Ch. 10 – Server Administration
Ch. 10 – Server Administration. MIS 431 – created Spring 2006. Overview of Server Administration. Distinguish between various tools and methods to manage WS03 Configure Terminal Services and Remote Desktop for administration Delegate administrative authority in AD
Ch. 10 – Server Administration
E N D
Presentation Transcript
Ch. 10 – Server Administration MIS 431 – created Spring 2006 Chapter 10 Server Administration
Overview of Server Administration • Distinguish between various tools and methods to manage WS03 • Configure Terminal Services and Remote Desktop for administration • Delegate administrative authority in AD • Install and configure MS Software Update Services • Tough call: deciding what level of access different users should have in AD Chapter 10 Server Administration
WS03 Management Tools • Microsoft Management Console • Customizable management framework that can host a number of different mgt tools • Can add more snap-in tools to a MMC • Ex: add tools to manage DNS and DHCP servers • Save as custom MMC for use by authorized administrators – saved as a Management Saved Console file with .msc extension • Enables you to manage both local and remote computers • All the provided MMCs are pre-built with the relevant snap-ins already added. Cool! Chapter 10 Server Administration
More WS03 Mgt Tools • It’s useful to have two logon accounts • One is for administrative tasks • The other is for normal user activities and used for non-administrative tasks • Secondary logon feature –lets you log in as your regular account but still have access to administrative tools with your admin account • Activity 10-5: using secondary logon feature • Start|Administrative Tools • Rt-click Event Viewer and choose Run as • Provide the alternate (admin) user information for that one task • Activity 10-6: use secondary logon from command line Chapter 10 Server Administration
Networking Troubleshooting • Just in the rare case you have trouble…. • A troubleshooting process • Define the problem • Gather detailed information about what has changed • Devise a plan to solve the problem • Implement the plan and observe the results • Document all changes and results Chapter 10 Server Administration
Troubleshooting details… • Define the problem • Usually have a cryptic error message: ask user questions • what is the exact problem? (digital cam of screen) • how long have you had this problem? • Try to recreate the problem in the test lab so that you can attempt various solutions • WS03 can help identify specific error messages: NET HELPMSG number will retrieve addl information for that error number Chapter 10 Server Administration
Troubleshooting details… • Gather detailed info about what has changed • What has changed recently that might have caused the problem? • New HW components installed? • New hardware drivers? (e.g., that “flash”) • Who has access to the computer that might have changed certain settings? • Any SW or service patches installed recently? Chapter 10 Server Administration
Troubleshooting details… • Devise a plan to solve the problem • BEFORE YOU START, have a rollback strategy in case the fix doesn’t work • Don’t break it worse with your fix! • Consider… • Interruptions to the network (e.g., restart server) • Possible changes to network security policy • Need to document ALL CHANGES and troubleshooting steps (use a notebook next to server) • It ALWAYS helps to have a buddy to talk your plan over with – “structured walkthrough” can find flaws Chapter 10 Server Administration
Troubleshooting details… • Implement the plan and observe the results • Once plan is devised, notify users on the network if availability will be interrupted • Can do this to logged on users or send a group message to all users with accounts on that device • Find a good time to do the fix. THERE ARE NO GOOD TIMES IN MANY NETWORKS! • Don’t make too many changes at one time – difficult to see what worked and harder to roll back if unsuccessful • If it didn’t work, restart troubleshooting process Chapter 10 Server Administration
Troubleshooting details… • Document all changes and results • Document all troubleshooting steps and configuration changes to keep track of what has changed on the network • If the problem occurs again, the documentation helps explain the possible cause and lets it be fixed sooner Chapter 10 Server Administration
Terminal Services and Remote Desktop for Administration • Terminal Services – thin client (actually a version of Winframe’s Citrix product) • Terminal emulator that does “remote control” sending mouse clicks and keyboard to remote side, and displaying the screen of the remote end on (your) local end • TS must be installed separately and requires a valid user client license • Technically for applications running on server rather than administration • Install: Add or Remove Programs in Control Panel and then click Add/Remove Windows Components button Chapter 10 Server Administration
Terminal Services Administration • Terminal Services Manager – monitor and control client access to one or more terminal servers • Terminal Services Configuration – configure Terminal Server settings and connections • Terminal Services Licensing – stores and tracks Terminal Services client accesslicenses Chapter 10 Server Administration
Configure Remote Connection Settings • Multiple users may connect at same time if CALs are sufficient • Terminal connection property tabs (Table 10-2) • General • Logon Settings • Sessions • Environment • Remote Control • Client Settings • Network Adapter • Permissions Chapter 10 Server Administration
Terminal Services Client SW • WS00 Terminal Service client: to install on a client (or a server) computer (~2 floppies) • TS client files are installed on the WS03 server when TS is installed on the server • Several operating systems available: 95, 08, NT 4.0, 2000 • Not necessary on Windows XP or WS03 because that client software is pre-installed • In %Systemroot%\systen32\clients\tsclient\win32 folder • Can share this folder and initiate the installation process over the network Chapter 10 Server Administration
More Remote Administration • Remote Desktop for Administration • Used to do remote server administration • Installed as part of WS03 but turned off by default • Go to Control Panel and open System • On Remote tab click “allow users to connect remotely to this computer” and save it • But must enable each user to do remote connection in AD Users & Computers (or put into the Remote Desktop Users group – preconfigured) • If you install Terminal Services on the server then RDA is grayed out but it works (like in our classroom) Chapter 10 Server Administration
Delegate Administrative Authority • Administrators can view everything (but you can make changes that keep YOU from viewing) • Can delegate authority to view/change AD to non-administrators based on the container, the object, and the group • Ex: HR dept can view address information of employees • Basically, be very careful who and what you permit! Chapter 10 Server Administration
Software Update Service – nice! • Methods to update systems with current patches • Manual download and installation • Installation using a script, such as login script • Automated deployment using applications like MS Systems Management Server (SMS) • Installation using MS Windows Update • Push method of Windows Automatic Updates Chapter 10 Server Administration
Install Software Update Services (SUS) • This is server-side software to let admins deploy security patches and hot fixes • Provides more granular control than previous • Two main elements – client and server • Server side runs on WS00 or WS03 • Client side is an updated version of the Windows Automatic Updates tool • Don’t need a huge server to fulfill this role but lots of disk space is a plus Chapter 10 Server Administration
How SUS Works • Small networks: admin can choose which updates and decide which clients get them • Enterprise level: Chapter 10 Server Administration
