ECB3142 – Active Directory Design and Management Victoria University 1 Assignment – Network Design and Implementation Due date: 5:00PM Friday in Week 12 Weighting: 30% Scenario A You are a network specialist for techxx.com (where xx is the number of your assigned account student-xx to login to VSphere Client). You company have 5 servers running window server 2012 (SRV-DCA, SRV-DC-B, SRV-DC-C, SVR-MBR-B and SVR-MBR-C). You are given a subnet 150.100.xx.0 (the value of xx is the same as above), mask 255.255.255.0. You are required to design and configure a network with active directory according to the following requirement: At least two server computers must act as active directory domain controller for the techxx.com, to support the high volume of user for your company. Among them, one should be configured as Read Only Domain Controller which does not allow modification of the active directory database. Your company opens two branches for two different locations. Two child domain controllers are needed for domains MEL.Techxx.com and SYD.Techxx.com. Melbourne branch have more user and customer than Sydney branch. One more server is need for MEL.techxx.com domain, but it should be configured using Sever Core version as only basic finicalities are required on this computer. Task 1 (5 Marks): Network Design and Initial Setup  Design and draw the network topology based on the above requirement. Clearly label the server computer names, assigned IP addresses, assigned domains, and DNS IP addresses.  Clean up the 5 server computers from existing configuration as result from lab exercise.  Set up the server computers (name, IP addresses, DNS IP addresses) according to the proposed design. Use IP configures all to verify the configurations, capture the screenshots. Task 2 (7 Marks): Active Directory Configuration  Configure the active directory following the proposed design. ECB3142 – Active Directory Design and Management Victoria University 2  Capture necessary screenshots to demonstrate the steps taken to configure the network, and provide some explanation for your steps.  After completed the configuration, verify the network configuration by using ipconfig all and SRV records of DNS of the root and child domains. Capture these verification screenshots. Scenario B Due to the change of company structure, Sydney Department will be closed down. The company decided to move the domain controller for Sydney to Canberra and configure them under a new child domain 'CAN.techxx.com'. Due to high demand at Canberra branch, the company would like to move the Sever Core domain controller previously configured for Melbourne branch to be an additional domain controller of the CAN.techxx.com domain. Some group policies also need to be set up for the network. Task 3 (12 Marks): Demote Domain Controllers and Configure New domain  Draw the new network topology based on the requirement of scenario B.  Remove domain controller from the Sydney branch. (Capture Screenshot for ipconfig all command after removal)  Remove Sever Core domain Controller from the Melbourne Branch. (Capture Screenshot for ipconfig all command after removal).  Configure active Directory for CAN.techxx.com domain according to the scenario B.  After completed the configuration, verify the network configuration by using ipconfig all and SRV records of DNS of the root and child domains. Capture these verification screenshots. Task 4 (6 Marks): Using Software Restriction Policies under CAN.techxx.com  Apply Path Rule to Internet Explorer program (iexplore.exe)  Apply Hash Rule to regedit file  Apply AppLocker to Command Prompt program (cmd.exe)  Take necessary screenshots and provide short description of the steps taken to apply the above policies, and demonstrate that the policies have been applied properly. ECB3142 – Active Directory Design and Management Victoria University 3 Assignment Specific Requirements  You are required implement the active directory according to the tasks specified above.  You will prepare a documentation that provides the network design and describes the steps taken and the screenshots of the system.  The description of steps does not need to be as detailed as in the lab manual, but it should provide enough information for reader to understand what you did to achieve the desired specification.  Mark will be given to screenshot of the system and quality of the step description.  You are suggested to use the VMware provided in the course to complete this assignment. If you chose to use your own laptop, it is your own responsibility to setup the necessary system for the Virtual Machines. Submission Requirements You are required to submit a word document containing Assignment Cover Sheet (provided on VU Collaborate) with your name and student ID, together with the screenshot and step description. The content in the document may be compared with the actual implementation. Therefore, you are required to maintain the system after completing and submitting your assignment. You may be requested to present your implementation to verify your work. Assessment Criteria Your assignment will be marked based on the functionality of the system after implementation and the quality of your documentation. Penalty of 5% will be applied for each day late. A sample of the Marking Scheme is provided in the next page. ECB3142 – Active Directory Design and Management Victoria University 4