Chapter 13: Managing Internet and Network Interoperability

1
Chapter 13Managing Internet and Network
Interoperability
2
Learning Objectives

• Install and configure a Web server and a Media
  Services server
• Install and configure DNS and WINS servers
• Install and configure a DHCP server

3
Learning Objectives (continued)

• Install and configure a terminal server
• Configure a Telnet server
• Install and configure a NetWare gateway

4
Microsoft Internet Information Services

• Internet Information Services (IIS) A Microsoft
  Windows 2000 Server component that provides
  Internet Web, FTP, mail, newsgroup, and other
  services, and that is particularly offered to set
  up a Web server

5
Requirements for Installing a Web Server

• Windows 2000 Server installed
• TCP/IP installed
• Access to an Internet service provider
• Sufficient disk space for IIS-related files
• Disk storage formatted for NTFS (recommended)
• Name resolution software, such as DNS and WINS

6
Installing IIS

• IIS is a Windows component that is installed in
  one of two ways
• From the Control Panel Add/Remove Programs icon
• From the Administrative Tools menu using the
  Configure Your Server tool

7
IIS Components

• Several IIS components can be installed, such as
  Web server, FTP server, NNTP service, and SNMP
  service
• Network News Transfer Protocol (NNTP) A
  TCP/IP-based protocol used by NNTP servers to
  transfer news and informational messages to
  client subscribers who compose newsgroups

8
Internet Information Services Components
Table 13-1 Internet Information Services
Components
9
Internet Information Services Components
(continued)
10
Internet Information Services Components
(continued)
11
Selecting IIS Components for Installation
Figure 13-1 Specifying Internet Information
Services components
12
Troubleshooting Tip

• After the IIS components are installed in Windows
  2000 Server, check all of the services associated
  with those components to make sure they are
  started and set to start automatically

13
Configuring IIS

• Use the Configure Your Server tool (in the
  Administrative Tools menu) to further configure
  IIS services, such as creating a virtual directory

14
Configuring IIS
Figure 13-2 Configuring an IIS Web server
15
Virtual Directory

• Virtual directory A URL formatted address that
  provides an Internet location (virtual location)
  for an actual physical folder on a Web server
  that is used to publish Web documents

16
Virtual Directory Security and Properties
Settings

• When you create a virtual directory on a Web
  server, be sure to configure the appropriate
  security and other properties of the directory

17
Virtual Directory Security Options
Table 13-2 Virtual Directory Security Options
18
Virtual Directory Properties Tabs
Table 13-2 Virtual Directory Security Options
19
Configuring Virtual Directory Properties
Figure 13-3 A virtual directorys properties
20
Managing an IIS Web Server

• An IIS Web server is managed using the Internet
  Services Manager (also called the Internet
  Information Services tool) which is started from
  the Administrative Tools menu or as an MMC snap-in

21
Elements Managed through the Internet Services
Manager

• The Internet Services Manager enables you to
  manage these elements
• Default Web site
• Administration Web site
• FTP site
• SMTP virtual server
• NNTP virtual server

22
Using the Internet Services Manager
Figure 13-4 Managing a Web site
23
Default Web Site Properties

• When a Web site is implemented, configure the
  Default Web site properties such as security, the
  home directory, managers of the Web site, and
  performance options

24
Default Web Site Properties Tabs
25
Default Web Site Properties Tabs (continued)
26
Configuring a Web Site
Figure 13-5 Configuring Web site properties
27
Setting Web Site Security

• In the Web site properties, click the Directory
  Security tab to configure the following
  authentication options
• Basic authentication (password is sent in clear
  text) For clients who cannot use an encrypted
  password
• Digest authentication For hashed security
• Integrated Windows authentication For a secret
  code security determined by a cryptographic
  formula

28
Configuring IP Security Access for Intranets/VPNs

• You can control access to a Web server by
  restricting it using any combination of the
  following
• IP addresses
• subnets
• domains

29
Configuring IP Address Restrictions
Figure 13-6 Configuring restricted IP access
30
Troubleshooting IIS
Table 13-5 Troubleshooting IIS
31
Troubleshooting IIS (continued)
32
Troubleshooting IIS (continued)
33
Troubleshooting IIS (continued)
34
Troubleshooting IIS (continued)
35
Troubleshooting IIS (continued)
36
Windows Media Services

• Install Windows media services to offer voice and
  video multimedia services on a Web site, to
  enable the streaming mode, and to take advantage
  of multicasting
• Streaming Playing a multimedia audio, video, or
  combined file received over a network before the
  entire file is received at the client

37
Configuring WindowsMedia Services

• Use the Windows Media Services Administrator
  accessed from the Administrative Tools menu to
  configure Windows Media Services

38
Using the Windows Media Server Administrator
Figure 13-7 Windows Media Server Administrator
39
Microsoft DNS Server

• DNS server A Microsoft service that resolves
  computer names to IP addresses, such as resolving
  the computer name Brown to IP address
  129.77.1.10, and that resolves IP addresses to
  computer names

40
Design Note

• When you install Active Directory, you must have
  at least one DNS server
• A DNS server is also needed for an IIS server

41
Installing DNS Server

• Install DNS as a Windows component from the
  Control Panel Add/Remove Programs icon
• Double-click Networking Services in the Windows
  Components dialog box and select Domain Name
  System (DNS)

42
Selecting DNS
Figure 13-8 Installing Microsoft DNS
43
Design Tip

• Assign a static IP address to DNS servers
• On medium and large sized networks, configure at
  least two DNS servers on the same or different
  networks in case one fails

44
Configuring DNS

• Configure a forward and reverse lookup zone in
  the DNS server
• Forward lookup zone A DNS server zone or table
  that maps computer names to IP addresses
• Reverse lookup zone A DNS server zone or table
  that maps IP addresses to computer names
• Zones are created and managed by using the DNS
  tool in the Administrative Tools menu

45
Viewing a Forward Lookup Zone
Figure 13-9 DNS Forward lookup zone
46
Creating a Reverse Lookup Zone
Figure 13-10 Creating a reverse lookup zone
47
Subnets

• Folders can be created in a reverse lookup zone
  to reflect subnets

48
Reverse Lookup Zone Subnet Folders
Figure 13-11 Reverse lookup zone subfolders for
subnets
49
Forward Lookup Zone Records

• A forward lookup zone typically contains a host
  address (A) resource record
• Host address (A) resource record A record in a
  DNS forward lookup zone that consists of a
  computer name correlated to an IP version 4
  address

50
Configuring a Host Address (A) Resource Record
Figure 13-12 Creating a host address (A)
resource record
51
Reverse Lookup Zone Records

• A reverse lookup zone typically contains a
  pointer (PTR) resource record
• Pointer (PTR) resource record A record in a DNS
  reverse lookup zone that consists of an IP
  (version 4 or 6) address correlated to a computer
  name

52
Creating a PTR record
Figure 13-13 Creating a PTR record
53
Troubleshooting DNS

• If DNS is not working, make sure that the DNS
  Server and DNS Client services are started and
  set to start automatically

54
Using Microsoft WINS

• Install and use Microsoft WINS to resolve NetBIOS
  computer names
• WINS is installed as a Windows component via the
  Control Panel Add/Remove Programs tool
• WINS is a subcomponent of the Networking Services
  Windows component

55
DHCP

• Install Microsoft DHCP to implement dynamic IP
  addressing on a network
• DHCP is installed as a Windows component from the
  Control Panel Add/Remove Programs icon
• Double-click Networking Services in the Windows
  Components dialog box and select Dynamic Host
  Configuration Protocol (DHCP)

56
Scope

• Configure one or more scopes after DHCP is
  installed
• Scope A range of IP addresses that a DHCP server
  can assign to clients
• Create scopes and manage DHCP by using the DHCP
  management tool from the Administrative Tools
  menu or as an MMC snap-in

57
Specifying a Scope
Figure 13-14 Creating a scope
58
Authorizing a DHCP Server

• Authorize a DHCP Server in the Active Directory
  via the DHCP management tool
• Right-click the server in the tree
• Click Authorize

59
Configure the DHCP Server to Update DNS Records

• Configure the DHCP server so that it
  automatically registers new IP address in the DNS
  server (so you dont have to)
• To configure the DHCP server
• Open the DHCP management tool
• Right-click the DHCP server and click Properties
• Click the DNS tab

60
Configuring DNS Updating
Figure 13-15 Configuring automatic DNS
registration
61
Troubleshooting a DHCP Server
62
Troubleshooting a DHCP Server (continued)
63
Troubleshooting a DHCP Server (continued)
64
Troubleshooting a DHCP Server (continued)
65
Terminal Server Defined

• Terminal server A server configured to offer
  terminal services so that clients can run
  applications on the server, similar to having
  clients respond as terminals

66
Reasons for Using a Terminal Server

• To support thin clients
• To centralize program access
• To remotely administer Windows 2000 Server

67
Thin Client Defined

• Thin client A specialized personal computer or
  terminal device that has a minimal Windows-based
  operating system. A thin client is designed to
  connect to a host computer that does most or all
  of the processing. The thin client is mainly
  responsible for providing a graphical user
  interface and network connectivity.

68
Other Terminal Services Clients

• Windows 2000 terminal services supports operating
  systems other than thin clients such as
• MS-DOS
• Windows 3.x
• Windows 95/98
• Windows NT and Windows 2000
• UNIX and X-terminals
• Macintosh

69
Design Tip

• If you plan to have many clients running multiple
  sessions on a terminal server, use a server
  computer that has a fast CPU and ample RAM

70
Terminal Services Components
71
Installing Terminal Services

• Terminal Services is a Windows component that is
  installed using the Control Panel Add/Remove
  Programs tool
• Install both the Terminal Services and Terminal
  Services Licensing components

72
Terminal Services Modes

• When you install terminal services, select either
  the Remote administration mode (to remotely
  administer a server) or the Application server
  mode (for clients to run software on the server)

73
Selecting the Mode
Figure 13-16 Selecting the function of a
terminal server
74
Terminal Services Management Tools
Table 13-8 Terminal Services Management Tools
75
Terminal Services Components

• Configure the Terminal Services properties such
  as permission security, client connection
  settings, session timeout settings, and others

76
Terminal Services Components
Table 13-9 Terminal Services Components
77
Terminal Services Components (continued)
78
Configuring Terminal Services Components
Figure 13-17 Terminal service connection
properties
79
Terminal Services Permissions

• The allow and deny permissions associated with
  terminal services are
• Full Control For access that includes query, set
  information, reset server, remote control, logon,
  logoff, message, connect, disconnect, and virtual
  channel use
• User Access Enables access to query, connect,
  and send messages
• Guest Access Enables access to logon

80
Terminal Services Encryption Options

• The terminal services encryption options are
• Low Data sent from the client to the server is
  encrypted
• Medium Data sent from the client to the server
  and from the server to the client is encrypted
  using the default server encryption
• High Data sent from the client to the server and
  from the server to the client is encrypted using
  the highest encryption level at the server

81
Creating a Terminal Services Client Installation
Disk

• Use the Terminal Services Client Creator tool
  (from the Administrative Tools menu) to create a
  client installation disk

82
Configuring a Client Installation Disk
Figure 13-18 Creating a terminal services
installation disk
83
Installing Applications for Terminal Services

• After installing and configuring Terminal
  Services, use the Control Panel Add/Remove
  Programs tool to install software applications
  that clients will access (and reinstall
  applications that were installed before Terminal
  Services)

84
Planning Tip

• Avoid running 16-bit programs through Terminal
  Services, because these create extra server
  overhead reducing the number of connections by
  60 percent and increasing demands on RAM by 50
  percent

85
Monitoring Terminal Services

• Use the Terminal Services Manager (on the
  Administrative Tools menu) to monitor connection
  sessions, including
• Viewing a sessions status
• Connecting to view a session
• Logging off a user or resetting a session
• Sending a message
• Ending a process
• Controlling a session remotely

86
Troubleshooting a Terminal Server
Table 13-10 Troubleshooting a Terminal Server
87
Troubleshooting a Terminal Server (continued)
88
Troubleshooting a Terminal Server (continued)
89
Troubleshooting a Terminal Server (continued)
90
Telnet Server

• Another way for clients to access the resources
  on a Windows 2000 server is to configure it as a
  Telnet server
• Telnet is TCP/IP-based and enables a computer to
  be set up as a network host to clients

91
Configuring Telnet Server

• To configure a Telnet server
• Use the Computer Management or Services tool to
  start the Telnet Server service
• An alternative method is to open the Command
  Prompt window and enter net start tlntsvr

92
Gateway Service for NetWare

• Gateway Service for NetWare (GSNW) A service
  included with Windows NT and Windows 2000 Server
  that provides connectivity to NetWare resources
  for Windows NT and Windows 2000 servers and their
  clients with the Windows NT/2000 server acting as
  a gateway

93
Installing and Configuring Gateway Service for
NetWare

• Install the Gateway Service for NetWare using the
  Network and Dial-up Connections tool
• Use the GSNW icon on the Control Panel to
  configure Gateway Service for NetWare
• Use the Add Printers tool to connect to NetWare
  print queues through the gateway

94
Chapter Summary

• A Windows 2000 Server can become a Web server by
  installing IIS
• Install DNS and WINS to resolve computer names
  and IP addresses
• Install DHCP to enable a Windows 2000 server to
  automatically assign IP addresses to clients

95
Chapter Summary

• Terminal services enable thin clients and other
  client operating systems to access Windows 2000
  Server and run applications on the server
• Terminal services are also used to enable an
  administrator to remotely manage a server

96
Chapter Summary

• Use Telnet server for basic TCP/IP client access
• Gateway Services for NetWare enables Windows 2000
  Server clients to access NetWare servers