Windows Server 2003 Networking Environment Administration Managing

1
Windows Server 2003 Networking
EnvironmentAdministrationManaging Maintenance

• Instructor Kishore Patel

2
Windows Server 2003 Operating System Family

• Windows 2003 Server Web Edition
• Windows 2003 Server Standard Edition
• Windows 2003 Server Enterprise Edition
• Windows 2003 Server Datacenter Edition
• All four Server operating systems available in
• 32-bits (Intel platform), and share many common
  features and utilities.
• Enterprise and Datacenter Editions are also
  available in 64-bits (Itanium platform)

3
Minimum and Recommended Hardware Requirements

• Requirements Web Standard Edition Editio
  n
• Minimum CPU Speed 133 MHz 133 MHz
• Recommended CPU Speed 550 MHZ 550 MHz
• Minimum RAM 128 MB 128 MB
• Recommended Mini. RAM 256 MB 256 MB
• Maximum RAM 2GB 4GB
• Multiprocessors Support Up to 2 Up to 4
• Minimum Disk Space 1.5 GB 1.5 GB
• Recommended Disk Space 2.5 GB 2.5 GB

4
Minimum Recommended Hardware Requirements

• Requirements Enterprise Datacenter Edition
  Edition
• Minimum CPU Speed 133 MHz for 400
  MHz for
• 32-bits x86 Intel 32-bits x86
  Intel
• 733 MHz for 733 MHz for
• 64-bits Itanium 64-bits
  Itanium
• Recommended CPU Speed 733 MHZ 733 MHz
• Minimum RAM 128 MB 512 MB
• Recommended Mini. RAM 256 MB 1 GB
• Maximum RAM 32GB 64GB
• Multiprocessors Support Up to 8 Up to 32
• Minimum Disk Space 1.5 GB 1.5 GB
• Recommended Disk Space 2.5 GB 2.5 GB

5
Windows Server 2003 Web Edition

• Enables to deploy Web sites, Web applications and
  Web services
• Can not function as a Domain Controller, but can
  be a member of Active Directory Domain
• Supports unlimited number of Web connections, but
  limited to only 10 simultaneous Server Message
  Block (SMB) connections internal network users
• Can not function as an Internet gateway
• Can not function as a Dynamic Host Configuration
  Protocol (DHCP) server, Fax server, Microsoft SQL
  server, or Terminal server
• Includes Internet Information Services (IIS 6)
  and Network Load Balancing (NLB)

6
Windows Server 2003 Standard Edition

• Can function as a Member Server or a Domain
  Controller, with full Active Directory support
• Includes Internet Information Services (IIS 6),
  which provides Web and FTP services
• Includes DHCP Server, Domain Name System (DNS)
  Server, and Windows Internet Name Service (WINS)
  Server
• Can function as a TCP/IP router in Local Area
  Network (LAN), Wide Area Network (WAN), including
  Internet access and Remote access routing with
  Routing and Remote Access Service (RRAS), also as
  a Terminal Server, which enables clients to
  access Windows desktop sessions including
  applications on the server
• Includes Encrypted File System (EFS), IP Security
  extensions and Public Key Infrastructure (PKI)

7
Windows Server 2003 Enterprise Edition

• Additional features not supplied with the
  Standard Edition are available here
• Includes Microsoft Metadirectory Services (MMS),
  which integrates multiple information sources
  into a single unified directory combining
  Active Directory Services with other directory
  services
• Server Clustering distributes application
  processing among many servers, reducing the load
  on each computer and also provides fault
  tolerance if any of the server fails
• Hot Add Memory allows administrators to add or
  remove memory in the computer without turning it
  off or restarting
• Datacenter Edition is a high-end, high-traffic
  application server and provides greater hardware
  scalability than Enterprise Edition

8
Workgroup Model

• There are two types of Networking Model used by
  Windows NT, Windows 2000 and Windows Server 20003
  Operating Systems
• Workgroup Model
• Domain Model
• Work Group Model
• Logical grouping of networked computers with
  shared resources in a small network, well suited
  for less than 10 computers
• each user administers its own computer
• user must have a user account on each and every
  computer in the network

9
Workgroup Model

• If an user changes his or her password, it has to
  be changed on each computer
• No centralized security
• Security is maintained individually at each
  computer through a local user account in a
  database called Security Account Management (SAM)
  
• Can provide access to resources only on the local
  computer
• No centrally maintained user account database
  like in the Domain Model
• In Workgroup Model, Windows Server 2003 computer
  is not configured as a domain controller
• Windows Server 2003 acts as a stand alone server
• There are no dedicated servers in a workgroup -
  dedicated server only provides services
• A workgroup is also known as peer-to-peer network

10
Domain Model

• Domain is a logical grouping of networked
  computers (servers and clients) with shared
  resources in a large network
• Centralized security
• User has only one user account called a domain
  user account, which is stored in the domain
  directory database (Active Directory) on a domain
  controller
• Windows Server 2003 configured as a domain
  controller
• Can provide access to Shared resources in the
  whole domain
• A domain user account consists of a logon name
  and a password, with a unique Security Identifier
  (SID) and requires a domain name to log on to a
  domain
• If an user changes his or her password, it does
  not have to be changed on each computer

11
Windows NT, 2000 and 20003 Domains

• Windows NT Domain configuration
• Primary Domain Controller (PDC)
• Backup Domain Controller (BDC)
• Member Servers
• Windows NT Workstations
• Windows 2000 Domain configuration
• Domain Controller (DC) more than one DCs
• Member Servers
• Windows 2000 Professionals
• Windows Server 2003 Domain configuration
• Domain Controller (DC) more than one DCs
• Member Servers
• All three domain models can have other clients
  computers with different operating systems like
  Windows XP, Windows 2000 Professional, Windows NT
  Workstations, Windows Me, 98, 95, Unix, Novel
  Netware, etc.

12
Windows Server 2003 Domain

• A Stand alone server is in a workgroup
• A Member server is in a domain (when a Stand
  alone server becomes a member of the domain by
  joining the domain, it is known as a Member
  server by opening a computer account in the
  Active Directory on a domain controller
• You are required to have minimum of one domain
  controller per domain, but it is better to have
  an additional domain controller or many domain
  controllers in a Domain to provide fault
  tolerance and load balancing
• Fault Tolerance is the ability of a computer or
  an operating system to respond to a catastrophic
  event, such as a power outrage or hardware
  failure, so that no data is lost, and that work
  in progress is not corrupted
• All domain controllers in Active Directory
  Service are peers (at the same hierarchical level)

13
Active Directory

• Computers that have a copy of this Active
  Directory database are called domain controllers
• Active Directory database contains various types
  of network objects, like shared folders,
  printers, user accounts, group accounts, computer
  accounts, etc.
• Each Domain contains one or more domain
  controllers which stores replica of the domains
  Active Directory database (information about
  network objects)
• Changes made to any domain controller are
  continually replicated to all other domain
  controllers in the domain (Multiple Master
  Replication)
• Domain Name Service (DNS) - name resolution
  component of the TCP/IP networking protocol,
  which is a default protocol for Windows Server
  2003 and Windows 2000 Network

14
DNS Names

• DNS - a hierarchical naming structure used by
  Internet as well as Corporate Intranet for domain
  naming (Windows Server 2003 Windows 2000
  networking)
• Client computers use DNS server to locate Active
  Directory domain controllers as well as network
  objects in A D
• At the top of the hierarchy are root-level
  servers, denoted by a period or dot (.), Below
  the root-level are the top-level domain servers,
  denoted by .Com, .Edu, .Org. and so on
• Internet uses FQDN - Fully Qualified Domain Name,
  the naming convention in conjunction with TCPIP
• The format for an FQDN is server_name.domain_name.
  root_domain_name
• Computers use IP addresses on a TCP/IP network
  for communication (Domain Name Server (DNS))
• Users use more friendly NetBIOS computer names
  (Windows Internet Naming Service (WINS))

15
Active Directory

• Active Directory is the directory service used by
  Windows Server 2003 and Windows 2000 networking
  environment
• A directory service consists of two parts
• A centralized, hierarchical database that
  contains information about users and resources on
  a network
• A service that manages the database and enables
  users of computers on the network to access the
  database
• A directory service is both an administration
  tool and
• an end-user tool
• Major requirements for Active Directory
• Windows Server 2003 Standard or Enterprise
  editions
• NTFS file system
• DNS Server

16
Active Directory

• The key building blocks in the Active Directory
  hierarchical structure are domains
• The first domain controller is called root-domain
• Multiple domains are connected by two way trust
  relationships by default Transitive trust
  relationship
• Domain Tree - is a hierarchical grouping of one
  or more domains that must have a single root
  domain, and may have one or more child domains
• Multiple domain trees or different name spaces
  makes a forest
• By having a single user account in a domain, a
  user can access all the shared resources within
  the domain as well as other shared network
  resources in a domain tree or in a forest, where
  the user does not have a user account

17
Active Directory

• In Active Directory Every resource in a Windows
  Server 2003 Environment is called an object
• Each object is composed Attributes
• It is easy to find a resource by its Attributes
  or properties
• An active directory object (user, computer,
  printer, file, application, etc.) is a record in
  the directory defined by a distinct set of
  attributes
• It is easy to find a resource by its Attributes
  or properties
• The attributes hold data describing the subject
  that is identified by the directory object
• A Class is simply a template to define the
  attributes of an object
• Classes are Computer, Contact, Group,
  Organizational Unit, Domain, Printer, User,
  Shared Folder, etc.
• An object that can not contain another object,
  such as a user or computer, is called leaf object

18
Active Directory

• Active directory divides into Organizational
  Units that contain objects and sub-organizational
  units
• Organizational Units called container objects
  reside inside a domain
• One can delegate authority to an organization
  unit
• Schema - a set of rules that governs the
  hierarchical structure of the directory and its
  contents including classes of objects and their
  attributes
• Default Schema is created by installing Active
  Directory on the first domain controller
• Administrator can control user rights, security
  settings, deploy software on computers, configure
  operating system, etc. using Group Policy Objects
  (GPO)

19
Active Directory

• Global Catalog - is a master, searchable index
  that contains information about objects in a
  domain tree (a collection of domains that form a
  hierarchical domain tree) or forest (a collection
  of domain trees that are part of different
  hierarchies)
• A Global Catalog - is a service as well as a
  physical storage location that contains a replica
  of selected attributes of every objects
• A Global Catalog performs two important
  functions
• provides group membership information during log
  on and authentication
• helps users to find objects of interest without
  knowing what domain holds them and without
  requiring a contiguous extended namespace
• By default, Global Catalog is created
  automatically on the first domain controller when
  Active directory is installed

20
Active Directory Users and Computers snap-in
Administrative Tool

• Active Directory Users and Computers snap-in
  becomes available on domain controller, when you
  change a member server role to a domain
  controller
• By default, Active Directory Users and Computers
  snap-in is not installed on Windows 2003 Member
  Server, Windows 2000 Professional or XP
  Workstation computers
• By installing ADMINPAK (Adminpak.msi) from
  Windows Server 20003 CD, Administrator can make
  Active Directory Users and Computer snap-in
  available on any of the above computers and can
  perform administrative work (like creating a
  user, group or computer accounts, modifying user
  rights, assigning permissions, etc. on any domain
  controllers from these remote computers

21
Architecture of Windows Server 2003

• Two Subsystems User mode and Kernel mode
• All applications run in user mode which cannot
  access hardware directly, known as less
  privileged processor mode
• The applications make their requests to a set of
  executive services running in kernel mode
• By preventing applications to access hardware
  directly, Windows 2003 like Windows 2000, has
  achieved greater stability
• If an application running in user mode goes down,
  it will not bring down the entire system
• Kernel mode refers to highly previleged mode of
  operation, accesses hardware directly through
  Hardware Abstraction Layer (HAL)

22
Installation Process

• Two distinct phases of Installation
• Text mode phase
• No floppy start-up installation
• Setup prompts for required information for
  installation
• Formats the partition, creates the system root
  directory structure, builds the registry, detects
  the hardware and copies Operating System files
• Graphical mode phase
• prompts for optional components to install and
  ask for the administrative password
• Gathers information about computer
• Installs Windows 2003 networking
• Complete Setup

23
Unattended Installation

• Answer files For un-identical computers
• Create an answer file that contains information
  about each computer
• Disk Images For identical computers
• A disk image is a bit-for-bit copy of the hard
  drive in a computer that has the Operating System
  already installed
• Create a distribution folder, Copy the contents
  of the I386 directory from Windows 2003 Server CD
  to the distribution folder and share it
• Use Remote Installation Services tool to deploy
  disk images to other computers over the network

24
Getting Ready for Installation

• Lab Manual Perform Exercise 1-1
• Boot from Windows Server 2003 CD Installation
  (step 1)
• Select 4 GB partition size C drive (step 8)
• Select NTFS file system (step 9)
• Type your Last Name (step 11)
  Organization Seneca (step 11)
• Product Key - 25 characters Product Key (step 13)
• Licensing Mode - Per Server or Per seat
  Default Per server 5 (step 14)
• Computer Name - NetBIOS name up to 15 characters
  long, must be unique, Type your Last Name (step
  15)

25
Getting Ready for Installation

• Lab Manual Perform Exercise 1-1
• Administrator password - Never forget the
  password for the Administrator account (step 16)
• If you forget, you will have to reinstall Windows
  2003 Server
• Password is case sensitive - Use complex password
  
• Minimum 7 Characters (step 16)
• Leave default Typical settings option (step 17)
• Leave default WORKGROUP (step 19)
• Computer restarts automatically and Welcome To
  Windows dialog box appears

26
Getting Ready for Installation

• Lab Manual Perform Exercise 1-2
• Log on to Windows Server 2003 as Administrator
  and close the default box
• Select Start, Run, Type dcpromo.exe enter to
  install Active Directory on the server to change
  its role as a domain controller
• Type your Last Name.Com for the new domain
  (step 11)
• Verify that the Domain NetBIOS Name reads your
  Last Name
• Select the Install And Configure The DNS Server
  on This Computer option (step 15)
• Accept default permission option (step 16)
• Type the same administrative password (step 17)
  
• Click Finish and then click Restarts (step 19 and
  20)