Chapter 1 INTRODUCING MICROSOFT WINDOWS SERVER 2003
CHAPTER OVERVIEW • Identify the key differences among the Windows Server 2003 editions. • Install Windows Server 2003. • Create a domain controller. • Identify the key structures and concepts of Active Directory.
WINDOWS SERVER 2003 EDITIONS • Web Edition • Standard Edition • Enterprise Edition • Datacenter Edition
WEB EDITION • Does NOT contain any features not found in other server 2003 editions • Single-purpose Web server platform • Limit of 10 inbound SMB connections • Support for up to two processors and up to 2 GB of RAM • Does NOT support: • ICF and ICS not included • Can’t be a domain controller • No DHCP server
STANDARD EDITION • Designed as a departmental server or as a server for smaller organizations • Multipurpose server platform • Supports up to four processors and 4 GB of RAM • Features: • Directory services – Active directory support • Internet Services –IIS 6 – web and ftp services • Infrastructure Services – DHCP server, DNS server, WINS server • TCP/IP Routing – RRAS, NAT, IAS, RIP, OSPF • File & Print Services – Shared drives, folders & printers • Terminal Server – remote access tool • Security Services – Encrypting File System (EFS), IP Security Extensions (Ipsec), Public Key infrastructure (PKI)
ENTERPRISE EDITION • Server platform for medium- to large-sized businesses • Supports up to eight processors and 32 GB of RAM • Eight-node clustering support through Microsoft Clustering Services • Additional Features: • Microsoft Metadirectory Services (MMS) • Server Clustering • Hot add memory (hot swappable) • Windows System Resource manager
DATACENTER EDITION • Designed for high-end, high-traffic application servers • Supports up to 32 processors and 64 GB of RAM • Does not include ICF or ICS
INSTALLING WINDOWS SERVER 2003 • The install process has 2 phases: • Text mode: the initial phase of the install • Disk formatting and partitioning • Registry is started • Graphical mode: • System restarts into GUI mode • OS detects hardware • Configuration information gathered from user
Large Scale Installs • In a business environment, there are 2 tools that can be used to streamline or automate the Server 2003 install process on multiple computers • Answer Files: a script with settings for install options that is copied on to each PC. The install is then automated by using the parameters in the answer file • Disk Images: a bit-for-bit copy of the hard drive of a pre-installed PC is made and then transferred to other PCs. • Remote Installation – used to deploy disk images to other computers on a network
SERVER ROLES Each of these services can be configured in Windows Server 2003 • File server - Provides centralized access to files and folders • Print server - Provides centralized and managed access to printing devices by serving shared printers and printer drivers to client computers • Application server - Provides infrastructure components required to support the hosting of Web applications • Mail server - Installs Post Office Protocol version 3 (POP3) and Simple Mail Transfer Protocol (SMTP) so the server can function as an incoming and outgoing e-mail server for network clients. • Terminal Services server - Provides multiple network clients with access to server applications and resources as if those applications and resources were installed on their own computers • Remote Access/VPN server - Provides multiple-protocol routing and remote access services for dial-in, LAN, and WAN connections
Server Roles Domain Controller (Active Directory)- Provides directory services to clients on the network DNS server-Provides host name resolution by translating host names to IP addresses (forward lookups) and IP addresses to host names (reverse lookups) DHCP server - Provides automatic IP addressing services to clients configured to use dynamic IP addressing Streaming media server - installs Windows Media Services (WMS), which enables the server to stream multimedia content over an intranet connection or the Internet. WINS server - Provides computer name resolution by translating Net-BIOS names to IP addresses. Use to support legacy operating systems such as Windows 95 or Windows NT, which are based on NetBIOS names
Evolution of Directory Services The first commercial local area networking products that appeared in the early 1990s were geared toward small collections of computers, commonly called workgroups. A workgroup network enabled a handful of users working together on the same project to share resources such as documents and printers As networks grew larger, so did the number of shared resources available on them and it became increasingly difficult to locate and keep track of the available resources A directory Service is a central directory which contains information about the computers on the network, the network users, and other hardware and software devices, such as printers and applications
Workgroup vs. Domain The workgroup directory service is a flat database of computer names, designed to support a small network The domain model of directory service is a hierarchical directory of enterprise resources—Active Directory—that is trusted by all systems that are members of the domain. These systems can use the user, group, and computer accounts in the directory to secure their resources
ACTIVE DIRECTORY • Active Directory is a hierarchical database, which contains objects and resources, as well as supporting components, like transaction logs and tools to manage the database • A Standards-based, LDAP-compliant directory services system. • A repository for objects and resources, including user accounts, group accounts, computer accounts, and printers. • Directory services database can be distributed across multiple servers to provide fault tolerance and increase performance. • Active Directory database is stored in the \WINDOWS\NTDS directory on each domain controller. • Each object has a set of properties that is also stored in Active Directory.
Domains : Provide administrative and security boundaries Allow resources to be grouped logically Can contain Organizational Units ( OU ' s ) to further organize resources Domain Controller Contoso . com DOMAINS AND DOMAIN CONTROLLERS • A domain is a logical grouping of computers, users, and resources • A domain controller is a server that has been promoted and hosts a copy, or replica, of the Active Directory database • Active Directory domains typically have at least two domain controllers, so that if one fails, the other can continue to support clients. • These domain controllers continually replicate their information with each other, so that each one has a database containing current information.
DOMAINS, TREES, AND FORESTS • Domain • The Administrative unit of Active Directory • Tree • A collection of one or more domains • Forest • A collection of one or more trees
contoso . com us . contoso . com europe . contoso . com ACTIVE DIRECTORY TREE
Global Catalog When an Active Directory installation consists of more than one domain, a component of Active Directory called the global catalog enables clients in one domain to find information in other domains The global catalog is essentially a subset of the information in all of the domain databases combined
OBJECTS • All databases are made up of records, and in Active Directory the records are called objects • An object is a component that represents a specific network resource. • Objects • Domains, Organizational Units, Users, groups, shared folders, printers, computers, applications • Organizational Units are container objects that are used to create logical groupings of computer, user, and group objects
Attributes Every Active Directory object consists of a set of attributes, which are pieces of information about that object User Attributes: Name, phone number, password, location
Schema The Active Directory component that specifies what types of objects administrators can create and what attributes each object has is called the schema
CONTAINERS AND LEAVES • Containers Objects: Objects that can contain another object in the hierarchy • Domains, organizational units (OUs), groups • Leaf Objects: An object that cannot contain another object, such as a user or computer • Users, printers, computers • Because of the way objects inherit settings from their parent containers, administrators typically use OUs to collect objects that are configured similarly
GROUP POLICY • Group policies enable you to specify security settings, deploy software, and configure operating system and application behavior on a computer without ever having to touch it directly • Group policy objects • Collections of hundreds of possible configuration settings. • Can be applied to users, computers, domains, and OUs. • Policy applied at one level can override policy applied at another level. • In most cases, administrators design the Active Directory hierarchy to accommodate the configuration of users and computers using GPOs
SUMMARY • Windows Server 2003 is available in Web Edition, Standard Edition, Enterprise Edition, and Datacenter Edition. • The Manage Your Server page and the Configure Your Server Wizard make it easy to configure a Windows Server 2003 system to perform specific roles. • Active Directory is a domain-based enterprise directory service that consists of objects, which are themselves composed of attributes. • The Active Directory hierarchy is formed using forests, trees, domains, and organizational units. Permissions, rights, and group policy settings all flow downward in the hierarchy.