Networking Final Project

 

This is going to be 2/3 of your final test grade, which is 60% of your overall grade for the Semester. Please note:

F  Written portfolio and drawings, implementation on your LAN: 20%  Note that this is REQUIRED to get the English Cross Credit in this class.

F  Benchmarks: 60%

F  Written test: 20%

 

Read the case study below and do the following:

 

1.     Design a network topology that answers all of the needs of the customer. Create a network portfolio to present to the customer. This portfolio should include all of the following:

a.     A cover page with your company name and logo on it.

b.    An outline of the needs of your customer with your solution to meeting those needs.

c.     A network drawing with all components properly labeled, including

                                          i.    Cabling

                                         ii.    Speed

                                        iii.    Servers (label the role of each server)

                                        iv.    Hardware

                                         v.    Topologies; logical and physical

d.    A spreadsheet of prices of:

                                          i.    Hardware

                                         ii.    Cabling

                                        iii.    Servers

                                        iv.    Client access licenses for all versions of Windows 2003 Server and Windows XP Professional Workstation

                                         v.    CALs for Terminal Services use

                                        vi.    CALs for all workstations

                                       vii.    Internet access

                                      viii.    Domain name purchase/lease

e.     A proposal for the setup of user accounts, groups, and organizational units.

                                          i.    A description of the proposed username syntax.

                                         ii.    A list of groups created for the network.

                                        iii.    A list of organizational units created for the network.

f.     Group policies to be implemented within the domain—A complete list.

g.    Set up the Active Directory structure within your virtual server.

 

When you have made all of these decisions you must create a network together with your partners that emulates the network you are designing. While you may work together on all parts of this project, each student MUST turn in a portfolio that is their own work and completely separate from every other student, no exceptions.

 

Grammar, punctuation, and spelling do count on this. You are proposing this project to a CUSTOMER. Make it look and sound good. It must be ENTIRELY your own work.

 

Case Study

Sno Isle Skills Center

Background
The Sno Isle Skills Center is a Technical High School that serves 800 students, has 35 teachers and support staff providing instruction in Career and Technical Skills.

 

The Skills Center is located in four buildings.

 

Building One houses:

C  Computers, Servers, and Network—A high tech program for students interested in careers in IT

o    24 lab computers

o    24 production computers

o    5 servers Server 2008

§  2 Active Directory servers

§  1 Server that houses DHCP and WINS

§  1 Dfs Server that houses files that are spread out across all 5 servers, this also acts as the file server

o    Two networks

§  192.168.1.0

§  10.25.0.0

·         Subnetted to 255.255.0.0

·         This is the ENTIRE staff network on this site.

o    One teachers station

o    One demonstration station

C  Computer Web Programming—A program for students who are interested in careers in programming and webpage design

o    26 lab computers

o    1 Demonstration Station

o    1 Teachers station

o    1 file server

o    2 printers

o    Two networks

§  192.168.4.0

§  10.25.0.0

·         Subnetted to 255.255.0.0

·         This is the ENTIRE staff network on this site.

C  Server Room for Sno Isle

o    3 student servers

§  Sitech1—Active Directory

§  Sitech2—Backup AD

§  Sicad—Runs programs for the Precision machining program

·         Mastercam

·         Solidworks

·         Both programs require a dongle that activates the hasp. The dongles are USB and look like flash drives

o    1 Staff Server

§  Snoisland

§  File server for on-site staff

C  Medical Assisting

o    24 lab computers

o    1 demonstration station

o    1 teachers station

o    3 Printers

§  1 teacher

§  1 color laser

§  1 regular laser

C  Robotics

o    24 lab computers

o    1 demonstration station

o    1 teachers station

C  Nurses assisting

o    8 lab computers

o    1 teachers station

o    2 printers

C  Dental assisting

o    1 teachers station

o    1 laptop for demonstration

o    24 lab computers

o    2 printers

o    1 laptop that interfaces with DEXA X-Ray Machine

C  Study Center

o    8 lab computers

o    1 teachers station

C  Testing center

o    1 administrative computer

o    2 testing computers

o    Prints to printer in study center

C  Administration

o    Six administration computers

o    3 mobile laptop/projector stations

o    1 printer for each station

 

Building Two houses:

C  Precision Machining

o    24 lab computers

o    1 file server

o    Hardware that uses Mastercam and Solidworks

o    Must retain connection to SICAD

o    2 printers

C  Diesel Mechanics and Auto Technology

o    These programs share 24  student computers

o    5 Netbooks

o    Wireless network

o    3 teachers stations

o    3 printers

 

Building Three Houses

C  Construction Trades

o    1 teacher computer

o    1 teacher laptop

o    4 student laptops

o    1 printer

C  Fire Technology

o    12 student computers

o    1 demonstration station

o    1 teacher station

o    2 printers

 

Building Seven Houses

C  Fashion Merchandising

o    8 student computers

o    1 teachers station

o    1 custom embroidery machine that interfaces with one computer

o    2 printers

C  Veterinary Technician

o    1 teacher computer

o    6 student computers

o    2 printers

 

Building One in 2009 sustained irreparable damage in a devastating fire. They lost all of their equipment as well as all media. They have now rebuilt and are moving everything back to the rebuilt buildings. They have hired YOU to set up the network. Where do you start?

 

Existing IT Overview
All buildings were wired using three T1s to communicate among them. The building that burned contained the main trunk for phones and data. Data and phone have been restored via on site tech staff and Verizon.

 

Client/Server LAN Environment
There are two discreet networks on campus; Sno.tech and Si.tech. There were three servers that served sno.tech; sitech1, sitech2, and sicad. There is one server that serves si.tech; snoisland.

 

We currently have one server at West Campus and one at Main. Both will need to be relocated to the server room at main which will be in building one. The server room and wiring closet is currently in building two.

 

You will need to decide on and install needed services such as DNS, WINS, AD, DHCP, Dfs, etc.

 

Applications
The new computers will all run Office 2007, deployed via Group Policy. Other software is needed in different classrooms. You will need to determine what software will be needed.

 

Using a DFS structure on the student side, set up shares to handle things like commonly needed software, and other shares that you determine.

 

INTERVIEW DISPLACED TEACHER
I got lots of new computers this year, but they all need to be moved and we need to make sure they all work by the first day of school. Can you ensure this? How?

 

Also we, apparently, lost ALL of the student data. There was a backup plan, but the backups burned up! What can we do in case something like this happens again? Do we have a new backup plan?

 

The old network was slow. Can we get a faster network?


IT Manager
I am running around like a chicken with my head cut off. Everyone wants to have everything five minutes ago, and I can’t get much completed due to the interruptions.

 

I need your help with “triage” of all the tasks that need to be done to rebuild. Please present to my staff a timeline of when things will get done and in what priority.

 

Office staff will be moving from portables into offices in building one. They are going to need all of the following done:

 

·         Installing software

·         Installing printers

·         Fixing individual student computer needs in a working lab (one or two bad computers)

·         Recreating the domain structure

·         Rejoining computers to the domain from the buildings not affected

·         Setting up student stations from affected classes

o    Which classes need their computers first and why

o    Which classes can wait a little and why

·         Setting up staff machines for communication and required reporting

·         New IP structure or old?

·         Recreating student accounts…do we do all of them, some for some classrooms and individual accounts for others? How do we do this as quickly as possible?

·         Updating Windows on all machines without taking the network to a crawl


USER
Network seems very slow at times. Sometimes it takes several minutes to find a resource such as a file or a printer. Locating servers on the network is also a very slow process especially during the morning hours. The best part is when the network goes completely down. At that point we just fire up solitaire…

 

School Network Vision: General Requirements
All network services must provide redundancy for fault tolerance. A single protocol must be used in the client/server network. This protocol must be scalable enough to meet any anticipated growth.


All buildings need to be networked together; however network traffic must be minimized between building 1 and building 2 due to the slow coaxial backbone between the buildings until new cabling is laid, which will happen in July. The inside also needs cabling. What should we go with to maximize bandwidth without compromising a school b udget?

 

All computers need to be moved and set up in the classrooms in building 1. Building 2 has Robotics, Police, and math setup already, but the rest of the courses will need to be set up.

 

All teachers will have client computers that are running Windows XP. Windows 7 is going to be tested in the early Fall and hopefully we’ll put it in the entire school by semester.

 

Sometimes we have guests come who need to use the computers. Set up a plan so they can use Study Center computers without compromising the security of our network, using a simple login.

 

Because in a school, student data is confidential any remote access traffic must be secure and only authorized users must be allowed to dial in. The strongest possible encryption must be used for all connections.


Internet access is a must, but data must be filtered. We need a hardware solution for this. Is there a gateway that would work?

 

All workstations (except the four in manufacturing) should be updated to Windows  7 by semester. All servers should be updated to Windows 2008 Server. All new hardware will be a MINIMUM of 64 bit dual core processors. What specs should we get all those computers?

 

Switches and routers will be GB capable, but older ones may still be only 100 Mbps.

Existing computers range from Pentinum III with 512 MB RAM to Pentium IV with 1 GB of RAM. They are running Windows XP Workstation with all service packs applied. Build in suggestions for future upgrades.

 

They must have an Active Directory structure set up that allows them to secure their student records, and control the access of their users. They would like the domain organized in a reasonable fashion that allows the users access only to things they need.


Restrictions
The backbone between buildings 1 and 2 is gone. The backbone between 2 and 3 is old, but stable. It cannot be replaced at this time, but we’d like it replaced down the line.

 

Workstation access to servers must be fault tolerant.

 

A budget has been allowed for new equipment; at most 2 servers.

A budget has been allowed for new software.


Enough money is available to upgrade existing OS on all systems. All licensing requirements must be met. Be sure to include the cost of OS licenses and Client Access Licenses (CALs).

 

One of the remote locations that the school is looking at uses Novell Netware as their network operating system. Connectivity between the Sno Isle computers and the Novell network must take place at some point. Demonstrate how this could occur using a software solution (free).

Anticipated growth
As much as 50% over the next 5 years with growth in students and personnel as programs are added. The programs to be added will require at least two full computer labs.


The physical location is growing slightly as building one will be complete in July. The new programs include:

 

·         Airplane Technician (8 lab computers, one teacher station)

·         Two more classes in

o    Medical Assisting (28 lab stations, one teacher station)

o    Fire Safety (10 lab computers, one teacher station)

·         Digipen Programming (28 lab computers, one demo station, one teacher station)

·         Autobody Collision Repair (10 lab computers, 5 netbooks, one teacher station)

·         Each program must have a printer available to both teacher and students, but remember they are on separate subnets.

·         You choose laptops/netbooks/desktops and justify the choice.

 

Create a project plan to deal with all of the company needs and be prepared to present it to the company within two weeks.

 

Network Setups

Create a network that emulates the company layout. Each building will be its own domain in one tree. Each domain should be on a separate subnet.

 

Set up the following in your networks:

F  RRAS with a VPN

F  Active Directory (one in each domain with replication among the domains)

F  DHCP (one in each domain)

F  WINS (one in each domain)

 

Also set up all policies, create 25 users in each domain. Create all groups and organizational units. Assign permissions to folders within the domain.

 

When both domains are set up and completed, create a TRUST relationship between your two domains. It should be a non-transitive trust so that Sno.Tech trusts Si.Tech, but not the other way around.

 

Create a global group in Si.Tech that will allow users to access a folder named “Staff Lounge Secrets” in the Sno.Tech domain. Create a domain local group within Sno.Tech that will contain that global group. Assign permissions appropriately. (Remember Microsoft’s rule.)

 

See your benchmarks sheet for all of the requirements of this final!

 

 

New Stuff

Wow, there is new stuff on this project! That’s odd…well actually it isn’t. Often you are called upon to implement a new technology that you’ve not worked with before.

 

However in the interest of time, I’m going to give you resources for installing these services and the purpose of them.

 

Service

Purpose

Installation Instructions

Routing and Remote Access

RRAS is a service that allows you to set up your server as a proxy server to connect to the Internet, as a software router, or setting up a VPN.
  1. Log into your DC
  2. Create a new OU named Remote Access.
  3. Create a new user named Bucky Kat and go into his profile and click the Dial In tab. Under Network Access Permission select “Allow access.”
  4. In that same OU create a group named RAS and put Bucky in that group.
  5. Create a new folder named RAS. Share that folder as RAS. Give full
  6. Access your device manager to ensure that all of your communications devices are working.
  7. Start the Routing and Remote Access program from your Administrative Tools.
  8. Select your server. Right click and select “Configure and Enable Routing and Remote Access.
  9. Do not select “Virtual Private Network (VPN) Server. There is a bug in the wizard that incorrectly configures routing. Instead choose Manually Configured Server. (For more information on the bug, see the Microsoft Knowledge Base article Q243374.)
  10. When the RRAS wizard is finished, click Finish. You are going to configure stuff manually, but this has just activated your server as a RRAS server.
  11. Start RRAS when prompted. An MMC interface will open that looks like this:

 

  1. Right click on your server and select properties.
  2. Click the IP tab.
  3. You are going to add some addresses that you can pass out to your clients as they log on. Click Static Address Pool.
  4. Click Add.
  5. Start your IP address at 192.168.x.100 and end it at 192.168.x.200. (Where x=the number of your server.)
  6. Allow RAS to select the adapter. (This will use your NIC setup to assign DHCP, WINS, DNS, and Default Gateway information on your client when they RRAS in.)
  7. You want to keep an eye on what your users are doing for security reasons, so click the Event Logging tab. Select Log the maximum amount of information. Doing this will also help you troubleshoot connectivity problems If you have them.
  8. Close that dialog box. Next you need to configure your ports. Remember you have five PPTP ports and five L2TP ports.
  9. Right click Ports and select properties.
  10. Let’s configure PPTP. Select WAN Miniport (PPTP).
  11. Click on Remote access connections (inbound only). Choose how many people you want porting in at one time. Click OK.
  12. You choose not to use IPSec, so open your L2TP WAN miniport and set it for 0 ports.
  13. Tell it “Yes” you want to disconnect current inbound connections. No biggie. No one is using it anyhow.
  14. Click OK to close the Ports dialog box.
  15. You should see your new ports you just configured in your MMC console.
  16. Let’s go down and configure logging.
  17. Click on Remote Access Policy. Click Remote Access Logging. In the right pane you’ll see Local File. Right click that and select properties.
  18. Select Log Authentication Requests so you can check out who is trying to access your network. Click OK.
  19. Now if your network was on the Internet, your users could access the network from their homes with the same security and access as they would have from within the office.
  20. Note: VPN connections can be really slow from home, even over a broadband connection. Also note, if they don’t have permissions to access something in the network, they can’t access it from home either.

 

Configure a VPN Client

Allows your workstation to load into your VPN through the Internet.

Take the following steps to configure a Virtual Private Network (VPN) client:

  1. Run Network and Dial-up Connections from Start Menu > Settings > Network and Dial-up Connections.
  2. In the Network and Dial-up Connections folder, double-click the Make New Connection icon.

    i2101044c
  3. In the welcome screen of the Network Connection Wizard, click the Next button.

    i2101044d
  4. On the Network Connection Type page, click the Connect to a private network through the Internet radio button, and click the Next button.

    i2101044e
  5. On the Public Network page, click the “Automatically dial this initial connection” radio button, and click the Next button.

    i2101044f
  6. On the Destination Address page, specify the IP address or name of the host computer to which you want to connect, and click the Next button.

    i2101044g
  7. On the Connection Availability page, specify the users who can use this connection, and click the Next button.

    i2101044h
  8. On the Completing the Network Connection Wizard page, specify a name for the connection, and click the Finish button.

Set disk quotas

When you have a large network you want to limit the amount of hard drive space the users use on your server.

Take the following steps to apply disk quota limit:

  1. Run Windows Explorer from Start Menu > Programs > Accessories > Windows Explorer.
  2. In Windows Explorer, right-click the (D:) drive (or the drive your server is on) in the Folders section, and click Properties.

    i2101025b

 

  1. In the <drivename> Properties dialog box, click the Quota tab. On the Quota tab page, select the Enable quota management check box, and specify disk limit space and warning level. Click the Apply button, and click the OK button.

    i2101025c

 

Create a baseline using system monitor

A baseline is how your computer is running when you first set it up. A good administrator will test a computer when setting it up, then test it periodically as part of his/her normal routine.

Take the following steps to create a baseline report:

  1. Run Performance from Start Menu > Programs > Administrative Tools > Performance.

    i2101031a

 

  1. In the Performance console, click Performance Logs and Alerts to expand the tree, right-click Counter Logs, and click New Log Settings.

    i2101031b
  2. In the New Log Settings dialog box, specify a name for the new counter log, and click the OK button.

    i2101031c
  3. On the General tab page of the <counterlogname> dialog box, click the Add button.

    i2101031d
  4. In the Add Counters dialog box, select a performance object from the Performance object drop down list box, and counters from the Select counters from list section, and click the Add button. Click the Close button.

    i2101031e
  5. In the <counterlogname> dialog box, set the counter to sample data every 5 seconds, and click the Log Files tab.

    i2101031f
  6. On the Log Files tab page, specify location for the log file, and uncheck the End file names with check box, and click the OK button.

    i2101031g

 

  1. In the Performance console, click the View Log File Data button on the toolbar to view the log file.

    i2101031h
  2. Close the Performance console.

    i2101031i

Creating a Non-Transitive Trust

 

1.     With the administrator of the other domain, agree on a secure channel password to be used in establishing the trust. (Since you’re the administrator in both domains, talk to yourself and agree. No arguing.)

2.     In the first domain, log on as a member of Domain Administrators.

3.     In Active Directory Domains and Trusts, expand your domain, and then right-click your domain (aka teechur.com.

4.     Click Properties, and then click the Trusts tab.

5.     Next to the Domains trusted by this domain box, click Add.

6.     In the Trusted domain box, type the trusted domain name. If you are adding a Windows 2000 domain, type the full DNS name (teechur.com in this example).

7.     In the Password box, type the agreed-upon password.

8.     In the Confirm password box, retype the password, and then click OK.

9.     A message appears that says the trust cannot be verified. Click OK.

Note: The reason for this error is that Windows is attempting to verify the secure channel. It cannot verify the secure channel at this time because the other side of the trust is not yet created.

10.   Next to the Domains that trust this domain box, click Add.

11.   In the Trusting domain box, type the trusting domain name. If you are adding a Windows 2000 domain, type the full DNS name.

12.   In the Password box, type the agreed-upon password.

13.   In the Confirm password box, retype the password, and then click OK.

14.   A message appears asking if you want to verify the trust. Click Yes.

15.   Click OK to close the Properties sheet.

Note: If the trust is successfully created in the domain, click Yes to verify the trust. If the trust is not created, clicking Yes returns an error. When the trust is created in your domain, the trust takes effect. You do not need to verify the trust for the trust to take effect.

Installing a DHCP Server

 

Complete this after you have installed your Active Directory and DNS Servers.

Windows 2008 uses/installs as default TCP/IP protocol. While in a small home network it is easy to assign manually the IP-addresses (or use the Windows98/ME Auto-IP-configuration and / or the Windows2000 Auto-IP-configuration), you will on an office network like to use the "comfort" of using a DHCP-server to control and manage the distribution of IP-addresses.

Note: on the system, where the DHCP-server is getting installed, you MUST use a static (= manually assigned) IP-address.

·         Before you do this lab, you’re going to make sure your host is NOT connected to the network. Your lab now becomes standalone. No network/Internet access, so you MUST authenticate all OSes before doing this!

·         Give a static IP address to your servers…both of them. They should already have them, but double check. Do not give one to your workstation. That will get an address from your DHCP server. If your workstation has an address, go into the TCP/IP properties for the workstation and set it to automatically obtain IP address.

·         Write down the IP address of your servers:

o    Server Name:

o    IP

o    Server Name:

o    IP

Now let’s install DHCP. Run the Manage Your Server wizard to set up a DHCP server.

m StartàProgramsàAdministrative toolsàServer Manager

m Click on “Roles” in the left pane to add a role. In the right pane click “Add Roles”

http://www.windowsreference.com/images/2008d/1.png

Click next

m  You will see a list of server roles. The ones that are installed will have a check next to them and will be greyed out.

m  http://www.windowsreference.com/images/2008d/3.png

m  Select DHCP server and click next.

An Introduction to DHCP will come up. Read it and answer the following questions:

1.     What does DHCP stand for?

 

2.     What does it “do”?

 

3.     What do you have to have at least one of on your host computer?

 

4.     When should you plan your subnets?

m  Next it will ask you what network connection to bind it to. If you have more than one network card, choose the one that you want to answer the DHCP requests. If you only have one, choose that one. It should say IP Address 192.168.1.x and IPV4 (IP Version 4).

m  http://www.windowsreference.com/images/2008d/6.pngOn the next screen you will be asked to tell it what domain and what DNS server you’re using.

m  Type in your domain name.

m  Type in the IP address of your DNS server that you KNOW works. Click validate to make sure you got it right.

m  Type in the IP address of the OTHER DNS server and validate it.

 

m  We will be using WINS in this network, but for now we won’t set it up. You can change those settings later on. Just click next.

m  Now we get to define a scope. A scope is the IP addresses you will have available in your network to assign to users’ computers and printers and anything that connects to your network. You can’t pass out IP addresses until you define a scope.

m  Scopes should be planned very carefully. You don’t want to end up assigning out the IP address of a computer that has that IP assigned to it statically! That would be bad! So you’re going to use the following IPs on your computers. In our case we’re just going to use the 192.168.1.0 network. Be sure your computers are disconnected from the network, OR create a new virtual network and do NOT bind it to your network card.

m  Click Add to add a new scope.

o    Name the Scope “HappyScope”

o    Make the starting IP address: 192.168.1.10

o    Make the ending IP address: 192.168.1.20

o    Subnet mask: 255.255.255.0

o    Default Gateway: 192.168.1.1

o    Click “Activate this Scope”

o    It is a wired lease so by default it’ll have a 6 day lease. (After six days the IP address returns to the pool if the computer using it doesn’t request to use it again.)

o    You can change that if needed down the road. For example, if you’re setting up DHCP for a coffee shop with wireless, you may want a lease to be as short as an hour.

m  Click OK and the scope gets added and activated! Activation means it can now start sending out addresses right away.

m  Click next.

m  Next it’s going to ask you if you want to assign IPV6 addresses. Leave it in Stateless Mode. Stateless Mode means the computer will assign itself an IPV6 address, if that protocol is installed. So go ahead and ENABLE the stateless mode.

m  Finally you have to authenticate your DHCP in AD so that AD can tell the other computers “Yo, the DHCP server is right here!”

m  Since you’re logged in as an administrator, go ahead and use current credentials.

m  Finally! Whew! You should get a screen that tells you what you’re about to do. Take a screen shot of this page and paste it into Paint (runàmspaint) and save it. That way if something doesn’t work I can take a look at what you did.

m  It’s going to install. Spend some time contemplating the meaning of life, or making modern art with belly button lint. It might take awhile.

After forever and a day you will see something that tells you DHCP has been installed. Well it’s about doggone time! Sheesh! Like we have all day for this kind of stuff. Oh wait, we do. The reason it takes so long is that it is checking to make sure there are services available to fulfill this role (new services have “dependencies” which means they often “depend” on another service to do their job. Just like if you’re working with a partner to make a sandwich. You might “depend” on him to lay out the bread. If he’s not there, you can’t make the sandwich because…no bread.

 

 

 

Configuring your DHCP Server

1.     Select DHCP from the Administrative Tools menu.

2.     You should see that your scope you created (HappyScope) is there. Let’s create another scope.

3.     The first thing you’ll do is define a range of IP addresses called a scope. Your users will be assigned one of these IP addresses when they log on.

4.     Right click on your server and select New Scope in the drop down menu.

1.     http://www.wown.com/helmigj/gif_w2k/w2dhcp12.gifUp comes a wizard (of course). Click next when the first window appears.

2.     Define a name for your scope. Name it domainxx-scope. (If my domain is domain04 I would name my scope domain05-scope.)

3.     Give it a happy description.

4.     Click next. Define a range of IP addresses. You have to make sure your own static IP address is NOT in that range or all sorts of problems will occur.

5.     Use the following syntax for ranges

a.     Start IP address: 192.168.1.100

b.    End IP address: 192.168.1.200

c.     Use the subnet mask 255.255.255.0

d.    Use the DNS of your server IP.

e.     Use the default gateway of your server IP.

6.     Click next. You are going to be asked to define exclusions. These are addresses you do NOT want to give out.

7.     Let’s set an exclusion for the following IP: 192.168.1.150.

8.     Start IP would be 192.168.1.150 and so would End IP.

9.     Set an exclusion as well for your servers so those addresses don’t get assigned.

10.   

11.  http://www.trainsignaltraining.com/wpnew/wp-content/uploads/2008/12/dave_dhcp2/configure-dhcp-006.pngYou are “leasing” your IP addresses for a specific period of time. This is so IP addresses aren’t assigned and never released. Usually 8 days is appropriate. Everyone gets their same IP address for a week, and it is renewed before the lease is up. (Your computer will request a renewal when half the lease time has expired, so even though it’s a DHCP assigned IP address, you usually have the same one all the time.) But if someone comes in and logs in for a day then never returns, the IP address leased to them will remain out of commission for the entire lease. That means if you have a really long lease time you will be using addresses that aren’t really being used.

12.  Let’s set our lease time to 2 days.

13.  Click next. On the next screen you are asked if you want to configure other DHCP options. Say yes and click next. You need to tell the DHCP server to also assign a default gateway and DNS server(s) addresses.

14.  Your default gateway is the same IP address as your server. So type in the IP address of your server. Click Add. Click next.

15.  If you had more than one DNS server or other special servers on a WAN you would want to tell the DHCP server where those other servers are located. Since you don’t have this, leave the next screen as is and click next.

16.  Go ahead and configure your server IP in the WINS server window. We’re going to install WINS next.

17.  If you’re ready for clients to start using your DHCP server you want to activate your scope. If not, you don’t. We are so click Activate Scope on the next screen, then click next.

18.  Is there a typo on that screen? How odd!

19.  Anyhow, you’re done setting up your DHCP server so on the next screen click finish! However, you are not really done. You still have one more thing to do. You have to authorize your DNS server.

20.  In the DHCP applet right click on your server and select Authorize to authorize this server to act as a DHCP server in your domain! Whew! You’re done!

A few more housekeeping items:

1.     Close DHCP and re-open it. You should be able to click on your DHCP server and it should say “running.”

2.     Click your scope. Click the button as indicated below. You want to tell your server to always let DNS know when someone gets a new IP address.

3.     Click the options as shown below. This will ensure your computers can be found by DNS, and that the DNS doesn’t fill up with useless lookup files.

4.     You have to set up your clients to request IP addresses.

a.     Leave this server running.

b.    Boot up your workstation.

c.     Make sure the TCP/IP v4 properties are set to get IP address automatically.

5.     On the workstation, open the command prompt.

6.     Type IP config /all

7.     If your IP address starts with 169 and it says autoreconfiguration address then something went wrong. Go back and check a few things:

a.     Go into the properties of your network card and ensure it says “Obtain IP address automagically.”

b.    Go to the server and make sure there is a green arrow on the server name. If it is red, it isn’t completely authorized.

c.     Try restarting the server.

8.     Type ipconfig /release this will release the IP address.

9.     Type ipconfig /renew this will do the DHCP request process and obtain an IP address.

10.  Keep working on this until your workstation is getting an IP address from YOUR server! Remember your scope? It must be within those numbers so if your scope was 192.168.1.5-192.168.1.20 and the IP address assigned is 192.168.5.4 then you’re getting an IP address from someone else!

11.  Get a screen shot of your IP address, print it out. Attach it to your lab report.

Okay, now you’re REALLY done!

Answer the following questions by poking around your DHCP server

1.     Which IP addresses are currently leased?

 

2.     What is the MAC address of the computer that leased the first IP in the list?

 

3.     Right click on one of the IP address leases and release that address. What happens?

 

4.     Let’s set up a reservation. Click on reservations and add a new IP address reservation of the address that ends with 192.168.yy.10. Now how many IP addresses do you have available for leasing?

 

5.     Can you set up more than one address scope?

 

Installing WINS

 

Generally you don’t need a WINS server if your domain is all Windows 2000 or above, but just in case you have a Windows 98 floating around in there somewhere, let’s install WINS!

 

Let’s try a new way to install a service on Windows Server.

 

 

  1. Go ahead and add the role of a WINS server.
  2. Select the server role.
  3. Click next.

 

http://www.windowsnetworking.com/img/upl/image0521257362582925.jpg

According to Microsoft, the default settings for the WINS server are all you need. There isn’t a lot of configuring you should do, although you can configure things if you need to. This would come with more advanced server management.

 

That was painful wasn’t it?

Make sure your workstation is registering on WINS

Start up the workstation on your partner’s computer.

Make sure it is set up to obtain an IP address from your DHCP server.

Make sure it is obtaining an IP address from your server by either:

m  Checking the DHCP server to see if that computer name is getting an IP from you

m  Type ipconfig /all at the workstation command prompt to make sure the IP address is obtained from the correct scope

Open your WINS server (it’ll be in the administrative tools on your server).

In the console tree, select Active Registrations

On the Action menu select Display Records.

Click find now.

The entire WINS database should show and in there you should be able to find your workstation’s registration. Do a print screen of this and attach it to your lab report.

How to Create a Dfs on Server 2008

  1. First create a shared folder. Add the everyone group and give them read access. This is just going to be your “container” for your Dfs so you don’t need anyone but you to be able to put stuff into it. You can name it pub or dfs or whatever. You can only do this in ONE server in your domain, so work together.
  2. Go into server manager.
  3. Add a new role.
  4. Click on File Services
  5. Select Add Role Services
  6. Select Distributed File System
  7. The namespace is the the “share” name you’re going to use so your users can access the shares. Let’s call this one Pub (you’ll create another below).
  8. This will be a domain based namespace, which means you’ll have links from all over your domain rather than everything on one computer.
  9. Browse to find your folder. If you click show shared folders, it’ll show a list. Very handy! Select the folder you shared.
  10. Click next. Click install. Once it’s done, click close.
  11. On one of the other servers in your group, create a folder name “Hippie Chicks” and share it as hippie. On another server, create a folder named Hippie Dudes and share it as dudes. If you have a third server, create a folder named Hippie Dogs and share it as dawgs.
  12. Go under Administrative Tools and open DFS Management.
  13. Expand Namespaces
  14. You should see your namespace, right click on it.
  15. Select New Folder
  16. Name the folder “Hippie”
  17. Browse for the folder Hippie Chicks, shared as Hippie.
  18. Do the same for Dogs and Dudes.
  19. Let’s replicate Hippies. Click on that folder.
  20. On the right you’ll see Add Folder Target. Click that.
  21. Where it says path to folder target either type in the name using the UNC pathname or browse your network for one of your other servers.
  22. Find that server.
  23. Select New Shared Folder
  24. Give that folder a name.
  25. Select it as your share.
  26. Now go into the Hippie Chicks folder and create a file, any file. It should replicate to the other folder!
  27. Do the same for the other two folders. Now if one server goes down, the files in those folders would be available on other servers.