- Microsoft Azure (Virtual Machines/Compute)
- Remote Desktop
- Active Directory
- File Permissions
- Security Groups
- Windows 10 (21H2)
- Ubuntu Server 20.04
- Step 1: Login to both VMs
- Step 2: Create Shared Folders & Set Permissions
- Step 3: Test Permissions
- Step 4: Create Security Group & Grant Additional Permissions
- Step 5: Test Security Group Members' Access
Step 1: Remote Desktop into both VMs that were used in the previous lab (DC-1 & Client-1). These are the subject VMs that will be used again for this lab with DC-1 being the Domain Controller once again.
Step 2: Create four folders on DC-1's C: drive all with different access permissions: "read-access" - permission: read, "write-access" - permission read/write", "no-access" - permission none, "accounting" - permission read/write.
Step 3: Log into a random employee account on Client-1 to test the newly added permissions/access created in step #2. Type "\\dc-1" into file explorer to show all shared folders created on the domain in step #2. Next, click any of the created shared folders and try to perfrom an action that does not align with the permissions used for said folder. You should not be allowed to open the folder titled "no-access" or write in the folder titled "read-access", etc.
Step 4: Create an "Organizational Unit" (OU) in Active Directory on DC-1 titled "Security Group". Next, create a new group within the OU titled "Accountants". Add Client-1's account to the list of "Accountant" members in the group (this will give the client-1 account access to the shared accountant folder created earlier).
Step 5: Restart Client-1 to allow the new permission settings to enable. Next access the shared "accountant" folder in \\dc-1 to verify access was successfully set up and granted for this user/employee. This is the conclusion of the lab.