11hf42da1di

Quick Guide

Tim Lykkegaard

Structure of the Quick Guide: Competences (formal objectives) A teacher notes (local objectives): Where did my teacher put the stress? My notes Equipment Tools Exercises Tasks Experience: What has been important to me? Did I have some eye-openers during sessions?

Competences (formal objectives) - The student can, at a level equivalent to MCTS - "Windows Server 2008 Active Directory "or later, install and configure a server system. - The student can install and configure the DNS system for Active Directory and Delegate Zones. - The student can configure domains and domain forests, and explain Trusts and Sites. The student can configure the server for various roles, including Create and manage user and group accounts, as well as manage Rights to resources. . -The student can configure Active Directory infrastructure, including the Global catalog. -The student is able to handle the various types of objects contained in the Active Directory, and thereby manage the rights to the Domain resources. -The student can configure Active Directory replication.

-The student can configure Backup and Recovery of Active Directory.

Document1

1 af 9 side

21-09-2012

11hf42da1di

Quick Guide

Tim Lykkegaard

- The student can use the built-in tools for maintenance, monitoring, logging and optimization of the server. -The student can configure a Certificate Authority server.

A teacher notes (local objectives): Where did my teacher put the stress? Our dear teacher used PowerPoint very much, all of his notes are mostly in PowerPoint. However, I have all his notes on my website; I have linked to it here: http://dto-clan.dk/download/Per_Hess_Odderskov.zip I do not think our teachers have put some stress on us. My notes Active Directory: Active Directory (AD) is a directory service created by Microsoft for Windows domain networks. It is included in most Windows Server operating systems. Server computers on which Active Directory is running are called domain controllers. Active Directory serves as a central location for network administration and security. It is responsible for authenticating and authorizing all users and computers within a network of Windows domain type, assigning and enforcing security policies for all computers in a network and installing or updating software on network computers. For example, when a user logs into a computer that is part of a Windows domain, it is Active Directory that verifies his or her password and specifies whether he or she is a system administrator or normal user Active Directory uses (LDAP) versions 2 and 3, Kerberos and DNS. LDAP: The Lightweight Directory Access Protocol is a directory service protocol that runs on a layer above the TCP/IP stack. It provides a mechanism used to connect to, search, and modify Internet directories. The LDAP directory service is based on a client -server model. The function of LDAP is to enable access to an existing directory. Kerberos: Kerberos is a network authentication protocol. It is designed to provide strong authentication for client and server applications by using secret -key cryptography. Developed at the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well. Domain Controller Roles: A domain controller is a server that is running a version of the Windows Server operating system and has Active Directory Domain Services installed.

Document1

2 af 9 side

21-09-2012

11hf42da1di

Quick Guide

Tim Lykkegaard

Primary and backup domain controller: PDC and BDC are roles that can be assigned to a server in a network of computers that use the Windows NT operating system. Windows NT uses the idea of a domain to manage access to a set of network resources (applications, printers, and so forth) for a group of users. The user needs only to log in to the domain to gain access to the resources, which may be located on a number of different servers in the network. Backup: Backup operation is done to prevent data loss. The principle is to make copies of particular data in order to use those copies for restoring the information if a failure occurred Backup types: There are four common backup types implemented and generally used in most of these programs: full backup, differential backup, incremental backup and mirror backup. Full backup: A full backup usually includes your entire system and all its files. It's a basic backup method and all other methods are based on full backup. In each full backup session all data is copied. For example: all data base, file system, catalog on Hard disk. It would be ideal to make full backups all the time, because they are the most comprehensive and are self -contained. Advantages: All files from the selected drives and folders are backed up to one backup set. In the event you need to restore files, they are easily restored from the single backup set. Disadvantages: A full backup is more time consuming than other backup options. Full backups require more disk, tape, or network drive space. Differential backup: A differential backup contains all changes that have been made after the full backup creation. Incremental backup: An incremental backup contains all changes that have been made since the latest incremental or full backup was created Mirror backup: A mirror backup is identical to a full backup, with some exceptions. A mirror backup is a straight copy of the selected folders and files at a given instant in time. Mirror backup is the fastest backup method because it copies files and folders to the destination without any compression

DHCP: DHCP stands for Dynamic Host Configuration Protocol ". DHCP uses a service on a server and aims to set up a client's TCP/IP settings automatically when the machine starts up.

Document1

3 af 9 side

21-09-2012

11hf42da1di

Quick Guide

Tim Lykkegaard

Server assigns: IP address Subnet mask DNS server Default gateway Time server WINS server

DHCP server can assign IP address statically, so that the client always receives the same IP address. In this case, the IP address bound to the client's network interface card via its MAC address

Figure: Illustration of how DHCP works DNS: Domain Name System (or Service or Server), is a system that translates a name that people have a chance to remember to an IP address. Because domain names are alphabetic, they're easier to remember. The Internet however, is really based on IP addresses. A DNS name consists of a host (www) and domain (matrix.serveftp.org). Domains are unique and are registered in the global databases. DNS consists of two parts, a server and a resolver. The server holds information about which DNS names corresponding to the IP addresses. The client resolver is the software on the client, which asks the server for information. Every time you use a domain name, a DNS service must translate the name into the corresponding IP address. For example, the domain name http://matrix.serveftp.org might translate to 188.114.128.16

Document1

4 af 9 side

21-09-2012

11hf42da1di

Quick Guide

Tim Lykkegaard

For example, when you type in http://matrix.serveftp.org, the computer doesn't immediately know that it should look for matrix.serveftp website. Instead, it sends a request to the nearest DNS server, which finds the correct IP address for http://matrix.serveftp.org Without DNS, we would have to remember the IP address of every site we wanted to visit, instead of just the domain name. Can you imagine having to remember 188.114.128.16? Instead of just http://matrix.serveftp.org

Figure: DNS hierarchy exclusive national domains DNS Zone: A zone is the part of a domain to which a given DNS server determines. The term is used in DNS servers, where responsibility for specific sub -domain has been delegated to other DNS servers. A zone is always less than or just as great as the domain itself. The difference is important, for example .dk domain is any domain names that end in ".dk", while the .dk zone basically contains only two IP addresses (the authoritative DNS servers) for each sub-domain under .dk.

Forward lookup zone: A forward lookup zone is a DNS zone in which hostname to IP address relations are stored. When a computer requests the IP address of a specific hostname, the forward lookup zone is queried and the result is returned.

Document1

5 af 9 side

21-09-2012

11hf42da1di

Quick Guide

Tim Lykkegaard

The most common are: A: 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host. AAAA: 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host. CNAME: Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name. LOC: Location record, specifies a geographical location associated with a domain name MX: MX records map a domain name to a list of message transfer agents for that domain. NS: Delegate a DNS zone to use the given authoritative name servers PTR: Pointer records are the opposite of A and AAAA RRs and are used in Reverse Map zone files to map an IP address (IPv4 or IPv6) to a host name. SOA: Start of Authority, an important record type in the Domain Name System, Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. TXT: Text record DNS Record: DNS records are stored in zone files and are used for translating domain names to IP addresses. They also contain other data, including the domain name's name server and mail server information. If there are domain name aliases, such as the commonly used "www" preceding the domain name, these will also be listed in the DNS record. DNS Namespace: The DNS domain namespace is based on a hierarchical tree of named domains. The root domain of the internet domain tree is represented by an unnamed level sometimes stated by a period at the end of the domain name. All domain names on the internet trace back to this root.

Document1

6 af 9 side

21-09-2012

11hf42da1di

Quick Guide

Tim Lykkegaard

Top level domains are located directly below the Internet Root. The top level domain names typically consist of two or three letters used to indicate a country, region, or the type of organization using the domain. Second level domain names of variable lengths are registered directly to individuals or organizations for use on the internet. These names are always based upon an appropriate top-level domain, depending on the type of organization. TLD: Top Level Domain or TLD, For DNS to function, then it is essential that there be labeled with unique names. This is done by creating a namespace hierarchy with tree structure that starts in a "root" which is unnamed, but characterized by ".". The idea is that branches to the Top Level Domains. These TLDs consisted originally of 7 domains are named with the 3 uppercase. Popular domain suffixes include com, net, and org, but there are dozens of domain suffixes approved by ICANN. Each domain suffix is intended to define the type of website represented by the domain name. For example, ".com" domains are meant for commercial websites, whereas ".org" domains are to be used by organizations Each country also has a unique domain suffix that is meant to be used for websites within the country. For example, Denmark websites may use the ".dk" domain suffix. These country -based TLDs, sometimes referred to as country codes, are also used to specify different versions of an international website. For example, the Danish home page for Google is "www.google.dk" instead of "www.google.com."

Document1

7 af 9 side

21-09-2012

11hf42da1di

Quick Guide

Tim Lykkegaard

TCP/IP: (Transmission Control Protocol/Internet Protocol, or simply IP is a suite of protocols. As the name suggests, it is the Protocol the Internet is based on but it is also used on private networks (intranets). These two protocols were developed in the early days of the Internet by the U.S. military. The purpose was to allow computers to communicate over long distance networks. The TCP part has to do with the verifying delivery of the packets. The IP part refers to the moving of data packets between nodes. TCP/IP has since then become the foundation of the Internet. Reverse lookup zone: A reverse lookup zone does just the opposite. When a computer requests the hostname of an IP address, the reverse lookup zone is queried and the result is returned. Zone file: A zone file is stored on a name server and provides information about one or more domain names. Each zone file contains a list of DNS records with mappings between domain names and IP addresses. A zone file contains the data that is stored in a DNS server. The file contains a number of records in text format. Equipment Since our school has limited equipment, we have used the equipment available. We have used Routers, Computers, switches and monitors. Tools Acronis True Image: Acronis True Image helps you to completely clone your current system drive onto your hard drive. Cloning makes an exact copy of your old system drive on your new hard drive, including the operating system, applications, data, preferences, and email settings. Everything will be present and operate exactly as it did on your old hard drive. Xcopy: Xcopy is a powerful version of the copy command with additional features; has the capability of moving files, directories, and even whole drives from one location to another. Clonezilla: Clonezilla is a free open source disk cloning application based on Debian. Like other disk cloning applications, Clonezilla copies the contents of a hard drive for transfer to another storage medium, such as another computer's hard drive or a removable medium, such as a DVD or a USB drive. Clonezilla is compatible with Windows, Macintosh and Linux operating systems.

Document1

8 af 9 side

21-09-2012

11hf42da1di

Quick Guide

Tim Lykkegaard

Exercises Some of the exercises we've had are that we should install Windows Server 2008R2 and configure Active Directory, DNS and DHCP Tasks Some of the tasks we've had are that we should install Windows Server 2008R2, Active Directory, DNS and DHCP

Experience: What has been important to me? Did I have some eye-openers during sessions? I have learned a lot about how to configure DHCP, IP Routes and RIP From the Command Line Interface on a Cisco Router. I already had big knowledge about configuring a server, computers etc. so there werent any big eye-openers. Btw. H1 have been have a big disappointment, I thought I was sent to school to learn and get experience, instead it turned out to be a Google class for dummies. Made by Tim Lykkegaard aka Happyfarm.

Document1

9 af 9 side

21-09-2012