DS-7, Dr.

Lourenco Almeida Complex, Ponda-Goa

0832 2311376

Certificate Course in Computer networking

(Basic Networking in Windows XP and Windows 7, Wireless Network, Cabling, IP Addressing, Network
Sharing and Security, Internet, Active Directory and Email Server in Windows Server 2003)
 Basic Networking

connecting computers together to share information, has long been one of the more difficult areas of
basic computing to get a grasp on, mainly because it is one of those points at which the generally friendly
user interface of your average Windows box starts showing cracks, or possibly gaping holes ready to
swallow up the unsuspecting user.

Now granted, since windows 98 started the process, Microsoft's OSs have been getting progressively better
at automating the process of connecting computers together, but there is still the external setup
required, and if something goes wrong... well it's good to know where to look to fix it.

The purpose of this article is two-fold. First, to enable you to set up your own home network and share
files between your computers, and second to make you comfortable with basic computer networking
terminology and practice. Internet sharing deserves its own article, and so is not part of this one.

First, some important terms. Skip them if you know them.

Ethernet Network adaptor: An internal device that allows computers to communicate with each other via
electrical signals passed through cable. Also known as a NIC (Network Interface Card).

Hub: An external device with multiple connections (ports). A computer attached to one port can
communicate with computers attached to any of the other ports. They are available in many sizes, most
commonly 5 ports.

Switch: Similar to a hub, but more efficient. While a hub will send data it receives from one port out all
its other ports and let the computers attached to it figure out who the data is intended for, a switch
stores information about the computers connected to it, then sends data only to the computer it is
addressed to.

Firewall: A term for a software program or hardware device which can restrict specific kinds of data from
passing into (or in some cases, out of) your network from the internet. Used for security purposes.

Cable/DSL router: Network devices which combine the functions of a switch and a firewall. They also
provide the ability to easily share a DSL or cable Internet connection.

Basic Windows networking principals

By default, all Windows operating systems use the TCP/IP protocol suite to communicate with each other
through network devices. Any computer network adaptor using TCP/IP requires 3 things to communicate
with other computers: An IP address, a subnet mask for that IP address, and a default gateway. These
terms will be defined in a moment. First, though, an idea of how a TCP/IP network works logically.

When you give a computer an IP address, you identify the network which it is a member of, and give it an
identification number within that network. A computer in a given network can communicate with any
other computer that is local to it (in the same network), provided there is a way for information to pass
between them (network cables, wireless network, etc.).

Computers in a network cannot, however, communicate with computers in a different network (remote
network) directly, even if they are physically connected to each other via cables.

This is where the default gateway comes in. A gateway is defined as a path out of the local network to
other remote networks. A gateway can be a number of things physically, such as a DSL/cable router for
your local network, a Windows server computer with multiple network adaptors split between different
networks, etc. Gateways must all share one thing in common though. They are connected to at least 2
networks, and have the ability to pass traffic between them.
The default gateway assigned to a network adaptor is sent all traffic that does not belong in the local
network. As an example of this, say you have a DSL Internet connection. When you connect to the
Internet, you are provided with a default gateway assigned by your service provider. When you attempt to
connect to a site on the Internet, the URL you type in (say www.pcstats.com) is converted into an IP
address by your Internet provider.

Since this address is not going to be in your local network, the network adaptor in your computer forwards
the request for the web page to its default gateway, your service provider.

From that point, your request will be passed from network to network through the internet until it
reaches the local network of www.pcstats.com and the data needed to display the web page starts its
way back through the internet to your IP address.

IP Addresses and what they represent

An IP Address is 4 sets of decimal numbers, 0-255, separated by periods (for example, 192.168.255.251)
which form the address of a computer on the internet or within a local network, and allow it to be
referenced by other computers.

An IP address consists of two parts, a network portion and a host portion.

Within a single network, for example the one you are about to set up, all computers will have identical
network portions. In order for two computers to communicate with each other directly, they must be in
the same network, and thus have identical network portions of their IP addresses.

The host portion of an IP address indicates a computer's unique identifier within its network. Every
computer on a given network must have a unique host portion in order to communicate with other
computers in the same network.

An IP address is always accompanied by a subnet mask, which separates the network and host portions of
the IP address. A subnet mask is shown in the same format as the IP address (for example 255.255.255.0).
As far as this article is concerned, assume that the values of the 4 sets of numbers in the subnet mask can
be either 0 or 255.

Sets with the value of 0 indicate the host portion of the IP address, and sets with the value of 255
indicate the network portion. For example, with an IP address of 192.168.3.25 and a subnet mask of
255.255.255.0, the network portion of the address would be '192.168.3', and the host portion would be
'.25'. This means the computer assigned this address is host 25 within the 192.168.3 network.

Setting up your own home network

1. An Ethernet-based network adaptor installed in each computer. If you are not sure if you have one or
not, see the picture below and check the back of your computers for a similar interface. If you have
purchased them separately, see the section below entitled Installing Network Card Drivers for details.
Also, if you are not planning to use a hub or switch device to connect your computers, you will need two
network cards in one of the computer systems.

2. Appropriate networking cables: Since we are assuming you have Ethernet cards, you will need either
Straight-through or crossover Cat 5 Ethernet cable. Any computer store will have them available in a
variety of lengths.

Straight through is they type used with a hub or router, while crossover is used for connecting two
computers together directly. If you have the necessary equipment (RJ45 crimpers, cable tester) to make
your own cables, this PCstats guide will explain the process for you. At the very least, our guide offers a
useful footnote on the differences between Straight-through and Crossover Cat 5 Ethernet cables.

3. An active connection to the Internet. Cable, DSL or dialup.

4. An Ethernet hub/switch is not required (unless you have more than two computers), but is
recommended, since it will enable you to expand your new home network beyond two computers in the
future.

5. A Cable/DSL router is also recommended, and is probably the simplest way to set go in order to set up
a home network. These devices act as switches and enable you to share an Internet connection simply,
without needing to leave one of your computers on constantly in order for the others to access the
Internet through it. They also provide basic, but effective firewall protection for your network.

Setting up a Network - WinXP

For Windows XP computers, open the start menu, then open 'my computer' and right click the 'my network
places' option on the left of the screen under 'other places', and select 'properties.'

You will see a window entitled 'network connections' which will contain an icon for each network adaptor
present in your machine. By default, these will be named 'Local Area Connection 1', 'local area connection
2', etc.

Right click 'local area connection 1' and select 'properties', then highlight 'internet protocol (TCP/IP)' and
select properties again.Ensure that the option 'Obtain an IP address automatically' is selected, then click
ok, and ok again.Repeat for each 'local area connection #' on your computer.

Now right click the 'my computer' icon on the start menu and select 'properties', then the ''computer
name' tab.

Make a note of the computer name and workgroup name for each computer. These are used to identify
the computer over the network. If you wish to rename any of the computers, this is a good time to do it,
using the 'change' button. Having all the computers in the same workgroup is not essential, but it does
reduce confusion. All Microsoft computers are members of the workgroup 'workgroup' by default.

Now select 'run' from the start menu and type '\\{computername}' where computername is the name of
one of the other computers in your network. If all is as it should be, a window will open up showing all
shared resources on that computer, by default 'printers and faxes' and 'scheduled tasks'.

Test this for all computers on the network as we have previously mentioned. You have now either
networked your computers together successfully, or are staring at the screen in frustration. Please
proceed to either the Sharing Files section or the Troubleshooting section respectively.

Sharing files across the network

Now that you have connected your home computers, you may wish to make certain files available
between the two computers over the network. This is a simple enough procedure.
Windows 98 Important note: Unlike Windows 2000 and XP, Windows 98 has no real form of
authentication security. This means that a Windows 98 computer with an Internet connection and no
firewall is essentially open to being browsed by any remote user who discovers your IP address. Now, this
is mitigated somewhat by the fact that 98 does not share any files by default, so there will be nothing to
access. However, once you start sharing drives and folders, be aware that anything you share is
vulnerable to being accessed from the Internet, assuming you have a high-speed connection.

Open 'My Computer' Browse to the drive or folder that you wish to share. Note: you may only share drives
or folders/directories, not individual files. There's nothing to stop you creating a new directory for a
single file and sharing that out though.

Right click the drive or folder and select 'sharing.'Select the 'shared as' option.

Enter the share name you would like to use. This how the shared resource will be named when viewed
from another computer. Select the type of access you would like to allow.

Read-only allows network users permission to read and copy files in the shared directory, but not to
delete them, save changes to them or add new ones. Full access gives permissions just like a local user. If
you like, you can assign passwords for either the read-only or full access modes. Click 'ok

Sharing files with WinXP

WinXP Important note: By default, Windows XP Professional (not Home Edition) installs a hidden share
for EVERY drive. This means that every file on your XP computer can potentially be accessed from the
network or the Internet. Since XP Professional was designed to be used in a business network
environment, these shares were intended to allow a network administrator to access important files
remotely. Only members of the Administrators group on your computer can access these shares.

Of course, the users created during the Windows XP install are members of the Administrators group...
And they do not have passwords until you assign them manually.

Fortunately, unlike Windows 2000, XP does not allow remote file sharing by default, so you are not
vulnerable until you enable this. If you intend to share files with other computers on your network,
ensure that every account you have created has a password.

This can be done through the control panel/user accounts. It is also a good idea to change the name of
the administrator account, since everyone knows that 'administrator' is the default user name for Windows
2000/XP.

To enable sharing in Windows XP first open 'My Computer' and browse to the drive or directory you wish to
share. Right click the drive or directory and select 'sharing and security.' Under 'network sharing and
security' select the 'enable sharing of files without running the network wizard' option. Select 'share this
folder/drive on the network'

Share name specifies the name that will appear for the share on remote computers. Check the 'allow
network users to change my files' box if you want remote users to be able to add, delete or modify files
within the folder or drive. By default it is unchecked, giving read-only access. Click ok.

Troubleshooting Section

If you are having trouble connecting using the default settings, the first, and best step you can take is to
double-check all the settings, restart the computers in your network, and try again. Failing this, it's time
to get under the hood a bit. Perform these steps on all computers in the network.

Open the start menu, select run and type 'cmd' to open the command prompt window. (On Windows
98/ME select 'ms-dos prompt' from the 'programs' menu.) Now type 'ipconfig /all' This will give you your
current IP address for each Local area network connection, as well as the name of the adaptor that uses
the connection.

As we have set things up, each adaptor should have an IP address in the range of 169.254.xxx.xxx with a
subnet mask of 255.255.0.0, which puts them in the 169.254 network. This is a private address range
(meaning that IP addresses from this range cannot be used over the internet) which is used to
automatically assign IP addresses to computers. Possible exceptions to this are:

If you are using a DSL/cable router to connect your network. In this case the router will have assigned its
own set of IP addresses to each computer, which will generally be in the 192.168.x.xxx range (this is also
a private address range).

If one of the network adaptors in your computer is directly connected to a cable modem, it will have
received an IP address from your Internet service provider.

Assuming all of your computers have an IP address of 169.254.xxx.xxx subnet mask 255.255.0.0, they are
in the same network, and should be able to communicate with each other provided the wiring is set up
correctly. To test this, note down the IP address of one of your computers (for example 169.254.73.160).
Now go to the other computer and from the command prompt type 'ping 169.254.73.160' and hit enter.
The ping command sends a stream of data to the address you specify at periodic intervals. If the other
computer receives the information it will reply.

If all goes well, you should see:

Pinging 169.254.73.160 with 32 bytes of data:

Reply from 169.254.73.160: bytes= 32time<1ms TTL=128

Reply from 169.254.73.160: bytes= 32time<1ms TTL=128
Reply from 169.254.73.160: bytes= 32time<1ms TTL=128
Reply from 169.254.73.160: bytes= 32time<1ms TTL=128
This indicates you are communicating successfully with the remote computer, so you should be able to
connect using the run: \\{computername} command. If you are using 98/ME check to make sure you
enabled file sharing.

Fixing Destination host unreachable Error

If the computers is telling you "desintation host unreachable" this means you have a problem with your
physical setup. Make sure all wires are plugged in correctly; check the power on your hub/witch/router,
etc.

Remember, most network adaptors will have one or more status LEDs that shine out the back of the
computer. They should show a green light if connected properly. Check these too.

If one of your computers has an address other than 169.254.xxx.xxx, and is not connected to a router or
cable modem, first double check that you set all the network adaptors on that computer to 'obtain an IP
address automatically'.

If this is the case, go to the command prompt and type 'ipconfig /release' then 'ipconfig /renew' (for XP
and 2000) or 'ipconfig /release_all' then 'ipconfig /renew_all' (for 98/ME). This will instruct all network
adapters to drop their current IP addresses and attempt to acquire new ones. Type 'ipconfig /all' again
and see if this resolved the problem.

As a last resort, you can manually set the IP addresses of your network adaptors in order to connect. Go
to the properties of 'network neighborhood' or 'my network places' as before, but instead of specifying
'obtain an IP address automatically' select 'use the following IP address' and enter in '192.168.0.2-254 as
the IP address, and '255.255.255.0' as the subnet mask. This will put your computers in the 192.168.0
network. Now test the connection with the ping command again.
Sharing files
Published: August 15, 2006
If you have multiple computers in your home and they are connected through a home network, you can
share files among your computers. That means you no longer have to copy files to a floppy disk or USB
flash drive to transfer them to another computer. Once you configure your computer to share files, you
(or another user with the appropriate permissions) can, by using Windows Explorer, open them from other
computers connected to the network, just like you’d open files that are stored on a single computer. You
can also choose to have folders visible—but not modifiable—from other computers on the network.
To share files on your computer with other computers on a network, you need to:
• Share a folder on your computer. This will make all of the files in the folder available to all the
computers on your network (you can’t share individual files).
• Set up user accounts on your computer for everyone who needs to connect to your shared folder. If any
of the accounts are Limited User accounts (unless an account is a Computer Administrator account, it is
a Limited User account), follow the steps in Set permissions for files and folders to enable them to open
your files.
To access shared files that are on another computer on your network, you need to:
• Connect to the shared folder from other computers on the network. This procedure is described in Map a
network drive.
Note: By default, file permissions only allow your user account and administrators on your local computer
to open your files, regardless of whether a person is sitting at your keyboard or at another computer. It
may help to keep these three things in mind when setting up file sharing:
• Files have user permission settings.
• Every computer has its own user database.
• Some accounts are administrator accounts and some aren’t.

Configure your computer to share files

To share a folder on your computer so that files stored in the folder can be accessed from other
computers on your home network
1.Log on to your computer as an administrator. For more information, see Access the administrator
account from the Welcome screen.
2.Click Start, and then click My Documents.

3.Right-click the folder that you want to share, and then click Sharing and Security.
 Tip: If you want to share your entire My Documents folder, open My Documents, and then click the Up
button on the toolbar. You can then select the My Documents folder.
4.If you see a message that reads, As a security measure, Windows has disabled remote access to this
computer, click the Network Setup Wizard link. Then follow the instructions in How to set up your
computer for home networking. On the File and printer sharing page of the Network Setup Wizard, be
sure to select Turn on file and printer sharing. If you do not see this message, skip this step and go to
step 5.

Note: If you do not see the Network Setup Wizard link or the Share this folder on the network check
box, your computer probably has Simple File Sharing disabled. This is a common change made to
computers used for business. In fact, it happens automatically when a computer joins an Active
Directory domain. You should follow these instructions to share a folder instead.
5.In the Properties dialog box, select the Share this folder on the network check box.
6.If you want to be able to edit your files from any computer on your network (instead of just being able
to open them without saving any changes), select the Allow network users to change my files check
box.

7.Click OK.
Windows Explorer will show a hand holding the folder icon, indicating that the folder is now shared.
To connect to the shared folder from another computer, follow the steps described in How to map a
network drive.
Note: By default, only you and other people with an administrator account on the computer sharing the
folder will be able to open your files. To limit access of specific users with an administrator account on
the computer sharing the folder, read How to set permissions for files and folders.

Mapping a network drive

Published: August 15, 2006
Moving files between computers on a floppy disk (the so-called "sneakernet") is a thing of the past. If you
have more than one computer in your home, you can share files across your home network. Shared folders
from other computers appear in Windows Explorer just as if they were on the computer you're using.
Sharing files is a two-step process:
1.Share a folder on the computer that stores your files. This step is described in Sharing files.
2.Create a connection to the shared folder on the computer that you want to use to open the files. You
can connect to the shared folder in two ways:

• You can directly open the shared folder. This is the quickest way to get to your shared files.

— or —
• You can map a drive letter to the shared folder. This way makes it easier to open the folder in the
future.

The steps for both of these ways to connect to a shared folder on another computer on your home
network are described below.

Open a shared folder

1.On your desktop, double-click My Network Places.

Note: If My Network Places is not on your desktop, click Start, and then click My Network Places on
the Start menu.
2.In My Network Places, double-click the folder you want to open.

You'll see your files in the folder.

Top of page

Map a drive to a shared folder

1.Click Start, and then click My Documents.

2.Click the Tools menu, and then click Map Network Drive.

3.In the Map Network Drive dialog box, click Browse.

4.In the Browse For Folder dialog box, click the folder you want to connect to, and then click OK.

5.In the Map Network Drive dialog box, make a note of the drive letter shown, and then click Finish.

6.If prompted, type your user name and password, and then click OK.
Microsoft Windows XP will open a folder to your shared files. In the future, you can open the shared folder
from My Computer by clicking the appropriate drive letter.
Get started using Remote Desktop with Windows XP Professional
Updated: July 25, 2006
Imagine that you recently started a small business and are trying to build your client base—salespeople
out on the road every day, working on getting new business. You don't want your salespeople to be left
without documents they need while meeting with important clients. You can empower your employees to
have important data at their fingertips, at all times.

Remote Desktop, included with Windows XP Professional, enables you to connect to your computer across
the Internet from virtually any computer, Pocket PC, or Smartphone. Once connected, Remote Desktop
gives you mouse and keyboard control over your computer while showing you everything that's happening
on the screen. With Remote Desktop, you can leave your computer at the office without losing access to
your files, applications, and e-mail. Your sales force will be able to access the latest pricing sheet from
on the road by using Remote Desktop in Windows XP Professional.

To use Remote Desktop

With Remote Desktop, you can connect to your work computer from home and access all of your
programs, files, and network resources as though you were actually sitting in front of your computer at
work.

You need three things to create a remote location:

1.Microsoft Windows XP Professional must be installed on the computer containing the files and programs
that you want to access from a remote computer. The computer must also be part of a corporate
network in which Remote Desktop connections are permitted. This computer is known as the host.
2.The remote computer must be running Windows 95 or later. This computer must also have the Remote
Desktop Connection client software installed. The remote computer is known as the client.
3.Both computers must be connected to the Internet through a VPN connection.

Note: If you're not connecting to the host computer through a VPN, you'll need to use the actual IP
address of the host computer instead of the computer name.
To set up the Remote Desktop, start with the host computer, which in this example is your work
computer.
1.Verify that you are signed in as the administrator.
2. Click Start, click Control Panel, and then click Performance and Maintenance.

3. Click System.
4. Click the Remote tab, select the Allow users to connect remotely to this computer check box, and
then click OK.

Next, make sure you have Windows Firewall set up to allow exceptions.
1. In the Control Panel, click Security Center.
2. Under Manage security settings for, click Windows Firewall.

3. Make sure the Don't allow exceptions check box is not selected.

4. Click the Exceptions tab, and verify that the Remote Desktop check box is selected.
5.Click OK, and then close the Windows Security Center window.
Your host computer is now set up to allow remote access.

You will need the name of the host computer.

6. In Control Panel, click Performance and Maintenance, click System, and then click the Computer
Name tab.

7.Write down the full computer name, and then click OK.
8.Close Control Panel.
9.Leave this computer running, locked, and connected to the corporate network with Internet access.
Top of page
Connect your remote computer to the host computer
To connect your home computer, which is the client (or remote) computer to your work (or host)
computer, follow these steps:
1.On your home computer, click Start, point to All Programs, and then point to Accessories.
2.In the Accessories menu, point to Communications, and then click Remote Desktop Connection.
3. In the Computer box, type the computer name of your host computer, which you wrote down earlier.

4.Click Connect.
5. When the Log On to Windows dialog box appears, type your user name, password, and domain (if
required), and then click OK.

The Remote Desktop window opens, and you see the desktop settings, files, and programs that are on
your host computer, which in this example is your work computer. Your host computer remains locked,
and nobody can access it without a password. In addition, no one will be able to see the work you are
doing remotely.
To end your Remote Desktop session:
1.Click Start, and then click Log Off at the bottom of the Start menu.
2. When prompted, click Log Off.
Troubleshooting network connection problems
Published: August 15, 2006
Depending on how elaborate they are, home networks can be complicated. Unfortunately, because of this
complexity, problems occasionally happen. Fortunately, you can usually solve these problems yourself. In
most cases, finding the problem is a matter of going through a series of steps to eliminate potential issues
one by one until you find the source of the problem. This article walks you through isolating your
problem, troubleshooting the problem, and, if necessary, contacting the right organization for support.
If you are setting up your home network for the first time, refer to Set up a wired network or Set up a
wireless network. The guidance in this article assumes that you were previously able to use your network,
although the information here might be useful for troubleshooting setup problems, too.

How to isolate networking problems

People who work with networks think of them in terms of layers. These layers include the Internet, your
modem and router, and the computer (or computers) on your network. To troubleshoot a problem
effectively, you must first identify which network layer is causing the problem. The following diagram
shows the different layers that might be the cause of a problem.

Although you can fix most problems yourself, if you can't fix a problem, it's helpful to know which layer is
causing it so that you can contact the right organization for support.
To identify which layer is causing the problem
1.Click Start, and then click Control Panel.
2.Click Network and Internet Connections.

3.Under or pick a Control Panel icon, click Network Connections.

4.In the Network Connections window, examine the status of your network adapter:

• Connected. Your computer is properly connected to your modem, router, or wireless network, but
there is a problem between your router and the Internet. Read Windows XP says your network adapter
is connected.

• Disabled. Someone has manually disabled the network adapter. To fix the problem, right-click the
adapter, and then click Enable.

• Unplugged. Your computer cannot detect the connection to your modem or router. Read Windows XP
says your network adapter is unplugged.

• Not connected. Your computer cannot connect to your wireless network. Read Troubleshooting
Microsoft Windows XP-based wireless networks in the small office or home office.

• Limited or no connectivity. Your computer is properly connected to your modem, router, or wireless
network, but your router is misconfigured or there is a problem between your modem and the
Internet. Read Windows XP says your network adapter has limited or no connectivity.
5.If your network adapter does not appear in the Network Connections window, it has not been properly
 installed. Uninstall the driver and network adapter as described in Troubleshoot device driver problems.
Then reinstall the network adapter according to the manufacturer's instructions or by following the
instructions in Install a network adapter.

Windows XP says your network adapter is unplugged

If Microsoft Windows XP indicates that your network adapter is unplugged, it could be because of several
different problems. Follow these steps to troubleshoot the problem. (You can stop following the steps if
your network connection starts to work.)
1.Verify that both ends of the network cable are properly connected, as described in Set up a wired
network.
2.If the cable is properly connected, verify that your modem and router are plugged in and turned on.
3.If you have more than one network port available in your router, plug the cable into a different port. If
the network connection works, the original port on your router is faulty. However, you can continue to
use the other ports.
4.Replace the network cable with a new cable. You might have a faulty network cable.
5.The network adapter on your computer might have failed. If possible, connect a different computer to
the same network cable. If the connection works, the problem is with your network adapter. Contact
your computer manufacturer for support, or install a new network adapter. If the new computer also
fails to connect and you have already tried a new network cable, your network hardware (the device
you connect the network cable to) has failed. Contact technical support for the network hardware, or
replace it.
After following these steps, you should have identified the problem as your computer's network adapter,
the network cable, or your network equipment, and then either replaced or repaired the failed device.

Windows XP says your network adapter has limited or no connectivity

If Windows XP says your network adapter has limited or no connectivity, it could be due to several
different problems, including a failed Internet connection, a misconfigured router, or a misconfigured
network adapter. Follow these steps to troubleshoot the problem. (You can stop following the steps if
your network connection starts to work.)
1.In the Network Connections window, right-click your network adapter, and then click Repair. For
detailed instructions, read Repairing network connections.
2.Unplug your modem. If you are unsure which device might be your modem, it is the device that is
connected directly to your phone line (if you have DSL) or cable connection (if you have a cable
modem). Wait one minute, and then plug your modem back in again.
3.If you have a router connected to your modem, unplug it. If you are unsure which device might be your
router, look for the device that has at least two network cables: one that connects to your modem; and
another that connects to your computer. You may also have a wireless router, which would be
connected to your modem and would have one or more antennas. Wait one minute, and then plug your
router back in again.
4.Restart your computer.
5.If your network adapter still shows "Limited or no connectivity" and you have customized your router's
configuration, verify that the router has DHCP (Dynamic Host Configuration Protocol) enabled. Enable
DHCP, and then restart your computer. DHCP automatically assigns an Internet Protocol (IP) address to
your computer, which uniquely identifies your computer on your network. For instructions on how to
enable DHCP for your router, refer to your router's documentation.
6.If you are using a router, unplug the network cable that connects your modem to your router, and
connect your computer directly to your modem. Then restart your computer. If your computer connects
properly after restarting, the problem is with your router. Contact your router manufacturer for
support.
7.If your network adapter still indicates "Limited or no connectivity" when your computer is connected
directly to your modem, contact your Internet service provider (ISP) for support. To speed up the
troubleshooting process, describe the steps you have already taken, including restarting your modem,
router, and computer, and connecting your computer directly to your modem. The "Limited or no
connectivity" error message indicates that your computer is properly connected to your home network;
however, the ISP's DHCP server is not assigning it an IP address. This problem could be caused by a
failed DHCP server on the ISP's network, a failed modem, or a problem with your Internet connection.
Alternatively, the ISP may require you to use a "static" IP address, which only its support staff can help
 you configure.
After following these steps, you should have identified the problem as your router, your modem, or your
Internet connection, and then either reconfigured or repaired the failed component.

Windows XP says your network adapter is connected, but you can't reach the Internet

If you reached this section, your computer is probably connected to your home network properly, but
there is a failure with your router, modem, or Internet connection. In this case:
1.First, verify that you can't reach the Internet. Start Microsoft Internet Explorer, and attempt to connect
to the following Web sites: www.microsoft.com, www.msn.com, and www.windowsmarketplace.com. If
any of the Web sites open correctly, your Internet connection is functioning properly. If all of the Web
sites fail to open, continue following these steps.
2.Unplug your modem. If you are unsure which device might be your modem, it is the device that is
connected directly to your phone line (if you have DSL) or cable connection (if you have a cable
modem). Wait one minute, and then plug your modem back in again.
3.If you have a router connected to your modem, unplug it. If you are unsure which device might be your
router, look for the device that is connected directly to your modem. Wait one minute, and then plug
your router back in again.
4.Restart your computer.
5.If you have more than one computer on your network, turn the other computers off. Also, close any
network applications that you might have open, including file sharing and peer-to-peer applications.
These applications can consume so much bandwidth that they might prevent you from being able to
browse the Web. Repeat step 1 to retest your Internet connection. If the connection works now, the
problem is that one of your applications is consuming too much of your Internet bandwidth or
attempting to connect to too many different computers. Close the application, or configure it to use
less bandwidth or fewer connections.
6.If you have previously configured your computer with a static IP address (for example, to connect to
your office network), you probably need an automatic IP address at home. Fortunately, you can
configure Windows XP to use both by following the steps in Automatic configuration for multiple
networks.
7.If you are using a router, unplug the network cable that connects your modem to your router, and
connect your computer directly to your modem. Then restart your computer. If your computer connects
properly after restarting, the problem is with your router. Contact your router manufacturer for
support.
8.If possible, connect a different computer to your modem, and attempt to access the Internet. If the
computer is able to access the Internet, you might have a problem with your Web browser. Contact your
computer manufacturer for support.
9.Your modem or your Internet connection has failed. To resolve the problem, contact your ISP technical
support. To speed up the troubleshooting process, describe the steps you have already taken, including
restarting your modem, router, and computer, and connecting your computer directly to your modem.
After following these steps, you should have identified the problem as your router, modem, Internet
connection, or Web browser, and then either reconfigured or repaired the failed component.

Windows 2003 Active Directory Setup

When you installed Windows Server 2003 Manage Your Server window is displayed every time you start-
up the system, unless you have checked “don’t display this page at logon”ﾝ option.
If you don’t get this window at start-up, go to Start, All Programs, Administrative Tools, Manage Your
Server, once you get to the window above click on Add or remove a role, the Configure Your Server
Wizard will come up. click Next to run the Preliminary steps. hopefully your server is good to go.

On the next screen, you will get presented with a list of roles that you can setup on the server, select
Domain Controller ( Active Directory)

Click Next. On the next screen, you are presented with the Summery of Selections. Clicking next on this
window will run the Active Directory Installation Wizard:
Click on Next. The Welcome to the Active Directory Installation Wizard window will come up:

Click Next. The Operating System Compatibility window will show up:
If you don’t have operating systems older than windows 2000 on your network, you can safely click next
on this window, otherwise make a pause and think if its worth upgrading older operating systems on your
network to a windows server 2003 compatible domain controller.

On the next screen, you need to choose your Domain Controller type:

Select Domain controller for a new domain, and click next. On the next screen, you will need to select
the type of domain to create:

Select the first option “Domain in a new forest”ﾝ then click next. Next, you will need to specify the
domain name:
Type your domain name, preferably with the local prefix at the end, that is just to differentiate
between your domain name and your Internet domain.

Click next. Next, you will need to specify the NetBIOs name. This NetBIOS name wil help old computers
using old windows operating systems to find the domain on the network:

Accept the default name, click next. Next, you will need to specify the location of the database and log
folders:
Choose the location, otherwise accept the defaults and click next. Next, you need to choose the Shared
System Volume:

Choose your location, otherwise click next.Next, you will need to configure DNS, remember DNS is
required for Active Directory to run:
You most likely will get the warning “Diagnostic failed”ﾝ on this window, don’t worry is normal. This
happened because DNS is not configured on this computer. Choose the second option “Install and
configure the DNS server on this computer, and set this computer to use this DNS server as its
preferred DNS server, and click Next.

On the next window you will need to choose the default permissions for user and group objects:

Select the second option. You want only authenticated users to read information on your domain. Click
next.

Next, you will need to type the directory Services Restore mode Administrator password. Remember
this password is different from the built-in administrator domain account:
Type the password and click Next. Lastly, you will get the summary window:

Click Next. The installation on Active Directory should start. After a few minutes, you will get the Finish
window. Click on Finish and restart the computer:
After the computer restarts, active directory should be setup on the server. remember that your domain
administrator account password, should be the same as the local administrator password you had before
installing active directory.

After rebooting the computer, this window will come up. now your server is a domain controller. Enjoy.

Install and Configure the Email Server in Windows Server 2003 + Outlook Express

Introduction

This tutorial will help you to install and set up a few email accounts, by using the built-in POP3 Service in
Windows Server 2003. I will assume you have basic knowledge about the Windows Server family and Mail
Servers, but I have tried to make this tutorial as easily comprehensible as possible. The tutorial has been
tested on Windows Server 2003 Enterprise Edition but should also work on Windows Server 2003 Standard
Edition. I will not cover MX records and other similar things in this release.

To follow this tutorial you need a stand alone server. You can of course use a Domain Controller, but that
assumes you understand when to not follow the tutorial and use other settings (i.e. authentication
method).
Install the Email Server

You can install the Email Server by using Add or Remove Windows Components or Manage Your Server.
In this tutorial we will use the latter, because it’s the quickest way to get this up and running. Manage
Your Server is a bit easier to use too, because it will prompt you for the domain you want to use during
setup. That will not Add or Remove Windows Components do, and we have to do everything manually.
If it’s not open, start Manage Your Server by clicking Start->Programs->Administrative Tools->Manage
Your Server.

• Click on Add or remove a role.

This will start the Configure Your Server Wizard. Read the text and make sure you have connected all
the necessary cables and all the other things it says you should do before continuing.

• Click Next
The wizard will now detect your network settings. This will take a while depending on how many network
connections you have
We now come to the step where we add and remove roles for our server. We will add the Mail Server role.
I also suggest that before you click Next, click Read about mail servers because this tutorial is not a
complete reference.

• Click Mail server (POP3, SMTP)

• Click Next

You will now specify the type of authentication and type the email domain name. In this tutorial we will
use Windows Authentication, and I will use my domain name, ilopia.com. You should of course use your
domain name.

• Click Next

Next step is to confirm the options you have selected.

 • Click Next

The installation will start, and will also start the Windows Components Wizard. When you get prompted
to insert your Windows Server 2003 CD-ROM into your CD-ROM drive, do so. If you didn’t get prompted to
do that, you maybe already have it in the drive. Hopefully within some minutes you get this screen:

You can now see the log, click view the next steps for this role, or click Finish. Do whatever you feel
you want to do before continuing.

• Click Finish

You have now successfully installed the mail server, congratulations!

Configure the Email Server
So, it is no fun with a mail server installed, if we can’t use it. And to use it, we have to configure it. This
section will help you configure the mail server.

• Click Start, then run, and type p3server.msc

This will open up the POP3 Service. This is where you configure and manage the POP3 part of the mail
server.

• Click on <ComputerName> in the left pane

• Click on Server Properties in the right pane

This brings up the Properties for our Mail Server.

As you can see, we have a lot of settings. We will use the standard setup in this tutorial, but I will explain
every setting we can change in case you want to change something in the future.
Authentication Method
There are three different authentication methods you can use; Local Windows Accounts, Active Directory
Integrated and Encrypted Password File. It is an important decision which method to use, because once
you have chosen, you must delete all email domains on the server to change method (from now on, you
can migrate Encrypted File user accounts to AD, but nothing else can be migrated).

• Local Windows Accounts

If your server is stand alone (not member of an Active Directory domain), and you want to have
the user accounts on the same local computer as the POP3 service, this is the best option. By
using this option, you will use the SAM (Security Accounts Manager) for both the email user
accounts, and the user accounts on the local computer. This means that a user can use the same
user name and password to be authenticated for both the POP3 service and Windows on the local
computer. But there is a limitation, although you can host multiple domains on the server, there
must be unique user names for all domains. So, let us say you have two users named Sandra. One
working at company1.com and another one working at company2.com. Their user name used will
be sandra@company1.com and sandra@company2.com. But in SAM, they will both have the same
user name, sandra, so one of them must be renamed to something else (if we don’t want them to
read each other’s emails).

If you create the user account when you create the mail box (by using the POP3 interface), the
user will be added to the POP3 user group. Members of this group are not allowed to logon
locally. The fact that the users are added to the POP3 group does not mean that you must be a
member of this group to have a mailbox. You should however be careful adding mailboxes to
users that are not member of the POP3 group, because the password used for email can for
example be sniffed (if you are not using SPA), or someone can brute force the password and gain
access to the server.
• Active Directory Integrated
You can select this option if the server is a member of an Active Directory domain or is a Domain
Controller. By using this you will integrate the POP3 Service with you AD domain. AD users can
use their user name and password to send and receive email. Of course you have to create
mailboxes to them first. Unlike Local Windows Accounts you can use the same user name on
different domains. So sandra@company1.com and sandra@company2.com will have different
mailboxes. There is however one thing you should know about, that does not affect the mailbox
name and email-name, and the pre-Windows 2000 user name can be changed. Active Directory
do not support the same pre-Windows 2000 user name, and this name is usually the same as the
user name, which means that if you create a mailbox and user with the same pre-Windows 2000
user name, it will rename the pre-Windows 2000 user name.
• Encrypted Password File
This is the option you want to select if you don’t use Active Directory or don’t want to create
users on the local computer. Like Active Directory Integrated you can have the same user name
on different domains, but you cannot assign the same user name to several mailboxes within the
same domain.
 This method works by creating an encrypted file stored in each user’s mailbox. This file contains
the password for the user. When the user wants to check his/her email, the password that the
user supplies is encrypted and compared to the one in the file.
It is possible to migrate Encrypted File user accounts to AD user accounts.

Server Port
I strongly recommend that you use port 110 because this is the standard port for the POP3 protocol. If you
change this, make sure you notify all users so they can configure their email clients to use this other port.
Also make sure you restart the POP3 service if you change this.
Logging Level
Four options to choose between. If you change this, remember that you must restart the POP3 service.

• None
Nothing is logged.
• Low
Only critical events are logged.
• Medium
Both critical and warning events are logged.
• High
Critical, warning and informational events are logged.

Root Mail Directory

If you don’t want to use the default Mail Directory, you can choose another one. Make sure the path is not
more than 260 characters and you can also not store to the root of a partition (i.e. C:). It is strongly
recommended that you use a NTFS formatted partition. You can’t use a mapped drive, but the UNC name
(\\servername\share) can be used. If you later change the store, and there are still emails in one or more
boxes, you must manually move the folders in which there are emails to the new location. You must also
reset the permissions on the directory by using winpop set mailroot.
SPA
Enable SPA if you want to have a secure communication between your email sever and email clients. This
will send both the user name and password encrypted from the client to the server, instead of sending it
in clear text. SPA supports only Local Windows Accounts and Active Directory Integrated
Authentication. It is recommended to use this. Remember to restart the POP3 service if you change this.
Create a mailbox
The Setup Wizard created a domain to us, so we do not need to create this manually. If you did not use
Manage Your Server to install, add the domain manually be clicking the server name in the left pane and
then click New domain in the right pane. Remember to set the properties before you add the domain.

• Click on your domain (ilopia.com in my case) in the left pane.

• Click Add Mailbox in the right pane.

This will open up the Add Mailbox window.

• Write bob in Mailbox Name

• Write bob as password (of course this is not a password you should use in a production
environment, it’s too short)
• Click OK
A message will pop-up and tell you how to configure the email clients. Read this, and notice the
difference when using SPA or not.

• Click OK

What we just did was not only creating a mailbox named bob, but we also created a user bob. We will
also create a mailbox for an existing user - ariel. To do that we simply perform the same steps, but we
uncheck Create associated user for this mailbox. Remember that the mailbox name must be less then 21
characters (64 for Encrypted Password File and Active Directory). Periods are allowed to use, but not as
the first or last character.
So, we have now two users. Are they equally? No, bob is a member of the POP3 Users group, which is
denied to logon locally. Ariel is not member of this group, and can still logon locally and access her
mailbox.
Configure the SMTP Server
Actually, that’s it! It is this simple to configure the POP3 part. But it is not yet working as we want, we
have to configure the SMTP part to be able to receive and send emails. Yes, I said receive emails. A
common mistake is to think that the POP3 server receives the emails. But that is not true, all the POP3 is
doing is ‘pop’ the emails out to the clients. It’s the SMTP server that is communicating with other SMTP
servers and receives and sends emails.

• Open Computer Management

• Expand Services and Applications, expand Internet Information Service
• Right click Default SMTP Virtual Server and click Properties
• Click the Access tab
• Click the Authentication button and make sure Anonymous Access and Integrated Windows
Authentication is enabled.
• Click the Relay button and make sure Allow all computers which successfully... is enabled and
Only the list below is selected.

First of all, Authentication and Relay is not the same thing. We use the Authentication button to specify
which authentications methods are allowed for users and other SMTP servers. So enabling Anonymous here
is not a security issue, in fact, it’s required if we want our server to be able to receive emails from other
servers on Internet (I doubt you want to tell all administrators of email servers on Internet how they
should logon to yours). We also need Windows Authentication so the email clients can authenticate to the
server and be able to relay (send emails).
As Relay Restrictions we selected Only the list below because we do not want to be used by spammers to
send emails. But we never specified any computers. That is valid, because we wants our clients to always
use the username and password to authenticate, no matter where they are.
If you want users to only be allowed to relay if they are on a private network, then you can uncheck
Windows Authentication as allowed authentication method, and specify the IP range for your network in
the Relay Restrictions window.
Is that all? Do we have a working email server now? Well, the answer is yes. But we still haven’t
configured the email clients.
Configure the email client
We will use Outlook Express as email client.

• Start Outlook Express (any computer that is connected to the email server)
• Click Tools and then Accounts
• Click the Add button and select Mail

A wizard starts. Use the following table to complete the wizard:

Display name Bob
E-mail address bob@<your domain> (bob@ilopia.com)
Incoming mail server is a POP3
Incoming mail server <your domain> (ilopia.com)
Outgoing mail server <your domain> (ilopia.com)
Account name bob@<your domain> (bob@ilopia.com)
Password bob
Remember Password Checked
SPA Unchecked
Are we finished now? Well, let us try to send an email. Didn’t work, did it? I’m sure you got an error
message similar to this one:
The message could not be sent because one of the recipients was rejected by the server. The rejected e-
mail address was 'webmaster@ilopia.com'. Subject 'Test', Account: 'ilopia.com', Server: 'ilopia.com',
Protocol: SMTP, Server Response: '550 5.7.1 Unable to relay for webmaster@ilopia.com', Port: 25,
Secure(SSL): No, Server Error: 550, Error Number: 0x800CCC79
The reason why we got this is written in the error message. “Unable to relay for <email address>”. This
means that we didn’t get authenticated to the SMTP server. So, let us take a look at the email client’s
settings again.

• Click Tools, then Accounts.

This will bring up this window:

• Click the correct account and then the Properties button

• Click the Servers tab
• In the Outgoing Mail Server section enable My server requires authentication.
• Click Apply, click OK, click Close
• Create a new email, and send it

And hopefully you will receive an email within some minutes (if you sent it to your own email account).
Enable SPA
Of course we want our network as secure as possible, so we prefer to use SPA (Secure Password
Authentication). This will, as stated before, send the user name and password from the client encrypted,
instead of clear text.

• Click Start, then Run

• Type p3server.msc
• In the right pane, right click your computer’s name and click Properties
• Check the box Require Secure Password Authentication...
• Click OK
• You will be prompted to restart the Microsoft POP3 Service, click Yes

We must also change some settings for the email clients.

• Start Outlook Express

• Click Tools, click Accounts
• Click the Mail tab, click the name of your email account, click Properties
• Click the Servers tab, and click Log on using Secure Password Authentication
• Change the account name from bob@<your domain> to bob
• Click Apply, click OK