Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

ITNET-198: Project Implementation (Network Specialist)

advertisement 
Evan Patten
ITNET-198: Project Implementation (Network Specialist)
Domain: W2K8AD01.com
INTERNET
Windows Server 2008 Domain Controller:
MSN-DC-1
-DHCP Server
-DNS Server (primary)
Windows Server 2008 Member Server:
MSN-SRV-1
-File Server
-DNS Server (secondary)
IP Adress: 172.16.0.2
IP Adress: 172.16.0.66
Subnet Mask: 255.255.255.192
Subnet Mask: 255.255.255.192
DNS: 127.0.0.1
DNS: 172.16.0.2
Default Gateway: 172.16.0.1
Default Gateway: 172.16.0.65
Subnet 1:
172.16.0.0 /26
Subnet 2:
172.16.0.64 /26
Windows Server 2003 Router
MSN-RTR-1
-Firewall
-NAT
-DHCP Relay Agent
NIC #1: Assigned by ISP
Subnet Mask: Assigned by ISP
Windows 7 Workstation
MSN-CLIENT-01
NIC #2: 172.16.0.1
Windows 7 Workstation
MSN-CLIENT-02
Subnet Mask: 255.255.255.192
IP Adress: DHCP enabled, dynamically
assigned IPV.4 address
NIC #3: 172.16.0.65
IP Adress: DHCP enabled, dynamically
assigned IPV.4 address
Subnet Mask: 255.255.255.192
Subnet Mask: 255.255.255.192
Subnet Mask: 255.255.255.192
DNS: 172.16.0.2 (primary)
172.16.0.66 (secondary)
DNS: 172.16.0.2 (primary)
172.16.0.66 (secondary)
Default Gateway: 172.16.0.1
Default Gateway: 172.16.0.65
Project Description
The average IT department utilizes only about 5% to 25% of their servers’ capacity. Businesses
get the most out of their underutilized servers through virtualization. Consolidating several
servers on one machine can help a business reduce energy consumption; minimalize hardware
maintenance, and most of all, save money.
The goal of my project was to virtualize a simple domain-based Microsoft network in Hyper-V.
In my project, I’ve virtualized two Windows Server 2008 machines (one being a domain
controller, the other a member server), one Windows Server 2003 machine (RRAS server), and a
couple of clients running Windows 7 Professional. My project includes (but is not limited to)
DHCP, DNS, FTP, group policy objects, folder redirection, and roaming profiles.
Required Hardware/Software
Microsoft’s foray into server virtualization is Hyper-V. The Hyper-V role is only available with
the 64-bit versions of Windows Server 2008 Standard, Datacenter, and Enterprise editions
(including Server Core). However, other requirements to run Hyper-V include:


64-bit processor with virtualization support and hardware data execution protection
Enough free memory and disk space to run virtual machines and store virtual hard drives
Having met these requirements, I installed Windows Server 2008 R2, Enterprise Edition, on my
server. Later, I installed extra memory; bumping it up to 8 gigabytes.
After installing the OS, I installed the Hyper-V role; thus completing the setup for my server.
Hyper-V settings and configurations can be managed through the Hyper-V Manager MMC snapin (which can be accessed through Administrative Tools in the Start menu).
The New Virtual Machine wizard provided the step-by-step process to create the machines. A
separate console allowed me to adjust the settings for each VM.
The Virtual Network Manager allowed me to create three networks for my machines. Two
networks (Subnet 1 and 2) were private, and the third (Internet) was external.
Once I had created my five machines, I needed to configure my domain.
Network Configuration
For the network address scheme, I chose to subnet a class B license (172.16.0.0) into a couple of
class C licenses. To do this, I borrowed 10 host bits; resulting in a subnet mask of
255.255.255.192. This allowed for 62 useable hosts on each subnet. The network IDs for Subnet
1 and 2 are 172.16.0.0 and 172.16.0.64 respectively.
Domain Controller: MSN-DC-1
Roles and Services: ADDS, DHCP, DNS (primary)
IP Address: 172.16.0.2 /26
DNS: 127.0.0.1
Default Gateway: 172.16.0.1 /26
Member Server: MSN-SRV-1
Roles and Services: FTP, DNS (secondary)
IP Address: 172.16.0.66 /26
DNS: 172.16.0.2 /26
Default Gateway: 172.16.0.65 /26
RRAS Server: MSN-RTR-1
Roles and Services: Routing and Remote Access, DHCP Relay Agent
NIC #1(Internet) - IP Address: Assigned by Internet Service Provider
NIC #2 (Subnet 1) - IP Address: 172.16.0.1 /26
NIC #3 (Subnet 2) – IP Address: 172.16.0.65 /26
Subnet 1 Workstation: MSN-CLIENT-01
IP Address: DHCP enabled, dynamically assigned IPv4 address
DNS: 172.16.0.2 (preferred), 172.16.0.66 (alternate)
Default Gateway: 172.16.0.1 /26
Subnet 2 Workstation: MSN-CLIENT-02
IP Address: DHCP enabled, dynamically assigned IPv4 address
DNS: 172.16.0.2 (preferred), 172.16.0.66 (alternate)
Default Gateway: 172.16.0.65 /26
Project Implementation
The domain controller was the first machine I configured. After installing Windows Server 2008,
Enterprise edition, I named the machine (MSN-DC-1), adjusted the time zone, and configured
the network settings.
To make MSN-DC-1 a domain controller, I installed the the Active Directory Domain Services
role. In addition, I installed the DNS Server role; Domain Name System is required for Active
Directory functionality. Next, I ran dcpromo to create my domain- W2K8AD01.com.
Apart from the aforementioned roles, I also added the DHCP Server role. Dynamic Host
Configuration Protocol is used to provide automatic IP addressing for Windows clients; it eases
the burden of maintaining IP addresses on a large or small network. The DHCP Server console
can be accessed through Server Manager or Administrative Tools. In this console, I created two
scopes; one for Subnet 1 (172.16.0.0) and one for Subnet 2 (172.16.0.64). Within each scope, I
created a range of IP addresses for the Address Pool. Later, when the Windows 7 workstations
were configured and DHCP was enabled on each, IPv4 addresses would be leased out to them.
(For MSN-Client-02 in Subnet 2 to receive a dynamically assigned IP address, the router would
need to be configured as a DHCP Relay Agent.) I also configured Scope Options for each
separate scope: 003 Router (the subnet’s default gateway), 006 DNS Servers (172.16.0.2,
172.16.0.66), and 015 DNS Domain Name (W2K8AD01.com).
Domain Name System is a distributed hierarchical database that’s mainly composed of computer
names and IP addresses. Active Directory depends on this service to resolve computer names to
IP addresses (and vice versa) and to locate computers that offer specific services. Since this
Active Directory integrated DNS server hosts the primary DNS zone for my domain, I created a
forward look-up and a reverse look-up zone (that contained Host and PTR records, respectively).
Active Directory is a directory service that allows administrators manage network resources.
Active Directory Users and Computers allowed me to create objects for my domain. I created a
couple of users (“Test User 1” and “Test User 2”), an Organizational Unit (“Marketing”), and a
couple of child OU’s (“Project” and “Sales”).
The Properties dialogue box of a user has various tabs that allow me to configure different
aspects of the object. In the Profile tab, I could put in the UNC path for a roaming profile. In the
Account tab, I can decide what computer(s) the user can log on to.
The Group Policy Management snap-in allowed me to create a couple Group Policy Objects that
I could link to an OU. I created one GPO for Folder Redirection and linked it to the Domain.
I also created a GPO to remove the Control Panel from the Start Menu and linked it to the Sales
OU.
A domain wouldn’t be functional without a router connecting the separate networks. On my
Windows Server 2003 machine, I installed the Routing and Remote role. I also made the server a
member of my domain and configured the IP settings for each of the three network adapters. The
IP addresses for the adapters for Subnet 1 and 2 were statically assigned, while the adapter that
connected to the Internet received its IP address from the local service provider.
For the client machine in Subnet 2 to receive a dynamically assigned IP address from the DHCP
server on Subnet 1, a DHCP relay agent had to be enabled.
Finally, Network Address Translation was configured to help protect the private network from
public networks by allowing internal clients access to the Internet through a shared IP address.
For my member server in Subnet 2, I installed Windows Server 2008, Enterprise Edition. Apart
from the usual tasks like naming the machine and setting the correct time zone, I made it a
member of the domain and statically assigned its IP settings.
Next, I included the DNS Server role and created a secondary DNS zone to make it the alternate
DNS server for the domain.
Since I wanted a file server for my domain, I added the File Services role to MSN-SRV-1.
I also created a couple of shares on the root of the C: / drive for folder redirection and roaming
profiles.
When a roaming profile is configured for a user, the next time he or she logs on to a computer,
the default or existing local profile is copied to the roaming profile. The folder with the user’s
logon name and .V2 at the end is created automatically with the appropriate permissions. This
allows the user’s profile to be available on any computer they log on to.
For folder redirection, I created a share for user documents. When a user creates a file or folder
on their desktop or in the ‘Documents’ folder, it’s not stored on the local machine, but on the
network’s FTP server. Share and NTFS permissions need to be properly configured so that the
documents can be accessed by the appropriate user.
For the Windows 7 clients, DHCP was enabled and IP addresses were dynamically assigned.
To see if the DHCP relay agent worked, I pulled up the command prompt for MSN-CLIENT-02.
When I ping the domain controller, I get a response that helps tell me that DNS is functioning.
Since Test User1 was only allowed to log on to the workstation in Subnet 2, the user is denied
access to the workstation in Subnet 1.
The GPO linked to the Sales OU removed the Control Panel from the Start Menu for Test User1
when the user logs on to MSN-CLIENT-02.
Project Summary
Originally, I set out to virtualize my network using VMware. But ultimately, I decided to go with
Hyper-V- only because of VMware’s steep learning curve. Had I gone with VMware, I probably
would have spent an inordinate amount of the semester learning how to use it.
In the early stages of my project, I wanted to implement WSUS and web services. But, the
project became too sprawling; so, I had to scale back some of the proposed elements.
During project implementation, I hit a couple speed bumps…
Migrating machines back and forth from a server running Virtual PC to one running Hyper-V
posed bit of a problem when integration features were installed. This issue led to a VHD file,
originally created with Virtual PC, not being compatible with Hyper-V. To get around this, I had
to do one of two things: uninstall the integration features before migrating to Hyper-V, or not use
them at all. Ultimately, I wanted to make the migration process hassle free and chose the latter.
I also had an issue configuring the share and NTFS permissions for folder redirection late in the
semester. Had I afforded myself more time during the initial stages of configuration, it wouldn’t
have gone down to wire. But, I guess hindsight is 20/20.
Warts and all, I found the project rewarding (and learned a lot along the way).
(Furthermore, CBT Nuggets and Microsoft TechNet proved to be valuable resources).
Related documents
Subnet and Packet Tracer Task #2
Subnet and Packet Tracer Task #2
IE 419/519: Wireless Networks Winter 2013 Homework #2
IE 419/519: Wireless Networks Winter 2013 Homework #2
Basic Server Roles: File Services Role: The File Services Role has
Basic Server Roles: File Services Role: The File Services Role has
LAB 7
LAB 7
Extra exercises on subnetting
Extra exercises on subnetting
Design a network addressing system, with subnet and
Design a network addressing system, with subnet and
Packet Tracer Lab
Packet Tracer Lab
Wired communication standards solutions
Wired communication standards solutions
Download
advertisement