Windows Server 2003 Networking Environment Administration by hiy10027

VIEWS: 49 PAGES: 26

									 Windows Server 2003
Networking Environment

    Administration
Managing & Maintenance

           Instructor: Kishore Patel
        Windows Server 2003
       Operating System Family
•   Windows 2003 Server Web Edition
•   Windows 2003 Server Standard Edition
•   Windows 2003 Server Enterprise Edition
•   Windows 2003 Server Datacenter Edition
• All four Server operating systems available in
  32-bits (Intel platform), and share many common
  features and utilities.
• Enterprise and Datacenter Editions are also available
  in 64-bits (Itanium platform)
     Minimum and Recommended
      Hardware Requirements
Requirements              Web       Standard
                          Edition   Edition

Minimum CPU Speed         133 MHz   133 MHz
Recommended CPU Speed     550 MHZ   550 MHz
Minimum RAM               128 MB    128 MB
Recommended Mini. RAM     256 MB    256 MB
Maximum RAM               2GB       4GB
Multiprocessors Support   Up to 2   Up to 4
Minimum Disk Space        1.5 GB    1.5 GB
Recommended Disk Space    2.5 GB    2.5 GB
Minimum & Recommended Hardware Requirements
Requirements               Enterprise        Datacenter
                           Edition           Edition

Minimum CPU Speed        133 MHz for       400 MHz for
                    32-bits x86 Intel   32-bits x86 Intel
                        733 MHz for        733 MHz for
                    64-bits Itanium     64-bits Itanium

Recommended CPU Speed      733 MHZ           733 MHz
Minimum RAM                128 MB            512 MB
Recommended Mini. RAM      256 MB            1 GB
Maximum RAM                32GB              64GB
Multiprocessors Support    Up to 8           Up to 32
Minimum Disk Space         1.5 GB            1.5 GB
Recommended Disk Space     2.5 GB            2.5 GB
 Windows Server 2003 Web Edition
• Enables to deploy Web sites, Web applications and Web
  services
• Can not function as a Domain Controller, but can be a
  member of Active Directory Domain
• Supports unlimited number of Web connections, but limited
  to only 10 simultaneous Server Message Block (SMB)
  connections – internal network users
• Can not function as an Internet gateway
• Can not function as a Dynamic Host Configuration Protocol
  (DHCP) server, Fax server, Microsoft SQL server, or
  Terminal server
• Includes Internet Information Services (IIS 6) and Network
  Load Balancing (NLB)
 Windows Server 2003 Standard Edition
• Can function as a Member Server or a Domain Controller,
  with full Active Directory support
• Includes Internet Information Services (IIS 6), which
  provides Web and FTP services
• Includes DHCP Server, Domain Name System (DNS)
  Server, and Windows Internet Name Service (WINS) Server
• Can function as a TCP/IP router in Local Area Network
  (LAN), Wide Area Network (WAN), including Internet
  access and Remote access routing with Routing and Remote
  Access Service (RRAS), also as a Terminal Server, which
  enables clients to access Windows desktop sessions
  including applications on the server
• Includes Encrypted File System (EFS), IP Security
  extensions and Public Key Infrastructure (PKI)
Windows Server 2003 Enterprise Edition
• Additional features not supplied with the Standard
  Edition are available here
• Includes Microsoft Metadirectory Services (MMS), which
  integrates multiple information sources into a single unified
  directory – combining Active Directory Services with other
  directory services
• Server Clustering distributes application processing among
  many servers, reducing the load on each computer and also
  provides fault tolerance if any of the server fails
• Hot Add Memory allows administrators to add or remove
  memory in the computer without turning it off or restarting

• Datacenter Edition is a high-end, high-traffic
  application server and provides greater
  hardware scalability than Enterprise Edition
              Workgroup Model
• There are two types of Networking Model
  used by Windows NT, Windows 2000 and
  Windows Server 20003 Operating Systems
    • Workgroup Model
    • Domain Model
• Work Group Model
• Logical grouping of networked computers with shared
  resources in a small network, well suited for less than 10
  computers
• each user administers its own computer
• user must have a user account on each and every computer
  in the network
              Workgroup Model
• If an user changes his or her password, it has to be changed
  on each computer
• No centralized security
• Security is maintained individually at each computer
  through a local user account in a database called Security
  Account Management (SAM)
• Can provide access to resources only on the local computer
• No centrally maintained user account database like in the
  Domain Model
• In Workgroup Model, Windows Server 2003 computer is
  not configured as a domain controller
• Windows Server 2003 acts as a stand alone server
• There are no dedicated servers in a workgroup - dedicated
  server only provides services
• A workgroup is also known as peer-to-peer network
                  Domain Model
• Domain is a logical grouping of networked computers
  (servers and clients) with shared resources in a large
  network
• Centralized security
• User has only one user account called a domain user
  account, which is stored in the domain directory database
  (Active Directory) on a domain controller
• Windows Server 2003 configured as a domain controller
• Can provide access to Shared resources in the whole domain
• A domain user account consists of a logon name and a
  password, with a unique Security Identifier (SID) and
  requires a domain name to log on to a domain
• If an user changes his or her password, it does not have to
  be changed on each computer
    Windows NT, 2000 and 20003 Domains
• Windows NT Domain configuration
      •   Primary Domain Controller (PDC)
      •   Backup Domain Controller (BDC)
      •   Member Servers
      •   Windows NT Workstations
• Windows 2000 Domain configuration
      • Domain Controller (DC) – more than one DCs
      • Member Servers
      • Windows 2000 Professionals
• Windows Server 2003 Domain configuration
      • Domain Controller (DC) – more than one DCs
      • Member Servers
• All three domain models can have other clients computers
  with different operating systems like Windows XP,
  Windows 2000 Professional, Windows NT Workstations,
  Windows Me, 98, 95, Unix, Novel Netware, etc.
   Windows Server 2003 Domain
• A Stand alone server is in a workgroup
• A Member server is in a domain (when a Stand alone server
  becomes a member of the domain by joining the domain, it
  is known as a Member server – by opening a computer
  account in the Active Directory on a domain controller
• You are required to have minimum of one domain controller
  per domain, but it is better to have an additional domain
  controller or many domain controllers in a Domain to
  provide fault tolerance and load balancing
• Fault Tolerance is the ability of a computer or an operating
  system to respond to a catastrophic event, such as a power
  outrage or hardware failure, so that no data is lost, and that
  work in progress is not corrupted
• All domain controllers in Active Directory Service are peers
  (at the same hierarchical level)
               Active Directory
• Computers that have a copy of this Active Directory
  database are called domain controllers
• Active Directory database contains various types of
  network objects, like shared folders, printers, user accounts,
  group accounts, computer accounts, etc.
• Each Domain contains one or more domain controllers
  which stores replica of the domain’s Active Directory
  database (information about network objects)
• Changes made to any domain controller are continually
  replicated to all other domain controllers in the domain
  (Multiple Master Replication)
• Domain Name Service (DNS) - name resolution component of the
  TCP/IP networking protocol, which is a default protocol for
  Windows Server 2003 and Windows 2000 Network
                   DNS Names
• DNS - a hierarchical naming structure used by Internet as
  well as Corporate Intranet for domain naming (Windows
  Server 2003 & Windows 2000 networking)
• Client computers use DNS server to locate Active Directory
  domain controllers as well as network objects in A D
• At the top of the hierarchy are root-level servers, denoted by
  a period or dot (.), Below the root-level are the top-level
  domain servers, denoted by .Com, .Edu, .Org. and so on
• Internet uses FQDN - Fully Qualified Domain Name, the
  naming convention in conjunction with TCPIP
• The format for an FQDN is
  server_name.domain_name.root_domain_name
• Computers use IP addresses on a TCP/IP network for
  communication (Domain Name Server (DNS))
• Users use more friendly NetBIOS computer names
  (Windows Internet Naming Service (WINS))
               Active Directory
• Active Directory is the directory service used by Windows
  Server 2003 and Windows 2000 networking environment
• A directory service consists of two parts:
      • A centralized, hierarchical database that contains information
        about users and resources on a network
      • A service that manages the database and enables users of
        computers on the network to access the database
• A directory service is both an administration tool and
  an end-user tool
• Major requirements for Active Directory
      • Windows Server 2003 – Standard or Enterprise editions
      • NTFS file system
      • DNS Server
              Active Directory
• The key building blocks in the Active Directory hierarchical
  structure are domains
• The first domain controller is called root-domain
• Multiple domains are connected by two way trust
  relationships by default – Transitive trust relationship
• Domain Tree - is a hierarchical grouping of one or more
  domains that must have a single root domain, and may have
  one or more child domains
• Multiple domain trees or different name spaces makes a
  forest
• By having a single user account in a domain, a user can
  access all the shared resources within the domain as well
  as other shared network resources in a domain tree or in a
  forest, where the user does not have a user account
              Active Directory
• In Active Directory – Every resource in a Windows Server
  2003 Environment is called an object
• Each object is composed Attributes
• It is easy to find a resource by its Attributes or properties
• An active directory object (user, computer, printer, file,
  application, etc.) is a record in the directory defined by a
  distinct set of attributes
• It is easy to find a resource by its Attributes or properties
• The attributes hold data describing the subject that is
  identified by the directory object
• A Class is simply a template to define the attributes of an
  object
• Classes are: Computer, Contact, Group, Organizational
  Unit, Domain, Printer, User, Shared Folder, etc.
• An object that can not contain another object, such as a user
  or computer, is called leaf object
               Active Directory
• Active directory divides into Organizational Units that
  contain objects and sub-organizational units
• Organizational Units called container objects reside inside
  a domain
• One can delegate authority to an organization unit
• Schema - a set of rules that governs the hierarchical
  structure of the directory and its contents including classes
  of objects and their attributes
• Default Schema is created by installing Active Directory on
  the first domain controller
• Administrator can control user rights, security settings,
  deploy software on computers, configure operating system,
  etc. using Group Policy Objects (GPO)
                Active Directory
• Global Catalog - is a master, searchable index that contains
  information about objects in a domain tree (a collection of domains
  that form a hierarchical domain tree) or forest (a collection of domain
  trees that are part of different hierarchies)
• A Global Catalog - is a service as well as a physical storage location
  that contains a replica of selected attributes of every objects
• A Global Catalog performs two important functions:
       • provides group membership information during log on and
         authentication
       • helps users to find objects of interest without knowing what
         domain holds them and without requiring a contiguous
         extended namespace
• By default, Global Catalog is created automatically on the
  first domain controller when Active directory is installed
  Active Directory Users and Computers
       snap-in Administrative Tool
• Active Directory Users and Computers snap-in becomes
  available on domain controller, when you change a member
  server role to a domain controller
• By default, Active Directory Users and Computers snap-in
  is not installed on Windows 2003 Member Server, Windows
  2000 Professional or XP Workstation computers
• By installing ADMINPAK (Adminpak.msi) from Windows
  Server 20003 CD, Administrator can make Active Directory
  Users and Computer snap-in available on any of the above
  computers and can perform administrative work (like
  creating a user, group or computer accounts, modifying user
  rights, assigning permissions, etc. on any domain controllers
  from these remote computers
  Architecture of Windows Server 2003
• Two Subsystems: User mode and Kernel mode
    • All applications run in user mode which cannot
      access hardware directly, known as less privileged
      processor mode
    • The applications make their requests to a set of
      executive services running in kernel mode
    • By preventing applications to access hardware
      directly, Windows 2003 like Windows 2000, has
      achieved greater stability
    • If an application running in user mode goes down, it
      will not bring down the entire system
    • Kernel mode refers to highly previleged mode of
      operation, accesses hardware directly through
      Hardware Abstraction Layer (HAL)
            Installation Process
• Two distinct phases of Installation
• Text mode phase
     • No floppy start-up installation
     • Setup prompts for required information for installation
     • Formats the partition, creates the system root
       directory structure, builds the registry, detects the
       hardware and copies Operating System files
• Graphical mode phase
     • prompts for optional components to install and ask for
       the administrative password
     • Gathers information about computer
     • Installs Windows 2003 networking
     • Complete Setup
      Unattended Installation
• Answer files – For un-identical computers
     • Create an answer file that contains information about
       each computer
• Disk Images – For identical computers
     • A disk image is a bit-for-bit copy of the hard drive in a
       computer that has the Operating System already
       installed
     • Create a distribution folder, Copy the contents of the
       I386 directory from Windows 2003 Server CD to the
       distribution folder and share it
     • Use Remote Installation Services tool to deploy disk
       images to other computers over the network
 Getting Ready for Installation
• Lab Manual – Perform Exercise 1-1
    • Boot from Windows Server 2003 CD – Installation
      (step 1)
    • Select 4 GB partition size – C: drive (step 8)
    • Select NTFS file system (step 9)
    • Type your Last Name (step 11)
      Organization – Seneca (step 11)
    • Product Key - 25 characters Product Key (step 13)
    • Licensing Mode - Per Server or Per seat
      Default Per server – 5 (step 14)
    • Computer Name - NetBIOS name up to 15 characters
      long, must be unique, Type your Last Name (step 15)
 Getting Ready for Installation
• Lab Manual – Perform Exercise 1-1
    • Administrator password - Never forget the
      password for the Administrator account (step 16)
    • If you forget, you will have to reinstall Windows
      2003 Server
    • Password is case sensitive - Use complex password
      Minimum 7 Characters (step 16)
    • Leave default Typical settings option (step 17)
    • Leave default WORKGROUP (step 19)
    • Computer restarts automatically and Welcome To
      Windows dialog box appears
 Getting Ready for Installation
• Lab Manual – Perform Exercise 1-2
    • Log on to Windows Server 2003 as Administrator and
      close the default box
    • Select Start, Run, Type dcpromo.exe – enter to install
      Active Directory on the server to change its role as a
      domain controller
    • Type your Last Name.Com for the new domain
      (step 11)
    • Verify that the Domain NetBIOS Name reads your
      Last Name
    • Select the Install And Configure The DNS Server on
      This Computer option (step 15)
    • Accept default permission option (step 16)
    • Type the same administrative password (step 17)
    • Click Finish and then click Restarts (step 19 and 20)

								
To top