How to add clients in domain advance method used in Company Environments Server side Configurations
In
our last article we have added client in domain using default
administrator account. Administrator account can be used in LAB
environment. But in a real company environment using administrator
account for joining or disjoining process create a huge security risk.
Always avoid using administrator account for this process. In this
article for server side process we would create a special user account.
For this article I assume that
On Server computer Login from administrative account and open Active directory users and computers.
Right click on Users folder and select User form New options
In open window fill the user information and click on next
On password screen give password and remove tick mark from User must change password at next login
On summary screen click on Finish button
Verify that you have successfully created user accounts
Now make this user the member of built in Domain Admins group
User must be show in the Member tab of Domain Admins group's properties
Now create a computer account for client computer. Right click on Computers folder And select Computer from New options
Give client computer name [ Make sure you give exact same name which you have on client computer, Check it before giving here on client computer ]
On managed screen Do not check on This is a managed computer Click on next
On next screen click on finish
Next step is to grant the access of add client in domain. To do this open domain controller security policy
In left pane expand the local polices. In local polices select User
Rights Assignment and in right pane double click on Add workstation to
domain
Now add administrators [group], administrator [Account], and Vinita[ User which you want to grant the access]
Now refresh the group policy by running GPUPDATE commands in run
We have completed all necessary steps on server in our next article we will see how to use this account to make client
For this article I assume that
- ADS is configured on server 2003 and working
- DNS is configured on server 2003 and working
- Client computer is connected with Server.
On Server computer Login from administrative account and open Active directory users and computers.
Right click on Users folder and select User form New options
In open window fill the user information and click on next
On password screen give password and remove tick mark from User must change password at next login
On summary screen click on Finish button
Verify that you have successfully created user accounts
Now make this user the member of built in Domain Admins group
Now create a computer account for client computer. Right click on Computers folder And select Computer from New options
Give client computer name [ Make sure you give exact same name which you have on client computer, Check it before giving here on client computer ]
On managed screen Do not check on This is a managed computer Click on next
On next screen click on finish
Next step is to grant the access of add client in domain. To do this open domain controller security policy
Now add administrators [group], administrator [Account], and Vinita[ User which you want to grant the access]
Now refresh the group policy by running GPUPDATE commands in run
We have completed all necessary steps on server in our next article we will see how to use this account to make client
No comments:
Post a Comment