Sei sulla pagina 1di 306

Course Outline

§ Planning, Installing, and Configuring Windows Server 2012 § Installing and Configuring an Active Directory Domain Controller § Administering Active Directory Objects § Automating Administrative Tasks § Configuring IPv4 § Configuring IPv6 § Installing and Configuring DHCP § Installing and Configuring DNS § Configuring Storage Spaces and File and Print Services § Configuring Group Policy § Securing Windows Servers § Installing and Configuring Virtual Servers and Clients

  Installing and Configuring Virtual Servers and Clients Copyright © 2013 IT University Online All rights

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

Planning, Installing, and Configuring Windows Server 2012

§ Introduction to Windows Server 2012

§ Describe Windows Server 2012 Management

§ Plan and Install Windows Server 2012

§ Configure Windows Server 2012

Copyright © 2013 IT University Online All rights reserved.

Windows Server 2012 Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

www.ituniversityonline.com

OV 1 - 1

Networking Environments

§ Local clients and servers

§ Cloud services (public, private, or both)

Copyright © 2013 IT University Online All rights reserved.

(public, private, or both) Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

www.ituniversityonline.com

OV 1 - 2

Windows Server 2012 Server Roles

§ Active Directory Certificate Services (AD CS)

§ Active Directory Domain Services (AD DS)

§ Active Directory Federation Services (AD FS)

§ Active Directory Lightweight Directory Services (AD LDS)

§ Active Directory Rights Management Services (AD RMS)

§ Application Server

§ DHCP Server

§ DNS Server

§ Fax Server

§ File and Storage Services

§   Fax Server §   File and Storage Services Copyright © 2013 IT University Online

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 3

Windows Server 2012 Server Roles (Cont.)

§ Hyper-V

§ Network Policy and Access Services

§ Print and Document Services

§ Remote Access

§ Remote Desktop Services

§ Volume Activation Services

§ Web Server (IIS)

§ Windows Deployment Services (WDS)

§ Windows Server Update Services (WSUS)

Copyright © 2013 IT University Online All rights reserved.

Update Services (WSUS) Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

www.ituniversityonline.com

OV 1 - 4

Windows Server 2012 Features

§ Windows BitLocker Drive Encryption

§ Failover Clustering

§ Group Policy Management

§ Ink and Handwriting Services

§ Internet Printing Client

§ Network Load Balancing (NLB)

§ Remote Assistance

§ Remote Server Administration Tools

§ Simple Mail Transfer Protocol (SMTP) Server

§ Telnet Client, Telnet Server

§ Windows PowerShell

§ Windows Server Backup

§ Windows System Resource Manager (WSRM)

§ Wireless Local Area Network (LAN) Service

§ Windows on Windows (WoW) 64 Support

Copyright © 2013 IT University Online All rights reserved.

Windows (WoW ) 64 Support Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV

www.ituniversityonline.com

OV 1 - 5

New Features in Windows Server 2012

§ Command auto-completion

§ Enhanced storage

§ Features on Demand

§ IP Address Management (IPAM) Server

§ New cmdlets

§ Resilient File System (ReFS)

§ Revised Task Manager

§ User interface

§ Windows BranchCache

Copyright © 2013 IT University Online All rights reserved.

  Windows BranchCache Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

www.ituniversityonline.com

OV 1 - 6

Comparing Server Roles and Features

§ Server Roles

§ Programs that configure a server to perform a specific function for users and/or computers on the network. Users typically access servers that are hosting server roles.

§ Examples: The DHCP Server role leases IP addresses to clients and devices; the DNS Server role configures the server to find the IP address for a given FQDN.

§ Features

to find the IP address for a given FQDN. §   Features §   Applications that

§ Applications that increase the functions the server can perform. In general, users do not access features.

§ Examples: You use Windows Server Backup to back up the server, not clients. The Wireless LAN Service enables you to connect the server to the network wirelessly.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 7

Windows Server 2012 Editions

§ Windows Server 2012 Datacenter

§ Designed for large organizations that need highly virtualized private and hybrid cloud network environments.

§ Designed for use by large organizations.

§ Includes all features of Windows Server 2012 and unlimited virtual machine instances.

§ Windows Server 2012 Standard

§ Designed for network environments with minimal virtualization needs.

for network environments with minimal virtualization needs. §   Includes all features of Windows Server 2012

§ Includes all features of Windows Server 2012 and two virtual machine instances.

§ Windows Server 2012 Essentials

§ Designed for use by small businesses with a maximum of 25 users and 50 network devices.

§ Tailored to the needs of a small organization with no more than 25 users.

§ Includes a streamlined interface, configuration for connecting to cloud services, and no support for virtualization.

§ Windows Server 2012 Foundation

§ Designed for very small organizations with up to 15 users.

§ Includes general-purpose server functionality and no support for virtualization.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 8

Windows Server 2012 Licensing

§ Windows Server 2012 Datacenter

§ Processor license for each CPU in the server.

§ Client access license (CAL) for each user or device that connects to the server.

§ Windows Server 2012 Standard

§ Processor license.

§ CAL per user or device.

§   Processor license. §   CAL per user or device. §   Windows Server 2012

§ Windows Server 2012 Essentials

§ Server license that supports a maximum of two server CPUs.

§ Maximum of 25 users.

§ Windows Server 2012 Foundation

§ Server license that supports only one CPU in the server.

§ Maximum of 15 users.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 9

Administrative Tools and Tasks

§ Server Manager

§ Add and configure server roles.

§ Examine and configure services.

§ Monitor events.

§ Configure server and network settings such as name, domain, and IP addresses.

§ Evaluate servers and the network (Best Practices Analyzer).

§ Windows PowerShell

(Best Practices Analyzer). §   Windows PowerShell §   Perform nearly all tasks that can be

§ Perform nearly all tasks that can be managed in the GUI.

§ Bulk administer objects.

§ Active Directory Users and Computers; Active Directory Administration Center

§ Create and manage Active Directory objects.

§ Group Policy Management

§ Create and configure group policies.

§ Performance Monitor

§ Monitor server and network performance.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 10

Administrative Tools and Tasks (Cont.)

§ Task Manager

§ Monitor server and network functionality, and performance.

§ Resource Monitor

§ Monitor server resources.

§ Task Scheduler

§

Create and schedule administrative tasks to run automatically.

and schedule administrative tasks to run automatically. §   Various MMCs, such as the DNS console

§ Various MMCs, such as the DNS console

§ Perform server-role specific tasks.

§ Remote Desktop

§ Perform remote management.

§ WinRM

§ Perform remote management from a command-line interface.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 11

Introduction to Server Manager

§ Manage configuration of multiple servers.

§ Review server event logs.

§ Install and configure additional roles.

§ Manage Windows services on each server.

§ Launch PowerShell for command-line administration.

Copyright © 2013 IT University Online All rights reserved.

administration. Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 - 12

www.ituniversityonline.com

OV 1 - 12

The Server Manager Interface

The Server Manager Interface Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 13

Multi-Server Management

§ Shows all servers running a particular service in the domain

§ Gives quick statistics about each server and service

§ Can open the management console for each service on each server

§ Can open other management tools:

§ RDP

§ PowerShell

§ Add Roles and Features

§ Computer Management

§ NIC Teaming

§ Performance Counters

§ Shut Down

Copyright © 2013 IT University Online All rights reserved.

§   Shut Down Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

www.ituniversityonline.com

OV 1 - 14

The Dashboard Pane

§ Top section displays a list of steps for configuring a server.

§ Bottom section displays “bird’s eye view” thumbnails of servers.

Copyright © 2013 IT University Online All rights reserved.

thumbnails of servers. Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

www.ituniversityonline.com

OV 1 - 15

All Servers Pane

§ View a series of sections:

§ Servers

§ Events

§ Services

§ Best Practices Analyzer

§ Performance

§ Roles and Features

Copyright © 2013 IT University Online All rights reserved.

  Roles and Features Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

www.ituniversityonline.com

OV 1 - 16

The File and Storage Services Pane

§ When selected, displays a second level of options:

§ Servers

§ Volumes

§ Disks

§ Storage Pools

§ Shares

§ iSCSI

Copyright © 2013 IT University Online All rights reserved.

Shares §   iSCSI Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

www.ituniversityonline.com

OV 1 - 17

The File and Storage Services Pane (Cont.)

The File and Storage Services Pane (Cont.) Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 18

Windows Server 2012 System Requirements

Hardware Component

Minimum Requirement

Recommended Hardware

Processor

1.4 GHz 64-bit processor

3.1 GHz or faster

RAM

512 MB

16 GB or more

Disk space

32 GB

128 GB or larger

Additional hardware needed:

§ DVD drive

§ Super VGA (800x600) or higher resolution monitor

§ Keyboard and mouse

§ Internet access

Copyright © 2013 IT University Online All rights reserved.

§   Internet access Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

www.ituniversityonline.com

OV 1 - 19

Windows Server 2012 Installation Methods

§ Optical media such as a DVD

§ USB drive

§ Network share

§ Mounted ISO image

§ Windows Deployment Services (WDS)

§ System Center Configuration Manager (SCCM)

§ Virtual Machine Manager templates

Copyright © 2013 IT University Online All rights reserved.

Machine Manager templates Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

www.ituniversityonline.com

OV 1 - 20

Installation Types

§ Fresh install

§ Upgrade

§ Migration

Copyright © 2013 IT University Online All rights reserved.

§   Migration Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

www.ituniversityonline.com

OV 1 - 21

Installation Modes

§ Server Core

§ Server with the graphical user interface (GUI)

§ Server with the Minimal Server Interface

Copyright © 2013 IT University Online All rights reserved.

Minimal Server Interface Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

www.ituniversityonline.com

OV 1 - 22

Upgrade Paths for Windows Server 2012

Current Version of Windows Server

Can Upgrade To

Windows Server 2008 Standard with SP2 or Windows Server 2008 Enterprise with SP2

Windows Server 2012 Standard, Windows Server 2012 Datacenter

Windows Server 2008 Datacenter with SP2 or Windows Server 2008 R2 Datacenter with SP1

Windows Server 2012 Datacenter

Windows Web Server 2008 or Windows Web Server 2008 R2

Windows Server 2012 Standard

Windows Server 2008 R2 Standard with SP1 or Windows Server 2008 R2 Enterprise with SP1

Windows Server 2012 Standard, Windows Server 2012 Datacenter

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 23

Migrating to Windows Server 2012

You must migrate the following services from an older server to a Windows Server 2012 server:

§ Active Directory Federation Services

§ Health Registration Authority

§ Hyper-V

§ IP Configuration

§ Network Policy Server

§ Print and Document Services

§ Remote Access

§ Windows Server Update Services

Copyright © 2013 IT University Online All rights reserved.

Server Update Services Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

www.ituniversityonline.com

OV 1 - 24

Installation Planning Worksheet

Installation Planning Worksheet Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 25

O f ine Images

§ Create and deploy server image using DISM

§ Create image file

§ Create answer file

§ Modify image file

Copyright © 2013 IT University Online All rights reserved.

  Modify image file Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

www.ituniversityonline.com

OV 1 - 26

Server Core Configuration

§ Assign a static IP address to the server.

§ Change the computer name and domain membership.

§ Implement network adapter teaming.

§ Enable Remote Desktop.

§ Activate the server.

Copyright © 2013 IT University Online All rights reserved.

  Activate the server. Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

www.ituniversityonline.com

OV 1 - 27

The Windows Server GUI Interface

Advantages of the full server with the graphical interface:

§ Contains all graphical administrative utilities.

§ Supports local and remote installation, configuration, and removal of server roles.

§ Provides use of MMC to create additional graphical consoles.

Disadvantages of the full server with the graphical interface:

§ Is less secure.

§ Uses more disk space.

§ Consumes more RAM.

§   Uses more disk space. §   Consumes more RAM. Copyright © 2013 IT University

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 28

Full Server with GUI Configuration

Perform the same tasks as with configuring Server Core:

1. Assign a static IP address to the server.

2. Change the computer name and domain membership.

3. Implement network card teaming.

4. Enable Remote Desktop.

5. Activate the server.

Copyright © 2013 IT University Online All rights reserved.

5. Activate the server. Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

www.ituniversityonline.com

OV 1 - 29

Configure Server with a Static IP Address

Configure Server with a Static IP Address Assign a static IP address, subnet mask, and default

Assign a static

IP address,

subnet mask,

and default

gateway

Assign at least one DNS server address

Assign at least one DNS server address
Assign at least one DNS server address
Assign at least one DNS server address
Assign at least one DNS server address
Assign at least one DNS server address

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 30

The Computer Name/Domain Changes Dialog Box

The Computer Name/Domain Changes Dialog Box Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 31

Network Card Teaming

Network Card Teaming Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

Copyright © 2013 IT University Online All rights reserved.

Network Card Teaming Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

www.ituniversityonline.com

OV 1 - 32

Enable Remote Desktop

Enable Remote Desktop Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1 -

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 1 - 33

Reflective Questions

1. In what scenario do you think it’s best to install Windows Server 2012 Server Core? 2. After configuring a server, why should you consider switching it from the GUI version of Windows Server 2012 to the Server Core version?

Copyright © 2013 IT University Online All rights reserved.

the Server Core version? Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 1

www.ituniversityonline.com

OV 1 - 34

Installing and Configuring an Active Directory Domain Controller

§ Overview of Active Directory

§ Install an Active Directory Domain Controller

Copyright © 2013 IT University Online All rights reserved.

Directory Domain Controller Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 2- 1

www.ituniversityonline.com

OV 2- 1

The Active Directory Physical Hierarchy

Each domain contains domain controllers, users, computers, printers, and so on

Fuller.loca l domain Rochester Boston. .fuller.loc fuller.loca al domain l domain
Fuller.loca
l domain
Rochester
Boston.
.fuller.loc
fuller.loca
al domain
l domain

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 2- 2

The Active Directory Logical Hierarchy

Site = Rochester
Site = Rochester

Fuller.loca

l domain

OU = Headquarters
OU = Headquarters

Rochester

.fuller.loc

al domain

OU = Rochester OU = OU = Sales Accounting
OU = Rochester
OU =
OU =
Sales
Accounting

Copyright © 2013 IT University Online All rights reserved.

Site = Boston
Site = Boston
2013 IT University Online All rights reserved. Site = Boston Boston. fuller.loca l domain OU =

Boston.

fuller.loca

l domain

OU = Boston
OU = Boston
Site = Boston Boston. fuller.loca l domain OU = Boston OU = Admin OU = Bookstore
OU = Admin
OU = Admin
OU = Bookstore
OU = Bookstore

www.ituniversityonline.com

OV 2- 3

Active Directory Components

§ Domain controllers

§ Data store

§ Global catalog servers

§ Read-only domain controllers (RODCs)

§ Domain

§ Domain tree

§ Forest

§ Site

§ OU

§ Partition

§ Schema

Copyright © 2013 IT University Online All rights reserved.

Partition §   Schema Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 2-

www.ituniversityonline.com

OV 2- 4

Active Directory Containers

§ Forest

§ Tree or domain tree

§ Domain

§ Site

§ Organizational unit

Copyright © 2013 IT University Online All rights reserved.

  Organizational unit Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 2- 5

www.ituniversityonline.com

OV 2- 5

Domain Controllers

Domain controllers perform these tasks:

§ Store a copy of the AD DS database in the NTDS.dit file.

§ Host a copy of the SYSVOL folder.

§ Authenticate users for log on purposes and also for access to resources.

§ Synchronize the SYSVOL folder using either File Replication Service (FRS) or Distributed File Service (DFS) replication.

Service (FRS) or Distributed File Service (DFS) replication. Copyright © 2013 IT University Online All rights

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 2- 6

Global Catalog Server

Global catalog servers perform these functions in the forest:

§ Contain a copy of the global catalog, which has references to every object in the forest.

§ Enable users and administrators to search for objects such as computers and printers distributed throughout the forest.

§ Support cross-domain searches.

the forest. §   Support cross-domain searches. Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 2- 7

Operations Master Roles

Domain controllers can also host forest-wide or domain-level operations master roles:

§ Schema master: Is responsible for updates to the schema.

§ Domain naming master:

§ Processes domain name changes. § Adds or removes domains or application directory partitions to or from the forest. § Adds replicas of application directory partitions to other domain controllers. § Adds or removes cross-reference objects to or from external directories.

cross-reference objects to or from external directories. §   RID master: Allocates blocks of relative

§ RID master: Allocates blocks of relative identifiers (RIDs) to every domain controller in the domain.

§ Infrastructure master: Updates references to objects in its own domain that point to objects in other domains, and also updates references to its local objects.

§ PDC emulator:

§ Supplies the correct time to the domain. § Stores the most-recent password changes. § Administers Group Policy and Distributed File System (DFS).

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 2- 8

Reflective Questions

1. What are the advantages of using Active Directory Domain Services?

2. Which types of installations do you expect to perform most often in your working environment?

Copyright © 2013 IT University Online All rights reserved.

your working environment? Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 2- 9

www.ituniversityonline.com

OV 2- 9

Administering Active Directory Objects

§ Design and Create an Active Directory Hierarchy § Manage Users § Manage Computers § Manage Groups § Delegate Administrative Tasks

Copyright © 2013 IT University Online All rights reserved.

Administrative Tasks Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 3 - 1

www.ituniversityonline.com

OV 3 - 1

Types of Active Directory Design

§ Geographical location § Organizational chart § Functional structure § Hybrid structure

Copyright © 2013 IT University Online All rights reserved.

§   Hybrid structure Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 3

www.ituniversityonline.com

OV 3 - 2

Active Directory Structure:

Geographical Design

Create domains and organizational units based on geographic locations for your organization.

Root Level Domain
Root Level
Domain

fuller.local

us.fuller.local

Country Domains
Country Domains
Level Domain fuller.local us.fuller.local Country Domains eu.fuller.local rochester.us.fuller.loc al City Domains

eu.fuller.local

rochester.us.fuller.loc al
rochester.us.fuller.loc
al
City Domains
City Domains
london.eu.fuller.loca atlanta.us.fuller.local l
london.eu.fuller.loca
atlanta.us.fuller.local
l

Copyright © 2013 IT University Online All rights reserved.

paris.eu.fuller.loca

l

www.ituniversityonline.com

OV 3 - 3

Active Directory Structure: Organizational Chart Design

Create domains and organizational units based on the organization’s organizational chart.

marketing.fuller.loc al
marketing.fuller.loc
al
Root Level Domain
Root Level
Domain

fuller.local

Departmental Domains
Departmental
Domains
al Root Level Domain fuller.local Departmental Domains production.fuller.loc al rochester.marketing. fuller.local
production.fuller.loc al
production.fuller.loc
al
rochester.marketing. fuller.local
rochester.marketing.
fuller.local
City Domains
City Domains

rochester.productio

atlanta.marketing. n
 fuller.local .fuller.local
atlanta.marketing.
n

fuller.local
.fuller.local

Copyright © 2013 IT University Online All rights reserved.

paris.production

.fuller.local

www.ituniversityonline.com

OV 3 - 4

Active Directory Structure: Functional Design

Create domains and organizational units based on the organizational chart structure. Root Level Domain fuller.local
Create domains and organizational units based on the organizational
chart structure.
Root Level
Domain
fuller.local
Functional Domains
administrative.fuller.loc
publishing.fuller.loc
sales.fuller.local
accounting.fuller.local
al
al

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 3 - 5

Active Directory Structure: Hybrid Design

Create domains and organizational units based on the organizational chart structure. Root Level Domain fuller.local
Create domains and organizational units based on the organizational
chart structure.
Root Level
Domain
fuller.local
Functional Domains
publishing.fuller.loc
sales.fuller.local
accounting.fuller.local
admin.fuller.local
al
Atlanta
Rochester
Boston
Rochester
Atlanta
Rochester
Rochester
Boston
Location Domains
or Organizational
Units

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 3 - 6

The Fuller & Ackerman Wide Area Network

The Fuller & Ackerman Wide Area Network Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 3 - 7

The Active Directory Administrative Tools

§ Graphical Administrative Tools

§ Active Directory Users and Computers § Active Directory Sites and Services § Active Directory Domains and Trusts § Active Directory Schema § Remote Server Administration Tools (RSAT) § Active Directory Administrative Center

§ Windows PowerShell Commands

Administrative Center §   Windows PowerShell Commands §   Add- ADGroupMember §   Disable-ADAccount §

§ Add-ADGroupMember § Disable-ADAccount § Get-ADDomain § Move-ADObject § New-ADGroup, New-ADOrganizationalUnit, New-ADUser § Remove-ADGroup, Remove-ADGroupMember, Remove-ADUser

§ Command-Line Utilities

§ Dsadd, Dsget, Dsmod § Dsmove, Dsquery, Dsrm

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 3 - 8

Tools for Creating User Accounts

§ Active Directory Users and Computers § Active Directory Administrative Center § PowerShell command New-ADUser § Command-line utility Dsadd.exe

Copyright © 2013 IT University Online All rights reserved.

utility Dsadd.exe Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 3 - 9

www.ituniversityonline.com

OV 3 - 9

User Profiles

User profiles contain the information necessary to establish the user’s desktop environment:

§ The Profile Path

§ Location where desktop settings are stored. § Also referred to as a roaming profile.

§ Logon Scripts

§ Batch files that map drive letters to network resources.

§ Home Folder Location

letters to network resources. §   Home Folder Location §   A folder you create to

§ A folder you create to store the user’s folders and files.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 3 - 10

Default Active Directory Objects

§ Builtin § Computers § Domain Controllers § ForeignSecurityPrincipals § Managed Service Accounts § Users

Copyright © 2013 IT University Online All rights reserved.

Accounts §   Users Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 3

www.ituniversityonline.com

OV 3 - 11

User Account Templates

§ Reduces workload of creating users. § Has all non-user specific configurations including group memberships. § Best practices:

§ Create the user account with an underscore at the beginning of the name. § Leave the account disabled. § Never let anyone use the template to log on. § Don’t configure template with information that is user-specific.

configure template with information that is user-specific. Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 3 - 12

The Computers Container

§ Default system container in Active Directory. § New computer accounts are created here by default. § Cannot have group policy directly applied to it. § Has a relative distinguished name of CN=Computers.§ Redircmp.exe can be used to change the default computer container. § Best practices:

the default computer container. §   Best practices: §   Specify another container as you create

§ Specify another container as you create the computer account. § Move computer accounts out of this default container into real OUs.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 3 - 13

Location Configuration

§ A best practice is to create OUs specifically to hold computer accounts. § It is common to create parent OUs by geography or department. § Child OUs can be for desktops or laptops. § Other child OUs can be for users, administrators, and resources. § Separate computers into OUs to delegate control and apply policy.

Copyright © 2013 IT University Online All rights reserved.

control and apply policy. Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 3

www.ituniversityonline.com

OV 3 - 14

Permissions Management

§ By default, the following have permissions to create computer objects:

§ Enterprise Admins § Domain Admins § Administrators § Account Operators

§ You should restrict membership to administrator groups. § Delegate control over an OU by using the Delegate Control wizard.

control over an OU by using the Delegate Control wizard. Copyright © 2013 IT University Online

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 3 - 15

Secure Channels

§ Like users, computers log on to the domain. § Ordinarily there is no need to manually reset a computer account. § If for some reason the computer cannot access its own account, you may have to perform a secure channel reset. § You can reset a computer account using the following tools:

§ Active Directory Users and Computers § DSmod § netdom § NLTest § PowerShell

Copyright © 2013 IT University Online All rights reserved.

§   PowerShell Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 3 -

www.ituniversityonline.com

OV 3 - 16

Types of Groups

§ Security § Distribution

Copyright © 2013 IT University Online All rights reserved.

§   Distribution Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 3 -

www.ituniversityonline.com

OV 3 - 17

Group Scopes

§ Local § Domain Local § Global § Universal

Copyright © 2013 IT University Online All rights reserved.

§   Universal Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 3 -

www.ituniversityonline.com

OV 3 - 18

Default Management Groups

§ Schema Admins § Enterprise Admins § Domain Admins § Administrators § Server Operators § Account Operators § Backup Operators § Print Operators

Copyright © 2013 IT University Online All rights reserved.

§   Print Operators Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 3

www.ituniversityonline.com

OV 3 - 19

Active Directory Domain Services Permissions

§ You can assign permissions to Active Directory objects:

§ Users § Computers § Groups

§ It is a best practice to delegate control to an entire OU. § Ef ective permissions are cumulative from individual permissions and group membership.

from individual permissions and group membership. Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 3 - 20

Reflective Questions

1. Do you foresee using user account templates in your organization? Why or why not?

2. Do you think you will delegate control to OUs in your organization? Why or why not?

Copyright © 2013 IT University Online All rights reserved.


 Why or why not? Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV

www.ituniversityonline.com

OV 3 - 21

Automating Administrative Tasks

§ Introduction to Windows PowerShell

§ Use Windows PowerShell to Manage Active Directory Objects

§ Use Command-Line Tools to Administer Active Directory

§ Use Bulk Operations

Copyright © 2013 IT University Online All rights reserved.

  Use Bulk Operations Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4

www.ituniversityonline.com

OV 4 - 1

Common PowerShell Uses for Administrators

§ Add and remove Windows Server roles and features.

§ Manage services.

§ List processes.

§ Create, list, and manage file systems.

§ View event logs.

§ Manage the Windows registry.

§ Manage monitoring tools.

§ Add, delete, and manage AD DS objects.

tools. §   Add, delete, and manage AD DS objects. Copyright © 2013 IT University Online

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 2

Windows PowerShell Features

§ Simplified syntax

§ Updated help

§ Enhanced module discovery

§ Session recovery

§ The show command

§ Web access

§ Delegated administration

§ Safety

Copyright © 2013 IT University Online All rights reserved.

§   Safety Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 -

www.ituniversityonline.com

OV 4 - 3

PowerShell Get-Help Command

PowerShell Get-Help Command Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 -

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 4

Update Help

§ Download the latest help file.

§ If Update Help cannot contact the Microsoft site, you can cancel and continue.

contact the Microsoft site, you can cancel and continue. Copyright © 2013 IT University Online All

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 5

Get-Help Service

Get-Help Service Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 - 6

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 6

Common Cmdlet Verbs

§

§ Backup

§ Clear

§ Close

§ Disable

§ Enable

§ Install

§ Get

Add

§

§ Set

§ Show

§ Stop

§ Suspend

§ Uninstall

§ Rename

New

§   Suspend §   Uninstall §   Rename   New Note: some words such as

Note: some words such as backupor neware treated as single verbs in PowerShell.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 7

Common Event Viewer Cmdlets

§ Get-EventLog

§ Show-EventLog

§ Clear-EventLog

§ Limit-EventLog

Copyright © 2013 IT University Online All rights reserved.

§   Limit- EventLog Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4

www.ituniversityonline.com

OV 4 - 8

The Get-EventLog Command

§ Get-EventLog retrieves log entries.

§ Must include the name of the event log file.

§ -Newest <number> gives most recent entries only.

-Newest <number> gives most recent entries only. Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 9

Service Cmdlets

§ Start-Service

§ Get-Service

§ Stop-Service

§ Suspend-Service

§ Resume-Service

§ Set-Service

§ Restart-Service

Resume-Service §   Set-Service §   Restart-Service Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 10

Process Cmdlets

§ Start-Process

§ Get-Process

§ Stop-Process

§ Wait-Process

§ Debug-Process

Stop-Process §   Wait-Process §   Debug-Process Copyright © 2013 IT University Online All rights reserved.
Stop-Process §   Wait-Process §   Debug-Process Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 11

An Advanced PowerShell Cmdlet

§ Get-Counter –Counter \Processor(_Total)\% Processor TimeSampleInterval 10 –MaxSamples 100

Processor Time ” – SampleInterval 10 –MaxSamples 100 Copyright © 2013 IT University Online All rights

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 12

The -Whatif Parameter

§ -WhatIf shows what would happen without actually doing it.

WhatIf shows what would happen without actually doing it. Copyright © 2013 IT University Online All

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 13

The -Confirm Parameter

§ The -Confirm parameter executes a command with confirmation.

§ Note: PowerShell will still ask you to confirm if the action will be taken on more than one object.

if the action will be taken on more than one object. Copyright © 2013 IT University

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 14

PowerShell ISE

PowerShell ISE Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 - 15

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 15

PowerShell ISE Scripting Pane

§ The Scripting pane is available on the toolbar.

§   The Scripting pane is available on the toolbar. Copyright © 2013 IT University Online

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 16

Execution Policies

§ Restricted – Scripts will not execute.

§ RemoteSigned – Locally created scripts will run; downloaded scripts must be digitally signed.

§ AllSigned – Scripts signed by a trusted publisher will run.

§ Unrestricted – Any script, signed or unsigned, will run.

Set-ExecutionPolicy Unrestricted

or unsigned, will run. Set-ExecutionPolicy Unrestricted Copyright © 2013 IT University Online All rights reserved.
or unsigned, will run. Set-ExecutionPolicy Unrestricted Copyright © 2013 IT University Online All rights reserved.
or unsigned, will run. Set-ExecutionPolicy Unrestricted Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 17

User Management PowerShell Cmdlets

§ Get-AdUser

§ New-ADUser

§ Set-ADUser

§ Enable-ADAccount

§ DisableADAccount

§ Remove-ADUser

§ Unlock-ADAccount

§ Set-ADAccountPassword

§ Set-ADAccountExpiration

Copyright © 2013 IT University Online All rights reserved.

Set- ADAccountExpiration Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 - 18

www.ituniversityonline.com

OV 4 - 18

Parameters for User Account Management

§ AccountExpirationDate<DateTime>

§ AccountPassword<securestring>

§ CannotChangePassword<Boolean>

§ ChangePasswordatlogon<Boolean>

§ Department<String>

§ DisplayName<String>

§ HomeDirectory<String>

§ ProfilePath

§ EmailAddress

Copyright © 2013 IT University Online All rights reserved.

§   EmailAddress Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 -

www.ituniversityonline.com

OV 4 - 19

Display All User Accounts

§ Get-ADUser –filter *

Display All User Accounts §   Get-ADUser –filter * Copyright © 2013 IT University Online All

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 20

View User Properties

§ Get-ADUser Tracy White–Properties *

§   Get-ADUser “ Tracy White ” –Properties * Copyright © 2013 IT University Online All

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 21

Users Home Folder Set Up in PowerShell

§ Set-ADUser Tracy White–HomeDirectory \\Users\tracywhitehomedir

Tracy White ” –HomeDirectory \\Users\tracywhitehomedir Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 22

Inactive and Disabled Accounts

§ Right-click an account in Active Directory Users and Computers to enable or disable it.

§ PowerShell examples:

§ Get-ADUser –filter ʻdepartment –eq Training”ʼ | Enable-ADAccount

§ $90Days = (get-date).adddays(-90) § Get-ADUser -filter {(lastlogondate -le $90Days) -and (enabled -eq $true)} | Disable- ADAccount

-le $90Days) -and (enabled -eq $true)} | Disable- ADAccount Copyright © 2013 IT University Online All

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 23

Group Management Cmdlets

§ Perform individual operations.

§ Create scripts to perform bulk operations.

Windows PowerShell Cmdlet

Description

Get-ADGroup

Displays property values for groups

New-ADGroup

Creates new groups

Set-ADGroup

Modifies group properties

Remove-ADGroup

Deletes groups

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 24

Parameters for Group Management

§ Groups have over 40 properties.

§ Get-ADGroup –identity Users–Property * – Returns all properties

Parameter

Description

Name

Defines the group name.

GroupScope

Defines the group scope as domain local, global, or universal. You must include this parameter.

DisplayName

Defines the Lightweight Directory Access Protocol (LDAP) display name.

ManagedBy

Defines a user or group that can manage the group.

Path

Defines the organizational unit (OU) in which the group is created.

SamAccountName

Defines a name that is backward compatible with older operating systems.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 25

Viewing Group Properties in PowerShell

§ Get-ADGroup –identity Users– Returns most common properties

“ Users ” – Returns most common properties Copyright © 2013 IT University Online All rights

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 26

Verifying Group Creation

New-ADGroup -Name "BusinessAnalysts" -Path "ou=marketing,dc=Fuller,dc-local" -GroupScope Global - GroupCategory Security

-GroupScope Global - GroupCategory Security Copyright © 2013 IT University Online All rights reserved.
-GroupScope Global - GroupCategory Security Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 27

Group Member and Membership Cmdlets

§ Add-ADGroupMember

§ Get-ADGroupMember

§ Remove-ADGroupMember

§ Add-ADPrincipalGroupMembership

§ Get-ADPrincipalGroupMembership

§ Remove-ADPrincipalGroupMembership

§ Examples:

§ Get-Adgroupmember -Identity administrators

§   Get-Adgroupmember -Identity administrators §   Get-Adgroupmember -Identity Enterprise Admins

§ Get-Adgroupmember -Identity Enterprise Admins –recursive

§ Add-ADGroupMember BusinessAnalysts -Members "TracyWhite"

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 28

Computer Account Management

§ Cmdlets

§ Get-ADComputer

§ New-ADComputer

§ Set-ADComputer

§ Test-ComputerSecureChannel

§ Reset-ComputerMachinePassword

§ Remove-ADComputer

§ Parameters

§ Name

§ Path

§ Enabled

Copyright © 2013 IT University Online All rights reserved.

Path §   Enabled Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4

www.ituniversityonline.com

OV 4 - 29

OU Management

§ Cmdlets

§ Get-ADOrganizationalUnit

§ New-ADOrganizationalUnit

§ Set-ADOrganizationalUnit

§ Remove-ADOrganizationalUnit

§ Parameters

§ Name

§ Path

§ ProtectedFromAccidentalDeletion

Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 - 30

www.ituniversityonline.com

OV 4 - 30

Viewing OU Information

§ Get-ADOrganizationalUnit

Viewing OU Information §   Get- ADOrganizationalUnit Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 31

Creating an OU

New-ADOrganizationalUnit -Name Philanthropy -Path "ou=Marketing,dc=Fuller,dc=Local"

-Path "ou=Marketing,dc=Fuller,dc=Local" 
 Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 32

Modifying OU Properties

Set-ADorganizationalunit -Identity "OU=Marketing, DC=Fuller,DC=Local" -Country "US" –StreetAddress "2111 Main Street" -City Seattle -State WA -PostalCode 30022

Main Street" -City Seattle -State WA -PostalCode 30022 Copyright © 2013 IT University Online All rights

Copyright © 2013 IT University Online All rights reserved.

WA -PostalCode 30022 Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 -

www.ituniversityonline.com

OV 4 - 33

CSVDE

§ Export basic syntax:

§ Csvde –f <filename>

§ Import basic syntax:

§ Csvde –i –f <filename>

Copyright © 2013 IT University Online All rights reserved.

–f <filename> Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 - 34

www.ituniversityonline.com

OV 4 - 34

CSV File

§ Can be .csv or .txt

§ First line contains attribute names

be .csv or .txt §   First line contains attribute names Copyright © 2013 IT University

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 35

LDIFDE

§ Syntax like CSVDE

§ Can be used to modify objects in place:

§ Use Changetype line

Copyright © 2013 IT University Online All rights reserved.

  Use Changetype line Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4

www.ituniversityonline.com

OV 4 - 36

DS Commands

§ DSadd

§ DSget

§ DSquery

§ DSmod

§ DSrm

§ DSMove

§ Examples:

  DSmod §   DSrm §   DSMove §   Examples: §   DSadd user “

§ DSadd user CN=Sally Green,OU=Sales,DC=fuller,DC=local

§ DSmod user CN=Sally Green,OU=Sales,DC=fuller,DC=local–dept Marketing

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 37

Bulk Operations

§ Three primary ways to perform bulk operations:

§ Graphical tools

§ Command-line tools

§ Scripts

Copyright © 2013 IT University Online All rights reserved.

tools §   Scripts Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4

www.ituniversityonline.com

OV 4 - 38

Querying Objects

§ SearchBase – Search path in AD hierarchy

§ SearchScope – Depth or at what level search should be performed

§ ResultSetSize – Maximum number of objects returned in a query

§ ResultPageSize – Maximum number of objects for each page returned

§ Properties – Which properties to display

Copyright © 2013 IT University Online All rights reserved.

properties to display Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 -

www.ituniversityonline.com

OV 4 - 39

Global Search

Global Search Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 - 40

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 4 - 40

Object Configuration

§ Pipe output of Get command to input of Set command

§ Get-ADUser | Set-ADUser

§ Example:

§ Get-ADUser –Filter ʻlastlogondate –lt September 1, 2012”ʼ | Disable-ADAccount

Copyright © 2013 IT University Online All rights reserved.

| Disable-ADAccount Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4 - 41

www.ituniversityonline.com

OV 4 - 41

Reflective Questions

1. In what ways do you think PowerShell can help you to perform daily administrative tasks in your environment?

2. Do you foresee a need to use bulk operations to manage user accounts in your environment? Why or why not?

Copyright © 2013 IT University Online All rights reserved.

Why or why not? Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 4

www.ituniversityonline.com

OV 4 - 42

Configuring IPv4

§ Overview of the TCP/IP Protocol Suite

§ Describe IPv4 Addressing

§ Implement Subnetting and Supernetting

§ Configure and Troubleshoot IPv4

Copyright © 2013 IT University Online All rights reserved.

and Troubleshoot IPv4 Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 5 -

www.ituniversityonline.com

OV 5 - 1

The TCP/IP Protocol Suite

The TCP/IP Protocol Suite Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 5

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 2

The OSI Model and the TCP/IP Suite

Comparing the OSI and TCP/IP models

and the TCP/IP Suite Comparing the OSI and TCP/IP models Copyright © 2013 IT University Online

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 3

IPv4 Packet

IPv4 Packet Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 5 - 4

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 4

TCP/IP Applications

Protocol

Description

HTTP

HyperText Transfer Protocol. Used for communication between web browsers and web servers.

HTTPS

HTTP Secure. Uses encryption for communication between web browsers and web servers.

POP3

Post O f ce Protocol 3. Retrieves email messages from an email server.

SMTP

Simple Mail Transfer Protocol. Transfers mail over the Internet.

FTP

File Transfer Protocol. Transfers files between FTP servers and clients.

SMB

Server Message Block. Used for file and print sharing between servers and clients.

DNS

Domain Name Service. Converts domain names to IP addresses.

RDP

Remote Desktop Protocol. Allows remote control of a Windows operating system over a network.

DHCP

Dynamic Host Configuration Protocol. Dynamically assigns IP addresses to network clients.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 5

TCP/IP Sockets

§ A Windows TCP/IP socket consists of three components:

§The transport protocol used by the application, either TCP or UDP §The TCP or UDP port number used by the application §The IP address (IPv4 or IPv6) of the source and destination host connection

§ Well-known port numbers:

 

Port

Transport

 

80

TCP

Protocol Application Service HTTP HTTPS

443

TCP

110

TCP

POP3

25

TCP

SMTP FTP SMB DNS name lookups DNS zone transfers

 

20, 21

TCP

445

TCP

53

UDP

53

TCP

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 6

IPv4 Addresses

§ Allow for network layer data routing of IP datagrams from one IP device connection (source) to another (destination).

§ Each networked device must be configured with a unique IP address.

§ To make IPv4 addresses easier for humans to manage, IPv4 address formatting expresses binary bit values as dotted decimal notation.

§ Each octet converts to a decimal number between 0 and 255.

Each octet converts to a decimal number between 0 and 255. Copyright © 2013 IT University

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 7

Subnet Masks

§ Identifies which part of the IPv4 address is the network ID and which part is the host ID.

§ In its simplest implementation, the default subnet mask is either 255 or 0.

§ Octets with a value of 255 identify the network ID part of the address, and a value of 0 identifies the host part of the address.

§ For the IP address 192.168.1.100 and the subnet mask 255.255.255.0, the network ID is 192.168.1.0 and the host connection ID is 0.0.0.100.

ID is 192.168.1.0 and the host connection ID is 0.0.0.100. Copyright © 2013 IT University Online

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 8

Default Gateway

§ Usually a router, provides a default route used by TCP/IP hosts to forward packets to hosts on remote networks.

§ On a local subnet, you configure the local hosts with the IP address of the router, which is the default gateway, to enable local hosts to communicate with hosts on another network.

§ Configure the default gateway:

§ In the GUI in the properties of the network adapter

§ Command line §netsh interface ipv4 set address

§ PowerShell

§ For new IP address: new-netipaddress

§ Changing an IP address: set-netipaddress

Copyright © 2013 IT University Online All rights reserved.

address: set-netipaddress Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 5 - 9

www.ituniversityonline.com

OV 5 - 9

Public and Private IP Addresses

§ Public IP address:

§ Public IPv4 addresses, managed by IANA, must be unique

§ Distributed by IANA

§ ISP distributes to businesses and individuals

§ Used to traverse the Internet

and individuals §   Used to traverse the Internet §   Private IP address: §  

§ Private IP address:

§ Reserved by IANA

§ Can be used internally by businesses and individuals

§ Does not route to the Internet

§ Must be NATed to allow businesses or users to connect to the Internet

§ Private IPv4 address ranges established by IANA:

10.0.0.0/8

172.16.0.0/12

192.168.0.0/16

10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 10

Binary Values and Dotted Decimal Notation

Binary Values and Dotted Decimal Notation Copyright © 2013 IT University Online All rights reserved.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 11

Subnetting

§ Provides a means to divide your network into smaller, discrete networks that better serve the needs of your organization.

§ Enables you to divide the 32 bits of an IPv4 address to create the number of subnets you need as well as the number of host addresses you need for that subnet.

Copyright © 2013 IT University Online All rights reserved.

need for that subnet. Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 5

www.ituniversityonline.com

OV 5 - 12

Benefits of Subnetting

§ Segment a large network to increase administrative e f ciency.

§ Reduce network congestion by limiting host broadcasts to smaller network segments.

§ Increase security by isolating some hosts to a specific segment or limiting internetwork communication using firewall access controls.

§ Enable proactive capacity planning based on projected growth of an organization.

planning based on projected growth of an organization. Copyright © 2013 IT University Online All rights

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 13

Subnet Address Determination

§ Determine how many subnets you need.

§ Use that to determine how many bits to move the subnet mask.

Number of

Number of Subnets

Bits (n)

(2n)

1

2

2

4

3

8

4

16

5

32

6

64

7

128

Copyright © 2013 IT University Online All rights reserved.

6 64 7 128 Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 5

www.ituniversityonline.com

OV 5 - 14

Subnet Address Determination (Cont.)

Binary Bits for Network Number Decimal Value of Network Number 172.16.00000000.00000000 172.16.0.0
Binary Bits for Network
Number
Decimal Value of Network
Number
172.16.00000000.00000000
172.16.0.0
172.16.00100000.00000000
172.16.32.0
172.16.01000000.00000000
172.16.64.0
172.16.01100000.00000000
172.16.96.0
172.16.10000000.00000000
172.16.128.0
172.16.10100000.00000000
172.16.160.0
172.16.11000000.00000000
172.16.192.0
172.16.11100000.00000000
172.16.224.0

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 15

Host Address Determination

§ To determine the host bits in a subnet mask, you need to know the number of hosts you will support on a subnet.

§ You use the standard formula of 2n-2, in which n represents the number of bits when calculating host bits.

§ In classful addressing two host IDs are reserved, which is why you subtract two from the initial calculation.

Number of Number of Hosts Bits (n) (2n-2) 2 2 3 6 4 14 5
Number of
Number of Hosts
Bits (n)
(2n-2)
2
2
3
6
4
14
5
30
6
62
7
126
8
254

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 16

Host Address Range Determination

Network Host Address Range 172.16.0.0/19 172.16.0.1-172.16.31.254 172.16.32.0/19 172.16.31.1-172.16.63.254
Network
Host Address Range
172.16.0.0/19
172.16.0.1-172.16.31.254
172.16.32.0/19
172.16.31.1-172.16.63.254
172.16.64.0/19
172.16.64.1
- 172.16.64.254
172.16.96.0/19
172.16.96.1
- 172.16.96.254
172.16.128.0/19
172.16.128.1
- 172.16.128.254
172.16.160.0/19
172.16.160.1
- 172.16.160.254
172.16.192.0/19
172.16.192.1
- 172.16.223.254
172.16.224.0/19
172.16.224.1
-172.16.255.254

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 17

Supernetting

§ Supernetting performs the opposite operation of subnetting.

§ Combine multiple small contiguous networks into a single large network.

§ Supernetting, also known as classless interdomain routing (CIDR), allows you to create a logical network for the number of hosts you require.

a logical network for the number of hosts you require. Copyright © 2013 IT University Online

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 18

Supernetting (Cont.)

Combine the following networks:

Network

192.168.14.0 192.168.14.1 - 192.168.14.255

192.168.15.0 192.168.15.0 - 192.168.15.255

192.168.16.0 192.168.16.0 - 192.168.16.255

192.168.17.0 192.168.17.0 - 192.168.17.254

Network Range

Here is the resulting supernet:

Network

Supernet Mask

Network Range

the resulting supernet: Network Supernet Mask Network Range 192.168.14.0/21 255.255.252.0 192.168.14.1 - 192.168.17.254

192.168.14.0/21

255.255.252.0

192.168.14.1 - 192.168.17.254

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 19

IPv4 Manual Configuration

§ Servers need static IPv4 configurations to enable clients to connect to them consistently.

§ You can maintain current and accurate documentation of the IPv4 addresses used for various services on your network.

§ Configure them using TCP/IP properties, netsh, or PowerShell.

Copyright © 2013 IT University Online All rights reserved.

netsh, or PowerShell. Copyright © 2013 IT University Online All rights reserved. www.ituniversityonline.com OV 5 -

www.ituniversityonline.com

OV 5 - 20

IPv4 Automatic Configuration

§ Dynamic Host Configuration Protocol (DHCP) server enables you to configure TCP/IP addresses and other configuration options dynamically for large numbers of hosts on a network.

§ DHCP servers are configured with a scope or range of IPv4 addresses.

§ Clients send out a broadcast request to a DHCP server to obtain an IPv4 address automatically.

§ DHCP servers also may be configured with additional configuration settings a client may require.

§ Windows Server 2012 and Windows clients use automatic private IP addressing (APIPA), which is a reserved address range of 169.254.0.0 to

(APIPA), which is a reserved address range of 169.254.0.0 to 169.254.255.255. Copyright © 2013 IT University

169.254.255.255.

Copyright © 2013 IT University Online All rights reserved.

www.ituniversityonline.com

OV 5 - 21

IPv4 Troubleshooting Tools

§ IPconfig

§ Ping

§ Tracert

§