Beruflich Dokumente
Kultur Dokumente
Active Directory was introduced to the world in the mid-1990s by Microsoft as a replacement for Windows NT-style user authentication. Windows NT included a flat and non-extensible domain model which did not scale well for large corporations It is a directory in both the common use of the term like a white pages (you can add in a persons first name, last name, phone number, address, email address, etc) and a directory of information for use by applications and services (such as Microsoft Exchange for email). AD is functionally a place to store information about people, things (computers, printers, etc), applications, domains, services, security access permissions, and more. Applications and services then use the directory to perform a function If a user account is disabled in Active Directory, the directory itself is just setting a flag which Windows uses to disallow a user from logging in.
Basic Active Directory Components At its core, Active Directory needs structure to work properly. It provides the basic building blocks for people to build their own directory. These basic building blocks of
Active Directory include domains, domain controllers, trusts, forests, organizational units, groups, sites, replication, and the global catalog
Understanding Forests At the top of the Active Directory structure is a forest. A forest holds all of the objects, organizational units, domains, and attributes in its hierarchy. Under a forest are one or more trees which hold domains, OUs, objects, and attributes.
As illustrated in this image, there are two trees in the forest. You might use a structure like this for organizations with more than one operating company. You could also design a structure with multiple forests, but these are for very specific reasons and not common. Domains At the heart of the Active Directory structure is the domain. The domain is typically of the Internet naming variety (e.g. Learnthat.com), but you are not forced to stick with this structure you could technically name your domain whatever you wish. Microsoft recommends using as few domains and possible in building your Active Directory structure and to rely on Organizational Units for structure. Domains can contain multiple nested OUs, allowing you to build a pretty robust and specific structure Domain Controllers In Windows NT, domains used a Primary Domain Controller (PDC) and Backup Domain Controller (BDC) model. This had one server, the PDC, which was in charge while the other DCs where subservient. If the PDC failed, you had to promote a BDC to become the PDC and be the server in charge.
In Active Directory, you have multiple Domain Controllers which are equal peers. Each DC in the Active Directory domain contains a copy of the AD database and synchronizes changes with all other DCs by multi-master replication. Replication occurs frequently and on a pull basis instead of a push one. A server requests updates from a fellow domain controller. If information on one DC changes (e.g. a user changes their password), it sends signal to the other domain controllers to begin a pull replication of the data to ensure they are all up to date. Servers not serving as DCs, but in the Active Directory domain, are called member servers. Active Directory requires at least one Domain Controller, but you can install as many as you want (and its recommended you install at least two domain controllers in case one fails). Organizational Units An Organizational Unit (OU) is a container which gives a domain hierarchy and structure. It is used for ease of administration and to create an AD structure in the companys geographic or organizational terms.
Organizational Units An OU can contain OUs, allowing for the creating of a multi-level structure, as shown in the image above. There are three primary reasons for creating OUs: Organizational Structure: First, creating OUs allows a company to build a structure in Active Directory which matches their firms geographic or organizational structure. This permits ease of administration and a clean structure.
Security Rights: The second reason to create an OU structure is to assign security rights to certain OUs. This, for example, would allow you to apply Active Directory Policies to one OU which are different than another. You could setup policies which install an accounting software application on computers in the Accounting OU. Delegated Administration: The third reason to create OUs is to delegate administrative responsibility. AD Architects can design the structure to allow local administrators certain administrative responsibility for their OU and no other. This allows for a delegated administration not available in Windows NT networks.
Groups Groups serve two functions in Active Directory: security and distribution. A security group contains accounts which can be used for security access. For example, a security group could be assigned rights to a particular directory on a file server. A distribution group is used for sending information to users. It cannot be used for security access.
There are three group scopes: Global: Global scope security groups contains users only from the domain in which is created. Global security groups can be members of both Universal and Domain Local groups. Universal: Universal scope security groups can contain users, global groups, and universal groups from any domain. These groups are typically used in a multi-domain environment if access is required across domains. Domain Local: Domain Local scope groups are often created in domains to assign security access to a particular local domain resource. Domain Local scope groups can contain user accounts, universal groups, and global groups from any domain. Domain Local scope groups can contain domain local groups in the same domain.
Installation Requirements
In this section, we will look at the installation requirements of Active Directory. Installing AD isnt a complex process, but the design and configuration can be. Here are the requirements for installing Active Directory on Windows Server 2003: An NTFS partition with enough free space An Administrators username and password NIC with Network Connection Properly configured TCP/IP (IP address, subnet mask and optional default gateway) An operational DNS server (which can be installed on the DC itself) A Domain name that you want to use Windows Server 2003 CD media or the i386 Folder Installing Active Directory Please note: these installation instructions are for a brand new domain not for adding a server as a member server or domain controller in an existing domain. Following these instructions in a production network is not recommended. We are going to review the AD installation process from a clean install of Windows Server 2003. You may have already set some of these settings, so look through the steps and perform any tasks you have failed to do. Set Network Settings 1. This server will be both a domain controller and a DNS server, so we are going to set a static IP address. 2. Click Start, Control Panel, Network Connections and select your network connection. 3. Click Properties.
5. Enter in your static IP address information and preferred DNS servers. Notice one of the DNS servers I listed is the server itself this will be a DNS server in a minute. 6. Click OK. 7. Click Close. 8. Click Close. 9. Click Start. Right-click on My Computer and select Properties. 10. Click on the Computer Name tab. 11. Click on the More button.
12. Enter in the domain name you are going to be using for your AD domain in the Primary DNS suffix of this computer text field. 13. Click OK. 14. Click OK. Acknowledge that you have to reboot and click OK. 15. Click Yes to the prompt asking you if you wan t to reboot. Install the DNS Service
16. On the Manage Your Server window, select Add or remove a role. (Dont see this window at startup? Find it at Start > All Programs > Administrative Tools > Manage Server) 17. Click Next.
18. Click DNS Server and click Next. 19. Click Next. 20. Insert your Windows Server 2003 setup cd and click OK. 21. Navigate to where the i386 folder is and click OK.
25. Name your zone with your domain name. Click Next. 26. Accept the default filename and click Next. 27. Click Allow both nonsecure and secure dynamic updates. Click Next.
28. Select whether or not this DNS server should forward queries. If you use an ISP for DNS resolution for Internet sites, enter in your ISPs DNS servers in the first option. If this DNS server will resolve all queries, select the second option. Click Next. 29. Click Finish. 30. Click Finish. 31. Congratulations! You have setup a DNS server! Setting Up Active Directory 32. On the Manage Your Server window, click Add or remove a role. 33. Click Next. 34. Select Domain Controller (Active Directory) and click Next. 35. Click Next. 36. Click Next when the Active Directory wizard opens. 37. Click Next.
41. Enter in a NetBIOS name or accept the default and click Next.
42. Click Next to accept the default locations for the database and log, or select a location for these files. 43. Enter a location for the Shared System Volume and click Next.
47. Click Next. 48. The wizard will configure Active Directory. 49. Click Finish to complete the wizard. 50. Click Restart Now. Congratulations, you have now completed the Active Directory wizard and AD is installed Creating Organizational Units As we discussed earlier, Organizational Units provide a mechanism to design a hierarchical structure within your Active Directory environment. Once you have designed your AD structure, you are ready to create the OUs in the environment. 1. Click Start > Administrative Tools > Active Directory Users and Computers. 2. Double-click the domain name to open it up.
3. You will see a default structure with no Organizational Units. Right-click on the domain name and select New > Organizational Unit.
4. Enter the name of the OU you want to create and click OK.
5. You will now see the OU you just created. Continue the process and build out the top level OUs.
6. You now have a structure from which to build your organizational structure. For a small organization, we would create a Users and Computers organizational unit under each of the top level OUs. 7. Right-click on Accounting and select New > Organizational Unit and enter in Computers. Click OK. Repeat this process for the Users OU.
8.   ; Now repeat the process for each department and you will have a structure of OUs created
2.
3.
4. 5.
Type the appropriate information in the dialog box. Select or clear the check boxes for: User must change password at next logon
6.
To open Computer Management, click Start, click Control Panel, double-click Administrative Tools, and then double-click Computer Management
Once you have entered the values in the first page of the New ObjectUser dialog box, click Next. The second page of the dialog box, shown in Figure 3-2, allows you to enter the user password and to set account flags.
Figure
2.
3. 4. 5.
Right-click the user account for which you want to reset the password, and then click Set Password.
Read the warning message, and if you want to continue, click Proceed.
In New password and in Confirm password, type a new password and then click OK.
2.
3.
4.
Right-click the user account you want to change, and then click Properties.
To disable the selected user account, select the Account is disabled check box. To activate the selected user account, clear the Account is disabled check box.
Moving a User
If a user is transferred within an organization, it is possible that you might need to move his or her user object to reflect a change in the administration or configuration of the object. To move an object in Active Directory Users and Computers, select the object and, from the Action menu, choose Move. Alternatively, you can right-click the object and select Move from the shortcut menu.
up files and folders or shutting down a computer. A permission is a rule associated with an object (usually a file, folder, or printer), and it regulates which users can have access to the object and in what manner. You cannot use Local Users and Groups to view local user and group accounts once a member server has been promoted to a domain controller. However, you can use Local Users and Groups on a domain controller to target remote computers (that are not domain controllers) on the network. Use Active Directory Users and Computers to manage users and groups in Active Directory.
Guest account
The Guest account is used by people who do not have an actual account on the computer. A user whose account is disabled, but not deleted, can also use the Guest account. The Guest account does not require a password. The Guest account is disabled by default, but you can enable it. You can set rights and permissions for the Guest account just like any user account. By default, the Guest account is a member of the default Guests group, which allows a user to log on to a server. Additional rights, as well as any permissions, must be granted to the Guests group by a member of the Administrators group. The Guest account is disabled by default, and it is recommended that it stay disabled. The primary account used to establish a Remote Assistance session. This account is created automatically when you request a Remote Assistance session and has limited access to the computer. The HelpAssistant account is managed by the Remote Desktop Help Session Manager service and will be automatically deleted if no Remote Assistance requests are pending. For more information about Remote Assistance, see Administering Remote Assistance.
For more information about how to assign home folders, see Assign a home folder to a local user account. When upgrading servers from Windows NT 4.0 or earlier, programs that have stored documents in the home folder will continue to open and save documents in the home folder. However, if a program is installed after you have upgraded, the program uses My Documents to open and save files.
Backup
Backing up and restoring data
Backup is a utility that you can use to back up and restore user data Step Review key concepts and prepare to back up data. Verify that you are logged on as a member of the Backup Operators group or Administrators group. Verify that you can connect to all shared folders on other computers that need to be backed up. Note: you cannot back up another computer's System State or another domain controller. If you are using an external storage device, verify that it is compatible with products in the Windows Server 2003 family. Confirm that it is connected directly to the computer that is performing the backup and that the computer is turned on. If you are backing up to a tape, insert the required tape into the tape drive. If you are backing up to a disk drive, verify that there is enough available space. If you are backing up an Encrypted File System (EFS), first back up the designated recovery agent's EFS private key (the PKCS #12 file) to ensure the successful recovery of encrypted data in case of a disaster such as a system failure. To back up files manually, use the Backup or Restore Wizard or click the Backup tab in the Backup UI to select files to backup. To back up files automatically, use the schedule feature in backup. Export a certificate with the private key Check the hardware compatibility information in Support resources. Reference Backup Concepts Identify members of a local group
Types of backup
Types of backup
The Backup utility supports five methods of backing up data on your computer or network. Copy backup A copy backup copies all the files you select, but does not mark each file as having been backed up (in other words, the archive attribute is not cleared). Copying is useful if you want to back up files between normal and incremental backups because copying does not affect these other backup operations. Daily backup A daily backup copies all the files that you select that have been modified on the day the daily backup is performed. The backed-up files are not marked as having been backed up (in other words, the archive attribute is not cleared). Differential backup A differential backup copies files that have been created or changed since the last normal or incremental backup. It does not mark files as having been backed up (in other words, the archive attribute is not cleared). If you are performing a combination of normal and differential backups, restoring files and folders requires that you have the last normal as well as the last differential backup. Incremental backup An incremental backup backs up only those files that have been created or changed since the last normal or incremental backup. It marks files as having been backed up (in other words, the archive attribute is cleared). If you use a combination of normal and incremental backups, you will need to have the last normal backup set as well as all incremental backup sets to restore your data. Normal backup A normal backup copies all the files you select and marks each file as having been backed up (in other words, the archive attribute is cleared). With normal backups, you only need the most recent copy of the backup file or tape to restore all of the files. You usually perform a normal backup the first time you create a backup set. Backing up your data using a combination of normal backups and incremental backups requires the least amount of storage space and is the quickest backup method. However, recovering files can be time-consuming and difficult because the backup set might be stored on several disks or tapes. Backing up your data using a combination of normal backups and differential backups is more time-consuming, especially if your data changes frequently, but it is easier to restore the data because the backup set is usually stored on only a few disks or tapes.
Ntbackup
For information about other command-line utilities, see Command-line reference A-Z.
The first time you launch the backup utility, it runs in Wizard mode, as shown in Figure 7-1. This chapter focuses on the more commonly used Backup Utility interface. If you agree with most administrators that it is easier to use the standard utility than the wizard, clear the Always Start In Wizard Mode check box, and then click Advanced Mode.
As you can see on the utilitys Welcome tab in Figure 7-2, you can back up data man_ually (the Backup tab) or using the Backup Wizard. You can also schedule unattended backup jobs. The Backup Utility is also used to restore data manually (the Restore And Manage Media tab) or using the Restore Wizard. The Automated System Recovery (ASR) Wizard, which backs up critical operating system files, will be discussed later in this book.
This lesson focuses on data backup planning and execution, and to explore the capa_bility of the Backup Utility we will use the Backup tab, as shown in Figure 7-3, rather than the Backup Wizard.
Figure 7-
Some applications manage storage consistency differently while files are open, which can affect the consistency of the files in the backup. For critical applications, consult the application documentation or your provider for
information about the recommended backup method. When in doubt, shutdown the application before performing a backup. It is highly recommended that you perform backups when server usage is low. For example, perform backups late at night.
Shared Folders
Shared Folders
You can use the Shared Folders snap-in to manage shared resources over a network. With Shared Folders you can control user access permissions, session activity, and shared resource properties.
For tips about using Shared Folders, see Best practices for Shared Folders. For help with specific tasks, see Shared Folders How To.... For general background information, see Shared Folders Concepts. For problem-solving instructions, see Troubleshooting Shared Folders
Disk Quotas
Disk quotas
You use disk quotas to monitor and limit disk space use on NTFS volumes
Apply disk quota limits according to realistic disk space requirements for your users. Start by classifying users by the amount of disk space that you anticipate they will require (for example, users who work with scanned photographs or artwork may require a large amount of disk space). Next, structure your volumes by those classes, and then use disk quotas to limit the amount of disk space allowed for the users on each volume. Ensure that you have enough disk space to accommodate both existing users and future additions. Each file stored on the volume can use up to 64 kilobytes (KB) of NTFS metadata that is not applied to a user's quota limit. To avoid running out of disk space, ensure that there is sufficient disk space to accommodate this metadata.
accounts than to force some users to work with a quota limit that does not meet their needs. User Policies occupy at least 2 megabytes (MB) of disk space, so you should set the default limits for all user accounts above 2 MB.
2. 3.
2. 3. 4. 5.
On the Quota tab, click the Enable quota management check box.
Select one or more of the following options, and then click OK:
1. 2.
In the Map Network Drive dialog box, in the Folder box, type the path to the volume on the remote computer for which you want to manage disk quotas, and then click Finish.
3. 4. 5. 6.
Right-click the remote volume for which you want to manage disk quotas, and then click Properties.
The Quota Entries window appears. Each row in the list contains information for a user of the volume. Notes
To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider
using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.
1. 2.
On the Computer Name tab, click Change. On the Computer Name Changes dialog box, select Domain and enter the name of the domain in the text box, as shown in Figure 1 below. In this example, the computer currently named hq-res-wrk-o1 is joined to the Reskit domain.
1.
2.
Figure 1. Joining a computer to a domain. Provide user name and password credentials to show you have the appropriate permissions to join the desired domain.
3.
When the Welcome to the domain message appears, click OK. You will need to restart you computer for the change to take effect.
This article describes how to convert FAT disks to NTFS. See the Terms sidebar for definitions of FAT, FAT32 and NTFS. Before you decide which file system to use, you should understand the benefits and limitations of each of them. Changing a volume's existing file system can be timeconsuming, so choose the file system that best suits your longterm needs. If you decide to use a different file system, you must back up your data and then reformat the volume using the new file system. However, you can convert a FAT or FAT32 volume to an NTFS volume without formatting the volume, though it is still a good idea to back up your data before you convert. Note Some older programs may not run on an NTFS volume, so you should research the current requirements for your software before converting.
2.
In the command window, type help convert and then press ENTER. Information about converting FAT volumes to NTFS is made available as shown below.
Converting FAT volumes to NTFS To convert a volume to NTFS from the command prompt 1. Open Command Prompt. Click Start, point to All Programs, point to Accessories, and then click Command Prompt.
2.
For example, typing convert D: /fs:ntfs would format drive D: with the ntfs format. You can convert FAT or FAT32 volumes to NTFS with this command. Important Once you convert a drive or partition to NTFS, you cannot simply convert it back to FAT or FAT32. You will need to reformat the drive or partition which will erase all data, including programs and personal files, on the partition. Top of page Related Links
Terms
Top of page
File Allocation Table (FAT) A file system used by MS-DOS and other Windows-based operating systems to organize and manage files. The file allocation table (FAT) is a data structure that Windows creates when you format a volume by using the FAT or FAT32 file systems. Windows stores information about each file in the FAT so that it can retrieve the file later. FAT32 A derivative of the file allocation table (FAT) file system. FAT32 supports smaller cluster sizes and larger volumes than FAT, which results in more efficient space allocation on FAT32 volumes. NTFS File System An advanced file system that provides performance, security, reliability, and advanced features that are not found in any version of FAT. For example, NTFS guarantees volume consistency by using standard transaction logging and recovery techniques. If a system fails, NTFS uses its log file and checkpoint information to restore the consistency of the file system. In Windows 2000 and Windows XP, NTFS also provides advanced features such as file and folder permissions, encryption, disk quotas, and compression.
How to Share and Set Permissions for Folders and Files Using Windows XP
1.
2.
Open My Documents in Windows Explorer. Click Start, point to All Programs, point to Accessories, and then click Windows Explorer. Click the folder you want to share. Click Share this folder in File and Folder Tasks. In the Properties dialog box select the radio button Share this folder to share the folder with other users on your network, as shown in Figure 1 below.
3. 4.
5.
To change the name of the folder on the network, type a new name for the folder in the Share name text box. This will not change the name of the folder on your computer. Note The Sharing option is not available for the Documents and Settings, Program Files, and Windows system folders. In addition, you cannot share folders in other users profiles.
1.
Open Windows Explorer, and then locate the file or folder for which you want to set permissions. To open Windows Explore click Start, point to All Programs, point to Accessories, and then click Windows Explorer.
2.
Right-click the file or folder, click Properties, and then click the Security tab as shown in Figure 2 below.
Figure 2. Setting file and folder permissions 3. To set permissions for a group or user that does not appear in the Group or user names box, click Add. Type the name of the group or user you want to set permissions for and then click OK, as shown in Figure 3 below.
Figure 3. Adding new group or user permissions 4. To change or remove permissions from an existing group or user, click the name of the group or user and do one of the following, as shown in Figure 2 above:
Notes
To allow or deny a permission, in the Permissions for...box, select the Allow or Deny check box. To remove the group or user from the Group or user names box, click Remove.
In Windows XP Professional, the Everyone group no longer includes Anonymous Logon. You can set file and folder permissions only on drives formatted to use NTFS. To change permissions you must be the owner, or have been granted permission to do so by the owner. Groups or users granted Full Control for a folder can delete files and subfolders within that folder regardless of the permissions protecting the files and subfolders.
If the check boxes under Permissions for user or group are shaded or if the Remove button is unavailable, then the file or folder has inherited permissions from the parent folder. When adding a new user or group, by default, this user or group will have Read & Execute, List Folder Contents, and Read permissions.
Shadow copy
Fig1
table that describes where the partitions are located on the disk. Because MBR is the only partition style available on x86-based computers, it is used automatically and you do not need to choose this style. Itanium-based computers running the 64-bit versions of Windows Server 2003 use a new partition style called the globally unique identifier (GUID) partition table (GPT). The GPT partition style supports partitions up to 2 terabytes and 128 partitions per disk. Note
You can use the 64-bit versions of Windows Server 2003 to manage MBR disks and GPT disks. However, you cannot start the 64-bit versions of Windows Server 2003 from an MBR disk.
After you install a new disk, you must choose a partition style and storage type to use on the disk. Your choices vary according to which operating system you are running and whether the computer is an x86-based computer or an Itanium-based computer. The following table lists the storage types and partition styles that are available for each version of Windows Server 2003. Storage Types and Partition Styles Available in Windows Server 2003
Operating System Windows Server 2003, Standard Edition Windows Server 2003, Enterprise Edition Windows Server 2003, Datacenter Edition Windows Server 2003, Web Edition The 64-bit version of Windows Server 2003, Enterprise Edition The 64-bit version of Windows Server 2003, Datacenter Edition
Basic Volumes
The introduction of GPT makes understanding the partition styles a bit more challenging, but most disk-related tasks are unchanged. You can still use basic disks and dynamic disks as you did in Windows 2000, and these storage types are available on disks that use either partition style. The Disk Management snap-in differentiates between partition styles by referring to disks that use the master boot record as MBR disks and disks that use the GUID partition table as GPT disks. The following figure shows how Disk Management displays GPT and MBR disks in an Itanium-based computer. How Disk Management Displays GPT and MBR Disks on an Itanium-based Computer
A defragmenter is a program that allows a user to rearrange the contents of his/her computer files. Computers store information by spreading files throughout a hard drive and then locating and accessing that information when it is needed. When that information is spread too thin due to empty spaces in the hard drive or duplicate files, the computers performance may be effected. By rearranging those files in order for all of the information to be located in the same sector of the hard drive and deleting unnecessary files, a defragmenter can significantly improve the computers speed. The defragmenter included with the Windows Operating System can be found by opening the Start Menu, opening All Programs, clicking on Accessories, clicking on System
Tools, and selecting Disk Defragmenter. What is Disk Cleanup Disk Cleanup is a feature provided by the Windows Operating System that allows users to delete files that are not needed. For example, Disk Cleanup is capable of deleting the users web history, temporary Internet files, cookies, and saved form data, in addition to removing unused desktop icons, disabling unused services, and deleting programs that are no longer in use. By freeing memory that would have otherwise been used to support unnecessary files, Disk Cleanup can improve the users computer speed. Disk Cleanup can be found by opening the Start Menu, opening All Programs, clicking on Accessories, clicking on System Tools, and selecting Disk Cleanup, which is directly above Disk Defragmenter. What Is Antivirus Software Antivirus software refers to any program that is able to locate, recognize, and remove malicious software such as viruses, trojans, worms, spyware, and keyloggers. Antivirus software usually has a built-in database of known viruses and uses that to find malicious software located on the users computer. Malicious software slows down the users computer by taking up unnecessary space and memory as well as specifically attacking the registry and files that allow specific programs to run. By removing malicious software from a computer, antivirus software is able to significantly increase the computers performance and speed.
Clientserver model
The clientserver model of computing is a distributed application structure that partitions tasks or workloads between the providers of a resource or service, called servers, and service requesters, called clients.[1] Often clients and servers communicate over a computer network on separate hardware, but both client and
server may reside in the same system. A server machine is a host that is running one or more server programs which share their resources with clients. A client does not share any of its resources, but requests a server's content or service function. Clients therefore initiate communication sessions with servers which await incoming requests
Description
The clientserver characteristic describes the relationship of cooperating programs in an application. The server component provides a function or service to one or many clients, which initiate requests for such services. Functions such as email exchange, web access and database access, are built on the clientserver model. Users accessing banking services from their computer use a web browser client to send a request to a web server at a bank. That program may in turn forward the request to its own database client program that sends a request to a database server at another bank computer to retrieve the account information. The balance is returned to the bank database client, which in turn serves it back to the web browser client displaying the results to the user. The clientserver model has become one of the central ideas of network computing. Many business applications being written today use the clientserver model. So do the Internet's main application protocols, such as HTTP, SMTP, Telnet, and DNS. The interaction between client and server is often described using sequence diagrams. Sequence diagrams are standardized in the Unified Modeling Language. Specific types of clients include web browsers, email clients, and online chat clients. Specific types of servers include web servers, ftp servers, application servers, database servers, name servers, mail servers, file servers, print servers, and terminal servers. Most web services are also types of servers. What is Server : The history of servers moves parallel to the history of computer networks. The computer networks allow multi systems to communicate with each other at the same time and its evolution was expected to assign some computers with some serving role where all other computers that are in direct interaction with the human users, perform as clients. Servers have grown along with
the development and growth of networks. To do the job of serving, servers and associated software are manufactured The history of servers moves parallel to the history of computer networks. The computer networks allow multi systems to communicate with each other at the same time and its evolution was expected to assign some computers with some serving role where all other computers that are in direct interaction with the human users, perform as clients. Servers have grown along with the development and growth of networks. To do the job of serving, servers and associated software are manufactured The origin of server is to serve - technically means that the specific computer is serving all those computers that are present in its network. It facilitates them by making queue of the printing command of several computers at a time and also acts like a file server for those applications that are accessed by the online terminals. Today the role of server is similar to that of microcomputers of the past which are now substituted. For this role many servers are appointed but this allocation does not limit the role of a server as many other roles can be assigned to the server simultaneously. For instance we can take the example of a small office where a desktop computer can serve all other computers present within the office while simultaneously serving as a workstation for some employee. Types of servers - What are the types of servers available with brief information Typically servers are of four types: FTP servers, proxy servers, online game servers and web servers. Server networking model or client is used by many systems together with email services and web sites. Peer to peer networking, a substitute model, makes all computers to work like servers and clients simultaneously. You can better understand a server by these examples. Name servers gives information about internet host names, FTP servers keep hold on FTP sites and provide files to does users who request for it, mail servers are responsible for delivering e-mails, web servers are bound to send web pages where list servers are programmed to administrate mailing lists. Servers are physically like other computers where their hardware configuration is specifically optimized to make them most appropriate for their role. In many servers the hardware installed is alike the hardware of any other normal computer but the software run in the server is far more different form the software that are installed in other computers. Additional processing, storage capacity and memory are commonly configured in the network servers to improve its capacity to handle clients other computers on the network The underlying hardware or software for a system that drives the server is called a server platform. Instead of operating system, the term server platform is used. Application Servers
Application servers have lions share in computer territory between database servers and the end user, where servers are often connected to the two. They are often referred as middleware Middleware is that software which establishes a connection between two separate applications
that are otherwise apart. A number of middleware products can link a database system to a Web server. It enables users to request data from database by the help of those forms that are displayed on Web browser and based on the users profile and request, allowing the Web server to return dynamic Web pages. List Servers To improve the management of mailing lists list servers are used despite of what is there type. Whether they are interactive debates open to the public or one-way lists that deliver newsletters, announcements or advertising. Chat Servers This server enables a number of people to share information in the environment of an internet newsgroup that offer real time discussion capabilities. It is used to refer to a number of different features of computer. To immediately respond to the input real-time operating systems are used. IRC Servers Internet Relay Chat is comprised of various independent networks of servers that allow users to connect to each other via an IRC network. It is an option for those who are seeking real time competence. Fax Servers Those organizations that want to reduce the incoming and outgoing telephone resources; a fax server is an ideal solution. However, there is a need to fax the actual document. Groupware Servers It is software that is designed to make the users able to work together, regardless of their location, through Internet or a corporate Intranet and to work together in a virtual environment. Mail Servers Mail server is as important as web server s and mail servers to send and store mails on the corporate networks through LANs and WANs and across the internet. Telnet Servers By the help of it users log on to a host computer and perform work as if they are working on isolated computer. News Servers They work as source of distribution and delivery for hundreds of available public news groups accessible over the USENET news network. USENET is global bulletin board system that can be approached via internet or via a variety of online services Proxy Servers These servers work in-between a client programme (commonly a Web browser) and an external server (another server on web) to filter requests, improve performance, and share connections. The role played by the server in a network is very significant. An out of order server can halt the interconnectivity of all computers on its network. The rise in the usage of internet in homes and office users along with the increase in corporate computer networks are responsible for boosting the development of server. Servers are used in todays computers and we do not know what will
be there developed form and of course what will be the choice of the upcoming generation. Let us wait and see how will be these serving computers molded in near future
Set up Print Server: There are several ways to setup up print server or printer. Some important ways to setup print server on latest operating systems are given below: 1. First of all turn on all the operating systems on which you want to have access to the print server. After that open the CD- Rom of the main computer or server and insert the CD of print server driver into it. By using a wire connects the main computer with your router to carry on the printing tasks. Then follow the instructions on, the screen and install the print server driver to your computer. If your operating system fails to start the installation of the driver automatically, then click on My Computer and by double clicking on the CD drive icon you can install the required software into your computer and after installation remove the CD of printing software from the CD drive. 2. After installing the print driver, open your router administration interface and assign the static address to it. Then open your browser and open your router administrative interface and enter your IP address into your browser and press Enter. If it works then follows the next instruction and if it doesnt work then you should consult your routers documentation for the proper details of your address. 3. Then click TCP or IP and select the fixed IP address. After that you should select the IP address outside the normal range. Note and store the added IP address because you will need that in future, then click OK or Apply.
4. After apply or OK select automatic configuration of DHCP from the menu and enable the DHCP server under static DNS 1. After selection from menu you would enter the same IP address that you added earlier and then close administrator. 5. Then configure your printer on your personal computer. Open the Control panel by using the Start button present on the Taskbar and click Printer or Faxes, then open the properties of your printer by right clicking the printer icon and click on Sharing but do not share this printer. If you want to install other drivers then click on Install Additional Drivers and then click OK.
6. After sharing go to the Ports and check the different printers next to your printer by clicking the Check box. Click on the Configure Ports button and enter the required IP address which you added earlier during installation. Then click Ok and close the window. 7. To configure the printers on remaining computers you should open the printer and faxes from control panel and follow instructions. To install repeat the step no. 5 and step no.6.
Install the printer driver to the computer first and make sure that we are able to print directly. Follow the steps below after putting the printer and computer back to your network.
1. Click on Start, then Control Panel, then Printers and Faxes. Right click on the Printer and select
Properties.
2. On the printer properties window, select Ports tab and click on Add Port
4. This will bring the Add Standard TCP/IP Printer Port Wizard, click Next
5. In the field for Printer Name or IP Address, type the IP address of the print server and click Next.
Note: You may check other computers printer port to verify the IP address of the print server.
7. Under Protocol field, select LPR. For Queue Name, type L1 depending on what print server port is the
printer connected to.
Note: if youre print server that has 2 or more printer ports, like WGPS606, type L and the number of the printer port used. Example printer is connected to port 2 then you must use L2.
There are many networking devices arte used to carry on the working and the performance of the network. Similarly another networking device takes part in this race that is called as network switch. Basically it is defined as the networking device that able to join or connect the different
fragments of the network and continues networking by forming a bridge between them is called as the network switching. It is also called as the switching hub. Networking switches are generally not applicable on the passive networks. Due to the ability of the forming a bridge between the networking components they are also referred to as the network bridge.
How Network Switch Works? A particular switch can perform different functions such as connecting the network segments or monitoring the networking traffic or also can pass the IP traffic. As we all know that the basic function of the switch is to connect the networking parts so, when they installed properly they are able deal with all the parts of network such as hubs, printers or another networking device that is required to do the communication between two places. So, the function of the networking switch is quite similar to that of the routing device. Network switches are use to transfer the data in the form of data packets between the two different networking devices present in the LAN network. The main advantage of the using the network switch instead of router is that it can organize a network between more then 200 devices. During transformation network switch also monitors the network traffic and manage the network brilliantly. There are different types of layer take part in the networking through switches that perform the particular function of transferring the data.
Types of Network Switch: There are different types of network switch based upon the form and the configuration. On the basis of their form they are categorized into rack mounted, chassis or catalyst switch etc. And on the basis of configuration they are differentiated into managed, unmanaged, smart or enterprise managed switches. Managed Switches: A type of network switch in which different types of methods are used to manage the different parts of the network and can able to upgrade the working and the performance of the switch with the help of common methods of management is called as the managed network switch. Unmanaged Network Switch: Basically these networking switches are designed for those customers that are not able to spend more money because those are less expensive. A type of network switch in which interface is not involved is called as unmanaged network switches. They are designed for the direct use. Smart Switches: Basically the smart network switches are the important types of managed switches in which the specific management features are discussed. Typically these switches re used for the networking devices such as VLANs. They also increase the working ability of the parts connected by the switches Advantages of Network Switch: Due to the reliable and the easy working of the network switches to manage the network by joining the different segments of the network. Some of the particular advantages of the network switching are given below
1. Network switches are very beneficial for the expenditure of the network and can also helpful in decreasing the load from the systems individually 2. They are also helpful for the in maintaining and enhancing the performance of the network using switches 3. In the networking data is transmitted in the form of the data packets and in these cases there are more chances of collision between the packets but network switches are also able to avoid the collision between the data grams
en the networking components they are also referred to as the network bridge.
Another important networking device that takes part in the transmission of data is called as the networking switches. Typically they are defined as the networking device that is used to form the bridge or the connection between the different or the specific segments of the network to carry on the working and maintain the performance is referred to as the network switch. Generally they provide no advantage to the passive networks. Due to the ability of forming a bridge between the fragments network switches are also called as the networking bridge. General Comparison between Networking Hubs and Switches: Features Types Hubs Switches
On the basis of networking performance Network switches also have some and the construction, generally networking different types that are really helpful in hubs are categorized into different types. maintaining the performance and the Some of them are as follows working of the connected networks. Major types of switches are given below 1. Active hubs 2. Intelligent hubs 3. Passive hubs 1. Managed switches 2. Unmanaged switches 3. Smart switches
Function
The function of the hub is generally Network switches can also perform the depends upon the configuration and the work similar to hubs but they can installation of the networking devices with different in some aspects. The function it. Networking hubs can perform different that is similar to the hubs is that switches duties of connecting and managing the also help in connecting the different parts networking devices such as printers. There of network. but the features that are are different ports present in the device different from the networking hubs are as through which the systems are connected. follows Traditional hubs can only support the 4 or 5 1. Switches are also able to monitor ports but the modern hub can provide the the whole networking traffic and 16 or 24 ports to the users for the manage the parts of the network expenditure of the network well
2. They are also able to check and monitor the passing IP addresses from them 3. They are also able to perform the routing properties like router. Advantages Some important advantages of the networking hubs are as follows Network switches also have some advantages. These advantages are as 1. Hubs are generally less expensive asfollows compared to different types of other 1. Network switches are used to devices used for the same purposes increase the bandwidth of the network 2. It is very convenient to build the home network with the help of hubs 3. Hubs can provide the opportunity to the users to use their old and the useless thing with the help of networking hubs 4. networking hubs arte generally helpful in expand the networking area well 2. Switches are also reduce the work load on the network 3. As we know that data packets are involved in the transmission of the data, so network switches also reduce the collision between them 4. network switches are also very helpful in increasing the performance of the whole network by decreasing the load on the individual computers
What is TCP/IP ?
What is TCP/IP? The protocol that allows the sharing of resource among cooperate computers across a network is known as TCP/IP. The protocol was developed by a bunch of researchers settled around the ARPAnet. It is beyond doubts that the ARPAnet is until now the best TCP/IP network. Interestingly, more than 130 vendors has equipments to support TCP/IP till June, 1987 and the protocol was utilized by thousands of networks
Dynamic Host Configuration Protocol (DHCP) is a standard protocol defined by RFC 1541 (which is superseded by RFC 2131) that allows a server to dynamically distribute IP addressing and configuration information to clients. Normally the DHCP server provides the client with at least this basic information: IP Address Subnet Mask Default Gateway
Other information can be provided as well, such as Domain Name Service (DNS) server addresses and Windows Internet Name Service (WINS) server addresses. The system administrator configures the DHCP server with the options that are parsed out to the client.
Functioning of DHCP DHCP follows a client-server architecture model. The DHCP server has a pool of IP addresses and these IP Addresses are allocated to it's clients. For larger networks, the DHCP server also know about the subnets and default gateway is there.If a station is started and there is a DHCP-enabled client, a reduced role in its mode of the TCP/IP stack driven. This does not have a valid IP address, no subnet mask and no default gateway. The only thing the client can make is IP broadcasts to send. The DHCP client sends a UDP packet with the destination address 255,255,255,255 and the source address 0.0.0.0. This serves as a broadcast address to request any available DHCP server. The UDP packet contains the hardware address (MAC address) of the station. Each main DHCP server sends a UDP packet with the following data: MAC address of the client Possible IP address Duration of the IP address Subnet Mask IP address of the DHCP server / server-ID
From the selection of possibly more than one DHCP server looks for the DHCP-client an IP address out. Then it sends a positive message to the appropriate DHCP server. All other servers receive the message and just go by the adoption of the IP address for the benefit of another server. Subsequently, the assignment of IP address from the DHCP server to be confirmed. Once the DHCP client has the confirmation, it stores the data locally from. Finally, the TCP/IP stack fully launched.But not only the data to the TCP/IP network, DHCP can be awarded to the client.
2. 3.
In Subcomponents of Networking Services, select the Domain Name System (DNS) check box, click OK, and then click Next.
4.
If prompted, in Copy files from, type the full path to the distribution files, and then click OK.
Required files are copied to your hard disk. Notes To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
To open the Windows Components Wizard, click Start, click Control Panel, double-click Add or Remove programs, and then click Add/Remove Windows Components. Certain Windows components require configuration before they can be used. If you installed one or more of these components but did not configure them, when you click Add/Remove Windows Components, a list of components that need to be configured is displayed. To start the Windows Components Wizard, click Components.
It is recommended that you manually configure the computer to use a static IP address. If the DNS server is configured to use DHCP-assigned dynamic addresses, when the DHCP server assigns a new IP address to the DNS server, the DNS clients configured to use that DNS server's previous IP address will be unable to resolve the previous IP address and locate the DNS server.
After you install a DNS server, you can decide how to administer it and its zones. Although you can use a text editor to make changes to server boot and zone files, this method is not recommended. The DNS console and the DNS command-line tool, dnscmd, simplify maintenance of these files and should be used whenever possible. Once you begin using console-based or command-line management of these files, manually editing them is not recommended. For more information, see Related Topics.
DNS zones stored in Active Directory can be administered using the DNS console or the dnscmd command-line tool only. These zones cannot be administered using a text editor.
If you uninstall a DNS server hosting Active Directory-integrated zones, these zones will be saved or deleted according to their storage type. For all storage types, the zone data is stored on other domain controllers or DNS servers and will not be deleted unless the DNS server that you uninstall in the last DNS server hosting that zone.
If you uninstall a DNS server hosting standard DNS zones, the zone files will remain in the systemroot\system32\Dns directory, but they will not be reloaded if the DNS server is reinstalled. If you create a new zone with the same name as an old zone, the old zone file is replaced with the new zone file.
When writing DNS server boot and zone data to text files, DNS servers use the Berkeley Internet Name Domain (BIND) file format recognized by legacy BIND 4 servers, not the more recent BIND 8 format.
Note If the DNS server is also an Active Directory Domain Services (AD DS) domain controller, primary zones and stub zones can be stored in AD DS. See Understanding Active Directory Domain Services Integration for more information. The following sections describe each of these zone types.
Primary zone
When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS. When the zone is stored in a file, by default the primary zone file is named zone_name.dns and it is located in the %windir%\System32\Dns folder on the server.
Secondary zone
When a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary source for information about this zone. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone. This DNS server must have network access to the remote DNS server that supplies this server with updated information about the zone. Because a secondary zone is merely a copy of a primary zone that is hosted on another server, it cannot be stored in AD DS.
Stub zone
When a zone that this DNS server hosts is a stub zone, this DNS server is a source only for information about the authoritative name servers for this zone. The zone at this server must be obtained from another DNS server that hosts the zone. This DNS server must have network access to the remote DNS server to copy the authoritative name server information about the zone.
You can use stub zones to: Keep delegated zone information current. By updating a stub zone for one of its child zones regularly, the DNS server that hosts both the parent zone and the stub zone will maintain a current list of authoritative DNS servers for the child zone. Improve name resolution. Stub zones enable a DNS server to perform recursion using the stub zone's list of name servers, without having to query the Internet or an internal root server for the DNS namespace. Simplify DNS administration. By using stub zones throughout your DNS infrastructure, you can distribute a list of the authoritative DNS servers for a zone without using secondary zones. However, stub zones do not serve the same purpose as secondary zones, and they are not an alternative for enhancing redundancy and load sharing. There are two lists of DNS servers involved in the loading and maintenance of a stub zone: The list of master servers from which the DNS server loads and updates a stub zone. A master server may be a primary or secondary DNS server for the zone. In both cases, it will have a complete list of the DNS servers for the zone. The list of the authoritative DNS servers for a zone. This list is contained in the stub zone using name server (NS) resource records. When a DNS server loads a stub zone, such as widgets.tailspintoys.com, it queries the master servers, which can be in different locations, for the necessary resource records of the authoritative servers for the zone widgets.tailspintoys.com. The list of master servers may contain a single server or multiple servers, and it can be changed anytime
Understanding Zones
Applies To: Windows Server 2008, Windows Server 2008 R2 In addition to dividing your Domain Name System (DNS) namespace into domains, you can also divide your DNS namespace into zones that store name information about one or more DNS domains. A zone is the authoritative source for information about each DNS domain name that is included in the zone. A zone starts with a single DNS domain name. If other domains are added below the initial domain, these domains can either be part of the same zone or belong to another zone. That is, when you add a subdomain, you can either include it as part of the original zone, or you can delegate it away to another zone that you create to support the subdomain. For example, the following illustration shows the microsoft.com domain, which contains domain names for Microsoft. When the microsoft.com domain is first created at a single server, it is configured as a single zone for all of the Microsoft DNS namespace. If, however, the microsoft.com domain must use subdomains, those subdomains must be included in the zone or delegated away to another zone.
In this illustration, the example.microsoft.com domain has a new subdomainthe example.microsoft.com domain delegated away from the microsoft.com zone and managed in its own zone. However, the microsoft.com zone must contain a few resource records to provide the delegation information that references the DNS servers that are authoritative for the delegated example.microsoft.com subdomain. If the microsoft.com zone does not use delegation for a subdomain, any data for the subdomain remains part of the microsoft.com zone. For example, the subdomain dev.microsoft.com is not delegated away, but it is managed by the microsoft.com zone.
Start a zone
Updated: January 21, 2005 Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To start a zone
Using the Windows interface 1. Open DNS. In the console tree, click the applicable zone.
2.
Where?
3. 4.
Notes
DNS/applicable DNS server/Forward Lookup Zones (or Reverse Lookup Zones)/applicable zone
To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
To open DNS, click Start, click Control Panel, double-click Administrative Tools, and then double-click DNS. By default, zones are started when created or loaded at the server. Only zones that have previously been paused need to be restarted.
When the Domain Name System (DNS) server role is installed as part of creating a domain controller by installing Active Directory Domain Services (AD DS), the forward lookup zones that are required to support the domain are automatically created. Creating a forward lookup zone is only necessary when you create a DNS server that is not running on a domain controller or if you need to create a DNS domain that is not part of your Active Directory domain structure. When you create a forward lookup zone, you must designate the zone as a primary, secondary, or stub zone: A primary zone is a zone that is maintained on this server. A secondary zone is a copy of a zone that is maintained on the primary server for the zone. Secondary zones help provide load balancing and fault tolerance for DNS zones. A stub zone source only for information about the authoritative name servers for this zone because it contains only pointers to other DNS servers that are authoritative for the zone. For more information about zone types, see Managing a Forward Lookup Zone. Although a zone and a domain are logically separate, creating a zone begins with creating a domain. After you create a zone, you can then add additional domains (that is, subdomains) to the zone. Typically, the name of the zone and the name of the first domain in the zone are the same. After you add a subdomain to a zone, you can then manage and include it as part of the original zone records, or you can delegate it away to another zone that you create to support the subdomain. See Delegating a Zone for more information about zone delegation. When you create a zone, you can choose whether or not to allow dynamic updates (that is, automatic updates to the zone that occur when clients add their own resource records to or remove their resource records from the zone. You can configure Active Directoryintegrated zones to accept only secure dynamic updates. To complete this task, perform the following procedure:
To add a forward lookup zone using the Windows interface 1. Open DNS Manager. To open DNS Manager, click Start, point to Administrative Tools, and then click DNS.
2.
3.
In the console tree, right-click a DNS server, and then click New Zone to open the New Zone Wizard. Follow the instructions in the wizard to create a new primary zone, secondary zone, or stub zone.
Using the Windows interface 1. Open DNS. In the console tree, right-click a DNS server, and then click New Zone to open the New Zone Wizard.
2.
3.
Using the Windows interface 1. Open DNS. In the console tree, right-click a DNS server, and then click New Zone to open the New Zone Wizard.
2.
3.
Delete a zone
Updated: January 21, 2005 Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To delete a zone
Using the Windows interface 1. Open DNS. In the console tree, click the applicable zone.
2.
Where?
3. 4.
Caution
DNS/applicable DNS server/Forward Lookup Zones (or Reverse Lookup Zones)/applicable zone
When asked to confirm that you want to delete the zone, click OK.
Deleting an Active Directory-integrated zone effectively deletes the zone and eliminates its use at all other DNS servers using the same directory store of zone data.
2. 3. 4.
In the console tree, right-click the new domain controller and click New Zone. In the New Zone Wizard, click Next to continue. On the Zone Type page, select Secondary zone and click Next.
5. 6. 7. 8.
Ensure that Forward lookup zone is selected. Click Next. For Zone name, type _msdcs.forestrootdomain (where forestrootdomain is the fully qualified domain name of the forest root domain), and click Next. In the Master DNS Servers dialog box, enter the IP addresses of at least two DNS servers in the forest root domain. Click Next. Review the settings you defined, and click Finish to close the wizard
VPN
(pronounced as separate letters) Short for virtual private network, a network that is constructed by using public wires to connect nodes. For example, there are a number of systems that enable you to create networks using the Internet as the medium for transporting data. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted. How is a server different from a desktop? What are storage area networks? Can I use a high-end desktop in place of a server? How do you know when you need a server? VPN Do I need more than one server?
Many people mistakenly believe that a server is no different from a typical desktop computer. This couldn't be further from the truth. While almost any computer that meets the minimum hardware requirements can run a server operating system that alone does not make a desktop computer a true server. Even if the desktop computer had similar processor speeds, memory and storage capacity compared to a server, it still isn't a replacement for a real server. The technologies behind them are engineered for different purposes
A Storage Area Network (SAN) is a high-speed subnetwork of shared storage devices. Many IT organizations today debate whether the advantages of implementing a storage area network (SAN) justify the associated costs. So, should you be moving away from your current storage strategy and towards a Storage Area Network (SAN)? Continue reading to learn about the storage area network and its role in modern network environments
Once you've determined that your business needs a server, one of the first questions you should ask is whether or not you can use a high-end desktops instead of having to invest in a new server. This is a common question, especially during these times of limited resources and tight budgetary constraints. While a high-end PC can often work and function as a server in a pinch, especially for certain roles such as file serving, there are several reasons a dedicated server makes a better long-term investment. Some of a dedicated server's key advantages over a high-end PC include: Reliability and Performance Scalability Security Long-term Cost Savings
Slide 1 of 5
When using a server for your small business, one benefit you'll realize is that a server can be customized and configured to meet your specific needs and budget. Many file and print servers (the most common type of server for small business needs) will not cost much more than a high-end desktop (see How is a Server Different from a Desktop?). Proper planning will ensure you purchase a server with enough power. The number of servers required depends on how much server processing power you need to support your number of users and applications you run.
Onc e you've determined that your business needs a server, one of the first questions you're likely to have involves how much the new server will cost. While the server and its hardware costs are the numbers you're most likely to see quoted, in most cases these represent only a small part of the total cost of ownership for a new server. The three main components to a server's overall costs are: - Cost of hardware - Cost of server operating system and applications - Cost to administer
Do I Need a Server?
Slide 1 of 5
Does your business have more than 5 employees? If your answer is Yes, then your business should be using a server network. Continue reading to better understand the benefits of server technology. While implementing a network is not a trivial or inexpensive undertaking, the benefits you gain by adding a server to your computing environment far outweigh any shortcomings.
1.
On the computer that is running Windows XP, confirm that the connection to the Internet is correctly configured.
For more information about how to test your Internet configuration, click the following article number to view the article in the Microsoft Knowledge Base: 314067 (http://support.microsoft.com/kb/314067/ ) How to troubleshoot TCP/IP connectivity with Windows XP
2. 3. 4. 5. 6. 7.
8.
Click Start, and then click Control Panel. In Control Panel, double-click Network Connections. Click Create a new connection. In the Network Connection Wizard, click Next. Click Connect to the network at my workplace, and then click Next. Click Virtual Private Network connection, and then click Next. If you are prompted to, do one of the following:
If you use a dial-up connection to connect to the Internet, click Automatically dial this initial connection, and then click your dial-up Internet connection from the list.
If you use a full-time connection such as a cable modem, click Do not dial the initial connection.
9.
Click Next.
10. Type the name of your company or type a descriptive name for the connection, and then click Next. 11. Type the host name or the Internet Protocol (IP) address of the computer that you want to connect
to, and then click Next.
12. Click Anyone's use if you want the connection to be available to anyone who logs on to the
computer, or click My use only to make it available only when you log on to the computer, and then click Next.
13. Click to select the Add a shortcut to this connection to my desktop check box if you want to
create a shortcut on the desktop, and then click Finish.
14. If you are prompted to connect, click No. 15. In the Network Connections window, right-click the new connection. 16. Click Properties, and then configure more options for the connection:
If you are connecting to a domain, click the Options tab, and then click to select the Include Windows logon domain check box to specify whether to request Windows logon domain information before you try to connect.
If you want the computer to redial the connection if the line is dropped, click the Options tab, and then click to select the Redial if line is dropped check box.
To use the connection, follow these steps: 1. Use one of the following methods:
Click Start, point to Connect To, and then click the new connection. If you added a connection shortcut to the desktop, double-click the shortcut on the desktop.
2.
If you are not currently connected to the Internet, Windows offers to connect to the Internet. After your computer connects to the Internet, the VPN server prompts you for your user name and password. Type your user name and password, and then click Connect. Your network resources should be available to you in just like they are when you connect directly to the network.
3.
4.
To disconnect from the VPN, right-click the icon for the connection, and then click Disconnect.
Note If you cannot connect to shared resources on the remote network by computer, you can use the remote computer's IP address to connect by using UNC (\\<IP_Address>\Share_name). Edit the hosts file in the Windows\System32\Drivers\ folder, and add an entry to map the remote server's name to its IP address. Then use the computer name in a UNC connection (\\Server_name\Share_name).
Step 2 Choose the Create a Restore Point menu option on the initial program dialogue box followed by the Next menu button. Step 3 Enter a descriptive filename for the restore point followed by the Create menu button. Step 4 Cancel the restore point creating by clicking the Back menu button. To continue with finalizing the restore point generation, follow the default menu prompts on the subsequent dialogue boxes.
Firewalls have helped protect computers in large companies for years. Now, they're a critical component of home networks, as well. See more Basically, a firewall is a barrier to keep destructive forces away from your property. In fact, that's why its called a firewall. Its job is similar to a physical firewall that keeps a fire from spreading from one area to the next. As you read through this article, you will learn more about firewalls, how they work and what kinds of threats they can protect you from.
routing
(n.) In internetworking, the process of moving a packet of data from source to destination. Routing is usually performed by a dedicated device called a router. Routing is a key feature of the Internet because it enables messages to pass from one computer to another and eventually reach the target machine. Each intermediary computer performs routing by passing along the message to the next computer. Part of this process involves analyzing a routing table to determine the best path. Routing is often confused with bridging, which performs a similar function. The principal difference between the two is that bridging occurs at a lower level and is therefore more of a hardware function whereas routing occurs at a higher level where the software component is more important. And because routing occurs at a higher level, it can perform more complex analysis to determine the optimal path for the packet
router
(rowter) (n.) A device that forwards data packets along networks. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP??s network. Routers are located at gateways, the places where two or more networks connect. Routers use headers and forwarding tables to determine the best path for forwarding the packets, and they use protocols such as ICMP to communicate with each other and configure the best route between any two hosts. Very little filtering of data is done through routers. See "Common Router Settings" in the Quick Reference section of Webopedia. See also Webopedia's "Did You Know... Routers, Switches and Hubs: What's the Difference?"
When you send e-mail to a friend on the other side of the country, how does the message know to end up on your friend's computer, rather than on one of the millions of other computers in the world? Much of the work to get a message from one computer to another is done by routers, because they're the crucial devices that let messages flow between networks, rather than within networks.
Let's look at what a very simple router might do. Imagine a small company that makes animated 3-D graphics for local television stations. There are 10 employees of the company, each with a computer. Four of the employees are animators, while the rest are in sales, accounting and management. The animators will need to send lots of very large files back and forth to one another as they work on projects. To do this, they'll use a network. When one animator sends a file to another, the very large file will use up most of the network's capacity, making the network run very slowly for other users. One of the reasons that a single intensive user can affect the entire network stems from the way that Ethernet works. Each information packet sent from a computer is seen by all the other computers on the local network. Each computer then examines the packet and decides whether it was meant for its address. This keeps the basic plan of the network simple, but has performance consequences as the size of the network or level of network activity increases. To keep the animators' work from interfering with that of the folks in the front office, the company sets up two separate networks, one for the animators and one for the rest of the company. A router links the two networks and connects both networks to the Internet.
NAT is described in general terms in RFC 1631. which discusses NAT's relationship to Classless Interdomain Routing (CIDR) as a way to reduce the IP address depletion problem. NAT reduces the need for a large amount of publicly known IP addresses by creating a separation between publicly known and privately known IP addresses. CIDR aggregates publicly known IP addresses into blocks so that fewer IP addresses are wasted. In the end, both extend the use of IPv4 IP addresses for a few more years before IPv6 is generally supported.
Short for Network Address Translation, an Internet standard that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. A NAT box located where the LAN meets the Internet makes all necessary IP address translations. NAT serves three main purposes: Provides a type of firewall by hiding internal IP addresses Enables a company to use more internal IP addresses. Since they're used internally only, there's no possibility of conflict with IP addresses used by other companies and organizations.
you are reading this article, you are most likely connected to the Internet and viewing it at the HowStuffWorks Web site. There's a very good chance that you are using Network Address Translation (NAT) right now. The Internet has grown larger than anyone ever imagined it could be. Although the exact size is unknown, the current estimate is that there are about 100 million hosts and more than 350 million users actively on the Internet. That is more than the entire population of the United States! In fact, the rate of growth has been such that the Internet is effectively doubling in size each year. So what does the size of the Internet have to do with NAT? Everything! For a computer to communicate with other computers and Web servers on the Internet, it must have an IP address. An IP address (IP stands for Internet Protocol) is a unique 32-bit number that identifies the location of your computer on a network. Basically, it works like your street address -- as a way to find out exactly where you are and deliver information to you. When IP addressing first came out, everyone thought that there were plenty of addresses to cover any need. Theoretically, you could have 4,294,967,296 unique addresses (232). The actual number of available addresses is smaller (somewhere between 3.2 and 3.3 billion) because of the way that the addresses are separated into classes, and because some addresses are set aside for multicasting, testing or other special uses.
Network Address Translation helps improve security by reusing IP addresses. The NAT router translates traffic coming into and leaving the private network. See more pictures of computer networking.
NAT Configuration
NAT can be configured in various ways. In the example below, the NAT router is configured to translate unregistered (inside, local) IP addresses, that reside on the private (inside) network, to registered IP addresses. This happens whenever a device on the inside with an unregistered address needs to communicate with the public (outside) network.
An ISP assigns a range of IP addresses to your company. The assigned block of addresses are registered, unique IP addresses and are called inside global addresses. Unregistered, private IP addresses are split into two groups. One is a small group (outside local addresses) that will be used by the NAT routers. The other, much larger group, known as inside local addresses, will be used on the stub domain. The outside local addresses are
used to translate the unique IP addresses, known as outside global addresses, of devices on the public network.
IP addresses have different designations based on whether they are on the private network (stub domain) or on the public network (Internet), and whether the traffic is incoming or outgoing.
Most computers on the stub domain communicate with each other using the inside local addresses. Some computers on the stub domain communicate a lot outside the network. These computers have inside global addresses, which means that they do not require translation. When a computer on the stub domain that has an inside local address wants to communicate outside the network, the packet goes to one of the NAT routers. The NAT router checks the routing table to see if it has an entry for the destination address. If it does, the NAT router then translates the packet and creates an entry for it in the address translation table. If the destination address is not in the routing table, the packet is dropped. Using an inside global address, the router sends the packet on to its destination. A computer on the public network sends a packet to the private network. The source address on the packet is an outside global address. The destination address is an inside global address. The NAT router looks at the address translation table and determines that the destination address is in there, mapped to a computer on the stub domain. The NAT router translates the inside global address of the packet to the inside local address, and sends it to the destination computer.
NAT overloading utilizes a feature of the TCP/IP protocol stack, multiplexing, that allows a computer to maintain several concurrent connections with a remote computer (or computers) using different TCP or UDP ports. An IP packet has a header that contains the following information:
Source Address - The IP address of the originating computer, such as 201.3.83.132 Source Port - The TCP or UDP port number assigned by the originating computer for this packet, such as Port 1080
Destination Address - The IP address of the receiving computer, such as 145.51.18.223 Destination Port - The TCP or UDP port number that the originating computer is asking the receiving computer to open, such as Port 3021
The addresses specify the two machines at each end, while the port numbers ensure that the connection between the two computers has a unique identifier. The combination of these four numbers defines a single TCP/IP connection. Each port number uses 16 bits, which means that there are a possible 65,536 (216) values. Realistically, since different manufacturers map the ports in slightly different ways, you can expect to have about 4,000 ports available.
With the explosion of the Internet and the increase in home networks and business networks, the number of available IP addresses is simply not enough. The obvious solution is to redesign the address format to allow for more possible addresses. This is being developed (called IPv6), but will take several years to implement because it requires modification of the entire infrastructure of the Internet. This is where NAT (RFC 1631) comes to the rescue. Network Address Translation allows a single device, such as a router, to act as an agent between the Internet (or "public network") and a local (or "private") network. This means that only a single, unique IP address is required to represent an entire group of computers. But the shortage of IP addresses is only one reason to use NAT. In this edition of HowStuffWorks, you will learn more about how NAT can benefit you. But first, let's take a closer look at NAT and exactly what it can do...
le ISDN connections into a single Internet connection.