Lesson 8

Maintaining and Updating Windows Server 2008

Monitoring a Windows Server Network

There are three tools to help you proactively monitor and troubleshoot networks issues. Reliability and Performance Monitor, Windows 2008 Event Viewer and Network monitor.
Reliability and Performance Monitor in Windows Server 2008 allows you to collect real-time information. This information can be viewed in a number of different formats that include charts, graphs, and histograms. It uses performance objects, or categories, and performance counters to organize performance information. It collects the following three types of information on Windows 2008 Server:

• Performance counters are the specific processes and events you want to monitor. As you add roles and services performance monitors are exposed for these new roles and services.
• Event Trace data is data collected over time to provide a real-time view into the behavior and performance of the server operating systems and any applications it is running.
• Configuration Information is available via queries to the registry from the Reliability and performance Monitor.

The follow are the three views you can choose:

• Resource View is the default view and gives you a quick overview of the four major performance components of a server: CPU, Disk, and Network & Memory.
• Performance Monitor is the view that provides a visual display of performance counters, in real-time or historical.
• Reliability Monitor is the view providing information about system events that can affect a server’s stability, including software un-install or install, as well application, OS, or hardware failures.

Performance Monitor is probably the most viewed and can be opened easily form the start menu and key perfom.exe. You can add performance counters however the following are what is installed by default:
• Browser

o Announcements Domains/sec - the rate at which a domain has announced itself to the network.
o Election Packet/sec – the rate at which browser election packets have been received by the local computer.
• Memory
o Available bytes - the amount of physical memory available for allocation to a particular process.
o Committed bytes – the amount of committed virtual memory.
• Processor
o % Processor Time – the amount of time the processor spends executing a non-idle thread.

Data Collector Sets were introduced into Windows 2008 server. Rather than manually adding individual performance counters anytime you want to monitor on a 2008 server, Data Collector Sites allow you to organize a set of performance counters, event traces and system configuration data in a single “object” that you can reuse on one or more servers. The following are the three built-in Data Collector Sets: LAN Diagnostics, System Diagnostics and System performance.

Securing Access to Performance Data Windows server 2008 includes a number of built-in group objects that grant limited access to performance data. These are User Group, Performance monitor Users, and Performance Log User.

Windows Event Viewer to monitor the health of Windows Server 2008, you can examine the Window Event Viewer to obtain information. By default, it logs informational events such as service start and stop messages, errors, and warnings. Additional diagnostic logging can be achieved by modifying the registry. When using the event viewer you will see the following items:

Custom views is a “New” feature of Windows in Server 2008 giving you the ability to setup views that will only give you information such as Critical errors

Windows logs Traditional View which includes Application, Security, System logs along Setup log and Forward Events, which both are “New” in Server 2008.

Applications and Services provide various collections of Event viewer entries associated with server hardware, Internet Explorer, and other windows components.

Windows Event Collector Service is also another “New” feature in windows server 2008. It allows you to configure a single server as a repository of events from multiple computes. It creates and manages subscriptions from one or more remote computers. It then uses the WS-Management protocol to communicate for communication with the remote subscribers. Subscriptions are either setup as collector or source computer initiated.

Network Monitor (Gathering Network Data) server 2008 does not include a built-in network monitoring however Microsoft has a free download available. This version is a powerful tool however, there is a more powerful tool available SCOM (Server Center Operations Manager) which can not only capture traffic sent to it from its own interface it but it can also run in promiscuous mode and capture 100 percent of the network traffic available to the network interface. It also gives you central managing point where you can see other instances where network monitoring.

Windows Server Update Services (WUSU) is a tool used to manage and distribute software updates that fix known security vulnerabilities or otherwise improve the performance of Microsoft operating systems. Updates can include items such as security fixes, critical updates, and critical drivers. The following are the categories for the windows operating system: Critical updates, Recommended down loads, Windows tools, Internet and Multimedia updates, Additional Windows downloads, Multilanguage features and Documentation.

WSUS has three main components:
• A content synchronization service
• An internal Windows Update server
• Automatic Updates on computers (desktops or servers)

WSUS server performs two primary functions:
• Synchronizing content with the public Windows Update site.
• Approving content for distribution to your organization.

Windows Updates and Automatic Updates are two separate components designed to work together to keep Windows operating system updated and secure. Windows Update is a Microsoft Web site that works with Automatic Updates to provide timely, critical and noncritical system updates. Automatic Updates enables you to automatically interact with the Windows Update Web site.

WSUS Software and Hardware requirements
• A server running the IIS(Internet Information Service) server role including the following components:
o Windows Authentication
o ASP.NET
o 6.0 Management Compatibility
o IIS Metabase Compatibility
• Microsoft Report Viewer Redistributable 2005
• Microsoft SQL Server 2005 Service Pack 1
• A minimum of 1 GB free Space on the system partition
• 20 GB Minimum space on a volume used to store downloaded content.
• 2 GB Free Space on the volume where WSUS stores the Windows Internal Database.

WSUS server management includes reviewing and changing configuration options, automatically or manually synchronizing the server, viewing update status, and backing up and restoring the server.

WSUS Clients you can configure Automatic Updates through the Automatic Updates configuration page, Group Policy, and by configuring registry entries.

Lesson 7

Deploying a Print Server

FYI: Printing is usually the number one helpdesk request. Note the last paragraph of current printing devices being used at my current employment.

Printing typically involves the following four components: print device, printer, print server, and print driver.

The simplest form of print architecture consists of a locally attached print device. The printer then can be shared with other users on the same network.

XML Paper Specification (XPS) is a new, platform-independent document format used in Windows Server 2008 and Windows Vista in which print job files use a single XPS format to the print device rather than being converted first to EMS and then later to PCL.

With network-attached print devices, the primary deployment decision that the administrator must make is which computer will function as the print server.

Printer permissions are much simpler than NTFS permissions. They basically dictate whether users are allowed to merely use the printer, manage documents submitted to the printer, or manage the properties of the printer itself.

The Print Management snap-in for MMC is an administrative tool that consolidates the controls for the printing components throughout the enterprise into a single console.

Currently coming from a Novell network to a Microsoft network we purchase printers with a NIC cards and set the printer to a static IP address. Then when adding a printer we create a port o the workstation to point to the IP address on the printers then select the most current print drivers for a local network share. As we have progressed we have move Multi Function Printers that fax, scan to PDF, store user print jobs until they release it at the printer. These also add security putting password on accounts so someone can’t just walk up and print from the HR Directors mailbox. These printers are administered via a webpage point to the device.

In the future I see this more and more the norm along with the reduction of printing hard copies.

Lesson 6

Configuring File Services

Planning a File Server Deployment

Scalability – Be thinking about current and future needs how much are you going to need 3 to 5years from now. Do you have any archiving policy set into practice?

Navigation – How are user going to be able to locate the files they need access to.

Protection – Who needs access and how are you going to manage it?

Abuse – How are you going to control users from using up too much space on the file servers?

Diversity – How to provide access for users who are not running Windows operating sytems?

Fault tolerance – How quickly can you recover from failure of a hard drive, server or entire facility?

Availability – How can you make sure that users have continuous access to critical files across you complete network even if it is remote?

The following is Windows 2008 Storage Limitations.

Storage Characteristic
Maximum Basic Volume - Limitation: 2 Terabytes

Maximum dynamic Volume size(simple and mirrored volumes)- Limitation: 2 Terabytes
Maximum dynamic Volume size(spanned and striped volumes)- Limitation: 64 terabytes (2 terabytes per disk with the max on 32 discs)

Maximum dynamic Volume size(RAID-5 volumes)- Limitation: 64 terabytes (2 terabytes per disk with the max on 32 discs and 2 terabytes reserved for parity info.)

Maximum NTFS Volume size - Limitation: 2 to the power of 32 clusters minus 1 cluster (using the default 4 kilobyte cluster size, the max volume size is 16 terabytes minus 64 kilobytes. Using the max 64 kilobytes cluster size, the max vol. size is 256 terabytes minus 64 kilobytes. )

Maximum number of clusters on a NTFS Volume - Limitation: 2 to the power of 32

Maximum NTFS file size - Limitation: 2 to the power of 44 (16 terabytes) minus 64 kilobytes

Maximum number of files on an NTFS Volume - Limitation: 2 to the power of 32 minus one file.

Maximum Number of Volumes on a server - Limitation: Approx 2000(1000 dynamic and the rest basic)

When installing additional storage you must address the following tasks:

Select a partitioning style – there are two types supported MBR (Master Boot Record) and GUID(Global Unique Identifier). You will need to choose one or the other not both.

Select a disc type – there are two types supported basic and dynamic. You can use both disk types on the same disk, but you can not mix disk types on the same computer.

Divide the disk into partitions or volumes – You create partitions on basic disks and volumes on dynamic disks.

Format the partitions or volumes with a file system – the two file systems that are support are NTFS and FAT ( Fat 16 & Fat 32)

During installation two partitions are created system and a boot partition. The System partition contains hardware related files that the computer uses to boot. The boot partition contains the operating system files which are stored in the windows directory. You can create up to four primary partitions.
Volume Types

Simple volume – Is a single disk and once you have created a simple volume you can later extend it to multiple disks to create a spanned or a stripped volume as long as it is not a system or boot volume.

Spanned volume – Consists of space from 2 to 32 physical disks, all of which must be dynamic disks. A spanned volume is essentially a method for combining the space for multiple disks into a single large volume.

Striped volume – Consists of space from 2 to 32 physical disks, all of which must be dynamic disks. The difference between a striped volume and and spanned volume is that is a striped volume, the system writes data one stripe at a time to each successive disk in the volume.

Mirrored volume – Consists of an identical amount of space on two physical disks, both of which must be dynamic. The system then performs all read and write operations on both disk simultaneously, so they contain duplicate copies of the data.

RAID-5 volume – Consists of space on three or more physical disks, all of which must be dynamic disk. The system stripes data and parity information across all of the disks, so that is on disk fails, the missing data then can be recreated using the parity information on the other disks.

File Sharing and Permissions

Now that you have the volumes set up you will need to set up a file structure and a sharing strategy following a basic Structure set the root of organizations public and private shares.

Public
Accounting
Customer service
General Access
Human Resources
Information Systems
Marketing
Purchasing
Sales
Private
Bob Johnson
Cindy Johnsen
Dan Mann
Nick Nickleson
Paul Pusher
Steven Sales

Permissions then can be set at the individual level to the private directories on as groups on the public directories. The following are the four different types of permissions:
• Share permissions
• NTFS permissions
• Registry permissions
• Active Directory permissions

All of these permissions can operate independently of each other and sometime combine to increase protection of a specific resource. NTFS permissions enable you to control access to files and folders by specifying just what tasks individual users can perform on them. Share permissions provide rudimentary access control for all of the files on a network share. Network users must have the proper share and NTFS permissions to access file server shares.

The File Services role includes several role services that you can choose to install, including Distributed File System and Services for Network File System. Selecting individual role services can add extra configuration pages to the Add Roles Wizard.

The Distributed File System (DFS) includes two technologies: DFS Namespaces and DFS Replication, which can simplify the process of locating files, control the amount of traffic passing over WAN links, provide users at remote sites with local file server access, configure the network to survive a WAN link failure, and facilitate consistent backups.

DFS is a virtual namespace technology that enables you to create a single directory tree containing references to shared folders located on various file servers all over the network.

A namespace server functions just like a file server except that when a user requests access to a file in the DFS directory tree, the namespace server replies—not with the file itself, but with a referral specifying the file’s actual location.

Lesson 5

Configuring Routing and Remote Access (RRAS) and Wireless Networking
Routing is the process of transferring data across an internetwork from one LAN to another using the internet and the TCP/IP protocol s between multiple organizations. Routing and Remote Access service, Windows Server 2008 is a software-based router that can be configured as a router and remote access server. A significant advantage of using Windows Server 2008 in this manner is that it is integrated with Windows features, such as Group Policy and the Active Directory service. The Routing and Remote Access console is the principal tool used for configuring and managing this service.

The following are some common routing protocols:

• RIP (Routing Information Protocol) and RIP v2, RIP will broad cast information about available on a regular basis, as well as when the network topology changes. RIP v2 increases the security and the information provided. Without dynamic routing protocols, such as RIPv2, network administrators must add static routes to connect to non-neighboring subnets when those subnets do not lie in the same direction as the default route.

• OSPF (Open Shortest Path First) designed to address scalability limitations of RIP. Rather than using broadcasts to transmit data, each router maintains a database of router to all destinations that it knows of; when it receives network traffic destined for one of these destinations, it routes the traffic using the shortest path/route.

Routers read the destination addresses of received packets and route those packets using the routing tables. These routing tables in Windows Server 2008, can be viewed using the Routing and Remote Access console or through the Route Print command.

The following are the five columns that are displayed in the routing table:
• Network destination as the name suggests, this indicates the destination network.
• Netmask refers to the subnet mask of the destination network.
• The Gateway indicates the value for each routing table entry.
• Interface value specified in that it determines which local network interface card is used to forward the packet to the correct gateway.
• Metric is the cost of using this route to transfer the data.
Four types of routes found in a routing table are:
• Directly attached Network routes
• Remote Network routes
• Host routes
• Default route

Demand-Dial Routing AKA (Dial-On-Demand routing) also is included within Routing and Remote Access, which is a low cost solution for low traffic situations.

Remote Access
Remote Access DUN (Dial-Up Networking) or VPN (Virtual Private Network) . When you are providing connectivity for remote access clients the client will use one of the two. DUN use a POTS line to dial directly into the remote access server. Since it is a dedicated physical connection it is often unencrypted traffic. VPN connectivity creates a secure point-to-point connection across either a private network or a public network (internet). VPN uses TCP/IP tunneling protocols to create a secured VPN connection.

The following are several other options available when configuring Remote Access:
• Remote Access (Dial-Up or VPN)
• Network Address Translation (NAT)
• Virtual Private Network (VPN) Access and NAT
• Secure Connection between two Private Networks
• Custom Configuration
A VPN connection consists of the following components:
• VPN server
• VPN client
• VPN connection(the data is encrypted)
• VPN tunnel(the data is encapsulated)
The Two tunneling protocols that provide this service are PPTP(Point-to-Point Tunneling Protocol) and L2TP (Layer Two Tunneling Protocol). PPTP supports only the 128-bit RC4 encryption and L2TP supports Advanced Encryption Standard (AES)256-bit, AES 192-bit, AES 128-bit, and 3DES encryption by default on Windows Server 2008.

Network Access Translation (NAT) enables private networks to connect to the internet. The NAT protocol translates internal, private IP addresses to external, public IP addresses and Vice versa.
Here’s how it works. The user’s IP on the client computer creates an IP packet with specific values in the IP and Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) headers. The client computer then forwards the IP packet to the computer running NAT. The computer running NAT changes the outgoing packet header to indicate that the packet originated from the NAT computer’s external address. However, the computer running NAT does not change the destination. It then sends the remapped packet over the Internet to the Web server. The external Web server receives the packet and sends a reply to the computer running NAT. The computer running NAT receives the packet and checks its mapping information to determine the destination client computer. The computer running NAT changes the packet header to indicate the private address of the destination client and then sends the packet to the client.

NPS Network Policy Server
The remote access connection must be authorized by a Windows 2008 server running NPS RRAS role service or a RADIUS(Remote Authentication Dial-In Service) server. Use a RADIUS server to centralize remote access authentication, authorization, and logging. When you implement RADIUS, on multiple Windows Server 2008 computers running the Routing and Remote Access service forward access requests to the RADIUS server. The RADIUS server then queries the domain controller for authentication and applies remote access policies to the connection requests.

Keep in mind the AAA:
• Authentication proves the user is who they claim to be.
• Authorization controls what resources an authorized user can or can not access
• Accounting keeps track of what resources a user has accessed or attempted to access.

NPS which is a rule for evaluating remote connections consists of three components: conditions, constraints and settings. Here’s how it works: A user attempts to initiate a remote access connection. The Remote Access server checks the conditions in the first configured NPS Network Policy. If the conditions of this NPS Network Policy do not match, the Remote Access server checks any remaining configured NPS Network Policies until it finds a match. Once the Remote Access Server finds an NPS Network Policy with conditions that match the incoming connection attempt, the Remote Access server checks any constraints that have been configured for the policy. If the connection attempt does not match any configured constraints (time of day, minimum encryption level), the remote access server denies the connection. If the connection attempt matches both the conditions and the constraints of a particular NPS Network Policy, the remote access server will allow or deny the connection based on the Access permissions configured for that policy.

Authentication Protocols the following is a list on these (in order of most secure t least secure):
• EAP-TLS
• MS-CHAP v2
• MS-CHAP v1
• Extensible Authentication Protocol-Message Digest 5 Challenge Handshake Authentication Protocol (EAP-MD5 CHAP)
• Challenge Handshake Authentication Protocol (CHAP)
• Shiva Password Authentication Protocol (SPAP)
• Password Authentication Protocol (PAP)
• Unauthenticated access

Wireless Access

The 802.1X IEEE standard allows for port-level network access control of both wired and wireless connections. A Windows Server 2008 server running the NPS role can also secure 802.1X connectivity for 802.1X-capable network switched and wireless access ports. The 802.1X standard provides port based security by using the following components:
• Supplicant which is the device that is seeking access to the network.
• Authenticator which is the component that requests authentication credentials for the supplicant (commonly the port on the switch or the wireless access point).
• Authentication Server (AS) is the server that verifies the supplicant’s authentication credentials, and informs the authenticator whether to allow or disallow access to the 802.1x secured network port.

Lesson 4

Configuring and Managing the DNS Server Role

DNS Domain Name System

Windows Server 2008 includes both DNS and Windows Internet Naming System (WINS) name resolution services to allow 2008 computers to translate between human-readable names, which are easier for us humans to understand and remember then IP addresses but they are necessary for TCP/IP communications.
The DNS namespace is hierarchical and based on a unique root that can have any number of subdo-mains. A Fully Qualified Domain Name (FQDN) is the name of a DNS host in this namespace indicating the host’s location relative to the root of the DNS domain tree. An example of an FQDN is host1.subdomain.microsoft.com. The top level is com The Second level domain is microsoft.com which are registered to individuals or organizations. Then second level domains have many subdomains and any domain can have hosts. A host is a specific computer or network device with in a domain such as a computer.
DNS names and the DNS protocol are required for Active Directory domains and for compatibility with the Internet.
A DNS zone is a contiguous portion of a namespace for which a server is authoritative. A server can be authoritative for one or more zones, and a zone can contain one or more contiguous domains. A DNS server is authoritative for a zone if it hosts the zone, either as a primary or secondary DNS server. Each DNS zone contains the resource records it needs to answer queries for its portion of the DNS namespace.

There are several types of DNS servers: primary, secondary, master name, and caching-only.

• A DNS server that hosts a primary DNS zone is said to act as a primary DNS server. Primary DNS servers store original source data for zones. With Windows Server 2003, you can implement primary zones in one of two ways: as standard primary zones (zone data is stored in a text file) or as an Active Directory–integrated zone (zone data is stored in the Active Directory database).
• A DNS server that hosts a secondary DNS server is said to act as a secondary DNS server. Secondary DNS servers are authoritative backup servers for the primary server. The servers from which secondary servers acquire zone information are called masters.
• A caching-only server forwards requests to other DNS servers and hosts no zones, but builds a cache of frequently requested records.

A DNS zone is a collection of host name-to-IP address mappings for hosts in a contiguous portion of the DNS namespace. Contiguous meaning that is, connected by a parent child relationship. For each DNS domain name included in a zone, the zone becomes the authoritative source for information about that domain. These zones are stored in text files or within active directory. Recommended is to have a primary and secondary zone to provide fault tolerance if one of the servers fail. There are four Standard Zones, Standard primary, Standard secondary, Reverse lookup and Stub zones.

• The Standard primary zone hosts a read/write copy of the DNS zone in which resource records are created and managed.
• The Standard secondary zone is a copy of the Standard primary zone. These are copied from the in what is called a zone transfer which can be a full zone transfer (called an AXFR) or an incremental zone transfer (called an IXFR) which only sends updates from the Standard primary zone.
• The reverse zone is a zone which gives the ability to lookup either by IP address or DNS name.
• The Stub zone is a pointer the DNS server that is authoritative for that zone, and it is used to maintain or improve DNS resolution efficiency.

Active Directory – Integrated zones has the following benefits:

• Fault tolerances keeping redundant copies stored on multiple servers.
• Security DNS stored in active directory you can modify the discretionary access control list (DACL). DACL enables you on specify which users and groups may modify the DNS zones.
• These Zones are multi-master meaning that zones can be updated in more than one location.
• Replication is efficient zone transfers are replaced by more efficient Active Directory replication.
• Maintain the use of secondary zones by transferring which can also be transferred in to secondary zones similar to the way file-backed secondary zones are transferred.

DNS Resource Record is the information that is related to the DNS Domain; the host record defining a host IP address and are represented in binary form in packets. Typical Resource record fields are Owner, TTL(time to live), Class, Type and RDATA(Resource Record Data). The following are the different types of resource records:

• SOA(Start of Authority) This record indicates the starting point of the authority for information stored in a zone. It is the first record created when creating a zone and contains zone specific information used for maintaining the zone. It’s RDATA fields are, Authoritative Server, Responsible Person, Serial Number, Refresh, Retry, Expire, and Minimum TTL.
• A(Host) Record maps FQDN to an IPv4 IP address and AAAA(Host) Record maps FQDN to an IPv6 IP address.
• PTR Record performs the reverse function of the A resource record by mapping an IP address to FQDN.
• NS (Name Server) Record identifies a DNS server that is authoritative for a zone; that is, a DNS server that hosts a primary or secondary copy of the DNS zone in questions.
• MX(Mail Exchanger) Record specifies a server that is configured to act as a mail server for a DNS name.
• CNAME (Canonical Name/Alias) Record creates an alias for a specified FQDN. You ca use CNAME records to hide the implementation details of your network from the clients connecting to it.
• SRV (Service Locator) Record enables you to specify the locations of servers that provide a specific network server over a specific protocol and in a specific domain.

The DNS Name Resolution Process starts and passes the query to h the local DNS resolver client service for resolution. If the query cannot be resolved locally it is sent to the preferred DNS server as configured in the clients TCP/IP properties. IF the query does not match an entry in cache the resolution process continues with the client querying a DNS server to resolve the name.

When a query is sent to a DNS the following are the most common responses:

• Authoritative answer is a positive answer returned to the client and delivered with the authority bit set in the DNS message to indicate the answer was obtained from a server with direct authority for the queried name.
• Positive answer can consist of the queried resource record or a list of featured records that fits the queried DNS domain name and record type specified in the query message.
• Referral answer contains additional resource records not specified by the name or type in the query.
• Negative answer is where an authoritative server reported that the queried name exsists but no records of the specified type exist for that name.

Root hints contain the names and IP addresses of the DNS servers authoritative for the root zone. By default, DNS Servers use root hints file, called cache.dns on MS Servers. The DNS Server service must be configured with root hints to resolve queries for names that it is not authoritative for or for which it contains no delegations.

Recursion is one of the two process types for DNS name resolution. A DNS client will request that a DNS server provide a complete answer to a query that does not include pointers to other DNS servers, effectively shifting the workload of resolving the query from the client to the DNS server. The iterative type of query keeps the workload on the client going from one server to the next to get it name resolution. For the DNS server to perform recursion properly, the server needs to know where to begin searching for names in the DNS namespace. This information is provided by the root hints file, cache.dns, which is stored on the server computer.

A DNS server on a network is designated as a forwarder by having the other DNS servers in the network forward the queries they cannot resolve locally to that DNS server. Conditional forwarding enables a DNS server to forward queries to other DNS servers based on the DNS domain names in the queries.

Lesson 3

Configuring and Managing the DHCP Server Role

DHCP is a simple, standard protocol that makes TCP/IP network configuration much easier for the administrator by dynamically assigning IP addresses and providing additional configuration information to DHCP clients automatically. It is based heavily on BOOTP but rather than pushing preconfigured parameters to the expected clients, DHCP can dynamically allocate and reclaim IP addresses from a pool of IP addresses. DHCP is an open, industry-standard protocol reducing the complexity of administering networks based on TCP/IP. It is defined by IEFT (Internet Engineering Task Force) in RFC (Request for Comments) 2131 and 2132. DHCP functions at the application layer of the OSI (Open System Interconnection) model, as defined by ISO (International Organizations for Standardization) and the ITU-T (International Telecommunication union ) Telecommunications Standards Section.

Four Key Benefits of DHCP
• Centralized administration of IP configuration
• Dynamic host configuration
• Seamless IP host configuration
• Flexibility and scalability

Additional configuration information is provided in the form of options and can be associated with reserved IPs to a vendor or user class, to a scope, or to an entire DHCP server.

APIPA is useful for providing addresses to single-segment networks that do not have a DHCP server.

DHCP Terminology

• DHCP client – Computer on the network obtaining information from the DHCP server.
• DHCP server – Computer on the network providing DHCP configuration to clients.
• DHCP lease – This defines the duration for which the DHCP lease to the client. The lease duration can be between 1 minute and 999 days. The default lease is eight days.

DHCP Message Types

• DHCPDISCOVER – Sent by the client to locate a DHCP Server.
• DHCPOFFER – Sent by the DHCP server in response to DHCPDICOVER with the offered configuration parameters.
• DHCPREQUEST – Sent by the client to signal acceptance of the offer (DHCPOFFER) from the DHCP server.
• DHCPDECLINE – Sent by the client to the DHCP Server, informing that the offer has been declined.

• DHCPACK – Sent by the DHCP server to the client to confirm.
• DHCPNACK - Sent by the DHCP server to the client to deny the DHCPREQUEST.
• DHCPRELEASE - Sent by the client to a DHCP server to relinquish an IP address and cancel the remaining lease.
• DHCPINFORM - Sent by the client to a DHCP server to ask only for additional local configuration parameters.

D.O.R.A. Discover (DHCPDISCOVER), Offer (DHCPOFFER), Request (DHCPREQUEST), Acknowledge (DHCPACK) is the process between the client and the DHCP server.
DHCP Scope The Scope determines which IP Addresses are allocated to clients. You can configure as many scopes on a DHCP server as needed for your environment.
DHCP Reservation: These are reserved IP addresses for hosts that need to have a static IP address. Examples are e-mail servers, and application servers. These are set up using the MAC address of the DHCP client computer so only the client with that address will get that reserved address.
DHCP Maintenance: Because DHCP is a key component in your organization, you must manage and monitor it. DHCP management consists of backing up and restoring the database as well as reconciling, compacting, and, in some cases, removing the database.

Lesson 2

Installing Microsoft Windows Server 2008

Installing and Initial Server Configuration:

Best practices when installing Windows Server 2008 recommends installing the software onto which type of media fresh (media that has never been used before) or previously used media(media containing existing files). If Windows Server 2008 is installed onto a disk partition containing a previous version of Windows, the files will be preserved but the software will not be usable. Note: The Windows Server 2008 distribution media contains a bootable system that can be used for a standalone software installation or to repair an existing installation.
Once you have installed Windows 2008 Server the software will automatically launch the ICT Initial Configuration Tasks. You should go through all of these tasks (Administrator password, time zone, windows update, networks settings, adding server roles and features …). Note: By default, the Windows Firewall is turned on. It is also especial important to download and apply any that have been released since the creation of the media you are using to install.

When setting up your network connection keep in mind a server usually has a static IP address so you will also need to manually setup the DNS address information.

Network discovery finds and accesses other computer and resources shared on the network. Warning if you inappropriately allow network discovery in a public network such as at a wireless café, you would be allowing anyone to access file shares on your system.

Configuring Server Roles:

To improve security and manageability of Windows 2008 Servers you use the Server Manager console to install one or multiple server roles. To reduce the attach surface on Windows 2008 computers, system files(executables and DLL files) associated with a particular role will not be installed on a server until not be install until the role is installed, instead of leaving unused software lying dormant on the server as a potential target for a network virus or worm. This also keeps the system/server cleaner to run these applications.

Configuring Server Storage:

Windows Server 2008 (and all Microsoft operating systems going back to Windows 2000) supports which two types of hard disks, basic and dynamic.

Basic disks use partition tables that are recognized and supported by older operating systems. All disks in a windows 2008 server start out as basic until they are converted to dynamic disks.

Dynamic disks provide access to advance configuration features.

Windows Server 2008 allows you to configure various types of storage including RAID-0, RAID-1, and RAID-5 storage arrays.
A volume describes a logical unit of space that is made up of space contained on one or more physical disks.

A simple volume is type of volume consists of free space contained on a single physical disk. You can configure all of the available space on a disk as a simple volume, or you can configure multiple simple volumes using the space on a single disk.

A spanned volume is made up of free space from multiple physical disks. For example, if you have two physical disks in a server that are each 500GB in size, you can combine them into a single spanned volume that is 1TB in size.

A striped volume is similar to a spanned volume in that it is made up of free space from multiple disks and uses RAID-0 striping to interleave data across the disks, thus improving the read performance of the volume.

A mirrored volume is a fault tolerant volume consisting of two physical disks, in which the data on one disk is copied exactly on to the second disk.

A RAID-5 volume is also a fault tolerant volume where data in interleaved across three or more disks much in the same way as a stripe volume, but with additional information know as parity. If on disk in RAID-5 fails, the data on the failed disk can be rebuilt using the parity information stored on the other disks in the rest of the volume. A max of 32 disks can be used in this type volume.

When creating a new partition you can either assign the patrician a drive letter, or else you can configure a mount point that will appear as a folder within the existing drive letter.

Before you can manage a disk drive in Windows 2008 Server the disk needs to be initialized. With either of the two following styles:

MBR (Master Boot Record) – this partition style is recognized by down level operating systems.

GPT (GUID Partition Table ) – this partition style is recommended for disks larger than 2TB, or disks that are used in Itanium computers.

Installing Server Core:
The server core is introduced as a new option in 2008 for installing only the services required for a specific function/role (DHCP, DNS, file Server or domain controller) and takes up an extremely small footprint. The installation process for Server Core is identical to the installation of a full version of Windows Server 2008. Once a Server Core computer is installed, however, it can be managed locally using only command-line utilities and the limited GUI facilities installed on a Server Core computer. A Server Core computer will allow you to launch the Windows Registry Editor, Notepad, and a number of Control Panel applets. However, it does not include a Start menu and does not allow you to install or run any of the MMC consoles, such as Computer Management or Active Directory Users and Computer.