Week 1

844 views

Published on

  • Be the first to comment

  • Be the first to like this

Week 1

  1. 1. EC 324 Managing & Maintaining A Network Saturday Mornings 8:00 am (uggh!) - 12:00 pm
  2. 2. Administrative Items <ul><li>Course Syllabus </li></ul><ul><ul><li>Description </li></ul></ul><ul><ul><li>Objectives </li></ul></ul><ul><ul><li>Course Text </li></ul></ul><ul><ul><li>Grading </li></ul></ul><ul><ul><li>Supplies needed </li></ul></ul><ul><li>How We Got Here, and Where We’re Going </li></ul><ul><li>[email_address] </li></ul><ul><li>636-464-6600; 1-888-488-1082 </li></ul>
  3. 3. Purpose of Course <ul><li>To become a successful Technical Project Manager, one must have an understanding of how your E-Commerce affects various components in the corporate environment. </li></ul><ul><li>One of the areas that you will most impact is the Networking Department(s) within that organization. These areas support and maintain the systems you create and oversee. </li></ul><ul><li>You are their customer; but, your success is heavily dependent on them. </li></ul>
  4. 4. So??? <ul><li>Throughout this quarter, we will be looking at the Management of a Corporate Network environment. </li></ul>
  5. 5. Module 1: Components, Configuration, Strategic Decisions <ul><li>Chapter 1: Desktops </li></ul><ul><li>Chapter 2: Servers </li></ul><ul><li>Chapter 18: Networks </li></ul><ul><li>Chapter 14: Centralization & Decentralization </li></ul><ul><li>To be covered over Weeks 1 and 2 </li></ul>
  6. 6. What is a Network? <ul><li>A grouping of computer nodes that are interconnected for the purpose of data communication . </li></ul><ul><li>Computer networks are supposed to increase efficiencies so that resources can be focused on core business functions. </li></ul>Why do we Need a Computer Network?
  7. 7. How do we effectively set up and run a network? <ul><li>We will be using Windows 2000 as the test O/S for network administration in this class </li></ul><ul><li>Prior knowledge of NT or 2000 will not be required, but will help you </li></ul><ul><ul><li>IT students will get to refresh </li></ul></ul><ul><ul><li>Electronics students will become exposed to concepts in networking </li></ul></ul><ul><li>Please ask questions! </li></ul>
  8. 8. Overview of DHCP <ul><li>Manual vs. Automatic TCP/IP Configuration </li></ul><ul><li>DHCP Operation </li></ul><ul><li>The DHCP Lease Generation Process </li></ul><ul><li>The DHCP Lease Renewal Process </li></ul><ul><li>Requirements for DHCP Servers and Clients </li></ul>
  9. 9. What is DHCP? <ul><li>Dynamic Host Configuration Protocol </li></ul><ul><li>DHCP assigns an IP address to the host when user logs in. IP address is like postal address. Allows one to access information in network, similar to a key. Based upon your key, you have access to particular files, printers - whether you will merely use them, manage them, or not even see them </li></ul>
  10. 10. Manual vs. Automatic TCP/IP Configuration Disadvantages Manual TCP/IP Configuration Automatic TCP/IP Configuration Advantages IP addresses entered manually on each client computer Possibility of entering incorrect or invalid IP address Incorrect configuration can lead to communication and network problems Administrative overload on networks where computers are frequently moved IP addresses are supplied automatically to client computers Ensures that clients always use correct configuration information Elimination of common source of network problems Client configuration updated automatically to reflect changes in network structure
  11. 11. DHCP Operation IP Address2 IP Address1 DHCP Client: IP configuration from DHCP server DHCP Server Non-DHCP Client: static IP configuration DHCP Client: IP configuration from DHCP server IP Address1 IP Address2 IP Address3 DHCP Database
  12. 12. The DHCP Lease Generation Process DHCP Servers DHCP Client 1 IP Lease Request 3 IP Lease Selection 2 IP Lease Offer 4 IP Lease Acknowledgement
  13. 13. The DHCP Lease Renewal Process DHCP Client DHCP Server DHCPREQUEST Source IP Address = 192.168.0.77 Dest. IP Address = 192.168.0.108 Requested IP Address = 192.168.0.77 Hardware Address = 08004.... DHCPACK Source IP Address = 192.168.0.108 Dest. IP Address = 192.168.0.77 Offered IP Address = 192.168.0.77 Client Hardware Address = 08004... Subnet Mask = 255.255.255.0 Length of Lease = 8 days Server Identifier = 192.168.0.108 DHCP Option: Router = 192.168.0.1
  14. 14. Requirements for DHCP Servers and Clients <ul><li>DHCP Server Requirements (Windows 2000 Server) </li></ul><ul><ul><li>The DHCP service </li></ul></ul><ul><ul><li>Static IP address, subnet mask, default gateway </li></ul></ul><ul><ul><li>Range of valid IP addresses </li></ul></ul><ul><li>DHCP Clients </li></ul><ul><ul><li>Windows 2000 Professional or Windows 2000 Server </li></ul></ul><ul><ul><li>Windows NT Server or Workstation 3.51 or later </li></ul></ul><ul><ul><li>Windows 95 or Windows 98 </li></ul></ul><ul><ul><li>Windows for Workgroups 3.11, running TCP/IP-32 </li></ul></ul><ul><ul><li>Microsoft Network Client 3.0 for MS-DOS </li></ul></ul><ul><ul><li>LAN Manager 2.2c </li></ul></ul><ul><ul><li>Non-Microsoft operating systems </li></ul></ul>
  15. 15. Installing the DHCP Service Networking Services To add or remove a component, click the check box. A shaded box means that only part of the component will be installed. To see what’s included in a component, click Details. Sub c omponents of Networking Services: 0.8 MB Description: Total disk space required: Space available on disk: 0.9 MB 912.4 MB D etails... OK Cancel Enables a network connected to the Internet to automatically assign a temporary IP address to a host when the host connects to the network. COM Internet Services Proxy 0.0 MB Domain Name System (DNS) 0.0 MB Dynamic Host Configuration Protocol (DHCP) 0.0 MB Internet Authentication Service 0.0 MB QoS Admission Control Service 0.0 MB Simple TCP/IP Services 0.0 MB Site Server LDAP Services 1.8 MB
  16. 16. Authorizing the DHCP Service <ul><li>If unauthorized, the service logs an error and will not respond to clients </li></ul><ul><li>If authorized, the service starts properly </li></ul>DHCP Service Checks For Authorization Clients DHCP Server Domain Controller/ DHCP server DHCP Server
  17. 17. Creating and Configuring a Scope <ul><li>Overview of Scopes </li></ul><ul><li>Using The New Scope Wizard </li></ul><ul><li>Configuring a Scope with Options </li></ul><ul><li>Customizing the Use of Scope Options </li></ul><ul><li>Reserving IP Addresses for Client Computers </li></ul>
  18. 18. Overview of Scopes Scope 192.168.1.0 192.168.1.1 192.168.1.2 192.168.1.3 192.168.1.4 IP Addresses Available for Lease to Client Computers DHCP Server
  19. 19. Using the New Scope Wizard <ul><li>You use the New Scope Wizard to: </li></ul><ul><ul><li>Configure scope parameters </li></ul></ul><ul><ul><li>Change the default lease duration </li></ul></ul><ul><ul><li>Activate a scope </li></ul></ul>
  20. 20. Configuring a Scope with Options <ul><li>Scope Options Supported by DHCP Include: </li></ul><ul><ul><li>IP Address of a Router </li></ul></ul><ul><ul><li>IP Address of a DNS Server </li></ul></ul><ul><ul><li>DNS Domain Name </li></ul></ul><ul><ul><li>IP Address of a WINS Server </li></ul></ul><ul><ul><li>Type of NetBIOS over TCP/IP Name Resolution </li></ul></ul>
  21. 21. Customizing the Use of Scope Options Scope Options Reserved Client Level Server Level Scope Level Class Level
  22. 22. Reserving IP Addresses for Client Computers New Reservation Provide information for a reserved client. R eservation name: I P address: M AC address: D e scription: Supported types B oth D HCP only B O OTP only A dd C lose Stuttgart Server 192 . 168 . 1 . 201 DHCP Reservation for Server 00a024e2b01a
  23. 23. Customizing DHCP Functionality <ul><li>Using Option Classes </li></ul><ul><li>Combining Scopes by Using Superscopes </li></ul><ul><li>Issuing Multicast Addresses by Using Multicast Scopes </li></ul>
  24. 24. Using Option Classes <ul><li>Vendor-defined Classes Manage DHCP Options Identified by Operating System Vendor Type </li></ul><ul><li>User-defined Classes Manage DHCP Options with Common Configuration Requirements </li></ul>Configuration A Configuration B Configuration C Client1 Client2 Client3 DHCP Server
  25. 25. Combining Scopes by Using Superscopes SuperscopeA Scope1 192.168. 1.1 192.168. 1.254 DHCP Server 192.168. 1.1 192.168. 1.254 192.168. 2.1 192.168. 2.254 Scope2 192.168. 2.1 192.168. 2.254
  26. 26. Configuring DHCP in a Routed Network <ul><li>Routed Network Configuration Options </li></ul><ul><li>Using a DHCP Relay Agent </li></ul>
  27. 27. Routed Network Configuration Options DHCP Client DHCP Client Non RFC Compliant Router Router RFC Compliant Windows 2000 Server DHCP Relay Agent DHCP Server Broadcast Broadcast DHCP Client Windows 2000 Server DHCP Client Non RFC Compliant Router DHCP Server Router RFC Compliant DHCP Relay Agent Broadcast Broadcast DHCP Client DHCP Client Non RFC Compliant Router DHCP Server Windows 2000 Server DHCP Relay Agent Router RFC Compliant DHCP Client DHCP Client Non RFC Compliant Router Router RFC Compliant Windows 2000 Server DHCP Relay Agent DHCP Server
  28. 28. Using a DHCP Relay Agent DHCP client broadcasts a DHCP message DHCP relay agent detects the broadcast and sends the message to the DHCP server DHCP relay agent receives reply from the DCHP server and sends a broadcast DHCP client receives the broadcast Broadcast Broadcast Router Subnet 1 Subnet 2 DHCP Client DHCP Relay Agent DHCP Server Broadcast Router Subnet 1 Subnet 2 DHCP Client DHCP Relay Agent DHCP Server
  29. 29. Monitoring The DHCP Server Service When You Enable Logging, the DHCP Server Creates Log Files Called DhcpSrvLog. xxx . The DHCP Server Stores These Files in the DHCP Database Directory Dhcp DHCP Database
  30. 30. Troubleshooting DHCP Database Problems systemroot system32dhcp Stored systemroot system32dhcpackupjet ew DHCP Database Backup
  31. 31. Removing a DHCP Server from Service Before Removing a DHCP Server from Service <ul><li>Set short lease durations for clients </li></ul><ul><li>Ensure new lease for clients </li></ul><ul><li>Record any reserved addresses </li></ul><ul><li>Large address pool in other DHCP servers </li></ul><ul><li>Transfer IP address to the new scope </li></ul>
  32. 32. Deploying Windows 2000 Professional by Using Remote Installation Services (RIS)
  33. 33. Overview <ul><li>RIS Overview </li></ul><ul><li>Installing and Configuring RIS </li></ul><ul><li>Configuring Remote Installation Options </li></ul><ul><li>Deploying Images by Using RIS </li></ul><ul><li>Creating an RIPrep Image </li></ul><ul><li>Comparing CD-Based Images and RIPrep Images </li></ul><ul><li>Identifying Solutions to RIS Problems </li></ul>
  34. 34. RIS Overview RIS allows an administrator the ability to set up multiple computers at the same time using a common image - which reduces the time to set the computers up and add to the network. RIS Server CD-based or RIPrep Images RIS Client Computer Operating System Only Marketing Applications Operating System Choices
  35. 35. Installing and Configuring RIS <ul><li>Identifying RIS Requirements </li></ul><ul><li>Installing and Starting RIS </li></ul><ul><li>Configuring RIS Security Settings </li></ul>
  36. 36. Identifying RIS Requirements DHCP Server Service DNS Server Service Active Directory Network Requirements Server Requirements 2 GB Minimum Total Disk Space Images Stored on NTFS Partition Client Requirements PXE Boot ROM Version .99c Network Boot Capability Windows 2000 Professional Hardware Requirements
  37. 37. Installing and Starting RIS The Setup Wizard Will: <ul><li>Create a RIS folder structure </li></ul><ul><li>Copy supporting RIS files to the server </li></ul><ul><li>Create a CD-based image of Windows 2000 Professional </li></ul><ul><li>Start the services required for RIS </li></ul>Provide the Setup Wizard with: <ul><li>Folder location for images and supporting files </li></ul><ul><li>Initial client support settings </li></ul><ul><li>Location of source files </li></ul><ul><li>Initial image folder name </li></ul><ul><li>Friendly description and Help text </li></ul>
  38. 38. Configuring RIS Security Settings Assign User Permissions Authorize the RIS Server DHCP A ction V iew DHCP Contents of DHCP Status Risserver7.nwtraders.… Not authorized Add Server… Browse authorized servers… View Export List… Help Manage authorized servers... Refresh Authorize... Unauthorize Name IP Address Authorized DHCP servers: Manage Authorized Servers risserver1 192.168.1.23 Manage Close Authorize DHCP Server Type the name or IP address of the DHCP server to authorize. Name or IP address: risserver2 OK Cancel Delegation of Control Wizard Permissions Select the permissions you want to delegate. Show these permissions: G eneral P roperty-specific C reation/deletion of specific child objects < B ack N ext > Cancel Full Control Read Write Create All Child Objects Delete All Child Objects Read All Properties
  39. 39. Configuring Remote Installation Options <ul><li>Configuring Client Computer Names and Locations </li></ul><ul><li>Prestaging Client Computers </li></ul><ul><li>Configuring Client Installation Options </li></ul><ul><li>Configuring Maintenance and Troubleshooting Utilities </li></ul>
  40. 40. Configuring Client Computer Names & Locations risserver2-Remote-Installation-Services Properties OK Cancel Apply Images New Clients Tools Select a computer naming format for new client computers, and set the location in the directory service where client computer accounts will be created. Client computer naming format Generate client computer name using: Username First initial, Last name Last name, First Initial First name, Last Initial Last initial, First name Username NP plus MAC Custom Customize Create the client computer account in the following directory service location: Default directory service location Same location as that of the user setting up the client computer The following directory service location: Browse... nwtraders.msft iscomputers Name Location Customize Names
  41. 41. Prestaging Client Computers Computer4 Computer3 Operating System Prestaged Computer1 Computer2 Computer3 computer1 Properties General Location Managed By Operating System Member Of Remote Install The following information is used to maintain this computer Computer’s unique ID: {00000000-0000-0000-0000-00500409E77C} RISSERVER.Nwtraders.msft If a remote installation server is not specified, the client will boot from any available server. Browse... Server Settings... OK Cancel Apply
  42. 42. Configuring Client Installation Options <ul><li>Allow: Option Will Be Available to Users </li></ul><ul><li>Don’t care: Setting Will Be Inherited from Parent Site, Domain, or OU </li></ul><ul><li>Deny: Option Will Not Be Available to Users </li></ul>Choice Options Properties Policy Choice Screen Options Set the policy for the options available to users during the client installation wizard. Automatic Setup Custom Setup Restart Setup Tools Allow Don’t care Deny OK Cancel A pply Allow Don’t care Deny Allow Don’t care Deny Allow Don’t care Deny
  43. 43. Configuring Maintenance & Troubleshooting Utilities <ul><li>Diagnose Hardware Problems </li></ul><ul><li>Upgrade BIOS </li></ul>LONDON-Remote-Installation-Services Properties Images New Clients Tools The following maintenance and troubleshooting tools are installed on this remote installation server. Description Platform Third-party utility1 Ver 2.00 Third-party utility2 Ver 2.00 Third-party utility3 Ver 2.00 i386 i386 i386 Re m ove P r operties Re f resh OK Cancel A pply
  44. 44. Deploying Images by Using RIS <ul><li>Modifying the Installation of a CD-Based Image </li></ul><ul><li>Associating an Answer File with an Image </li></ul><ul><li>Restricting Images </li></ul><ul><li>Creating a RIS Startup Disk </li></ul><ul><li>Installing an Image on a RIS Client Computer </li></ul>
  45. 45. Modifying the Installation of a CD-Based Image RIS Client Computers [Unattended] [section] parameter = value Answer File CD-Based Image
  46. 46. Associating an Answer File with an Image CD-Based and RIPrep Images *.sif *.sif RISServer-Remote-Installation-Services Properties Images New Clients Tools The following installation images are installed on this remote installation server. Description Platform Language Windows 2000 Professional Marketing Applications and OS i386 i386 English English Add... Remove Properties Refresh OK Cancel Apply
  47. 47. Restricting Images answer.sif Properties General Summary Security Name Everyone Administrators (NWTRADRESAdmini... Add... Remove Advanced... OK Cancel Apply Allow inheritable permissions from parent to propagate to this object. Full Control Modify Read & Execute Read Write Allow Deny Permissions Set Permissions on Answer Files to Restrict Images to Specified Users or Security Groups  
  48. 48. Creating a RIS Startup Disk Create a Remote Boot Installation Disk View a List of Compatible Network Adapters Windows 2000 Remote Boot Disk Generator To create a remote boot disk for use with the Windows 2000 Remote Installation Service, insert a formatted floppy disk into either drive A or drive B, select the destination drive, and then click Create Disk. The remote boot disk can be used only with computers that contain supported PCI-based network adapters. For a list of supported adapters, click Adapter List. Destination drive Drive A Drive B Create D isk Ab o ut Adapter L ist C lose
  49. 49. Installing an Image on a RIS Client Computer F12 Client Installation Wizard [Enter] continue [F1] help [F3] restart computer Main Menu Use the arrow keys to select one of the following options: Custom Setup Restart a Previous Setup Attempt Maintenance and Troubleshooting Automatic Setup Description: This is the easiest way to install an operating system on your computer. Most installation options are already configured by your network administrator.
  50. 50. Creating an RIPrep Image <ul><li>Setting Up a Source Computer </li></ul><ul><li>Modifying the Default User Profile </li></ul><ul><li>Creating an Image by Using the Remote Installation Preparation Wizard </li></ul>
  51. 51. Setting Up a Source Computer Install Windows 2000 Professional Configure Components and Settings Install and Configure Applications Test the Operating System and Application Configurations Network Security User Desktop
  52. 52. Modifying the Default User Profile Copy the Administrator Profile to Default User Configure the Source Computer Run RIPrep and Create the Image Copy To Copy profile to Permitted to use C:Documents and SettingsDefault User B rowse... C hange... Server1Administrator OK Cancel
  53. 53. Creating an Image by Using the Remote Installation Preparation Wizard <ul><li>Removes All SIDs and Unique Registry Settings </li></ul><ul><li>Creates the Image on a RIS Server </li></ul>Operating System Only Marketing Department RIS Client Computer RIS Server Source Computer RIPrep Image
  54. 54. Comparing CD-Based Images & RIPrep Images RIPrep Image .sif CD-Based Image
  55. 55. Identifying Solutions to RIS Problems Client Computers Do Not Get Past the BootP Message Err or Client Computers Do Not Get Past the DHCP Message Err or Client Computers Do Not Get Past the BINL Message Err or Computer Cannot Connect by Using a RIS Boot Disk Err or You Press F12, but the Computer Cannot Connect to the Server Err or Expected Installation Options Are Not Available to a User Err or
  56. 56. DNS Domain Naming Service Maps FQDNs (Fully Qualified Domain Names) to IP addresses www.microsoft.com = 10.10.91.1
  57. 57. Overview of the DNS Query Process Query Types Iterative Query The DNS server returns the best answer that it can provide without help from other servers Recursive Query The DNS server returns a complete answer to the query, not a pointer to another DNS server Lookup Types Forward Lookup Requires name-to-address resolution Reverse Lookup Requires address-to-name resolution
  58. 58. Installing the DNS Server Service Networking Services To add or remove a component, click the check box. A shaded box means that only part of the component will be installed. To see what’s included in a component, click Details. Sub c omponents of Networking Services: COM Internet Services Proxy 0.0 MB Domain Name System (DNS) 1.1 MB Dynamic Host Configuration Protocol (DHCP) Internet Authentication Service QoS Admission Control Service Simple TCP/IP Services Site Server ILS Services 0.0 MB 0.0 MB 0.0 MB 0.0 MB 1.6 MB Description: Total disk space required: Space available on disk: 0.9 MB 1133.3 MB D etails... OK Cancel Sets up a DNS server that answers query and update requests for DNS names.
  59. 59. Configuring Name Resolution for Client Computers IP Address Can be Provided by a DHCP Server or Manually Configured Internet Protocol (TCP/IP) Properties General You can get IP settings assigned automatically if your network supports this capability. Otherwise, you need to ask your network administrator for the appropriate IP settings. Obtain an IP address automatically Use the following IP address: IP address: Subnet mask: Default gateway: 192 . 168 . 2 . 15 255 . 255 . 255 . 0 192 . 168 . 1 . 2 Use the following DNS server addresses: Preferred DNS server: Alternate DNS server: Obtain DNS server address automatically Advanced... OK Cancel
  60. 60. Creating Zones <ul><li>Identifying Zone Types </li></ul><ul><li>Examining the Zone File </li></ul><ul><li>Creating Lookup Zones </li></ul>
  61. 61. Identifying Zone Types Standard Zones Primary Zone Secondary Zone Change Zone Transfer Active Directory Integrated Zones Change Change Change Zone Transfer
  62. 62. Examining the Zone File <ul><li>Resource Records in a Zone File Can Contain a Computer’s </li></ul><ul><ul><li>FQDN </li></ul></ul><ul><ul><li>IP address </li></ul></ul><ul><ul><li>Alias </li></ul></ul>Zone DNS Server Zone Database File @ NS casablanca.africa1.nwtraders.msft. casablanca A 192.168.11.1 marrakech CNAME casablanca.africa1. nwtraders.msft. 1.11.168.192.in-addr.arpa. PTR casablanca.africa1.nwtraders.msft. Record
  63. 63. Creating Lookup Zones IP address for nwtraders.msft? IP address = 192.168.1.50 Name for 192.168.1.50? Name = nwtraders.msft Forward Lookup DNS Server Reverse Lookup DNS Server
  64. 64. Configuring Zones <ul><li>Configuring Standard Zones </li></ul><ul><li>Zone Transfer Process </li></ul><ul><li>Configuring Zone Transfers </li></ul><ul><li>Creating a Subdomain </li></ul><ul><li>Configuring Active Directory Integrated Zones </li></ul><ul><li>Migrating Zones to the Windows 2000 DNS Server service </li></ul>
  65. 65. Configuring Standard Zones <ul><li>You can configure a DNS server to host standard primary zones, standard secondary zones, or any combination of zones </li></ul><ul><li>You can designate a primary server or a secondary server as a master server for a standard secondary zone </li></ul>DNS Server A A DNS Server B B Secondary Zone (Master DNS Server = DNS Server A) C DNS Server C Secondary Zone (Master DNS Server = DNS Server A) Primary Zone Zone Information
  66. 66. Zone Transfer Process <ul><li>A Zone Transfer Is Initiated When </li></ul><ul><ul><li>A master DNS server sends notification of zone changes to the secondary server or servers </li></ul></ul><ul><ul><li>The secondary server queries a master DNS server for changes to the zone file </li></ul></ul>DNS Server (Master) nwtraders training support Primary Zone Database File Secondary Zone Database File DNS Server Zone 1
  67. 67. Configuring Zone Transfers nwtraders.msft Properties WINS Zone Transfers Security General Start of Authority (SOA) Name Servers S erial number: 28 P rimary server: london.contoso.com R esponsible person: admin. I n crement B rowse… Br o wse… 15 minutes 10 minutes 1 days 0 :1 :0 :0 0 :1 :0 :0 OK Cancel R e fresh interval: Retry inter v al: E x pires after: M inimum [default] TTL: T TL for this record: A pply OK Cancel A pply nwtraders.msft Properties General Start of Authority (SOA) Name Servers WINS Zone Transfers Security All o w zone transfers T o any server Only to s ervers listed on the Name Servers tab Only to t h e following servers I P address: To specify secondary servers to be notified of zone updates, click Notify. A d d R emove N otify… A zone transfer sends a copy of the zone to requesting servers.
  68. 68. Creating a Subdomain <ul><li>Create a Subdomain to Better Organize Your Namespace </li></ul><ul><li>Delegate Authority of a Subdomain To </li></ul><ul><ul><li>Delegate management of portions of the namespace </li></ul></ul><ul><ul><li>Delegate administrative tasks of maintaining one large DNS database </li></ul></ul>org. com. edu. au. “ .” microsoft.com. training.microsoft.com. training.microsoft.com. Subdomain Second-Level Domain Top-Level Domain Root
  69. 69. Configuring Active Directory Integrated Zones <ul><li>Active Directory Integrated Zone Data Is </li></ul><ul><ul><li>Stored as an Active Directory object </li></ul></ul><ul><ul><li>Replicated as part of domain replication </li></ul></ul>Active Directory nwtraders.msft DNS Server Active Directory Integrated Zone
  70. 70. Migrating Zones to the Windows 2000 DNS Server Service Domain_name .dns z.y.x.w .in-addr.arpa.dns The Forward Lookup File That Is Used to Translate Host Names to IP Addresses The Reverse Lookup File That Is Used to Translate IP Addresses to Host Names Files in the Windows 2000 DNS Server Service Include: Cache.dns Contains the Required Host Information for Resolving Names Outside Authoritative Domains Boot Controls How the DNS Server Service Starts
  71. 71. Configuring DNS for Internal Use <ul><li>Configure a Root Zone on a DNS Server When </li></ul><ul><ul><li>Your intranet is not connected to the Internet </li></ul></ul><ul><ul><li>You are using a proxy server to gain access to the Internet </li></ul></ul>If Your Company Is on the Internet “ .” Internet Root Domain org. Private Network com. microsoft.com. ... delegate microsoft.com ... If Your Company Is Not on the Internet, or Is Connected to the Internet Through a Proxy Server Proxy Server Private Network com. microsoft.com. “ .” Root Domain Records for microsoft.com com. delegate microsoft.com org. com. edu. au.
  72. 72. Integrating DNS and DHCP <ul><li>Overview of Dynamic Updates </li></ul><ul><li>Configuring Dynamic Updates </li></ul><ul><li>Securing Dynamic Updates </li></ul>
  73. 73. Overview of Dynamic Updates <ul><li>The DNS Dynamic Update Protocol Allows Clients to Automatically Update DNS Servers </li></ul>Computer1 Request for IP address 1 Assign IP address of 192.168.120.133 2 DHCP Server Dynamic Update Dynamic Update DNS Server Zone Database Computer1 192.168.120.133
  74. 74. Configuring Dynamic Updates To Configure Dynamic Updates, You Must: Configure the DNS Server to Allow Dynamic Updates Configure the DHCP Server for Dynamic Updates Configure Windows 2000‑Based Clients for Dynamic Updates
  75. 75. Securing Dynamic Updates Secure Dynamic Updates Active Directory Integrated Zone nwtraders.msft. Properties WINS Zone Transfers Security General Start of Authority (SOA) Name Servers Status: Type: Running Active Directory-integrated Paus e C hange… Data is stored in Active Directory. Allo w dynamic updates? A g ing… Only secure updates To set aging/scavenging properties, click Aging OK Cancel A pply
  76. 76. Maintaining and Troubleshooting DNS Servers <ul><li>Reducing Network Traffic by Using Caching-Only Servers </li></ul><ul><li>Maintaining DNS Zones </li></ul><ul><li>Monitoring DNS Servers </li></ul><ul><li>Verifying Resource Records by Using Nslookup </li></ul><ul><li>Troubleshooting Name Resolution Problems </li></ul>
  77. 77. Reducing Network Traffic by Using Caching-Only Servers <ul><li>Caching-Only Servers </li></ul><ul><ul><li>Perform name resolution on behalf of client computers and cache the results </li></ul></ul><ul><ul><li>Can be used to reduce DNS-related traffic across a WAN </li></ul></ul>Caching-Only DNS Server Client Client Client Remote Office DNS Server Corporate Headquarters Slow WAN Link
  78. 78. Maintaining DNS Zones DNS Zone_A C onsole W indow H elp A ction V iew Tree DNS ITCOMPUTER01 Forward Lookup Zones Update Server Data File Reload New Host… New Alias… New Mail Exchanger… New Domain… New Delegation… Other New Records… View New Window from Here Delete Refresh Export List… Properties Help Name Type Data (same as parent folder) (same as parent folder) Resource Record Type S elect a resource record type: Host Host Information IPv6 Host ISDN Mail Exchanger Description: Host address (A) record. Maps a DNS domain name to a single 32-bit IP version 4 address. (RFC 1035) C reate Record… Cancel
  79. 79. Monitoring DNS Servers LONDON Properties Interfaces Forwarders Advanced Root Hints Logging Monitoring Security To verify the configuration of the server, you can perform manual or automatic testing. Select a test type: A si m ple query against this DNS server A re c ursive query to other DNS servers To perform the test immediately, click Test Now. T est Now P erform automatic testing at the following interval: T e st interval: 1 minutes Te s t results: Date Time Simple Query Recursive Q.. A pply Cancel OK
  80. 80. Verifying Resource Records by Using Nslookup <ul><li>Use Nslookup to Verify That the Information Contained in Resource Records Is Correct </li></ul>Microsoft Windows 2000 [Version 5.00.2195] <C> Copyright 1985-1999 Microsoft Corp. C:>nslookup Default Server: london.nwtraders.msft Address: 192.168.1.200 > bonn Server: london. nwtraders.msft Address: 192.168.1.200 Name: bonn. nwtraders.msft Address: 192.168.1.1 > 192.168.1.2 Server: london. nwtraders.msft Address: 192.168.1.200 Name: denver. nwtraders.msft Address: 192.168.1.2 > exit C:> Command Prompt
  81. 81. Troubleshooting Name Resolution Problems Troubleshooting Name Resolution Problems Can Include: Troubleshooting Name Resolution on Client Computers Registering Client Computers Troubleshooting Zone Transfer Problems
  82. 82. Review <ul><li>Overview of the DNS Query Process </li></ul><ul><li>Installing the DNS Server Service </li></ul><ul><li>Configuring Name Resolution for Client Computers </li></ul><ul><li>Creating Zones </li></ul><ul><li>Configuring Zones </li></ul><ul><li>Configuring DNS for Internal Use </li></ul><ul><li>Integrating DNS and DHCP </li></ul><ul><li>Maintaining and Troubleshooting DNS Servers </li></ul>
  83. 83. Examining Remote Access in Windows 2000 <ul><li>Establishing a Remote Access Connection </li></ul><ul><li>Data Transport Protocols </li></ul><ul><li>Virtual Private Network Protocols </li></ul>
  84. 84. Establishing a Remote Access Connection Local Area Network Remote Access Protocols Remote Access Client Remote Access Server LAN Protocols Remote Access Protocols LAN Protocols Internet
  85. 85. Data Transport Protocols Remote Access Server Remote Access Client PPP SLIP (client only) Microsoft RAS ARAP (server only) TCP/IP NWLink NetBEUI AppleTalk Remote Access Protocols LAN Protocols
  86. 86. Virtual Private Network Protocols Client Server PPTP Internetwork Must Be IP Based No Header Compression No Tunnel Authentication Built-in PPP Encryption L2TP Internetwork Can Be IP, Frame Relay, X.25, or ATM Based Header Compression Tunnel Authentication Uses IPSec Encryption Internet PPTP or L2TP
  87. 87. Configuring Inbound Connections <ul><li>Configuring Inbound Dial-up Connections </li></ul><ul><li>Configuring Virtual Private Network Ports </li></ul><ul><li>Configuring Modem and Cable Ports </li></ul><ul><li>Configuring User Dial-in Settings </li></ul>
  88. 88. Configuring Inbound Dial-up Connections Routing and Remote Access Routing and Remote Access Server Status SERVERX (local) A ction V iew Configure and Enable Routing and Remote Access Disable Routing and Remote Access Delete Refresh Export List... Properties Help All Tasks View
  89. 89. Configuring Virtual Private Network Ports Routing and Remote Access A ction V iew Routing and Remote Access Server Status SERVERX (local) Ports Dial-In Clients (0) IP Routing Remote Access Policies Name Device Comment Status Ports WAN Miniport (PPTP)(VPN3-4) VPN Inactive WAN Miniport (PPTP)(VPN3-3) VPN Inactive WAN Miniport (PPTP)(VPN3-2) VPN Inactive WAN Miniport (PPTP)(VPN3-1) VPN Inactive WAN Miniport (PPTP)(VPN3-0) VPN Inactive WAN Miniport (L2TP)(VPN2-4) VPN Inactive WAN Miniport (L2TP)(VPN2-3) VPN Inactive WAN Miniport (L2TP)(VPN2-2) VPN Inactive WAN Miniport (L2TP)(VPN2-1) VPN Inactive WAN Miniport (L2TP)(VPN2-0) VPN Inactive Direct Parallel (LPT1) PARALLEL Inactive Modem (COM 3) MODEM Inactive PPTP Ports L2TP Ports Cable and Modem Ports
  90. 90. Configuring Modem and Cable Ports Ports Properties RAS Device Configuration In the list below, select those devices which can be used by the Routing and Remote Access Services. Devices: Usage Device Type Num... Ras Ras None WAN Miniport (PPTP) WAN Miniport (L2TP) Direct Parallel PPTP L2TP Parallel 5 5 1 Configure Configure ports - WAN Miniport (PPTP) You can enable this device to accept inbound remote access requests and to enable demand-dial routing connections. Remote access (inbound) Demand-dial routing (inbound/outbound) Phone number of this device: Ports You can adjust the port limit for a device which supports dynamic ports (such as virtual circuits). Maximum ports: 5 OK Cancel Ports, Grouped By Type Function of Port Phone Number (if applicable) Number of Virtual Ports
  91. 91. Configuring User Dial-in Settings Permissions Caller ID Callback IP Routing User1 Properties General Address Account Profile Telephones Organization Member Of Environment Timeouts Dial-in Remote Access Permission (Dial-in or VPN) Callback Options Apply Static R outes Allo w access D eny access Control access through Remote Access P olicy V erify Caller-ID: No C allback S et by Caller (Routing and Remote Access Service only) Alwa y s Callback to: Assign Static IP Address Define routes to enable for this Dial-in connection. OK Cancel A pply Static Ro u tes...
  92. 92. Configuring Outbound Connections <ul><li>Exploring Hardware Options </li></ul><ul><li>Creating a Dial-up Connection </li></ul><ul><li>Connecting to a Virtual Private Network </li></ul><ul><li>Connecting Directly Through a Cable </li></ul>
  93. 93. Exploring Hardware Options Connection Methods <ul><li>Direct Connection </li></ul><ul><li>PSTN </li></ul><ul><li>ISDN </li></ul><ul><li>Cable Modem </li></ul><ul><li>X.25 </li></ul>
  94. 94. Creating a Dial-up Connection Network Connection Type You can choose the type of network connection... Network Connection Wizard Dial-up to private network Dial-up to the Internet Connect using my phone line (modem or ISDN) Connect to the Internet using my phone line (modem or ISDN) Client Remote Access Server Client ISP Server Internet
  95. 95. Connecting to a Virtual Private Network Windows 2000 VPN Server Internet Adapter Intranet Adapter Corporate Intranet VPN Remote Access Client Internet Tunnel
  96. 96. Connecting Directly Through a Cable H ost G uest This computer has the information you want to access. Host or Guest To connect two computers, specify which one you are using. Network Connection Wizard Choose the role you want for this computer This computer will be used to access information on the host computer. Select a Device This is the device that will be used to make the connection. Network Connection Wizard S elect a device: Communications Port (Com1) Communications Port (Com1) Communications Port (Com2) Direct Parallel (LPT1) Communications Port (Com1)
  97. 97. Configuring Multilink Connections A B A B C Remote Access Server Multilink with BAP Connection Switches on Demand Remote Access Server Multilink
  98. 98. Configuring Authentication Protocols <ul><li>Standard Authentication Protocols </li></ul><ul><li>Extensible Authentication Protocols </li></ul>
  99. 99. Standard Authentication Protocols Protocol Security PAP Low SPAP Medium CHAP High MS-CHAP High Use when The client and server cannot negotiate using more secure validation Connecting a Shiva LANRover and Windows 2000–based client or a Shiva client and a Windows 2000–based remote access server You have clients that are not running Microsoft operating systems You have clients running Windows NT version 4.0 and later or, Microsoft Windows 95 and later MS-CHAP v2 High You have dial-up clients running Windows 2000, or VPN clients running Windows NT 4.0 or Windows 98
  100. 100. Extensible Authentication Protocols <ul><li>Allows the Client and Server to Negotiate the Authentication Method That They Will Use </li></ul><ul><li>Supports Authentication by Using </li></ul><ul><ul><li>MD5-CHAP </li></ul></ul><ul><ul><li>Transport Layer Security </li></ul></ul><ul><ul><li>Additional third-party authentication methods </li></ul></ul><ul><li>Ensures Support of Future Authentication Methods Through an API </li></ul>
  101. 101. Configuring Encryption Protocols Members of this group dial-in profile can use IPSec 56-bit Data Encryption Standard (DES) or MPPE 40-bit data encryption Members of this group dial-in profile can use IPSec 56-bit DES or MPPE 56-bit data encryption Members of this group dial-in profile can use IPSec Triple DES (3DES) or MPPE 128-bit data encryption Edit Dial-in Profile Dial-in Constraints IP Multilink Advanced Encryption Authentication NOTE: These encryption settings apply only to the Windows 2000 Routing and Remote Access Service. Select the level(s) of encryption that should be allowed by this profile. N o Encryption B asic S trong S t rongest OK Cancel A pply
  102. 102. Configuring Routing and Remote Access for DHCP Integration <ul><li>Assigning IP Addresses to Remote Access Clients by Using DHCP </li></ul><ul><li>Configuring Routing and Remote Access to Use DHCP </li></ul>
  103. 103. Assigning IP Addresses to Remote Access Clients by Using DHCP <ul><li>If DHCP Server is Available </li></ul><ul><li>If DHCP Server is Unavailable </li></ul>Remote Access Server Obtains 10 IP Addresses at a Time Remote Access Server Uses Automatic Private IP Addressing
  104. 104. Configuring Routing and Remote Access to Use DHCP General Security IP PPP Event Logging Enable IP routing Allow IP-based remote access and demand-dial connections IP address assignment This server can assign IP addresses by using: Dynamic Host Configuration Protocol (DHCP) Static address pool From To Number IP Add… Mask A dd… E dit… R emove Use the following adapter to obtain DHCP, DNS, and WINS addresses for dial-up clients. Ada p ter: OK Cancel A pply LONDON (local) Properties Corpnet:
  105. 105. Performing Disk Management
  106. 106. Windows 2000 Disk Storage Types Basic Storage Dynamic Storage Mirrored volume Simple volume Extended partition with logical drives H: G: F: E: D: C: F: E: D: C: -or- Primary partitions Spanned volume RAID-5 volume Striped volume
  107. 107. Using Disk Management compmgmr - [Computer Management (Local)StorageDisk Management] A ction V iew Volume (C:) Layout Partition Type Basic Computer Management (Local) System Tools Storage Removable Storage Disk Defragmenter Logical Drives Disk Management Server Applications and Services Disk Management Disk 0 Basic 3.02 GB Online (C:) 1.37 GB NTFS Healthy (System) Refresh Rescan Disks Restore Basic Disk Configuration… New All Tasks View Help Open Explore Change Drive Letter and Path… Format… Delete Partition… Properties Help Mark Partition Active Upgrade to Dynamic Disk… Properties Help Select disk Select partition or volume
  108. 108. Creating Dynamic Volumes <ul><li>Converting Storage Type </li></ul><ul><li>Creating and Extending Simple Volumes </li></ul><ul><li>Creating and Extending Spanned Volumes </li></ul><ul><li>Creating Striped Volumes </li></ul>
  109. 109. Converting Storage Type Basic System and boot partitions Primary and extended partitions, logical drives Volume set Stripe set Mirror set Stripe set with parity Dynamic Simple volumes (system and boot volumes) Simple volumes Spanned volume Striped volume Mirrored volume RAID-5 volume Basic Dynamic No volume conversion
  110. 110. Creating & Extending Simple Volumes <ul><li>Simple Volumes: </li></ul><ul><li>Contain Space on a Single Disk </li></ul><ul><li>Can Use NTFS, FAT, or FAT32 </li></ul><ul><li>Can Be Mirrored </li></ul><ul><li>Are Created with the Create Volume Wizard </li></ul><ul><li>Can Be Extended if Formatted as NTFS </li></ul>
  111. 111. Creating and Extending Spanned Volumes Free space combined into one logical volume Data written to first disk until full, then to next disk in volume 3994 MB Unallocated New Volume (G) 100 MB NTFS Healthy Disk 1 Dynamic 4094 MB Online 3994 MB Unallocated New Volume (G) 100 MB NTFS Healthy Disk 2 Dynamic 4094 MB Online Empty Empty Empty Data
  112. 112. Creating Striped Volumes Free space combined into one logical volume Data written across all disks in 64-KB units 3994 MB Unallocated New Volume (G) 100 MB NTFS Healthy Disk 1 Dynamic 4094 MB Online 3994 MB Unallocated New Volume (G) 100 MB NTFS Healthy Disk 2 Dynamic 4094 MB Online 64 KB 64 KB 64 KB
  113. 113. Performing Common Disk Management Tasks <ul><li>Creating Partitions </li></ul><ul><li>Adding Disks </li></ul><ul><li>Managing Drive Letters and Paths </li></ul><ul><li>Managing Mirror Sets on Basic Disks </li></ul><ul><li>Managing Other Sets on Basic Disks </li></ul><ul><li>Defragmenting Hard Disks </li></ul>
  114. 114. Creating Partitions Create Partition Wizard Select Partition Type You can specify what type of partition to create. Select Partition Size How big do you want the partition to be? Assign Drive Letter or Path You can assign a drive letter or drive path to a partition. Format Partition You can customize the formatting of the partition. Specify whether you want to format this partition. D o not format this partition F o rmat this partition with the following settings: Formatting File system to use: Allocation unit size: Volume label: NTFS Default Allocation Size New Volume
  115. 115. Adding Disks <ul><li>Adding a New Disk </li></ul><ul><li>Adding Disks from Other Computers </li></ul><ul><li>Failed: Incomplete Volume and Failed Redundancy Mean Disk is Missing from Volume </li></ul>Refresh Rescan Disks Restore Basic Disk Configuration… New All Tasks View Help Disk 0 Basic 1908 MB Online CDRom 0 CDRom No Media Import Foreign Disk
  116. 116. Managing Drive Letters and Paths <ul><li>Managing Drive Letters </li></ul><ul><ul><li>Add—to assign a new drive letter </li></ul></ul><ul><ul><li>Remove—to remove an existing drive letter </li></ul></ul><ul><ul><li>Modify—to change an existing drive letter </li></ul></ul><ul><li>Managing Drive Paths </li></ul>New Volume 51 MB NTFS Healthy (C:) 1.37 GB NTFS Healthy (System) Disk 0 Basic 3.02 GB Online Desktop My documents My computer 3 1/2 Floppy (A:) Local Disk (C:) Documents and Settings Inetpub Program Files Project Data Shared Files WINNT Local Disk (C:)
  117. 117. Managing Mirror Sets on Basic Disks <ul><li>Repairing a Mirror Set </li></ul><ul><li>Resynchronizing Mirror Sets </li></ul><ul><li>Breaking Mirror Sets </li></ul><ul><li>Deleting Mirror Sets </li></ul>Mirror set created in Windows NT 4.0 Upgraded to Windows 2000 Mirror set on basic disks in Windows 2000 … . … .
  118. 118. Managing Other Sets on Basic Disks <ul><li>Deleting Volume Sets and Stripe Sets </li></ul><ul><ul><li>Deleting a volume set or stripe set deletes all of the data that the set contains </li></ul></ul><ul><ul><li>You can delete entire sets only </li></ul></ul><ul><li>Repairing and Deleting Stripe Sets with Parity </li></ul><ul><ul><li>Repairing a stripe set with parity requires additional basic disk with sufficient free space </li></ul></ul><ul><ul><li>Deleting a stripe set with parity deletes all data that the set contains </li></ul></ul><ul><ul><li>You can delete entire stripe set with parity only </li></ul></ul>
  119. 119. Defragmenting Hard Disks (D:) Paused FAT32 2,857 MB Analysis display: Defragmentation display: Analyze Defragment Resume Stop Fragmented files Contiguous files System files Free space
  120. 120. Summary of Network <ul><li>Centralize and Simplify Functions </li></ul><ul><ul><li>DHCP, DNS, RIS and other services </li></ul></ul><ul><li>Separate Portions of Network Logically </li></ul><ul><ul><li>Domains arranged not by physical location </li></ul></ul><ul><li>Protect Data </li></ul><ul><ul><li>Multiple Servers, Active Directory </li></ul></ul><ul><ul><li>RAID </li></ul></ul><ul><li>Make accessible yet Secure </li></ul><ul><ul><li>Remote Access </li></ul></ul><ul><ul><li>VPNs </li></ul></ul>
  121. 121. Assignments - due before next week <ul><li>Project 1 (Handout) </li></ul><ul><li>Based on your reading of the lesson and textbook in Section 1.1, write a one-page document on what you believe constitutes a platform. </li></ul><ul><li>Small Group Assignment: </li></ul><ul><ul><li>Identify & research some significant policies and procedures that system administrators use to set up desktop workstations. List key points of policies and URLs used for your research. (Hint: Virtual Library!) </li></ul></ul><ul><li>Quiz at 11:45 pm </li></ul>
  122. 122. Next Week <ul><li>Chapters 18 and 14 </li></ul><ul><li>Network Topologies, Connectivity </li></ul><ul><li>Centralization, Decentralization, Outsourcing </li></ul><ul><li>You will be creating a layout of a network - all the components, where they should be, what their role is </li></ul><ul><li>2 quizzes, as determined by syllabus (both will be at end of class session) </li></ul>

×