====== The dotcom project: Task 1 - Setting up the server ======
\\ 
====== Task 1 - Setting up and testing the server ======

 All steps contain links in the form of guides and videos that explain how to implement this step. During this task you will never need more than 2 VMs active at the same time, which means that 8 GB RAM is sufficient. However, please note that the next task will configure a system that consists of 3 VMs and therefore requires more RAM. The official operating instructions can be obtained directly from __[[https://www.virtualbox.org/wiki/Documentation|https://www.virtualbox.org/wiki/Documentation]]__ can be obtained directly from
\\
===== Documentation =====

To document the work carried out, create the following documentation for the entire **Task 1** a single document with a concise summary of the step, a description of the work process, the tests performed and a brief reflection based on this template:

{{ausbildung:dotcom_technische_dokumentationsvorlage.docx|Document template}}

In this document you document **all** tests that you carry out. If the tests turn out badly, leave the test results in the documentation and carry out new tests after making the necessary adjustments, which you then also enter in the documentation.
\\
===== Step 1: VirtualBox =====

A NAT network with the name NATnet should be configured in VirtualBox for the virtual machine. The network CIDR should be: 10.0.2.0/24 (normally the NAT network already has this value)

=== Information ===

{{ausbildung:dotcom_nat-netzwerk.mp4|dotcom_nat-network}}

__[[https://www.virtualbox.org/manual/UserManual.html#networkingmodes|Siehe VM Operating Instructions Chapter 6.2, 6.4]]__
\\ 
===== Step 2 =====
In this step, you will set up a virtual machine with Windows Server 2019 in VirtualBox based on the specifications.
==== Step 2a: Basic installation of Windows Server 2019 ====

Before you start the Windows installation, configure the network adapter and use the NAT network that you created in step 1. \\ 
=== Server basic settings ===
Virtual HW: 2GB RAM,\\ 1st partition: 40GB, 2nd partition 40GB\\ OS: Windows 2019 Server\\ Hostname: DC-ZH-01

Make sure that you install a version with a graphical user interface.

=== Information on ===

{{ausbildung:dotcom_win19srv_installieren_in_vb.mp4|dotcom_win19srv_install_in_vb}}

__[[https://www.virtualbox.org/manual/UserManual.html#frontends|VM User manual chapter 1.7]]__

__[[https://www.microsoft.com/de-de/evalcenter/evaluate-windows-server-2019|Windows Server 2019 ISO Download]]__


 ==== (Optional) Step 2b: Create an image of the Windows Server 2019 ====

In the next task, you will set up a second server. \\ Cloning a server is much faster and more convenient than setting up a complete server each time as in step 2a. \\ Later in your day-to-day work, you will most likely also clone with a template to save time.

\\ Prepare the server for cloning by removing specific information with sysprep.exe. \\ Export an image of the freshly installed server. Also remove the MAC address of the network adapter when exporting.

=== Information on ===

__[[https://www.netzwelt.de/anleitung/180025-windows-10-so-bereitet-windows-sysprep-klonen.html|Windows Clone sysprep]]__

__[[https://www.virtualbox.org/manual/UserManual.html#ovf|VM Operating instructions Chapter 1.14]]__

{{ausbildung:dotcom_image_erstellen.mp4|dotcom_image_create}}

\\
===== Step 3 =====
In step 3, set up a Windows 10 Enterprise client that you will use to test the services that you will install in the course of this training task.
==== Step 3a: Installing a Windows 10 Enterprise client ====

Install a Windows 10 Enterprise client within your virtual dotcom environment - i.e. in the same NAT network - with the following specifications:

=== Client Base Settings ===

Virtual HW: 2GB RAM\\ Partition: 30GB\\ OS: Windows 10 Enterprise N\\ IP address: DHCP (still DHCP of the NAT network)\\ Hostname: PC-ZH-01

=== Host information ===

__[[https://www.microsoft.com/de-de/evalcenter/evaluate-windows-10-enterprise|Windows 10 Enterprise ISO Download]]__
{{youtube>m37CkoGbP7w?medium}}


 ==== (Optional) Step 3b: Create an image Windows 10 Enterprise Client ====

It is helpful to use several PCs for testing. It is therefore also advisable to create a template from the PC. Export an image of the Windows 10 client in the same way as step 2b. With the difference that you do not have to prepare the PC with sysprep.
\\
===== Step 4 =====
The Active Directory service provides authentication and authorisation functions within a network. For example, the AD service here at Rafisa allows you to log on to any PC with your account.
==== Step 4a: Activating the Active Directory service ====

Give the server the static IP address 10.0.2.15 and gateway 10.0.2.1

 Activate the Active Directory domain server. Name the domain: **DOTCOM.INTERN**\\ \\ AD users and groups\\ First create the containers **DOTCOM\Users** and **DOTCOM\groups** containers. Create the following users and groups in them:

=== Users ===

  * Hans Müller (GL) 
  * Joseph Wolf (Technology / GL) 
  * Miriam Meier (Secretariat) 
  * Ismael Abramovic (Sales) 
  * Roger Schweizer (Purchasing) 

=== Groups: ===

  * GL 
  * Sales 
  * Secretariat 
  * Technology 
  * Purchasing 

=== Information on ===

{{ausbildung:dotcom_udemy_14.mp4|Udemy 14}}
{{ausbildung:dotcom_udemy_15.mp4|Udemy 15}}
{{ausbildung:dotcom_join_domain.mp4|dotcom_join_domain}}

==== Step 4b: Join the domain ====

Join the domain set up under task 4a with your installed client.
\\ When joining, the IP must be configured manually so that the client enters the network correctly.

=== Information ===

{{ausbildung:dotcom_ip_konfiguration.png|IP configuration}}
==== Step 4c: Check the AD service ====

Test whether the AD service is working correctly. You will need both VMs for this.

Document the test scenario with the documentation file created at the beginning.

=== Information on ===

[[https://wiki.rafisa.net/doku.php?id<ignore>=ausbildung:dotcom_aufgabe_1#hilfreiche_cmd_befehle|</ignore>Nützliche CMD commands]]
==== Step 4d: Check the DNS service ====

The DNS service and the AD service are so closely linked that activating the AD service automatically activates the DNS service as well.
If this has not happened, activate the [[https://wiki.rafisa.net/doku.php?id<ignore>=ausbildung:dotcom_aufgabe_1#dns-server|</ignore>DNS role]].
\\ Test whether this works correctly and document your observations in the documentation file created at the beginning.

=== Information on ===

[[https://wiki.rafisa.net/doku.php?id<ignore>=ausbildung:dotcom_aufgabe_1#hilfreiche_cmd_befehle|</ignore>Nützliche CMD commands]]
\\
===== Step 5 =====
DHCP is a communication protocol that is responsible for assigning the client's network configuration. For example, without DHCP you would have to explicitly configure the IP address, DNS server address etc. on each PC yourself. 
==== Step 5a: Setting up the DHCP service ====

Deactivate DHCP support in the NAT network if you have not already done so.

=== DHCP server ===

Activate the DHCP server role with a suitable DHCP range and the following DHCP options:

  * Gateway: 10.0.2.1 
  * DNS server: 10.0.2.15, 10.0.2.25 
  * Range: 10.0.2.75 to 10.0.2.149 

=== Information about ===

{{ausbildung:dotcom_udemy_12.mp4|Udemy 12}}

{{ausbildung:dotcom_dhcp_aktivieren.mp4|dotcom_dhcp_enable}}


 ==== Step 5b: Check the DHCP service ====
Configure the client so that it obtains the IP address automatically (from the DHCP server).
Test whether the DHCP service is working correctly. You will need both VMs for this.

Document the test scenario using the documentation file created at the beginning.

=== Information on ===

[[https://wiki.rafisa.net/doku.php?id<ignore>=ausbildung:dotcom_aufgabe_1#hilfreiche_cmd_befehle|</ignore>Nützliche CMD commands]]
\\
===== Step 6 =====
The Fileshare service enables access to shared resources throughout the network. 
==== Step 6a: Fileshare shares ====

Activate the fileshare service if it is not already activated.

=== File server shares ===

Create the following shares on the second partition:

  * GL 
  * Distribution 
  * Secretariat 
  * Engineering 
  * Purchasing 
  * Homes of the individual users 

Set appropriate authorisations for the individual approvals.

=== Information on ===

{{ausbildung:dotcom_udemy_26.mp4|Udemy 26}}
{{ausbildung:dotcom_udemy_27.mp4|Udemy 27}}

{{ausbildung:dotcom_fileshares.mp4|dotcom_fileshares}}

==== Step 6b: Check the fileshare shares ====

Test whether the fileshare shares are working correctly. You need both VMs for this.

Document the tests again in the documentation file created at the beginning.

=== Information on ===

[[https://wiki.rafisa.net/doku.php?id<ignore>=ausbildung:dotcom_aufgabe_1#hilfreiche_cmd_befehle|</ignore>Nützliche CMD commands]]
\\
 ===== (Additional task) Step 7 =====
In step 6 you probably noticed that the shares are not yet visible, e.g. drive (T:) Rafisa-Data-Share. We will change this in this task. 

 ==== Step 7a: Mapping file shares to drives ====
Create logon script with GPO.\\ Try to create a logon script with the help of the following tutorial and activate it for your users.

=== Information on ===

{{ausbildung:dotcom_udemy_31.mp4|Udemy 31}}

// (Configure the group policy as in the picture and not as in the video) //

{{ausbildung:dotcom_laufwerkeigenschaften.png|Dotcom_drive_properties}}

__[[https://www.tech-faq.net/netzlaufwerk-verbinden-per-gruppenrichtlinie/|https://www.tech-faq.net/netzlaufwerk-verbinden-per-gruppenrichtlinie/]]__

 ==== Step 7b: Testing the login script ====

Test the created logon script and document it in the documentation file.
\\


===== Knowledge =====
Before continuing with the second task, please answer the following questions in your documentation file.
  * Why can't the AD work without the DNS?
  * Why did you have to explicitly configure the IP in the fourth task?

===== Further information ======
This section contains information that you do not necessarily need, but which can be very helpful.

==== Helpful CMD commands ====
  * ** ipconfig ** can be used to display useful information about the system IP.
  * ** ping ** can be used to test the following: connection to other devices in the internal network, DNS service, Internet connection
  * ** nslookup ** is used to query the DNS server directly.

==== DNS server ====

The DNS server role should be activated automatically when the AD service is added. Here is more information on how to configure the DNS server separately.

=== Information on ===

__[[https://www.youtube.com/watch?v<ignore>=P6KEXb1pIFg|</ignore>DNS Add server role]]__


\\ \\
-> Click here to continue to [[de:ausbildung:dotcom_aufgabe_2|Task 2]]