Network and System Administration

4/6/2010

Lab One

Objective: To design a network based on a service requirements narrative Goal: Design a network map that solves the problems identified in the narrative Course of Action: Problems 1. No planning 2. Using a peer to peer network 3. Several of the desktop computer acting as servers 4. Network degraded and unreliable 5. Sales Manager can not access MYOB from his computer, has his own copy of MYOB which causes problems with the integration of files. Files cant be access if hes not in. 6. Access restriction problem with server 7. Payroll system crashed. No backup system in place 8. Bakery is not networked. Data transfer via floppy disk. 9. Bakery computers are stored where its regularly accessed by the bakers which frequently causes flour dust to corrupt floppy disks 10. Incorrectly installed web server 11. Website created by an amateur to save money 12. Employee is surfing the internet during work hours. Manager unaware employees had access 13. Hackers gain access to an unprotected web server and deface website Solutions 1. Identify the different groups of user based on their requirements. Separate them into two groups Power User Group and Non Power User Group. The aim of separating into groups is its cost effective. Power Users Non-Power Users Shop Floor Manager 14 x Bakers

Accounts Accountant Bakery Accounts Receivable Accounts Payable Payroll Dispatch Admin Office 1x Salesman Receptionist/PA

Dispatch Clerk 2 x Drivers Sales Manager

Power Users 1. 6 computers 2. 4 printers Connect to the network using 10 Mbps Ethernet Switch

Non Power User 1. 4 computers 2. 2 printers Connect to the network using 10 Mbps Ethernet hub
1. Upgrade to a File Server network. Typically with a high performance

2.
3. 4.

5. 6. 7.
8.

computer, this will ensure faster data access and delivery. Where is the server to be located? Centralise all the database applications on the server eg MYOB, People Manager, Recipe Database and Accounts DHCP, DNS, Email, Web Server Security Policy - Identify scope of control(who needs access to what) Password change Policy (How often should this be changed) Backup Policy (what files need to be backed up on Server or PCs and how often). Train staff on devices and technology Employ a Network Manager or company to oversee problems that arise or future expansion

Lab Two

Objective: To create a three station sub-network Goal: Read documentation on VBox and download Download and install Windows2008 on VBox to act as server Download and install Windows XP on VBox to act as a client Download and install Ubuntu on VBox to act as a second client Establish network connectivity between the server and the two clients Course of Action: 1. Downloaded and installed VBox onto hard drive 2. Downloaded and installed Windows2008, Windows XP and Ubuntu onto hard drive 3. Read documentation on VBox 4. Opened VBox and connected the above three Windows Server Installed an add-on called install guest additions Gave it a static IP address of 192.168.2.17 Windows XP Changed the IP address to 192.168.2.18 Ubuntu Checked what the eth no was first in system>Administration>network tools In the command window typed sudo pico /etc/network/interfaces. Asked for password Administrator then entered Auto lo Iface lo inet loopback Auto eth1 this was where you entered the eth no. from network tools Iface eth1 inet static Address 192.168.2.19 Gateway 192.168.2.14 Netmask 255.255.255.0 Network 192.168.2.0 Broadcast 192.168.2.255 Saved it and had to restart the network by sudo/etc/init.d/networking restart Once the above was done then pinged

Problems Pinging was timing out and no connectivity could be established. Resolution After many questions and researching found that the Server and the two clients network settings had to be changed in VBox to Adapter type: pcnet-fast III(Am79c973 Attach to: internal network Firewalls needed to be disabled in XP and win2008 server Once this was done connectivity was established.

Lab Three

Objective: Create sample users and groups on the server and log in as the user from clients with right & permissions Goal: 1. Create 3 user groups with 1 sample user suited to case study 2. Configure the network on client machines so users can log on using accounts created on the server 3. Users to have access to one logical drive for personal storage and access to two shared drives 4. User to have read/write and execute rights on one drive and read only on the other Course of Action: Server Problems 1. Where to create users and groups so they could be seen from the client machines 2. Where to create partitioning and logical drive 3. Solutions 1. Researched on adding users and groups on win server2008. Found that they needed to be added under Active Directory users and Computers in Server Manager NOT user accounts Created users User User X User XX User XXX userxxx and Groups Email Group userx@windowsreference.int Accounts userxx@windowsreference.int userxxx@windowsreference.int Logon userx Bakery userxx Sales Team

2. Went to Microsoft website and search for create a partition or logical drive and followed the steps

XP Problems 1. Couldnt connect users to server 2. Object name was a challenge was entering the group name , kept getting error message that object (user) couldnt be found Solution 1. Had to change location from entire directory to windowsreference.int 2. Went back to the server to see how I set the users up and realised I needed to enter user name (eg. userx) NOT group name Once I had figured that out users were created Ubuntu Problems 1. The only real problem that I had with Ubuntu was forgetting to change the eth no all the time. Ubuntu wasnt really a problem. The challenge was more finding where everything was. Basically it was the same as windows but reworded differently

Lab Four

Objective: Install and configure a DHCP and DNS server to deliver IP addresses and name resolution for client machines Goal: 1. Install and configure a DHCP and DNS server on the networked server 2. Configure the DHCP server to deliver IP addresses in a range to client/s machine 3. Ensure IP address is obtained from the DHCP server by stopping the service and the expected IP address is not picked up by the client machine 4. Install and configure DNS server and names can be pinged from client/s to server 5. DNS starts automatically when windows server is booted and clients can pick up the IP address after the server Course of Action: In windows server installed and configured DHCP from Roles in Server Manager IP Address range: 192.168.2.1 192.168.2.100 Subnet mask: 255.255.255.0 Default Gateway: 192.168.2.17 Domain Network: windowsreference.int Computer: USERX.windowsreference.int Domain Controller: UserX.windowsreference.int Address Leases: Client1.windowsreference.int Client2.windowsreference.int In windows server installed and configured DNS from Roles in Server Manager The new domain name is windowsreference.int The name of the new forest is windowsreference.int NetBIOS of the domain is USERX I checked to make sure it was correct by going into DHCP server MMC and checking in the address pool and scope options then in the command window typing ipconfig/release and ipconfig /renew. The results show below that client 1 has obtained the IP address automatically and its within the IP address range in the Address Pool on the server.

A double check is to look in Address Leases (as above) and you can see the address that client1 (XP)was given automatically

Lab Five

Objective: Create a firewall on server to block access to all unauthorised and unnecessary services Goal: 1. Create a list of services running on the server as part of previous assessments or running as support services. Find the protocol and port IDs of these 2. Test all services to ensure they operate correctly 3. Using server or Ubuntu to deny all except the required ports 4. Need to allow access to ICMP but once firewall is operating correctly and has been fully tested reconfigure to block PING. Test that this works

Resolution ADDS DHCP DNS DHCP client DNS client Protocol TCP TCP TCP UDP Port ID 588 1724 1736 TCP 944 1224

1. Tested the above worked correctly by in Client 1 typing in the command

window telnet UserX and the port number 2. Going into windows firewall settings then exceptions you can untick the ports not required 3. Local Security Policies/IP security Policies on Local computer you can set up BLOCK PING Problems The main problem was not knowing or understanding what and where to go. This was by far the hardest Lab worksheet. A lot of how we got this to work was through http://www.petri.co.il/windows-server-2008.htm.

Lab Six

Objective: Activate and schedule a backup system to back up user and shared directories Goal: 1. Configure and schedule a backup system for your organisation. 2. Backup data and all essential files that is required to get your network running ASAP in case of a disaster. 3. Make a list of the files/directories that you think are important and have included in the backup. 4. Run backup at a non-intrusive time of the day at regular intervals so that it doesnt affect the daily operations of the network. Server Install backup features in Server Manager Created three Batch files Batch: xcopy "C:\Windows/winsxs" "M:\registry\%date:~0,3%\" /C/E/H/R/K/M/Y/ Batch1: xcopy "C:\Program Files" "M:\backup\%date:~0,3%\" /C/E/H/R/K/M/Y/ xcopy "C:\PerfLogs" "M:\backup\%date:~0,3%\" /C/E/H/R/K/M/Y/ xcopy "C:\Users" "M:\backup\%date:~0,3%\" /C/E/H/R/K/M/Y/ Batch2: xcopy "Q:\" "M:\SharedFiles\%date:~0,3%\" /C/E/H/R/K/M/Y/ xcopy "U:\" "M:\SharedFiles\%date:~0,3%\" /C/E/H/R/K/M/Y/ Used task scheduler to create backups and scheduling

Problems Found there wasnt enough space available in C drive, had to create a backup file on the hard drive. Solutions Connected by using the command net use m\\vboxsvr\SYSTEM BACKUP

Lab Seven

Objective: Install and configure an operational email server on your network. Goal: 1. Providing email services to 3 users who may log in and access those services from an email client. 2. The users should be able to access their emails from an email client such as thunderbird or MSoutlook as well as from a web browser. Server Connected to the internet and downloaded Surge Mail and installed. Setup the user accounts User X userx@windowsreference.int User XX userxx@windowsreference.int User XXX userxxx@windowsreference.int

Problems Solutions

XP Problems 1. Couldnt connect to Surge Mail Solutions Ubuntu Problems Error message cannot connect to server Solutions 1. Had the wrong sending protocol, needed to change it to POP from IMAP 2. Had to change server name from windowsreference to Userx.windowsreference.int 3. Typed USERX.windowsreference.int where it should have been Userx windowsreference.int

Lab Eight
Objective: Configure remote server administrator and perform typical tasks remotely from clients Goal: 1. Configure and use remote server administration from both client machines 2. Use terminal services on server logged in as a non admin user to access applications on server Course of Action: Set up the remote settings in system, adding the users that can connect from another computer other than the administrator. From the server logging into Remote Desktop Connection entering in the IP address for Client 1 and Client2 and the same back from the Clients to the server. Server Problems No problems XP Problems No problems. Set up was similar to the server Ubuntu Problems No problems with Ubuntu either. Set up the different users in Terminal Server Solutions

Lab Nine

Objective: Install and configure a Web Server Goal: 1. Install and configure a web server and test it with a basic index page for the bakery as a minimum. 2. You should be able to load the page with the name as well as with the ip address of the server. 3. Access the index page from both clients Course of Action: Server Install IIS from Roles in Server Manager In IIS Manager created a site called windowsreference and in C drive created a folder called windowsreference.int. Created a .html file called Baker and saved in folder windowsreference.int in C drive. Problems 1. Entered either the IP or server name into the address bar online it displayed the default .html page from IIS. Would not display the file I created for the Bakers. Solutions 1. Looked at the view source from the default .html page and found it could be located in C:/inetpub/wwwroot. Deleted the IIS file and added the Baker.html file. XP Problems 1. Kept getting error message 404 online. Solutions Researched my problem and found I needed to create a folder windowsreference.int in C drive. Ubuntu Problems 1. Also wouldnt connect Solutions 1. Found that I had spelt my domain name wrong in the Terminal Server. Realised by chance that the server leaves off the e in windowsreference (WINDOWSREFERENC/ADMINISTRATOR). Corrected the spelling and it worked.