Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Microsoft's slogan of - 'Easy to deploy, use, and manage' - does have a ring of truth.
However, it does rely on you having the knowledge and skill to make your Windows
Server 2003 fulfil its potential. I must confess that even though I am familiar with the
different types of server, every time I checked with the 'Configure Your Server Wizard', I
found at least one feature that I would otherwise have missed, so my mantra became 'Give the wizard a chance'.
Domain Controller
DNS (WINS)
DHCP
File Server
Print Server
Application Server
Mail Server
Terminal Services
RAS - Dial-in or VPN
Streaming Media
Certain server roles are best combined, for example domain controller, DNS, and DHCP,
whilst other roles are better on their own server, for example I would separate email
(Exchange) from Terminal Services.
Domain Controller
Active Directory is a huge topic in itself. While DCPROMO is easy to run, planning of
both the physical and the logical structure is the key to a trouble free active directory.
Good news, in Server 2003 you can rename the both the domain itself and the domain
controller (Renaming was greyed out in Windows 2000).
Domain controllers do not have to be your most powerful machines, however they must
be reliable and always available to answer logon requests. Decide which DCs will hold
which FSMO (Flexible single master operations) role. By default, only the first server is
a GC (Global Catalog). Having at least one GC on each site will improve any service
which makes and LDAP request for Active Directory names.
Install the Replication Monitor from the Support folder of the Server CD
Active Directory absolutely relies on DNS, this is why you must become an expert on
configuring DNS. Once DNS is setup, it runs itself thanks to the new dynamic
component hence DDNS. TCP/IP knowledge plus understanding of how DNS works is
essential when troubleshooting connectivity problems.
What DNS does is enable client machines to resolve servers IP addresses. Once the
client finds the server, Active Directory uses LDAP to locate services like Kerberos,
Global Catalog that clients request.
Your first domain controller can be tricky to setup. To begin with plan then check the
Computer Name found in the System Icon. Before you run DCPROMO make sure you
have the correct Primary DNS Suffix, drill down through the More.. button.
My tactic is to do as little configuring of the forward lookup zone as possible and leave it
all to the DCPROMO wizard. Once Active Directory creates the forward lookup zone, I
configure Active Directory integration to to replicate DNS records to the other servers.
Then I manually create the reverse lookup zone, add PTR records and check with
NSLOOKUP.
If you are troubleshooting DNS _SRV records, try stopping and starting the
Netlogon service.
Make it your reflex to install DNS on domain controllers.
(All I want to say about WINS is plan to phase it out, you only need it for Windows 9x
clients.)
Unlike the above roles, file servers should be member servers, installing Active Directory
here would be a disadvantage. Here are is your checklist of features for a file server that
you might wish to deploy.
to everyone. Failure to control security could also invite hackers to attacking your data.
So, delve into all aspects of security on your database servers.
There are extra hardware considerations for your application server. Pamper your
database 'crown jewels' with hardware RAID. Get a trial of clustering. Clustering is
technically interesting, is the way of the future and it will take reliability to another level.
Convince who ever holds the purse strings that the greater availability and less downtime
will pay for clustering.
Authentication
DNS (MX) record
Site Connectors, SMTP connectors
SMTP service, SMTP virtual server object
POP3 and IMAP server objects
Fire Wall
Configuring Mailboxes
OWA (Outlook web access)
(Client's Outlook)
Streaming Media
Rather exotic perhaps, but if you do need to support clients who need audio or video
services, then there is a separate Windows Media Service to install through Add Remove
Programs, Windows Settings.
The main question is which mode will you run terminal? Remote Desktop for
Administration or Application mode.
When you install the programs for Terminal Services check out - special 'Transforms'
method. 32 Bit programs should be o.k. Also search websites for scripts to make any
non Microsoft applications operate in multi session mode.
Group Policy. There are Group Policies just for Terminal services, e.g. Do not let users
accidentally Shut Down the terminal server when they think they are shutting down their
own machine!
Permissions. By default every user can access a terminal server, perhaps you wish to
change this.