Get documents about "Windows Server 2003 Networking Environment Administration
Document Sample
Windows Server 2003
Networking Environment
Administration
Managing & Maintenance
Instructor: Kishore Patel
Windows Server 2003
Operating System Family
• Windows 2003 Server Web Edition
• Windows 2003 Server Standard Edition
• Windows 2003 Server Enterprise Edition
• Windows 2003 Server Datacenter Edition
• All four Server operating systems available in
32-bits (Intel platform), and share many common
features and utilities.
• Enterprise and Datacenter Editions are also available
in 64-bits (Itanium platform)
Minimum and Recommended
Hardware Requirements
Requirements Web Standard
Edition Edition
Minimum CPU Speed 133 MHz 133 MHz
Recommended CPU Speed 550 MHZ 550 MHz
Minimum RAM 128 MB 128 MB
Recommended Mini. RAM 256 MB 256 MB
Maximum RAM 2GB 4GB
Multiprocessors Support Up to 2 Up to 4
Minimum Disk Space 1.5 GB 1.5 GB
Recommended Disk Space 2.5 GB 2.5 GB
Minimum & Recommended Hardware Requirements
Requirements Enterprise Datacenter
Edition Edition
Minimum CPU Speed 133 MHz for 400 MHz for
32-bits x86 Intel 32-bits x86 Intel
733 MHz for 733 MHz for
64-bits Itanium 64-bits Itanium
Recommended CPU Speed 733 MHZ 733 MHz
Minimum RAM 128 MB 512 MB
Recommended Mini. RAM 256 MB 1 GB
Maximum RAM 32GB 64GB
Multiprocessors Support Up to 8 Up to 32
Minimum Disk Space 1.5 GB 1.5 GB
Recommended Disk Space 2.5 GB 2.5 GB
Windows Server 2003 Web Edition
• Enables to deploy Web sites, Web applications and Web
services
• Can not function as a Domain Controller, but can be a
member of Active Directory Domain
• Supports unlimited number of Web connections, but limited
to only 10 simultaneous Server Message Block (SMB)
connections – internal network users
• Can not function as an Internet gateway
• Can not function as a Dynamic Host Configuration Protocol
(DHCP) server, Fax server, Microsoft SQL server, or
Terminal server
• Includes Internet Information Services (IIS 6) and Network
Load Balancing (NLB)
Windows Server 2003 Standard Edition
• Can function as a Member Server or a Domain Controller,
with full Active Directory support
• Includes Internet Information Services (IIS 6), which
provides Web and FTP services
• Includes DHCP Server, Domain Name System (DNS)
Server, and Windows Internet Name Service (WINS) Server
• Can function as a TCP/IP router in Local Area Network
(LAN), Wide Area Network (WAN), including Internet
access and Remote access routing with Routing and Remote
Access Service (RRAS), also as a Terminal Server, which
enables clients to access Windows desktop sessions
including applications on the server
• Includes Encrypted File System (EFS), IP Security
extensions and Public Key Infrastructure (PKI)
Windows Server 2003 Enterprise Edition
• Additional features not supplied with the Standard
Edition are available here
• Includes Microsoft Metadirectory Services (MMS), which
integrates multiple information sources into a single unified
directory – combining Active Directory Services with other
directory services
• Server Clustering distributes application processing among
many servers, reducing the load on each computer and also
provides fault tolerance if any of the server fails
• Hot Add Memory allows administrators to add or remove
memory in the computer without turning it off or restarting
• Datacenter Edition is a high-end, high-traffic
application server and provides greater
hardware scalability than Enterprise Edition
Workgroup Model
• There are two types of Networking Model
used by Windows NT, Windows 2000 and
Windows Server 20003 Operating Systems
• Workgroup Model
• Domain Model
• Work Group Model
• Logical grouping of networked computers with shared
resources in a small network, well suited for less than 10
computers
• each user administers its own computer
• user must have a user account on each and every computer
in the network
Workgroup Model
• If an user changes his or her password, it has to be changed
on each computer
• No centralized security
• Security is maintained individually at each computer
through a local user account in a database called Security
Account Management (SAM)
• Can provide access to resources only on the local computer
• No centrally maintained user account database like in the
Domain Model
• In Workgroup Model, Windows Server 2003 computer is
not configured as a domain controller
• Windows Server 2003 acts as a stand alone server
• There are no dedicated servers in a workgroup - dedicated
server only provides services
• A workgroup is also known as peer-to-peer network
Domain Model
• Domain is a logical grouping of networked computers
(servers and clients) with shared resources in a large
network
• Centralized security
• User has only one user account called a domain user
account, which is stored in the domain directory database
(Active Directory) on a domain controller
• Windows Server 2003 configured as a domain controller
• Can provide access to Shared resources in the whole domain
• A domain user account consists of a logon name and a
password, with a unique Security Identifier (SID) and
requires a domain name to log on to a domain
• If an user changes his or her password, it does not have to
be changed on each computer
Windows NT, 2000 and 20003 Domains
• Windows NT Domain configuration
• Primary Domain Controller (PDC)
• Backup Domain Controller (BDC)
• Member Servers
• Windows NT Workstations
• Windows 2000 Domain configuration
• Domain Controller (DC) – more than one DCs
• Member Servers
• Windows 2000 Professionals
• Windows Server 2003 Domain configuration
• Domain Controller (DC) – more than one DCs
• Member Servers
• All three domain models can have other clients computers
with different operating systems like Windows XP,
Windows 2000 Professional, Windows NT Workstations,
Windows Me, 98, 95, Unix, Novel Netware, etc.
Windows Server 2003 Domain
• A Stand alone server is in a workgroup
• A Member server is in a domain (when a Stand alone server
becomes a member of the domain by joining the domain, it
is known as a Member server – by opening a computer
account in the Active Directory on a domain controller
• You are required to have minimum of one domain controller
per domain, but it is better to have an additional domain
controller or many domain controllers in a Domain to
provide fault tolerance and load balancing
• Fault Tolerance is the ability of a computer or an operating
system to respond to a catastrophic event, such as a power
outrage or hardware failure, so that no data is lost, and that
work in progress is not corrupted
• All domain controllers in Active Directory Service are peers
(at the same hierarchical level)
Active Directory
• Computers that have a copy of this Active Directory
database are called domain controllers
• Active Directory database contains various types of
network objects, like shared folders, printers, user accounts,
group accounts, computer accounts, etc.
• Each Domain contains one or more domain controllers
which stores replica of the domain’s Active Directory
database (information about network objects)
• Changes made to any domain controller are continually
replicated to all other domain controllers in the domain
(Multiple Master Replication)
• Domain Name Service (DNS) - name resolution component of the
TCP/IP networking protocol, which is a default protocol for
Windows Server 2003 and Windows 2000 Network
DNS Names
• DNS - a hierarchical naming structure used by Internet as
well as Corporate Intranet for domain naming (Windows
Server 2003 & Windows 2000 networking)
• Client computers use DNS server to locate Active Directory
domain controllers as well as network objects in A D
• At the top of the hierarchy are root-level servers, denoted by
a period or dot (.), Below the root-level are the top-level
domain servers, denoted by .Com, .Edu, .Org. and so on
• Internet uses FQDN - Fully Qualified Domain Name, the
naming convention in conjunction with TCPIP
• The format for an FQDN is
server_name.domain_name.root_domain_name
• Computers use IP addresses on a TCP/IP network for
communication (Domain Name Server (DNS))
• Users use more friendly NetBIOS computer names
(Windows Internet Naming Service (WINS))
Active Directory
• Active Directory is the directory service used by Windows
Server 2003 and Windows 2000 networking environment
• A directory service consists of two parts:
• A centralized, hierarchical database that contains information
about users and resources on a network
• A service that manages the database and enables users of
computers on the network to access the database
• A directory service is both an administration tool and
an end-user tool
• Major requirements for Active Directory
• Windows Server 2003 – Standard or Enterprise editions
• NTFS file system
• DNS Server
Active Directory
• The key building blocks in the Active Directory hierarchical
structure are domains
• The first domain controller is called root-domain
• Multiple domains are connected by two way trust
relationships by default – Transitive trust relationship
• Domain Tree - is a hierarchical grouping of one or more
domains that must have a single root domain, and may have
one or more child domains
• Multiple domain trees or different name spaces makes a
forest
• By having a single user account in a domain, a user can
access all the shared resources within the domain as well
as other shared network resources in a domain tree or in a
forest, where the user does not have a user account
Active Directory
• In Active Directory – Every resource in a Windows Server
2003 Environment is called an object
• Each object is composed Attributes
• It is easy to find a resource by its Attributes or properties
• An active directory object (user, computer, printer, file,
application, etc.) is a record in the directory defined by a
distinct set of attributes
• It is easy to find a resource by its Attributes or properties
• The attributes hold data describing the subject that is
identified by the directory object
• A Class is simply a template to define the attributes of an
object
• Classes are: Computer, Contact, Group, Organizational
Unit, Domain, Printer, User, Shared Folder, etc.
• An object that can not contain another object, such as a user
or computer, is called leaf object
Active Directory
• Active directory divides into Organizational Units that
contain objects and sub-organizational units
• Organizational Units called container objects reside inside
a domain
• One can delegate authority to an organization unit
• Schema - a set of rules that governs the hierarchical
structure of the directory and its contents including classes
of objects and their attributes
• Default Schema is created by installing Active Directory on
the first domain controller
• Administrator can control user rights, security settings,
deploy software on computers, configure operating system,
etc. using Group Policy Objects (GPO)
Active Directory
• Global Catalog - is a master, searchable index that contains
information about objects in a domain tree (a collection of domains
that form a hierarchical domain tree) or forest (a collection of domain
trees that are part of different hierarchies)
• A Global Catalog - is a service as well as a physical storage location
that contains a replica of selected attributes of every objects
• A Global Catalog performs two important functions:
• provides group membership information during log on and
authentication
• helps users to find objects of interest without knowing what
domain holds them and without requiring a contiguous
extended namespace
• By default, Global Catalog is created automatically on the
first domain controller when Active directory is installed
Active Directory Users and Computers
snap-in Administrative Tool
• Active Directory Users and Computers snap-in becomes
available on domain controller, when you change a member
server role to a domain controller
• By default, Active Directory Users and Computers snap-in
is not installed on Windows 2003 Member Server, Windows
2000 Professional or XP Workstation computers
• By installing ADMINPAK (Adminpak.msi) from Windows
Server 20003 CD, Administrator can make Active Directory
Users and Computer snap-in available on any of the above
computers and can perform administrative work (like
creating a user, group or computer accounts, modifying user
rights, assigning permissions, etc. on any domain controllers
from these remote computers
Architecture of Windows Server 2003
• Two Subsystems: User mode and Kernel mode
• All applications run in user mode which cannot
access hardware directly, known as less privileged
processor mode
• The applications make their requests to a set of
executive services running in kernel mode
• By preventing applications to access hardware
directly, Windows 2003 like Windows 2000, has
achieved greater stability
• If an application running in user mode goes down, it
will not bring down the entire system
• Kernel mode refers to highly previleged mode of
operation, accesses hardware directly through
Hardware Abstraction Layer (HAL)
Installation Process
• Two distinct phases of Installation
• Text mode phase
• No floppy start-up installation
• Setup prompts for required information for installation
• Formats the partition, creates the system root
directory structure, builds the registry, detects the
hardware and copies Operating System files
• Graphical mode phase
• prompts for optional components to install and ask for
the administrative password
• Gathers information about computer
• Installs Windows 2003 networking
• Complete Setup
Unattended Installation
• Answer files – For un-identical computers
• Create an answer file that contains information about
each computer
• Disk Images – For identical computers
• A disk image is a bit-for-bit copy of the hard drive in a
computer that has the Operating System already
installed
• Create a distribution folder, Copy the contents of the
I386 directory from Windows 2003 Server CD to the
distribution folder and share it
• Use Remote Installation Services tool to deploy disk
images to other computers over the network
Getting Ready for Installation
• Lab Manual – Perform Exercise 1-1
• Boot from Windows Server 2003 CD – Installation
(step 1)
• Select 4 GB partition size – C: drive (step 8)
• Select NTFS file system (step 9)
• Type your Last Name (step 11)
Organization – Seneca (step 11)
• Product Key - 25 characters Product Key (step 13)
• Licensing Mode - Per Server or Per seat
Default Per server – 5 (step 14)
• Computer Name - NetBIOS name up to 15 characters
long, must be unique, Type your Last Name (step 15)
Getting Ready for Installation
• Lab Manual – Perform Exercise 1-1
• Administrator password - Never forget the
password for the Administrator account (step 16)
• If you forget, you will have to reinstall Windows
2003 Server
• Password is case sensitive - Use complex password
Minimum 7 Characters (step 16)
• Leave default Typical settings option (step 17)
• Leave default WORKGROUP (step 19)
• Computer restarts automatically and Welcome To
Windows dialog box appears
Getting Ready for Installation
• Lab Manual – Perform Exercise 1-2
• Log on to Windows Server 2003 as Administrator and
close the default box
• Select Start, Run, Type dcpromo.exe – enter to install
Active Directory on the server to change its role as a
domain controller
• Type your Last Name.Com for the new domain
(step 11)
• Verify that the Domain NetBIOS Name reads your
Last Name
• Select the Install And Configure The DNS Server on
This Computer option (step 15)
• Accept default permission option (step 16)
• Type the same administrative password (step 17)
• Click Finish and then click Restarts (step 19 and 20)
Related docs
