Published on May 5, 2010
Slide 1: PowerPoint for Computer Service and Repair by JoAnne Keltner Goodheart-Willcox Publisher 18604 West Creek Drive Tinley Park, IL 60477 www.g-w.com Goodheart-Willcox Co., Inc. Permission granted to reproduce for educational purposes only. Chapter 17Network Administration : Chapter 17Network Administration Network Administration : Resource management Security Network Administration Network administration is the use of network software packages to manage network system operations. Users and groups Network monitoring Importance to the PC Technician : Importance to the PC Technician Homes Small Businesses Administrative Models : Administrative Models Peer-to-Peer Decentralized Objectives : Objectives Explain the difference between user-level and share-level security. Explain the role of the network administrator. Describe the characteristics of centralized and decentralized network administration. Describe the characteristics of a strong password. Describe some of the features that may be implemented to increase network security. Presentation Outline : Presentation Outline Peer-to-Peer Network Administration Client/Server Network Administration Role of the Network Administrator Tour of Windows Server 2003 RAID Systems 1 2 3 4 5 Peer-to-Peer Network Administration : Peer-to-Peer Network Administration 1 Peer-to-Peer Network : Peer-to-Peer Network No one person controls the network. Users have control of their own files and resources. Network is administered from multiple locations. Peer-to-Peer Network Components : Peer-to-Peer Network Components Network interface card. Operating system that supports peer-to-peer networking. (Microsoft product box shot reprinted with permission from Microsoft Corporation.) Communication Protocols : Communication Protocols Network Client Server Shares : Shares Shares are objects that are shared across the network, such as files, hard drives, CD drives, printers, and scanners. Files Hard drive CD-ROM drive Printer Scanner Share Security Levels : Share Security Levels Share-level security. User-level security. Windows 95, 98, and Me : Windows 95, 98, and Me Windows XP, Vista, NT, and 2000 : Windows XP, Vista, NT, and 2000 Local User Account : Local User Account Associated with a peer-to-peer network. Needed to access resources at the local computer. Authenticated and maintained through computer at which the account is created. Local computer Local user account Resources Setting up a Resource Share : Setting up a Resource Share Windows 95, 98, Me. Enable file and print sharing. Set access control type. Create the share and set permissions. Windows XP, NT, and 2000. Create the share. Set permissions. Click each link for details. 1. Enable File and Print Sharing : 1. Enable File and Print Sharing Click the File and Print Sharing button. Select the appropriate option. 2. Set Access Control Type : 2. Set Access Control Type The default setting is share-level. 3. Create the Share & Set Permissions : 3. Create the Share & Set Permissions Open Windows Explorer. Right-click icon of item to be shared. Select Sharing or Sharing and Security from the shortcut menu. 3. Create the Share & Set Permissions : 3. Create the Share & Set Permissions Set share properties and permissions. 1. Create the Share : 1. Create the Share Open Windows Explorer. Right-click icon of item to be shared. Select Sharing or Sharing and Security from the shortcut menu, or Sharing for Windows NT, and 2000. 1. Create the Share : 1. Create the Share Set share properties. 2. Set Permissions : 2. Set Permissions Click the Permissions button. 2. Set Permissions : 2. Set Permissions Select the appropriate permissions. Windows XP Simple File Sharing : Windows XP Simple File Sharing When enabled, creates a folder called Shared Documents to be shared by each user. Enabled through the Windows Explorer Folder Options dialog box. Shared Documents Folder : Shared Documents Folder Windows Vista Public Folder Sharing : Windows Vista Public Folder Sharing When enabled, the Public folder under C:\Users is created along with the following subfolders: Public Desktop. Public Documents. Public Downloads. Public Music. Public Pictures. Public Videos. Recorded TV. Enabling Public Folder Sharing : Enabling Public Folder Sharing Windows Vista Public Folder : Windows Vista Public Folder Windows Vista Public Subfolders : Windows Vista Public Subfolders Windows Vista Sharing Wizard : Windows Vista Sharing Wizard Guides the user through setting up a share. Enabled through Windows Explorer | Tools | Folder Options and by selecting Use Sharing Wizard (Recommended) option. When the Sharing option is selected from the file or folder shortcut menu, the Sharing Wizard is activated. Enabling the Sharing Wizard : Enabling the Sharing Wizard Sharing Wizard 1st Screen : Sharing Wizard 1st Screen Sharing Wizard 2nd Screen : Sharing Wizard 2nd Screen Sharing Wizard 3rd Screen : Sharing Wizard 3rd Screen Sharing Wizard—Modify or Remove the Share : Sharing Wizard—Modify or Remove the Share Modifying a Share through File or Folder Properties : Modifying a Share through File or Folder Properties Review : Review What are the characteristics of a peer-to-peer network? No one person controls the network. Users have control of their own files and resources. Network is administered from multiple locations. Review : Review What are the two major components needed to create a peer-to-peer network? Network interface card. An operating system that supports peer-to-peer networking. Review : Review What types of communication protocols are needed to create a peer-to-peer network? Network Client Server Review : Review What are the two main security levels for accessing shares on a Windows peer-to-peer network? Share-level User-level Review : Review What are the differences between share-level and user-level security? Client/Server Network Administration : Client/Server Network Administration 2 Major Network Operating Systems : Major Network Operating Systems UNIX. Linux™. Novell NetWare. Microsoft Windows 2000 Server. Microsoft Server 2003. UNIX is a registered trademark of The Open Group in the US and other countries. Windows is a registered trademark of Microsoft Corporation in the United States and other countries. Novell NetWare is a registered trademark of Novell, Inc. in the United States and other countries. Linux is a trademark of Linux Torvalds.. UNIX : UNIX Written in the C programming language. Not machine specific. Intended for use on minicomputers. Used on mainframes and enterprise servers. UNIX Internet Resources : UNIX Internet Resources History of UNIX: www.unix.org/what_is_unix/history_timeline.html. The Open Group Linux : Linux Open source code. Readily available. Can be used to create a network operating system to specifications. Many brands and versions available. A Linux server can be incorporated into a network based on a different network operating system. Linux Internet Resources : Linux Internet Resources General, non-vendor specific information: www.linux.org. RedHat: www.redhat.com. Novell SuSE: www.novell.com/linux. Debian: www.debian.org. Novell NetWare : Novell NetWare Security database called Novell eDirectory. NetWare 6.5. Open Enterprise Server (NetWare and Linux kernels). Novell Internet Resources : Novell Internet Resources NetWare 6.5: www.novell.com/products/netware. Open Enterprise Server: www.novell.com/products/openenterpriseserver. Open Enterprise Server documentation: www.novell.com/documentation/oes/index.html. Microsoft 2000 Server : Microsoft 2000 Server Server and workstation versions. Introduced Active Directory. New version of NTFS. Plug and play detection. Enhanced multimedia features. Setup wizards. Microsoft Server 2003 : Microsoft Server 2003 Server version only. Active Directory. New features: Automatic System Recovery. Remote Assistance. Web Interface for remote administration. Improved Internet Information Service (IIS). Internet used as a medium for accessing and administrating the server. (Microsoft product box shot reprinted with permission from Microsoft Corporation.) Microsoft Internet Resources : Microsoft Internet Resources Windows Server 2003: www.microsoft.com/windowsserver2003/default.mspx. Centralized Network Organization : Centralized Network Organization Similar across major network operating systems. Each software vendor uses its own terminology. Organized administratively into sections. Microsoft Terminology : Microsoft Terminology User Group Accounting Shipping Sales Domain User Account : Each user must have a user account. Stored in security database on a domain controller. Consists of user name, password, groups belonged to, permissions, and restrictions. User Account Security database Domain controller User name. Password. Groups belonged to. Permissions. Restrictions. User with Account Can . . . : User with Account Can . . . Log on through any computer in the domain. Be authenticated through the domain server. Access resources anywhere in the network domain to which they have permission. Domain Server : Domain Server Windows NT: Primary domain controller (PDC). Backup domain controller (BDC). Windows 2000 and 2003: Domain controller (DC). PDC BDC BDC DC DC DC Microsoft Active Directory Domain : Microsoft Active Directory Domain Forest Active Directory Root domain name Tree Tree Assigning Resources at Group Level : Assigning Resources at Group Level Saves administrative time. New users are added to appropriate groups. Groups are assigned system resources needed by the group. Accounting group Laser printer Customer database Accounting software Accounting documents Default Groups : Default Groups Varies according to operating system. Some of the most common groups are: Print Operators. Backup Operators. DHCP Administrators. Domain Administrators. Review : Review What are the characteristics of a centralized (client/server) network? All users and resources are managed from a single location or security database. Network is organized administratively into sections. Users can log on from any computer in the domain. Users are authenticated through a domain server. Users can access resources any where in the network domain to which they have permission. Review : Review What is the advantage of assigning resources at the group level? Assigning resources at the group level saves the administrator time. Role of the Network Administrator : Role of the Network Administrator 3 Network Administrator : Network Administrator Delegate administrators Network administrator Create user accounts Set up and maintain system resources Monitor the network Click each link for details. Create User Accounts : Create User Accounts User name Follow naming convention. Typical naming conventions: Roberts_R or rroberts. Create User Accounts : Create User Accounts Password Enforce password policies. Enforce secure passwords. Passwords : Passwords Delegate Administrators : Administrator Delegate Administrators Administrator can give users rights normally reserved for the administrator. Domain level: Organization. Department. Task level. Backup Operator Print Operator Accounting Dept. Administrator Chicago Branch Administrator Set Up/Maintain System Resources : Set Up/Maintain System Resources Assign permissions. Set Up/Maintain System Resources : Set Up/Maintain System Resources Assign restrictions. Set Up/Maintain System Resources : Set Up/Maintain System Resources Enable fault tolerance. Prepare for disaster recovery. Monitor the Network—Performance : Monitor the Network—Performance Monitor the Network—View Logs : Monitor the Network—View Logs Review : Review What are some of the common tasks of a network administrator? Create user accounts. Set up and maintain system resources. Delegate administrators. Monitor the network. Review : Review What are the characteristics of a secure password? A secure password should be unique and composed of a mixture of letters (both uppercase and lowercase), numbers, and special symbols. Tour of Windows Server 2003 : Tour of Windows Server 2003 4 Administrative Tools Menu : Administrative Tools Menu Used to manage users, groups, and computers. Used to set security policies, such as those for passwords, logging on, and auditing. Used to monitor user and system activity. Used to monitor the server’s hardware. Active Directory Users and Computers : Active Directory Users and Computers New Object User Wizard—1 : 1 New Object User Wizard—1 New Object User Wizard—2 : 2 New Object User Wizard—2 New Object User Wizard—3 : 3 New Object User Wizard—3 Time Policy : Accessed from a user’s properties. Used to set the time (days, hours) that a user can access the network. Time Policy Time Policy Logon Hours : Time Policy Logon Hours Password Policy : Password Policy Account Lockout Policy : Account Lockout Policy Audit Policy : Audit Policy All events specified in the Audit Policy dialog box are recorded in the security log and viewed through Event Viewer. Event Viewer : Event Viewer Event Details : Event Details Performance Monitor : Performance Monitor CPU activity. Memory pages. Hard disk performance. Event Viewer : Event Viewer Monitor user activity and system performance. Warnings indicated by a yellow exclamation point inside a triangle. Errors indicated by an X in a red circle. Review : Review What Windows 2000/2003 utility is used to manage users, groups, and computers? Active Directory Users and Computers Review : Review What Windows 2000/2003 utility is used to set security policies, such as those for passwords, logging on, and auditing? Default Domain Controller Security Settings Review : Review What Windows 2000/2003 utility is used to monitor user and system activity? Event Viewer Review : Review What Windows 2000/2003 utility is used to monitor the server’s hardware? Performance Monitor Review : Review What types of Windows 2000/2003 features can be implemented to increase security? Password policy Audit policy Account lockout policy Time policy RAID Systems : RAID Systems 5 What Is RAID? : What Is RAID? Represents Redundant Array of Inexpensive (or Independent) Disks (RAID). A system of several hard drives arranged to ensure the following: Recovery after a system disaster (disaster recovery). Data integrity during normal operations (fault tolerance). RAID 0 : RAID 0 Data is spread evenly across two or more drives or volumes. No parity. Speeds the read/write process. Also called striped set without parity. 1101001001010101010101001010010101010 110100 100101 010101 RAID 1 : RAID 1 Same data is written to both drives. No parity. Provides disaster recovery. Also called disk mirroring. Same data 110100110100110100110100 110100 110100 RAID 5 : RAID 5 Data is spread evenly across three or more drives or volumes. Parity is staggered across all drives. Provides fault tolerance. Parity Data Data Data Data Parity Data Parity Data 1101001001010101010101001010010101010 110100 0001100 1111000 RAID Levels 0, 1, and 5 : RAID Levels 0, 1, and 5 Review : Review Which one of the following RAID systems does not provide data protection: RAID 0, RAID 1, or RAID 5? RAID 0 Review : Review Which one of the following RAID systems duplicates data onto another hard disk drive: RAID 0, RAID 1, or RAID 5? RAID 1 Review : Review Which one of the following RAID systems spreads data and parity across three or more hard disk drives: RAID 0, RAID 1, or RAID 5? RAID 5 Glossary : Glossary Account : Account Contains all the security information describing an individual user. Backup Domain Controller (BDC) : Backup Domain Controller (BDC) A file server that keeps a backup record of all accounts in case of failure of the primary domain controller. Domain : Domain An organized collection of all groups and users on the network. Fault Tolerance : Fault Tolerance A system’s ability to recover after some sort of disaster. Group : Group Collection of users organized together by similarities in their job tasks. Network Administration : Network Administration The use of network software packages to manage network system operations. Permissions : Permissions The right to perform certain functions. Primary Domain Controller (PDC) : Primary Domain Controller (PDC) A file server that keeps the master record of all accounts. RAID : RAID A system of several hard drive units arranged in such a way as to ensure recovery after a system disaster or to ensure data integrity during normal operation. Rights : Rights System control abilities that are normally reserved for the system administrator. Shares : Shares Objects that are shared across the network, such as files, hard drives, CD drives, printers, and scanners. Share-Level Security : Share-Level Security Default security system used on Windows-based networks, which requires a password for access. System Resources : System Resources Default security system used on Windows-based networks, which requires a password for access. User : User A person who may use the network system resources. User-Level Security : User-Level Security Security system used on Windows-based networks that identifies who may have access to a shared resource but does not require a password for accessing the share. Discussion Question : Discussion Question What are some other network protocols besides TCP/IP? Discussion Questions : Discussion Questions What major network operating systems have you used? What did you like/dislike about the network operating system? Discussion Questions : Discussion Questions What are some groups that would be appropriate for network users at your place of employment or school? What types of resources might each group need?