1 / 71

A Developer’s Guide to Network Admin

A Developer’s Guide to Network Admin. or ... How to build a network in 120 mins. Dave McMahon dave@nxtgenug.net. About Your Speaker. Dave’s a Developer Dave’s also been the Network Admin for Ridgian http://www.ridgian.co.uk for the past 6 Years. Hopefully this session will help you .

darice
Télécharger la présentation

A Developer’s Guide to Network Admin

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Developer’s Guide to Network Admin or ... How to build a network in 120 mins Dave McMahon dave@nxtgenug.net

  2. About Your Speaker Dave’s a Developer Dave’s also been the Network Admin for Ridgian http://www.ridgian.co.uk for the past 6 Years

  3. Hopefully this session will help you ... • To put a number of disparate pieces of knowledge together • To understand more fully the ‘overall’ picture of a network • To become a better developer • Help you fix your next door neighbours PC more easily!

  4. The Agenda • Building Our Network Part 1 : Domain Controller • Group Policy • Permissions • Building Our Network Part 2 : Application Server • Application Server Administration * • BREAK • TCP/IP, Subnets , DCHP and DNS • Building Our Network Part 3 : Firewall • Putting it all Together – Publishing Our Application • Server & Database Performance Considerations * • An Appendix On Virtualisation * * Time Permitting

  5. Building Our Network Part 1 Domain Controller Art Science

  6. What Is A Domain? A Logical Group of Computers Bound Within a Security Context with Shared Directory DB Can Trust or be Trusted by another Domain Trust Runs LDAP Directory Services, Kerberos Security and DNS Services corp.com sales.corp.com

  7. What Is LDAP? • Lightweight Directory Access Protocol • Common Name (CN) • Domain Component(DC) • Organisation Unit (OU) e.g A computer called Kermit on the domain muppets.local has an LDAP address of : CN=Kermit DC=Muppets DC=Local

  8. What is a Domain Controller? • A Domain Controller is a Windows Server instance which runs AD Services and holds the AD database. • Domain Controllers are ‘peers’ and can ‘control’ the Domain. • One Domain Controller though is nominated as the ‘Operations Master’ for none replicable tasks (add/remove domain etc) • A Domain Controller is created when you install the Active Directory Server Role

  9. Creating a Domain Controller

  10. Creating a Domain Controller

  11. Creating a Domain Controller

  12. Creating a Domain Controller

  13. Creating a Domain Controller REMEMBER! Active Directory uses Domain Naming Services (DNS) to resolve Computer Names

  14. Administering Active Directory • Active Directory Users and Computers MMC • Active Directory Sites and Services MMC • Active Directory Domains and Trusts MMC • 3rd Party Tools

  15. Active Directory Administration and Tools

  16. Group Policy Configuration made easy easier Art Science

  17. Active Directory Group Policy • Allows you to make standard configuration settings on your network • Allows you to brand/customise applications • Allows you to control application installation • Loads of other stuff!

  18. Administering Group Policy • Active Directory Users and Computers MMC • Group Policy Management Tool • 3rd Party Tools

  19. Group Policy

  20. Permissions 90% of Network Admin Life ... Art Science

  21. Permissions, “It’s a Mare ...” • Things to Ponder On ... • An Administrator does NOT have permission to do everything. He has permission to allow himself to do anything ... • Permissions are not always granted via Security Settings some are granted via Group Policy e.g “Log On Locally”. • Groups are more flexible than Users. • To Access Domain Resources a user must be a Domain User.

  22. Permissions, “It’s a Mare ...” • More Things to Ponder On ... • When you run an Application Pool under NETWORK SERVICE, you need to grant permissions to the Computer to access a database if you run under Integrated Security. E.g MUPPETS\KERMIT$ is the account for the computer kermit.muppets.local. • Use database roles to assign permissions. • Don’t grant more permissions than you must ... • ... but if you must still try to grant as least as possible.

  23. Building Our Network Part 2 Application Server Art Science

  24. Creating an Application Server

  25. Creating an Application Server

  26. Creating an Application Server

  27. Creating an Application Server

  28. Administering Application Servers • IIS Performance Considerations • Backing Up and Restoring SQL Server

  29. IIS Performance and Configuration

  30. IIS Performance Considerations • IIS 6.0 is all about Processors, Memory and Network Bandwidth. • Http Compression • Http Keep-Alive • Limit Connections • Connection Timeouts • CPU Monitoring • Application Pool Queue Lengths • Similar principles apply to IIS 7.0 and other Web Servers.

  31. Backing Up and Restoring SQL Server

  32. Backing Up and Restoring SQL Server • SQL Server has a ‘write ahead’ Transaction Log • During Development Use ‘Simple’ Recovery • During bulk imports Use ‘Bulk Logged’ • During production for up to the point of failure recovery use ‘Full’ Recovery • Safeguard the Log File using frequent backups and RAID

  33. So far we’ve learnt ... • What a Domain Is. • How to Create a Domain Controller. • What Group Policy Is. • How to Apply Group Policy. • Hints on Permissions. • How to Create an Application Server • About IIS Performance Characteristics • About SQL Server Backup and Restore

  34. End of Part 1 of A Developer’s Guide to Network Admin or ... How to build a network in 120 mins Dave McMahon dave@nxtgenug.net

  35. Intermission ...

  36. Part 2 of A Developer’s Guide to Network Admin or ... How to build a network in 120 mins Dave McMahon dave@nxtgenug.net

  37. TCP/IP, Subnets and DCHP or ... What are those Network Settings About? Art Science

  38. IP (Internet Protocol) v4 Address • IP Address is a combination of Network and Host • Subnet Mask determines the Network • Trailing 0’s are the Host

  39. Transmission Control Protocol (TCP) • TCP operates between applications and IP • Applications request TCP to handle IP traffic • TCP deals with lost IP packets, out of order IP packets • TCP splits and reassembles IP packets • TCP helps to reduce network congestion to minimise some of these problems. • So TCP/IP is IP traffic sent using TCP.

  40. IP Subnets • There are not enough IPv4 addresses to go around • Class A, B and C were used to create ‘Private Networks’ • Classless Inter-Domain Routing (CIDR) uses finer grained definitions • IPv6 will solve the issue with 128 bit addresses (until we establish the Galactic Empire).

  41. IP Subnets • Classes of Networks • 10.0.0.0/8 - A • 10.0.0.0 – 10.255.255.255 • 172.16.0.0/16 – B • 172.16.0.0 – 172.16.255.255 • 192.168.0.0/24 – C • 192.168.0.0.- 192.168.0.255 • Classless Networks (CIDR) • Provides finer grain control and more options for ISPs • 192.168.0.0/25 -> 192.168.0.0 – 192.168.0.127 • DHCP • Automatic Assignment of IPs and control of ageing

  42. Basics of Networking Subnet Two Default Gateway 192.168.5.3 192.168.5.1 192.168.5.100 192.168.5.2 172.16.0.100 172.16.0.2 172.16.0.1 Subnet One 192.168.5.0/24 Subnet Two 172.16.0.0/20

  43. Professor IT Explains ...

  44. Professor IT Explains ... Default Gateways 82.163.133.104 IT Pros are Gods! 127.0.0.1 10.20.0.0 255.255.255.255 224.0.0.0

  45. Professor IT Explains ...

  46. The Routing Table Default Gateway C:> Route Print Localhost

  47. Domain Name Services The other 10% of Network Admin Life ...

  48. Domain Name Services • Used to convert IP addresses to friendly names: • 82.163.133.104 -> mail.ridgian.co.uk • DNS Names are unique • Recommended you use .local for internal DNS systems. • Can have forward lookup or reverse lookup

More Related