Hello and welcome to the 5th part of this series. In this part we are going to test whether our domain is working properly. To do this, we are going to create active directory users and groups, create mailboxes for the users and ensure the users can logon and access their mailboxes using a domain joined client machine running Windows 8.

Install Windows 8 Virtual Machine

Now let us quickly begin with our client machine. In an earlier part of this series, we had a walkthrough on how to install the servers, and I mentioned that using the server walkthrough should make it easier to do the client machine on your own.

However, in case you had difficulty doing that, you don’t have to worry, as I am now going to quickly take you through that. The option of what client operating system to use can be a bit of a hassle. Let us work with a more recent OS: Windows 8.

MCSE Training – Resources (Intense)

I am going to skip the part where we configure the VM, as we discussed that in Part 2 of the series. So you can quickly jump back to that, read up, and then return here to install. There are just a few very easy steps.

After inserting the physical DVD into the physical system and it has been grabbed by the virtual machine, or after you have mounted the Windows 8 ISO into the virtual machine DVD drive, power up the virtual machine to see the commencement of the installation steps shown below in screenshots.

Accept the default options on language, time, currency and input method, then click Next.

Click Install Now.

Type in the product key and click Next.

Accept the Microsoft Software License Agreement by checking the I Accept The License Terms checkbox. Click Next.

Select the Custom: Install Windows Only (advanced) option. This option is good for a fresh install. The other option Upgrade: Install Windows and keep files, settings, and applications is for installations over an existing operating system in your VM, either when you are upgrading or just want to overwrite the same installation with the same OS, which may not necessarily be an upgrade (several reasons exist why you may want to do this).

On the next screen Where do you want to install Windows?, select Drive 0 Unallocated Space, the first drive you see (for fresh installs in VMs with blank hard drives) or any other drive of your choice (especially if you know exactly what you are doing).

Select the Drive 0 Unallocated Space option. Click Next.

Wait for Windows 8 to finish installing.

Personalize the interface by selecting a colour of your choice and typing a name for your PC.

On the Settings page, choose Express Settings.

On the Sign in to your PC page, ignore the email field where you are required to use your email as a Microsoft Account to sign in (requires internet access).

Scroll to the bottom for an almost obscured option (shown below) called Sign in without a Microsoft account. Select it and click Next.

On selecting the above Sign in without a Microsoft account, you will be given two options: ignore the first (Microsoft Account) and select Local Account.

Click Local Account.

On the Sign in to your PC page, provide the credentials you want to use for your Local Account such as username, password, and password hint.

Click Next.

The system commences creation and configuration of your account. When it is completed, you are shown your tile screen as shown below.


Now that this computer is installed and running, the next thing to do is to join it to the testlab.com domain. When joining this computer to the network, remember this table from our previous series shown again below:

Server Name


IP Address

DNS Server

DCEX-1 Domain Controller + Exchange Server

SPS-SQLDB SharePoint Server + SQL Server

CLIENT1 Windows 8 Client

In the above table, this client machine should have the IP address We now need to perform a set of tasks to successfully join it to the domain. It is possible at this time that while you were setting up this client machine on the VM you did not assign an IP address somewhere in the middle of the setup process, or you did not assign the correct IP address. To be certain, let us verify this:

  1. Find the network adapter settings and configure the proper IP.
  2. Ensure the domain controller is running for step 3 below to succeed.
  3. Find the computer name dialog box and join to the domain.


From the Windows 8 desktop (either the tiles desktop, or the desktop proper itself), press the Windows Logo Key
on your keyboard once or twice to get this tile screen shown below:

When this screen appears, type “Control Panel” on your keyboard. Remember you don’t need to look for any place to put a cursor before typing; simply type straightaway because the tile screen is already a searchable screen.

On the Control Panel window, locate and click on View network status and tasks.

Then locate and click Change adapter settings.

On the next screen, identify the network adapter for your local area connection, typically called Ethernet0.

Right-click Ethernet0 and select Properties.

If you are prompted for credentials, provide the logon credential of the currently logged on account.

On the Ethernet0 Properties dialog box, identify and select Internet Protocol Version 4 (TCP/IPv4).

Be careful not to uncheck the check box. Removing the check mark disables IPv4 and that is not what we want to achieve.

On the next dialog box, enable the radio buttons Use the following IP address and Use the following DNS server addresses.

Assign as the IP address and click the Subnet mask box to enable the automatic subnet mask address of to appear. Then type into the Preferred DNS server box.

Click OK to exit the dialog box.

Click Close to exit again.

Close the Network Connections window.


In your VM console, power on your machine acting as domain controller.

When you are certain the domain controller is properly booted and you have logged into the desktop of the server, proceed to step 3 below.


Just as we did in step 1 where we pressed the Windows Logo Key to get to the tiles screen and searched for Control Panel, we repeat the same step and select System and Security.

Select See the name of this computer.

On the System screen, identify and click Change settings.

On the System Properties, click the Change button.

On the Computer Name/Domain Changes dialog box, observe under the Member of section that it is set by default to the Workgroup radio button with the name WORKGROUP in the text box.

Select the Domain radio button and type testlab.com in the text box. Click OK.

You will be prompted for domain credentials, so provide the domain administrator username (administrator) and password (depending on what password you have used when you set up your domain in the previous series).

Click Yes when done.

You will receive a message welcoming you to the domain and informing you that you will need to reboot the computer.

Click Restart.

After a successful restart, you will see that your screen will show the Computer Name\Username as shown below. This is the first indicator that you are joined to a domain, as the User Account system determines that you have not currently logged into a domain as a user, and therefore recognizes that you can log on a local computer account.


This is the next step in ensuring that we can use domain resources. We first need a domain user account. This account will give us the right to open the domain email system and consume SharePoint resources.

In this domain, we are going to adopt the firstname.lastname user account system. We are now going to create an account with firstname as John, and lastname as Doe, and a user account name of john.doe@testlab.com.

Logon to the DCEX-1 server, whip up the Start Menu and select Active Directory Users and Computers.

In the Active Directory Users and Computers window, on the left hand pane, click on the Computers container, and observe that on the right hand pane, there is a CLIENT1 computer object. This is good news as it is the second part of how we know the Client1 computer running Windows 8 is joined to the domain. Any other computer you join to this domain will be visible in this location.

Identify and select the Users container. Right-click the Users container. In the drop-down menu, select New, then in the cascading/sub-drop-down menu, select User.

In the New Object – User dialog box, fill in all the details of the new user.

When done, click Next.

On the password dialog, provide the initial password the user will use to logon. In real life scenarios, you should require the user to change their password on first logon by ticking the checkbox User must change password at next logon. For our test purposes, we will not require this option.

Remove the check mark by unchecking User must change password at next logon.

Ensure that User cannot change password is checked. This will prevent our user from being able change the password. I am going to do this because I use the same passwords in all my test cases, and you should too, especially because passwords are very funny things and you can easily forget them among the barrages of passwords you use (email, Facebook, Skype, LinkedIn, SoundCloud, Spreaker, Microsoft Live, and so on).

Ensure that Password never expires is checked. This will allow our password to never expire so we will not need to change it.

Click Next.

On the summary page, click Finish.

Now that the account has been created in Active Directory, proceed to the Client1 machine and logon.

In the upper right hand corner of the Windows 8 machine (Client1), click on the user account picture silhouette and from the drop-down menu, select Sign Out.

Observe that after signing out you are presented with two account picture silhouettes. One is for the local computer account to sign in, and the other is called Other user.

Click on the Other user option.

On the other user page, provide the credentials in the form of domain name\username, such as TESTLAB\john.doe

Click the logon arrow or press the ENTER key on your keyboard.

In the top right hand corner of the screen, observe that you are now logged in.


To do this, you need to go back into the DCEX-1 server and launch the Exchange Management Console. There is a possibility that you may get an error message. This is a possibility, not a certainty. It will be good to alert you to it so that you don’t get stuck.

You may get an error message like this:

If you encounter this, simply launch the Exchange Management Shell by going to Start Menu >> All Programs >> Microsoft Exchange Server 2010 >> Exchange Management Console, as shown below:

When the console comes up, wait for it to finish loading.

Run the following commands to fix the problem so you can continue the email account creation for users in your domain.

Import-Module ServerManager

Remove-WindowsFeature WinRM-IIS-Ext

After the successful completion of each as shown above, proceed with this next command:

Add-WindowsFeature WinRM-IIS-Ext

After this, launch the Exchange Management Console, and you should see this screen shown below:

If the possible error does not show up for you, then proceed with the email account creation as shown below.

Note: You can create a user mailbox without the user necessarily having an account in Active Directory. However, it is important that the user has an Active Directory account. You can do one or the other first, in no particular order.

In the Exchange Management Console, in the left pane, under the Microsoft Exchange On-Premises tree, expand the Organization Configuration tree, and right-click the Mailbox option.

In the Mailbox pop-up menu, select New Mailbox.

In the new mailbox dialog box, under the introduction category on the Introduction page, select User Mailbox.

Click Next.

On the User Type page, click the radio button New User to select the option to create a new user mailbox.

Click Next.

On the User Information page, provide all the details shown above for the Active Directory user account that this mailbox will be tied to.

On the Mailbox Settings page, under the Alias section, type in the alias the user will be identified with. It is good practice to maintain the same “firstname lastname” used in the User Logon (User Principal Name). So for an alias, I maintained the “sarah.connor” or “john.doe” names, whatever it is the user’s logon name is.

Click Next.

On the Archive Settings page, accept the defaults and click Next.

On the New Mailbox page, which is also the summary and confirmation page, click New (the equivalent of a “Create” button).

The mailbox creation starts, and completes.

Click Finish to exit.

In the Exchange Management Console, in the middle pane of the Mailbox-Entire Forest window, you can see the finished email account.

What is the next step? Let us now logon to our client machine and verify that user John Doe, whose Active Directory account we created in this tutorial, can actually logon to his mailbox, and if Sarah Connor, whose mailbox we have created without an Active Directory user account, can actually logon and access her email.

To save you thinking time, even though Sarah Connor had not really been created in the Active Directory Users and Computers console, she will actually exist in there because we created her email details in the Exchange Management Console.

The Exchange Management Console integrates with Active Directory, and it can be used to create user accounts the same way the Active Directory Users and Computers console can. This is the reason why in the Exchange Management Console, there was an option when creating a user’s mailbox to provide that user’s User Principal Name (UPN) or what we called in this tutorial “sarah.connor” and a password. Take a look at the screenshot again below:


Why do we need to do this? Remember that we need to test and confirm that our Exchange server email boxes are accessible. We can do this is by running an email client application, such as Microsoft Outlook. It so happens that with our fresh install of Windows 8, there is no Microsoft Office bundled with it. You may want to exclaim at this time why that is.

Well, the reason you see the limited days offerings of Microsoft Office on the laptops and notebooks you buy from retail shops is because it was installed there by the brand you are buying from. Acer, HP, Dell, etc., installed those applications, not Microsoft.

So right now, we are going to have to do what they do, by installing Microsoft office. To do this, let us copy the Microsoft Office setup files into the Windows 8 client machine, or mount the Microsoft Office ISO file into the virtual drive.

I have mounted the Microsoft Office 2010 ISO file into the drive, and you can now see it in Drive D: as shown above.

Run the setup file by double clicking it.

You are now prompted for credentials. Why is this coming up? This is not just a User Account Control feature, it is also the Active Directory management feature that ensures that only administrators are able to make system modifications on the domain computers. At this time, providing your own “john.doe” credentials will not work, as shown below:

In the screenshot above, the John Doe credentials are provided and Yes is clicked. The result is below:

The message “The requested operation requires elevation” is shown.

To run the Microsoft Office setup, provide the administrative credentials of the Domain Administrator.

Accept the license agreement by clicking the checkbox as shown above. Click Continue.

Click Install Now.

The installation completes successfully, and we can now launch Microsoft Outlook and connect to Exchange Server to get the email environment for John Doe. Completing will act as the next successful step in preparing, installing, configuring and administering a SharePoint farm. At this stage, we are still at the “preparing” stage.

From the tiles menu of the Windows 8 client, either type “Microsoft Outlook” or scroll to search for it.

Click on Microsoft Outlook to launch the application.

Voila! John Doe now has a functional mailbox where his SharePoint email alerts, workflow emails and other items can go into.

Coming up next for us is going into the installation of our database server that SharePoint will use for all its operations. In the next part of this series, we will install and configure the SharePoint server itself. See you there.