1. Turn on your Windows 7 Virtual Machine and log in.
2. We are going to make this computer a member of your new domain!
3. Then we’re going to play with some packets. J
4. First make sure your Windows 7 has an IP address and can get on the Interwebs.
5. Don’t use MY IP address, but use the one from lab 2-7 last unit that I told you to use. Be sure your preferred and alternate DNS servers are YOUR servers, not mine.
6. Activate it if you haven’t done so already.
7.  Right click on Computer and select properties.

8. Click the Change Settings button.
9. Click Network ID.
10. This computer is part of a business network.
11. Your company uses a network with a domain.
12. Username: Administrator
13. Password: P@ssword (that’s what it SHOULD be, at least).
14. Where it says Domain name, you need to change the name of the computer to whatever your domain is. Mine is slaphappy.com so I’d type that in there.
15. It’s going to say it can’t find an account in the domain for your COMPUTER. That’s because you haven’t created one, so that’s cool.
16. Leave Computer Name the same and type the domain in again.

17. For some reason it’s going to ask for your credentials…AGAIN! Type them in again.
18. It’ll do its thing and add you to the domain. Here’s what it is doing:
1. Checking the domain to see if the username you used is correct and authenticating you.
2. Checking to see if that username has the right to join the domain and create computer accounts.
3. Creating a computer account in the domain.

19.  When it’s done it will ask you if you want to create a domain user account on this computer. YES you do.

20.  Why? Because if you set a domain account on your computer as a local administrator, when the computer won’t talk to the domain you can log in with that domain account locally and fix it.

21.  Leave it the same (since you’re only adding an already created account, not making a new one). Click next.

22.  Make it an administrative account.

23.  When you’re done it will tell you that you have to restart your computer. Do that.

24.  Note: You can do the same thing with a server, but not a domain controller. You might have, for example, a web server or file server that you don’t use for authenticating and controlling users.

25. Now check to find that computer domain. Go back to your server.
26. Go to Administrative ToolsàActive Directory Users and Computers.
27. Expand your server.
28. See those folders? Those are called Organizational Units. They are for organizing users, groups, and computers. Click Computers and you should see the computer you just joined to the domain.
29. Now go to your OTHER server. Do you see the same account there?

30. Wow! That’s nifty! Why does it do that?

31. Go back to Windows 7. You’ll notice that now you have to log in as administrator. Don’t log in yet. It’s not Best Practice to log in as an administrator on a local machine.
32. Let’s do ONE more thing. We’ll do more users later, but for now lets create you as a user.

33.  Go to ADDC1

34. Click on the Users Organizational Unit (OU).
35. Notice that there are little one heads and little two heads.
36. The one heads are users. There should be only two.
37. The two heads are groups. There are a bunch.
38. We’re going to create a new users.
39. Go under the Action MenuàNewàUser
40. Type in your full name.
41. Create a logon name. Click next.
42. Create a password. Note that your password MUST have at least three of the following:
1. Capital letter
2. Small letter
3. Number
4. Symbol
43. It must also be no less than 7 characters long.
44. Tell it that the user doesn’t have to change password at next logon.
45. And set it so password never expires.
46. Now to go ADDC2. WOW! That was fast, huh? It replicates immediately! (Replicates means it completely copies the full Active Directory Database from one domain controller to the other, so if one goes down the other one can take over.)
47. Now go to Win7 and logon as your new account. Were you able to get in?