Ch

ng 2: Network Services

N i dung
         

Names and Addresses HOSTS File LMHOSTS Domain Name System Windows Internet Name Service (WINS) SMB and CIFS Mail Services Dynamic Host Configuration Protocol Dynamic DNS Active Directory Basics
2

Names and Addresses




name (hostname)
indicates what we seek.




address (IP)
indicates where it is.
names & numeric addr be used interchangeably




route (tuy n)
indicates how to get there

Name are easier to remember and type correctly. Applications use IP addresses, but names are easier for humans to use

Names and Addresses

In most cases, hostnames and numeric addresses can be used interchangeably. User can ping the PC at IP address 172.16.12.2 by entering: C:\ ping 172.16.12.2 Or by enter the hostnames associated with the address: C:\ping poop.example.com  The system converts the hostname to an address before the network connection is made.


Names and Addresses



to organize PC system names



2 common methods used

S d ng tn n gi n ch m i host. hostname ph i l gi tr duy nh t trn m ng (must be unique within network) V d : once the name pooh has been assigned to a host, no other host on that network should be assigned that name.

Flat namespace


Names and Addresses



to organize PC system names



2 common methods used

M ng chia nh thnh nhi u ph n g i l domain (Subdivides network into multiple named parts called domains) hostname
 

Hierarchical namespace


Gi tr duy nh t trong m t domain (unique within a domain) Nh ng c th c nhn i trong cc domain khc trn cng 1 m ng (but may be duplicated in other domains on the same network)

For example, a host named pooh.example.com and another host named pooh.oreilly.com may exist within the same network in this case, the Internet.
6

Names and Addresses



flat namespace is inadequate (khng



Tn c s n b gi i h n (Limited name availability ) A good computer name is short, easily remembered, and meaningful. In a flat namespace, all the good computer names are taken quickly, and you find yourself assigning essentially random names to your hosts.

Names and Addresses



flat namespace is inadequate (khng



C n qu n l t p trung (Centralized administration requirements)

Gn quy n qu n l t p trung cho m i hostname c th lm cho ti n trnh x l ch m tr ho c t nh t (The central authority assigns every hostname, which can be a slow tedious process)

Names and Addresses

HOSTS File


simple text file that associates IP addresses with hostnames



Windows Server 2003 systems



%SystemRoot%\System32\Drivers\etc\hosts IP address a list of hostnames associated with that address

entry contains
 

Comments begin with #.

10

HOSTS File

11

NetBIOS


M i my tnh trong m ng dng h c m t tn NetBIOS duy nh t. M i tn NetBIOS ch a t i a 16 k t

i u hnh Microsoft

Tn NetBIOS c hai d ng: unique v group Tn NetBIOS d nh v thn thi n h n ng i dng a ch IP iv i

Cch xem NETBIOS: C1: Computername/ change/ more C2: Run/ cmd / nbtstat n (ki m tra tn NETBIOS name my mnh) Nbtstat a IP my khc
12

Cc lo i NetBIOS Node
Cc lo i NetBIOS node nh ngh a cc ph phn gi i tn NetBIOS sang a ch IP
Ki u Node B-node P-node M-node H-node Di n gi i Dng broadcast ng k v phn gi i tn NetBIOS Ch dng WINS phn gi i tn NetBIOS K t h p B-node v P-node, nh ng Bnode l m c nh K t h p P-node v B-node, nh ng Pnode l m c nh

ng php

Registry value 1 2 4 8
13

LMHOSTS (Lan manager hosts)



nh x tn NetBIOS sang
 
 

a ch IP

Trong %SystemRoot%\system32\drivers\etc N i dung i t ng c a LMHOSTs (entry contains)

a ch IP (IP address) Tn c a NetBIOS k t h p v i with that address) a ch IP (1 NetBIOS name associated

M t vi tnh n ng khng c trong file HOST (some features that not supported by HOSTS file)


Ch thch b t

u b ng k t # (comments begin with #).

#PRE


#DOM: domain


The entry (entry in LMHosts file) preloaded into cache and permanently retained there speed up for frequently used hostnames

#INCLUDE file


Xc nh m t my ch c th xc nh n yu c u ng nh p (Identifies a Windows server that can validate network logon requests. ) Specifies remote file that should be incorporated in local LMHOSTS file
14

LMHOSTS
reload with the nbtstat -R command

nbtstat -c cmd shows entries that are currently cached

15

HOSTS vs LMHOSTS
The original method of name resolution was to simply look up the hostname in a flat file called a host table. The file that contains TCP/IP hostnames is HOSTS, and the file that contains NetBIOS hostnames is LMHOSTS. Now, however, both TCP/IP and NetBIOS support name servers. The database system used to translate TCP/IP hostnames to addresses is called Domain Name System (DNS). The name server system used for NetBIOS names is Windows Internet Name Service (WINS )
16

DNS


DNS l h th ng tn mi m c pht minh vo n m 1984 cho Internet, c dng phn gi i ( i) tn mi n (hostname) thnh a ch IP trong cc m ng TCP/IP. V d : i en.wikipedia.org thnh a ch PI 66.230.200.100 DNS c so snh nh phone book c a Internet.
17

Cy phn c p DNS

18

Cy phn c p DNS


t ng: Phn pht trch nhi m gn tn mi n v nh x chng thnh a ch IP cho m t server c th m quy n Domain names s p x p thnh m t cy, c t thnh nhi u vng, m i vng c qu n l b i m t server c th . Khng gian tn mi n ch a m t cy tn mi n. Cy con chia thnh nhi u vng M t vng ch a t p h p cc node lin quan c qu n l b i DNS nameserver chnh th c
19

Cy phn c p DNS


M i node hay l trn cy c 1 hay nhi u b ng ngu n, ch a thng tin lin quan n tn mi n M t namespace n c th lm ch nhi u vng.

20

Domain Name System (DNS)



T ch c thnh cy phn c p t ng t nh cch t ch c phn c p c a th m c (organized into hierarchy similar hierarchy filesystem), bao g m:  root domain  top-level domains (TLD)  Geographic  aside for country in the world (by a 2letter: vn, fr, uk,jp,  organizational  com, edu, gov, mil, net, int, org (based on the type of organization)
21

Domain Name System

22

Domain name server



1 domain name th ng ch a m t hay nhi u ph n (nhn), ng n cch b i d u ch m.



Nhn ph i nh t chuy n n vng cao nh t (toplevel domain) M i nhn cho n pha tri nh ngh a s chia nh hay l vng con c a vng trn n. V d : wikipedia.org bi u hi n vng con c a vng org; en.wikipedia.org bi u hi n vng con c a mi n wikipedia.org.
23

Domain name server



Domain name server ch a 1 t p c phn c p DNS server. DNS server c quy n cng b tn mi n v nameserver c a nh ng vng d i n. S phn c p t m ki m sot c a DNS server t ng h p v i s phn c p mi n.

24

WINS (Windows Internet Name Service)

-

NetBIOS-over-TCP/IP (NetBT) l 1 thnh ph n m ng tch h p s n trong Windows c nhi m v phn gi i tn t NetBIOS name sang IP. C ch phn gi i NetBIOS name: a). S d ng Broadcast. b). S d ng WINS Server. Gi i php khng s d ng Broadcast h i a ch IP c a m t my tnh trong m ng l s d ng m t my ch l u NetBIOS Name a ch IP c a ton b cc my tnh trong m ng, my ch ny c g i l WINS Server.
25

Cc thnh ph n c a h th ng WINS
My ch d ch v WINS
Subnet 2

C s d li u WINS

My khch dng d ch v WINS

Subnet 1

WINS Proxy

How a WINS Client Registers and Releases NetBIOS Names

Name Registered Name Released

WINS Client

WINS Server

1 2

My khch g i yu c u

ng k t i my ch WINS

My ch WINS ghi nh n thng tin v g i l i thng s thng bo ng k thnh cng My khch yu c u h y b tn My ch WINS g i xc nh n h y tn

How a WINS Server Resolves NetBIOS Names

Lin l c 3 l n My khch My ch WINS A

1
Subnet 2

Subnet 1

2 3

My ch WINS B
Subnet 2

1 2 3

My khch lin l c 3 l n v i my ch WINS, nh ng khng nh n c h i p My khch lin l c t i t t c cc my ch WINS khc t i khi no nh n c h i p Sau khi phn gi i thnh cng, my ch WINS tr k t qu l i cho my khch

Resolving a NetBIOS name




h-node WINS client resolve NetBIOS name to IP address in following manner

If WINS client cannot resolve name from its local cache query request to WINS server.
 

sends name

If WINS query fail client sends IP broadcast packet containing a name query request.


contains the NetBIOS name of the computer to be resolved. WINS server returns IP address that WINS database maps to NetBIOS name. client uses IP address to establish a session with target computer. If target computer is on same subnet returns IP address to the querying computer and direct session is established.

If IP broadcast name query request fails to return an IP address, client examines its local LMHOSTS file , if local LMHOSTS contains an #INCLUDE statement pointing to a remote LMHOSTS file on a server, it examines remote LMHOSTS file as well.

29

Qu trnh WINS Replication

WINS replication l qu trnh sao chp c s d li u c a WINS khi c s thay i t my ch WINS ny sang my ch WINS khc
My ch WINS A WINS Replication
Subnet 1 Subnet 2

My ch WINS B

My A

My B

C ch Push ho t

ng ra sao

My ch WINS s nh c nh cc my ch WINS khc l c s thay i trong c s d li u c a mnh C ch Push p ng nhu c u ng b ha cho cc ng truy n c b ng thng l n 4 Replicas sent 3 Replication sent 2 Notification request My ch WINS WINS Server A A My ch WINS WINS Server B B
Subnet 1

1
50 changes occur in database

Subnet 2

1 2 3 4

My ch WINS A c 50 thay

i trong c s d li u i

My ch WINS A nh c nh my ch WINS B v s thay ny My ch WINS B yu c u ng b ha u ng b ha

My ch WINS A g i xc nh n v b t

C ch Pull ho t

ng ra sao

My ch WINS yu c u ng b d li u c c u hnh theo th i gian C ch Push p ng nhu c u ng b ha cho cc ng truy n c b ng thng l n

My ch WINS WINS Server A A Subnet 1

Requests changes 1 Replicas sent 2 every 8 hours

My ch WINS WINS Server B B

Subnet 2

1 2

My ch WINS A th i gian nh t nh My ch WINS B

c c u hnh ng v b t

ng b sau m t kho ng u qu trnh ng b ha

SMB and CIFS

NetBIOS networks have been traditionally used for file and printer sharing. The Windows file and printer sharing protocol is Server Message Block (SMB) protocol. For Microsoft Windows NT 4.0, Microsoft extended and updated SMB and rechristened it the Common Internet File System (CIFS).


Server Message Block (SMB) protocol

 

Windows file and printer sharing uses NetBIOS over TCP on port 139 Microsoft extended and updated SMB extended to support Distributed File System (DFS) called Self Host and uses TCP port 445

Common Internet File System (CIFS)

  

33

SMB and CIFS



steps involved in sharing a file or printer using CIFS

 

client resolves server name to IP address client establishes TCP connection to server
 

on port 139 when NetBIOS is used or on port 445 when Self Host is used

34

SMB and CIFS

Client SMB SESSION REQUEST NEGOTIATE packet NEGOTIATE REPLY packet SESSION SETUP ANDX message new UID SESSION SETUP ANDX message TREE CONNECT packet TreeID TREE CONNECT RESPONSE Access using UID, TID
35

Server

session parameters, authe

D ch v Mail (Mail Services)



Cc giao th c c b n (basic protocols )



Simple Mail Transfer Protocol (SMTP )



TCP/IP mail delivery protocol move user's mail from server to user's local mail reader same basic service as POP and adds features to support mailbox synchronization extends the definition of what constitutes mail

Post Office Protocol (POP )



Internet Message Access Protocol (IMAP )



Multipurpose Internet Mail Extensions-MIME



36

SMTP (Simple Mail Transfer Protocol)

 

Giao th c tin c y ch u trch nhi m phn pht mail. L m t d ch v h ng k t n i (connectionoriented service) Ho t ng d a trn chu n giao th c TCP, s hi u c ng (port) ho t ng l 25.

37

SMTP (Simple Mail Transfer Protocol)



Cc t p l nh c a SMTP

38

SMTP


s d ng cc l nh trn ta dng l nh telnet (illustrate how mail is delivered between systems)

telnet mail.example.com 25

39

POP


C 2 phin b n c a POP (Post Office Protocol) c s d ng r ng ri l POP2, POP3. POP2 dng c ng 109; POP3 dng c ng 110. Cc cu l nh trong hai giao th c POP2, POP3 ny khng gi ng nhau nh ng chng cng th c hi n ch c n ng c b n l ki m tra tn ng nh p v m t kh u c a ng i dng v chuy n mail c a ng i dng t Server t i h th ng c mail c c b c a user.
40

POP


client


implementation in the Outlook mailer implementation as part of mail server role available through Windows Server 2003 Configure Your Server wizard

server


41

POP

illustrates how a POP protocol works



telnet mail.example.com 110

42

POP
Cc t p l nh trong POP3

43

IMAP (Internet Message Access Protocol)



IMAP (IMAP 4,IMAP 2 ) port is TCP 143.



Port 220 is used by IMAP 3

44

IMAP

45

MIME


MIME is extension of the original TCP/IP mail system, not a replcement for it. MINE is more concerned with what the mail system delivers than it s with the mechanics of delivery. Structure of the mail message carried by SMTP is defined in RFC 822 MIME extends RFC 822 into 2 areas


Support for various data types



RFC 822 only transfers 7-bit ASCII data Content-Type header and Content-Transfer-Encoding header

Support for complex message bodies



46

MIME

47

DHCP (Dynamis Host Configuration Protocol)

to control TCP/IP configuration from a central point.

48

Dynamic DNS


permits a DNS server to be dynamically updated by the DHCP server or client uses a 5-field format for DNS queries and responses Microsoft integrates DHCP on both client and server with Microsoft DNS, WINS, and Active Directory.

49

Active Directory Basics

 

hierarchical structure Container



contain other objects.Ex : Computers and Users logical collection of computers that includes at least one domain controller. stores a copy of Active Directory database for its domain and specialized software provides domain services and centralized management capabilities.
50

Domain


Domain controller


Active Directory Basics



Domain naming
 

Tree


Windows 2000 and Windows Server 2003 domains are named using DNS formatted names consisting of a name and extension. If the organization has a registered DNS name it may chose to use this name as the name of a tree root domain in its Active Directory forest, but it does not have to. hierarchical collection of domain controllers in same DNS domain namespace. composed of 1 or more Windows domains arranged in 1 or more trees. created when the first DC in the first domain of the forest is created. This first domain is called the forest root domain.
51

Forest
 

Active Directory Basics

52

OU


Active Directory domains may contain Organizational Units (OUs ).

  

OUs are containers that subdivide domains. used to separate users and groups OU can contain objects such as users, groups and other OUs. domain has a single default OU, domain controllers OU, which by default contains every DC in the domain
53

Site


sites are used to represent the physical structure of the forest defined in Active Directory by identifying one or more IP subnets can contain one or more DCs from a single domain and/or one or more DCs from multiple domains
54

Site

55

Active Directory Database Basics



Windows server becomes a DC

default Active Directory database installed

56

Update change


change in Active Directory

 

replicas of Active Directory using DC updated on DCs and global catalog (GC) servers forest-wide Active Directory database Made GC server
57

GC contains


First DC of forest


DC (Domain Controller)


Some AD data can only be managed by specific DCs in the forest



Roles



called operations masters Schema master

Domain-naming master


Controls management of schema objects. Controls addition or removal of domains in forest Allocates a series of relative IDs (RIDs) to each DC in a domain

RID master


PDC emulator master



Infrastructure master


Windows NT Primary Domain Controller (PDC) when Window NT 4.0 computers are domain members Updates references from its domain's objects to objects in other domains
58

Authentication, Authorization, Trusts



User needs to authenticate or identity on network must locate a DC in its domain access to forest-wide resources authorization accounts in 1 domain can be assigned access to resources in another domain domain trusts another domain
59

Authentication, Authorization, Trusts



Trusts in Windows 2000 and Windows Server 2003 domains



Kerberos style


network authentication technique for users and computers in 1 AD domain trust exists between domain A - domain B and domain Bdomain C domain A also trusts domain C If a trust exists domain A and domain B, a trust also exists between domain B and domain A
60

Transitive


Two-way


Group Policy Basics



Group Policy


used to deliver software installation, config settings selected users and PC with accounts in AD domain consists


1 Group Policy engine



interactions between server-side elements of GP and local application

client-side extensions
61

Group Policy Basics



server-side elements

  

Group Policy Objects (GPOs),

store config settings. used to configure thousands of systems automatically 2 default GPOs
 

Resultant Set of Policy (RSoP),

 

Default Domain Controllers Policy Default Domain Policy.

Administrative tools

tool to review effect of proposed or actual Group Policy settings for specific computers and clients. resultant review is stored and can be examined later.

62

Group Policy Basics




process steps from GPO creation to application

GPO is created, edited, and linked to a site, domain, or OU object. If a PC account resides within the object and PC portion of the GPO is enabled config settings are downloaded and applied at PC boot. If a user account resides within the object and user portion of the GPO is enabled, config settings are downloaded and applied during logon. Changes to GPO settings are periodically refreshed, applied and will not wait for user logoff/logon or PC shutdown and start. Security Settings config is periodically applied (every 13 hours) whether or not there are changes.
63

Group Policy Basics



GPOs that may impact a user or PC are applied in a top-down hierarchical fashion.
 

 

First, any GP Settings on local PC are applied Next those on the site object, followed by those linked to domain, OU, and any nested OU objects Until account container is reached. If a conflict exists between the Security Setting or Administrative Template setting during the application of multiple GPOs, the setting in the GPO closest to the account wins. no conflict exists, all settings are cumulatively applied.
64

Group Policy Basics



Constraints and filters



Enabled/Disabled


Security Filter
  

PC and/or user section of GPO must be enabled in order for that section to be applied. user or PC account must have Read and Apply Group Policy permission on GPO. default, Authenticated Users group has these permissions. However, GP administrator can configure permissions so that only certain groups of PC or users can apply

WMI Filter


 

Windows Management Instrumentation (WMI) filter can be used to prevent a GPO from being applied to computers that have specific features detectible through WMI. supports monitoring and management of system resources. can detect whether a PC has a specific feature and prevent GPO application based on that information.

65

Group Policy Basics



Block Inheritance


Enforced (Override)


domain or OU has Block Inheritance property, higher level in GPO hierarchy are not applied.

GPOs at a

Loopback
 

GPO is applied regardless of any use of Block Inheritance feature.

policy that reapplies user portion of PC GPO settings to a PC after application of user based policy. This means that there is a consistent user policy in place on the computer. useful for kiosk and other publicly available PC where privileges of the user logged on should have no bearing on application of Group Policy restrictions.
66

Group Policy Basics



Local GPO information

 

stored on client computer Windows\system32\Group Policy folder stored partially in AD and partially in DC filesystem. recorded in AD Administrative template .adm files and the Security Settings .inf files %systemroot%\SYSVOL\sysvol\<domainname>\Policies

Active Directory-based GPOs

 

GPO properties
 

67