Hey guys, I am Long - student from National University of Information Technology. Thanks for visiting my Blog !
This Blog is a place where I put all my knowledge about Microsoft Certified IT Professional (MCITP) :
The Microsoft Certified IT Professional (MCITP) certification helps validate that an individual has the comprehensive set of skills necessary to perform a particular job role, such as database administrator or enterprise messaging administrator. MCITP certifications build on the technical proficiency measured in the Microsoft Certified Technology Specialist (MCTS) certifications. Therefore, you will earn one or more MCTS certifications on your way to earning an MCITP certification.  (Quote from Microsoft)
The fields I focus on are : SA (Server Administrator) & EA (Enterprise Administrator) . The older versions are MCSA & MCSE .
In the next posts, I will try to make things clear to help you understand step by step easily .

You just need a basic understanding about Computer to learn this, so don't hesitate to take a look, learn something new, and prepare for longer steps in future .


Good luck with your study & your career !
I tested it successfully on FireFox, Chrome Plus and IE ^^ and I guess It works perfectly on other browsers .
This hotkey is very useful for lazy person like me .
When I am browsing a website, for example eyesfall.blogspot.com and I want to go to Google.com , as usual I need to select all text on my address bar, delete it and type Google.com .
but I found out that I just need to press F6 to do that .

Try it yourself !
Start -> Run -> Type CMD and hit Enter , a new Windows appears : You've just opened Command Prompt .

Type anything you want, like "ipconfig" to view Ip configuration of your comnputer ...

If you want to clear your black screen : just type cls (it's not case-sensitive, don't worry) and hit enter . Enjoy !
When you go out and don't want to re-open your data, program...
Hibernation is a good choice, it saves all data in hard disk when hibernating and recover all of them into RAM when start-up.

To use it : Start -> > (right arrow near Shutdown button) -> Hibernate .

If you DON'T SEE IT :

Step 1 : Start > Run > CMD , hit enter : in command prompt type : powercfg -h on

If you still don't see Hibernate button, go to step 2 :

Step 2 : Start > type "power " > and click on "Edit power plan" ABOVE
Click to "Change advanced power settings" > Expand + in "Sleep" and make sure that "Allow hybrid sleep" is OFF .

I) Home Folder :

To centralize users data storage, File Server becomes a place where users put all their data . Every user has private space on File Server .

We use Home Folder to do that :
- User has his own Foler
- Share permission and security permission
- Map a folder from Server to user's computer as network drive .

Step 1 :  Create a folder on File Server,
Step 2 : Share everyone - full control & remove users group in tab Security .
Step 3 : Start > Run > dsa.msc > double click to user you want to grant Home Folder => Tab Profile --> Home Folder , at Connect : type \\DCname\ShareFolder\%username%  and click Apply.

Note : DCname : name of Domain Controller, it can be IP address.
          ShareFolder : name of share folder.
          %username% : after you click apply, it will change to name of user
To modify policies in Domain, we use Group Policy Management  :
 (Note that we are on Domain Controller )
Start> Administrative Tools  >Group Policy Management

From the left panel, click to a "+" sign : Forest :Long.local >  Domain > Group Policy Objects
  • Default Domain Policy : Affect to all Domain (Domain Controller and Domain member/member server)
  • Default Domain Controller Policy : Only afftect to Domain Controller\
For example :

1/ Password Policy : 
We use Default Domain Policy > Right Click and choose Edit  : a new dialog appear

Computer configuration> Policies> Security Settings> Account Policies> Password Policies

affect all Domain .

2/ As you might know that user (not Domain Administrators) cannot log in locally on Domain Controller.
But there is a policy that you can do it , because you want this policy affect only to DC, so :

Right click : Default Domain Controller Policy > User Right Assignment> Allow logon locally .


The point is, when Administrator is on a member computer,  how can he manage a Domain ?

On :
Windows XP, 2K3, Vista : we use a software call Adminpak.msi
Windows 7 : Download and Install remote administration tool
Windows server 2008 : Server Manager> Right Click Features > Add Features > Check to :

  • Group Policies Management
  • Expand Remote Server Administration Tools > Role Administration Tools > AD DS & AD LDS Tools >  AD DS Tools> Check to Active Directory Administrative Center .
  • Add requirement features. Next .

=> Install .

* Admin can manage time and computer for user logon (when ? - which computers ?) by accessing Active Directory User and Computer> Double Click to User > Account : Modify Logon Hour and Log on to .
I) Introduction to Domain :

- In workgroup : Data and Policy stay on computers, if you want to make a change - you must change each of them . Imagine that you company has a hunred computer, you want to add a user and this user can log on every computer => You must do a job create a same new user 100 times ! to 100 computers . Absolutely it's not time-efficient, and very boring job .

- So Domain saved the world - It is a model which data is stored in 1 computer. Now you just create a new user on a Domain - so he can log on every computers on that Domain.

Domain Controller (DC) : a computer has been installed Active Directory Domain Service and has a responsibily to manage Domain system .
A computer can be a DC if it meets these requirements :
- Using Windows Server (2000, 2003, 2008)
- DNS Server .

Domain Member (Windows workstation - Windows XP, Windows 7 ...) & Member Server (Windows Server : 2003, 2008 ...)
- A computer joins to Domain system will be managed by DC
- This computer must have Windows operating system newer than Windows 95 .

II) Upgrade windows server to Domain Controller :
 2 steps :

- Configure IP and DNS (as usual, we configure DNS the same with IP address of this computer - It's also a DNS Server) 
- Start> Run> DCPROMO - hit Enter. 

Please wach my video ^^

III) Join a computer to Domain :

IV/ Domain Environment :

To manage user/group and other object in Domain, we use tool called : Active Directory Domain User and Computer in Start> Administrative Tools or Start > Run> type : DSA.msc .

Creating a new user, you need to provide a password meet complexity with 7 characters, capital, number ... 

As a member user of a Domain, user can log on any computer in domain except Domain Controller (Only Admin can do that).

(But you can change a Policy in User Right Assignment to Allow logon locally)