T n w (computer & it solutions)

Table of Contents

1. Introduction to Server Management

2. Creating Domain Server with Windows Server 2008

2.1 Install & Configure Server 2008

2.2 Install & Configure Domain Name System (DNS)

2.3 Install & Configure Active Directory (AD)

2.4 Install & Configure Internet Information Services (IIS)

3. Creating 2nd Domain Server with Windows Server 2008 Core

3.1 Install & Configure Server Core


4. Creating Client with Windows 7 OS

4.1 Install & Configure Windows 7

5. Conclusion

aaaa10.21.1.0/28

1. Introduction to Server Management

Understand and enhance knowledge on server management on various platforms like CentOS,

Redhat EL, Fedora, Windows, Linux. Understand Networking and setup domain servers, Active

Directory, Group Policy and Web Server. This project used VMware Workstation and creates

Windows Server 2008, Windows Server 2008 Core and Windows 7 on the same platform.

Windows 7 computer works as client and Server 2008 computer has installed main DNS server,

Active Directory. Then Server Core computer has installed secondary DNS server. VMware is

virtualization software and allows user to run multiple operation systems and their applications

simultaneously on a single PC in fully networked.

P1055788C1

Windows 7

800 MB RAM

10.21.1.103

P1055788S1

Server 2008

1 GB RAM

DNS, AD, IIS7

10.21.1.101

P1055788S2

Server 2008 Core

800 MB RAM

DNS

10.21.1.102

10.21.1.0/24

Network Architecture

2. Creating Domain Server with Windows Server 2008

2.1 Install & Configure Window Server 2008

Run VMware Workstation and click “New Virtual Machine”.

New Virtual Machine wizard (Guest Operating System Installation) will pop-up and

choose either installer disc or image file (iso) location.

Follow up step by step and choose Windows Server 2008 from drop-down menu.

Can setup Installer/Administrator and password when installation process. Then power

off Server 2008.

Click “Edit virtual machine setting” and can change basic hardware configuration such

as Memory, Network Adapter, Sound Card, etc under Hardware Tap.

Change Network Adapter to “Host-only” under Hardware Tap.

Change P1055788S1 under Virtual machine name field from Option Tap and can change

working directory location as well and click OK.

Click “Power on this virtual machine” and Windows start running and show Log-in

Window. Log-in as Administrator with correct password.

Click Server Manager from task bar or start menu. Server Manager Window appears on

desktop. Server Manager shows Server summary, Roles summary, Features summary

Resources and Support.

Setup IP address; Click “View Network Connections”. In Network Connections Window,

Right-click Local Area Connection and choose Properties from pull down menu. Off

IPv6 and set static address for IPv4 in the Local Area Connection Properties.

Change computer name and domain name; In Server Manager Window, click “Change

System Properties”.

In System Properties Window, click Change and give P1055788S1 under Computer

name field. Then click More from Computer Name/Domain Changes Window and give

p1055788.local (domain server name) under Primary DNS suffix of this computer field.

And then restart the window.

Run command prompt and type ipconfig/all. It will show IP address of server and

Primary DNS suffix as the below picture.


2.2.1 Installing DNS;

In Server Manager Window, click Add Role and Add Roles Wizard will appear.

Select DNS Server and follow up step by step as the picture shown below.

Close successful DNS Server installation result window .

We can see the following picture after the DNS server installation

2.2.2 DNS Server Configuration

Go to Start >Administrative Tools>DNS as the below picture

Right -click P1055788S1 and click “configure DNS server”

Follow up step by step DNS configuration procedure .

Select “Create forward and reverse lookup zones” under Select Configuration Action and

click next.

Select “Yes, create a forward lookup zone now (recommended)” under Forward Lookup

Zone and click next .

Leave as “Primary zone” under Zone Type and click next.

Type p1055788.local in the Zone Name field and click next.

Leave as p1055788.local.dns in create a new file with this file name field under Zone File,

and click next.

Select “Allow both nonsecure and secure dynamic updates” under Dynamic Update and

click next.

Leave “Yes, create a reverse lookup zone now” under Reverse Lookup Zone and click

next.

Select “Primary zone” for Zone Type and click next.

Leave “IPv4 Reverse Lookup Zone” under Reverse Lookup Zone Name and click next.

Type network address 10.21.1 under Network ID field and click next to create Zone File

(leave it as default).

Select “Allow both nonsecure and secure dynamic updates” under Dynamic Update and

click next.

Select “No, it should not forward queries” under Forwarders and click next to complete

DNS configuration.

When click Finish, warning message displayed and ignore it and click OK.

The console tree of DNS Manager window, expend P1055788S1 > Forward Lookup

Zones and click on p1055788.local, notice Host record not yet created.

Reverse Lookup Zones, there is no Host record as well.

To see how Dynamic Update; refresh network connection (disable and enable Network

Area Connection icon).

Return to DNS Manager; right click P1055788S1 and refresh. Can see Host now in the

Forward Lookup and Reverse Lookup Zones.

2.2.2 Testing DNS Server

Run command prompt and type nslookup. It will show default server name and IP address.

Type domain server name p1055788s1and verify address and will see the below view.

2.3 Install & Configure Active Directory (AD)

AD Domain files can be saved under different Disk or partition Disk. File system should

be NTFS.

2.3.1 Installing Active Directory

In Server Manager Window, click Add Role and Add Roles Wizard will appear. Select

“Active Directory Domain Service” and follow up step by step.

2.3.2 Configuring AD Domain Service

To configure AD Domain Service, go to Start>Command Prompt>type dcpromo.

Follow up the procedure step by step according to the below pictures.

Active Directory Domain Services Installation Wizard appear will be appeared

Select “Create a new domain in a new forest”

Type p1055788.local in FQDN of the forest root domain field under Name the

Forest Root Domain. Will see verifying Net BIOS name and click Next.

Select Windows Server 2008 under Forest Functional Level field and click Next.

Leave as default for Additional Domain Controller Option and click Next.

Select “NO, do not create the DNS delegation” under Create DNS Delegation and click

Next.

Can select location of Database, Log files and SYSVOL folders if like to save

different disk and click Next.

Type Administrator password same as server password and click Next.

Summary window popup and click Next.

At the end of installation, will see error message about DNS zone creation. Ignore it

and click OK. Server will restart.

Upon server boot up after AD service installation, login window is slightly different. It

shows P1055788\Administrator instead of only Administrator.

2.3.3 Creating OU, Bulk Import Users and Group Policy

Go to Start > Administrative Tool > ADUC.

Right click domain “p1055788.local” from left pane > New > Organization Unit.

Create Accounting, Engineering, Finance, Help Desk, HR and Sales OUs respectively.

Create ldf or csv file to do bulk import of OUs and Users into Active Directory and save

under C. Type this command in commands prompt to do bulk import.

For ldf,

ldifde –i –f userinfo.ldf –s BigServer

For CSV,

csvde –i –f userinfo.ldf –s BigServer

http://www.computerperformance.co.uk/Logon/Logon_LDIF.htm

http://www.computerperformance.co.uk/Logon/Logon_LDIF.htm

Group Policy; Go to Start > Administrative Tool > Group Policy Management

Open Forest > Domains > p1055788.local > Right click Accounting OU and click “Create

a GPO in this domain, and link it here”

Name as Accounting Group Policy. Open Accounting OU > Right click Accounting Group

Policy > Edit

Group Policy Management Editor window appear. Open Computer Configuration >

Windows Settings > Security Settings > Account Policies

Click Password Policy and change setting in right pane.

Click Account Lockout Policy and change setting in right pane.

After changing group policy anytime > Run command prompt and type gpupdate.

Create GPO for other OUs follow as same procedure except Help Desk OU.

As for Help Desk,

Right click Help Desk OU > Click “Link an Existing GPO”.

Select GPO window appears and Select Default Domain Controllers Policy and click

OK. Finally can see as below GPO created individually.

Open Forest > Domains > p1055788.local > Right click Default Domain Policy > Edit

Group Policy Management Editor window appear. Change Account Policy same as other

OU GPO. Users can change their password with 5 characters and account can be logon 4

times fail after run gpupdate in command prompt.

2.3.4 Assigning Home folder to a user; Create new folder named as Home under C:\ drive.

Right click Home folder> Properties > Advanced Sharing.

Click “Share this folder” box and click Permissions. Click Full Control Allow box

under Share Permissions and click OK.

Go to ADUC. Click Accounting OU > right click user who is a manager of department in

right pane > Properties. Darus Md Saleh is a manager of Accounting OU.

In the Properties window, go to Profile and select Connect > choose drive H: and link to

\\P1055788S1\Home\%username% under Home folder and click OK. User DMSaleh

can use his Home folder from any client computer now.

Create Home folder link for other manager follow as same procedure.

Open C: > Home folder > can see all manager folder link created as above.

2.3.5 Delegate control

Type mmc in the command prompt, new Microsoft Management Console appears.

Click File > Add/Remove Snap-in > Select ADUC from left pane and click Add>. Now

can see ADUC in right pane and click OK.

ADUC can be seen in the left pane of MMC Console now. Right click Accounting > New

Taskpad View > follow up New Taskpad View wizard.

Click Next on Taskpad Style window as default. Click Next on Taskpad Reuse window

as default “All tree items that are the same type as the selected tree item”.

Type Manager Computer Management Tool under Name field of Name & Description

window and click Next.

Click Finish New Taskpad View Wizard. New Task Wizard appears and click Next.

In Menu Command window, Select “Item listed in the results pane” from Command

source > Select Disable Account under Available commands and click Next.

Select Task Icon and click Next.

Click “When I click Finish, run this wizard again” and click Finish. New Task Wizard

run again keep add new commands whichever like. And save this taskpad as Manager

Management Tool under C:

Right click Accounting > Delegate Control > Follow up Delegation of Control Wizard.

Delegate DMSaleh (Manager) for Accounting OU and he can control other user under his

OU. Select “Delegate the following common tasks” and the following. And also delegate

users for other OU follow as same procedure.

Copy Manager Management Tool and Paste under delegate user’s Home folders

(\\P1055788S1\Home\%username%) (H:) individually. So Manager can open their Home

folder from any client computer and use their Taskpad Console.

2.4 Install Internet Information Services (IIS)

In Server Manager Window, click Add Role and Add Roles Wizard will appear. Select

“Internet Information Services” and follow up step by step as the below pictures.

After installation is succeeded, make a notepad and save as index.html as the below picture.

Copy and paste in C\inetpub\wwwroot

Go to Start>Administrative Tools>Internet Information Service (IIS) Manager

Expand P1055788S1>Sites and click Default Web Site.

Double Click Default document and move default.htm to the top as the below picture.

Launch the internet explore and type http://p1055788.local/ and should be able to see the web server

you have created as the below picture.

http://p1055788.local/

2.4.1 Hosting Internet Information Service (IIS)

In the IIS service manager, expand P1055788S1 and right-click site and select add web site.

The image below is referred to configure the settings for new website.

Make a new notepad and save it in C\inetpub\website2.

Launch the internet explore and type http://p1055788.local:8080/ in address bar and should

be able to see as the below picture.

http://p1055788.local:8080/

3. Creating 2nd Domain Server with Windows Server 2008 Core

3.1 Installation of Window Server 2008 (Server Core)

Run VM Ware Work Station and Click New Virtual Machine.

Give name to the machine as P1055788S2.

For Network Adaptor, Select Host Only and select Use ISO image File and

browse ISO file in CD/DVD (IDE).

Power on this machine and follow up the procedure step by step as the pictures

shown in below.

After the installation is successful, press Ctrl + Alt + Del to lo on

Click Other User and type administrator for user and leave blank for password and proceed

And type the password of administrator and confirm it as the picture shown below

After setting the admin password, personal settings are loaded and the user is presented with

the "desktop" - this word is in quotes because there really is no desktop here in the sense that

most users would expect; it is merely a command prompt. There is no Windows Explorer,

no Start Menu and no quick launch icons - the administrator must perform the whole

configuration using just the keyboard

3.1.1 Configuring an administrator's password

At a command prompt, type Net user administrator . and type password as P@ssw0rd and

retype as below.

3.1.2 Configuring a server name

At a command prompt, type hostname to see current computer name .

And type C:\Users\Administrator>netdom renamecomputer WIN-

CPFBOQ6HV6J(current computername ) /newname:P1055788S2 to change computer

name.

Type Y for “do you want proceed (Y or N) ?

And restart the computer for operation. To restart the computer , type

shutdown -r -t 0 in command prompt.

Note: shutdown /r (switch for shutting down and restarting the computer) /t 0 (wait 0

seconds to shutdown and restart).

3.2 Configuring an IP address

Now the machine has a new name, we need to set its IP address. To do this, we may need

to know the name of the interface on the card. This is usually “Local Area Connection”. In

a virtualised or multi-card environment then this may not be the correct name.

To do this, in command prompt, type netsh interface ipv4 show interface to list all the

ipv4 enabled interfaces.

To set ipV4 address

In command prompt, type netsh interface ipv4 set address name=”2” source=Static

address=10.21.1.102 mask=255.255.255.0

3.2.1 Adding server roles and features

OCList brings up an overview of the available roles in a tree structure. In addition, the

program also shows which server roles have been installed.

To see OClist, type OCList in command prompt.

Will see DNS–Server -Cor –Role is not yet installed as the picture shown below

To install DNS in Server core, type ocsetup DNS-Server-Core-Role in command

prompt.

After DNS installation is completed, type OCList in command prompt to check whether

DNS server core role has already installed or not and will see as the picture below.

3.2.2 Joining a domain

To join with P1055788S1 domain, type netsh interface ipv4 add dnsserver name=”2”

address=10.21.1.101 index=1 in command prompt.

To Register DNS, type ipconfig/registerdns in command prompt.

Go back to P1055788S1, Off Firewall and Refresh forward and reverse lookup zones from

DNS .

And Type C:\Users\Administrator>netdom join P1055788S2 /domain:p1055788.local

/userd:Administrator /Passwordd:P@ssw0rd.

3.2.3 Activating the server

As final steps, need to activate the server. To do this,type slmgr.vbs –ato in command

prompt.

And Restart to complete DNS server core installation in server core (P1055788S2).

To check whether successful dns installation in server core and joining P1055788S1,Type

nslookup in command prompt and should be able to see as the picture below.

And go back to Server(P1055788S1). And go to Start > Administrative Tool>DNS.

Expand P1055788S1 and in forward and reverse lookup zones, we should be able to see

the picture below

4 Creating Client with Windows 7 OS

4.1 Installing Windows 7

Mostly same as Server 2008 installation.

Click “New Virtual Machine” in VMware Workstation.

New Virtual Machine wizard (Guest Operating System Installation) will pop-up and

choose either installer disc or image file (iso) location.

Follow up step by step Windows 7, 32 Bit installation.

Can setup Installer/Administrator and password when installation process. Then power off

Window 7.

Click “Edit virtual machine setting” and can change basic hardware configuration such as

Memory, Network Adapter, Sound Card, etc under Hardware Tap.

Change Network Adapter to “Host-only” under Hardware Tap.

Change P1055788C1 under Virtual machine name field from Option Tap and can change

working directory location as well and click OK.

4.1.1 Configuring Window 7

To Configure Windows 7; Go to Start > Right click Computer > Properties

Click Change settings > System Properties windows appears > Click Change >

Computer Name/Domain Changes windows appears and type P1055788C1 under

Computer name field >

Click More > DNS Suffix and NetBIOS Computer Name windows appears > Type

p1055788.local under Primary DNS suffix of this computer field and click OK. Computer

need to be reboot after changing of name.

Go back to System Properties > Click Change > Select Member of “Domain” in

Computer Name/Domain Changes windows > type p1055788.local > and click OK. (Note:

this setting only available after AD configure at Domain Server)

Windows 7 client computer already linked with Domain Server and users can login here

now.

Launch the internet explore and type http://p1055788.local/ in the address bar and should

be able to see as the picture below.

http://p1055788.local/

4.1.2 Installing Remote Server Administration Tools; Download RSAT for Windows 7,

32 Bit System from below link.

http://download.microsoft.com/download/4/F/7/4F71806A-1C56-4EF2-9B4F-

9870C4CFD2EE/x86fre_GRMRSAT_MSU.msu

Save x86fre_GRMRSAT_MSU.msu file under C: Drive. Run this file and atomically

install RSAT on Windows 7.

http://download.microsoft.com/download/4/F/7/4F71806A-1C56-4EF2-9B4F-9870C4CFD2EE/x86fre_GRMRSAT_MSU.msu

http://download.microsoft.com/download/4/F/7/4F71806A-1C56-4EF2-9B4F-9870C4CFD2EE/x86fre_GRMRSAT_MSU.msu

After RSAT installation > Open Control Panel > Programs > Click “Turn

Windows Features on or off”.

Select check box for whatever service like to use.

Expand Remote Server Administration Tools > Role Administration Tools > AD

DS and AD LDS Tools > Select Active Directory Module for Windows PowerShell.

Open AD DS Tools > Select Active Directory Administrative Center and AD DS

Snap-ins and Command-line Tools and AD LDS Snap-ins and Command-line

Tools.

Select DNS server tools and click OK.

Now Delegate user (Managers) can run Taskpad (MMC) in this client computer.

They can also control their employees account without Administrator.

5 Conclusion

T n w (computer & it solutions)

Technology

Transcript of T n w (computer & it solutions)