Let windows create your users roaming folder
So you have installed active directory by following the instructions below
You then created your users and filled in there general profile by using the link below.
Now it would be great if when a user connects to the domain for the first time the users folder is automatically created. This saves the admin with a lot of hassle. So for this example I will go back to the user I created called "testing t Sampson"
1, Click Start
2, Administrative Tools
3, Active Directory Users and Computers
4, You will now see a list of users created using AD. Find the user you want to edit and right click on the name then left click properties. You will then have the properties box for that user open in a window.
5, Click on the Profile tab
You can see what it looks like in the example below.
Now lets set the users profile path so that when they logon a folder will be created automatically. Whatever you have typed in to the profile path remove it. Now type in the name of the server ie the pc name my server is called "WIN-39AS0DKX4RG" so I will type in \\WIN-39AS0DKX4RG you will notice I have put 2 backslashes before the computer name.
You then need to type in the name of the domain. My domain for this tutorial is called mathswhizz.local so I will type in .mathswhizz.local you will notice the decimal before the domain name.
So now I have got \\WIN-39AS0DKX4RG.mathswhizz.local
Now we need to type in the name of the shared folder which will hold all of our users. For this tutorial I created one called "Profiles"
So now my path looks like \\WIN-39AS0DKX4RG.mathswhizz.local\Profiles
We now need to add the name of the user we want a folder to be created for in my case I will add the name Sampson.
so now my full path is \\WIN-39AS0DKX4RG.mathswhizz.local\Profiles$\%sampson%
Now when a user called Sampson logs in to my AD domain for the first time a user folder will be created for them. They will be able to save documents and keep all personal data stored safely on the server.
We are going to create a user profile in server 2008
This stage will show you how to create a path to your user profile. This will create you a folder on the server so you can save your personal documents. You will also be able to set your desktop icons and background to your fancy. This way when you logon with your username and password everything will be as it was the last time you logged on. You will also be able to logon form another PC using your username and password. This is called a Roaming Profile.
Logon on to your server and open "Users" folder for instance in this tutorial my users folder be located at,
Local Disk C, Users
to navigate there for people that do not know look at the steps below.
Click on Start, Computer like I have done in the screen print below.
Now click on Local Disk C and you will see the window below. You will see the standard User folder which is already there like in my screenprint below.
For this tutorial we will create our roaming profiles for our user accounts in this folder. So click on the User folder and open it up.
Inside the user folder it will look like this screen print below. With one exception I have created lots of users here for testing purposes. Your folder will be almost empty if this is a new installation
Now we have navigated to where we are going to create a roaming profile user folder we can start.
We need to create a new folder for the user we created earlier (at the start of my active directory lesson we created a user called "testing t sampson")
So right click on your open window left click New, scroll to "Folder" and left click, this will create a folder. You need to name this folder "testing"
Now you have renamed your folder you should see the screenprint below which shows your folder this is the folder our user will use to save there profile. You can now close this window for the time being.
Now you need to navigate to "Active Directory Users" like I have in my screen print below.
Now you should have open in front of you a window like mine below which shows all of your active directory users. The one we are interested in is the one we created earlier called "testing" so right click on the username and left click properties
You will now see the window change to the one below which shows the properties for that user.It is here within the properties box we tell windows where to locate the user folder for the roaming profile.
Now looking at the box above I want you to cick on where it says "Profile" (can you see it in all the tabs) This will make the window change to the one below.
There are lots of reasons why we can get the error "
Windows cannot locate the server copy of your roaming profile
If you have not created a profile path this would be just one of the reasons. So when we create roaming profiles we also need to tell windows where to look for our folder. So looking at the window below where it says "Profile path" we need to type in the location of the folder we created earlier.
Look at the screenprint below and you will see I have typed in the path of where my folder is located. You need to type the path to your folder. Once you have done that you need to click on "Apply" to save your change. You then need to click on "OK" to close the window.
Unfortunately we will still get the error
"Windows cannot locate the server copy of your roaming profile"
Why? because we have not yet created a share, that's right we need to create a share between the user and the folder. There is no point telling a user that there folder where there profile will be stored is there's if we don't tell the folder that the user can use it.
So navigate back to the folder we created earlier, to do this if you have forgot!!
Click on Start, Computer, Local Disk (C), Users,
You should now have your folder open like mine below. We can now share it.
So right click on your folder and left click properties a new window will open like mine below. You need to left click on the "Sharing" tab
Your window will change to the one below, click on "Advanced Sharing"
The window will now change to the one below you need to put a tick in the box which says "Share this folder" when you put a tick in this box the other boxes will become available.
So click on the one that says "Permissions" like in my image below.
This will open another window like below, you need to click on "Add"
This will change the window to the one in my image below, you need to click on "Advanced"
You now need to click on "Find Now" like mine below.
This will open a window like mine below which shows all active directory users. You need to find the user name we created earlier and left click on them to highlight there name and click "OK"
You will see the window change to the one below. Just click "OK" to close this window. (make sure you do not close any other windows)
You will now see the window below you will see our user we created only has "Read" permissions this is not good enough because we can not save to a folder where we only have "Read" permissions so change it to "Full Control" (we will look at permissions later)
Click "apply" then click "OK" to close the box, then close any other open windows.
That's all of this stage complete for now, you should be able to login from your PC, workstation and connect to your server assuming you have setup your PC or Workstation to connect to your Domain.
But !!! Who wants to create a folder for all the users you may have. So how about setting things so that we simply tell windows to create the folder for us. This would make life so much easier. So click the link below to see how to set up a roaming folder.
Active Directory 2008
What is a forest?
A Forest is the largest container in Active Directory it is a collection of domain trees, which do not have contiguous namespace (as in figure 1). So they do not have to belong to the same Domain tree.
So let’s say there is a company called vacume.com which has several departments one of those being sales. If this company had merged with another company called vacumeexpress.com it would be a good idea if they could merge there data so that users from both of the sales departments could logon from either of the 2 company’s and access all data related to sales. To achieve this we create a Forest. The Forest enables us to merge Domain trees, which enables users that have been given access to logon from both sites and access the same data. Regardless of what company building they are at. This would make the company data more accessible for users.
Example of a Domain Tree
When Windows server 2008 is part of a network the earliest Forest functional level Domain controller we can use is Windows 2000. This is because Windows Server 2008 does not support Windows NT. There is no functional level for an operating system before this. The idea of a forest is to make communication easier among non contiguous namespace Domain trees. It allows centralised management of resources.
Server 2008 Users Accounts
This is how you create a user account in server 2008.
Click on "Start" "Administrative tools" "Active Directory Users and Computers"
When you left click on "Active Directory Users and Computers" you will see the screen like mine below.
You need to look for the name of your domain (as you can see I called this one mastersworldofcomputing.local) Now click on the little plus + symbol next to the name of your domain like I have done below. This will show all the folders, we are interested in the one that says "Users"
Now double left click on the "Users" folder and look in the pane to the right of it. You will see it will list all users like in my screen print below.
Now we can create a user from here so look at the screen print below and see how I did it. I clicked on "Action" tab at the top of the screen scrolled down to "New" then scrolled across to "User" and left clicked on it.
Now you have clicked on "User" a window will open like mine below, where you have the option to put in some details about the new Active Directory user account you want to create. You can enter what ever details ou want here for this tutorial.
I will show you the same window below as above with the details I have added for my user account. Once you have added your details click "Next"
You should now see the same window I have got in my screen print below which is telling you to type in a password. Remember with passwords it is better to stay away from names that make any sense to you or anybody else. Once you have typed in your password click "Next"
You will now get this screen print telling you that you are about to create an object (user account) just click on "Finish"
If when you click finish you get the following error message like in my screen print it means the password you have chosen is not good enough just click the back button and create a new one. (for creating good passwords read here)
If you was successful you will be taken back to this window like below, you will notice the user account we just created is now listed in the right hand pane. The user account I created is at the bottom of the list because the name's are listed in alphabetical order.
We have now completed this part of the tutorial the next part of this active directory users tutorial will be about creating a user profile location. This will be required if you want a Roaming profile which is something a lot of people want so there data can be stored on the server. Click the link below to move on to
How to install active directory? This tutorial will show you step by step how to install active directory using server 2008.
I will show you how to setup up Active Directory from Install to the point of creating a roaming profile.
Learn how to configure your windows XP computer to join a domain in server 2008?
I keep getting an error saying Network path not found how do I stop this?
I get an error message which says that my server copy of roaming profile can not be located?
So lets begin on the server we need to install Active Directory Domain Services before anything else.
Click “server manager”
This will open window like below.
Scroll down to “add roles” on the right hand side and left click with your mouse. This will open a window like below. You can just click "Next" as this windows is of no importance to us.
You will now see open a window called “Select server roles” like in my screen print below. You need to place a tick in the box which says “Active Directory Domain Services” and click next
The next window to open will be an introduction to active directory simply click next
The next window you see will be just confirming you want to install “Active Directory Domain Services” so click “Install”.
The next window you see will be the installation window like my screen print below.
The next window we see is the "Installation Results" window if you look at it you will see "Installation Succeeded" you can click on the tab that says "Close"
Now that it is installed you need to launch "Active Directory installation wizard" you can do this by typing (dcpromo) in to a terminal.
After typing “dcpromo" you will see the below screen
You need to make sure there is a tick in the box which says “use advanced mode” then click “next”
You will then see the following warning sign
Just click next once you have read it.
We are now given the choice on where to create the domain controller. The options are
1, Add a domain controller to an existing domain
2, Create a new domain in an existing forest (This will cause the domain controller to be the first domain controller in the new domain)
You can create a new domain in a new forest
For this tutorial we will “create a new domain in a new forest” so place a mark in the appropriate box and click “Next”
When you click next you will see a new window open like below. Here you will be able to type in a domain name. Once you have put in your domain name click “next”
You will now see a small window open with the message “verifying netbios name”
Once that message has gone you will get a new window like the one below. If you are happy with the netbios name simply click “next”
You will now see another window like below which is giving you the chance to select the forest functional level. You will see I have server 2003 highlighted on mine as I do not have any server below that i.e. (THE EARLIES SERVER I HAVE ON MY DOMAIN IS SERVER 2003) so there is not much point in my choosing server 2000. If you do have server 2000 then you must choose it. Once you have selected the earliest server functional level click “next”
You should now see the window below. You will notice that “DNS” has been automatically ticked so you only need to click “next” assuming you want DNS enabled which Im confident you will.
You will more than likely get a DNS error like in the screenprint below. Do not worry we simply have not got round to dealing with DNS yet we will shortly. So just click “yes”
You will now see the window below, here you are given the opportunity to say where you want the logs stored. If you are going to change them then do so now. We change them for security reasons, if you choose not to so be it that is your decision. Simply click “next”
Your window will change to the one below. You are given the chance to now put in your password. Choose a good one. When you have put your password in click next
You will now see the screen-print below Click next.
Your window will now change to the one below You can see the wizard now configuring active directory.
When it has been configured you will see the next window below just click "Finish"
(We could have just placed a tick in the window above which would have rebooted our server when it had finished. I chose not to do this so I could take you through all the steps. It would have made no difference to the outcome.
When you click finish you will get a little window like below telling you that you need to reboot your computer. You should do this as soon as possible.
Now you have rebooted your PC you have successfully installed Active Directory Domain services.
Next step will be to create a user account in active directory so to continue this tutorial click the link below.