Network+ Guide to Networks, Fourth Edition

Chapter 8 Network Operating Systems and Windows Server 2003-Based Networking

Objectives
Discuss the functions and features of a network operating system Define the requirements for a Windows Server 2003 network environment Describe how Windows Server 2003 fits into an enterprise-wide network

Network+ Guide to Networks, 4e

Objectives (continued)
Perform a simple Windows Server 2003 installation Manage simple user, group, and rights parameters in Windows Server 2003 Understand how Windows Server 2003 integrates with other popular network operating systems

Network+ Guide to Networks, 4e

Introduction to Network Operating Systems

A NOS must:
Centrally manage network resources, such as programs, data, and devices Secure access to a network Allow remote users to connect to a network Allow users to connect to other networks Back up data and make sure its always available

Network+ Guide to Networks, 4e

Introduction to Network Operating Systems (continued)

An NOS must (continued):
Allow for simple additions of clients and resources Monitor status and functionality of network elements Distribute programs and software updates to clients Ensure efficient use of a servers capabilities Provide fault tolerance in case of a hardware or software problem

Network+ Guide to Networks, 4e

Selecting a Network Operating System

Decision will depend largely on OSs and applications running on LAN Consider:
Compatibility with existing infrastructure Security Whether applications will run smoothly Scalability Additional services Budget Training Support
Network+ Guide to Networks, 4e 6

Network Operating Systems and Servers

Most networks rely on servers that exceed minimum hardware requirements suggested by software vendor Considerations to determine optimal hardware:
Number of connecting clients Applications Storage requirements Acceptable downtime Cost versus budget

Network+ Guide to Networks, 4e

Network Operating System Services and Features: Client Support

Client support includes following tasks:
Creating and managing client accounts Enabling clients to connect to the network Allowing clients to share resources Managing clients access to shared resources Facilitating communication between clients

Network+ Guide to Networks, 4e

Client/Server Communication

Figure 8-1: A client connecting to a NOS

Network+ Guide to Networks, 4e 9

Client/Server Communication (continued)

To expedite access to directories whose files are frequently required, map a drive to that directory File access protocol enables one system to access resources stored on another system
Common Internet File System (CIFS) Server Message Block (SMB) AppleTalk Filing Protocol (AFP)

Middleware: software used to translate requests and responses between client and server
Network+ Guide to Networks, 4e 10

Client/Server Communication (continued)

Figure 8-2: Middleware between clients and a server

Network+ Guide to Networks, 4e 11

Users and Groups

Combine users with similar needs and restrictions into groups
Form basis for resource and account management Assign different file or directory access rights groups Can be nested or arranged hierarchically
Inherited permissions

Table 8-1: Providing security through groups

Network+ Guide to Networks, 4e 12

Identifying and Organizing Network Elements

Directory: list that organizes resources and associates them with their characteristics Lightweight Directory Access Protocol (LDAP): used to access information stored in a directory
Recent NOSs use directories that adhere to LDAPs standard structures and naming conventions
Thing or person associated with network represented by an object Objects may have many attributes

Network+ Guide to Networks, 4e

13

Identifying and Organizing Network Elements (continued)

Schema: set of definitions of kinds of objects and object-related information that the database can contain
Classes and attributes

To better organize and manage objects, objects placed in organizational units (OUs) Tree: logical representation of multiple, hierarchical levels within a directory
Branches and left objects

Network+ Guide to Networks, 4e

14

Identifying and Organizing Network Elements (continued)

Figure 8-3: Schema elements associated with a User account object

Network+ Guide to Networks, 4e 15

Identifying and Organizing Network Elements (continued)

Figure 8-4: A directory tree

Network+ Guide to Networks, 4e 16

Sharing Applications
Shared applications often installed on file server specifically designed to run applications Network Administrator must purchase license for application that allows it to be shared
Per user licensing Per seat licensing Site license

Must assign users rights to directories where applications files installed NOS and/or middleware responsible for arbitrating access to files
Network+ Guide to Networks, 4e 17

Sharing Printers

Figure 8-6: Shared printers on a network

Network+ Guide to Networks, 4e 18

Sharing Printers (continued)

All NOSs can:
Create an object that identifies the printer to rest of network Assign the printer a unique name Install drivers associated with the printer Set printer attributes Establish or limit access to the printer Remotely test and monitor printer functionality Update and maintain printer drivers Manage print jobs
Network+ Guide to Networks, 4e 19

Managing System Resources: Memory

Physical memory: RAM chips installed on computers system board
Provide memory to that machine

Virtual memory: Stored on hard disk as a page file

Managed by OS Paging: When system exceeds available RAM, blocks of information (pages) moved into virtual memory Expands available memory Slows system performance
Network+ Guide to Networks, 4e 20

10

Multitasking
Ability of a processor to perform many different operations in a brief period of time
Programs take turns loading and running
Preemptive multitasking or Time sharing

Network+ Guide to Networks, 4e

21

Multiprocessing
Process: routine of sequential instructions that runs until it has achieved its goal Thread: self-contained, well-defined task within a process
Single processor can handle one thread at a time

Multiprocessing: support and use of multiple processors to handle multiple threads

Symmetric multiprocessing: splits operations equally among two or more processors Asymmetric multiprocessing: assigns each subtask to a specific processor
Network+ Guide to Networks, 4e 22

11

Introduction to Windows Server 2003

Graphical user interface (GUI): Pictorial representation of computer functions
Enables administrators to manage files, users, groups, security, printers, etc.

Four Windows Server 2003 editions:

Standard Edition Web Edition Enterprise Edition Datacenter Edition

Network+ Guide to Networks, 4e

23

Introduction to Windows Server 2003 (continued)

General benefits of Standard Edition:
Multiprocessor, multitasking, symmetric multiprocessing Active Directory Microsoft Management Console (MMC) Integrated Web development and delivery services Support for modern protocols and security standards Integration with other NOSs Integrated remote client services Monitoring and improving server performance High-performance, large-scale storage support
Network+ Guide to Networks, 4e 24

12

Windows Server 2003 Hardware Requirements

Table 8-2: Minimum hardware requirements for Windows Server 2003, Standard Edition
Network+ Guide to Networks, 4e 25

A Closer Look at Windows Server 2003: Windows Server 2003 Memory Model
32-bit and 64-bit addressing schemes supported
Require different versions of Windows Server 2003 Require different types of processors The larger the addressing size, the more efficiently instructions can be processed

Each application (or process) assigned own 32-bit memory area

Helps prevent processes from interfering with each other

Virtual Memory dialog box allows increase or decrease of paging file size
Network+ Guide to Networks, 4e 26

13

Windows Server 2003 File Systems: FAT (File Allocation Table)

Original PC file system Disks divided into allocation units (clusters)
Represent small portion of disks space

Allocation units combine to form partitions

Logically separate area of storage

FAT table: hidden file at beginning of a partition

Basis of FAT file system Keeps track of used and unused allocation units Contains information about files within each directory
Network+ Guide to Networks, 4e 27

Windows Server 2003 File Systems: FAT (continued)

FAT16 uses 16-bit allocation units
Partitions or files cannot exceed 2 GB 16-bit fields store file size information Filenames have maximum of eight characters Read, Write, System, Hidden, and Archive Files Stores data in noncontiguous blocks
Uses links between fragments to ensure that data belongs to the same file Unreliable and inefficient

Can write data to disk quickly

Network+ Guide to Networks, 4e 28

14

Windows Server 2003 File Systems: FAT (continued)

FAT32 uses disk space more efficiently
Uses 28-bit fields to store file size information Supports long filenames Theoretically supports 2 Terabyte (TB) partitions
Max 32 GB in Windows Server 2003

Can be easily resized without damaging data Greater security than FAT16

FAT32 preferred over FAT16 for modern OSs

Network+ Guide to Networks, 4e

29

CDFS (CD-ROM File System) and UDF (Universal Disk Format)

CDFS: file system used to read from and write to CD-ROM discs UDF: used on CD-ROM and DVD (digital versatile disc) media

Network+ Guide to Networks, 4e

30

15

NTFS (New Technology File System)

NTFS features:
Filename maximum of 255 characters Stores file size information in 64-bit fields Files or partitions up to 16 exabytes Required for Macintosh connectivity Sophisticated, customizable compression routines Log of file system activity Required for encryption and advanced access security for files, user accounts, and processes Improves fault tolerance through RAID and system file redundancy
Network+ Guide to Networks, 4e 31

MMC (Microsoft Management Console)

Integrates all administrative tools for Windows Server 2003 Snap-ins: tools added to MMC interface Must create custom console by running MMC program and adding selections Operates in two modes:
Author mode: allows full access for adding, deleting, and modifying snap-ins User mode: limited user privileges

Network+ Guide to Networks, 4e

32

16

Active Directory: Workgroups

Active Directory: Windows Server 2003s directory service Workgroup: group of interconnected computers that share resources without relying on a server
Peer-to-peer Each computer has own database of user accounts and security privileges Significantly more administration effort than a client/ server Windows Server 2003 network Best solution for home or small office networks in which security concerns are minimal
Network+ Guide to Networks, 4e 33

Domains
Domain: group of users, servers, and other resources sharing centralized database of account and security information
Organize and manage resources and security

Domain controller: computer with directory containing info about domain objects
Should use at least two on each network

Member servers: Windows Server 2003 computers that do not store directory information Replication: copying directory data to multiple domain controllers
Network+ Guide to Networks, 4e 34

17

Domains (continued)

Figure 8-10: Multiple domains in one organization

Network+ Guide to Networks, 4e 35

Domains (continued)

Figure 8-11: Domain model on a Windows Server 2003 network

Network+ Guide to Networks, 4e 36

18

OUs (Organizational Units)

Figure 8-12: A tree with multiple domains and OUs

Network+ Guide to Networks, 4e 37

Trees and Forests

Active Directory organizes multiple domains hierarchically in a domain tree
Root domain: base of Active Directory tree Child domains: branch out to separate groups of objects with same policies Underneath child domains, multiple organizational units branch out to further subdivide networks systems and objects

Forest: collection of one or more domain trees

All trees share common schema Domains can communicate
Network+ Guide to Networks, 4e 38

19

Trust Relationships

Figure 8-13: Two-way trusts between domains in a tree

Network+ Guide to Networks, 4e 39

Trust Relationships (continued)

Figure 8-14: Explicit one-way trust between domains in different trees

Network+ Guide to Networks, 4e 40

20

Naming Conventions
Naming (addressing) conventions based on LDAP naming conventions Namespace refers to collection of object names and associated places in Windows 2000 Server or Windows Server 2003 network Internet and Active Directory namespaces are compatible

Network+ Guide to Networks, 4e

41

Naming Conventions (continued)

Each Windows Server 2003 network object can have three names
Distinguished name (DN)
Domain component (DC) name Organizational unit (OU) name Common name (CN): unique within a container

Relative distinguished name (RDN): uniquely identifies an object within a container User principal name (UPN): preferred naming convention for users in e-mail, Internet services

Globally unique identifier (GUID): 128-bit number ensuring that no two objects have duplicate names
Network+ Guide to Networks, 4e 42

21

Naming Conventions (continued)

Figure 8-15: Distinguished name and relative distinguished name

Network+ Guide to Networks, 4e 43

Planning For Installation

Critical preinstallation decisions:
How many, how large, and what kind of partitions will the server require? What type of file system will the server use? What will you name the server? Which protocols and network services should the server use?

Network+ Guide to Networks, 4e

44

22

Planning For Installation (continued)

Critical preinstallation decisions (continued):
What will the Administrator password be? Should the network use domains or workgroups and, if so, what will they be called? Will the server support additional services? Which licensing mode will you use? How can I remember all of this information?

Network+ Guide to Networks, 4e

45

Installing and Configuring a Windows Server 2003 Server: The Installation Process
Can install from CD-ROM or remotely Attended and unattended modes
Unattended installations rely on an installation script
Must be carefully planned

Network+ Guide to Networks, 4e

46

23

Initial Configuration

Figure 8-16: Manage Your Server window

Network+ Guide to Networks, 4e 47

Establishing Users and Groups

Installation process creates two accounts
Guest account: predefined user account with limited privileges Administrator account: predefined user account with extensive privileges for resources on the computer and on the domain that it controls

Local accounts: only have rights on server they are logged on to Domain accounts: have rights throughout the domain
Network+ Guide to Networks, 4e 48

24

Establishing Users and Groups (continued)

Figure 8-18: New ObjectUser dialog box

Network+ Guide to Networks, 4e 49

Establishing Users and Groups (continued)

Groups scope identifies how broadly across the network its privileges reach Domain local group allows access to resources within a single domain Global group also allows access to resources within a single domain
Usually contains user accounts Can be inserted into domain local groups

Universal group allows access to resources across multiple domains and forests
Network+ Guide to Networks, 4e 50

25

Establishing Users and Groups (continued)

Figure 8-20: New ObjectGroup dialog box

Network+ Guide to Networks, 4e 51

Internetworking with Other Network Operating Systems

Windows Server 2003 can communicate with almost any client and, given proper software and configuration, with other major NOSs
Matching protocols only part of the equation

File and Print Services for NetWare: Windows server appears to NetWare clients as another NetWare file or print server
Belongs to Microsoft Windows Services for NetWare package
Simplifies integration of Windows Server 2003 servers and NetWare servers
Network+ Guide to Networks, 4e 52

26

Internetworking with Other Network Operating Systems (continued)

Microsoft Directory Synchronization Services (MSDSS) synchronize information between an Active Directory database and a NetWare eDirectory database Client Services for NetWare (CSNW) enables client to log on directly to NetWare server
Useful if NetWare uses IPX/SPX

Interconnecting with UNIX, Linux, or Mac OS X Server

Assume reliance on TCP/IP Dont assume same directory structure
Network+ Guide to Networks, 4e 53

Summary
NOSs are entirely software-based and can run on a number of different hardware platforms and network topologies Directories are an NOSs method of organizing and managing objects, such as users, printers, server volumes, and applications A file system is an OSs method of organizing, managing, and accessing files through logical structures and software routines

Network+ Guide to Networks, 4e

54

27

Summary (continued)
For clients to share a server application, the network administrator must assign users rights to the directories where the applications files are installed For clients to share a network printer, the printer must be created as an object, assigned a name and properties, and then shared among clients The type of multitasking supported by NetWare, UNIX, Linux, Mac OS X Server, and Windows Server 2003 is called preemptive multitasking
Network+ Guide to Networks, 4e 55

Summary (continued)
Multiprocessing splits tasks among multiple processors to expedite the completion of any single instruction The Windows Server 2003 memory model assigns each process its own 32-bit (or, in some versions, 64-bit) memory area Domains define a group of systems and resources sharing common security and management policies To collect domains into logical groups, Windows Server 2003 uses a domain tree
Network+ Guide to Networks, 4e 56

28

Summary (continued)
Prior to installation, you need to make a number of decisions regarding your server and network pertaining to the domain or workgroup characteristics, file system, disk partitioning, optional services to be installed, administrator password, protocols to be installed, and server name Adding users and groups is accomplished through an administrative tool called Active Directory Users and Computers
Network+ Guide to Networks, 4e 57

29