My Currently Working on Mass Effect Lab about implementing bit locker with the help of Microsoft bit locker monitor and administrator tool it will be in english and arabic audio as always

Find here Under the First Video in my "Mass Effect Lab" in English Audio and It Discuss the Follows:



What is Bit-locker



What is MBAM 2.5 (Microsoft Bit-locker Administration and Monitoring tool) and Benefits of Using it.



Mass Effect Lab Story-line.



Mass Effect Lab Scenario



Exploring the Different Powershell Scripts To create the Mass Effect Domain Users, Groups , Group members and Computers and Robots and Users Login Scripts.(All Users Are Real Character Names and Groups From the Mass Effect Universe).



https://www.youtube.com/watch?v=zJn8Yn6Ye4w

Find here Under the First Video in my "Mass Effect Lab" in Arabic Audio and It Discuss the Follows:



What is Bit-locker



What is MBAM 2.5 (Microsoft Bit-locker Administration and Monitoring tool) and Benefits of Using it.



Mass Effect Lab Story-line.



Mass Effect Lab Scenario



Exploring the Different Powershell Scripts To create the Mass Effect Domain Users, Groups , Group members and Computers and Robots and Users Login Scripts.(All Users Are Real Character Names and Groups From the Mass Effect Universe).



https://www.youtube.com/watch?v=o3w7ye8Z7gs

Find here Under the Second Video in my "Mass Effect Lab" in English Audio and It Discuss the Follows:



What is Computer Networking and Its Benefits



What is the Two Ways To logically Group Computers in a Network



Install Hyper V Manager and Explain Various Hyper V Switches Types.



Create a New Virtual Machine and Prepare it To Be a Domain Controller and Add Two Network Cards for the Virtual machine and Team them and Benefits of Teaming.



Install Active Directory Domain Service on EDIMF01 and WINS Server Role.



Promote Server To Domain Controller and Configure Domain name and other Domain Setting.



What is DNS? What is Active Directory Functional Levels? What is a Global Catalog Domain Controller?



Explain Different Active Directory Folders and its purpose Like Database Folder and Log Files Folder



Create A Custom Console and Add (DNS , Active Directory Users and Computers, Group Policy Management , Event Viewer, Computer Management , WINS) consoles in it.



Configure DNS Reverse Lookup Zone.



Create Active Directory Group Policy Central Store in Sysvol Folder and Copy Different Group Policy Templates ( For firefox and Chrome and Classic Shell and Office) To Active Directory Group Policy Central Location.



https://www.youtube.com/watch?v=HYFbUWQwfLg

Find here Under the Second Video in my "Mass Effect Lab" in Arabic Audio and It Discuss the Follows:



What is Computer Networking and Its Benefits



What is the Two Ways To logically Group Computers in a Network



Install Hyper V Manager and Explain Various Hyper V Switches Types.



Create a New Virtual Machine and Prepare it To Be a Domain Controller and Add Two Network Cards for the Virtual machine and Team them and Benefits of Teaming.



Install Active Directory Domain Service on EDIMF01 and WINS Server Role.



Promote Server To Domain Controller and Configure Domain name and other Domain Setting.



What is DNS? What is Active Directory Functional Levels? What is a Global Catalog Domain Controller?



Explain Different Active Directory Folders and its purpose Like Database Folder and Log Files Folder



Create A Custom Console and Add (DNS , Active Directory Users and Computers, Group Policy Management , Event Viewer, Computer Management , WINS) consoles in it.



Configure DNS Reverse Lookup Zone.



Create Active Directory Group Policy Central Store in Sysvol Folder and Copy Different Group Policy Templates ( For Firefox and Chrome and Classic Shell and Office) To Active Directory Group Policy Central Location.



https://www.youtube.com/watch?v=59QYM5CHZhk

Find here Under the Third Video in my "Mass Effect Lab" in English Audio and It Discuss the Follows:



Login Script With An Active Directory User ,will add two languages (English and Arabic ) and hide search toolbar and change performance options of windows and log off the user after 3000 seconds of idle activity and Change Time zone to Cairo.(All of this will be implemented the First Time the User Login to the Domain).



Copy Users Login Script To Sysvol Scripts Folder.



Create Active Directory Mass Effect Heroes and Villains Users and Groups and Group Members and Robots and Computers Using Power shell Scripts.



Add MEU_IT (IT Active Directory Group) To Domain admin and Enterprise admin and Schema Admin Active Directory Built-in Groups.



Create Robot AI (Artificial Intelligent Users) Active Directory Users and Restrict Their Access Every Robot AI User To Its Respective Robots (Example Engineering Robot AI Active User Will Access Active Directory Engineering Robots Objects (Computer Object)).



Create an Active Directory Group For Robot AI Users.



Attach Mycomputer login script to all active Directory Users.



Test Login Script With An Active Directory User.



https://www.youtube.com/watch?v=Crcq9ynA56s

Find here Under the Third Video in my "Mass Effect Lab" in Arabic Audio and It Discuss the Follows:



Login Script With An Active Directory User ,will add two languages (English and Arabic ) and hide search toolbar and change performance options of windows and log off the user after 3000 seconds of idle activity and Change Time zone to Cairo.(All of this will be implemented the First Time the User Login to the Domain).



Copy Users Login Script To Sysvol Scripts Folder.



Create Active Directory Mass Effect Heroes and Villains Users and Groups and Group Members and Robots and Computers Using Power shell Scripts.



Add MEU_IT (IT Active Directory Group) To Domain admin and Enterprise admin and Schema Admin Active Directory Built-in Groups.



Create Robot AI (Artificial Intelligent Users) Active Directory Users and Restrict Their Access Every Robot AI User To Its Respective Robots (Example Engineering Robot AI Active User Will Access Active Directory Engineering Robots Objects (Computer Object)).



Create an Active Directory Group For Robot AI Users.



Attach Mycomputer login script to all active Directory Users.



Test Login Script With An Active Directory User.



https://www.youtube.com/watch?v=OwIJKECkFkA

Find here Under the Fourth Video in my "Mass Effect Lab" in English Audio and It Discuss the Follows:



Create Different Group Policies Like Forcing a Certain Background and Screensaver and Theme and Lock screen to all Users on All PCs in the Domain and Test Them For Mass Effect Domain.



Create Department Shares Folders Using Scripts.



Create Department Shares SMB Shares & Permissions Using Powershell Script.



Create Department Shares NTFS Shares & Permissions Using Powershell Script.



Create Home User Folders Share & Permissions Using Powershell Script.



Configure Mapping Group Policy To Map Department Shares To Users According to their Respective Groups.



https://www.youtube.com/watch?v=Hq6njlINo1o

Find here Under the Fourth Video in my "Mass Effect Lab" in Arabic Audio and It Discuss the Follows:



Create Different Group Policies Like Forcing a Certain Background and Screensaver and Theme and Lock screen to all Users on All PCs in the Domain and Test Them For Mass Effect Domain.



Create Department Shares Folders Using Scripts.



Create Department Shares SMB Shares & Permissions Using Powershell Script.



Create Department Shares NTFS Shares & Permissions Using Powershell Script.



Create Home User Folders Share & Permissions Using Powershell Script.



Configure Mapping Group Policy To Map Department Shares To Users According to their Respective Groups.



https://www.youtube.com/watch?v=fCix4NAa4CA

Find here Under the Fifth Video in my "Mass Effect Lab" in English Audio and It Discuss the Follows:



Install and Configure DHCP Server Role and Configure DHCP IP Scope and Activate Allow and Deny Filters Option



Install File Server Resource Manager and Configure File Quota for Both Department Shares and User Home Directory Folders



Configure File screening to block audio and video Files on Department Shares and User Home Directory Folders



Create Second Hyper V Virtual Machine and Prepare it to be MBAM Server (Microsoft Bit-locker Administration Monitoring Tool)



Virtual Machine Contain Two Network Cards That Will Be Teamed For redundancy After Install Windows Server Data center 2019



Join The Virtual Machine To Mass Effect Domain and Name it as EDIMF02 and Give it static ip (10.0.1.2)



Create a Checkpoint For Both Virtual Machines (EDIMF01 as Domain Controller and EDIMF02 As MBAM Server) Before the Process of installing MBAM



https://www.youtube.com/watch?v=Ru1a8csEl2A

Find here Under the Fifth Video in my "Mass Effect Lab" in Arabic Audio and It Discuss the Follows:



Install and Configure DHCP Server Role and Configure DHCP IP Scope and Activate Allow and Deny Filters Option



Install File Server Resource Manager and Configure File Quota for Both Department Shares and User Home Directory Folders



Configure File screening to block audio and video Files on Department Shares and User Home Directory Folders



Create Second Hyper V Virtual Machine and Prepare it to be MBAM Server (Microsoft Bit-locker Administration Monitoring Tool)



Virtual Machine Contain Two Network Cards That Will Be Teamed For redundancy After Install Windows Server Data center 2019



Join The Virtual Machine To Mass Effect Domain and Name it as EDIMF02 and Give it static ip (10.0.1.21)



Create a Checkpoint For Both Virtual Machines (EDIMF01 as Domain Controller and EDIMF02 As MBAM Server) Before the Process of installing MBAM

https://www.youtube.com/watch?v=diSqXSm2ni8

Find here Under the Sixth Video in my "Mass Effect Lab" in English Audio and It Discuss the Follows:



Setup up MBAM several Active Directory service accounts and security groups prior to installation



Add The MBAM-RO-SVC and MBAM-IISAP-SVC Active Directory service accounts To the IIS_USR Local Group on EDIMF02 (MBAM Server)



The MBAM-RO-SVC Active Directory service account needs Logon as a batch job permissions on the SQL Server machine (EDIMF02) and The MBAM-IISAP-SVC Active Directory service account needs Logon as a batch job and Impersonate a client after authentication permissions on the server running the web service components (EDIMF02)



In order to avoid Kerberos issues, the application pool account (MBAM-IISAP-SVC) Is configured with a service principal name (SPN)



Add IIS Web Server Role and NetFrame 3.5 Feature Then Run Powershell Commands To Add Additional Features to the Web server



Install ASP.NET MVC prior to proceeding with the installation of the MBAM components



SQL 2016 Database is Installed , SQL must be installed using the SQL_Latin1_General_CP1_CI_AS collation and SQL reporting services is also required for the reporting element of the installation



https://www.youtube.com/watch?v=ZUKhHoJBTz8

Find here Under the Sixth Video in my "Mass Effect Lab" in Arabic Audio and It Discuss the Follows:



Setup up MBAM (Microsoft BitLocker Administration and Monitoring ) several Active Directory service accounts and security groups prior to installation



Add The MBAM-RO-SVC and MBAM-IISAP-SVC Active Directory service accounts To the IIS_USR Local Group on EDIMF02 (MBAM Server)



The MBAM-RO-SVC Active Directory service account needs Logon as a batch job permissions on the SQL Server machine (EDIMF02) and The MBAM-IISAP-SVC Active Directory service account needs Logon as a batch job and Impersonate a client after authentication permissions on the server running the web service components (EDIMF02)



In order to avoid Kerberos issues, the application pool account (MBAM-IISAP-SVC) Is configured with a service principal name (SPN)



Add IIS Web Server Role and NetFrame 3.5 Feature Then Run Powershell Commands To Add Additional Features to the Web server



Install ASP Dot NET MVC prior to proceeding with the installation of the MBAM components



SQL 2016 Database is Installed , SQL must be installed using the SQL_Latin1_General_CP1_CI_AS collation and SQL Reporting services is also required for the reporting element of the installation



https://www.youtube.com/watch?v=jfO5JgdvtUg

please rate the channel if you like it

Find here Under the Seventh Video in my "Mass Effect Lab" in English Audio and It Discuss the Follows:



Install SQL Management Studio To Access SQL Database



Having downloaded the MDOP media and launch the MbamServerSetup file on your database server.



Install the latest servicing release For MbamServerSetup



Launch the MBAM Server Configuration on the SQL database server and Choose To Configure Compliance and Audit Database and Recovery Database.



Enter the SQL server name and security group Assigned to Read and Write to The Databases (MBAM-Database Read and MBAM-Database Read Write Active Directory Groups).



MBAM reports as previously mentioned use SQL Server Reporting Services Launch the MBAM Server Configuration again on the SQL database server and Select Reports from the “Select features to add” screen.



Enter the required SQL server address and User credentials That Will Be Used To Access Compliance and Audit Database To Run Reports (MBAM-RO-SVC) (Should access MBAM Compliance and Audit Database and Give the User read Role on the Database Before Doing This ) and Active Directory Group that will be allowed to run Reports (MBAM Report Users).



Export the PowerShell script for backup purposes.



https://www.youtube.com/watch?v=vlRYXMbKEe4

Find here Under the Seventh Video in my "Mass Effect Lab" in Arabic Audio and It Discuss the Follows:



Install SQL Management Studio To Access SQL Database



Having downloaded the MDOP media and launch the MbamServerSetup file on your database server.



Install the latest servicing release For MbamServerSetup



Launch the MBAM Server Configuration on the SQL database server and Choose To Configure Compliance and Audit Database and Recovery Database.



Enter the SQL server name and security group Assigned to Read and Write to The Databases (MBAM-Database Read and MBAM-Database Read Write Active Directory Groups).



MBAM reports as previously mentioned use SQL Server Reporting Services Launch the MBAM Server Configuration again on the SQL database server and Select Reports from the “Select features to add” screen.



Enter the required SQL server address and User credentials That Will Be Used To Access Compliance and Audit Database To Run Reports (MBAM-RO-SVC) (Should access MBAM Compliance and Audit Database and Give the User read Role on the Database Before Doing This ) and Active Directory Group that will be allowed to run Reports (MBAM Report Users).



Export the PowerShell script for backup purposes.



https://www.youtube.com/watch?v=Ysu087SQa9M

Find here Under the Eight Video in my "Mass Effect Lab" in English Audio and It Discuss the Follows:

Open the SQL Management Studio To Access MBAM Compliance and Audit Database and MBAM Recovery Database and GIve MBAM-RO-SVC Active Directory Account Read Role on both Databases and MBAM-IISAP-SVC Active Directory Account Read and Write Access To Both Databases as Well.

Open MBAM-IISAP-SVC Active Directory Account Properties and then Delegation Tab and Then Choose Option "Trust the User For Delegation For Specified Services and Then click add and Then Add MBAM-IISAP-SVC Active Directory User Account and add MBAM Server As Active Directory Computer Object and Choose http protocol.

Add My Active Directory User Name To Both MBAM Report Users Active Directory Group and MBAM Advanced Helpdesk Users Group To Be Able To Access MBAM Reports and Access Helpdesk Portal.

Launch the MBAM Server Configuration on the Web Server Database (EDIMF02 or MBAM Server Which is Also Acting As SQL Database and Application Server Hosting MBAM Software) and Select all of the Web Application options from the “Select features to add” screen.

Enter the required IIS details and Web Application service account details (Which is MBAM-IISAP-SVC and I am setting up the IIS applications without SSL, however if you are using SSL you will need to select the security certificate to be used).

Enter the SQL server details for access to both of the MBAM databases (MBAM Compliance and Audit Database and MBAM Recovery Database).

Enter the Reporting group name (MBAM Report Users Active Directory Group Authorized To Run SQL Reports) along with the Reporting Services URL (URL To Access SQL Reports)

Export the PowerShell file

Once installed you will receive confirmation.

Test Accessing to Both Helpdesk Portal and SelfService Portal Succeeded.

https://www.youtube.com/watch?v=VJZwvbV1IJE

Find here Under the Eight Video in my "Mass Effect Lab" in Arabic Audio and It Discuss the Follows:

Open the SQL Management Studio To Access MBAM Compliance and Audit Database and MBAM Recovery Database and GIve MBAM-RO-SVC Active Directory Account Read Role on both Databases and MBAM-IISAP-SVC Active Directory Account Read and Write Access To Both Databases as Well.

Open MBAM-IISAP-SVC Active Directory Account Properties and then Delegation Tab and Then Choose Option "Trust the User For Delegation For Specified Services and Then click add and Then Add MBAM-IISAP-SVC Active Directory User Account and add MBAM Server As Active Directory Computer Object and Choose http protocol.

Add My Active Directory User Name To Both MBAM Report Users Active Directory Group and MBAM Advanced Helpdesk Users Group To Be Able To Access MBAM Reports and Access Helpdesk Portal.

Launch the MBAM Server Configuration on the Web Server Database (EDIMF02 or MBAM Server Which is Also Acting As SQL Database and Application Server Hosting MBAM Software) and Select all of the Web Application options from the “Select features to add” screen.

Enter the required IIS details and Web Application service account details (Which is MBAM-IISAP-SVC and I am setting up the IIS applications without SSL, however if you are using SSL you will need to select the security certificate to be used).

Enter the SQL server details for access to both of the MBAM databases (MBAM Compliance and Audit Database and MBAM Recovery Database).

Enter the Reporting group name (MBAM Report Users Active Directory Group Authorized To Run SQL Reports) along with the Reporting Services URL (URL To Access SQL Reports)

Export the PowerShell file

Once installed you will receive confirmation.

Test Accessing to Both Helpdesk Portal and SelfService Portal Succeeded.

https://www.youtube.com/watch?v=rPcNrDwNupE

Find here Under the Ninth Video in my "Mass Effect Lab" in English Audio and It Discuss the Follows:



All settings for MBAM client deployments are configured through Group Policy. The first thing you will need to do is to update your policy central store with the MBAM ADMX group policy files which can be downloaded from Microsoft.



Configuring the Bitlocker GPO To Use AES XTS 256 bit encryption and Encrypt All fixed disks are encrypted and removable drives and Operating Systems Hardisk and Other Setting are Applied



Deploy The MBAM Client Using Login script and Configure Setting For MBAM Client Using MBAM GPO.



Create A Virtual Machine and Install Windows 10 Enterprise LTSC 2019 on It and Join it to the Domain to Test Bitlocker Process and MBAM Deployment.



https://www.youtube.com/watch?v=q-iQvx7196c