Server Hardware and OS; Clients CSC 363 18 February, 1999.
-
date post
20-Dec-2015 -
Category
Documents
-
view
217 -
download
1
Transcript of Server Hardware and OS; Clients CSC 363 18 February, 1999.
Server Hardware and OS; Clients
CSC 363
18 February, 1999
Announcements
• Group Projects---how’s it going?
Server Hardware-Speed is King
• Processor
• Disk
• Memory
• NIC
Processors
• Single-vs. dual/multi processors
• MgHz, Paging and other specs
Processors, cont.
• RISC vs. Wintel
Disk
• Seek time
• Access time
• RPMs
• Partitioning
Disk Management
• RAID Arrays
• Striping
• Mirroring
• Backups
Memory
• How much
• What kind
NICs
• When speed counts
• Selecting
Problem:
• You are planning a network for a medical practice that doesn’t have many client computers to support, but that stores very large graphical files, such as MRI and X-ray images, on their server. Which hardware component will require more than average capacity?
NOS
• Common NOSs– Windows NT– Novell NetWare– OS/2--/Warp– UNIX– LANtastic!– Banyon-Vines
Server Software
• User account management (profiles)
• Security
• Central Licensing
• Data Protection
• Multitasking and Multiprocessing.
User Profiles• NT stores the profile information for each
user - Winnt\Profiles - including:– Network drive mappings– NT Domains/Printers– All icons on the desktop– Contents of all menus reachable from the Start
button– names of recently opened files– Desktop color scheme and configuration
Types of Profiles
• Local Profile – stored on client machine and used when logged
onto that machine
• Roaming Profile– stored on a server and downloaded to local
machine when user logs on to server
Security Model
GOLDMAN: LAN FIG. 12-11
Security Reference
Monitor Sub-System
Local Security Authority
Win32 Subsystem
Security Account Manager
Logon Process
Win32 Application
User Accounts Database
Security Policy
Database
Audit Log
secure communication channel
USER MODE
KERNEL MODE
NT System Security
• NT is Object Oriented– Each user, group, file, etc. is an object– Each user, and group is assigned a unique
Security Identifier (SID) 32 bit random character
– All objects have a security descriptor containing:
NT System Security
– SID of the owner of the object– Discretionary ACL controlled by owner– System ACL controlled by Administrator
• Access Control List (ACL) is associated with each object, indicating what rights other objects have to this object
NT System Security
• NT associates a security Access Token for each running process.– Token determines what access rights the
process has.– Token contains
• SID of the user executing the process
• SIDs of all groups user belongs to
• Possibly SIDs of other (more privileged) users is the process is designed for impersonation
Account Access Token
• The NT key card
• Contains important information about the user, SID (security ID - 32 bit unique #)– Username, encrypted password, group
memberships, profile location, home directory, logon hours, etc.
• Could be local or domain (they don’t cross)
Access to the Server
• Domain– Collection of computers and related resources– At least 1 NT server– No geographical limits– First NT server is established as the PDC at
install– Others will be either BDC or Server– PDC holds the database of resource information
GOLDMAN: LAN FIG. 12-06
Domain
Workgroup
NT Server
domain security
database
NT Server
NT Server
NT ServerNT Server
Primary Domain
Controller
Backup Domain
Controller
Backup Domain
Controller
All security and access control list information is maintained on the Primary Domain Controller. Copies are stored on Backup Domain Controllers for reliability. Backup Domain Controllers promoted in case of Primary Domain Controller failure. Any Primary or Backup Domain Controller can log you in.
security security
securitysecurity
securitysecurity
Windows for Workgroups
Windows for Workgroups
Windows NT Workstation
Windows NT Workstation
Windows NT Workstation
Windows NT Workstation
Files and directories can be shared among the workgroup, but each workstation is responsible for maintaining their own user accounts and access control lists.
Central Licensing
Multitasking
• Multi-CPU
• Single-CPU– Time-Slicing=>
• Pre-emptive Multitasking=>
• Cooperative Multitasking=>
Client Characteristics
• Drive designations/mapping
• Requesters (Novell)
• Redirector (Microsoft/IBM)
Peripherals
• Print requests
• Peripheral Ports
Installing NT Server
• Hardware Compatability List (HCL)
• Server Naming– NetBIOS Names
• 15 characters max length
• Planning naming conventions
• Domain name for server-based network
• Workgroup name for Win95 network
GOLDMAN: LAN FIG. 12-06
Domain
Workgroup
NT Server
domain security
database
NT Server
NT Server
NT ServerNT Server
Primary Domain
Controller
Backup Domain
Controller
Backup Domain
Controller
All security and access control list information is maintained on the Primary Domain Controller. Copies are stored on Backup Domain Controllers for reliability. Backup Domain Controllers promoted in case of Primary Domain Controller failure. Any Primary or Backup Domain Controller can log you in.
security security
securitysecurity
securitysecurity
Windows for Workgroups
Windows for Workgroups
Windows NT Workstation
Windows NT Workstation
Windows NT Workstation
Windows NT Workstation
Files and directories can be shared among the workgroup, but each workstation is responsible for maintaining their own user accounts and access control lists.
Domains in NT
• Domain Controllers
• Primary Domain Controllers (PDC)
• Backup Domain Controllers (BDC)
Domains• Objects
– Computers• Servers - running NT Server
• Workstations - clients
– Users - people with access rights in the domain– Groups - administrative collective of users
• used to categorize and simplify the management of users
• Can be local or global
– Printers
Problem
• You must install 200 computers in a new network for your new company headquarters. There will be 3 physical LANs there, reflecting the divisions of Acquisitions, Financing, and Operations. All LANs will be connected and each will have its own server and approximately 1/3 of the client computers. Each will have its own set of printers and you expect each will grow in (servers and clients) in the coming years. You also expect to add another LAN for Financing sometime in the near future. Implement a NetBIOS naming scheme for this network.
Domain Database
• User account is basis of security
• Rights are set using the User Manager tool (either local or for the Domain)
• Can set a Policy which creates a “template” for all users created after it
NT Network Configuration
• Server can only hold a single database
• Server can only be PDC OR BDC
• Database can be partitioned– Server can still only hold one partition
9
Configuring the NIC
• Protocol Determination– TCP/IP
– IPX
– NetBEUI
TCP/IP Installation
• IP Address:
• Subnet masks:
• Default Gateways
• Auto vs. manual config:
Problem
• You are installing the first server for your company. Which server role is most appropriate for this server?
Problem
• You are installing a server for a small recycling business. After interviewing the customer, you determine that the network will most likely never grow beyond a single server; that Internet access is not required, and that the company does not want to pay for network administration once the network is installed. Which transport protocol is most appropriate?
Problem
• You are designing a network for a computer software design group with many offices around the country. They tell you they would like to connect the servers in their various offices using the Internet. Which transport protocol is most appropriate?
Problem
• When one of the users on your network prints to the central laser printer, nothing but strange characters appear. The printer works fine for everyone else.
• What is wrong?
• How can you fix it?
Sharing Output Devices
• Print Drivers
• Sharing Printers
• Fax Modems
Messaging/E-Mail
• Clients
• Servers
• Protocols– POP– SMTP– IMAP– MAPI– X.400/X.500
GroupWare
• Calendaring
• Scheduling
• Messaging
• Document and Application Sharing
• Revision tracking
Shared Network Applications
• Licensing advantages
• Maintenance advantages
Client OpSysFeature
Windows '95
NT Workstation OS/2 MS-DOS Macintosh UNIX
Applications16-bit and 32-bit capable
32-bit; Can run '95 or NT apps
32-bit OS; Supports DOS and OS/2 appls, and some Windows software.
8-bit to 32-bit OS capable, though cannot take advantage of 32-bit features.
DOS and Windows emulators allow some DOS/Win apps to run on Mac
Server/client OS. 32- and 64-bit capability
Multitasking
cooperating and pre-emptive multitasking
preemptive multitasking
Preemptive, multithreading.
No multitasking. Only one prg can run at a time.
Cooperative and preemptive multitasking.
Preemptive multitasking with multithreading.
Hardware
386/486/P/Ppro okay; No RISC; Single processor only
486/66 w/16Mb RAM minimum config. Supports RISC processors and dual-processor configurations
Wintel; RISC. 386 w/8Mb RAM min. config. No support for multiple processors
8088/8086 with 640Kb of RAM
Motorola 68000 and RISC (PowerPC/PowerMac). Can support multiple processors but does not do load balancing or multi-processing.
x86 and RISC; SUN (Solaris), SGI (Irix), HP (HP-UX) (all have their own flavors of UNIX)
Drivers
DOS or 95 drivers; NT drivers do not work NT drivers only
DOS and OS/2 drivers DOS drivers only
Mac specific; Network drivers are build into the OS.
Unix drivers only--and flavor/brand specific
Configuring Clients--examples
Troubleshooting Client Connections
• NIC connections– cable mismatch– cable poor connection– duplicate IP address– jumper settings– IRQ and Port problems
10Base2 Problems
• Bus interrupts– disconnection of a PC– damage to cable– faulty connection– exceeded maximum segment length
Frame Types
• Set all devices to use the same frame type
• Set frame types manually– Ethernet_802.2=>recommended by MS and
Novell– Ethernet_802.3– Ethernet_SNAP– Ethernet_II
Cable Testing
• Time-domain reflectometer=>indicates what and where cable problems have occurred
Other Problems
• ResourcesFix Your Own LAN