168.1.1 192.168.1.225 192.168.1.226 192.168.1.245 192.168.1.246 n/a admin Linksys 192.168.1.1 192.168.1.251 admin admin Livingston !root n/a MacSense admin admin Medion n/a medion Microsoft Broadband Networking Routers also known as “Base Station” routers 192.168.2.1 admin admin Microsoft Broadband Networking Routers also known as “Base Station” routers n/a admin Mikrotik admin n/a Motorola cablecom router Motorola admin motorola Motorola admin password Netgear 192.168.0.1 admin password Netgear 192.168.0.227 admin password

Netgear n/a 1234 Netgear Admin 1234 Nokia m1122 m1122 Olitec admin admin Olitec admin adslolitec Pentagram admin password Pentagram n/a pento Pirelli admin mu Pirelli admin microbusiness Pirelli user password Siemens superuser admin Sitecom 192.168.0.254 admin admin Sitecom 192.168.0.1 n/a sitecom SmartSwitch admin n/a SMC 192.168.2.1 n/a n/a SMC admin admin SMC 192.168.2.25 admin smcadmin SMC n/a smcadmin SMC admin barricade SMC cusadmin highspeed SMC n/a 0000 SMC 192.168.2.1 n/a n/a Speed Touch (Alcatel) 10.0.0.138 Administrator n/a Speedstream admin admin T-Comfort Administrator n/a Teledat admin 1234 Telekom Malaysia ZXDSL ZXDSL Telekom Malaysia ADSL expert03 Teletronics 192.168.1.1 admin 1234 Telnet 192.168.1.1 n/a n/a UNEX n/a password

US Robotic 192.168.123.254 admin admin US Robotic admin n/a US Robotic root 12345 US Robotic n/a 12345 Westell admin sysadmin X-Micro super super X-Micro 1502 1502 Xyplex n/a access Xyplex n/a system Yakumo admin admin Zyxel admin admin Zyxel 192.168.1.1 admin 1234 Zyxel n/a 1234 Zyxel n/a n/a