SYSTEM ADMINISTRATION Chapter 16 Client Workstation Basics

advertisement
SYSTEM ADMINISTRATION
Chapter 16
Client Workstation Basics
Understanding Network Client
Computers
• A network client computer can be defined simply as
a computer that has the necessary hardware and
software installed to allow it to connect to a network.
• Moreover, most network clients can also function as
a server. A server serves, or provides a service to
the other clients on the network.
Adapters
• Adapters are the pieces of hardware that allow the
cable to connect to the computer.
• Once the hardware is installed, a piece of software
known as a device driver is installed to allow the
operating system to communicate with the
hardware.
• Some of the more common adapters are:
– Integrated Services Digital Network (ISDN) cards
– Modems
– Network interface cards (NICs)
Selecting and Installing Network
Interface Cards (NICs)
• The most common type of adapter used in a
networked computer is a network interface card
(NIC).
• The NIC is a piece of hardware in the form of an
expansion card that is installed inside the computer.
• When selecting a NIC for your network installation,
your choice will be governed by the type of
expansion slots that are available on the computer’s
motherboard.
Network Software and
Properties
• Network software generally falls into three broad
categories: clients, protocols, and services.
• This software is installed on the client computer
through the Network Properties dialog box.
Client Software
• Client software is installed on a computer to allow
the computer to send requests to a server or
another computer on the network.
• Client software, or just clients, are often referred to
as “redirectors” because they have the ability to
redirect requests for resources that are not located
on the local machine.
• The most common network clients in use today are
the clients for Microsoft and Novell networks.
Microsoft Client for Microsoft
Networks
• The Microsoft Client for Microsoft Networks is
installed automatically in Microsoft Windows
operating systems whenever a network adapter
installation is detected.
• The Microsoft client allows networked computers to
communicate with other computers and servers in a
Microsoft-based network.
Domain Configuration
• A Windows domain is a client-server network that
uses Windows servers as domain controllers.
• The purpose of a domain controller is to handle
network security, including users, groups, and
resources.
Peer-to-Peer Configuration
• The procedures to join a workgroup are very similar
to those for joining a domain.
Client for Novell Networks
• Most Microsoft operating systems include a client for
Novell NetWare networks; however, it is generally
preferable to use Novell’s client software.
• The Novell client software allows Windows
workstations to access and use all of the services
available on Novell NetWare servers running Novell
Directory Services and ZenWorks.
Troubleshooting Client
Installation
• Since clients are software, problems are usually caused by
configuration errors that manifest themselves during
network logon.
• In Microsoft Networks, confirm the following information:
– The computer is a member of the domain, if required,
and that the domain name and computer name are
spelled correctly.
– The domain name specified in the client box is correct.
– You are attempting to log on with a domain user name.
– The password matches the user name and is spelled
correctly.
– Since passwords are case sensitive, ensure the Caps
Lock key is not engaged.
(continued)
Troubleshooting Client
Installation (continued)
• In Novell networks, check these items:
– The client you are using is the most current.
– The client you are using is compatible with the
Novell network operating system and supporting
components, such as Novell Directory Services
and ZENworks.
– The correct context is specified at the client.
– The user name and password are correct.
Protocols
• Protocols can be defined as the rules or procedures
computers use to communicate with each other.
• Each protocol must be installed on the computer
and, depending on the protocol, some configuration
may be required.
• Although a computer may have several protocols
installed, each computer on the network must have
at least one protocol in common.
• The most common protocols are NetBEUI, IPX/SPX,
and TCP/IP.
NetBEUI
• The NetBEUI protocol has no configurable
parameters. Once it is installed, it is ready for use.
Internet Packet
Exchange/Sequenced Packet
Exchange (IPX/SPX)
• The Internet Packet Exchange/Sequence Packet
Exchange (IPX/SPX) is the protocol used in Novell
networks.
• IPX/SPX is a fully routable protocol that requires two
configuration parameters.
– Internal network number
– Frame type
Internal Network Number
• The IPX internal network number uses a logical
addressing format that is based on the machine’s
MAC address.
• An IPX address contains two parts: the network
address and the node address.
• The network address is determined by the network
administrator and set on the server. The node
portion of the address is the MAC address for the
machine.
Frame Type
• The version of NetWare you are running and the
additional protocols implemented on the network will
determine which frame types must be enabled. All frame
types are IEEE defined.
– 802.3
• This frame type is often referred to as 802.3 RAW.
It is the default frame type setting for NetWare 3.12
and earlier versions.
– 802.2
• Later versions of NetWare (4.x and later) use this
frame type. It is a fully IEEE-compliant
encapsulation method.
(continued)
Frame Type
(continued)
– ETHERNET_II
• When providing interoperability with NetWare
networks and TCP/IP, it is necessary to
encapsulate the packets in an IPX-compatible
format. This frame type was also used by DEC
networks and AppleTalk Phase I (the original
AppleTalk protocol) networks.
– ETHERNET_SNAP
• AppleTalk Phase II requires this frame type. It is a
standard IEEE 802.2 frame with SNAP extensions.
• IPX/SPX is implemented in the Windows family of
products as the NWLink Protocol.
Troubleshooting the IPX/SPX
Protocol
• IPX/SPX is fairly easy to troubleshoot as it has only
two parameters to configure: the network number
and frame type.
• The network number should be obtained from the
network administrator. Ensure that the number is
entered correctly.
• Check the frame type to make sure the correct type
is entered. If only one frame type is in use on the
network, you may select the Auto Detect option.
• If more than one frame type is being used, you must
manually select all frame types.
TCP/IP
• TCP/IP is not just one or two protocols, but a whole suite
of protocols that can provide services and functions on
the network.
• While a MAC address represents the physical network
interface, an IP address represents a logical location on
the network or internetwork.
• All nodes participating in a TCP/IP network must acquire
a unique IP address to access services and
communicate with other nodes.
• The information required to configure a computer to run
the TCP/IP protocol depends upon the situation. If the
computer will only communicate with computers on its
own subnet, the following data is required:
– IP address
– Subnet mask
(continued)
TCP/IP
(continued)
• If the computer will need to communicate outside of
its own subnet, the following information is required:
– IP address
– Subnet mask
– Default gateway
• If you wish to use friendly names instead of IP
addresses when communicating, you will need to
add IP addresses for WINS servers or DNS servers.
• The IP addressing parameters can be added to the
client manually or automatically.
Dynamic Host Configuration
Protocol (DHCP)
• Dynamic Host Configuration Protocol (DHCP) is used to
dynamically, or automatically, assign Internet Protocol
(IP) addresses whenever TCP/IP is being used on a
network.
• DHCP consists of both a server and a client component.
In order to assign TCP/IP addresses automatically, the
DHCP Server Service must be installed on a server.
• Once the server component is installed, a scope, or
range of addresses that may be assigned, and related
parameters are developed.
• In order to configure a client to automatically accept
addresses, the client must have the built-in ability to be a
DHCP client.
(continued)
Dynamic Host Configuration
Protocol (DHCP) (continued)
• Once the computer has restarted, it will attempt to obtain
an IP address using the following steps:
– When a DHCP client powers up, it sends
DHCPDISCOVER packets across the network.
– All DHCP servers that receive this broadcast will
respond with a DHCPOFFER. DHCPOFFER packets
typically contain information such as:
• IP address that is being offered
• IP address lease time
• Subnet Mask
• Broadcast address
• Routers on subnet
• Domain name
• Domain Name Server address
(continued)
Dynamic Host Configuration
Protocol (DHCP) (continued)
– The client selects the offer it wants. Normally it
selects the first DHCPOFFER received.
– When the selected DHCP server receives the
DHCPREQUEST, it replies to the client with an
acknowledgement, or DHCPACK packet, which
completes the DHCP transaction.
Troubleshooting the TCP/IP
Protocol
• TCP/IP addressing is one of the most difficult concepts
to learn in networking. Due to the complexities involved,
addressing errors are common.
– Ensure the IP address of the client is correct for the
subnet the computer is located on.
– The subnet mask must be appropriate for the IP
address.
– Use the PING utility to check the protocol stack on the
device.
– Use the PING utility to ensure the default gateway is
functioning correctly.
– Use the PING utility to check connectivity with sites
beyond the default gateway.
– Use the PING utility to ensure the DNS and WINS
servers are functioning correctly.
Domain Name System (DNS)
• The Domain Name System (DNS) is used to resolve
host or fully qualified domain names (FQDNs) to IP
addresses.
• To configure a client to use DNS, the IP address of
one or more DNS servers must be added to the
computer’s TCP/IP properties.
Troubleshooting (DNS) Resolution
• At the client end, you are most likely to encounter DNS
problems while trying to connect to a Web site by fully
qualified domain name.
– Check the physical connections of the workstation by
opening the Network Neighborhood or My Network Places
and browsing network resources.
– In Network properties, ensure the IP address or addresses
of the DNS servers are correct.
– Use the PING utility to test connectivity to the DNS server
or servers.
– Try to connect to the Web site by typing the IP address of
the Web site in the address block of the Web browser. If
you can connect by IP address but not by fully qualified
domain name, a DNS server problem is indicated. Contact
the DNS server administrator.
Host Table Files
• Originally, a file called the host table was used to list
all the resources and their IP addresses.
• The host file contains the mappings of IP addresses
to host names.
• Each entry is the IP address followed by the name.
Understanding NetBIOS Names
• NetBIOS is an acronym that stands for Network
Basic Input/Output System.
• NetBIOS is an application programming interface
(API) that adds functions designed specifically for
local area networks.
• In order to communicate on a NetBIOS network,
each node needs to be identified by a unique name.
In NetBIOS networks, names are used by each
host.
(continued)
Understanding NetBIOS Names
(continued)
• Every client computer in a Microsoft network is
assigned a name, commonly referred to as a host
name. That host name is considered a NetBIOS
name.
• That name must contain 16 or fewer characters, and
it may be letters or numbers.
• NetBIOS names may be resolved through
broadcasts or through some other method, such as
WINS or LMHost files.
Windows Internet Name Service
(WINS)
• There are three very important things to know about the
Windows Internet Name Service (WINS).
– First, WINS has absolutely nothing to do with the
Internet.
– Second, WINS applies only to Microsoft networks.
– Finally, WINS is used to resolve NetBIOS names to IP
addresses.
• WINS, like DNS, consists of a server and a client
component. In order to use WINS, the WINS server
service must be installed on a Windows server.
LMHosts
• The LMHosts file is a text file that contains static
mappings of IP addresses to computer (NetBIOS)
names.
• The LMHosts file can be used by Microsoft clients to
assist with NetBIOS name resolution.
• Think of the LMHosts file as the manual version of
WINS.
• Each Microsoft operating system contains a sample
LMHosts file (LMHosts.sam) that can be modified as
necessary and then saved as “LMHosts” without an
extension.
(continued)
LMHosts
(continued)
• After the file has been created, save it to the
%systemroot%\System32\Drivers\Etc directory.
• The following keywords or extensions can be used
in the LMHosts file:
– #PRE
– #DOM:<domain>
– #INCLUDE <filename>
– #BEGIN_ALTERNATE and #END_ALTERNATE
– \0xnn (nonprinting character support)
Services
• Network services provide functionality to the client
computer.
• Some typical examples of network services are:
– File and Print Sharing for Microsoft Networks
– File and Print Sharing for Novell Networks
– Remote Registry Service
– QoS Packet Scheduler
– Service Advertising Protocol (SAP)
Understanding Security
• In a network environment, some type of security or
control is built into almost every function.
Local Security
• In computer networks, when you hear the word
“local” think of the computer that you are sitting in
front of.
• Therefore, when you hear the term “local security,”
think of security that affects only the computer you
are working at.
• Local security starts with the login process, typically
a user name and password.
• It includes groups or roles, and file system security.
Logon and Role/Group Security
• Each operating system has different logon security
requirements.
• The user account that you use to log on to the
computer exists only on that computer because the
account was created at that computer.
File System Security
• Some file systems, such as the new technology file
system (NTFS), allow you to set permissions on files
and folders.
Network Security
• Network security is very similar to local security in
several aspects. For example, when logging on to a
network, the user must supply a user name and
password.
• Users can be controlled by groups and roles.
• The major differences are that the user accounts
and groups are created at a server and not on the
local computer.
• Therefore, when you log on, you must use a user
name and password that were created at a server.
Troubleshooting Logon Security
• Ensure you are using the correct user name and
password.
• Remember that passwords are case sensitive.
• In Microsoft networks, check the client to ensure you
are attempting to log on to the correct domain.
• In Novell networks, ensure your tree and context are
correct.
Troubleshooting Role/Group
Security
• Roles determine the rights available to a user. When
using roles, always ensure you have selected the proper
role for the user.
• Users are typically assigned permissions to resources by
groups. If a user appears to be in the correct group but
still cannot access a resource, check these things:
– Make sure the user is not in more than one group with
conflicting permissions.
– Normally, a setting of “No Access” overrides all other
permissions. Make sure the user is not blocked from
the resource or in a group that is blocked.
– Ensure the user is logging on to the network and not
the local workstation.
Troubleshooting File System
Security
• File system security can conflict with security set at
the share level. If you believe this is occurring,
check permissions at both levels.
• When using both file and share permissions, the
most restrictive permission applies.
Download