Chapter 6 “Configuring File Services”

Thursday, March 07, 2013

The File Services role and other features included with Windows Server 2008 provide many different tools that help administrators deal with all the factors that need to be considered when planning for file sharing on a large network.  The first is scalability, or how much storage space is needed now as well as next year.  The second is navigation, or how users are expected to find the files they need when they need them.  The third is protection, or how you control access to network file shares.  The fourth is abuse, or how to prevent users from consuming too much storage space.  The fifth is diversity, or providing file sharing support for operating systems other than Windows.  The sixth is fault tolerance, or the speed at which you can recover from a hard drive failure, server failure, or an entire facility.  Finally, the last is availability, or making sure that your users have continuous access to the files and services they need even on remote networks.  All of these issues can be addressed through the File services role.  Distributed File System (DFS) is scalable to any size network.  The DFS Namespace role provides a basic virtual directory functionality and DFS Replication enables administrators to deploy the virtual directory on many servers over the entire enterprise.  DFS Replication can have two different topologies, a Full Mesh topology and a Hub/Spoke topology.  A Full Mesh topology means that every member of the group replicates with every other member.  A Hub/Spoke topology allows you the ability to limit the replication traffic to specific pairs of members to cut down on the amount of network traffic.  Hub/Spoke would be more useful in a larger installation.

Chapter 5 “Configuring Routing and Remote Access (RRAS) and Wireless Networking”

Thursday, February 28, 2013

 Routing is the process of transferring data across an internetwork from one LAN to another.  Routers operate at the third layer of the OSI model, the network layer, and they determine the route that data will take from the source network to the destination network.  Routers can join networks together over extended distances or join dissimilar networks, for example an Ethernet LAN to a Fiber Distributed Data Interface (FDDI) backbone.  Routing protocols can be used to transmit information about the routing topology and which routes can be reached through which router.  Some of the common protocols are, Routing Information Protocol (RIP), Routing Information Protocol version 2 (RIPv2), and Open Shortest Path First (OSPF).  Routers use routing tables to forward packets to the next destination.  When a packet arrives at the router, the router reads the destination and compares it to the information found in the routing table and then forwards the packet to the next destination based on that information.  One of the roles that Windows Server 2008 has to offer is Routing and Remote Access (RRAS).  RRAS provides many different types of remote access connectivity including Dial-Up Networking (DUN), and Virtual Private Networking (VPN), as well as allowing your Windows Server 2008 computer to act as a Network Address Translation (NAT) device.  Windows Server 2008 uses the Network Policy Server (NPS) RRAS role service as a means to check the credentials of someone trying to connect to the server.  Remote Authentication Dial-In User Service (RADIUS) is another third party authentication and authorization role service that can be used in place of NPS.  Wireless mobile devices such as smartphones, tablets, and netbooks, have created a need to secure this type of access.  To accomplish this, the Institute of Electrical and Electronics Engineers (IEEE) developed the 802.1X standard for network access control.  There are three components that 802.1X uses to provide port based security.  The Supplicant, which is the device that is attempting to gain access to the network such as a smartphone or laptop, the Authenticator, which is the component that requests credentials from supplicants, and the Authentication Server, which provides the verification of the authentication credentials.

Chapter 4 “Configuring and Managing the DNS Server Role”

Thursday, February 21, 2013

 The Domain Name System (DNS) role is the role that Microsoft Windows Server 2008 uses for name resolution.  When you send a request through your browser, for example, to a web site like www.yahoo.com, it’s DNSs responsibility to map the URL www.yahoo.com to its IP address so the request can be completed.  A DNS namespace is a tree structured list of host names in a hierarchical order starting with the root, which is unnamed and is represented by a period. Next is the top level domain, for example, .com, .net, or .edu, followed by a second level domain, which are registered to individuals, for example Yahoo (yahoo.com), Microsoft (Microsoft.com), or McHenry County College (mchenry.edu).  For administrative purposes, DNS can be organized into zones.  A DNS zone is a collection of name to IP address mappings in a contiguous portion of the DNS namespace which allows for sharing the workload across many other DNS servers.  A DNS zone can provide name to IP mappings for one or more domains.  If DNS is to provide for multiple domains they must be contiguous, or part of a parent child relationship.  There are three typical zone types that can be configured on a DNS server, the standard primary zone, the standard secondary zone, and the reverse lookup zone.  Windows Server 2003 and 2008 provide a fourth called a stub zone.  A standard primary zone hosts a read/write copy of the DNS zone in which resource records are created and managed.  Only one server can host a master copy of the zone, accept dynamic updates, and process zone changes.  A standard secondary zone is a read only copy of the primary zone and may be stored on one or more servers to provide fault tolerance and load balancing.  A reverse lookup zone can provide the hosts fully qualified domain name (FQDN) when a query contains “what is the host name at the IP address 69.147.76.15 it will return www.yahoo.com.  Finally, a stub zone is a copy of a zone that contains only the resources necessary to identify the authoritative DNS servers for that zone.  A stub zone does not have the same abilities as a secondary zone and should only be used for address redundancy and load sharing.

Chapter 3 “Configuring and Managing the DHCP Server Role”

Thursday, February 14, 2013

  DHCP is the role Windows Server 2008 uses to manage IP addresses.  DHCP functions at the application layer of the Open System Interconnection (OSI) reference model.  The key aspect of DHCP is that it‘s dynamic, meaning  the network is configured to assign IP addresses to any devices connected to the network.  The different message types that DHCP uses to communicate between a client and a server are, DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, DHCPDECLINE, DHCPACK, DHCPNACK, DHCPRELEASE, and DHCPINFORM.  The first of four messages that are used for the initial lease process are DHCPDISCOVER, which is the first message the client sends looking for a DHCP server.  The second message used is DHCPOFFER, which is when the DHCP server receives the DHCPDISCOVER message and replies with a message that contains IP address information for the client.  The third message is DHCPREQUEST, which is the client letting the server know that it will use the IP information supplied by the DHCP server.  The fourth and last message in the initial lease process is DHCPACK, which is the DHCP server acknowledging the client and assigning the IP address information.  The four step process is easier to remember by using the acronym DORA, for DISCOVER, OFFER, REQUEST, and ACK.  DHCP uses scopes to determine which IP addresses are allocated to client computers.  Administrators can create one or more scopes, however, caution must be taken so multiple DHCP servers are not using the same IP addresses.  Windows server 2008 supports automatic or manual backups.  Backing up the database is very important for fault tolerance in case of a DHCP server failure.

Chapter 2 “Installing Microsoft Windows Server 2008”

Thursday, February 07, 2013

 The cornerstone of building a network is installing Windows Server 2008.  Windows Server 2008 can be installed as a full server installation with a graphical user interface (GUI) or as a Server Core installation.  A Server Core installation, new in Windows Server 2008, is a system configuration that contains only the specific facilities required for a specific role and does not have a GUI.  All the configurations start from the command prompt.  After installation is complete the first window to open is the Initial Configuration Tasks window.  From this window you can set the proper time zone, configure networking, provide computer name and domain, enable automatic updating and feedback, download and install updates, add roles, add features, enable remote desktop, and configure Windows firewall.  When you are finished you can close the Initial Configuration Tasks window and the Server Manager window should open next.  From this window you can do various tasks such as add roles, add features, diagnostics, other configurations and storage.  Windows Server 2008 supports two types of hard disks, Basic and Dynamic.  All new disks are initialized as basic disks and can be initialized as Master Boot Record (MBR) or GUID Partition Table (GPT) partitioning.  Installing Server core is similar to installing the full GUI version with the exception of all configurations must be done from the command prompt.

Chapter 1 “Introduction to Networking Concepts”

Wednesday, January 30, 2013

 In order for a computer, printer or other device with a network interface to communicate on a TCP/IP network it needs a valid network IP address.  There are five different classes used for IPv4 classful addressing.  Class A begins with the IP address 0.0.0.0 and ends with 127.255.255.255, class B begins with 128.0.0.0 and ends with 191.255.255.255, class C begins with 192.0.0.0 and ends with 223.255.255.255, class D begins with 224.0.0.0 and ends with 239.255.255.255, and finally class E begins with 240.0.0.0 and ends with 255.255.255.255. In addition, each IP address must have a subnet mask.  The subnet address for all class A addresses is 255.0.0.0, for class B address is 255.255.0.0 and for class C addresses is 255.255.255.0.  IPv4 addressing uses 32 bits (four bytes, or octets) for addressing providing the mathematical limit of 2³² possible addresses  The Internet, being as popular as it is, causes concern that the 4-billion-plus available IP address that IPv4 offers will soon be exhausted.  Because of this, IPv6, the next generation of TCP/IP protocol was developed.  IPv6 uses 128 bits, or 16 bytes, for addressing, providing 2¹²⁸ (about 340 billion) possible addresses.  IPv6 is expressed in hexadecimal notation, such as 2001:0db8:85a3:08d3:13198a2e:0370:7334, as opposed to 192.168.1.100 being an example of an IPv4 address.  Although many devices have the capability of using IPv6 it is not very popular at this time.  The Domain Name System (DNS) provides the means for associating a meaningful host name with a network address. Because of this we can use common, easy to remember names for network devices, and DNS will know what the actual IP address is.  Unless you have assigned a static IP address, meaning an address that never changes, your address will be referred to as dynamic.  Dynamic Host Configuration Protocol (DHCP) is responsible for automatically assigning IP address to the various devices on the network.  DHCP is also responsible for reassigning the IP address when the system no longer needs it.  A properly configured DHCP server will not assign the same address twice making it easier to move equipment between subnets without manually configuring them.