MCITP Book Final Edition by (Fayyaz Ahmed)

About Me:
Hello Everyone This is Fayyaz again. After my CCNA Book in Roman

Urdu I decide to complete my another book which is contian my
expirence in the field of Microsoft. When I did my MCITP in 2013 so
that time I never think in coming days I gonna write a book on it. The
idea is came in my mind because recently I completed my CCNA, MCITP &
CCNP certifications by the Grace of ALLAH just some while ago soOoOo I
decide to capture my all this type of expirence which I study in my
training centers. Thats way I gonna write this types of books.
EEMMM first I did CCNA the same year starting of 2013 and the after
3 year I research a lot and then in wirte a book on it in 2016 I
didnt say my CCNA Book is excellent but this is Good and this is
very good for the basics student of Cisco which want to learn
CCNA so this is very good for that type of person you can also
read my CCNA Book that enough knowledge about CCNA beacause I cover all the topics which
Cisco recomand in the CCNA 9.0 Course if you want so you can read my CCNA book link I mention
below.
For online Reading
:
https://www.scribd.com/doc/290597558/Complete-CCNA-Book-With-Configuration
For Download a Book direct Link :
http://www.mediafire.com/download/fvav37gh4549a7u/CCNA+Book+With+Configuration.pdf
Why I Write this Book?

So, the idea of writing this Book came into my mind a few Times back when I completed my CCNA
Book I decide to cover my second cource which I did and the cource is MCITP I know that MCITP
is obsolete but this is very helpful to beginners who new in this field and wanna learn some basics
concept of window servers and server enviornment. Basically the main reason is that I wannt to
share my knowledge which I learn to spend lots of time I try tu Make It Easier which others people
which want to learn the same things in a short time. The Design of book is to easy this book
contain just Five Modules which is step by Step you read its enough knowledge for the beginners
included step by step configuration Thats it.
Feedback Information:
As you read this Book and you think that this has helped you in any way then it would be great
if you give me your feedback and even if you think that it has been poorly conceived and
written I would like to hear your Feedback and your comments. Feel free to comment of post
my official page the name is Make It Easier link is https://www.facebook.com/MIEasier go
my page and type a post If you think this book help you in any way &Thank You so much for
reading this and also prays for my bright Future stay connected. Fayyaz Ahmed.
Window 7 Configurations.
Topic Covers in Module 01

ContantU
1) Concept of Windows Operating System.
2) Step by Step Installation of Window 7.
3) Concept of NTFS Technology.
4) Concept of Disk Management.
5) App-locker Concept and configuration.
6) Bit-locker Concept and configuration.
7) Firewalls Concept.
WINDOW OS:
Operating Systems:
There are two type of Operating Systems.
1) Client OS
2)
Server OS.
Client Operating System:

Client OS clients k ley hy matlab wo simple users k ley hy. jo normally hum home ya kessi single computer my
use karty hy. Client OS usually desktop computer per use ki jati hy wo desktop computer jo k home base system
hu ya pher network may as a workstation user k handover hu Client OS like, window 7, window 8/8.1 or
windows 10 that is all about client OS.
Client OS users k workstations per installed hoti hy jo k Server environment my Server k sath connect hoti hy.
Server Operating System:

A server operating system, also called a server OS. Server OS specially designs kia gaya hy enterprise or
corporate level k ley. Eak essa specialized OS jo k network my services provide karny k ley design kia gaya hy.
Server OS bhut c services provide karty hy like Active Directory, DHCP Service, Mail Service, web Service,
Database & Print Services and so on. So in short Server OS network may services provide karty hy or client OS
us Services ko use karty hy. Server OS like, window Server 2008 r2, and Window server 2012,
Difference between Client OS and Server OS:

1) Client OS (Operating System) eak essa OS hota hy jo k eak single user k workstation per installed hota
hy or ussi user k handover hota hy jaha wo user work karta hy. Client OS Services provide nahi karta
balky Server OS sy services ko get karta hy.
2) Server OS (Operating System) eak essa OS hota hy jo k multi-user OS hota hy jaha multiple Users at a
time us server k sath connect hoty hy or apna kaam kar rahy hoty hy or server OS un sary clients ko
apni services provide kar rha hota hy. Server OS Network my mojood sary clients ko apni services
provide karta hy.
How to Install Client Operating System:

Pre-requisites:
Before working on this lab, you must have
1) A Computer and Windows 7 Operating System CD/DVD ya bootable USB.
INSTALLATION OF WINDOWS 7 OPERATING SYSTEM

1.
Restart the System and go to BIOS.
2.
Set the First Boot Device as DVD ROM.
3.
Save the settings by Pressing F10 and click YES.
4.
Insert Windows 7DVD and Restart the system.
5.
Press any key to boot from the CD or DVD.
6.
System copies the files from DVD.
7.
Select the language to install English.
8.
Click Install now.
9.
Check the box I accept the license terms
10.
Select Custom Installation.
11.
Click Drive options.
12.
Select Unallocated Space and click New.
13.
Enter the size for the partition, and click Apply.
14.
Select the Partition and click Next.
15.
Windows Installation will start.
16.
System Restarts.
17.
Completes the Installation, and system will be restarted.
18.
Enter the User Name and verify the Computer Name, click Next.
19.
Enter the Password and Confirm, click Next.
20.
Configure Automatic Updates Ask me later.
21.
Select the Time zone and click Next.
22.
Select the location of your computer Work network.
23.
It Prepares the Desktop.
24.
Finally Operating System is installed and the User has logged in.
NTFS TECHNOLOGY:
What is File System?
File System eak essa Structure hy jis ki help sy Computer ya
Operating system hard drive per data Allocate or Manage karty hy.
Jab hum apni hard drive my partitions ko create karty hy or ussy
format karty hy us time py hammy FAT32 or NTFS options ko select
karna hota hy. FAT32 eak simple file system hy or NTFS eak advance
or features file system hy.
FAT32:
File Allocation Table ko Bill Gates or Mark MacDonald ny 1977 my banaya tha but tb sy ab tk is my bhut si
changes aaye hy phly jb 4 GB ki har drive thi jbtk FAT16 Popular raha or pher jab hard drive k space ko barhaya
gaya So then FAT32 ko introduce kia gaya.
NTFS:
New Technology File System ko Microsoft or IBM ny 1993 my mil kar banaya tha or ye Window NT platform
my introduce kia gaya tha or us k bad sy Window based Server Operating System my. ya Window XP ya us k
bad k sary hi versions my commonly use hota hy.
Difference between FAT32 & NTFS:

FAT32
NTFS
FAT32 my 32 means k data 32bit k chunks my save

hota hy. FAT32 mai file ka size maximum 4 GB minus
2 byte ka hosakta hy ya approximately 4 GB ka file
size hota hy.
FAT 32 Less Tolerance hota hy File Allocation Table
ki sirf 2 files ko hi maintain karta hy or agar wo file
crypt hojaye tu backup file k throw ussy restore kia
jasakta hy.
NTFS my hum 244 bytes ya pher 16 TB minus 64kb tk

ki file create kar sakty hy yani k NTFS my file ka size
maximum 16TB ka hosakta hy.
FAT32 Less secure hy is my security permission sirf

share permission sy hi milti hy jis sy network my
rehty howy tu system secure hota hy matlab k ap k
computer my rakha data tu permission k hisab sy hi
access kia ja sakta hy lekin locally essa nahi hota hy
matlab jo user ap k computer ko use kar raha hy wo
is per rakhi sub hi files or folder ko kessi bhi tariky sy
use kar sakta hy.
NTFS bhut hi secure system hy jis my File Permission

ki help sy hum ye define kar sakty hy k kon sy users
locally network py rakhi file ko kis level tk use
karsakty hy NTFS locally or network donu my
security provide karta hy.
NTFS Fault Tolerance provide karta hy or ye disk my

hony wali sari changes ko log file my maintain karta
hy. Or agar yaha file crypt hojaye tu NTFS Auto
Repair sy file system ko repair karny ki koshish karta.
FAT32 my koi bhi compression nahi hoti yani k is my Jbky NTFS compression k features provide karta hy
hum data ko compress kar k space ko save nahi kar to ye bhi eak difference hy FAT32 or NTFS my is k
sakty.
elawa hum kabhi bhi apny system ko FAT32 sy NTFS
my convert kar sakty hy jab k NTFS ko ap FAT 32 my
kabhi bhi convert nahi kar sakty
Concept of Disk Management:

Disk management k throw hum apny computer ki hard drive ko manage karty hy. If you want to open Disk
management in your computer so right click on your computer and goto manage. And the second option run
the command Diskmgmt.msc
Disk Management is available in most versions of Microsoft Windows including Windows 10, Windows
8, Windows 7, Windows Vista, Windows XP, and Windows Server OS.
Uses of Disk Management:

1)
2)
3)
4)
5)
6)
7)
Create a Partition
Format a Drive
Change Drive Latters
Shrink a Partition
Extend a Partition
Delete a Partition
Change a drive file system
APP-LOCKER
App-Locker:
App-locker eak essi application window 7 mai jis ko use kar k ap apny computer per kessi bhi user ko restricted
kar sakty hy K wo koi application ko run na kar saky ya koi program installed na kar saky ya koi script run na
kar saky to app-locker ko use kar k hum apny computer per kessi bhi user ko ye task perform karny sy restrict
kara sakty hy k user computer per ye task perform na kar saky.
Role in App-locker:
App-locker my 3 tarha k role configure hoty hy.
1) Executable Role
Ye rule window ki .exe file per lagaya jata hy is role ko configure kar k hum kessi bhi user k ley koi bhi
application disable kar sakty hy. Or us application ka path define kar k bhi hum us application ko restricted
kara sakty hy k us user per ye ETC applications ya games run na hu to App-locker ussy us user k ley block
kar dyta hy.
2) Window installer Role
Ye role tamam software installation ki files ko restricted karny k ley configure kia jata taky koi bhi user
computer per khud sy koi software installed na kar saky.
3) Script Role
Ye role tamam .batch file ko block karny k ley configure kia jata hy taky koi user computer per koi script
run na kar saky
Restrict Access to Programs with AppLocker in Windows 7

Note: AppLocker is only available in Ultimate and Enterprise versions of Windows 7.
Using AppLocker
To access Group Policy Editor and create rules in AppLocker youll need to be logged in as Administrator.
Click on Start and type gpedit.msc into the search box and hit Enter.
Under Local Computer Policy go to Computer Configuration \ Windows Settings \ Security Settings \
Application Control Policies \ AppLocker.
Now you will see the overall controls for the applications.
Under Configure Rule Enforcement click on the Configure rule enforcement link.
Now under AppLocker Properties check the boxes next to Configured under Executable rules then click Ok.
Blocking Apps from Running

In this scenario, my brother wastes time playing games like Minesweeper and Solitaire when he should be
doing his homework, so we are going to block all of the games. After completing the steps above, under the
Overview section click on Executable Rules.
Since this is your first time accessing AppLocker, there will be no rules listed. Right-click and select Create
New Rule
This opens up the Create Executable Rules wizard and you can select not to show the introduction screen at
start up for the next time you access it.
Select Permissions under Action select Deny.
Add the user you want to block, in this case its Jack.
After youve selected the deny action and selected the user continue to the next step.
In Conditions you can select from Publisher, Path or File hash. We dont want Jack to have access to any of
the games. so we will select Path.
Click on Browse Folders and select the Microsoft Games folder.
In the next screen you could add Exceptions like allowing certain files, but because we are blocking the entire
games directory well skip to the next screen.
Here you can add a description to the rule so you can keep track of them is there are several rules configured.
When everything looks right click on Create.
A message pops up saying default rules havent been created yet. It is important to make sure they are created
so click Yes to this message.
Now you will see the default rules and the new one you created showing Jack is denied access to the
Microsoft Games directory.
After creating the rule make sure and go into services and make Application Identification is started and that
its set to automatically start as well otherwise the rules wont work. By default this service is not started so
you will need to enable it.
Now, when Jack logs into his user account and tries to access the games he will only see the following
message. Only an Administrator can go in and change the rule.
What is Bit-locker?
BIT-LOCKER
Bit locker window 7 my introduced howa tha is feature k throw hum apni hard drive k kessi bhi partition per
password laga kar ussy secure kar sakty hy in the form of hash value
Disable Bit-locker:
Or agar bit-locker ko disable karna ho tu matlab essy hatana ho tu window ka button press kary or search my
type kary bitlocker and then click it & turn it off.
How to Encrypt your Windows 7 Hard Disk with BitLocker

Encrypt your Windows 7 boot drive with BitLocker.
Once it is enabled, it's time to get going with encrypting your drive. First, find Bitlocker on your PC Windows
7 system drive. Right click on the drive and select Turn on BitLocker.
BitLocker will scan your system to make sure the setup process can proceed. It might inform you that a new
system drive will be created from free space on drive C. This is where BitLocker stores its boot-time
components. After this is done, reboot.
Next, configure the decryption key. Just plug in a USB drive with the decryption key on it at boot time. Or
supply a PIN at startup for additional security.
When you select require a Startup Key, the system will prompt you to insert a USB flash drive. This will store
the decryption key. It'll also prompt you to save a separate copy of the recovery key, which you should save to
decrypt the drive in the event the Startup key ever gets damaged or goes missing.
TIP: Don't save the recovery key to the same place as your Startup key. It's like putting your house and car keys
on same ring. Not smart.
Before starting the encryption process, BitLocker will offer to run a system check. This ensures the Startup key
is readable at boot time and that decryption works. The whole process shouldnt take more than a couple of
minutes, and I strongly recommend you take it up on its offer.
Note: When your system boots with the Startup key plugged in, a message that says Remove disks or other
media could pop up. If it does, press any key to restart.
CAUTION: Do not remove the startup key when you see this message. If you take the key out at this time, the
startup check will fail and youll have to begin again from a much earlier step. So just press a key and continue
the boot process.
Once the startup check succeeds, BitLocker will begin encrypting the system drive in the background. The
encryption process could take several hours. During this time the computer will still be usable -- and in fact
even be suspended, shut down or restarted.
That said, the system will be slower respond while it encrypts the system drive. Dont expect to get a great deal
done at this time.
If you double-click on the tray icon for BitLocker, you can see a progress window for the encryption process.
Drives encrypted by BitLocker will have a lock icon. Note that only the system drive has been protected. Notice
the other drives in this system, which are for such auxiliary user data as downloads, are not encrypted. You'll
have to encrypt them manually.
Remember, BitLocker is included in most versions of Windows, but not in home versions. You'll have to seek
another solution, like True Crypt.
Enjoy your newly secure boot drive.
As promised at the beginning, your system administrator will have enable BitLocker in Windows. Here's a guide
you can show them to help them figure that out.
FOR ADMINISTRATORS: If you've got BitLocker up and visible on your system drive, just jump ahead to the
configure process. Launch gpedit.msc by typing that command in the Start Menus Search box and pressing
Enter.
Navigate to Local Computer Policy >> Computer Configuration >> Administrative Templates >> Windows
Components >> BitLocker Drive Encryption >> Operating System. Here is what you'll see.
Double-click on Require additional authentication at startup and select Enabled. Then check this: Allow
BitLocker without a compatible TPM. The other options should each be set to Allow. Click OK and close the
Group Policy Editor. Thats it.
FIREWALLS
Firewall:
Firewall eak essi wall hy jo traffic ko filter karti hy wo chaye incoming traffic ho ye outgoing traffic. Firewall
company k edge per lagai jati hy jaha sy company k pory network ki entrance ho rahi hoti hy. Firewall ka apna
operating system hota hy or ussy manually configure kia jata hy taky wo network ko secure kar saky bahar k
network sy.
Filter?
Jitney bhi unwanted objects hoty hy jessy Viruses, Spam, Trojans unhy block kar dyti hy filtering k doran
network ko secure rakhti hy essu objects jo network k ley harmful hoty hy unhy network mai IN nahi hony dyti.
Types of Firewall:
1) Hardware base firewall
Hardware base firewall switch ki tarha hoti hy or ye available hy Cisco, juniper, or kuch 3rd party companies
example china ki but zada trustable Cisco firewalls hoti hy jo k worldwide use ki jati hy or hardware base
firewall bhut costly hoti hy.
2) Software base firewall
Jo companies hardware base firewalls nahi purchase kar sakti hy to wo software base firewalls ko purchase
karti hy or ye available hy KS per sky, Avira, Norton, NOD32, AVG & so on. But in sub firewalls my sy sub
sy zada trustable firewalls hy Microsoft ki jesy ISA or TMG ye firewalls operating system per installed hoti
hy or in my In Bound or Out Bound Roles create kiyee jaty hy. but hardware base firewalls kaffi strong hoti
hy as compare to software base firewalls.
Policy & Role in firewalls:

Jitney bhi firewalls hoti hy wo chayee software base ho ya hardware sub my 2 tarha ki policies lagai jati hy.
1) In bound
2) Out bound
: k kis traffic ko filter kar k andar aany dyna hy.

: k kis traffic ko filter kar k bahar jany dyna hy.
Configuration of Window Server

2008r2 Applications

ContantU
1) Network Infrastructure.
2) Introduction of Server OS.
3) Step by Step configure of Server OS.
4) Difference between Workgroup & Domain.
5) Create Local & Domain User.
6) Join Client Machine to Domain.
7) Concept and configuration of WDS Server.
8) Concept and configuration of Web Server.
9) Concept and configuration of Terminal Server.
10)
Concept and configuration of Terminal Licensing.
NETWORK INFRASTRUCTURE
Network Infrastructure:
A network infrastructure is an interconnected group of computer systems. Network structure include this type
of devices like computers, Routers, cables, wireless access point, switches, backbone network protocol,
Network structure ye define karta hy k network kis structure py design hoga is my lagny wali devices kia hogi
un ki configuration kia hogi or wo sub connect ho k work kessy kary gi.
Details of Network Infrastructure:
Cable type cat5 or cat6

Indoor Wireless or Outdoor wireless
Server design or Server Implementation
Backups Strategy
Network Security
Domain Controllers, Routers, Switches, Firewalls, Servers, Antivirus, backups & Virtualizations.
Server Operating System:

A server operating system, also called a server OS. Server OS specially designs kia gaya hy enterprise or
corporate level k ley. Eak essa specialized OS jo k network my services provide karny k ley design kia gaya hy.
Server OS bhut c services provide karty hy like Active Directory, DHCP Service, Mail Service, web Service,
Database & Print Services and so on. So in short Server OS network may services provide karty hy or client OS
us Services ko use karty hy. Server OS like, window Server 2008 r2, and Window server 2012,
How to Install Server Operating System:

Pre-requisites:
Before working on this lab, you must have
1.
A Computer and Windows Server 2008 Operating System DVD.
INSTALLATION OF WINDOWS OPERATING SYSTEM

1.
Restart the System and go to BIOS.
2.
Set the First Boot Device as DVD ROM.
3.
Save the settings by Pressing F10 and click YES.
4.
Insert Windows Server 2008DVD and Restart the system.
5.
6.
7.
8.
Click Install now.
9.
Leave the Product Key blank, and click Next. (Product key can be entered later.)
10.
Click NO.
11.
Select
the
edition
of
Windows-Windows
Server
2008
Enterprise(Full
Installation)and check the box I have selected the edition of windows that I
purchased.
12.
Check the box I accept the license terms
13.
Select Custom Installation.
14.
Click Drive options.
15.
Select Unallocated Space and click New.
16.
Enter the size for the partition, and click Apply.
17.
Select the Partition and click Next.
18.
Windows Installation will start.
19.
System Restarts.
20.
Completes the Installation, and system will be restarted.
21.
Click OK, (Users password must be changed before logging on the first time.)
22.
Enter the New Password and Confirm the password and Press Enter.
23.
Click OK. (Your password has been changed.)
24.
It Prepares the Desktop.
25.
Finally Administrator has logged in.
WORKGROUP & DOMAIN

Workgroup Environment:
Workgroup eak essa environment hota hy jaha computer appas my peer to peer to connected hoty hy or
waha her computer without any restriction independently work kar raha hota hy.
Server Environment:
Server base environment eak essa environment hota hy jaha sary clients computer eak server k sath
connected hoty hy or sary user accounts us server sy hi managed hoty hy or sary hi client restricted hoty
hy.
In a workgroup:
Sary Computers peers my connected hoty hy or her computer pory network my independent hota hy.
Her Computer ka account khud sy ja k ussi computer per configure karna parta hy or wo account sirf ussi
computer tk limited rehta hy.
Workgroup my ap zada sy zada 20 Computers ko appas my connect kar sakty hu.
Workgroup my mojood sary computers ka network or subnet same hona chyee.
No restriction no policies.
No Security on network.
Workgroup Network mai user ko full rights hoty hy or kessi tarha ki koi bhi restriction nahi hoti.
In a domain:
Domain Environment mai Servers hoty hy jo k pory network my apni services provide kar rhay hoty hy.
Network Administrator us Server ko manage karty hy or pory network ko us server k through control
karty hy security and permission ko network my implement karty hy or network ko secure karty hy.
Domain environment may user account hammy kessi computer per configure nahi karny party hum sary
account eak hi jagga bhet k sirf apny Server per create karty hy or users wo account network may rehty
howy kessi bhi computer per login kar k apna kaam kar sakty hy.
Domain base network mai hundreds or thousands computer ho sakty hy.
Domain base network my network administrator network mai bhut sari policies ko implement karty hy
apny servers py or pher wo sari polices pory network my update hojati hy jis sy network secure or user
restricted hoty hy.
Server base network may user ko rights or permission ki base my access milta hy.
Difference between a domain and a workgroup?

Usually Network may do tarha k environment hoty hy jessy Workgroup or Domain environment. In
donu mai difference ye hy k network mai jitny bhi computers hy wo manage kessy ho rahy hy.
Computer jo hum gher my use karty hy basically wo workgroup hota hy jaha koi rules koi policies nahi
hoti or jo computer hum companies my offices my use karty hy wo domain environment hoty hy jaha
polices hoti hy or sary computer network mai centralized managed ho rahy hoty hy.
Creating Local User Accounts

1.
Login as the Administrator to the Computer.
2.
Click Start >Programs >Administrative Tools >Computer Management.
3.
Expand Computer Management >Expand System Tools >Expand

Local Users and Groups >Right click Users and then click New User.
4.
Enter User Name (User1) and set Password, Confirm Password and click
Create.
5.
Click Close, and then Close Computer Management.
Verification:
1.
2.
Press Ctrl + Alt + Del >Click Switch User or Logoff Administrator.

Login as User (User1) on same computer.
Creating Domain User Accounts

1.
2.
Log in as Administrator to the Domain Controller.
3.
In the console tree, expand your domain MICROSOFT.COM, and then Right Click
Click Start >Programs >Administrative Tools >Active Directory Users and

Computers.
Users Container, select New User.
4.
Specify the First name, and User Logon name and then click Next.
5.
Enter the Password and Confirm Password for the User account, click Next.
6.
Review the configuration settings for the User Account and then click Finish.
Verification:
1.
Login as User (User1@Microsoft.com) in Member Server or Client.
Configuring Client (Windows 7)

1.
2.
Log in as Administrator to Workgroup Computer.
3.
In the System properties dialog box click Change.
Right click Computer Icon and click Properties and click Change settings.
4.
Select the Member of Domain and enter the Domain Name.(Ex:Microsoft.com).
5.
Enter the user name Administrator and his Password, click OK.
6.
Welcome Message appears indicating that the computer was successful in joining the Domain.
7.
Click OK and click Close to close the System Properties dialog box. It will ask for restart, click
Yes.
8.
After restarting the computer, it will become Client.
Verification:
1.
2.
Right click Computer Icon >Properties.

Click Computer Name, domain, and workgroup settings and verify for the Domain Name
MICROSOFT.COM
WDS SERVER
Window Deployment Services:
Window Deployment Services is a Microsoft server technology jo use hoti hy network-based Window OS
installation k ley. Ye eak tarha ki remote installation services hi hy jis sy pory network my eak hi time per sary
computers per window ki installation ki ja sakti hy without any USB or CD/DVD Room. Is k ley hum network
my bs eak WDS Server create karty hy jis my hum window ki image file ko copy karty hy WDS .WIM file ko use
karta hy window installation k time WDS my hammy just window ki do files ko add karwana parta hy un k
folders ny 1) boot.wim 2) source.wim ye files add karny k bad WDS pory network my sary computers per eak
hi time window installation k ready ho jata hy. WDS is intended to be used for remotely deploying Windows
Vista, Windows 7, Windows 8, Windows Server 2008, and Windows Server 2012,
Getting Started Requirements
Active Directory
DHCP
DNS
NTFS partition for storing images
Client computers with PXE boot support or a Windows Server 2008 or later version of the Windows
Reinstallation Environment (Windows PE/WinPE)
Lets begin:
1. Open Server Manager and expand the Roles tree as illustrated below. In the right pane, click on Add
Roles.
2. In the Add Roles Wizard that appears, place a check in the checkbox for Windows Deployment Services and
click Next.
3. The next page of the wizard displays introductory information and notes regarding installing and
configuring Windows Deployment Services. Once you have read through the information, click Next to
continue.
4. The next page of the wizard displays the services that will be installed. Since this is your first Windows
Deployment Server, both the Deployment Server and Transport Server roles must be included (the Deployment
Server requires the Transport Server). Click Next.
5. The wizard displays a summary page requesting your confirmation. Click Install to confirm or < Previous to
go back and make any necessary changes.
6. The Installation Progress page does not display much useful information as Windows installs Windows
Deployment Services. In creating this documentation, I found the progress bar at about 15% for a minute or
two, jumped to where you see it in the graphic below for about a minute or two, and then moved on the
Installation Results page.
7. After the installation completed, the wizard displayed the Installation Results page. In total, the installation
my system took approximately 2-3 minutes. Your results may vary depending on server load and capability.
Click Close to close the wizard.
8. Return to Server Manager you should now see Windows Deployment Services listed under the installed
Roles.
9. As you can see, the Windows Deployment Services role provides a view of service status and events
related Windows Deployment Services, a link to the command line utility, WDSUtil.exe. You can use WDSUtil
to configure WDS, and links to resources and support for using WDS.
10. Click on your Start Menu and navigate to Administrative Tools and then select Windows Deployment
Services from the list. If prompted by User Account Control (UAC), click Continue. The Windows Deployment
Services Administrative Tool should appear similar to the graphic below.
11. Right click the server name and select Configure Server (as indicated in the graphic above). A wizard appears
and begins the process of walking you through the basic WDS configuration. The first page of the wizard is
below. Click Next to begin the Wizard.
12. The second page of the Wizard requests a location to store your images. I strongly recommend you DO
NOT accept the default C:\RemoteInstall path. Depending on your environment,
13. On the Wizard's third page, set the PXE Server Initial Settings to either Respond only to known client
computers or Respond to all (known and unknown) client computers.
14. The next page of the Wizard is a progress screen that show Windows Deployment Services Starting. While
the hardware you are using can impact the time it takes for this to complete, typically, it shouldn't be more
than 60 seconds.
15. The final page of the Wizard provides a checkbox to Add images to the Windows Deployment Server now.
If you have existing .WIM images you would like to load, or a boot image, you can do so by leaving the box
checked and clicking Finish.
16. Once the service is running and configured you should be able to access the Server components and
configure the Windows Deployment Service to deploy your images.
17. Define a boot image. The default Windows Server 7 or Windows 2008 R2 boot image boot.wim can be
used here. You can add the image from the Windows 7 DVD or the Windows Server 2008 DVD, found in
the sources folder on the DVD. (You can also use the one provided on the Vista or 2008 DVD.
18. The next page of the wizard asks for a name for the image and the image description. If you use the Windows
7 x64 boot.wim, the values default to Microsoft Windows Setup (x64) in both text boxes. You can change these
to whatever you prefer. For this example, we are leaving them as is. Click Next to continue.
19. The next page of the wizard

summarizes your previous selections as illustrated below. Click Next to begin adding the selected image.
20. As the wizard runs, you should see the progress bar move. Depending on the size of the boot.wim and
where you are loading it from, it should take anywhere from a few seconds to a few minutes to complete.
21. Upon completion, the wizard should indicate success and the Finish button should be
enabled. Click Finish to close the wizard.
22. Return to Server Manager and the Windows Deployment Services role. You should be able to click on
the Boot Images item under your server and see the image listed in the middle pane.
23. Once
has been
click on
name in
we right
the server
in
red
select Properties.
the boot image

assigned, right
the
Server
this example,
click
on
name circled
below and
28. Click on the DHCP tab. Read this CAREFULLY. If you are using a NON-Microsoft DHCP server, you must
check the second option, Configure DHCP option 60 to PXEClient. If Microsoft DHCP is used AND it is
running from the WDS server, you must check both boxes for Do not listen on port 67 and Configure DHCP
option 60 to PXEClient. Otherwise, leave these settings unchecked.
Web Server:
WEB SERVER
Web Server eak server hy jo mostly use hota hy data centers k andar jaha multiples companies ki web sites un
web servers per store hoti hy hy taky hum un ki sites ko throw internet world wide access kar saky. Web sites
k pages stored hoty hy web server per jo access kiyee jaty hy multiple browser py throw HTTP. Browser
communicate karta hy webserver sy jo un websites k pages ko hammy show krta hy throw internet.
Web server at a time multiples browser or multiple user ko un sites sy connect kar sakta hy. Web server client
ki request per work karta hy or at a time web sites k same or different pages ko multiples users k screen per
view kara sakta hy. in cases my web server k hardware bhut hi important role play karta hy qk jitna strong web
server ka hardware hoga us ki processing or client ki request ka response utna hi fast hoga.
Web servers my do tarha k operating system installed hoty hy.
1) Microsoft Server OS
2) Linux Server OS
Most server todays operate linux server & most website are hosted on linux server because linux server is fast.
Common Software run all web Server
HTTP Server
: Send website pages
FTP Server
: Allow for Uploading files/Pages
Email Server
: Gather and direct send Emails on site domain
HTML
: Hyper Text Markup Language ye web site k pages create karny k default extension hy.
jo web pages ya content HTML py design kiyee jaty hy unhy access karny k ley web browser ka use kia jata hy.
Database Software
: Store information define in fields. Essential to the operation of the website itself. For
Example Ecommerce sites need to keep track of names, address, product information etc.
Internet Information Services (IIS):

IIS jessy internet information server bhi kaha jata hy ye eak web application server hy jo Microsoft ny developed
kia hy or Microsoft OS k sath work karta hy. IIS Server OS or Client OS donu py hi work kar sakty hy its means
k Client OS bhi as a IIS Server ki tarha ACT kar sakty hy or IIS ki service provide kar sakty hy.
IIS 7.0 version sy phly k jitney bhi versions thy un sub problem ye thi un versions my simultaneously 10 user hi
connect ho sakty thy is sy zada nahi un subhi versions my connecting users ki limit thi . But pher Microsoft ny
IIS ko improve kia or Microsoft ki her new window k sath IIS ka eak new version lunch howa hy jis my us ki
thori bhut improvements bhi add hoti hy.
IIS Versions:
IIS 6.0
IIS 7.0
IIS 7.5
IIS 8.0
: Included with window server 2003 and window XP.

: Included with window server 2008 and window Vista.
: Included with window server 2008R2 and window 7.
: Is only available in window server 2012 and window 8.
Step by Step Configuration of Web Server:

Performing the Web Server Role installation requires the administrative credentials of the IIS Web Server
Administrator role. Once logged in with the proper credentials, you're ready to start:
Launch the Add Roles Wizard using one of these methods:
On a new Windows Server 2008 installation click Add Roles from the Initial Configuration Task Window
From the Server Manager click Add Roles from the Roles Summary or Roles Manager
2. The Add Roles Wizard will begin with some recommendations for the installation; click the Next button to
proceed.
3. You may be prompted to add the Windows Process Activation Service feature, in this case click the Add
Required Features button.
4. From the Select Server Roles Wizard step check the box labeled Web Server (IIS) and click Next to
continue.
5. After reviewing the Web Server Installation introduction, click the Next button to begin selecting the role
services to install.
6. The role services selected in the left column are the default for a new Server 2008 installation. In order to
install a web server with the functionality outlined in this exercise, check the boxes for the role services
selected in the right column.
Note: The role services selected in this exercise may differ from your requirements. Feel free to explore the
descriptions of the role services and select or deselect the features you see fit.
7. After checking the box labeled Application Development, you may be prompted to add the .NET
Environment, if it is not already installed. Click the Add Required Features button to continue selecting role
services.
8. Once you've completed selecting the role services to install for your web server, click the Next, button to
proceed.
9. Review the installation selections and confirm them by clicking the Install button. The Add Roles Wizard
will then perform the installation of the selected role services.
10. When the wizard is finished installing the roles, review the installation results and click the Close button
to complete the installation.
Add Roles Wizard Makes Installation a Snap!

To confirm that Internet Information Services is started and able to serve content visit http://localhost/ with
Internet Explorer or another web browser on the server. If your installation was successful, you should be
brought to the web page pictured below:
How to Publish a Website on IIS:

Three Step Published a web site
1) Web Content
2) Place Content in Folder
a. IIS Default Root Content folder path (%systemDrive%\inetpub\wwwroot)
3) Binding & Settings Add a page
Publish a Website on IIS Step by Step:
Right click on Site on IIS Server and click Add web site.
Type your site description Name, IP address & default IIS Root Folder which contain your site and press OK.
Now goto Default documents and add the page of your Site.
Right click on page and click Add.
NOTE:
First you goto the default IIS root Folder which is (%systemDrive%\inetpub\wwwroot) & create notepad file
enter the some text save file and change the extension .HTML so that your web site open or browser. And same
name file you Add in your IIS Server Default Document location type the same name & .HTML format click
add now you can check your site throw IP address. Open browser type your server IP address and your site will
appear in your browser.
DNS Configuration for IIS:

DNS configuration sy hum apni local site ko jo IIS py deployed hy ussy hum us site k name sy browser per
access kar sakty hy is k ley hammy us site k name ki entry apny DNS server per karty hy taky hamary local web
server ki IP resolve ho saky us site k name sy.
Create a DNS Entry for the Web Server:
Click start > administrative tool > DNS >
Forward lookup zone > click on domain name and right click on side panel and click new host (A or AAA) and
is ko fill kary gy oper www or nechy domain ka IP address and click add host.
TERMINAL SERVICES
Terminal Services:
Remote desktop services known ad terminal service in window server environment. Terminal services like eak
server py application installed hoti hy or pher clients us server per rakhi application ko apny computer sy
remote ly k use karty hy. Terminal means eak pipeline jis k throw clients us server per rakhi application ko
worldwide use kar satky hy. Is my server eak centralized location per hota hy or sari processing bhi server py
hoti hy sara data bhi server per hota hy or sary clients us application ko terminal services k throw apny
computer per access karty hy.
Remote desktop bhi same essi tarha work karta hy per remote desktop or terminal services my difference ye hy
k remote desktop ko use karty howy hum eak computer ka hi access ly sakty hy per terminal services my bhut
sary log eak sath us server per login kar sakty hy or us application ko use kar sakty hy.
Role Services in Terminal Server:
Terminal service
: ye role installed karny sy haamary server my terminal server installed hojata
hy.
TS Remote App
: ye eak essa role hy jis k throw hum apny terminal server py application ko
manage and share karty hy taky clients un application ko access kar saky.
TS Licensing
: ye role help karta hy licensing ko manage karny k ley but terminal services 120
days k free licensing k sath aata hy hum ussy phly use kar check kar sakty hy.
TS Session Broker : ye role jab kaam karta hy jab hum load balancing ya fault tolerance provide
karna chty hu. Is ka benefit ye hy k jab hamary do ya do sy zada terminal server run hu tu un my sy
koi eak down hojaye to dosra server us ki services provide karna start hojaye. Or agar session kessi
dosray server k sath banny to wo session wohi sy start ho jaha wo session break howa tha to TS
Session Broker is tarha k cases my help karta hy.
TS Web Access
: is role k throw hum apni application ko web browser k throw bhi access kar
sakty hy.
TS Gateway
: Help karta hy jo log remotely bahar sy access karty hy hamary private network
ko us k sath connect hony my.
Install Terminal Services and Terminal Services Licensing on

the Terminal Server
The first step is to install Terminal Services on the Terminal Services computer.
Perform the following steps to install Terminal Services and Terminal Services Licensing:
1.
On the Terminal Server computer, open the Server Manager. In the Server Manager, click on the Roles node
in the left pane of the console.
2. Click the Add Roles link in the right pane of the console.
Figure 2
3. Click Next on the Before You Begin page.

4. On the Select Server Roles page, put a checkmark in the Terminal Services checkbox. Click Next.
Figure 3
5. Click Next on the Terminal Services page.

6. On the Select Role Services page, put a checkmark in the Terminal Server and TS Licensing checkboxes.
Click Next.
Figure 4
7. Click Next on the Uninstall and Reinstall Application for Compatibility page.
8. On the Specify Authentication Method for Terminal Server page, select the Require Network Level
Authentication. We can select this option in our current scenario because we are using only Vista SP1 clients
to connect to the Terminal Server through the TS Gateway. We would not be able to use this option if we
needed to support Windows XP SP2 clients. However, you should be able to support Network Level
Authentication with Windows XP SP3. However, I have not yet confirmed this, so make sure to check the
release notes on Windows XP SP3 when it is released later this year. Click Next.
Figure 5
9. On the Specify Licensing Mode page, select the Configure later option. We could select an option now, but I
decided that we should select Configure later so that I can show you where in the Terminal Services console
you configure the licensing mode. Click Next.
Figure 6
10. On the Select Use Groups Allowed Access To This Terminal Server page, use the default options. You can add
or remove groups if you want finer tuned access control over the Terminal Server. However, if all of your users
will be going through the Terminal Services Gateway, then you can control who can connect to the Terminal
Server using the TS Gateway policy settings. Leave the default settings as they are and click Next.
Figure 7
11. On the Configure Discovery Scope for TS Licensing page, select the This domain option. We select this option
in this scenario because we only have a single domain. If you have a multi-domain forest, you might consider
selecting the The forest option. Click Next.
Figure 8
12. On the Confirm Installation Selections page, check the warning information indicating that you might have to
reinstall applications that were already installed on this machine if you want them to work properly in a
Terminal Services session environment. Also note that IE Enhanced Security Configuration will be turned off.
Click Install.
Figure 9
13. On the Installation Results page, you will see a warning that you must restart the server to complete the
installation. Click Close.
Figure 10
14. Click Yes in the Add Roles Wizard dialog box that asks if you want to restart the server.
15. Log on as Administrator. The installation will continue for a few minutes as the Installation Progress page
appears after the Server Manager comes up.
16. Click Close on the Installation Results page after you see the Installation succeeded message.
Figure 11
17. You may see a balloon telling you that Terminal Services licensing mode is not configured. You can dismiss
that warning, as we will next configure Terminal Services Licensing and then configure the licensing mode on
the Terminal Server.
Figure 12
Configure limited application on terminal server:

Suppose k kessi user ko hammy sirf eak particular application k hi rights dyny hu jis sy jab bhi wo user terminal
server ko open kary tu wo just ussi application ko use kary jo hum ny ussy assign ki hy ya jis application per wo
kaam karta hu is k elawa wo koi or kaam hamarany terminal server per na kar saky to is k ley hum phly us
application ka path select kary gy jo hammy allow karni hy jessy my abhi example k ley notepad ko use karu ga
so.
C://windows/system32/notepad and copy tha path

Then goto Start > Active directory users & Group > or us user py double click kary gy jis ko hum ny us
application ka access dyna hy.
Then click on environment TAB check the box and paste the path in program file name.
Network Level Authentication:

Terminal Server configure karty waqt hamsy authentication ki type pouchi jati hy jis ka matlab k remote
connection jo client side py hy us ka update version hona lazmi hy taky wo authentication ko support kar saky
but agar hamary environment my XP users bhi hy ko k oldest version use kar rhy hy to waha hammy network
level authentication ko close karna hoga taky wo XP users bhi terminal server k sath connection established
kar saky so is task ko perform karny k ley goto terminal server.
Goto start then administrative tool > Terminal services > Terminal Services configuration
Click RDP-TCP and goto property.
In general tab just uncheck the network level authentication.
Remote desktop:
Remote desktop k throw my multiples computers ka desktop lo remote ly k ussy as a list wise manage kar sakta
hu. Is my hammy un sary computers k connections khud sy first time configure karny party hy un computers
ki IP address dy k.
TS Web Access Application:

TS Web Access k throw hum client side py Web browser k throw un applications ko access kar sakty hy jo
hammy terminal server py allow hy. Client ko just Terminal Server ki IP address apny browser per dalni hoti
hy or us k bad /TS likhna parta hy us k bad user & password then wo un applications ko easily use kar sakty hy
jo terminal server py installed hy.
Essi configure karny k ley hum server [y jaty hy then Administrative tools > Terminal Services > TS Remote
App Manager > Add remote App Program > Next and select the application which you want to share.
Configure Terminal Services Licensing

At the point we are ready to configure Terminal Services Licensing. In this example I will use some dummy
data, which does not meet the actual requirements for licensing Terminal Services client connections, but it
will provide an example of how the process works. Please do not use the same procedure that I show here to
license your Terminal Services clients, because you will not be compliant with actual licensing requirements.
Perform the following steps to activate your Terminal Services Licensing Server:
1.
From the Administrative Tools menu, click the Terminal Services menu and then click on TS Licensing
Manager.
2. In the TS Licensing Manager console, right click the server name in the left pane of the console. Click on
Activate Server.
Figure 13
3. Click Next on the Welcome to the Activate Server Wizard page.

4. On the Connection Method page, select the Automatic Connection (recommended) option. Click Next.
Figure 14
5. On the Company Information page, enter your company information and click Next.
Figure 15
6. Enter optional information if you like on the Company Information page. Click Next.
Figure 16
7. On the Completing the Activate Server Wizard page, make sure that the Start Install Licenses Wizard now
option is checked. Click Next.
Figure 17
8. Click Next on the Welcome to the Install Licenses Wizard page.
9. On the License Program page, click the down arrow on the License program list and pick the license program
that you participate in. In this example I will select Other agreement since this lab is not participating in any
license program. Click Next.
Figure 18
10. On the License Program page, enter your Agreement number. In this example well just enter 1234567. Click
Next.
Figure 19
11. On the Product Version and License Type page, select the Product version, License type and Quantity that fits
the needs of your environment. In this lab setup, we are using Windows Server 2008 Terminal Servers, so we
will select Windows Server 2008. We will use per user CALs in this example network, so we will select Windows
Server 2008 TS Per User CAL. And we will enter 50 in the Quantity text box. Click Next.
Figure 20
12. Click Finish on the Completing the Install Licenses Wizard page.
Install Desktop Experience on the Terminal Server (optional)

When Windows Vista clients connect to a Windows Server 2008 Terminal Server, they can have a Vista-like
desktop experience in the Terminal Services session if you install the Desktop Experience option on the
Terminal Server.
Perform the following steps to install the Desktop Experience Feature to the Terminal Server:
1.
On the Select Features page, put a checkmark in the Desktop Experience checkbox. Click Next.
Figure 21
2. Click Install on the Confirm Installation Selections page.
3. On the Installation Results page, read the warning information that you must restart the computer to finish
the installation process. Click Close.
4. Click Yes in the dialog box asking if you want to restart now.
5. Log on as administrator. Installation will resume and take a few minutes, so be patient.
6. Click Close on the Installation Results page, which shows that the installation was successful.
Configure the Terminal Services Licensing Mode

We will now finish up with configuring the Terminal Server by setting the Terminal Services Licensing Mode.
Perform the following steps to configure the Terminal Services Licensing Mode:
1.
From the Administrative Tools menu, click the Terminal Services entry and then click Terminal Services
Configuration.
2. In the middle pane of the Terminal Services Configuration console, double click Terminal Services Licensing
mode.
Figure 22
3. In the Properties dialog box, select the Per User option for the Specify the Terminal Services licensing
mode option. Select Automatically discover license server for the Specify the license server discovery
mode option. Click OK.
Figure 23
4. Click the Licensing Diagnosis node in the left pane of the console. In the middle pane you will see details for
the licensing configuration for this Terminal Server.
Figure 24
Window Server Active Directory.

ContantU
1) In Active Directory.
a. Concept of Active Directory.
b. New feature in Active Directory.
c. Containers & Objects in Active Directory.
d. Active Directory Schema.
e. Domain Functional level.
f. Active Directory Trust Relationship.
g. Domain Controller & Additional Domain Controller.
h. Different Between DC & ADC.
i. FSMO Roles in Active Directory.
2) Step by Step installation of Domain & Active Directory.
3) Step by Step installation of Additional Domain Controller.
4) Concept & Configuration of Child Domain.
ACTIVE DIRECTORY
Active Directory:
AD hamary groups ka users ka resources or (Share folder) ka services ka 1 data base hy or in sub chezo ko AD
my hum objects k naam sy janty hy. Yani k users services ye sub chezzy object kehlati hy or inhi sub ka
collection ko hum Active Directory kehty hy.
Active Directory Domain Services:

Active directory domain services hammy network my authentication provide karta hy matlab k eak essa
network jis my Microsoft k servers use ho rahy hu tu waha login karty hamari Active Directory my
authentication hoti hy or authentication k bad hum us network my login hoty hy. To client login karty waqt
server machine ko eak request send karta hy pher server machine us request k according active directory my
us user ki authentication yani us user ka naam or password ko match karti hy or pher client ko login karti hy.
Or essi active directory ko server 2008 mai ADDS k naam sy bhi jannta jata hy.
Active Directory benefits:

1) Hierarchal Structure
Humara network Tree mai, forest mai OU mai divided hota hy. Forest hamara sub sy bara container hota hy jis
k andar domain or domain k ander OUs ko hum create karty hy. Or inhi OU mai hum user or Department
bannaty hy or ussi k according different types ki policies bhi apply karty hy.
2)
3)
4)
5)
Multimaster authentication
User kahi sy bhi khud ko network my login kar sakta hy
Signal point of access
Ability to create trust relationship in UNIX type of operating system
New Features in Active Directory:

1) RODC
Essa domain jo k sirf inbond replication ka kaam karta hy matlab k dosray domains mai jo changing hongy
un ko accept kar sakta hy per khud sy koi changing nahi ka sakta.
2) Server Core
Server Core eak lightweight version hy jo k command base hy GUI nahi hyor is ki security bhut storng hy.
3) Restart Active Directory

Server 2008 mai hum AD ki services ko restart kar sakty hy is sy phly hum AD my jab bhi koi changing karty
thy tu ussy apply karny k ley hammy apny domain control ko restart karana parta tha per ab hum sirf AD
ki services ko bhi restart kar sakty hy is sy hammy apna domain down nahi karna parta.
Active Directory Objects:

Jessy k hum y phly bhi discuss kia hy k Active Directory collection hy hamary users ka objects ka resources
ka or services ka to in sub chezzo ko active directory my objects k naam sy kaha jata hy. Ye active directory
hamari centralized database hy in sub chezzo ka. Or ye hamary network mai eak server machine k oper
install hoti hy jessy hum Active Directory Domain Control kehty hy.
Active Directory Components:

1) Container Object
Container object essy object hoty hy jo khud k ander dosry objects ko bhi contain kar sakty hy. Jessy Forest,
Tree, Domain and OUs.
Domain:
Domain eak essa computer hota hy jo k network mai apni services provide karta hy domain mai active
directory install hoti hy jis my users or is authentication ka sara database hota hy.
Tree:
Tree mai network hierarchal way may hota hy or ye eak essa object hy jo khud mai or bhi objects ko contain
kar sakta hy. Tree eak ya eak sy zada domains ka collection hota hy jin k bech may relation or trust hota hy
jessy k parent child relationship. Or tree may hamara eak headquarter or baki sub us ki branches tree ki
shapes mai hoti hy. Essy tarha jo hamar phla domain banta hy wo parent domain kehlata jessy hum forest
Root bhi kehty hy qk waha sy forest ki shorwat hy or us k bad baki k domain child domain kehlaty hy or in
shbhi ka same NAME SPACE my honaa lazmi hy. Same namespace matlab jessy k hamara parent domain
ka naam hy Microsoft.com to baki k child domain k name bhi is sy related hona chyee jessy k
Sales.Microsoft.com or Accounts.Microsoft.com.
Forest:
Active Directory Forest hamary network mai sub sy bara object hota hy jis may bhut sary Trees hoty hy. Or
Trees ka collection hi hamara forest kehlata hy.
Organizational Unit OU:

OU hamary network mai sub sy chota object mana jata hy. Hum apny network ko users ko summarize
karny k OUs banna kar inhy separate kar sakty hy us my different types ki security laga sakty hy. To essy
tarha sub sy phly Forest pher Tree pher Domain or pher Domain mai OU.
2) Leaf Object
Leaf object wo hoty hy jo khud mai koi or object contain nahi kr sakty. Jessy k User, Computer, Printer etc.
Active Directory Schema:

Active Directory Schema hamary active directory may sub chezy object kehlati hy or inhi objects k
attributes ko hum schema kehty hy. Schema basically ye define karta hy k kon kon sy object hamary Active
Directory my create ho sakty hy or jo objects create hongy un k attributes kiaa hongy. Attributes matlab k
user ka first name kia hoga last name kia hoga is tarha ki information attributes khelaty hy. Jessy printer k
attributes allag hongy user k alag alag hongy computer k aalag hongy suppose printer mai us printer my us
printer ki information, user my us ka naam, or Comptuer mai us computer ka name password and anything.
In attributes mai bhi kuch attributes required hoty hy or kuch nahi jessy user ka first name required hy or
last name ap blank bhi rakh sakty hu wo required nahi hy.
Active Directory Schema is a combination of object classes and object attributes.
Domain functional Level/Forest functional Level:

Functional level domain k function ko represent karta hy like Microsoft mai domain k bhut sary versions
hy jessy k windows server 2000, windows server 2003, windows server 2008 and windows server 2008R2 to
jab bhi hum domain control banaty hy to hammy waha us domain ka functional level set karna hota hy
agar hamary environment mai phly sy hi koi domain hy or us ka functional level windows server 2003 ya or
hum jab dosra domain banayee gy tu hammy us ka functional level bhi windows server 2003 hi rakhna pary
ga or aagar hum new server ka functional 2003 na rakhy balky windows server 2008 rakh dy tub hi network
mai exits tu hojaye ga per windows server 2008 k new features us my perform nahi ho paye gy to ye
functional level hammy apny network mai bhut soucn samajh k rakhna hota hy. Wk functional level mai
hum nechy k versions sy oper tu ja sakty hy magar oper k versions sy nechy nahi aasakty ye one time
procedure hota hy.
Inshort agar ye ap 2003 select kar ly gy to apny domain mai windows server 2008 my jo new features hy
improvements hy wo ap use nahi kar saky gy qk ap ny apny domain ko us level per hi configure nahi kia hy.
Active Directory Trust:

Trust eak way hy eak method hy jis my eak domain k user kessi dosray domain k access kar sakty hy. Jessy
mera forest domain hy Microsft.com or child domain hy Sales.Microsft.com to in domain k bech mai trust
hona chaye jis s parent domain k user child domain k resources ko access kar sakty. Kuch trust auto hi
develop ho jaty hy or kuch trust network administrator ki develop karny hoty hy.
Types of Trust:
Parent Child Trust relationship:
Parent domain or child domain k bech Parent child trust relationship hoti hy or ye (Two way transitive
Trust hota hy) matlab k agar server A, server B my trust karta hy to serve B, bhi server A py trust kary ga ye
trust donu taraf k relations ko developed karta hy.
Tree Root Trust relationship:

Tree to Tree Trust Tree Root Trust relationship kehlata hy or ye bhi (Two way transitive Trust hota hy).
Shortcut Trust:
Jessy k hamary different trees k bech mai relationship hota hy to un k child domain agar communicate
karna chayee tu unhy pory Forest ko domain sy ho k query agye forward karni parti hy jis mai delay time
zada aata hy to is tarha jim child domain k bech my query time zada aye waha hum Shortcut trust un k
bech mai banna sakty hy is sy un ki query pory forest may nahi ghomy gi sir ussy domain direct forward
hojaye gi jaha ye shortcut trust network administrator ny create kia hoga. Or ye (Two way nahi hota- one
way transitive hota hy) matlab k agar server A server B py trust karta hy to ye lazmi nahi hy k server B bhi
server A per trust kary.
External Trust:
Essy domain jinhy Microsoft ny ab apni services dyna band kar do hy jessy k Windows NT, yaw o window
2000 bhi ho sakta hy essy domains k bech my jo trust banta hy ussy hum External Trsu kehty hy. Or ye
(Two way nahi hota- one way transitive hota hy)
Cross over Trust:

Wessy to hamary External Trust or Cross over Trusr milty julty hy but in mai difference ye hy k (Two way
transitive Trust hota hy) Transitive matlab agar server A or Server B k bech agar trust hy tu tu server B k
sary users bhi server A k user py trust kary gy.
Realam Trust:
Ye trust hamy help karta hy UNIX or LINUX type k operating system k bech trsut relationship developed
karny may. Or ye (Two way nahi hota- one way transitive hota hy)
Active Directory Naming Contact:

Active Directory Naming Contact ya Active Directory partitions Active Directory ko multiple portions may
divide karty hy. AD ki efficiency ko increase karny k ley is AD ko ya NTDS.dit file ko kuch parts my divide
kar diya jata hy or in my sy kcuh partitions ki copies sabhi domain may hoti hy. Means jo domain NTDS.dit
file ko rakhty hy jis mai hamari AD stored hoti hy wo km sy km teen partitions my divide hoti hy.
1) Schema Partitions or Schema NC:
2) Configurations partitions or Configurations NC:
3) Domain Partitions or Domain NC:
Or Server 2003 my Microsoft ny AD my eak or partitions Add kia hy jis my Application ka data rakha jata
hy.
1) Schema Partitions or Schema NC:

Schema basically ye define karta hy k kon kon sy object hamary Active Directory my create ho sakty hy or
jo objects create hongy un k attributes kiaa hongy In sub chezu ko define karta hy hamara Shema. AD my
ye information rakhi jati hy or hamary forest mai her eak domain k pass ye partition ki information replicate
karti hy matlab subhi k pass ye information flow karti hy taky hum eak hi tarha k object or un k attributes
ko sakty hy.
2) Configurations partitions or Configurations NC:

Jo k hamari physical topology ki information ki apny pass rakhta hy or essi tar aka dosra configuration data
bhi apny pass rakhta hy or ye partition ki information bhi hamary forest k sabhi domain control k pass flow
hoti hy to kon sa domain kaha hy or kia Role perform kar rha hy in sub ki information configuration
partitions mai hoti hy.
3) Domain Partitions or Domain NC:

Ya partition domain sy related information ko apny pass store karta hy matlab k domain mai kon sy users
hy computers hy ya or dosry resources ya job hi objects hy us ki information apny pass rakhta hy. Or ye
partition ki information sirf eak domain tak hi hoti hy.
4) Application partitions or Application NC:

Ye partitions hamary network mai administrator ko find control provide karty hy yani k wo is partition k
throw apny network ki tuning kar sakty hy. Or administrator ye define kar sakty hy k applications sy related
jo information hy wo hamry domain controller my kaha kaha flow kary gi.
Domain Controller:
Domain Controller network ko centralized manage karny k ley create kia jata hy jis computer mai window
server os Active Directory install ho us computer ko hum Domain Controller kehty h or us computer sy hi
hamara network or users ka sara database manage ho raha hota hy.
Additional/Backup Domain Controller:

Jessy k Domain Controller my hamary sary users or objects ka database hota hy to agar in case kabhi hamara
domain controller down ho jata hy tu ye single point of failure hoga or pora network down ho jayee ga qk
wo centrally eak hi domain my exits tha to essi ley hum eak backup domain controller apny network mai
create karta hy jo k hamy fault tolerance provide karta hy so incase agar hamar DC down bhi ho jata hy tu
automatic hi pora network Backup DC py move ho jata hy
FSMO Roles:
Flexible Single Master Operations (FSMO) ya essy kuch documents my operational Master bhi kaha jata
hy. FSMO roles ko five categories may divide kiya gaya hy.
1) Schema Master
2) Domain Naming Master
Ye do (2) Role Forest wide hoty hy.
3) Relative Identifier (RID Master)
4) Primary Domain Controller PDC Emulator
5) Infrastructure Master
Ye Teen (3) Role Domain wise hoty hy.
FSMO Role mai do category hoti hy (1) Forest wide Role (2) Domain wide Role. By default ye pancho Role
hamary first domain controller my create hoty hy jab bhi hum apny network mai first domain controller
banaty hy to us py ye pancho Role AD k sath installed hoty hy or agar us k bad hum koi or domain create
karty hy apny network mai jessy Additional Domain Controller (ADC) ya child domain create hota hy to bs
baki k 3 Role jo domain wise hy wo us domain my shift ho jaty hy.
Difference between DC & ADC:

Agar hamy apny network mai ye dekhna ho k Domain Controller (DC) ya Additional Domain Controller
(ADC) kon sa domain hy to in k bech mai fark bhi sirf ye Role hi bataty hy jessy k Domain Controller (DC)
k pory panch (5) Role hoty hy or ADC mai ya child domain my sirf Teen (3) jo k domain wise hy to is tarha
hum apny domains ko bhi recognize karty hy.
Details about Roles:

Forest Wise Role;
1) Schema Master Role:

Schema hamara collection hota hy Classes ka or Attributes ka jo k define karta hy k hamari Active Directory
(AD) mai kia kia object create ho sakty hy or un k kia kia attributes hongy. Or jis server mai schema master
rule hota hy wo responsible hota hy hamary pory network mai schema ki update k ley.
Schema
Attributes
:
:
Username, Password, File Name.

User First Name, Last Name & Extensions.
2) Domain Naming Master:

Is Rule ka link hamary domain sy hota hy Domain Naming Master Responsible hota hy k domain k name
contact kia hy us ki configuration kia hy or domain mai hoi changes k ley yani k jab bhi mai apny environment
mai koi new domain controller create karu ga to us ka name kia hoga us ka functional level kia hoga domain
k name ko verify karna k is name ka domain phly sy tu network mai exits nahi hy or jo name domain ka rakha
hy wo valid hy ya nahi so domain naming master rule in sub chezo ki verification karta hy or yehi rule in sub
chezu ko responsible hy.
Domain Wise Role;

3) Relative Identifier (RID Master):
RID master rule hamary network mai identity k ley use hota hy her eak user or group ki eak identity hoti hy
network mai jessy SID (Security Identifier) kaha jata hy. Her eak single object ki SID hoti hy jo k do chezu sy
mi kar banti hy. First (1) Domain ki SID or Second (2) Relative Identifier.
Yani k eak object ki jo SID hoti hy wo combination hoti hy hamary domain ki SID or us particular object ki
unique SID ye do chezy mil kar network mai identification provide karty hy.
4) PDC Emulator:
Primary Domain Controller per jab bhi password change kia jata hy to wo sub sy phly PDC Emulator k pass jata
hy is ki changes hammy foren hi pata laga jati hy qk jab kabhi hum domain mai login karty hy or authentication
fail ho jati hy tu sub sy phly concern kia jata hy PDC Emulator server ko jo password ko manage karta hy or
authentication provide karta hy.
Suppose k hamary environment mai bhut sary domain controller hy or sub appas my replication method ko
follow karty hy to agar essy may kessi user nai apny computer ka password change kia to ye changing us waqt
tk sirf kessi eak hi domain controller per hi hoi hogi jis domain mai wo user exits karta hy or is changes ko
hamary pory Active Directory environment mai replicate hony mai kuch time lagye to us time agar hum waha
sy logout ho k kahi or login hongy tu ye jo changes hy aagar pory environment my replicate nahi hoi hogi kessi
bhi wajja sy to authentication failure ka Error dyny sy phly hamary environment k sary domain sub sy phly
concern karty us domain controller sy jis py PDC Emulator hold hota hy pher waha sy baki k domains us user
ki query k according us ke ki hoi changes ko update karty hy or pher us user ko login karty hy. Or PDC Emulator
Rule hamary network mai bhut hi Important Task perform karta hy.
Us k elawa ye eak task or perform karta hy k network mai jitney bhi domain controller hy wo sub apny time
ko set karny k ley PDC Emulator waly domain controller sy concern karty hy or us Domain controller k time
ko synchronize karty hy taky network py sary domains per eak jessa hi time rahy.
In short:
User jab bhi apna password change karta hy ya domain my login hota hy to sary doman PDC Emulator waly
domain controller sy concern karty hy or ye inform karty hy k kahi is user ka password tu change nahi howa ya
koi or changes tu nahi hoi agar hoi hoti hy to wo us changes ko apny domain mai update karty hy or us k bad
user ko login karty hy. Is k elawa PDC Emulator hamry network mai sary domains per same time rakhny ka bhi
responsible hota hy.
5) Infrastructure Master:
Suppose k hum ny eak group banaya hyor us group mai hum ny aalag aalag domain k users ko ya groups ko
rakha hy or kessi tesray yani kessi or domain mai rakhy resource ko access karna chaty hy to in sub chezu ki
referencing jo karta hy in chezu ko jo manage karta hy wo hy hamara infrastructure master. Jab hamary users
ya group kessi eak domain sy kessi dosray domain mai move karty hy tab ye rule us ki referencing karta hy us
k SID number sy. Agar hamara wo domain down hojaye jis py ye rule installed hy tu hamary eak domain k users
kessi dosray domain k resources ko access nahi kar saky gy.
In Short:
Group sy user or User sy Group ki jo mapping ka kaam hy wo kaam infrastructure master perform karta hy in
multiple domain environment.
Note:
Infrastructure master rule essy domain py installed nahi hona chayee jis py Global Catalog installed hu.
INSTALLATION OF DOMAIN & ACTIVE DIRECTORY:

1.
2.
3.
Click Next after making your selections.
Figure 1
So much for introductions! The installer gives you the option to Install now. Lets do it.
Figure 2
The .iso file actually has all the versions of Windows Server 2008 R2 on it and we can choose the option we want
to install here. Note that you can even install the Server Core versions from here. I would rather pull a bobcats tail
while in a phone booth with that cat, so we would not be doing a core installation. Let us choose the Windows
Server 2008 R2 Enterprise (Full Installation) option and click Next.
Figure 3
Put a checkmark in the I accept the license terms checkbox on the license terms page and click Next.
Figure 4
Which type of installation do you want? Honestly, I want one that works and does what I tell it to do, but that is
not a choice here. This is a clean install, so the upgrade option does not make sense. Click the Custom
(advanced) option. Notice that there is no Next option on this page, just to throw you off a little bit.
Figure 5
Here you decide where you want to install the system files (which used to be called boot files in the past, but the
new crew of Microsoft engineers did not take the Windows NT 4 MCSE training, so they do not know that with
Windows NT based system and above, you boot the system files and you system the boot files). I created a 24 GB
dynamic virtual disk file for the OS which will be more than enough room. Remember, with dynamic disk files
they only use the space they need they do not fully allocate all the space until it is needed.
Click Next.
Figure 6
Yay! Installation is starting and it is going to take a very long time. Give it an hour or two and come back and see
what happened on your own installation.
Figure 7
During first log on the installer will ask you to create a password. Click OK when you see the display as it appears
below.
Figure 8
Enter a password and confirm the password and do not click OK (because there is no OK to click). Instead, click
that arrow thing that does not have a name, which sits to the right of the confirm password text box.
Figure 9
Very good! The password has been changed. Click OK.
Figure 10
You might remember the Initial Configuration Tasks windows if you used Windows Server 2008. If you have not
used Windows Server 2008 and are moving up from Windows Server 2003, the Initial Configuration Tasks window
provides you access to many of the things you need to do once the operating system software is installed. After
looking at some of the options in this window, you might notice that many of the options that you configured
during installation for earlier versions of Windows are now configured here. The goal
was to make for fewer inputs during installation and leaving them for the end. Very nice!
Figure 11
From the Initial Configuration Tasks window, I will set the following:
Set time zone
Configure networking
Provide computer name and domain
I will take care of the other stuff once I get this machine an IP address on the network. I will rename this
computerFFWIN2008R2DC, since this is going to be a domain controller in my FFLAB domain. FF is short for
Forefront as well be doing a lot of Forefront testing on this lab network. The IP addressing information is:
IP address 10.0.0.2
Default Gateway 10.0.0.1
DNS 10.0.0.2
WINS 10.0.0.2
Sure, we probably will not need WINS much, but you never know, and it is not like it is going to suck up a lot of
memory or processor cycles in the lab environment. The default gateway will be a TMG 2010 firewall which we
will install in a later article.
Now go to the Start menu and type dcpromo in the search box. You will find it in the list as shown in the figure
below. Click dcpromo.
Figure 18
This starts the Welcome to the Active Directory Domain Service Installation Wizard. We do not need advanced
options in this scenario, so just click Next.
Figure 19
On the Operating System Compatibility page, you are warned that your NT and non-Microsoft SMB clients are
going to have problems with some cryptographic algorithms used by Windows Server 2008 R2. We dont have
this problem on our lab network so just click Next.
Figure 20
On the Choose a Deployment Configuration page, select the Create a new domain in a new forest option. We do
this because, of all reasons, this is a new domain in a new forest :)
Figure 21
On the Name the Forest Root Domain page, enter the name of the domain in the FQDN of the forest root
domaintext box. In this example we are going to name the domain fflab.net. That is short for Forefront Lab. You
can name it whatever you like, but if you use a name that is already in use on the Internet (that is to say, a name
that has already been registered, then be aware of potential split naming issues). Click Next.
Figure 22
On the Set Forest Functional Level page, select the Windows Server 2008 R2 option (not the Windows Server 2003
option you see in the figure below). We want to select the Windows Server 2008 R2 option so that we can take
advantage of all the cool new features included in Windows Server 2008 R2. Click Next.
Figure 23
On the Additional Domain Controller Options page, we have only a single choice: DNS server. The Global catalog
option is checked and not an option because this is the only DC so far in this domain, so it has to be a Global
Catalog server. The Read-only domain controller (RODC) option is deselected because you have to have another
non-RODC on the network to enable this option. Select the DNS server option and click Next.
Figure 24
A dialog box will appear that says that a delegation for this DNS server cannot be created because the authoritative
parent zone cannot be found or it does not run Windows DNS server. The reason for this is that this is the first DC
on the network. Dont worry about this and click Yes to continue.
Figure 25
Leave the Database, Log Files and SYSVOL folder in their default locations and click Next.
Figure 26
On the Directory Service Restore Mode
the Password andConfirm password text boxes.
Administrator
Figure 27
Confirm the information on the Summary page and click Next.
Password,
enter
strong
password
in
Figure 28
Active Directory will install. The first DC installs pretty quickly. Put a checkmark in the Reboot on
completion checkbox so that the machine automatically reboots when DC installation is complete.
Figure 29
The machine will automatically restart since we selected that option. The installation will be complete when you
log on. If I recall correctly, with Windows Server 2008, there was some configuration that took place after you
logged on, but that is not happening with Windows Server 2008 R2.
The DNS service was installed during Active Directory installation, so we do not need to worry about that. There
are several other services we want to install on this domain controller. These include:
DHCP
WINS
Enterprise Certificate Services
Unfortunately, only DHCP and Certificate Services are considered roles. The WINS service is considered a
feature. I suppose they had a reason for this, but I was not at that meeting and did not get the memo.
Creating Additional Domain Controller for an Existing Domain in

Windows Server 2008
In the previous article, we have set up our first Windows Server 2008 Domain Controller in a New Windows
Server 2008 R2. In this article, we will install Additional Domain Controller in an existing Windows Server 2008
R2 domain.
1.
You must have administrative credentials on the existing Active Directory domain to add an additional
domain controller. You can configure the server as a member of a workgroup or as a member server
within the existing domain. Here, I configure as a member server within the existing domain
2. Click Start and then click Run. In the Run dialog box type dcpromo and then click OK.
3. The dcpromo command will automatically install the relevant files on the computer prior to beginning the
domain controller promotion process. This dialog box will start checking if Active Directory Domain Services
binaries are installed, then will start installing them.
4. On the Welcome To The Active Directory Domain Services Installation Wizard page, click Next.
5.
On the Operating System Compatibility page, click Next
6. On the Choose a Deployment Configuration page, select Existing Forest and then select Add A Domain
Controller To An Existing Domain, and then click Next.
7. On the Network Credentials page, click Next
8. On the Select a Domain page, Select a domain for this additional domain controller page, and then click Next
9. On the Select A Site page, select the site in which you want to locate the domain controller and then click
Next
10. On the Additional Domain Controller Options page, select additional installation options for the domain
controller and then click Next
11. On the Active Directory Domain Services Installation Wizard page, you can ignore this warning and click Yes
to continue.
12. On the Location for Database, Log Files, and SYSVOL page, accept the default settings and then click Next
13. On the Directory Services Restore Mode Administrator Password page, type and confirm the password, which
can be different from the domain Administrator account password.
14. On the Summary page, review the selections and then click Next to begin the installation.
15. On the Completing the Active Directory Domain Services Installation Wizard page, click Finish
16. You are then prompted to restart the computer, click Restart Now to reboot.
17. After Restart the server verify an Additional Domain Controller Installation:
Open Active Directory Users and Computers
Open DNS Manager
Open Active Directory Sites and Services
Summary:
For load balancing and fault tolerance purposes, its often a good idea to install Active Directory on more than
one sever in a Windows Server 2008. When you install Active Directory on an additional server in a Windows
Server 2008 domain, you create an additional domain controller for that domain.
CHLID DOMAIN:
Concept of child
Jab hammy apny network ko hierarchy way my desing karna hota hy tu waha hum child domain ko create karty
hy kahi jaga per child domain ko sub domain bhi kaha jata hy bur Microsoft recommend karta hy is term ko k ap
essy child domain hi kahye.
Domain environment my child domain use ho sakta hy jaha per different braches hu ya different departments hu
jaha domain us particular depart ko dedicate kar diya jayee but wo hamary parent domain ka hi part hu jessy
networks.com ye eak parent domain hy so agar hamy is ka child domain create ho tu us ka naam kuch tarha hoga
like sales.networks.com ya mail.networks.com same ussi tarha jessy Google apny child domain ko use karta hy like
google.com or mailing k ley mail.google.com ye network ki situation per k waha child domain kaha or kis purpose
k implement karna hy.
Benefit of child domain:

Child domain help karta hy security provide karny my.
network my use hony waly resources k boundary create karny my.
different types k different policies implement karny k ley
set of users or department per different permissions implement karny k ley
child domain per job hi policies implement hoti hy wo hamary parent domain koi effect nahi karti qk bhaly child
domain hamary parent ka part ho but hota eak different domain hy.
Installation of Chlid Domain Controller:

Before we start on setup, the server need to be prepare by installing windows server 2008 r2, DNS server role,
Active directory domain services role. I have described how these roles can be added in previous section. Also
server ip addresses should be changed in to static and change it to the same network segment where primary
domain controller runs.
Once all above are done start the dcpromo wizard by Start > Run > dcpromo. Then click on next to
continue.
Then it will give message about the OS and compatibility. Click on next to continue.
The next step is important. In here it will give opportunity to select what kind of setup we need with AD. So
as per requirement we will need to use existing forest but create new domain controller in existing forest.
After selecting those options click next to continue.
In next window we can input the details about the existing forest. As per setup its sprint.local and specify
the credentials to log in to it.
In next wizard it asks for the sub domain name. here the parent domain will be sprint.local and subdomain
will be sales.sprint.local then press next to continue.
In next window it will ask to select the site. As I explain here I will not be go for different sites setup. I will be
using one site setup. Select the default and click on next to continue.
In next window we need to select to make it as global catalog server and dns server. It will give
opportunity to each department to handle the login requests as well as dns queries.
In next window it will show the paths for logs.
Next window is to define recovery password, once create a password click on next to continue.
In next window it will give the summery. Click next to continue.
In next window it will start the installation.
After reboot you can login to domain using
User Name : sales.sprint.local\administrator

Password : xxxxxxx
Under Active Directory Users and Computers it will show the subdomain dc attributes
In Primary domain controller under Active Directory Sites and Services we can see the newly added Test2
DC.
Window Server Network Infrastucture.

ContantU
1) Concept of IP Addressing and services
2) Concept and configuration of Domain Naming Server DNS
3) Concept and configuration of File Server
4) Concept and configuration of DFS Server
5) Concept and configuration of FSRM Server
6) Concept and configuration of DHCP Server
7) Concept and configuration of DHCP Relay Agent
IP ADDRESSING
IPv4 Addressing:
IP address means k Ager hum apny kessi computers ko Network k sath connect karna chty hy or chty hy k wo
computers appas my data bhi share kary eak dosry k sath to waha hammy hamary computers ki identity chyee
hogi us ki source location or destination location ka computer ko pata hona chyee taky then wo destination
computer sy communicate kar saky. Example Jessy k hummary mobiles phones agar hummay kessi sy bat karni
hoti hy to hammy us person ka number chayee hota hy jis sy hammy bat karni hu Right. To same essi tarha hamary
computer ko bhi numbers chaye hoty hy taky computers appas my communicate kar saky so yaha hum computers
k number k ley IP address ka use karty hy jo un computers k ley un ka number ka kam karti hy or computers ko
network sy connect kar k data shearing or communication provide karti hy.
There are Two Types of IP address:

1)
IP Version 4
2)
IP Version 6
Define Both IPs:

IPv6 implement hogya tha 1999 my but humary pass IPv4 ki range abhi bakki thi jabhi hum IPv4 ko hi ab tak use
kar rahy thy. Per ab ahista ahista IPv6 implement ho raha hy or kafi jagahu py ho bhi chukka hy. IPv4 hamara 32
bit ka address hota hy jis my 4octet hoty hy or her 1 octet 8 bit ka hota hy so 8 multiply by 4 its equals to 32 is tarha
hamra IPv4 32bit ka 1 complete address banta hy IPv4 my 3 tarha sy communication hoti hy 1PstP is Unicast (One
to one communication) 2PndP Multicast (One to Many communication) &3rd is Broadcast (One to all
communication) or IPv6 128 bit ka 1 large address hota hy. Is my bhi 3 tarha sy communication hoti hy 1PstP is
Unicast (One to one communication) 2PndP Multicast (One to Many communication) & 3rd is Anycast (One to
Closet) Anycast IPv6 1 new addition hy.
Range of IP address:
IP Address
Network portion
Host portion
Class A
1 to 126
N.H.H.H/24 224= 16,277,216
1 Network 3 host portion.
Class B
128 to 191 255.255.0.0/16
N.N.H.H/16 216 = 64,536
2 Network 2 host portion.
Class C
192 to 223 255.255.255.0/24
N.N.N.H/8 28
3 Network 1host portion.
Class D
224 to 239
Reserve for Research/Development
Class E
240 to 255
Reserve for Research/Development
255.0.0.0/8
= 256
Discussion about IPv4:

Ager hum IPv4 ki bat kary to IPv4 my 4 Octet hoty hy essi ley hum ussy 32 bit address khty hy or is ka Minimum
number hota hy 0 or Maximum number hota hy 255 IPv4 1989 mai implement hoi thi or tab ussy 5 classes my
define kiyaa gaya tha jis sy hum IPs ko apny network k according use kar saky. Class A, Class B & Class C ye wo
Classes hy jo hum apny network my use karty hy or Class D or Class E Research ya military Network k ley use ki
jati hy. So agar my yaha bat karu k is ka largest number 255 q hy so dekhy IPv4 my 4 octet hoty hy or her 1 octet 8
bit ka hota hy to agar hum Class A ki IP ko Use kary or is k sary octet k bits ko open kar dy to IP hammy kuch is
tarha dekhy gi 11111111.00000000.00000000.00000000 jis my network ka portion 1 hoga or host k portion 0 hongy to
ab agar my 1 ki powers nikalo in numbers ko calculate karny k ley like kuch is tarha sy
2P7P.2P6P.2P5P.2P4P.2P3P.2P2P.2P1P.2P0P to in ki powers calculate karny k bad final result kuch Is tarha aaye ga
128.64.32.16.8.4.2.1 so ab agar my in sub ko plus karo to mery pass in ki total value 255 aye gi jabhi ye IPv4 ka
Maximum Number hy is k bad koi bhi IP use nahi karty or essi ley jo network portion hota hy ussy hum 255 sy
represent karty hy or hamara subnet mask bhi essy sy represent hota hy.
Subnet Mask:
Subnet Mask represent hota hy hamary networks k ley k hum kon sy Network ki IP ko Use kar rahy hy agar Class
A ki IP hy us my sirf 1 Network Portion hy to uska Subnet Mask hota hy 255.0.0.0 or Class B my 2 Network Portion
hoty hy to us ka Subnet Mask hota hy 255.255.0.0 or Class C my 3 Network portion hoty hy to Class C ka Subnet
Mask hota hy 255.255.255.0 to subnet hammary Network ko represent karta hy k hum kon sy network ko use kar
rahy hy. Or essi tarha ye Router ko bhi help karta hy Broadcasting rokny k ley jessy hi kessi 1 network ki Broadcast
Router k pass jati hy to Router sub sy phly us IP ka Subnet Mask check karta hy agar wo Subnet Mask us k dosray
interface sy connect Network sy match hota hy to Router ussy agye Forward kar dyta hy Or agar Subnet Mask same
nahi hota to wo Broadcasting ko wahi rok dyta hy. Qk us ka Subnet Mask kessi or network ka hota hy.
Essi ley Class A ki jo IPs hoti hy us my Network portion 1 hota hy or baki k portion Host portions hoty hy jo k
computers k ley use hoty hy to network portion 1 matlab 8 bit full hy essi ley hum Class A ki Ip ko /8 ka Subnet
Mask bhi khty hy or Class B ki IP my 2 Portion full to hum ussy /16 ka Subnet Mask khty hy or or Class C k Subnet
Mask ko hum /24 ka network khty hy qk us my 3 Network portion use hoty hy so 8 multiply by 3 its equals to 24.
WildCast Mask:
Wildcast mask opposite hota hy subnet mask ky jaisy k hum subnet mask my 1 bit ko count karty hy or 0 bit ko
ignore karty hy essi tarha hum wildcast mask my 0 bit ko count karty hy or 1 bit ko ignore karty hy. Wildcast mask
my 0 bits check hoty hy or 1 bit ignores hoty hy.
Class A ka Subnet Mask 255.0.0.0 hota hy so is Wildcast Mask mai 255 1 portion hy matlab ye 1 hy jo subnet mask
my count hota hy to wild cast k ley my 255 ki jaga 1 sy ussy 0 kar dy ga or bakki ki 0 bits ko 1 kar dy ga qk wildcast
mask opposite hota hy subnet mask k. So Class A ka Wildcast Mask banny ga 0.255.255.255 opposite of subnet.
Class B Subnet Mask 255.255.0.0 Wildcast Mask 0.0.255.255
But kabhi kabhi hummay is tarha ka bhi subnet dekhny ko milta hy like 255.192.0.0 to is condition my hum is mask
ka wiladcast mask nikalny k ley is mask ko minus karaty hy Globally subnet mask sy jo hy 255.255.255.255 so
255.192.0.0 minus 255.255.255.255 so wildcast mask aye ga 0.0.63.255 essi tarha 1 or example like mask hy
255.255.128.0 so again minus this mask into globally mask like 255.255.255.255 minus 255.255.128.0 so wildcast mask
is 0.0.127.255 as simple.
Subnet CIDR:
Hum jo subnet mask is tarha leakhty hy like /8 ya /16 to is tarha k mask ko CIDR matlab (Classless Inter Domain
Routing) khty hy.
Why Made Classes IANA:

IANA ny IPs ko Classes my divide kiya qk jitni hamary Network ki requirement hy hum ussy hisab sy ussi Class ki
IP ko use kar saky. suppose aagar mera Small Network hy to waha my Class C ki IP ko Use karlo ga Agar Medium
Network hy to waha my Class B ki IP ko use kar loga or agar Large Network hy to waha my Class A ki IP ko use
karu ga. Wo kessy? dekhy Class A ki my Network portion hoty hy 1 so us ka network portion howa hy /8 baki k jo
3 portion bachy us ka host portion howa /24 ye howa Class A ka Host portion so agar ap 2 ki power logy 24 so result
aaye ga (16,277,216) to hum Class A ki IP ko use karty howy itny computers ko IP assign kar sakty hy After
subnetting to essi ley Class A use hoti hy Large network k ley. Or Class B my 2 Network Portion hoty hy /16 so pher
hammy 2 Host portion milty hy /16 so 2 ki power 16 so result aaye ga (65,536) to Class B ki IP ko use karty howy
hum itny Computers ko IPs assign kar sakty hy or Class C my hoty hy 3 Network Portion /24 so host portion k ley
bachty hy just /8 so 2 ki power 8 so result aaye ga (256) to Class C ki IP ko use karty howy ap itny Computers ko
IPs dy skaty hy. Essi ley Class C Small network k ley use kia jata hy qk us my computers ki Range bhut kam milti
hy to IANA ny ye Classes is ley bannai taky hum apny Network k mutabik Ussi Class ki IP ko use kar sakky.
How to define a Class by IANA:

IANA 1 essi international Organization hy jo IP Address ko Assign karti hy or ye organization IPs ko launch bhi
karti hy. So hum ab ye samjhty hy k IANA ny ye Classes kessy baanai. IANA ny in Classes ko divide karty waqt
Class A my sy is k koi bhi Bit use nahi kiyee essi ley Class A Start hoti hy 0 sy ly lekar 255 tak but pher jab IANA ny
Class B ko divide kia to IANA ny Class B k Bits ki 1 power ko use kia left to right so hamary 8 octet my sy last bit ki
power hoi 2 ki power 7 like 2P7 Pso its equals to 128 so is tarha IANA ny Class B ki IP Start ki 128 sy ly kar 191 tak.
Ab sawal ye othta hy k last ki IP kessy pata chali hammy k 191 hi hogi to IANA ny 5 Classes banni or phly un panchu
classes ko divide kia to ager IANA ny class B k ley us ki 1 power ko use kia or Class C nikalny k ley IANA ny ussi bit
ki 2 powers ko use kia like 2P7 P& 2P6 Pso ye hota hy 128+64 = 192 so essi ley Class C ki IP Start hoi 192 sy then
pher essi tarha Class D Start hoi 224 sy qk is my 3 bits ko use kia tha or Class E Start hoi 240 sy qk is my 4 bits ko
use kia tha. So is tarha IANA ny Classes ko Divide kia or new network milta raha to jaha sy wo new network start
ho raha tha us k last digit hamari phly class ka ending digit ban ga like Class A is 0 to 126 or 127 loopback number
hota hy jabhi hum essy IP my use karty nahi or hamara last word tha 128 jo k Class B ki IP my ja k lag gaya Simple.
Public& Private Address:

To ye jo IPs hy ye 2 tarha sy use hoti hy 1st Public IP or 2nd Private IP. Public IPs hammy IANA sy Purchase karni
parti hy jessy aaj jo hum apny ISP sy internet use karny k ley IPs lyty hy wo hammari Public IPs hoti hy jin ki
payment humy pay karni hoti hy Right jessy k Google k Servers hy Facebook k Serves hy in ki IPs Online hy to ye
IANA sy purchased hy or internet per available hy to Public Ip hammy IANA sy purchase karni parti hy hum or
Private IP Free hoti hy jo hum apny local Network k ley use karty hy or in my bhi kuch Range hoti hy.
Private Address Range of Free ips

1)
Class A
10.0.0.1
to
10.254.254.254
(1
Network)
2)
Class B
172.16.0.0
to
172.31.254.254
(15
Network)
3)
Class C
192.168.0.0
to
192.168.254.254
(254
Network)
So IANA na unhi IPs my sy kuch IPs ko Private k ley reserve kar diya or kuch IPs ko Public k ley reserve kar diya.
To Jab tak ap apny local network k indar hi communication kar rahy to tab to ap private Ip ko hi use kar sakty hu
qk wo internally communication k ley use ho rahi hy per jab hum internally communication sy nikal kar Externally
communication matlab out of the office kessi or branch sy ya kessi or Network ya internet ko access karna chahu
gy to waha hammy public IP ki required hogi jo hammy online connectivity provide kary gi.
Loopback Number (127):

Loop back 1 virtual IP address hoti hy jo k ping ki request ka rply karti hy or Loop Back IPs hamesha active rehti
hy kabhi down state my nahi jati. IPv4 my Loop back IP hy 127.0.0.0 ye IP hammy ping command ka response dyti
hy. agar hammy kessi computer ka NIC check karna ho k NIC proper work kar rha hy to hum waha loopback IP k
throw us ki connectivity check kar sakty hy. Hum Loop Back IP khud sy bhi configure kar sakty hy CISCO k Router
per is sy faida ye hoga k Client side k computers per hum Gateway IP Loop back IP configure kar dy to agar
Router ka 1interface Down bhi hojata hy to hammy sary PCs py un ka Gateway Change nahi karna pary ga dosra
interface UP hony k bad wohi Virtual IP yani Loop Back IP as a Gateway ACT Karna Start kardyti hy.
DNS CONCEPT
Domain Naming Services (DNS):
It resolve the Name into actual Computer or Domain IP Address. DNS Name to IP or IP to Name ki resolving
karta hy.
Technical Detail:
Suppose hamary mobile mai bhut sary Contact number hoty hy tu hum unhy easily find karny k ley k ye number
kis ka hy hum us number k sath us person ka Name lekh dyty hy jis ka wo number hota hy tu is sy hammy us ka
pora number yaad karny ki zarorat nahi hy hum just hum us k name ko yaad rakhty hy jo k hamary ley easy hy
back py us ka number kia hy hammy ye yaad nahi rakhna parta to is k back py koi tu essy technology hy jo Name
ko us person k number k sath map kar rahi hy. Tu same essi tarha aaj bhut sari websites available hy tu or hammy
bs us k name pata hoty hy like Google, Yahoo, Twitter or bhi laakho website hy. As we know that internet per eak
protocol run hota hy jessy hum kehty hy TCP/IP to her web site py I mean her domain ko eak IP assign hoti hy jis
sy hum us website ko internet py access kar patty hy so Domain Naming services ya Server eak essi services hy jis
sy hammy us website ya us server ki IP address yaad nahi rakhni parti hum just us website ya domain ka name
yaad rakhty hy or name sy us domain ya website ko call karty hy like www.google.com is k back py kia IP address
work kar rahi hy ye yee hammy janny k zarorat nahi hy. Aagar DNS na hota tu hammy www.google.com ki jagha
us ka ip address like 10.10.10.127 lekhna parta or jitni bhi websites internet per hoti hammy un sub sites ki IP address
ko yaad rakhna parta or un ki IP address sy hi un sites ko access karna parta jinhy my use karna chata hu. To DNS
hamari aasani k ley kehta hy k aap mujhy IP na dy ap mujhy sirf name bata dy IP address my khud resolve karloga
so simple DNS Name to IP address or IP Address to name ki resolution k ley responsible hota hy.
Key Notes:
1)
2)
3)
4)
DNS is a Application Protocol.

Work TCP or UDP both Protocol.
Port number 53 per work karta hy.
No alternate of DNS.
DNS Structure:
DNS ka Structure Hierarchal or Distributed hota hy or ye Root Domain sy work karna start karta hy. Jab bhi hum
koi web site open karty hy to us ki request/query jati jy Root Server ya top level server k pass jo k responsible hy
like .com .pk .org .in is tarha k top level domain apny apny zone k ley responsible hoty hy.
DNS Working:
Jab hum internet per koi site access karty hy to backhand py DNS work karta hy jo k us server ki IP address jaha
hamari sites hosts hoti hy us server ki IP Address ko resolve kar dyta us site k name k sath. Jab hum internet py
type karty hy google.com so us ki query phly root domain ko send hoti hy waha DNS hamary top level domain ko
search karta hy k wo .com hy ya .net then hum ny .com search kia tha tu .com hamari DNS query ka rply karta hy
then again direct ye query send hoti hy .com server k pass k google k domain ki IP address kia hy then .com server
us query ka rply karty howy hamary computer ko us google.com server ka IP Address provide karta hy. then again
eak query send hoti hy .com server k hammy www.google.com server ka IP address provide kary then .com server
apny record my www.google.com server ki entry ko check karta hy or hamary computer ko us query k rply
google.com server ki pori IP Address provide karta hy or google.com is site k name ko wo us server ki IP address k
sath resolve kar dyta hy jis sy hum sites k name sy google.com ko access kar paty hy or process bhut hi fast hota
hy jis sy kuch hi seconds my site k name type karny k bad hamari site web browser per open hojati hy.
DNS Query:
Jab bhi koi computer kessi site ki IP Address janny k ley query send karty hy tu ussy hum DNS query kehty hy.
DNS ki query ko hum 3 types my divide kar sakty hy.
1) Reverse Lookup
jab ap k pass IP Address hu or ye pata lagana hu k wo IP Address kis host ki hy tu waha Reverse Loop Query
use hoti hy. or baki ki do queries name sy IP Address ko resolve karny k ley use hoti hy.
2) Recursive Query
Is Query my DNS Server ny client ko ye batana hota hy k us k pass uski request query ka record hy ya nahi or
agar hy tu us ka IP Address kia hy. or is type ki query my DNS server is query ko kessi or DNS Server per forward
nahi kar sakta. Recursive Query zada tar personal computers ya laptop essi tarha k devices DNS Server ko send
karty hy.
3) Iterative Query
Is Query my DNS Client chata hy k ussy best possible answer provide kiya jaye is os query my DNS Server kessi
dosray DNS Server ko ye query send kar sakty hy or ye process jab tk chalta rehta hy jab tk timeout condition
na aajayee. Is tarha ki query ko Walking the tree bhi kaha jata hy.
DNS Zone:
DNS Server ki database aasani sy manage hu saky essi ley essy kuch partitions my divide kar diya jata hy jinhy hum
DNS Zone kehty hy. eak zone jis my sirf top levels domains ki entry hu dosra zone jis my other domains ki entry
ho is tarha different zones different types k database ko manage karty hy jin ka record aalag aalag hota hy.
Types of DNS Zones

1) Forward Lookup Zones:
Name to IP address resolution k ley use hoty hy.
2) Reverse Lookup Zones:

IP to Name resolution k ley use hoty hy.
Inhy zones ko use karty howy hum different zones ko bhi create kar sakty hy jessy.
1) primary zone
DNS database ki read & write copy hota hy yani essa database jin my new records edit bhi ho sakty hy or remove
bhi ho sakty hy. primary zone eak server per install hota hy jissy primary server kaha jata hy. or is environment bhi
sirf eak hi primary server ho sakta hy.
2) secondary zone
DNS database ki read only copy hoti hy yani essa record jis my hum koi new record edit nahi kar sakty or na hi
kessi entry ko remove kar sakty hy is my hum just DNS k database ki information ko read kar sakty hy. secondary
zone network mai redundancy provide karta hy.
3) active directory integrated zone

ye zone active directory k sath integrate hota hy jis ka link hamari active directory k sath hota hy or ye zone sirf
un computers k oper dekhny ko milty hy jin k oper active directory installed hoti hy. ye zones hamary network my
high availability, redundancy or fault tolerance provide karty hy or is my DNS k data active directory k sath link
hojta hy jis sy wo or bhi zada security provide karta hy.
4) stub zone
stub zone bhi secondary zone ki tarha hota hy. stub zone kessi or DNS Server ki taraf eak pointer hota hy or is
server mai just name servers k record update hoty hy or baki host sy related koi bhi records update nahi hota query
process ko fast banany k ley stub zone ko use kia jata hy
DNS Records:
Jinhy Resource records, Database records, Basic data elements ya saved in zone files my save kia jata hy. DNS ki
information Domain Server per save hoti hy or in domains k oper DNS Zones create kiye jaty hy or in DNS Zones
my DNS records ki information saved hoti hy. or ye information kahi types ki ho sakti hy.
1) SOA Records:
Start of Authority record bhi kaha jata hy ye kessi bhi zone my phla record hota hy jab bhi phla zone create hota
hy tu sub sy phly yehi record create hota hy. jessy k zone kis server per hosted hy, contacts number, serial number
ya pher refresh retry, Expire time & minimum TTL is tarha ki information SOA Record my save hoti hy
2) NS Records:
Jessy name server record bhi kaha jata hy kessi bhi DNS Zone ya DNS Authoritative ki taraf throw karta hy. is ka
use domains ko sub domains my divide karny k ley bhi kiya ja sakta hy.
3) A or AAA Records:
Is record ko host record bhi kaha jata hy yani k ye kessi bhi host k domain name ko IP Address sy link karty hy. A
record ka use IPv4 k ley hota hy or AAAA ka use IPv6 k ley hota hy.
4) CNAME Records:
Canonical name record jessy Alias name record bhi kaha jata hy DNS Server my eak hi record k do name ho sakty
hy jo DNS Server k Nick name ko represent kary is ka use kessi custom site k URL ko configure karny k ley hota
hy. like networks.com or MIE.networks.com eak hi record k du name client networks.com ko type kary k bhi
MIE.networks.com tk pouch sakta hy. hum jitney bhi site internet per use karty hy wo zada tar is tarha k DNS
record ko use karti hy
5) MX Records:
Jo k Mail Exchange record bhi kehlata hy MX Record ka use kessi domain per email send karny k ley kia jata hy.
6) PTR Records:
Jinhy reverse DNS Record bhi kaha jata hy ye A record ya host Record ka reverse hota hy or IP Address to host
name mapping k ley use hota hy yani reverse lookup k ley in records ka use troubleshooting ya kessi server ko
search karny k ley kia jata hy jis sy hum uski IP address sy us server k name ko trace karty hy.
DNS Step by Step Installation

Installation:
Step 1: Install a DNS server from the Control Panel, follow these steps:
Go to Start > Control Panel > Administrative Tools > Server Manager.
Expand and click Roles
Click on Add Roles
Step 2 : The new window will open with the list of roles available to install. Select DNS server and Click Next.
Step 3: Click Next on the introduction windows. In the last window click on install. It will start installation, the
following window shows the progress of installation.
Configuring DNS:
After installing DNS, you have to go Start > All Programs > Administrative Tools > DNS for
managing DNS server.
Whenever configuring your DNS server, you must be know about following concepts:
Forward lookup zone
Reverse lookup zone
Zone types
Step 1: Right Click on the name of the server in the DNS management console, Select on the Configure DNS
server.
Step 2: Click on Create forward and reverse lookup zone, then click next.
Step 3: Click on the Yes,create the forward lookup zone now on the forward lookup zone window.
Step 4: Click on the desired zone that you want to create, in this case Primary Zone.
Step 5: Type the Name of the Zone and click Next.
Step 6: Click Next on the Zone File Name.

Step 7: Select the Allow both nonsecure and Secure dynamic updates and click Next to Continue.
Step 8: Select Yes, I want to create reverse lookup zone now, Click Next to continue.
Step 10: Select Primary Zone in Zone creating Window.
Step 11: Choose whether you want to create IPv4 or IPv6 reverse lookup zone.( in mycase IPv4 Reverse
lookup zone).
Step 12: Type you network ID in the following window.
Step 13: Click Next on the Reverse lookup Zone file name window.
Step 14: Select the Allow both nonsecure and Secure dynamic updates and click Next to Continue.
Step 15: Select No, i should not forward queries, then click Next.
Step 16: Click finish on the final window.
Managing DNS Server:

After the installation and configuration of the forward and reverse lookup zone, now the server is ready to create
the other records associated with the DNS and Zones. There are several records available, here i am listing some
of the important records.
Start of Authority (SOA)
Name Servers
Host (A)
Pointer (PTR)
Canonical Name (CNAME) or Alias
Mail Exchange (MX)
Start of Authority (SOA):

The following properties window shows the information about the SOA record of the Geeksite.in Zone.
Name Servers (NS Record):

Step 1: Right Click on the Zone name and click on properties.
Step 2: Click on the Name server Tab.

Step 3: If require, add the name server by clicking Add button. You require FQDN of the server name and IP
Address.
Host Records (A Record):

It is mainly used for mapping the Host name with IP address, you can able to create Pointer Record at the same
time.
Here is the Steps to create the A record.
Step 1: Right click on the Zone name, Select the New Host (A or AAAA)
Step 2: Type the Name of the New Host and IP Address, then Click Add Host.
Following window shows the both Step 1 and Step 2.
Canonical Name (CNAME) or Alias records

Here is the Steps to create CNAME record.
Step 1: Right Click on the Zone name and click on New Alias (CNAME )
Step 2: Type your Alias Name.
Step 3: Browse for or Type the Fully Qualified Domain Name (FQDN) of the Target Host.
Step 4: Click OK.
Following window shows Step 1-4.
Mail Exchanger (MX Records):

Here are the Steps to create the Mail Exchanger record.
Step 1: Right click on the Zone name. click on the New Mail Exhanger (MX).
Step 2: Type the Host or child domain name.
Step 3: Browse for or Type FQDN of the mail server.
Following Window Shows Step 1-3.
Testing DNS Server:

The DNS server is now up and ready for resolving the domain names. Change DNS name server ip
address in your local area connection, then use the Nslookup utility. Nslookup is the main utility for testing
and trouble shooting the DNS server. It helps to get all the information of the prticular domain.
The following image shows the example of the nslookup command.
File Server:
FILE SERVER
File server network mai Drive shearing k ley use hota hy hum drive per multiple folders ko department wise share
karty hy or pher unhi department k users ko rights dyty hy k wo us folder ko across the network use kar saky or
appas my data share kar saky or apna important data us file server py save kar saky. Clients run per ka file server
ki IP k throw file server ko access kar sakty hy or apny rights k according file server py kam kar sakty hy file server
ko hum data server bhi kehty hy.
Distributed File System (DFS):

Large network mai different file servers bhi hu sakty hy to agar koi essa folder jo kessi dosry server per share hy to
waha hamy us ki alag IP k throw us folder ko access karna hoga to DFS Eak essa server hota hy jo k multiple location
ya multiple servers py distributed hota hy. DFS server mai eak name space create hota hy or network my mojood
jitney bhi file servers py folder share hoty hy wo sub server ya share folder us DFS k name space ka part hoty hy or
shearing k doran us single DFS Server k namespace ko use karty hy. To is sy client side k users ko un different
servers ki IPs ko janna zarori nahi rehta wo sirf us single DFS server k name space ko access karty hy or sary server
ya share folder jo network my different location py hoty hy wo sub us single name space my us DFS server sy DFS
ki single IP k throw access ho jaty hy.
In Short:
DFS same file server ki tarha hi hy but ye different file server ko jin ki different IPs hoti hy unhy appas my connect
kar k eak single IP py show karta hy jis sy clients ko multiple IPs yaad nahi rakhni parti wo just us single DFS server
ki IP ko yad rkhta hy or apny data ko access kar lyta hy.
Disk Quota:
Disk Quota eak essa feature hy jis my hum apny user ko restrict karty hy jo quota wo use kar rahy hy. Users ko jab
hum MAP drive configure hoti hy tu us ka Quota matlab us ki disk space ko limit kia jata hy k 50 GB sy zada data
save na kar saky limited data use kar saky to ussy disk quota kehty hy.
File Server Resource Manager (FSRM):

File Service recourse Manager Server 2003R2 k sath introduce howa tha FSRM sy hum apny network ki better
monitoring or better management kar sakty hy. Is sy hum folders per quota laga sakty hy file streaming kar sakty
hy jessy k audio, video ki koi file koi apny computer my copy na kar saky . or ye hum file server mai eak role ki
tarha install karty hy.
File Services
Close
Install DFS Server:

The first thing we need to do is install File Services so go to Server Manager and add the File Services Role.
On the next screen you are given a set of additional options to install. Choose Distributed File System, DFS
Namespaces and DFS Replication.
On the next page choose a name for your Namespace and then click next.
You will now be asked what type of namespace you want to configure. For the purpose of this tutorial I will
choose a Domain-based namespace.
You now need to specify a user account that is a member of the domain admins group as shown below.
You are now given the option of adding any folders you require into your namespace before it is created.
On the summary page review your options and then click install. Repeat the steps on 2008Test2 but do not
create a namespace when asked to do so.
Adding a server to the DFS Namespace:

A DFS Namespace would be pretty pointless if it was only hosted on one server so we are going to add 2008Test2
as an additional server.
On 2008Test1 go to Server Manager and right click on Roles File services DFS Management Namespaces
<your domain> <your Namespace> and then choose Add Namespace Server.
Click on the browse button. Enter 2008Test2 in the Select Computer dialog box and then click ok.
In the details pane you should now have two servers listed.
Creating a Shared Folder and Publishing it to the DFS Namespace

On 2008Test1 go to Server Manager and expand Roles File services Share and Storage Management and
then right click and go to Provision Share.
We now have to specify a location for the shared folder. Enter C:\Files in the location and click next.
We now need to set the NTFS permissions for the folder. Click on Yes, change NTFS permissionsand then Edit
Permissions. Give Users Modify permissions and then apply.
On the next page you will be asked for a share name for the folder. Call the folder Files.
On the SMB Settings page leave the defaults and click next.
On the SMB permissions page, select Administrators Have Full Control; all other users and groups have only
Read access and Write access.
On the DFS Publishing Page browse to the location of the DFS Namespace you created earlier and type Files in
the Folder name.
On the Summary page review your settings and click create.
You will now have a folder named Files hosted on both 2008Test1 and 2008Test2 and published to a DFS
Namespace for redundancy.
How to install FSRM:

File Server Resource Manager is one of the role services of the File Services role.To install it, open the Server
Manager tool on your file server, right-click the File Server node on the tree and select Add Role Services. The
Add Role Services wizard will start, as shown below:
Check the File Server Resource Manager box and click Next. You will then select the NTFS volumes you want
to monitor:
Click on Options to see additional options for reports:
The screen above shows the standard configuration for a volume, along with the reports that are generated when
that threshold is reached.
Select the reports you want, click OK to close that window, then click Next to continue. This last window
before the confirmation lets you specify the folder where the reports are saved and also the e-mail reporting
details:
Click "Next", review the confirmation and click Install to finish the wizard.
Keep in mind that you can decide not to add any volumes during this install phase and add them later, after
FSRM is already installed.
File Server Resource Manager MMC:

Once the FSRM Role Service is properly configured, you will have an additional item under the Administrative
Tools menu.
Click on Administrative Tools and select File Server Resource Manager to launch the FSRM MMC (Microsoft
Management Console). See the screenshot below, with all the nodes of the tree expanded:
Well now examine the individual features exposed by this MMC.
Quota Management:
Quotas help you restrict and/or monitor how much space a folder can use.
FSRM can implement both hard Quotas (that actually prevent the users from adding more files, as if the disk
were full) and soft Quotas (which only generate events and warnings).
You can see the Quotas in the screen below (Quotas node under Quota Management):
Note that this is soft Quota we created during the FSRM installation.
To add more Quota restrictions, click on the Create Quota action (on the Actions pane on the right):
Quotas are always placed on a folder. You have the choice of basing your Quota on a template or defining a
custom one. FSRM ships with a series of sample Quota templates that you can adapt to your needs.
If you click on Custom Properties, you can provide many details, as shown below:
In addition to specifying the space limit (hard or soft), you can also create different thresholds, with different
actions. The sample above sends e-mail alerts at 85%/95%/100% and logs events at 95%/100%. If you click on the
Add button, you can see the configuration options for each threshold.
You can even choose to execute a command when a threshold is reached, which is shown on the screen below. If
you are skilled with scripting, you can use this ability to perform a number of sophisticated tasks.
Instead of specifying custom Quotas folder by folder, you can use standard FSRM Quota templates or define your
own templates.
The screen below shows the default templates and also shows the Create Quota Template action on the right:
The power of Quota Templates becomes much more obvious when you use the option to Auto apply template
while creating a Quota:
This option requires that you select a template (not a custom Quota). A Quota is created based on that template
for all folders under the specified path.
Every time you add another subfolder to that folder, the template is automatically used to create another Quota
for it. This allows you much simpler configuration for certain folder structures like web sites, project folders, etc.
File Screening Management

File Screening helps you restrict and/or monitor which file extensions can be used on your file server. FSRM can
provide both active screening (block file with certain extensions) or passive screening (monitor file extensions
without blocking).
File extensions can also be combined in File Groups like Image Files and Audio and Video Files:
You can see the existing File Screens in the File Screens node under File Screening Management. None are
defined by default.
To add a File Screen, click on the Create File Screen action (on the Actions pane on the right):
As with Quotas, FSRM supplies some predefined File Screen Templates. You can also opt to define your own File
Screening properties, as shown below:
Once you click on Custom Properties, you will see the window below:
The basic properties include the path to monitor, the type of monitoring (active or passive), the file groups to
block/monitor and the specific actions to take (e-mail, event log, command or report).
You will probably want to use a template to define your File Screening. Below is the list of pre-defined templates
included with FSRM:
You can also create your own File Screening Templates, just like with Quota Templates.
FSRM includes a list of pre-defined File Groups, as shown below:
You can use those, modify them or create your own File Groups.
Storage Reports Management

One important feature of FSRM is the ability to provide many reports associated with File Server Management to
make your life simpler when managing your file server. Those reports include Files by Group, Files by Owner,
Large Files, Most Recently Accessed Files and Duplicate Files, just to mention a few (see screen below).
Reports can be generated manually, on a scheduled or triggered by a Quota or File Screen. They can also be
generated in different formats (see options on the screen below) and are delivered to a folder defined when you
installed the role service.
That folder can also be updated in the FSRM configuration:
Below you see a number of those manually generated reports using the HTML format:
Please check the sample below, in HTML format, showing the Files by Owner report:
Thats It
DHCP SERVER
Concept of DHCP Server:
Overview:
Network mai jitney bhi client computer hoty hy un sub ko network mai communicate krny k ley IP Address
required hoti hy or hammy un sub clients py IP Address configure karni hoti hy to jaha small network hy matlab
10 sy 20 PCs hy waha tu khud hi manually her computer per bhet k us client computer ko IP Assign kar dyty hy
but essa large network jaha 100 to 500 client computer hu tu waha hum khud sy manually IP Address ko assign
nahi kar sakty qk pher hammy her eak eak single computer per bhet k us ki IP address, Gateway or DNS ko
manually configure karna pary ga jo k bhut lengthy or thakka dyna wala kaam hy so essy Microsoft ny eak server
introduce kiaa jessy hum DHCP (Dynamic Host Configuration Protocol) kehty hy is server k throw hum apny pory
network may dynamically IP Address ko assign kar sakty hy binna kahi jaye. DHCP Server network mai auto IP
Configuration k ley use hota hy. DHCP Network Administrator k work load ko km karta hy qk network
Administrator ko khud sy sary computers per IP assign nahi karni parti.
DHCP Server Responsibilities:

DHCP Server IP Reservation or Scope ko Maintain karta hy jo k network address one time DHCP Server per
manually configure karta hy.
DHCP Scope:
Scope network or IP Address ki eak rage ko kehty hy jaha network Administrator DHCP Server ko ye batata hy k
network ko IP Dyna start kaha sy karna hy or End kaha karna hy is my hum apny network ki range ko define karty
hy like 192.168.0.100 sy lykar 192.168.0.200 tk network my IPs ko assing karna hy ye scope hammy clients computer
k according assign karna hota hy jitney hamary network my clients computers hoty hy us sy zadda hi IPs ki range
ko hammy apny DHCP Scope my configure karna hota hy taky agar in future agar hammy apny clients computer
network my barhany per jaye tu hamara DHCP Server unhy bhi IP Assign kar saky.
DHCP Reservation:
Reservation DHCP Server ko ye batata hy k kon c IPs tmhy network my assign nahi karni suppose my ny scope
configure kiya 192.168.0.100 sy ly kar 192.168.0.200 tu yaha my ny 192.168.0.100 sy ly kar 192.168.0.110 tk ki IPs apny
personal Computers ko assign ki v hy tu my ye IPs apny DHCP Server my reserve kara duga to DHCP Server IPs
network my flood nahi kary ga wo essy reserve kar dyga 04 192.168.0.111 sy network mai IP dyna start kary ga. So
reservation eak essa process hy jis sy hum DHCP Server k scope my sy hi kuch IPs ko apny personal use k ley
reserve kar dyty hy taky wo IPs DHCP Server network my kessi or clients ko assign na kar saky.
DHCP Algorithm (DORA Process)
DHCP Relay Agent:

DHCP Relay agent as a Router ki tarha ki work karta hy LAN Environment mai jessy agar hum apny network mai
do network chala rahy hy or chaty hy hy k hamara DHCP server un donu network ko hi IP Asssing kary or
communicate kar saky tu waha hum DHCP Relay Agent ka use karty hy. DHCP Server apni processing k k doran
broadcast message ko use karta hy jessy Discover, Offer, Request, or ACK messages or router broadcast traffic ko
aagye forward nahi karty to essi ley hum eak virtual router use karty hy jessy DHCP Relay Agent eak virtual router
k tarha work karta hy jo DHCP k Broadcast messages ko convert kar dyta hy Unicast messages my jis sy DHCP
Server do different networks py rehty howy network my communicate kar paty hy qk DHCP Relay Agent window
base virtual router hota hy jo do different network k darmiyaan communicate karwata hy..
Configure DHCP Server Step by Step:
DHCP Relay Agent Configure Step by Step:

First of all, you have to have multiple NICs connected to the different LANs. NICs should have an IP addresses of
the LAN it is connected to. This IP address is the Default Gateway of that LAN.
On the server, go Server Manager. Right Click on Roles and select Add Roles.
Review the information and click Next.
Select check box next to Network Policy and Access Services and click Next.
Click Next on Introduction Network Policy and Access Services.
Select checkbox next to Routing and Remote Access Services. It will automatically select necessary
services. Click Next.
Click Install on Confirm Installation Selection.
Click Close on Installation Results.
Go to Start, Administrative Tools, Routing and Remote Access.
Right click on your server and select Configure and Enable Routing and Remote Access.
Click Next on the Welcome screen.
Select Custom Configuration and click Next.
Select LAN Routing and click Next.
Click Finish to Complete Routing and Remote Access Setup Wizard.
Click Start Service.
Your Routing and Remote Access Server is ready. Your Private Networks should communicate now.
Assign Interface to DHCP Relay Agent:
Right Click on IPv4 and goto New routing Protocol.
Select the DHCP Relay Agent Service and press ok.
Now goto DHCP Relay Agent Service and reight click on it and click new interface.
Now here you can define the interface which hold different network of IPs which you want tu communicate.
Set as default like is it and click ok.
Now goto DHCP Relay Agent right click on it and goto properties.
And now here you assign and IP Address of your Network which you want tu add in your DHCP server to provide
the different IP on your network and thats it now you goto the client computer and renew the IP address and
you will be successful to contact the DHCP Server and get the IP address of the different network.
Window Server Enterprise Administrator.

ContantU
1) Concpet & Configuration of Storage Area Network.
2) Concpet & Configuration of Network Load Balancing.
3) Concpet & Configuration of Fail over Cluster.
4) Concpet & Configuration of Certificate Services.
STORAGE AREA NETWORK

SAN (Storage Area Network)
SAN eak essi solution hy jis my multiple Storage devices appas my connected hoti hy or network my mojood sary
servers us Share Storage ko use karty hy or her servers ko ussi Storage Media my sy eak Pool storage allocate hota
hy. Ye solution bhut hi bary network mai use kia jata hy jaha data bhut speedily increase ho rha hu or storage ki
bhut zada need hu.
SAN my Storage devices Servers k sath directly connected nahi hoti balky sari hard drive ko collect kar k un sub
ka eak storage collection banaya jata hy jessy storage pool bhi kaha jata hy or pher in centralize hard drive ko eak
switch k sath connect kia jata hy jo k Fiber-Optic Switch hota hy or inhy connect karny k ley usually fiber optic
cable ko use kia jata essa is ley karty hy qk fiber optic sy hammay speed bhut hi fast milti hy.
Yha per eak or device bhi hy jessy HBA (Host Bus Adapter) kaha jata hy wo bhi SAN solution my use hota hy ye
eak tarha ka card hota hy jo k trans receiver ki tarha act karta hy yani k signals ko receive or send karta hy or
communication ko possible banat hy. Or in sub chezzu ko SAN Fabric kaha jata hy or yehi HBA Card hamary
Servers per bhi installed hoty hy taky wo storage pool ko through switches access kar saky using a fiber optic cable.
Soo is tarha k network ko SAN yani (Storage Area Network) kaha jata hy or hamary Sary servers is SAN Solution
k sath connect hoty hy or is SAN Solution ko hi as a actual Server hard drive use kar rahy hoty hy.
Fiber-Optic Switch
HBA Card
There are two type of SAN Solutions:

1) FC (Fiber Channel) SAN.
a. FC high speed switches ka or fiber optic cables ka network hota hy jo k hammy network py high
speed provide karta hy.
2) ISCSI (internet small system interface) Protocol.
a. Ye SAN ka eak low-cost solution hy jis my IP networks or Ethernet ko use kia jata hy. But is my
speed thori slow milti hy.
SAN Advantage:
1) Storage Virtualization.
a. SAN k through jo pool servers ko available hota hy wo essa hota hy jessy ye hard drive essi server ki
actual hard drive hy.
b. Or agar server ki hard drive full hony wali hu tu hummy server ki hard drive change karny ki zarorat
nahi pari hum SAN sy us server k pool ko or space allocate kar dyty hy.
c. SAN hammy high speed disk technology provide karta hy I.E fiber-Channel gives 5MB Speed per
Second.
2) Centralized Backup.
a. SAN hammy centralized backup ki facility bhi provide karta hy.
b. Servers storage ko appny sath directly connect mannty hy is ley system administrator (Rock Level
ya incremental backup) ko use kar k in servers k storage pool ka backup ly sakty hy jo k system
administrator k ley kaffi helpful hota hy.
3) Failover Protection.
a. SAN hammy dynamically failover protection bhi provide karta hy jessy k agar koi eak server fail
hojaye ya kessi wajja sy wo node offline hojaye jessi maintenance k case my so SAN apni built-in
redundancy ko enable kar dyta hy or automatic hi traffic ki routing kessi or server sy kar dyta hy.
Jis sy k network binna kessi downtime k 24 hours chalty rehty hy
Configure iSCSI SAN in Server 2012 R2

iSCSI (Internet Small Computer System Interface) is a protocol that uses underlying TCP/IP protocol for
transmission of data. Unlike FC (Fiber Channel) which requires dedicated hardware like HBAs (Host Bus
Adapters), fiber optics, etc., iSCSI uses existing network devices (routers, switches, firewalls) making it very cost
effective storage solution. In iSCSI, data is transferred in block by block in raw form between the host and SAN.
This makes operating systems to think as if the disk is locally connected or DAS (Direct Attached Storage). You
can create LUNs (Logian Unit Numbers) or virtual disks in SAN which will be used by operating systems as a
volume as if they were DAS. Note, NAS (Network Attached Storage) uses protocols like SMB, CIFS, or NFS to
transfer data between operating systems and NAS device. In this post, I will show steps to configure iSCSI SAN
in Server 2012 R2.
Configure iSCSI SAN in Server 2012 R2

Server 2012 now includes iSCSI software components, which means you can create SAN in server 2012. Two main
components of iSCSI are, iSCSI initiators and iSCSI target. ISCSI initiator is a client or system that will be using the
storage from SAN. iSCSI target is the SAN box or storage box or the server where iSCSI target component is
installed. You can use Server 2012 iSCSI SAN feature to configure shared storage for fail-over clustering for Hyper
V and VMware vSphere, and others. Now, lets begin installing iSCSI in Server 2012. Here is my Vmware
Workstation machine configuration.
The snapshot above shows the virtual machine configuration. The machine is configured with hard disk 2 and 3
each with 500 GB for iSCSI SAN configuration. I have already installed Server 2012 R2 in this machine with following
configuration.
Now, follow these steps to install iSCSI target component in the server.
Step 1. From the Server Manager, click Manage and click Add Roles and Features.
Step 2. Click Next on Before you begin page.
Step 3. On select installation type page, select Role-based or feature-based installation and click Next button.
Step 4. On select destination server option, choose select a server from the server pool option and select the server. Click Next.
Step 5. On the select server roles page, expand File and Storage Services role, and again expand File and iSCSI Services feature,
now select iSCSI Target Server feature. Then click Next.
Step 6. On features page, click Next without checking any feature.

Step 7. Review the confirmation page and click Install button.
Step 8. After the installation is complete, click Finish button.
We have successfully installed iSCSI target service in this server. Now before creating any virtual disks or LUNs we need to bring the
disks online and create a NTFS partition on these disks. To bring the disks online, go to Server Manager, click File and Storage
services tab, select Disks tab again, here you will see the lists of disks. Now right-click the disk and click Bring Online. Repeat this
step for each disks. You will get a little warning after you click Bring Online, read it and click Yes.
Now create volumes in these disks. From the same window, right-click the disk and click New Volume.
New volume wizard will pop up. Click Next on before you begin page. Choose the server and disk and click Next.
Click OK on the warning.
Now specify the size of the volume and click Next.
Assign drive letter to the new volume and click Next.
Select file system and click Next.
Review the confirmation page and click Create.
Repeat the same step for other disk to create another volume. To view the volumes, click volumes tab.
Now the volumes are ready to be configured as LUNs or virtual disks. Now the last step is to create LUNs or virtual disks. In the Server
Manager, select File and Storage services tab and then click iSCSI tab. Click Tasks and select New iSCSI Virtual Disk.
New iSCSI virtual disk wizard will open. Here, select the server and select volume and click Next.
Type name of the virtual disk. Here, I will give LUN-1 and click Next. As you can see below its a VHDX file, the same file format that
Hyper V uses for virtual disks of Hyper V virtual machines.
Specify the virtual disks size. Choose the disk type, here I have chosen Dynamically expanding so that that the disk space wont be
over utilized. Click Next.
In the Assign iSCSI target page, choose new iSCSI target option and click Next.
Type the name for the new target.
In access servers tab, click Add button. Add initiator id dialog box will open. There are three ways you can identify the initiator (device
that will use this virtual disk). Here I will choose IP and type the initiator IP of 192.168.80.80. Then click OK.
Here you can see the lists of iSCSI initiators. To add other iSCSI initiators click Add and repeat the steps above. Then click Next.
In the Enable Authentication page, you have option to use CHAP or reverse CHAP for authenticating iSCSI initiators and iSCSI target.
Here, I will leave it empty and click Next.
Now review the configuration and click Create to create a new virtual disk or LUN.
After the installation you can view the virtual disks in iSCSI tab.
Now you can use these virtual disk in Hyper V or vSphere for various high availability purposes.
NETWORK LOAD BALANCING

Network Load Balancing:
There are two type of clustering
1) Network load balancing clustering
2) Failover clustering
How does NLB work?

Network load balancing is like k eak web server hy jis py kuch 3 sy 4 sites hosted hy ab jessy jessy us server py sites
increase hongi to us sever per traffic ka load bhi utna hi bary ga or network slow hony lagye ga jis ki wajja sy us
site ko access karny my problem aany lagy gi to essy my Network load balancing eak essa solution hy jo apki traffic
ko multiple web server py divide kar dyta hy or load balancing provide karta hy. Suppose jessy eak web server hy
us py 4 sites hosted hy ussi tarha ka hum ny eak or server banaya us py bhi hum ny same sites implement kardi
essi tarha hum ny kuch multiple web server create kar diye or pher hum ny eak cluster banaya jis my hum ny in
sary servers ko add kar diya so ab in case agar koi server down hojata hy tu bakki servers jo load balancing k ley
lagye hy un my sy koi eak server within a 40 second us down server ki services provide karny lag jaye ga or wo sites
down nahi hongi. Agar ap Network load balancing solution use karty hu to ap 32 servers ko eak single NLB Server
my add kara sakty hu or easily kessi bhi server ko us cluster my sy remove bhi kar sakty hu.
NLB Terminology:
Multiple servers eak sath work kar rhy hoty hy or network my load balancing provide kar rahy hoty hy. Or ye sary
hi server cluster my nodes ya host kehlaty hy.
Network Load Balancing Stateless Application k ley hy jaha replication ka koi concept nahi hu just ready
servers hu jo k network load balancing provide kary jessy.
o Front-end Web Servers
o VPN Server
o FTP Server
o Firewall or proxy Server
Network Load Balancing Statefull Application k ley nahi hy matlab jaha per data update ho raha hu ya data
my koi changing ho rahi hu qk NLB independently work karta hy agar kessi eak server per koi update hoi
hy to wo ussy kessi or server k sath share nahi kary ga thats way you should avoid that particular Server in
NLB Cluster.
o File Server
o Print Server
o Database Server
o Messaging Server
Difference between nlb and failover cluster
If I had to give a simple answer; I'd say; Windows Clustering is a method of using 2 or more Servers to
provide a higher level of availability, reliability, and scalability.
Where in NLB (Network Load Balancing) is another clustering technology that combines the multiple
clustered Servers (called hosts) to get a high availability for web-based services like FTP Servers, Proxy
Servers, Terminal Services, virtual private networking, and streaming media servers.
Gathering Information
Log onto both of the servers and run IPCONFIG /ALL from the command prompt. We need the name, domain
and IP address of each server that will be in the NLB Cluster. We will also need to make up an additional name for
the cluster in this example we will use SERVER-LB for the virtual cluster name.
The 2 servers we will be Load Balancing are PL2008-01 and PL2008-02. The virtual cluster name will be PL2008-V.
So if this was a web server users would go to http://PL2008-V, depending how we configure NLB either PL200801, PL2008-02 or both servers will service the web request.
SERVER NAME
PL200801.pintolake.net
PL200802.pintolake.net
PL2008V.pintolake.net
IP
ADDRESS
192.168.1.180
TYPE
192.168.1.181
Server 2
192.168.1.182
Virtual cluster name and IP address of

Servers 1/2
Server 1
In this example both servers only have one network card. If you have multiple network cards you will still be able
to load balance the 2 servers. You need to configure one NIC per server for NLB, both NICs should be on the same
VLAN and be they should able to contact each other.
PL2008-01
PL2008-02
Installation of NLB feature on all NLB nodes
This should be done on ALL NODES in the NLB Cluster. In this case we are performing this installation on PL200801 and PL2008-02.
Open Server Manager, you can open this several different ways in Windows Server 2008. Probably the quickest
way to open Server Manager is to right click "My Computer" and choose "Manage", another way is open "Control
Panel" go to "Program and Features" and select "Turn Windows features on or off". A third way to open it is "Server
Manager" option under Administrative Tools.
Select "Features" from the Server Manager menu on the left
Press "Add Features"
Select the checkbox next to "Network Load Balancing"

Press "Next"
Press "Install"
Installation will proceed to install the necessary components
Installation has successes. It is highly recommended that you repeat this process on all nodes in the NLB cluster
at this point before continuing with configuration
Press "Close"
NOTE: Network Load Balancing may also be installed from a command prompt with
elevated privileges (right click on the command prompt in the Start menu and select Run
as administrator) by running the server manager cmd -install nlb command.
For example:
C:\Windows\system32>servermanagercmd -install nlb
......
Start Installation...
[Installation] Succeeded: [Network Load Balancing].
<100/100>
Success: Installation succeeded.
Configuring NLB on NODE 1 (PL2008-01)
Network Load Balanced clusters are built using the Network Load Balancing Manager which you can start
from Start -> All Programs -> Administrative Tools menu or from a command prompt by executing dbmgr.
Under the Cluster Menu option select "New"
Enter the first node in the cluster which is PL2008-01

Press "Connect"
You will have the option to choose which network adapter you want to use, the NIC should be on the same subnet
as the other servers in the NLB cluster
Press "Next"
Enter the Priority ID as, 1 (each node in the NLB cluster should have a UNIQUE ID)
Make sure the correct adapter was selected under "Dedicated IP Address"
Select "Started" for the "Initial host state" (this tells NLB whether you want this node to participate in the cluster
at startup)
Press "Next"
Press "Add"
Enter the Cluster IP and Subnet mask
Press "OK"
You can add multiple IP Addresses for the cluster, enter as many as you want.
Make sure the "Cluster IP addresses" are correct
Press "Next"
Select the IP Address for this cluster

Enter the NLB address "PL2008-V.pintolake.net"
Enter "Unicast" as the "Cluster operation mode"
Press "Next"
Unicast vs Multicast
Unicast/Multicast is the way the MAC address for the Virtual IP is presented to the
routers. In my experience I have almost always used Multicast, which if you use you
should enter a persistent ARP entry on all upstream switches or you will not be able to
ping the servers remotely.
In the unicast method:
The cluster adapters for all cluster hosts are assigned the same unicast MAC
address.
The outgoing MAC address for each packet is modified, based on the cluster
hosts priority setting, to prevent upstream switches from discovering that all
cluster hosts have the same MAC address.
In the multicast method:
The cluster adapter for each cluster host retains the original hardware unicast
MAC address (as specified by the hardware manufacture of the network
adapter).
The cluster adapters for all cluster hosts are assigned a multicast MAC address.
The multicast MAC is derived from the clusters IP address.
Communication between cluster hosts is not affected, because each cluster host
retains a unique MAC address.
Selecting the Unicast or Multicast Method of Distributing Incoming
Requestshttp://technet.microsoft.com/en-us/library/cc782694.aspx
I am leaving all the default for the port rules; by default its set to all ports with Single affinity, which is sticky. For
more information on Port Rules, see my Note below.
Press "Finish"
NOTE: Add/Edit Port Rule Settings

For most scenarios I would keep the default settings. The most important setting is
probably the filtering mode. "Single" works well for most web application, it maintains
a users session on one server so if the user server requests go to PL2008-01, PL2008-02
will continue to serve that request for the duration of the session.
None
You want to ensure even load balancing among cluster hosts
Client traffic is stateless (for example, HTTP traffic).
Single
You want to ensure that requests from a specific client (IP address) are sent to the same
cluster host.
Client state is maintained across TCP connections (for example, HTTPS traffic).
Class C
Client requests from a Class C IP address range (instead of a single IP address) are sent
to the same cluster host.
Clients use multiple proxy servers to access the cluster, and they appear to have multiple
IP addresses within the same Class C IP address range.
Client state is maintained across TCP connections (for example, HTTPS traffic).
For more information on this please see this TechNet article:
Specifying the Affinity and Load-Balancing Behavior of the Custom Port Rule
http://technet.microsoft.com/en-us/library/cc759039.aspx
You should see a couple of things in the NLB Manager, this will let us know that this node successfully converged
on our new PL2008-V.pintolake.net NLB Cluster
Make sure the nodes status changes to "Converged"
Make sure you see a "succeeded" message in the log window
Configuring NLB for NODE 2 (PL2008-02)
We will configure PL2008-02 from PL2008-01. If we wanted to configure this from PL2008-02 then we would need
to connect to the PL2008-V cluster first then add the host to the cluster.
Right click the cluster name "PL2008-V.pintolake.net" and select "Add Host to Cluster"
Enter PL2008-02 and press "Connect"
A list of Network adapters will show up

Select the network adapter you want to use for Load Balancing
Press "Next"
This step is very important; each node in the NLB cluster should have a unique identifier. This identifier is used to
identify the node in the cluster.
Enter the Priority ID as, 2 (each node in the NLB cluster should have a UNIQUE ID)
Make sure the correct adapter was selected under "Dedicated IP Address"
Select "Started" for the "Initial host state" (this tells NLB whether you want this node to participate in the cluster
at startup)
Press "Next"
Press "Finish"
You should see a couple of things in the NLB Manager, this will let us know that both nodes successfully converged
on our new PL2008-V.pintolake.net NLB Cluster
Make sure that both nodes status changes to "Converged"
Make sure each node has a unique "host priority" ID
Make sure each node is "started" under "initial host state"
Make sure you see a "succeeded" message in the log window for the second node
A closer look at the configuration information for this NLB cluster
Testing
Go to the command prompt and type "wlbs query", as you can see HOST 1 and HOST 2 converged successfully on
the cluster. This means things are working well.
Ping each server locally and remotely

Ping the virtual IP locally and remotely you should do this three times from each location. If you cannot ping
remotely you may need to add a static ARP entry in your switches and/or routers where the host machines reside
o 1 Both nodes up
o 2 Node 1 down
o 3 Node 2 down
FAIL OVER CLUSTER

Fail Over Cluster:
Cluster means Group of computer Fail Over Cluster means computer ka eak essa group jo same property same
configuration or same share media my work kar rahy ho or koi bhi server down hojany k condition my khud us
server ki jagga stand ly kar network mai downtime aany hi na dy that is called Failover Cluster
Another Example:
Failover Cluster eak set hota hy independent computers ka jo eak sath work kar rhy hu ya network mai high
availability ko maintain kar rahy hoty hy kessi bhi application ya services k ley. Or agar is group my sy koi bhi
Cluster Server jo k Nodes k naam sy represent hoty hy so koi bhi nodes agar down ho jaye to cluster ussi group my
sy kessi bhi eak server ko us down server ka sara workload handover kar dyta without any downtime This is called
also Fail Over Cluster.
Window Server 2008 my ye Role Server cluster k naam sy represent hota hy and Jo Software use hota hy Failover
cluster k ley that is called cluster Manager Snap-In jo k eak feature hy window server 2008R2 (enterprise & Data
center) edition ka you can simply installed it in your window server 2008 R2.
Failover cluster implement karny k ley this is important you have at least two servers connected to a Shared
Storage.
Now what is Share Storage???
SAN (Storage Area Network)

SAN eak essi solution hy jis my multiple Storage devices appas my connected or share hoti hy or network my
mojood sary servers us Share Storage ko use karty hy or her servers ko ussi Storage Media my sy eak Pool storage
allocate hota hy. Ye solution bhut hi bary network mai use kia jata hy jaha day to day data speedily increase ho
raha hota hy.
SAN my Storage devices Servers k sath directly connected nahi hoti balky sari hard drive ko collect kar k un sub
ka eak storage collection banaya jata hy jessy storage pool bhi kaha jata hy or pher in centralize hard drive ko eak
switch k sath connect kia jata hy jo k Fiber-Optic Switch hota hy or inhy connect karny k ley usually fiber optic
cable ko use kia jata essa is ley karty hy qk fiber optic sy hammay speed bhut hi fast milti hy.
Yha per eak or device bhi hy jessy HBA card yani (Host Bus Adapter) kaha jata hy wo bhi SAN solution my use
hota hy ye eak tarha ka card hota hy jo k trans receiver ki tarha act karta hy yani k signals ko receive or send karta
hy or communication ko possible banat hy same essy hi jessy hamra NIC card hoty hy. Or in sub chezzu ko SAN
Fabric kaha jata hy or yehi HBA Card hamary Servers per bhi installed hoty hy taky wo storage pool ko through
switches access kar saky using a fiber optic cable.
Soo is tarha k network ko SAN yani (Storage Area Network) kaha jata hy or hamary Sary servers is SAN Solution
k sath connect hoty hy or is SAN Solution ko hi as a actual Server hard drive use kar rahy hoty hy. So that is a short
intro of shared media.
Fiber-Optic Switch
HBA Card
There are two type of SAN Solutions:

3) FC (Fiber Channel) SAN.
a. FC high speed switches ka or fiber optic cables ka network hota hy jo k hammy network py high
speed provide karta hy.
4) ISCSI (internet small system interface) Protocol.
a. Ye SAN ka eak low-cost solution hy jis my IP networks or Ethernet ko use kia jata hy. But is my
speed thori slow milti hy.
SAN Advantage:
4) Storage Virtualization.
a. SAN k through jo pool servers ko available hota hy wo essa hota hy jessy ye hard drive essi server ki
actual hard drive hy.
b. Or agar server ki hard drive full hony wali hu tu hummy server ki hard drive change karny ki zarorat
nahi parti hum SAN sy us server k pool ko or space allocate kar dyty hy.
c. SAN hammy high speed disk technology provide karta hy I.E fiber-Channel gives 5MB Speed per
Second.
5) Centralized Backup.
a. SAN hammy centralized backup ki facility bhi provide karta hy.
b. Servers storage ko appny sath directly connect mannty hy is ley system administrator (Rock Level
ya incremental backup) ko use kar k in servers k storage pool ka backup ly sakty hy jo k system
administrator k ley kaffi helpful hota hy.
6) Failover Protection.
a. SAN hammy dynamically failover protection bhi provide karta hy jessy k agar koi eak server fail
hojaye ya kessi wajja sy wo node offline hojaye jessi maintenance k case my so SAN apni built-in
redundancy ko enable kar dyta hy or automatic hi traffic ki routing kessi or server sy kar dyta hy.
Jis sy k network binna kessi downtime k 24 hours chalty rehty hy
Before Implement Failover Clustering System Requirement:
Windows Server 2008/R2: Failover Cluster feature sirf Windows Server 2008/R2 Enterprise/Data Center
editions my hi ap ko millye ga ye standard edition ka part nahi hy.
Domain role: This is important k jitney bhi server cluster my add hongy un ka same Active Directory
Domain name my hona lazmi hy.
DNS: DNS my hona lazmi hy clustering k ley taky servers ki name resolution easily ho saky.
Account for administering the cluster : This is also important k jab ap cluster my servers ko add kar rahy
hu to ap domain k Administrator Account sy login hu taky apko all permission k sath proper admin rights
mil saky agar ap Admin k account k naam sy nahi login hongy tu wo Account computer my eak object
create kar dy ga jis my Domain k andar sirf Read property ki permission hongi.
Servers: Two Servers are same un ka brand un ki configuration sub same honi chayee clustering k ley.
Storage: You must use shared storage that is compatible with Windows Server 2008 R2.
Device Controllers ( HBA ): i/SCSI or Fiber job hi ap use kary shared media k ley un ka bhi donu taraf
same hona lazmi hy.
Now that you know the requirement for Failover Clustering, lets start:
Configuration on Server A
1. To install Failover feature, open Server Manager, click on Start > Administrative Tools > Server
Manager
2. Expand Features, and then click on Add Feature.
The list of available features will be listed, select the Failover Clustering and click on Next.
Click Install
3. The Failover Clustering feature will be installed. Click Close.
Configuration on Server B
1. Again on Server B, we will need to install Failover Clustering feature as well, so click on Start > All
Programs > Administrative Tools >Server Manager

Click on Features and then click on Add Features
2. Choose the Failover Clustering feature and click Next
3. Confirm installing Failover Clustering by clicking on Install.
4. Close the Add Features Wizard once installation is completed.
Ab donu hi Servers py Fail0ver cluster installed ho chukka hy ab hum kessi eak server py cluster ko create kar
sakty hy or pher dosry server ko us cluster my join kar salty hy.
Ab hum cluster ka name configure kary gy or apny servers ko IP assign kary
To open Failover Clustering, click on Start > Administrative Tools > Failover Cluster Manager
>> This needs to be done on a single server only <<
1. The first step in creating a successful failover clustering, k apny existing system or shared storage ko
phly ap validate karlo. This is done by the option Validate a Configuration
2. Jab ap click kary gy Validate a Configuration, so ap ko browse karwana pary ga apny us server ko jess ap
Cluster my add karana chty hu ye wo server hongy jo is cluster ka part hongy, and then click next
3. Choose to Run all tests and click Next
The available tests will be displayed in the confirmation window, click Next to begin validating your
cluster
Review the validation report, as your configuration might have few issues with it and needs to be
addresses before setting up your cluster.
4. Now that the configuration is validated and you are ready to setup your cluster. Click on the second
option, Create a Cluster, the wizard will launch, read it and then click Next
5. You need to add the names of the servers jess ap cluster my add karna chty hy. You can start creating
your cluster with a single server and then add other nodes in the future.
6. Jab ap server ko browse kary gy to ap ko sary servers as list show hongy so select a server and click next.
7. Server Select karny k baad, you need to type a name and IP for your Cluster
8. Ab Confirmation window my apni sari settings ko carefully review kary jo window my dispalay hogi jessy:
Cluster Name, IP Address, Selected Server Names. If sari information proper hy so Next py click kary.
Or agar kuch problem hu settings my to previous button per click kar k ussy proper set kary.
After you click Next, creating the cluster will begin.
9. The summary windows will be displayed after a successful setup of the cluster.
10. Open Failover Cluster Manager and you will see your nodes and setting inside the MMC. Yaha ap apny
cluster ko configure kar sakty hy is my new Nodes yani new Servers ko add kar sakty hy ussy remove kar
sakty hy or disk storage ki setting wagera bhi kar sakty hy.
Summary
In this STEPS, I have created a two node cluster using Failover Clustering feature which is available with
Windows Server 2008 R2 Enterprise and Data Center editions.
Feedback I nformation:
As you read this Book and you think that this has helped you in any way then it would be great
if you give me your feedback and even if you think that it has been poorly conceived and
written I would like to hear your Feedback and your comments. Feel free to contact me in my
Facebook ID
https://www.facebook.com/fayyaz.feizi.
Email ID
fayyazahmed007@outlook.com .
Thank You so much for reading this and also prays for my bright Future stay connected. Fayyaz
Ahmed Healty learning

MCITP Book Final Edition by (Fayyaz Ahmed)

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

MCITP Book Final Edition by (Fayyaz Ahmed)

Caricato da

Copyright:

Formati disponibili

About Me:

Hello Everyone This is Fayyaz again. After my CCNA Book in Roman

Why I Write this Book?

Topic Covers in Module 01

Client Operating System:

Server Operating System:

Difference between Client OS and Server OS:

How to Install Client Operating System:

INSTALLATION OF WINDOWS 7 OPERATING SYSTEM

Restart the System and go to BIOS.

Set the First Boot Device as DVD ROM.

Save the settings by Pressing F10 and click YES.

Insert Windows 7DVD and Restart the system.

Press any key to boot from the CD or DVD.

System copies the files from DVD.

Select the language to install English.

Click Install now.

Check the box I accept the license terms

Select Custom Installation.

Click Drive options.

Select Unallocated Space and click New.

Enter the size for the partition, and click Apply.

Select the Partition and click Next.

Windows Installation will start.

Completes the Installation, and system will be restarted.

Enter the Password and Confirm, click Next.

Configure Automatic Updates Ask me later.

Select the Time zone and click Next.

Select the location of your computer Work network.

It Prepares the Desktop.

Difference between FAT32 & NTFS:

FAT32 my 32 means k data 32bit k chunks my save

NTFS my hum 244 bytes ya pher 16 TB minus 64kb tk

FAT32 Less secure hy is my security permission sirf

NTFS bhut hi secure system hy jis my File Permission

NTFS Fault Tolerance provide karta hy or ye disk my

Concept of Disk Management:

Uses of Disk Management:

Restrict Access to Programs with AppLocker in Windows 7

Blocking Apps from Running

Select Permissions under Action select Deny.

Click on Browse Folders and select the Microsoft Games folder.

How to Encrypt your Windows 7 Hard Disk with BitLocker

Policy & Role in firewalls:

: k kis traffic ko filter kar k andar aany dyna hy.

Configuration of Window Server

Topic Covers in Module 02

Concept and configuration of Terminal Licensing.

Details of Network Infrastructure:

Cable type cat5 or cat6

Server Operating System:

How to Install Server Operating System:

A Computer and Windows Server 2008 Operating System DVD.

INSTALLATION OF WINDOWS OPERATING SYSTEM

Restart the System and go to BIOS.

Set the First Boot Device as DVD ROM.

Save the settings by Pressing F10 and click YES.

Insert Windows Server 2008DVD and Restart the system.

Press any key to boot from the CD or DVD.

System copies the files from DVD.

Select the language to install English.

Click Install now.

Check the box I accept the license terms

Select Custom Installation.