1
00:00:06,990 --> 00:00:15,010
And this demonstration you'll see how to stage a delegated installation of a android is sea view and

2
00:00:15,010 --> 00:00:22,540
road is sees past for application policy can figure on the road is this specific password replication

3
00:00:22,590 --> 00:00:30,390
policy and verify the resultant password policy on this one and Sora manager.

4
00:00:30,550 --> 00:00:39,010
I'll click tools and then click active directory sites and services in active directory sites and services

5
00:00:39,310 --> 00:00:48,760
in the navigation pane I click sites from the action menu I'll click new site in the new object site

6
00:00:49,120 --> 00:01:00,850
dialog box in the name field I'll type Munich and select the default IP site link site link and then

7
00:01:00,850 --> 00:01:08,140
click okay in the Active Directory Domain Services message books I'll click okay and then switch to

8
00:01:08,380 --> 00:01:13,330
server manager and click tools and then click Active Directory.

9
00:01:13,360 --> 00:01:16,590
Administrative Center inactive directory.

10
00:01:16,720 --> 00:01:19,840
Administrative Center in their navigation pane.

11
00:01:19,840 --> 00:01:24,880
I'll click ADT them and then in the details pane double click.

12
00:01:24,880 --> 00:01:33,100
The Domain Controllers Organization or the unit in the task Spain and in their domain controller section.

13
00:01:33,340 --> 00:01:40,840
I'll click recreate a reading The Domain Controller account and in the Active Directory Domain Services

14
00:01:40,840 --> 00:01:43,090
installation reserved on the.

15
00:01:43,090 --> 00:01:49,640
Welcome to the Active Directory Domain Services installation resource page.

16
00:01:49,840 --> 00:01:55,450
I'll click next and on the network credentials page child click next.

17
00:01:55,450 --> 00:02:04,750
Then on the specify the computer name [REMOVED] I'll type the computer name as m you see Dash raw DC 1 and

18
00:02:04,750 --> 00:02:12,880
then click next on the select a side page I'll click Munich and then click next on the additional domain

19
00:02:12,880 --> 00:02:14,800
controller options speech.

20
00:02:14,950 --> 00:02:23,680
I'll accept the default settings and select the DNS server and global catalog check boxes and then click

21
00:02:23,680 --> 00:02:32,020
next on the delegation of roads C installation and administration page I'll click next and on the summary

22
00:02:32,020 --> 00:02:40,480
page I will review the selection and then click next then on their complete in the Active Directory

23
00:02:40,480 --> 00:02:42,970
Domain Services installation rather.

24
00:02:42,970 --> 00:02:45,290
PAGE I'll click finish.

25
00:02:45,310 --> 00:02:52,470
Now let's view and reduces password to application policy to do this in Active Directory.

26
00:02:52,570 --> 00:02:56,060
Administrative Center in the domain controllers.

27
00:02:56,140 --> 00:03:05,440
Oh you select em you see their Schroeders see one and in the task span in the you see this road is the

28
00:03:05,440 --> 00:03:13,780
one section I'll click properties learning that I mean you see there Schroeders see disabled properties

29
00:03:14,080 --> 00:03:15,970
dialog box I'll scroll.

30
00:03:15,970 --> 00:03:24,520
Scroll down to extensions and then click the password replication policy tab and review the default

31
00:03:24,550 --> 00:03:29,880
groups users and computers in the password replication policy.

32
00:03:29,920 --> 00:03:38,580
No I leave this dialog box open and to configure and rather a specific password replication policy.

33
00:03:38,890 --> 00:03:47,170
I'll switch to server manager and click tools and then click Active Directory users on computers in

34
00:03:47,170 --> 00:03:54,330
their navigation pane I'll expand a datum dot com and then click users on the action menu I'll click

35
00:03:54,330 --> 00:03:59,650
new and then click group in the new object group dialog box.

36
00:03:59,650 --> 00:04:08,100
I'll type the group name as Munich allowed to rather see password replication group and then click Okay.

37
00:04:08,230 --> 00:04:15,460
Then I'll double click Munich allow draw the a password replication group and click the member step

38
00:04:15,700 --> 00:04:24,790
and then click Add and in the select user contacts computer service accounts and groups dialog box in

39
00:04:24,790 --> 00:04:31,360
the enter the object name to select text box I'll type Anna and then click.

40
00:04:31,360 --> 00:04:40,660
Check box check names and in the multiple names found dialog box I'll select and I control and then

41
00:04:40,960 --> 00:04:42,180
click Okay.

42
00:04:42,260 --> 00:04:49,000
Out in the select users computers contacts dialog box I'll click Okay.

43
00:04:49,090 --> 00:04:56,410
And then in the Munich allowed I wrote this C password replication group properties dialog box I'll

44
00:04:56,410 --> 00:05:01,460
click okay and close Active Directory user or computer.

45
00:05:01,540 --> 00:05:03,940
Now I'll switch to active directory.

46
00:05:04,030 --> 00:05:12,580
Administrative Center and open the em you see the Schroeders see one properties in the extension section

47
00:05:12,820 --> 00:05:21,170
on the password replication Ball is a dirt pile click Add and in the out groups use a recent computer's

48
00:05:21,520 --> 00:05:30,070
dialog box I'll select the allow passwords for the account to replicate to this road this si option

49
00:05:30,370 --> 00:05:38,440
and then click or get out in the select user of computer service accounts or groups dialog box in the

50
00:05:38,530 --> 00:05:47,330
enter the object names to a select text box I'll type Munich and click check names and then click Okay

51
00:05:47,400 --> 00:05:54,850
get out in the em you see there Schroder see one disabled dialog box I'll click Okay.

52
00:05:54,970 --> 00:06:02,180
Now let's verify the resultant password policy in Active Directory administrative center of the task

53
00:06:02,180 --> 00:06:09,610
Spain of the m you see there Schroeders see one section I'll click properties and in the properties

54
00:06:09,610 --> 00:06:17,230
dialog box in the extension section on the password replication policy derp I'll click Advanced please

55
00:06:17,230 --> 00:06:26,080
know that the advanced password replication policy for AM use cedar Schroder C1 dialog box displays

56
00:06:26,320 --> 00:06:33,860
all of the accounts with passwords that are stored in this road is C so next on the display use there

57
00:06:33,860 --> 00:06:42,310
are some computers that meet the following criteria dropdown list I'll click accounts that have been

58
00:06:42,460 --> 00:06:50,260
authenticated to this read only domain controller and then you have to note that this page will only

59
00:06:50,260 --> 00:06:59,230
show accounts that have the requisite permissions and that the road SC has authenticated next on the

60
00:06:59,230 --> 00:07:07,300
result and Paul is a dab click out out in the select user of so computer's dialog box in the enter the

61
00:07:07,390 --> 00:07:15,790
object name to select field type Anna and click check names and then click Okay twice and we should

62
00:07:15,790 --> 00:07:20,290
have Anna who has a result uncertain of allow.

63
00:07:20,290 --> 00:07:21,710
Now let's recap.

64
00:07:21,820 --> 00:07:30,530
In this demonstration we saw how to stage delegated installation of Android is see how to view Android

65
00:07:30,530 --> 00:07:38,830
this is possible replication is and configure and wrote a specific password replication policy.

66
00:07:38,830 --> 00:07:43,180
We also verified the resultant password policy.

67
00:07:43,180 --> 00:07:48,800
Next up we'll be talking about separate and raw DC local administration.

68
00:07:48,820 --> 00:07:49,860
I'll see you there.