Professional Documents
Culture Documents
Handspublishing 3
Handspublishing 3
Handspublishing 3
Purdue University
CNIT 242
Section 001
12/10/16
Table of Contents
Executive Summary......................................................................................2
Background & Business Scenario................................................................3
Procedures................................................................................................4-6
Phase 1.........4-5
New virtual machine port group to ESXi servers..4
Second domain controller........4
New windows 7 VM...4
Microsoft Backup...4
Printing.4-5
IIS web server.......5
Distributed File System....5
Phase 2..5-6
Windows Server Update Services...5-6
Powershell Remote...6
Virtualized Opera browser............6
Microsoft System Center Configuration Manager....6
Results.......................................................................................................7-9
IP schema and services....10
Network Diagram...................................................................................11
Conclusions and Recommendations.....................................................12-13
References............................................................................................14-15
Appendix................................................................................................16-17
Appendix A: Problem Solving and Troubleshooting..........................16
Appendix B: Cisco PIX Configuration................................................17
12/10/16
Executive Summary
The purpose of this report is to describe how Hands Publishing added more
virtual machines as well as other permissions to help them expand their business. With
these new virtual machines and software, they plan to not only expand their business
but also to communicate internally and externally more effectively and efficiently. This
report shows the in depth steps taken in order to ensure a successful setup. With these
added virtual machines, Hands Publishing would be able to promote their business
further in a more efficient manner as well as making company-wide updates more
efficient.
To ensure a successful setup for the new hardware and software, a relevant
literature review was conducted. This report will explore 4 main topics:
1) The businesses need for this particular hardware and software
2) The specific hardware and software used to implement the successful setup
3) The results of the test environment setup
4) Any recommendations from the team members to ensure a relatively easy setup
Important recommendations for improving implementation were identified with this
setup. Some of these recommendations include but are not limited to: continual updates
of software, training for the new software and hardware being used, and repeated
system checks to ensure reduction of errors.
12/10/16
12/10/16
Procedures
Phase 1
Added a new VM port group to ESXi server: (VMWARE)
1. Launched vSphere Client | Navigated to 10.18.17.4 | Configuration tab |
Networking | Add Networking | Virtual Machine | Next | Use vSwitch0 | Next | Set
Network Label to Site_2 | Next | Finish
Cloned 2012 VM template:
1. Launched vSphere Client | Navigated to left menu area | Right-clicked | Virtual
Machines and Templates | Right-clicked Clean Windows Server 2012 | Deploy
virtual machine from this template | Next | Chose ESXi host | Next | Datastore 1 |
Next | Finish
Implemented as second domain controller: (Support Microsoft and Windows IT Pro)
1. Started new cloned VM | Launched Server Manager | Manage | Add Roles and
Features | Role-based or feature-based installation | Next | Active Directory
Domain Services | Next | Add Features | Next | Install | Close | Click on Flag Icon
| Promote to domain controller | add to existing domain | enter credentials | Next |
Install
2. Moved FSMO roles > Run regsvr32 schmmgmt.dll | OK | OK | Run mmc | File |
Add/remove snap-in | Add | Active Directory Schema | Add | Close | OK |
Right-clicked Active Directory Schema | Change Domain Controller | Specified
Name | OK | Right-clicked Active Directory Schema | Operations Master |
Change | OK
Installed Windows 7 VM at the new VLAN:
1. Launched vSphere Client | Right-clicked 10.18.17.4 | New Virtual Machine |
Typical | Next | Named new vm | Next | Datastore 1 | Next | Windows 7 64-bit |
Next | Selected Site_2 from NIC 1: drop down menu | Next | Next | Finish
Set scheduled backup on the two Domain Controllers: (Technet)
1. Launched Windows Server Backup | Backup Schedule | Next | Custom | Next |
Add items | Added items needed for backup | OK | Once a day | Selected time |
Next | Back up to a hard disk | Next | Selected destination disk | Next | Finish
Created a print administrator user: (Support Microsoft and Technet)
1. Launched Server Manager | Tools | Active Directory Users and Groups | Users |
Create New User Icon | Enter credentials | Next | Finish
4
12/10/16
2. Create priority printing groups > Launch Server Manager | Tools | Print
Management | Right-click print server | Properties | Security | Add | Add Print
administrator user | OK | Permissions | Allow for Manage Server | OK
Cloned 2012 VM template:
1. Launched vSphere Client | Navigated to left menu area | Right-clicked | Virtual
Machines and Templates | Right-clicked Clean Windows Server 2012 | Deploy
virtual machine from this template | Next | Chose ESXi host | Next | Datastore 1 |
Next | Finish
Implemented IIS web server with a website:
1. Started new cloned VM | Launched Server Manager | Manage | Add Roles and
Features | Role-based or feature-based installation | Next | Web Server (IIS) |
Next | Next | Next | Next | Install | Close
Implemented DFS domain namespace: (Technet)
1. Launched Server Manager | Manage | Add Roles and Features | File Services |
Next | Distributed File System | Created Namespace | Install
2. Implemented DFS replication > Launched Server Manager | Manage | Add Roles
and Features | File Services | File and iSCSI Services | DFS Replication | Next |
Add Features | Next | Next | Install | Close > Launched DFS Management |
Right-clicked Replication | New Replication Group | Replication Group for Data
Collection | Next | Next | Entered Name | Next | Add folders | OK | Next | Next |
Next | Next | Create | Finish
Phase 2
Cloned Server 2008/12 VM template:
1. Launched vSphere Client | Navigated to left menu area | Right-clicked |
Virtual Machines and Templates | Right-clicked Clean Windows Server
2012 | Deploy virtual machine from this template | Next | Chose ESXi host
| Next | Datastore 1 | Next | Finish
Implemented a Windows Server Update Services (WSUS):
1. Launch Server Manager | Manage | Add roles and features | Role-based
or feature-based installation | Next | Windows Server Update Services |
Next | Next | Next | Next | Created Folder | Next | Install
12/10/16
2. Configured clients to pull updates from WSUS server using a GPO >
Launched Server Manager | Tools | Group Policy Management | Add
Group Policy | Update using WSUS policy | Finish
Implemented PowerShell for WSUS: (4sysops and How to Geek)
1. Opened PowerShell on Clean Windows Server 2012 | Entered
Enter-PSSession -ComputerName WSUS -Credential Administrator |
Entered Administrator credentials
To list services > Entered get-service on PowerShell
To stop services > Entered stop-service (service name)
To start services > Entered start-service (service name)
Used ThinApp to virtualize Opera:
1. Installed Opera browser | Navigated to
\\rtfm.cit.lcl\pub\c24200\VMWare\ThinApp\ | Launched Setup Capture |
Next | Prescan | Minimized Setup Capture
2. Opened Opera browser | Navigate to menu on upper left | Settings |
Checked Open a specific page or a set of pages | Clicked Set Pages |
Entered http://www.purdue.edu/ | OK
3. Navigated back to Setup Capture | Postscan | Next | Checked only the
following Active Directory Groups | Clicked Add | Entered Administrator |
OK | Next | Next | Next | Checked No | Next | Next | Clicked Generate MSI
package | Save | Next | Build | Finish
Cloned the Server 2012 VM template:
1. Launched vSphere Client | Navigated to left menu area | Right-clicked |
Virtual Machines and Templates | Right-clicked Clean Windows Server
2012 | Deploy virtual machine from this template | Next | Chose ESXi host
| Next | Datastore 1 | Next | Finish
Implemented Microsoft SCCM: (SCCMentor and Technet)
1. Launched Windows Explorer | Navigated to \\rtfm.cit.lcl\pub\c24200\sccm\
| Launched SCCM installer | Next | Next | Trial License | Next | Accept
Agreement | Accept Licenses | Next | Choose downloads folder | Next |
Select English | Next | Next | Entered Site Code and description | Next |
Stand-alone | Next | Yes | Next | Next | Configure the communication
method | Next | Next | Next | Install
12/10/16
Overview of Results
Upon completion of phase 1, the team successfully set up a second Domain
Controller virtual machine, implemented Microsoft Backup, created a print administrator
and introduced priority base printing queues, installed an IIS Web Server, and
implemented a DFS domain space with replication of the home directory and desktop
data between the two domain controllers. The second domain controller was added to a
new subnet/site, separate from the first domain controller. The two domain controllers
operated on separate sites and had separate FSMO roles that they followed. Microsoft
Backup Services were installed to routinely perform scheduled backups of important
data and files from the two domain controllers. Backups were saved on a targeted share
on the physical Windows 10 Machine (Optiplex 620). Only user files and the domain
controller database were backed up in order to conserve disk space.
12/10/16
A print administrator user group was created to allow particular users and
administrators to have security rights and access to operate and manage print jobs.
Priority-based printing queues were added to allow for more important users to have
their print jobs finished before normal priority users. This works by having priority users
placed in higher priority groups in the queueing system. The higher priority users will
automatically have their print jobs queue in front of existing print jobs from normal
priority users.
An IIS Web Server was implemented and configured with one website and three
virtual links. One of the web pages was a public page that anyone on the network can
access. Another page was a private page that only allowed members of the domain to
access, while the third page was a site specific web page that was only accessible from
computers or VMs located on the Site_2 subnet/site.
A Distributed File System (DFS) was created in order to allow the multiple file
shares on both domain controllers to be combined into a single DFS. The roaming
profiles were redirected to the new namespace and DFS Replication was implemented
in order to add redundancy and improve reliability and availability of data.
Upon completion of phase 2, Windows Server Update Services (WSUS) was
installed, ThinApp was used to virtualize an Opera web browser, and Microsoft System
Center Configuration Manager (SCCM) was implemented. WSUS allowed for updates
to be managed, approved, and synchronised across all servers and VMs, improving
uptime, reliability, and consistency among the entire network. A group policy object
12/10/16
(GPO) was used in order to configure the clients to pull updates from the WSUS server
instead of Windows Update automatically.
SCCM was not successfully implemented due to a multitude of errors with SQL
server. The intended purpose of SCCM; however, was to allow for hardware and
software auditing to be performed for the clients and servers as well as allow for
cooperative remote control of client machines from an SMS console.
12/10/16
IP Address
Subnet mask
Default
Gateway
DNS
ESXi Server 1
10.18.17.3
255.255.255.0
10.18.17.1
10.2.1.11;
10.2.1.12
ESXi Server 2
10.18.17.4
255.255.255.0
10.18.17.1
10.2.1.11;
10.2.1.12
vCenter
10.18.17.9
255.255.255.0
10.18.17.1
10.18.17.11;
10.2.1.12
Domain
Controller
10.18.17.11
255.255.255.0
10.18.17.1
10.2.1.11;
10.2.1.12
First Windows
10
10.18.17.101
255.255.255.0
10.18.17.1
10.18.17.11;
10.2.1.12
Second
Windows 10
10.18.17.102
255.255.255.0
10.18.17.1
10.18.17.11;
10.2.1.12
WSUS
10.18.17.10
Table 1. IP Addresses
Table 2. Credentials [Usernames & Passwords]
Host(s)
Username
Password
ESXi Server 1
root
Group17
ESXi Server 2
root
Group17
vCenter
administrator@vsphere.local
Group17!
Backup
Administrator
group17
10
12/10/16
Network Diagram
11
12/10/16
12
12/10/16
Even though errors occurred during the test pilot, the team still believes that
implementing these procedures will ultimately benefit the company. Benefits from the
software will include: cost sustainability, successful company promoting outside the
company, and easier communication inside and outside of the office. Training and CEO
support will be necessary in order to successfully and smoothly implement the new
virtual machines and software. Overall, a high return on investment is predicted from
implementing these procedures, and the test pilot team highly recommends
implementing the virtual machine as well as the other software suggested above. The
team believes the new procedures will benefit the company more than it will cost the
company in the long run as well as benefit both the company and the employees.
13
12/10/16
References*
(August 2003). How can I move the Active Directory (AD) Global Catalog (GC) to
another domain controller (DC)? Windows IT Pro. Retrieved from
http://windowsitpro.com/windows-server/how-can-i-move-active-directory-a
d-global-catalog-gc-another-domain-controller-dc
(December 2012). How to use Group Policy settings to control printers in Active
Directory. Support Microsoft. Retrieved from
https://support.microsoft.com/en-us/kb/234270
(January 2013). Managing Services the PowerShell way - Part 3: Start and stop
Services. 4sysops. Retrieved from
https://4sysops.com/archives/managing-services-the-powershell-way-part3/#start-service
(November 2009). Windows Server Backup Step-by-Step Guide for Windows Server
2008 R2. Technet. Retrieved from
https://technet.microsoft.com/en-us/library/ee849849(v=ws.10).aspx
(November 2013). DFS Namespaces and DFS Replication Overview. Technet.
Retrieved from
https://technet.microsoft.com/en-us/library/jj127250(v=ws.11).aspx
(September 2009). Assigning Delegated Print Administrator and Printer Permission
Settings in Windows Server 2008 R2. Technet. Retrieved from
https://technet.microsoft.com/en-us/library/ee524015(v=ws.10).aspx
(September 2011). How to view and transfer FSMO roles in Windows Server 2003.
Support Microsoft. Retrieved from
https://support.microsoft.com/en-us/kb/324801
Add a Virtual Machine Port Group. VMWARE. Retrieved from
https://pubs.vmware.com/vsphere-4-esx-vcenter/index.jsp?topic=/com.vmw
are.vsphere.server_configclassic.doc_40/esx_server_config/networking/t_a
dd_a_virtual_machine_port_group.html
How to Run PowerShell Commands on Remote Computers. How to Geek. Retrieved
from
http://www.howtogeek.com/117192/how-to-run-powershell-commands-on-r
emote-computers/
(January 2014). SCCM 2012 R2 Step by Step Installation Guide. SCCMentor. Retrieved
from
https://sccmentor.com/2014/01/08/sccm-2012-r2-step-by-step-installation-g
uide/
BITS IIS Server Extension. Technet. Retrieved from
https://technet.microsoft.com/en-us/library/cc753301(v=ws.11).aspx
14
12/10/16
*Please note that the references do not include the teacher assistance and the CNIT242
lectures
15
12/10/16
Appendices
Appendix A: Problem Solving and Troubleshooting
Problem: Unable to install SCCM
Cause: Unidentified
Resolution: The problem while installing SCCM is suspected to be because some
parts of SQL server were not installed completely or correctly. On top of this, there were
multiple SQL servers installed on one machine. A way to solve this issue is to reinstall
SQL server completely.
Problem: Unable to make SITE_2 PDC Emulator
Cause: Unchanged property of SITE_2
Resolution: Both of the domain controllers were global catalog servers instead of PDC
Emulator. Since one of the domain controller needed to be a global catalog server and
one of the other domain controller needed to be a PDC Emulator, a change in the
domain controllers properties must be made. All that is needed to be done to fix this
issue is to change the property of SITE_2 so that it is no longer a global catalog server;
instead, it will automatically be a PDC Emulator.
Problem: Unable to create a new website using IIS
Cause: New site instead of a new virtual site
Resolution: The website from IIS was not directing to the page wanted, therefore; IIS
website must be configured to a private web page on the server for the members on the
domain. In order to do this, there needed to be a new virtual site instead of a completely
new site. Doing this helped to configure a site specific web page that only the first
machine on the VLAN can access.
16
12/10/16
Cable label
CA
CB
17