comp3122 network management richard henson february 2012
TRANSCRIPT
COMP3122COMP3122
Network ManagementNetwork Management
Richard HensonRichard Henson
February 2012February 2012
Week 2: Installing a Week 2: Installing a Network ServerNetwork Server
ObjectivesObjectives– Describe each of the network operating Describe each of the network operating
system types used in organisationssystem types used in organisations
– Explain how to plan for installation of a Explain how to plan for installation of a network operating systemnetwork operating system
– Effectively install a network server Effectively install a network server operating system on a computeroperating system on a computer
Two realistic choices…Two realistic choices…
A breed of Windows?A breed of Windows? A breed of Unix…A breed of Unix… Both covered briefly through Both covered briefly through
COMP2122COMP2122
Planning for a network Planning for a network covered in a future lecturecovered in a future lecture
Historic Look at Microsoft Historic Look at Microsoft Network Operating SystemsNetwork Operating Systems
MicrosoftMicrosoft– Windows NT 4 Server (1996)Windows NT 4 Server (1996)– Windows 2000 Server series (1999)Windows 2000 Server series (1999)– Windows 2003 Server, Enterprise Server, Windows 2003 Server, Enterprise Server,
Data Centre Server, etc…. (2003-7)Data Centre Server, etc…. (2003-7)– Windows 2008 Server, Enterprise Server, Windows 2008 Server, Enterprise Server,
Data Centre Server, etc…. (2008-continues) Data Centre Server, etc…. (2008-continues)
Available UNIX Network Available UNIX Network Operating SystemsOperating Systems
Various breeds of Unix (e.g.)Various breeds of Unix (e.g.)– SCO UnixSCO Unix– HP-UXHP-UX– Sun SolarisSun Solaris
Various implementations of LinuxVarious implementations of Linux– Ubuntu (“humanity towards others”)Ubuntu (“humanity towards others”)– Red Hat (redhat.com)Red Hat (redhat.com)– Mandrake (now Mandriva)Mandrake (now Mandriva)– SuSe/Novell (now Attachmate)SuSe/Novell (now Attachmate)
Which is best?Which is best?
Nice quote from a blogger:Nice quote from a blogger:
““Windows people will do windows and Windows people will do windows and Unix people will do Unix, and neither the Unix people will do Unix, and neither the twain shall ever meet (publicly) and no twain shall ever meet (publicly) and no amount of discourse will eradicate one amount of discourse will eradicate one or the other.”or the other.”
Which to choose?Which to choose? Network should serve the needs of the Network should serve the needs of the
organisationorganisation– management of resources could be best suited by a management of resources could be best suited by a
breed of Windows Server or Unix…breed of Windows Server or Unix… Merits of breed of Unix/Linux : Merits of breed of Unix/Linux :
» excellent for security, stability and fault tolerance provided that it excellent for security, stability and fault tolerance provided that it is set up properlyis set up properly
» also good implementation of most network management also good implementation of most network management functionsfunctions
Merits of Windows 2003/2008 Server: Merits of Windows 2003/2008 Server: » very easy to administervery easy to administer» excellent online & telephone supportexcellent online & telephone support» also good implementation of most network management also good implementation of most network management
functionsfunctions
Not just about the Not just about the software…software…
Also about understanding of the required Also about understanding of the required functionality of a NOSfunctionality of a NOS– and how to configure & control the delivery of that and how to configure & control the delivery of that
functionality to usersfunctionality to users Windows quicker to roll out…Windows quicker to roll out…
– functionality and management easier to pick upfunctionality and management easier to pick up– less fuss from a teaching/learning perspective..less fuss from a teaching/learning perspective..– BUT principles of configuration & control apply BUT principles of configuration & control apply
equally to Unixequally to Unix
Which choice within a Which choice within a Windows Server set up?Windows Server set up?
Several options presented, to cater for a Several options presented, to cater for a range of network environments:range of network environments:– Windows ServerWindows Server– Windows Advanced ServerWindows Advanced Server– Windows Datacenter ServerWindows Datacenter Server
Important to establish which is most Important to establish which is most appropriate beforehand…appropriate beforehand…– http://www.microsoft.com/windowsserver2003/e
valuation/features/compareeditions.mspx
Preparation for Installation: Preparation for Installation: client matters (1)client matters (1)
Users work at clients…Users work at clients…– smooth connectivity between client and smooth connectivity between client and
chosen server essential…chosen server essential… Which software on client machines?Which software on client machines?
– which operating system?which operating system?– which applications?which applications?
Preparation for Installation: Preparation for Installation: client matters (2)client matters (2)
Upgrade of server could affect clientsUpgrade of server could affect clients– latter may not readily interface as well with more latter may not readily interface as well with more
recent versions of the NOSrecent versions of the NOS– e.g. very old (pre-2000) Windows clients couldn’t e.g. very old (pre-2000) Windows clients couldn’t
work with active directorywork with active directory
Consequence could be a client upgrade Consequence could be a client upgrade as wellas well
Preparation for Installation: Preparation for Installation: server hardwareserver hardware
NOS delivers functionalityNOS delivers functionality– Choice of server os should always be made first…Choice of server os should always be made first…– make sure that CPU, RAM, etc. will be adequate make sure that CPU, RAM, etc. will be adequate
to run the NOS efficiently:to run the NOS efficiently:» nownow» in two years time…in two years time…
As much information as possible needs to be As much information as possible needs to be gathered about hardware used in the server:gathered about hardware used in the server:– software tools MAY assist with this processsoftware tools MAY assist with this process
Hardware compatibilityHardware compatibility
Choose carefully! Don’t assume Choose carefully! Don’t assume anything (!)anything (!)– you may be surprisedyou may be surprised– you could well be disappointed!you could well be disappointed!
Microsoft (or any other NOS Microsoft (or any other NOS supplier) should provide a supplier) should provide a hardware compatibility list (HCL)hardware compatibility list (HCL)– all hardware/peripherals checked against all hardware/peripherals checked against
the listthe list
Importance of the HCLImportance of the HCL Hardware manufacturers may have their Hardware manufacturers may have their
drivers on the Windows Server diskdrivers on the Windows Server disk If not,…If not,…
– (1) hardware is on the HCL, and the manufacturer (1) hardware is on the HCL, and the manufacturer will have written software you can download…will have written software you can download…
– If the hardware is not on either list, it If the hardware is not on either list, it cannot be usedcannot be used
» this DOES happen!this DOES happen!
» don’t get caught out!!don’t get caught out!!
Preparation for Installation: Preparation for Installation: RAMRAM
Depends on the server configuration Depends on the server configuration chosen…chosen…– http://www.microsoft.com/windowsserver2003/eval
uation/features/compareeditions.mspx
As regards RAM:As regards RAM:– domain controllers will require more…domain controllers will require more…– ECC (72-bit) memory [Error Correcting Code] recdECC (72-bit) memory [Error Correcting Code] recd
» detects & corrects memory errorsdetects & corrects memory errors
Preparation for Installation: Preparation for Installation: MotherboardMotherboard
Motherboard options controlled by BIOS Motherboard options controlled by BIOS settingssettings
BIOS should provide an option to…BIOS should provide an option to…– support network booting support network booting
(PXE – Preboot Execution Environment)(PXE – Preboot Execution Environment)
PXE also very useful for clientsPXE also very useful for clients
- - support for RAID devicessupport for RAID devices
Importance of Importance of “Plug-and-Play”“Plug-and-Play”
Detection and software installation for Detection and software installation for hardware components automatichardware components automatic– manual install could get the wrong manual install could get the wrong
version…version…– not a good idea!not a good idea!
BIOS settings can be used for plug-and-BIOS settings can be used for plug-and-play and interrupt reservationsplay and interrupt reservations
Preparation for Installation: Preparation for Installation: Secondary StorageSecondary Storage
As much as possible!As much as possible!– allow extra for fault toleranceallow extra for fault tolerance
Mirroring/duplexing/RAID 5?Mirroring/duplexing/RAID 5? Whole network server set-up should also Whole network server set-up should also
have a backup in another locationhave a backup in another location– essential for network availabilityessential for network availability– disaster recovery and business continuity are disaster recovery and business continuity are
important strategic matters…important strategic matters…
Preparation for Installation: Preparation for Installation: media for softwaremedia for software
Setup files for NOS usually held on CD:Setup files for NOS usually held on CD:– server BIOS should boot direct from CD-ROMserver BIOS should boot direct from CD-ROM– otherwise, or if CD corrupted, can still use floppy otherwise, or if CD corrupted, can still use floppy
disks to load essential componentsdisks to load essential components
Drivers for hardware not on HCL likely to be Drivers for hardware not on HCL likely to be found separately:found separately:– on CD-ROMon CD-ROM– on manufacturers websiteon manufacturers website
All non-HCL drivers should be close at hand!All non-HCL drivers should be close at hand!
Preparation for Installation: Preparation for Installation: Hard Disk PartitioningHard Disk Partitioning
Hard disks must be partitioned before Hard disks must be partitioned before any formatting is possibleany formatting is possible
Normal to plan for several partitions:Normal to plan for several partitions:– one for bootingone for booting– one for system files (could be the same as one for system files (could be the same as
the boot partition)the boot partition)– one for user dataone for user data– one for applicationsone for applications
Partition data should be backed up…Partition data should be backed up…
Preparation for Installation: Preparation for Installation: Choice of File SystemChoice of File System
FAT32 (share security) or NTFS (file FAT32 (share security) or NTFS (file security)security)
Nowadays, NTFS is increasingly the normNowadays, NTFS is increasingly the norm– more efficient management for partitions more efficient management for partitions
greater than 2 Gbgreater than 2 Gb– on a network, always a good idea to settle on a on a network, always a good idea to settle on a
file system with security control at individual file file system with security control at individual file levellevel
– otherwise, users can “run amok”otherwise, users can “run amok”
Client-Server andClient-Server andMicrosoft “domains”Microsoft “domains”
Not the same as DNS domainsNot the same as DNS domains Really just another way of saying LAN Really just another way of saying LAN
or client-server networkor client-server network Domains are “server controlled”Domains are “server controlled”
– but server needs to be elevated to domain but server needs to be elevated to domain controller statuscontroller status
– needs to install “DNS server”needs to install “DNS server”
Domains and Active DirectoryDomains and Active Directory
Active Directory…Active Directory…– logically connects servers togetherlogically connects servers together– servers create domains…servers create domains…– can use connections between servers to can use connections between servers to
model the DNS system on a Microsoft model the DNS system on a Microsoft networknetwork
But things can go wrong…But things can go wrong…– knowledge of DNS servers requiredknowledge of DNS servers required
Internet Domain NamingInternet Domain Naming
An attempt to give logical names to An attempt to give logical names to computers directly hooked up to the Internetcomputers directly hooked up to the Internet
First defined back in 1983, through three First defined back in 1983, through three early RFCs…early RFCs…– 881: The Domain Names Plan and Schedule 881: The Domain Names Plan and Schedule
(revised, 897, 921)(revised, 897, 921)– 882: CONCEPTS and FACILITIES (revised, 1034)882: CONCEPTS and FACILITIES (revised, 1034)– 883: IMPLEMENTATION and SPECIFICATION 883: IMPLEMENTATION and SPECIFICATION
(revised, 1035)(revised, 1035)
The DNS SystemThe DNS System
First defined inFirst defined in RFC 1101: RFC 1101: “ “DNS Encoding of Network Names and Other Types”DNS Encoding of Network Names and Other Types”
First recognisable as x.y.z format through First recognisable as x.y.z format through RFCRFC 1183:1183:
“ “New DNS RR DefinitionsNew DNS RR Definitions””
Explained including IANA (administration of Explained including IANA (administration of first level domains) through RFC 1591 (1994) first level domains) through RFC 1591 (1994)
“ “Domain Name System Structure and Delegation”Domain Name System Structure and Delegation”
DNS and DNS ZonesDNS and DNS Zones The DNS system is hierarchicalThe DNS system is hierarchical A DNS Zone is defined as:A DNS Zone is defined as:“… “… a portion of the global Domain a portion of the global Domain
Name System (DNS) Name System (DNS) namespace for which namespace for which administrative responsibility has administrative responsibility has been delegated”been delegated”– it refers to the lower level domains it refers to the lower level domains
logically connected to any one logically connected to any one particular root domain (e.g. .us particular root domain (e.g. .us or .com)or .com)
z
ay
x
DNS entry x.y.zDNS Zone: zComputers within z zone: a, x and y
Naming a Server within Naming a Server within a DNS Zonea DNS Zone
Windows 2003 Servers promoted to Windows 2003 Servers promoted to domain controllers are assumed to be domain controllers are assumed to be part of the DNSpart of the DNS– named accordingly within a hierarchy of named accordingly within a hierarchy of
domain namesdomain names– DNS Server needs to be installed at this DNS Server needs to be installed at this
point…point…» assists Active Directory with domain name record assists Active Directory with domain name record
keepingkeeping» provides options for storing DNS/IP address pairsprovides options for storing DNS/IP address pairs
WINS, DNS, and WINS, DNS, and IP addressingIP addressing
Older versions of Windows used Older versions of Windows used “Windows Internet Naming Service”“Windows Internet Naming Service”– look up service including NetBIOS names look up service including NetBIOS names
and corresponding IP addressesand corresponding IP addresses Now, DNS is increasingly replacing Now, DNS is increasingly replacing
WINS:WINS:– DNS server manages access to network DNS server manages access to network
name/IP address look upname/IP address look up
Managing Domain UsersManaging Domain Users Active Directory installed when server Active Directory installed when server
promoted to domain controllerpromoted to domain controller Users gain access via client machinesUsers gain access via client machines
– to even enable user log on, a client machine must to even enable user log on, a client machine must have an account in that domainhave an account in that domain
– client details stored in active directoryclient details stored in active directory User must have a domain accountUser must have a domain account
– details stored in “Active Directory”…details stored in “Active Directory”…– entry in database of usernames/passwords entry in database of usernames/passwords
essential for successful login matchessential for successful login match
Post-Installation Post-Installation Traps & ErrorsTraps & Errors
Most common problem:Most common problem:– files become corruptfiles become corrupt
This will mean that the system boot This will mean that the system boot up process will be suspended up process will be suspended indefinitely as the system looks in indefinitely as the system looks in vain for the missing filevain for the missing file
Correcting Correcting Installation ErrorsInstallation Errors
Each NOS should have a system to allow Each NOS should have a system to allow recovery from a failed installationrecovery from a failed installation– With Windows Server, it is “recovery console”With Windows Server, it is “recovery console”
Such a “recovery” system should allow the Such a “recovery” system should allow the system to reboot to at least a command system to reboot to at least a command promptprompt– allowing the necessary file(s) to be re-installed…allowing the necessary file(s) to be re-installed…
The computer should then again boot up The computer should then again boot up satisfactorilysatisfactorily
Installing ClientsInstalling Clients
Will be necessary if:Will be necessary if:– Existing client software not compatible with Existing client software not compatible with
server-side or is upgraded for other server-side or is upgraded for other reasonsreasons
– Existing client software becomes faulty or Existing client software becomes faulty or will not connect to the domainwill not connect to the domain
– New computer to be added to the domainNew computer to be added to the domain
Automatic InstallationsAutomatic Installations The first server on the network should always The first server on the network should always
be installed manuallybe installed manually However, NOSs allow capabilities for the However, NOSs allow capabilities for the
“automatic” installation of clients“automatic” installation of clients This means that all the questions that are This means that all the questions that are
asked by the installation process must be asked by the installation process must be answered on a text file or “script” that can be answered on a text file or “script” that can be accessed during the automatic installaccessed during the automatic install– with Windows 2000/3 this is known as with Windows 2000/3 this is known as
UNATTEND.TXTUNATTEND.TXT
More about Windows More about Windows “Automatic” Installation“Automatic” Installation
Several possibilities:Several possibilities:– RIS (Remote Installation Service)RIS (Remote Installation Service)
» Windows 2000/3 installation filesWindows 2000/3 installation files
» ““Unattend” ScriptsUnattend” Scripts
» All provided on a server (RIS server)All provided on a server (RIS server)
» Supports PXE (network boot option in BIOS)Supports PXE (network boot option in BIOS)
– SYSPREPSYSPREP» ““cloning” or “imaging” toolcloning” or “imaging” tool
» Just copy all folders and files directly from a prototype (!)Just copy all folders and files directly from a prototype (!)
Configuration of the Configuration of the Network environmentNetwork environment
NOS should allow options to add or remove NOS should allow options to add or remove network services and componentsnetwork services and components
If the NOS is really good, such If the NOS is really good, such reconfigurations will not even require a reboot!reconfigurations will not even require a reboot!– e.g. breeds of Unix (no registry)e.g. breeds of Unix (no registry)
Because the registry needs to be reconfigured Because the registry needs to be reconfigured and reread, Windows 2000/3 does often and reread, Windows 2000/3 does often require a reboot when new hardware is require a reboot when new hardware is added…added…
Upgrading the Server Upgrading the Server Environment…Environment…
Rather than starting again, with a completely Rather than starting again, with a completely new setup, it may be necessary to upgrade new setup, it may be necessary to upgrade an existing facility.an existing facility.
If the network is being upgraded from a If the network is being upgraded from a previous version, it will be necessary to previous version, it will be necessary to migrate settings and data into the new migrate settings and data into the new environmentenvironment– essential that such data is safely backed up to essential that such data is safely backed up to
tape drive or other safe location before the tape drive or other safe location before the upgrade beginsupgrade begins
Dual Boot SystemsDual Boot Systems Two different operating systems held on two Two different operating systems held on two
system partitionssystem partitions– one of the system partitions could (for simplicity) one of the system partitions could (for simplicity)
be a floppy disk or USB drivebe a floppy disk or USB drive
Most usual with network clients, interfacing Most usual with network clients, interfacing with two separate NOSswith two separate NOSs– always boot into one operating system (boot always boot into one operating system (boot
partition)partition)– then offered (via menu) a choice of system then offered (via menu) a choice of system
partition to be loaded into memorypartition to be loaded into memory
Updating DriversUpdating Drivers
NOT a good idea to remove a driver from the NOT a good idea to remove a driver from the system until there is evidence that the system until there is evidence that the replacement actually works!replacement actually works!
Advised procedure:Advised procedure:– disable the existing driverdisable the existing driver– either: use the Add/Remove Hardware wizard to either: use the Add/Remove Hardware wizard to
find and install the new driverfind and install the new driver– or: restart the computer and allow “plug and play” or: restart the computer and allow “plug and play”
to find and install the new driverto find and install the new driver
Ensuring that a driver is Ensuring that a driver is “authorised”“authorised”
Authorised drivers are “signed” by the Authorised drivers are “signed” by the manufacturermanufacturer
The “digital signature” can be read by any The “digital signature” can be read by any computer running a recent version of Windowscomputer running a recent version of Windows
If a driver doesn’t have an appropriate signatureIf a driver doesn’t have an appropriate signature– error message “pop up” appears on the screenerror message “pop up” appears on the screen
The driver could still be installed, but with no The driver could still be installed, but with no signature there is no guarantee that it will work!signature there is no guarantee that it will work!
Adding Manufacturers Adding Manufacturers Improvements to the NOSImprovements to the NOS
Networking software continually being Networking software continually being updated, optimised, and improved by updated, optimised, and improved by manufacturersmanufacturers
Improvements released as:Improvements released as:– New version of NOSNew version of NOS
» complete reinstall of systemcomplete reinstall of system
– ““Service Pack”Service Pack”» reinstallation of certain components and new featuresreinstallation of certain components and new features
» plugs to recently discovered security holesplugs to recently discovered security holes
– hotfixeshotfixes
Installation of a Service PackInstallation of a Service Pack An “update” command is availableAn “update” command is available The distribution folder (including URL The distribution folder (including URL
for Internet downloads) should be for Internet downloads) should be includedincluded
An option to uninstall the service pack An option to uninstall the service pack at a later date is included and at a later date is included and recommendedrecommended
A wizard manages the whole processA wizard manages the whole process
The EndThe End