CHAPTER SIX

SYSTEM AND NETWORK ADMIN ISSUES

 Chapter outline

 Windows server 2008  Mail access protocol

 Directory services  Mail transfer protocol

 Active directory  DNS server

 FTP server  DHCP server

 Email server  Samba server

 WINDOW SERVER 2008

Windows Server 2008 roles :

File Transfer Protocol (FTP)
File and Printer sharing
Server
Web server
Active Directory
Routing and Remote Access
Distributed File System
Services (RRAS)
(DFS)
Domain Name System (DNS)
Fax Server
Dynamic Host Configuration
Protocol (DHCP)
 Windows Server 2008 Editions
 Windows Server 2008 Standard Edition

– Smaller organizations consisting of a few hundred users or less

 Windows Server 2008 Enterprise Edition

– Larger companies with more needs

 Windows Server 2008 Datacenter Edition

– Companies that run high powered servers with considerable resources

 Windows Web Server 2008
– Similar to Standard. User base varies from small businesses to corporations
with large departments

4
 Windows 2008 Standard Edition
 Up to 4 physical processors allowed
 Available in 32-bit or 64-bit versions

 32-bit version supports up to 4 GB of RAM, 64-bit version up to 32

GB
 Lacks more advanced features, such as clustering

Windows Server 2008 Enterprise Edition

 All the features of Standard Edition

 Up to 8 physical processors
 32-bit version supports 64 GB RAM; 64-bit version supports 2 TB
 Can be clustered; up to 16 cluster nodes permitted
 Windows Server 2008 Datacenter Edition
 All the features of Enterprise Edition
 Up to 32 physical processors in 32-bit version, 64 processors in 64-bit
 Extra fault tolerance features: hot-add and hot-replace memory or CPU
 Can’t be purchased as individual license, only through volume license
 Unlimited number of virtual instances
 Windows Web Server 2008
 Designed to run Internet Information Services (IIS)
 Hardware support similar to Standard Edition
 Lacks many of the features present in other editions
 Typically used when roles such as Active Directory or Terminal Services
are not required 6
 Directory Services
 A directory service is a database that contains information about all objects on
the network.
 Directory services contain data and metadata.
 Metadata is information about data.
 For example: A user account is data. Metadata specifies what information is
included in every user account object.
 Information within directories is organized hierarchically. This means that
there is a strict set of rules as to where certain data is located within the
directory based on the properties of that data.
 What objects are tracked via Directory Services?

 Objects for administration:  Objects for shared resources:

– Users – Servers,
– User/Group access
– Printers;
– Network resources
– Applications
– Management of domains, applications,
– Files
services, security policies, and just about
everything else in your network.
 Directory Services Common Features:

 Provide file shares

 Authenticate users
 Provide services, such as Email, Access to the internet, Print services etc.

 Control access to services and shares.

 Managing users and group inside the system
 Managing devices or resources in the system
 Active Directory
 Provides a single point of administration of resources (Users, groups, shared printers, etc.)
 Provides centralized authentication and authorization of users to network resources

 Along with DNS, provides domain-naming services and management for a Windows domain.
 Enables administrators to assign system policies, deploy software to client computers, and
assign permissions and rights to users of network resources
 Active Directory, in addition to providing a place to store data and services to make that data
available, active directory
 protects network objects from unauthorized access
 replicates information about objects across the entire network
 so that information about objects is not lost if one domain controller fails.

10
 FTP server
 It is a protocol used to transfer files between an FTP host/server and an FTP client
computer on the Internet.
 FTP is oldest and the most commonly used to download files from the World Wide Web.

 It is an alternative choice to HTTP protocol for downloading and uploading files to FTP
servers.
Common features of FTP server:
 Uploading webpages to web servers for publishing on the Internet
 Browsing and downloading files from public software sites

 Transferring large files among two parties that are too large for email attachments
 Downloading and uploading content like university’s assignments via an FTP server

 Distributing the latest revisions of programs by software developers

 E-MAIL SERVER
 E-Mail server is an electronic way of exchanging massages through different protocols like SMTP(simple
mailing transfer protocol), POP (Post Office Protocol), and IMAP (Interactive mail access protocol).

 Today, email is delivered using a client/server

architecture.
 An email message is created using a mail client
program. This program then sends the message
to a server. The server then forwards the
message to the recipient's email server, where
the message is then supplied to the recipient's
email client.
 Mail Transport Protocols

• Mail delivery from a client application to the server, and from an originating server
to the destination server, is handled by the Simple Mail Transfer Protocol (SMTP).
• The primary purpose of SMTP is to transfer email between mail servers.
• One important point to make about the SMTP protocol is that it does not require
authentication. This allows anyone on the Internet to send email to anyone else or
even to large groups of people.
 Mail Access Protocols
 There are two primary protocols used by email client applications to retrieve email from mail servers:
 Post Office Protocol (POP) and 2. IMAP
 When using an IMAP mail server, email messages
 Internet Message Access Protocol (IMAP).
1. POP remain on the server where users can read or delete

 When using a POP server, email messages are them. It also allows client applications to create,

downloaded by email client applications.
 By default, most POP email clients are
automatically configured to delete the message on
the email server after it has been successfully
transferred.
 For added security, it is possible to use Secure
Socket Layer (SSL) encryption for client
authentication and data transfer sessions.
rename, or delete mail directories on the server to
organize and storage of email.
 IMAP is particularly useful for those organization who
access their email using multiple machines.
 The protocol is also convenient for users connecting to
the mail server via a slow connection, because only the
email header information is downloaded for messages
until opened.
 The user also has the ability to delete messages without
viewing or downloading them.
 Email Program Classifications

In email application there are three classifications 1. MTA 2. MDA 3. MUA

Each classification plays a specific role in the process of moving and managing email messages. While most

users are only aware of the specific email program they use to receive and send messages, each one is important

for ensuring that email arrives at the correct destination.

1. Mail Transport Agent(MTA) 2. Mail Delivery Agent(MDA)
3. Mail User Agent(MUA)

 MTA transports email messages  An MUA is a program that allows a user

between hosts using SMTP. A message
may involve several MTAs as it moves
to its intended destination.
 While the delivery of messages
between machines may seem rather
straightforward, the entire process of
deciding if a particular MTA can or
should accept a message for delivery is
quite complicated
 MDA is call by the MTA to file
to read and compose email messages.
incoming email in the proper user's
 MUA is synonymous with an email
mailbox. In many cases, the MDA is
client application like client browser.
actually a Local Delivery Agent (LDA).
 Many MUAs are capable of retrieving
 Any program that actually handles a
messages via the POP or IMAP
message for delivery to the point where
protocols, setting up mailboxes to store
it can be read by an email client
messages, and sending outbound
application can be considered an MDA.
messages to an MTA.
 Remote access administration

 It is the way of accessing, controlling or managing computer device remotely through the help of
network.
 It refers to any method of controlling a computer from a remote location.
 Software that allows remote administration is becoming increasingly common and is often used
when it is difficult or impossible to be physically near a system in order to use it.
 Technical support professionals also use remote access to connect to users' computers from
remote locations to help them for resolve issues with their systems or software.
 A computer must have software that enables it to connect and communicate with a system or
resource hosted by the organization's remote access service.
 Once the user's computer is connected to the remote host, it can display a window with the target
computer's desktop.
16
 Remote access protocols
Common remote access protocols include the following:
❖ Point-to-Point Protocol (PPP): enables hosts to set up a direct connection between two endpoints.
❖ Internet Protocol Security (IPsec ): security protocols used to enable authentication and encryption
services to secure the transfer of IP packets over the internet.
❖ Point-to-Point Tunneling (PPTP) : one of the oldest protocols for implementing virtual private
networks, but PPTP is not very secure.
❖ Terminal Access Controller Access Control System (TACACS): remote authentication protocol
which is common to Unix networks that enables a remote access server to forward a user's password
to an authentication server to determine whether access to a given system should be allowed or not.
❖ Remote Authentication Dial-In User Service (RADIUS) : a protocol developed in 1991 and published as
an Internet Standard track specification in 2000. it is designed to enable remote access servers to
communicate with a central server to authenticate dial-in users and authorize their access to the requested
system or service. 17
 DNS server
 A DNS server is a computer server that contains a database of public IP addresses and their associated
hostnames, In most cases serves to resolve, or translate, those names to IP addresses as requested.
 DNS servers run special software and communicate with each other using special protocols. In most cases, a primary and
a secondary DNS server are configured on the router or computer when you connect to the internet service provider.
 There are two DNS servers in case one of them happens to fail, in which case the second is used to resolve hostnames
requested.
 Domain Name System (DNS) is a most important of Internet services which converts host names into IP addresses
and vice versa. If a host name includes its complete domain name, it is said to be a Fully Qualified Host Name (FQHN).
The DNS client is called the ‘resolver’, and the DNS server is called the ‘name server’.
 Why DNS ?
 It is easier to remember a host name than it is to remember an IP address.
 Name has more meaning to a user than a 4 byte number.
 Applications such as FTP, HTTP, email, etc., all require the user to input a destination.
 The application takes the host name supplied by the user and forwards it to DNS for translation to an IP address.
18
 How does DNS work?
DNS works by exchanging messages between client and server machines.

A client application will pass the destination host name to the DNS process to get the IP address.

The application then sits and waits for the response to return.

Most of the time DNS were used as distribution rather than the centralized format

Why DNS not used as a centralized format:-

Root DNS Servers
Single point of failure and Distant centralized database
Traffic volume
 Top-level domain and Maintenance
(TLD) servers:
 Responsible for com, org, net, edu, etc, and all org DNS servers edu DNS servers
top-level country domains uk, fr, ca, jp. com DNS servers
 Network solutions maintains servers for .com TLD
 Educause for edu TLD poly.edu umass.edu
yahoo.com pbs.org
 Authoritative DNS servers: amazon.com DNS servers DNS servers
DNS servers DNS servers
 Organization’s DNS servers, providing DNS servers
authoritative hostname to IP mappings for
organization’s servers (e.G., Web, mail).
 Can be maintained by organization or service Distributed , Hierarchical DB
provider
19
 DHCP server
 Is a network server that automatically provides and assigns IP addresses, default gateways and other
network parameters to client devices.
 It relies on the standard protocol known as Dynamic Host Configuration Protocol or DHCP to respond to
broadcast queries by clients.
 A DHCP server automatically sends the required network parameters for clients to properly
communicate on the network. We can use routers/switches as DHCP server.
 A better approach to manage client IP is to use DHCP on our router/switch and making it as centralized
DHCP server.
 This is particularly true for network environments that require support of both DHCP for IPv4 and
DHCP for IPv6 at the same time.
 Virtually all DHCP server vendors support both protocols(IPv4 and IPv6) so you can use the same
management interface.

Common features of DHCP servers
Four Key benefits to DHCP server are :
 Centralized administration of IP configuration.
 Dynamic host configuration.
 Seamless IP host configuration.
 Flexibility and scalability.
DHCP Messages
 All DHCP messages are carried in User Datagram
Protocol (UDP) using the well-known port
numbers 67 (from the server) and 68 (to the client).
 UDP operates at the Transport Layer of the
OSI model.
DHCP Terminology
 DHCP client - A computer that obtains its configuration
information from DHCP server.
 DHCP server - A computer that provides DHCP
configuration information to multiple clients in the network.
 The IP addresses and configuration information that
the DHCP server makes available to the client are
defined by the DHCP administrator.
 DHCP lease - This defines the duration for which a DHCP
server assigns an IP address to a DHCP client.
 The lease duration can be any amount of time between
1 minute and 999 days, or it can be unlimited.
 The default lease duration is eight days.
 Automatic Private IP Addressing (APIPA)
 If the DHCP client is unable to locate a DHCP server and is not configured with an alternate
configuration, the computer configures itself with a 169.254.0.0/255.255.0.0 IP address.
 The auto-configured computer then tests to verify that the IP address it has chosen is not already in
use by using a gratuitous ARP broadcast.
 If the chosen IP address is in use, the computer randomly selects another address. The computer
makes up to 10 attempts to find an available IP address.

DHCP Scoping
 Determines which IP addresses are allocated to clients.
 Defines a set of IP addresses and associated configuration information that can be supplied to a client.

 A scope must be defined before DHCP clients can use the server for dynamic TCP/IP configuration.

 Administrator can configures many scopes on a DHCP server as needed for the network environment.
 The IP addresses defined in a DHCP scope must be contiguous and are associated with a subnet mask.
 DHCP Options
 DHCP options are additional client-configuration parameters that a DHCP server can assign when
serving leases to DHCP clients.
 DHCP options are configured using the DHCP console and can apply to scopes.
 There are four types of DHCP options in Windows Server 2008:
1. Server options: apply to all clients of the DHCP server. Admin can uses these options for parameters as
common across all scopes on the DHCP server.
2. Scope options: apply to all clients within a scope and are the most used set of options. Scope options override
server options.
3. Class options: provide DHCP parameters to DHCP clients based on type either vendor classes or user classes.
4. Client options apply to individual clients. Client options override all other options (server, scope, and class).
 Proxy Server

 A proxy server is a dedicated computer or a software system running on a computer that

acts as an intermediary between an endpoint device, such as a computer, and another server
from which a user or client is requesting a service.
 The proxy server may exist in the same machine as a firewall server or it may be on a
separate server, which forwards requests through the firewall.
 An advantage of a proxy server is that its cache can serve all users.
 If one or more network site are frequently requested, these are likely to be in the proxy's cache, which will
improve user response time.
 A proxy can also log its interactions, which can be helpful for troubleshooting.
 SAMBA SERVER

 Samba is an open source implementation of the Server Message Block (SMB) protocol.
 It allows the networking of Microsoft Windows, Linux, UNIX, and other operating systems together.
 This means you can use a Linux server to provide file sharing, printing, and other services to other
non-native Linux clients such as Microsoft Windows.
 Samba's use of SMB protocol that allows it to appear as a Windows server to Windows clients.