580 likes | 1.18k Views
Ch. 10 – Server Administration. MIS 431 – created Spring 2006. Overview of Server Administration. Distinguish between various tools and methods to manage WS03 Configure Terminal Services and Remote Desktop for administration Delegate administrative authority in AD
E N D
Ch. 10 – Server Administration MIS 431 – created Spring 2006 Chapter 10 Server Administration
Overview of Server Administration • Distinguish between various tools and methods to manage WS03 • Configure Terminal Services and Remote Desktop for administration • Delegate administrative authority in AD • Install and configure MS Software Update Services • Tough call: deciding what level of access different users should have in AD Chapter 10 Server Administration
WS03 Management Tools • Microsoft Management Console • Customizable management framework that can host a number of different mgt tools • Can add more snap-in tools to a MMC • Ex: add tools to manage DNS and DHCP servers • Save as custom MMC for use by authorized administrators – saved as a Management Saved Console file with .msc extension • Enables you to manage both local and remote computers • All the provided MMCs are pre-built with the relevant snap-ins already added. Cool! Chapter 10 Server Administration
More WS03 Mgt Tools • It’s useful to have two logon accounts • One is for administrative tasks • The other is for normal user activities and used for non-administrative tasks • Secondary logon feature –lets you log in as your regular account but still have access to administrative tools with your admin account • Activity 10-5: using secondary logon feature • Start|Administrative Tools • Rt-click Event Viewer and choose Run as • Provide the alternate (admin) user information for that one task • Activity 10-6: use secondary logon from command line Chapter 10 Server Administration
Networking Troubleshooting • Just in the rare case you have trouble…. • A troubleshooting process • Define the problem • Gather detailed information about what has changed • Devise a plan to solve the problem • Implement the plan and observe the results • Document all changes and results Chapter 10 Server Administration
Troubleshooting details… • Define the problem • Usually have a cryptic error message: ask user questions • what is the exact problem? (digital cam of screen) • how long have you had this problem? • Try to recreate the problem in the test lab so that you can attempt various solutions • WS03 can help identify specific error messages: NET HELPMSG number will retrieve addl information for that error number Chapter 10 Server Administration
Troubleshooting details… • Gather detailed info about what has changed • What has changed recently that might have caused the problem? • New HW components installed? • New hardware drivers? (e.g., that “flash”) • Who has access to the computer that might have changed certain settings? • Any SW or service patches installed recently? Chapter 10 Server Administration
Troubleshooting details… • Devise a plan to solve the problem • BEFORE YOU START, have a rollback strategy in case the fix doesn’t work • Don’t break it worse with your fix! • Consider… • Interruptions to the network (e.g., restart server) • Possible changes to network security policy • Need to document ALL CHANGES and troubleshooting steps (use a notebook next to server) • It ALWAYS helps to have a buddy to talk your plan over with – “structured walkthrough” can find flaws Chapter 10 Server Administration
Troubleshooting details… • Implement the plan and observe the results • Once plan is devised, notify users on the network if availability will be interrupted • Can do this to logged on users or send a group message to all users with accounts on that device • Find a good time to do the fix. THERE ARE NO GOOD TIMES IN MANY NETWORKS! • Don’t make too many changes at one time – difficult to see what worked and harder to roll back if unsuccessful • If it didn’t work, restart troubleshooting process Chapter 10 Server Administration
Troubleshooting details… • Document all changes and results • Document all troubleshooting steps and configuration changes to keep track of what has changed on the network • If the problem occurs again, the documentation helps explain the possible cause and lets it be fixed sooner Chapter 10 Server Administration
Terminal Services and Remote Desktop for Administration • Terminal Services – thin client (actually a version of Winframe’s Citrix product) • Terminal emulator that does “remote control” sending mouse clicks and keyboard to remote side, and displaying the screen of the remote end on (your) local end • TS must be installed separately and requires a valid user client license • Technically for applications running on server rather than administration • Install: Add or Remove Programs in Control Panel and then click Add/Remove Windows Components button Chapter 10 Server Administration
Terminal Services Administration • Terminal Services Manager – monitor and control client access to one or more terminal servers • Terminal Services Configuration – configure Terminal Server settings and connections • Terminal Services Licensing – stores and tracks Terminal Services client accesslicenses Chapter 10 Server Administration
Configure Remote Connection Settings • Multiple users may connect at same time if CALs are sufficient • Terminal connection property tabs (Table 10-2) • General • Logon Settings • Sessions • Environment • Remote Control • Client Settings • Network Adapter • Permissions Chapter 10 Server Administration
Terminal Services Client SW • WS00 Terminal Service client: to install on a client (or a server) computer (~2 floppies) • TS client files are installed on the WS03 server when TS is installed on the server • Several operating systems available: 95, 08, NT 4.0, 2000 • Not necessary on Windows XP or WS03 because that client software is pre-installed • In %Systemroot%\systen32\clients\tsclient\win32 folder • Can share this folder and initiate the installation process over the network Chapter 10 Server Administration
More Remote Administration • Remote Desktop for Administration • Used to do remote server administration • Installed as part of WS03 but turned off by default • Go to Control Panel and open System • On Remote tab click “allow users to connect remotely to this computer” and save it • But must enable each user to do remote connection in AD Users & Computers (or put into the Remote Desktop Users group – preconfigured) • If you install Terminal Services on the server then RDA is grayed out but it works (like in our classroom) Chapter 10 Server Administration
Delegate Administrative Authority • Administrators can view everything (but you can make changes that keep YOU from viewing) • Can delegate authority to view/change AD to non-administrators based on the container, the object, and the group • Ex: HR dept can view address information of employees • Basically, be very careful who and what you permit! Chapter 10 Server Administration
Software Update Service – nice! • Methods to update systems with current patches • Manual download and installation • Installation using a script, such as login script • Automated deployment using applications like MS Systems Management Server (SMS) • Installation using MS Windows Update • Push method of Windows Automatic Updates Chapter 10 Server Administration
Install Software Update Services (SUS) • This is server-side software to let admins deploy security patches and hot fixes • Provides more granular control than previous • Two main elements – client and server • Server side runs on WS00 or WS03 • Client side is an updated version of the Windows Automatic Updates tool • Don’t need a huge server to fulfill this role but lots of disk space is a plus Chapter 10 Server Administration
How SUS Works • Small networks: admin can choose which updates and decide which clients get them • Enterprise level: Chapter 10 Server Administration