260 likes | 539 Views
Windows Server 2003 Networking Environment Administration Managing & Maintenance Instructor: Kishore Patel Windows Server 2003 Operating System Family Windows 2003 Server Web Edition Windows 2003 Server Standard Edition Windows 2003 Server Enterprise Edition
E N D
Windows Server 2003 Networking EnvironmentAdministrationManaging & Maintenance Instructor: Kishore Patel
Windows Server 2003 Operating System Family • Windows 2003 Server Web Edition • Windows 2003 Server Standard Edition • Windows 2003 Server Enterprise Edition • Windows 2003 Server Datacenter Edition • All four Server operating systems available in 32-bits (Intel platform), and share many common features and utilities. • Enterprise and Datacenter Editions are also available in 64-bits (Itanium platform)
Minimum and Recommended Hardware Requirements RequirementsWebStandard EditionEdition Minimum CPU Speed 133 MHz 133 MHz Recommended CPU Speed 550 MHZ 550 MHz Minimum RAM 128 MB 128 MB Recommended Mini. RAM 256 MB 256 MB Maximum RAM 2GB 4GB Multiprocessors Support Up to 2 Up to 4 Minimum Disk Space 1.5 GB 1.5 GB Recommended Disk Space 2.5 GB 2.5 GB
Minimum & Recommended Hardware Requirements RequirementsEnterpriseDatacenterEditionEdition Minimum CPU Speed 133 MHz for 400 MHz for 32-bitsx86 Intel 32-bits x86 Intel 733 MHz for 733 MHz for 64-bits Itanium 64-bits Itanium Recommended CPU Speed 733 MHZ 733 MHz Minimum RAM 128 MB 512 MB Recommended Mini. RAM 256 MB 1 GB Maximum RAM 32GB 64GB Multiprocessors Support Up to 8 Up to 32 Minimum Disk Space 1.5 GB 1.5 GB Recommended Disk Space 2.5 GB 2.5 GB
Windows Server 2003 Web Edition • Enables to deploy Web sites, Web applications and Web services • Can not function as a Domain Controller, but can be a member of Active Directory Domain • Supports unlimited number of Web connections, but limited to only 10 simultaneous Server Message Block (SMB) connections – internal network users • Can not function as an Internet gateway • Can not function as a Dynamic Host Configuration Protocol (DHCP) server, Fax server, Microsoft SQL server, or Terminal server • Includes Internet Information Services (IIS 6) and Network Load Balancing (NLB)
Windows Server 2003 Standard Edition • Can function as a Member Server or a Domain Controller, with full Active Directory support • Includes Internet Information Services (IIS 6), which provides Web and FTP services • Includes DHCP Server, Domain Name System (DNS) Server, and Windows Internet Name Service (WINS) Server • Can function as a TCP/IP router in Local Area Network (LAN), Wide Area Network (WAN), including Internet access and Remote access routing with Routing and Remote Access Service (RRAS), also as a Terminal Server, which enables clients to access Windows desktop sessions including applications on the server • Includes Encrypted File System (EFS), IP Security extensions and Public Key Infrastructure (PKI)
Windows Server 2003 Enterprise Edition • Additional features not supplied with the Standard Edition are available here • Includes Microsoft Metadirectory Services (MMS), which integrates multiple information sources into a single unified directory – combining Active Directory Services with other directory services • Server Clustering distributes application processing among many servers, reducing the load on each computer and also provides fault tolerance if any of the server fails • Hot Add Memory allows administrators to add or remove memory in the computer without turning it off or restarting • Datacenter Edition is a high-end, high-traffic application server and provides greater hardware scalability than Enterprise Edition
Workgroup Model • There are two types of Networking Model used by Windows NT, Windows 2000 and Windows Server 20003 Operating Systems • Workgroup Model • Domain Model • Work Group Model • Logical grouping of networked computers with shared resources in a small network, well suited for less than 10 computers • each user administers its own computer • user must have a user account on each and every computer in the network
Workgroup Model • If an user changes his or her password, it has to be changed on each computer • No centralized security • Security is maintained individually at each computer through a local user account in a database called Security Account Management (SAM) • Can provide access to resources only on the local computer • No centrally maintained user account database like in the Domain Model • In Workgroup Model, Windows Server 2003 computer is not configured as a domain controller • Windows Server 2003 acts as a stand alone server • There are no dedicated servers in a workgroup - dedicated server only provides services • A workgroup is also known as peer-to-peer network
Domain Model • Domain is a logical grouping of networked computers (servers and clients) with shared resources in a large network • Centralized security • User has only one user account called a domain user account, which is stored in the domain directory database (Active Directory) on a domain controller • Windows Server 2003 configured as a domain controller • Can provide access to Shared resources in the whole domain • A domain user account consists of a logon name and a password, with a unique Security Identifier (SID) and requires a domain name to log on to a domain • If an user changes his or her password, it does not have to be changed on each computer
Windows NT, 2000 and 20003 Domains • Windows NT Domain configuration • Primary Domain Controller (PDC) • Backup Domain Controller (BDC) • Member Servers • Windows NT Workstations • Windows 2000 Domain configuration • Domain Controller (DC) – more than one DCs • Member Servers • Windows 2000 Professionals • Windows Server 2003 Domain configuration • Domain Controller (DC) – more than one DCs • Member Servers • All three domain models can have other clients computers with different operating systems like Windows XP, Windows 2000 Professional, Windows NT Workstations, Windows Me, 98, 95, Unix, Novel Netware, etc.
Windows Server 2003 Domain • A Stand alone server is in a workgroup • A Member server is in a domain (when a Stand alone server becomes a member of the domain by joining the domain, it is known as a Member server – by opening a computer account in the Active Directory on a domain controller • You are required to have minimum of one domain controller per domain, but it is better to have an additional domain controller or many domain controllers in a Domain to provide fault tolerance and load balancing • Fault Tolerance is the ability of a computer or an operating system to respond to a catastrophic event, such as a power outrage or hardware failure, so that no data is lost, and that work in progress is not corrupted • All domain controllers in Active Directory Service are peers (at the same hierarchical level)
Active Directory • Computers that have a copy of this ActiveDirectorydatabase are called domain controllers • Active Directory database contains various types of network objects, like shared folders, printers, user accounts, group accounts, computer accounts, etc. • Each Domain contains one or more domain controllers which stores replica of the domain’s Active Directory database (information about network objects) • Changes made to any domain controller are continually replicated to all other domain controllers in the domain (Multiple Master Replication) • Domain Name Service (DNS) - name resolution component of the TCP/IP networking protocol, which is a default protocol for Windows Server 2003 and Windows 2000 Network
DNS Names • DNS - a hierarchical naming structure used by Internet as well as Corporate Intranet for domain naming (Windows Server 2003 & Windows 2000 networking) • Client computers use DNS server to locate Active Directory domain controllers as well as network objects in A D • At the top of the hierarchy are root-level servers, denoted by a period or dot (.), Below the root-level are the top-level domain servers, denoted by .Com, .Edu, .Org. and so on • Internet uses FQDN -Fully Qualified Domain Name, the naming convention in conjunction with TCPIP • The format for an FQDN is server_name.domain_name.root_domain_name • Computers use IP addresses on a TCP/IP network for communication (Domain Name Server (DNS)) • Users use more friendly NetBIOS computer names (Windows Internet Naming Service (WINS))
Active Directory • Active Directory is the directory service used by Windows Server 2003 and Windows 2000 networking environment • A directory service consists of two parts: • A centralized, hierarchical database that contains information about users and resources on a network • A service that manages the database and enables users of computers on the network to access the database • A directory service is both an administration tool and anend-user tool • Major requirements for Active Directory • Windows Server 2003 – Standard or Enterprise editions • NTFS file system • DNS Server
Active Directory • The key building blocks in the Active Directory hierarchical structure are domains • The first domain controller is called root-domain • Multiple domains are connected by two way trust relationships by default – Transitive trust relationship • Domain Tree - is a hierarchical grouping of one or more domains that must have a single root domain, and may have one or more child domains • Multiple domain trees or different name spaces makes a forest • By having a single user account in a domain, a user can access all the shared resources within the domain as well as other shared network resources in a domain tree or in a forest, where the user does not have a user account
Active Directory • In Active Directory – Every resource in a Windows Server 2003 Environment is called an object • Each object is composed Attributes • It is easy to find a resource by its Attributes or properties • An active directory object (user, computer, printer, file, application, etc.) is a record in the directory defined by a distinct set of attributes • It is easy to find a resource by its Attributes or properties • The attributes hold data describing the subject that is identified by the directory object • A Class is simply a template to define the attributes of an object • Classes are: Computer, Contact, Group, Organizational Unit, Domain, Printer, User, Shared Folder, etc. • An object that can not contain another object, such as a user or computer, is called leaf object
Active Directory • Active directory divides into Organizational Units that contain objects and sub-organizational units • Organizational Units called container objects reside inside a domain • One can delegate authority to an organization unit • Schema - a set of rules that governs the hierarchical structure of the directory and its contents including classes of objects and their attributes • Default Schema is created by installing Active Directory on the first domain controller • Administrator can control user rights, security settings, deploy software on computers, configure operating system, etc. using Group Policy Objects (GPO)
Active Directory • Global Catalog - is a master, searchable index that contains information about objects in a domain tree (a collection of domains that form a hierarchical domain tree) or forest (a collection of domain trees that are part of different hierarchies) • A Global Catalog - is a service as well as a physical storage location that contains a replica of selected attributes of every objects • AGlobal Catalog performs two important functions: • provides group membership information during log on and authentication • helps users to find objects of interest without knowing what domain holds them and without requiring a contiguous extended namespace • By default, Global Catalog is created automatically on the first domain controller when Active directory is installed
Active Directory Users and Computers snap-in Administrative Tool • Active Directory Users and Computers snap-in becomes available on domain controller, when you change a member server role to a domain controller • By default, Active Directory Users and Computers snap-in is not installed on Windows 2003 Member Server, Windows 2000 Professional or XP Workstation computers • By installing ADMINPAK (Adminpak.msi) from Windows Server 20003 CD, Administrator can make Active Directory Users and Computer snap-in available on any of the above computers and can perform administrative work (like creating a user, group or computer accounts, modifying user rights, assigning permissions, etc. on any domain controllers from these remote computers
Architecture of Windows Server 2003 • Two Subsystems: User mode and Kernel mode • All applications run in user mode which cannot access hardware directly, known as less privileged processor mode • The applications make their requests to a set of executive services running in kernel mode • By preventing applications to access hardware directly, Windows 2003 like Windows 2000, has achieved greater stability • If an application running in user mode goes down, it will not bring down the entire system • Kernel mode refers to highly previleged mode of operation, accesses hardware directly through Hardware Abstraction Layer (HAL)
Installation Process • Two distinct phases of Installation • Text mode phase • No floppy start-up installation • Setup prompts for required information for installation • Formats the partition, creates the system root directory structure, builds the registry, detects the hardware and copies Operating System files • Graphical mode phase • prompts for optional components to install and ask for the administrative password • Gathers information about computer • Installs Windows 2003 networking • Complete Setup
Unattended Installation • Answer files – For un-identical computers • Create an answer file that contains information about each computer • Disk Images – For identical computers • A disk image is a bit-for-bit copy of the hard drive in a computer that has the Operating System already installed • Create a distribution folder, Copy the contents of the I386 directory from Windows 2003 Server CD to the distribution folder and share it • Use Remote Installation Services tool to deploy disk images to other computers over the network
Getting Ready for Installation • Lab Manual – Perform Exercise 1-1 • Boot from Windows Server 2003 CD – Installation (step 1) • Select 4 GB partition size – C: drive (step 8) • Select NTFS file system (step 9) • Type your Last Name (step 11) Organization – Seneca (step 11) • Product Key - 25 characters Product Key (step 13) • Licensing Mode - Per Server or Per seat Default Per server – 5 (step 14) • Computer Name - NetBIOS name up to 15 characters long, must be unique, Type your Last Name (step 15)
Getting Ready for Installation • Lab Manual – Perform Exercise 1-1 • Administrator password - Never forget the password for the Administrator account (step 16) • If you forget, you will have to reinstall Windows 2003 Server • Password is case sensitive - Use complex password Minimum 7 Characters (step 16) • Leave default Typical settings option (step 17) • Leave default WORKGROUP (step 19) • Computer restarts automatically and Welcome To Windows dialog box appears
Getting Ready for Installation • Lab Manual – Perform Exercise 1-2 • Log on to Windows Server 2003 as Administrator and close the default box • Select Start, Run, Type dcpromo.exe – enter to install Active Directory on the server to change its role as a domain controller • Type your Last Name.Com for the new domain (step 11) • Verify that the Domain NetBIOS Name reads your Last Name • Select the Install And Configure The DNS Server on This Computer option (step 15) • Accept default permission option (step 16) • Type the same administrative password (step 17) • Click Finish and then click Restarts (step 19 and 20)