Hands-On Microsoft Windows Server 2008Server 2008 · Hands-On Microsoft Windows Server 2008Server...

Hands-On Microsoft Windows Server 2008Server 2008

Chapter 8pManaging Windows Server 2008

Network Services

ObjectivesObjectives

• Install configure and troubleshoot DNS• Install, configure, and troubleshoot DNS• Implement Microsoft WINS• Install configure and troubleshoot DHCPInstall, configure, and troubleshoot DHCP• Install, configure, and troubleshoot Microsoft Internet

Information Services

Hands-On Microsoft Windows Server 2008 2

Implementing Microsoft DNSImplementing Microsoft DNS

• Domain Name System (DNS)• Domain Name System (DNS)– A TCP/IP application protocol that enables a DNS

server to resolve (translate):• Domain and computer names to IP addresses• IP addresses to domain and computer names

DNS id th DNS f• DNS servers provide the DNS namespace for an enterprise

• One of the requirements for using Active Directory• One of the requirements for using Active Directory on a Windows Server 2008 network is to have a DNS server on the network


Installing DNS ServicesInstalling DNS Services

• DNS is installed as a server role in Windows Server• DNS is installed as a server role in Windows Server 2008

• The installation steps for DNS are similar to those for pDHCP– Both are installed as Windows components


Installing DNS Services (continued)Installing DNS Services (continued)

• Activity 8-1: Installing DNS• Activity 8-1: Installing DNS– Time Required: Approximately 10 minutes– Objective: Learn how to install DNSj


DNS ZonesDNS Zones

• DNS name resolution is enabled through the use of• DNS name resolution is enabled through the use of tables of information– That link computer names and IP addressesp

• The tables are associated with partitions in a DNS server that are called zones– Contain resource records

• Forward lookup zoneTh h li k IP dd– The zone that links computer names to IP addresses

– Holds host name records called address records


DNS Zones (continued)DNS Zones (continued)

• In IP version 4 a host record is called a host• In IP version 4, a host record is called a host address (A) resource record

• An IPv6 record is called an IPv6 host address (AAAA) resource record

• When you install DNS on a domain controller (DC) in a domain– A forward lookup zone is automatically created for the

domain with the DNS server’s address record alreadydomain with the DNS server s address record already entered





• Activity 8-2: Creating a Reverse Lookup Zone• Activity 8-2: Creating a Reverse Lookup Zone– Time Required: Approximately 10 minutes– Objective: Learn how to create a reverse lookup zonej p



• Activity 8-3: Manually Creating DNS Host Address A• Activity 8-3: Manually Creating DNS Host Address A Resource Records– Time Required: Approximately 15 minutesq pp y– Objective: Create a Host Address A Resource Record


Using the DNS Dynamic Update Protocol

f S S ( S)• Microsoft DNS is also called Dynamic DNS (DDNS)– A modern form of DNS that enables client computers

and DHCP servers to automatically register IPand DHCP servers to automatically register IP addresses

• DNS dynamic update protocol– Enables information in a DNS server to be

automatically updated in coordination with DHCP


Using the DNS Dynamic Update Protocol (continued)

8 f S• Activity 8-4: Verifying the DNS Dynamic Update Configuration

Time Required: Approximately 5 minutes– Time Required: Approximately 5 minutes– Objective: Verify that DNS is configured to be

dynamically updated using the DNS dynamic update protocol


DNS Replicationp

• Primary DNS server– The DNS server that is the main administrative server

for a zone and thus is also the authoritative server forfor a zone and thus is also the authoritative server for that zone

• Secondary DNS serverSecondary DNS server– Contains a copy of the primary DNS server’s zone

database, but is not used for administration (is not th it ti )authoritative)

– Obtains that copy through a zone transfer over the network


network

DNS Replication (continued)p ( )

• Vital services performed by secondary DNS servers:Vital services performed by secondary DNS servers:– To make sure that there is a copy of the primary DNS

server’s data– To enable DNS load balancing among a primary DNS

server and its secondary serversTo reduce congestion in one part of the network– To reduce congestion in one part of the network

• If you use Active Directory and have two or more DCs– Plan to set up Microsoft DNS services on at least two

of the DCs


Stub Zone

• Stub zone has only the bare necessities for DNS• Stub zone has only the bare necessities for DNS functions, which are copies of the following:– SOA record zone– Name server (NS) records to identify authoritative

serversA d f th t th it ti– A record for name servers that are authoritative

• One common use for a stub zone is to help quickly resolve computer namesresolve computer names– Between two different namespaces


Additional DNS Server Roles

• It is common to designate one DNS server to• It is common to designate one DNS server to forward name resolution requests to a specific remote DNS server

• A DNS server can function as a caching server– A caching server is used to provide fast queries

b th lt f h t d i RAMbecause the results of each query are stored in RAM– One limitation of using caching servers is that it takes

time for each one to build up a comprehensive set oftime for each one to build up a comprehensive set of resolved names to IP addresses



Creating a DNS Implementation Plang p

• RecommendationsRecommendations– Implement Windows Server 2008 DNS servers

instead of other versions of DNS, and use Active Di tDirectory

– Plan to locate a DNS server across most site linksCreate two or more DNS servers to take advantage of– Create two or more DNS servers to take advantage of the load balancing

– Designate one DNS server as a forwarder to reduce traffic

– The number of DNS servers that you set up can be related to your analysis of an organization


related to your analysis of an organization

DNS Enhancements

• Microsoft DNS servers now include support for• Microsoft DNS servers now include support for IPv6

• Background zone loadingg g– This means that a DNS server that has a large

number of entries in its zones can load those entries b k das a background process

• DNS server can be housed on a Read-Only Domain Controller (RODC) for branch officesDomain Controller (RODC) for branch offices


Troubleshooting DNSg

• Activity 8-5: Checking the DNS Server and Client• Activity 8-5: Checking the DNS Server and Client Services– Time Required: Approximately 5 minutesq pp y– Objective: Verify that the DNS Server and Client

services are started


Troubleshooting DNS (continued)g ( )


Troubleshooting DNS (continued)g ( )

• Activity 8-6: Checking Log Entries for DNS• Activity 8-6: Checking Log Entries for DNS– Time Required: Approximately 10 minutes– Objective: Check the log information about possible j g p

DNS errors


Implementing Microsoft WINSp g

• Windows Internet Naming Service (WINS)Windows Internet Naming Service (WINS)– Used to register NetBIOS computer names and map

them to IP addresses for any systems that use N tBIOS l tiNetBIOS name resolution

• WINS automatically registers network clients that use NetBIOSuse NetBIOS– Builds a database that other network clients can query

in order to locate a computer• WINS consists of two main parts: the WINS server

and the WINS database


Implementing Microsoft WINS ( ti d)(continued)

Activity 8 7: Installing WINS• Activity 8-7: Installing WINS– Time Required: Approximately 10 minutes– Objective: Learn how to install WINSObjective: Learn how to install WINS


Implementing Microsoft DHCPp g

• Dynamic Host Configuration Protocol (DHCP)• Dynamic Host Configuration Protocol (DHCP) – Enables a Windows Server 2008 server with DHCP

services to detect the presence of a new workstation – Assign an IP address to that workstation

• The DHCP server has a pre-assigned range of IP addresses that it can give to a new client

• Microsoft DHCP server can support the following:D i fi ti f DNS f d d– Dynamic configuration of DNS server forward and reverse lookup zone records

– Up to 1000 different scopes


Up to 1000 different scopes– Up to 10,000 DHCP clients

Implementing Microsoft DHCP ( ti d)(continued)

• A Windows Server 2008 server can be configured in• A Windows Server 2008 server can be configured in the role of a DHCP server using Microsoft DHCP services

• The DHCP server automatically updates the DNS server at the time it assigns an IP address– Using dynamic DNS updates can significantly save

time in creating DNS lookup zone records



• A Microsoft DHCP server can also:• A Microsoft DHCP server can also:– Reserve an IP address for a specific computer– Update all computers on a network for a particular p p p

change in DHCP settings– Provide DHCP services to multiple subnetworks– Omit certain IP addresses from a scope



• Activity 8-8: Installing DHCP• Activity 8-8: Installing DHCP– Time Required: Approximately 15 minutes– Objective: Learn how to install DHCPj


Configuring a DHCP Serverg g

First set up one or more scopes of contiguous• First, set up one or more scopes of contiguous address ranges and activate each scope

• Configuring a scope includes the following:Configuring a scope includes the following:– Obtain the range of addresses to be used– Determine the subnet mask for the range of addressesg– Decide on a name for the scope, such as naming it to

reflect the name of a department or division in your organizationorganization

– Decide how long to lease IP addresses– Determine whether to exclude specific addresses


Determine whether to exclude specific addresses

Configuring a DHCP Server ( ti d)(continued)

• Second authorize the DHCP server• Second, authorize the DHCP server– The process of authorizing the server is a security

precaution to make sure IP addresses are only assigned by DHCP servers that are managed by network and server administrators

• Third a step that is not required but that saves time• Third, a step that is not required, but that saves time in managing DNS, is to configure the DHCP server and its clients to automatically update DNS recordsy p



• Activity 8-9: Configuring DHCP Scopes• Activity 8-9: Configuring DHCP Scopes– Time Required: Approximately 15 minutes– Objective: Learn how to configure a DHCP scopej g p



• Activity 8-10: Configuring Automatic DNS• Activity 8-10: Configuring Automatic DNS Registration– Time Required: Approximately 10 minutesq pp y– Objective: Verify that a DHCP server is configured to

automatically register IP addresses with a DNS server


DHCPv6 Supportpp

• Windows Server 2008 and Windows Vista both• Windows Server 2008 and Windows Vista both enable a network to use Dynamic Host Configuration Protocol for IPv6 (DHCPv6)– For networks that are working to implement IPv6

• The Microsoft implementation of DHCPv6– Follows the official standard for DHCPv6– Supports both stateful and stateless autoconfiguration


Troubleshooting DHCPg

• Table 8-3 presents several typical problems and their• Table 8-3 presents several typical problems and their resolutions



Implementing Microsoft Internet I f ti S iInformation Services

• Microsoft Internet Information Services (IIS)Microsoft Internet Information Services (IIS)– Software included with Windows Server 2008 that

enables you to offer a complete Web site• Internet Server Application Programming

Interface (ISAPI)A f DLL (d i li k lib ) fil th t– A group of DLL (dynamic link library) files that are applications and filters

• Web Server (IIS) role servicesWeb Server (IIS) role services– World Wide Web– File Transfer Protocol (FTP)


– Simple Mail Transfer Protocol (SMTP)

Implementing Microsoft Internet I f ti S i ( ti d)Information Services (continued)

• Windows Server 2008 is a good candidate for a Web• Windows Server 2008 is a good candidate for a Web server for several reasons– Windows Server 2008’s privileged-mode architecture p g

and fault-tolerance capabilities– Windows Server 2008 is compatible with small and

large databaseslarge databases• Users can log in to a database through the IIS Open

Database Connectivity (ODBC) drivers– Compatible with Microsoft Point-to-Point Encryption

(MPPE) security, IP Security (IPsec), and the Secure Sockets Layer (SSL) encryption technique


Sockets Layer (SSL) encryption technique


• IIS is newly designed for Windows Server 2008IIS is newly designed for Windows Server 2008– Broken into modules or features so that you can install

only the features you need– Presents a smaller attack surface and makes IIS more

efficient




• Activity 8-11: Installing IIS• Activity 8-11: Installing IIS– Time Required: Approximately 15 minutes– Objective: Learn how to install IISj


Internet Information Services (IIS) MManager

• Through this tool, you can do the following:Through this tool, you can do the following:– Connect to a Web server on your computer or

remotely connect to a Web server, an application, or itsite

– Have connections to multiple Web servers, applications and sitesapplications, and sites

– Manage a Web server– Manage ASP.NET– Manage authorization for users and for specific Web

server roles


Internet Information Services (IIS) MManager

• Through this tool, you can do the following:Through this tool, you can do the following: (continued)– Manage Web server logging– Compress Web server files– Manage code modules and worker processes

M tifi t– Manage server certificates– Troubleshoot a Web server



Creating a Virtual Directoryg y

• Virtual directory• Virtual directory– A physical folder or a redirection to a Uniform

Resource Locator (URL) that points to a folder• So that it can be accessed over the Internet, an intranet,

or VPN• The reason for creating a virtual directory is to• The reason for creating a virtual directory is to

provide a shortcut path to specific IIS server content• When you set up a virtual directory you give it anWhen you set up a virtual directory, you give it an

alias– A name to identify it to a Web browse


Creating a Virtual Directory ( ti d)(continued)



• After a virtual directory is created you can modify its• After a virtual directory is created, you can modify its properties in IIS Manager

• You can set up the virtual directory to be sharedp y– So that users who need access to add contents to the

directory can do this over the network






• Activity 8-12: Creating a Virtual Directory• Activity 8-12: Creating a Virtual Directory– Time Required: Approximately 10 minutes– Objective: Set up a virtual directoryj p y


Managing and Configuring an IIS Web SServer

• The Internet Information Services tool enables you to• The Internet Information Services tool enables you to manage IIS components including the following:– Application poolspp p– Sites– SMTP e-mail– Certificates

• Application pools enable you to group similar Web applications into pools or groups for managementapplications into pools or groups for management

• Sites is a folder used to manage multiple Web sites from one administrative Web server


from one administrative Web server

Managing and Configuring an IIS Web S ( ti d)Server (continued)

• The SMTP E-mail Page feature is used to manage• The SMTP E-mail Page feature is used to manage Internet e-mail via e-mail programs– Takes advantage of the application programming g pp p g g

interface, system.net.mail• Through the certificates feature, you can configure

d it tifi t it th t i d ithand monitor certificate security that is used with other Web sites




Managing and Configuring an IIS Web S ( ti d)Server (continued)

• Activity 8-13: Configuring a Web Site• Activity 8-13: Configuring a Web Site– Time Required: Approximately 15 minutes– Objective: Learn basic Web site configurationj g


Troubleshooting a Web Serverg

• Occasionally a Web server can experience• Occasionally a Web server can experience problems, such as users not being able to connect to the server

• Table 8-8 lists possible problems and their solutions



Summaryy

• DNS is used to resolve domain and computer names to IP addresses and vice versa

• Before you install DNS, ensure that the server to h thi l h t ti ddhouse this role has a static address

• After you install DNS as a server role, the next step is to configure forward and reverse lookup zonesis to configure forward and reverse lookup zones, as well as DNS resource records

• When you configure Dynamic DNS, you enableWhen you configure Dynamic DNS, you enable automated IP address registration in a coordinated way with a DHCP server


Summary (continued)y ( )

• Plan to set up two or more DNS servers on most networks

• DNS enhancements in Windows Server 2008 i l d IP 6 t b k d l diinclude IPv6 support, background zone loading, and DNS on Read-Only Domain Controllers

• Windows Server 2008 provides WINS for NetBIOS• Windows Server 2008 provides WINS for NetBIOS name and IP address lookup

• DHCP dynamically leases IP addresses to clientDHCP dynamically leases IP addresses to client computers

• Configuring DHCP involves configuring scopes


Summary (continued)y ( )

• Windows Server 2008 includes an enhancement to DHCP that supports DHCPv6

• To create a Windows Server 2008 Web server, i l t I t t I f ti S iimplement Internet Information Services

• Create IIS virtual directories to enable multiple users to publish information on a Web siteusers to publish information on a Web site

• Use standard NTFS and share permissions to protect virtual directoriesprotect virtual directories

• After you install a Web server, configure it to customize features


Date post:	26-Mar-2020
Category:	Documents
Upload:	others
View:	12 times
Download:	0 times

Hands-On Microsoft Windows Server 2008Server 2008 · Hands-On Microsoft Windows Server 2008Server...

Documents