Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Windows server

Download as PPTX, PDF
Hideo Amezawa
Hideo Amezawa

This document summarizes the server configuration and Active Directory setup at a school. It describes the primary and secondary ESXi servers that run domain controllers, file servers, backup servers, and terminal servers. It explains how the domain controllers manage computers and users across different domains, including the staff1, student1, and root ocaat1 domains. It provides instructions for adding user accounts, setting up group policies, configuring the DHCP and DNS servers, and establishing file sharing permissions.

1 of 22
Windows Server Hideo
Server configuration 2
Server configuration(Windows) • VMware ESXi Server (Primary/Secondary) - Domain controller (ocaat1) … DHCP/DNS Server - Domain controller (staff1) … DNS Server - Domain controller (student1) … DNS Server • File Server (for staff/student) • Backup Server • WSUS Server • Terminal Server 1/2 Active Directory 3
Domain controller & Active Directory •Domain: A mechanism for managing computers and users in a company as a whole •Domain controller: a server that provides domain functionality •Active Directory: Name of function group (brand name) provided by Microsoft centered on domain function 4
staff1 domain staffdc01 (Domain Controller) studentdc01 (Domain Controller) student1 domain ocaat1 domain (root domain) ocaatdc01 (Parent Domain Controller) Active Directory Diagram 5
About Organization Unit (OU) Organization Unit : Something like a folder to store various objects of Active Directory Our staff domain controller has three OUs as below. Start -> Active Directory Users and Computers - OCAAT GROUPS - OCAAT ACCADEMIC OU - OCAAT NON-ACCADEMIC OU 6
How to add user account 1 Action menu -> New -> User • Type First name & Last name: John Brown • Type User logon name: jbrown • Click Next • Type Password: ****** • Click Finish 7
How to add user account 2 Open Properties Profile tab: • (User profile) Logon script: WKIX32.exe loginscript.kix • (Home folder) Connect: O: To: NX3000STAFFMANAGEMENT_HOME$jbrown Member of tab: • Click Add • Type object name: ICT SUPPORT • Click OK -> Click OK again 8
about logon script 1 • A series of instructions the client machine follows each time the user log on. • Describe the processing to be executed at logon. <Folder> C:WindowsSYSVOLsysvoldomain-namescripts <File> loginscript.kix 9
about logon script 2 if ingroup("ICT SUPPORT") ; INFORMATION TECHNOLOGY SUPPORT shell 'net use O: "nx3000staff.staff1.XXXXX.ac.bwMANAGEMENT_HOME$%username%"' shell 'net use P: "nx3000staff.staff1.XXXXX.ac.bwSTAFF_SHARE$"' shell 'net use R: "nx3000staff.staff1.XXXXX.ac.bwICT SUPPORT$"' endif (explain) If group is “ICT SUPPORT”, execute below command line. net use command: Map shared folder to local drive nx3000staff: Staff File Server 10
How to add user account 3 Make personal share folder • login File Server (nx3000staff) - Open Explorer - Folder: D:STAFFSTAFF HOME DIRECTORYMANAGEMENT_HOME - File: jbrown 11
File Server •File server is a server installed for sharing files over a network such as LAN or WAN. 12
Make share folder •Login File Server •Right-click folder -> Click Properties •Select Sharing tab -> Advanced Sharing •Check “Share this folder” •Click Permissions -> Add Share Permission Group •Access FileServer 13
Group Policy 1 • Group Policy is a hierarchical infrastructure that allows a network administrator in charge of Microsoft's Active Directory to implement specific configurations for users and computers. • Group Policy can also be used to define user, security and networking policies at the machine level. 14
Group Policy 2 •Start “Group Policy Management” •Expand “Forest: ocaat1.ce.ac.bw” •Expand “Domains” •Expand “staff1.ocaat1.ce.ac.bw” •Click OCAAT Group Policy •Click Settings tab 15
Group Policy 3 (for example) •Minimum password length : 6 •proxy settings : 10.XX.29.6 3128 •Schedule : At 11:00 PM every Friday of every week. c:Windowssystem32shutdown.exe /f /s /t 600 •Home page: http://www.ocaat1.ce.ac.bw/ 16
DHCP Server 1 •DHCP (Dynamic Host Configuration Protocol) is a function to select an unused IP address and dynamically allocate it to clients. 17
DHCP Server 2 •Start -> DHCP •We have four Scope - 10.XX.24.0/22 (Students) - 10.XX.29.0/25 (Default) - 10.X.29.128/25 (Miscellaneous) *not use - 10.XX.30.0/23 (Staff) 18
DHCP Server 3 Address Pool: Available IP address range Address Leases: Address Lease Status Reservations: IP address can be reserved Scope Options: Configuration Router/IP PHONE 19
DNS Server 1 •The Domain Name System (DNS) is a hierarchical decentralized naming system for computers or other resources connected to the Internet or a private network. •It serves as the phone book for the Internet by translating human-friendly computer hostnames into IP addresses. •For example, the domain name www.google.co.bw translates to the addresses 216.58.223.3. 20
DNS Server 2 The description format that combines host name and domain name like "www.google.co.bw" is called Fully Qualified Domain Name (FQDN). www. google. co. bw Host name Domain name Top Level Domain (bw,jp,com,etc) Second Level Domain (co,ac,go,etc) Third Level Domain (company name and organization, etc) Forth Level Domain (hostname) 21
DNS Server 3 bw / co jp ac google www <Name resolution flow> (exsample: www.google.co.bw) 1. Ask ocaat1’s DNS Server 2. If ocaat1’s DNS Server don’t know, ask /(root) DNS Server. 3. /(root) domain DNS server queries bw domain. 4. Bw domain DNS Server queries co domain. 5. Co domain DNS Server queries google domain. 6. Google DNS server will answer IP address. ce ocaat1 terminal proxy 1 2 3 4 5 www = 216.58.225.3 6 22

More Related Content

Windows server

  • 3. Server configuration(Windows) • VMware ESXi Server (Primary/Secondary) - Domain controller (ocaat1) … DHCP/DNS Server - Domain controller (staff1) … DNS Server - Domain controller (student1) … DNS Server • File Server (for staff/student) • Backup Server • WSUS Server • Terminal Server 1/2 Active Directory 3
  • 4. Domain controller & Active Directory •Domain: A mechanism for managing computers and users in a company as a whole •Domain controller: a server that provides domain functionality •Active Directory: Name of function group (brand name) provided by Microsoft centered on domain function 4
  • 5. staff1 domain staffdc01 (Domain Controller) studentdc01 (Domain Controller) student1 domain ocaat1 domain (root domain) ocaatdc01 (Parent Domain Controller) Active Directory Diagram 5
  • 6. About Organization Unit (OU) Organization Unit : Something like a folder to store various objects of Active Directory Our staff domain controller has three OUs as below. Start -> Active Directory Users and Computers - OCAAT GROUPS - OCAAT ACCADEMIC OU - OCAAT NON-ACCADEMIC OU 6
  • 7. How to add user account 1 Action menu -> New -> User • Type First name & Last name: John Brown • Type User logon name: jbrown • Click Next • Type Password: ****** • Click Finish 7
  • 8. How to add user account 2 Open Properties Profile tab: • (User profile) Logon script: WKIX32.exe loginscript.kix • (Home folder) Connect: O: To: NX3000STAFFMANAGEMENT_HOME$jbrown Member of tab: • Click Add • Type object name: ICT SUPPORT • Click OK -> Click OK again 8
  • 9. about logon script 1 • A series of instructions the client machine follows each time the user log on. • Describe the processing to be executed at logon. <Folder> C:WindowsSYSVOLsysvoldomain-namescripts <File> loginscript.kix 9
  • 10. about logon script 2 if ingroup("ICT SUPPORT") ; INFORMATION TECHNOLOGY SUPPORT shell 'net use O: "nx3000staff.staff1.XXXXX.ac.bwMANAGEMENT_HOME$%username%"' shell 'net use P: "nx3000staff.staff1.XXXXX.ac.bwSTAFF_SHARE$"' shell 'net use R: "nx3000staff.staff1.XXXXX.ac.bwICT SUPPORT$"' endif (explain) If group is “ICT SUPPORT”, execute below command line. net use command: Map shared folder to local drive nx3000staff: Staff File Server 10
  • 11. How to add user account 3 Make personal share folder • login File Server (nx3000staff) - Open Explorer - Folder: D:STAFFSTAFF HOME DIRECTORYMANAGEMENT_HOME - File: jbrown 11
  • 12. File Server •File server is a server installed for sharing files over a network such as LAN or WAN. 12
  • 13. Make share folder •Login File Server •Right-click folder -> Click Properties •Select Sharing tab -> Advanced Sharing •Check “Share this folder” •Click Permissions -> Add Share Permission Group •Access FileServer 13
  • 14. Group Policy 1 • Group Policy is a hierarchical infrastructure that allows a network administrator in charge of Microsoft's Active Directory to implement specific configurations for users and computers. • Group Policy can also be used to define user, security and networking policies at the machine level. 14
  • 15. Group Policy 2 •Start “Group Policy Management” •Expand “Forest: ocaat1.ce.ac.bw” •Expand “Domains” •Expand “staff1.ocaat1.ce.ac.bw” •Click OCAAT Group Policy •Click Settings tab 15
  • 16. Group Policy 3 (for example) •Minimum password length : 6 •proxy settings : 10.XX.29.6 3128 •Schedule : At 11:00 PM every Friday of every week. c:Windowssystem32shutdown.exe /f /s /t 600 •Home page: http://www.ocaat1.ce.ac.bw/ 16
  • 17. DHCP Server 1 •DHCP (Dynamic Host Configuration Protocol) is a function to select an unused IP address and dynamically allocate it to clients. 17
  • 18. DHCP Server 2 •Start -> DHCP •We have four Scope - 10.XX.24.0/22 (Students) - 10.XX.29.0/25 (Default) - 10.X.29.128/25 (Miscellaneous) *not use - 10.XX.30.0/23 (Staff) 18
  • 19. DHCP Server 3 Address Pool: Available IP address range Address Leases: Address Lease Status Reservations: IP address can be reserved Scope Options: Configuration Router/IP PHONE 19
  • 20. DNS Server 1 •The Domain Name System (DNS) is a hierarchical decentralized naming system for computers or other resources connected to the Internet or a private network. •It serves as the phone book for the Internet by translating human-friendly computer hostnames into IP addresses. •For example, the domain name www.google.co.bw translates to the addresses 216.58.223.3. 20
  • 21. DNS Server 2 The description format that combines host name and domain name like "www.google.co.bw" is called Fully Qualified Domain Name (FQDN). www. google. co. bw Host name Domain name Top Level Domain (bw,jp,com,etc) Second Level Domain (co,ac,go,etc) Third Level Domain (company name and organization, etc) Forth Level Domain (hostname) 21
  • 22. DNS Server 3 bw / co jp ac google www <Name resolution flow> (exsample: www.google.co.bw) 1. Ask ocaat1’s DNS Server 2. If ocaat1’s DNS Server don’t know, ask /(root) DNS Server. 3. /(root) domain DNS server queries bw domain. 4. Bw domain DNS Server queries co domain. 5. Co domain DNS Server queries google domain. 6. Google DNS server will answer IP address. ce ocaat1 terminal proxy 1 2 3 4 5 www = 216.58.225.3 6 22

Editor's Notes

  1. F5 or Shift + F5 No. -> Enter
  2. Title: 60px content : 40px
  3. mechanism:仕組み in a company as a whole:企業全体の
  4. staffdc01 server manages staff1 domain.
  5. Let’s see staff1 domain controller.
  6. Initial password
  7. Later explain about Logon script
  8. This is a part of logon script.
  9. After that login and check.
  10. hierarchical:階層型 implement specific configurations:特定の構成を実装できるようにする can also be userd to define:定義する為に使用できる
  11. If we want to same setting, we can use Group Policy.
  12. If we don’t use DHCP Server, we have to set IP address to all clients. to select an unused IP address:未使用のIPアドレスを選択する dynamically allocate:動的に割り当てる
  13. This mark means exclusion. If we know hostname (computer name), we can search IP address.
  14. decentralized naming system:分散ネーミングシステム nslookup proxy, nslookup www.google.co.bw 216.58.225.3 : Computer understands. But people are difficult to understand. www.google.co.bw : People are easy to understand.
  15. description format:記述形式 com, co : commercial ac : academic go : goverment
  16. The part surrounded by a circle is called a domain. Each domain has a DNS server. Check DNS server setting screen.