Module 10: Configuring Windows XP Professional to Operate in Microsoft Networks

Overview Examining Workgroups and User Accounts Creating and Authenticating Local User Accounts Configuring Local Security Configuring Networking Options in a Workgroup Operating in a Domain

Lesson: Examining Workgroups and User Accounts Examining Workgroups Examining User Accounts

Examining Workgroups Workgroup Characteristics: Peer-to-peer network No centralized administration

Examining User Accounts Enable users to perform administrative tasks or gain temporary access to network resources Reside in SAM (local built-in user accounts) Reside in Active Directory (domain built-in user accounts) Enable users to perform administrative tasks or gain temporary access to network resources Reside in SAM (local built-in user accounts) Reside in Active Directory (domain built-in user accounts) Built-in User Accounts Administrator and Guest Enable users to log on and gain access to resources on a specific computer Reside in Security Accounts Manager Must be created on each computer Enable users to log on and gain access to resources on a specific computer Reside in Security Accounts Manager Must be created on each computer Local User Accounts Enable users to log on to the domain to gain access to network resources Reside in Active Directory Enable users to log on to the domain to gain access to network resources Reside in Active Directory Domain User Accounts

Lesson: Creating and Authenticating Local User Accounts Creating Local User Accounts Authenticating Local User Accounts SAM User 1 User 2 User 3 SAM User 1 User 2 User 3 SAM User 1 User 2 User 3 SAM User 1 User 2 User 3

Creating Local User Accounts

Authenticating Local User Accounts Users log on locally 1 1 SAM Credentials sent Logon information compared 2 2 Access token Access token created 3 3

Lesson: Configuring Local Security Introduction to Microsoft Management Console Creating a Customized Security Console Configuring Account Policies Configuring Local Policies Configuring Ctrl+Alt+Del Options Configuring Logon Options in a Workgroup

Introduction to Microsoft Management Console Console Tree Snap-ins Details Pane

Creating a Customized Security Console

Configuring Account Policies Password Policy Account Lockout Policy

Configuring Local Policies User Rights Assignment Security Options

Configuring Ctrl+Alt+Del Options

Configuring Logon Options in a Workgroup Changing the Welcome Screen Enabling Fast User Switching Disabling Fast User Switching

Lesson: Configuring Networking Options in a Workgroup Installing Home and Small Network Networking Configuring Connection Sharing Configuring Network Settings

Installing Home and Small Network Networking To gain access to Network Setup Wizard and Home and Small Network Setup checklist Complete the checklist, and then click Network Setup Wizard to return to the wizard 3 3 On the Welcome page of the Network Setup Wizard, click Next, and then click Checklist for creating a network 2 2 Click Start, click Control Panel, click Network and Internet Connections, and then click Set up or change your home or small office network 1 1

Configuring Connection Sharing

Configuring Network Settings

Lab A: Operating in a Workgroup Exercise: Joining a Workgroup

Lesson: Operating in a Domain Requirements for Joining a Domain Domain Computer Accounts User Authentication in a Domain Cached Credentials Security Identifiers and Access Control Entries Group Policy and Security Settings

Requirements for Joining a Domain Joining a Domain Requires: A domain name A pre-existing computer account or the permission to create a domain computer account An available domain controller and a server running the DNS service

Domain Computer Accounts Domain computer accounts are necessary to log on to the domain Users have the choice of logging on to the:  Local computer  Domain Users must press CTRL+ALT+DEL to display the Log On to Windows dialog box  User enters a valid user name and password  User chooses whether to log on to the local computer or a domain

User Authentication in a Domain Credentials are checked against Active Directory database Users in a domain can log on from any domain computer that has been granted access

Cached Credentials Credentials are cached in a secure area of the registry Cached credentials enable log on if Active Directory is not available

Security Identifiers and Access Control Entries A computer or user account is assigned a unique security identifier (SID)  A SID is verified when a user attempts to establish a connection with a domain resource  A SID is created for each account Each directory object, or resource, is protected by access control entries (ACE) Users logging on to the local computer may access domain resources; they will be prompted for a valid domain user name and password

Group Policy and Security Settings Group Policy snap-in displays as Group Policy Group Policy updates are dynamic and occur at specific intervals  If no changes to Group Policy, the client computer refreshes Security Policy settings at regular intervals  If no changes are discovered, Security Policy settings are processed

Lab B: Operating in a Domain Exercise: Joining and Operating in a Domain