This is an old revision of the document!
Migration of computers into the Active Directory
For the computer to be connected to the network, it must be supplied with the assigned Internet address (IP address), the subnet mask and the address of the default gateway.
Is there an automatic assignment of IP addresses in the local network, will the aforementioned parameters from a DHCP server assigned. In this case, the point “IP address automatically” is necessary clicked.
The following path leads to the window in which the adjustments must be made: Start> Settings> Control Panel> Network Connections> Local Area Connection> Properties> Internet Protocol (TCP / IP)> Properties.
If no automatic allocation of Internet address given, are the fields “IP address”:, “Subnet Mask” and the fields “IP address” is “default gateway” to fill the allocated values.
As DNS servers are in “Active Directory name” enter: 220.127.116.11 and 18.104.22.168, as a WINS server (Windows Server name) should be entered 22.214.171.124 and 126.96.36.199 (“Advanced …” button and tab “WINS “Select).
Entering the IP address of a Windows server name occurs after clicking on the “Add …” in each case - button. The check mark in front of “Enable LMHOSTS Lookup” can be removed. Management of computer through Terminal Server
After “the program” Active Directory on the Start menu of the terminal server under “Programs” “AD management - has called on users and computers”, you can see the domain in which you want to administer choose.
To get the computers to be managed in Access, you marked in the structure overview, the first displayed domain (top.gwdg.de, in the figure partially hidden) and selects restore the command “Connect to Domain …” or “Connect to Domain. .. “in the pull-down menu” Action ”. In a browser window, the desired domain can now be marked.
You marked in the “Connect to Domain” selecting “Save this domain setting for the current console” with a check mark, the selected domain in the future is always the same as the first display (The setting is saved in the profile.).
The selected domain is confirmed with “OK” and the display structure of the window changes to the selected domain:
In the Tree View window (left) one notices such. As the structural element “computer”. In it, there are machines that (organizational unit, OU) are inserted not in an organizational unit and thus receive no directives. Pictured are examples of the OUs “UG” and “UG UA CBW systems” included. These computers must be created in AD, so they can be given the defined for the respective OU policies. Setting Computer Account
Be set up for each computer in the Active Directory must have a computer account, in an organizational unit (OU) that was created specifically for the Institute, the department or workgroup. The computers in an OU can be prepared by using Group Policy in the same way for their functions and be treated. Even so, a certain group of employees, for example, the associated staff a unit be placed in the same OU, can use a shared memory area or a shared network printer.
In the example shown here the domain Agrar.Uni-Goettingen.de a computer account in the OU “UG-UAFB” is to be created.
The procedure is as in the structure (left) in “UG”, then in “UA-UG” and finally in “UG-UAFB”. Here three OUs are now set: “Server” for computers with server function, “systems” for the regular workstation and “user” for the user groups of the institute or department. In the latter usually an administrators group and a user group to be set up.
Click with the right mouse button on that OU in which you want to add the computer account, this “systems”. In the context menu select “New” and then “Computer”.
In the window that opens the new computer name is registered. It should be designed according to the scheme applicable in AD.
By pressing “Next” to get to a window, can be prepared in the that a computer should be centrally supplied with the operating system. In this case the computer must be marked as “managed computers”.
Normally, clicking here equal to the “Next” and comes to the final window in which you “Finish” clicks.
The result in this example is that now has the computer “UG-UAFB-CXXX” on a computer account. Joining a computer to a domain of the Active Directory
For Windows 7: It is in the start menu on Control in the operating window “system”. The Command “Change settings” leads to the possibility of changing Compute name and place of the Working Group “WORKGROUP” for example, the domain “Agrar.Uni-Goettingen.de” to choose. For Windows Vista: It is in the start menu on Control in the operating window “system”. The Command “Change settings” leads to the possibility of changing Compute name and place of the Working Group “WORKGROUP” for example, the domain “Agrar.Uni-Goettingen.de” to choose. For Windows XP: In the context menu of My Computer clicked properties and then go to the Computer Name tab on the command button “Change”. Here, instead of the workgroup “WORKGROUP” for example, the domain “Agrar.Uni-Goettingen.de” be chosen.
A “Windows Security” window requires you to enter an account that has permission to join the desired domain.
User name and password must be entered.
The “Computer Name or Domain Changes” window responds with “Welcome to the Agrar.Uni-Goettingen.de domain” the success.
The computer must be restarted for the changes to take effect.
The PC is now included in the “Active Directory”.
Policy acquisition by the PC
In another restart of the computer defined in the OU policies are adopted. (It happens that several “Re-Boots” are necessary.) You can help out with the command “gpupdate / force” in the command window of that computer:
Whether the guidelines were adopted, it checks for example, by looking at the firewall exceptions. Here should be free switched ports, among other ports now for the administration of the antivirus program Sophos via the “Active Directory” are displayed:
Among the established already on the computer firewall exceptions now come added those who were assigned via group policy from a “Organisational Unit” of AD. In this example it is the File and Printer Sharing, Remote Desktop and the three ports that must be enabled for the administration of “Sophos Anti-Virus”. More Settings
Some configurations may be different for operation systems.