Chapter Eight

Chapter EightChapter EightNetwork Operating Network Operating

Systems and Windows Systems and Windows 2000-Based Networking2000-Based Networking

QuestionsQuestions

What is a server?What is a server? Hardware vs. softwareHardware vs. software

NOS installation can be trivial or complexNOS installation can be trivial or complex

NOS straddles Application layer and NOS straddles Application layer and above on the OSI modelabove on the OSI model

Major types of NOS?Major types of NOS?

What is all the fuss about Linux?What is all the fuss about Linux?

Introduction to Network Operating Introduction to Network Operating SystemsSystems

Selecting a network operating system – Selecting a network operating system – things to consider:things to consider: Is it compatible with existing infrastructure?Is it compatible with existing infrastructure? Will it provide the security required by the Will it provide the security required by the

network’s resources?network’s resources? Can the technical staff manage it effectively?Can the technical staff manage it effectively? Will existing applications run smoothly on it?Will existing applications run smoothly on it?

Introduction to Network Operating Introduction to Network Operating SystemsSystems

Selecting a network operating system Selecting a network operating system (cont.)(cont.) Will it accommodate future growth (that is, is it Will it accommodate future growth (that is, is it

scalable)?scalable)? Does it support additional services the Does it support additional services the

network’s users require?network’s users require? How much does it cost?How much does it cost? What type of support can be expected from What type of support can be expected from

the manufacturer?the manufacturer?

Network Operating Systems Network Operating Systems and Serversand Servers

Determining Server Hardware:Determining Server Hardware: How many clients will connect to the server?How many clients will connect to the server? What kind of applications will run on the server?What kind of applications will run on the server? How much storage space will each user need?How much storage space will each user need? How much down time is acceptable?How much down time is acceptable? What can the organization afford?What can the organization afford?

Must consider processor (multiple?), RAM, Must consider processor (multiple?), RAM, storage requirements, fault-tolerance, & UPSstorage requirements, fault-tolerance, & UPS Cost can vary considerably - $2k to 100kCost can vary considerably - $2k to 100k

CompaqCompaq, , DellDell, IBM, IBM

Network Operating System Network Operating System Services and FeaturesServices and Features

Networks enable client support in:Networks enable client support in: Creating client accounts and enabling them to Creating client accounts and enabling them to

connect to the networkconnect to the network Managing client accountsManaging client accounts Enabling clients to share resourcesEnabling clients to share resources Managing client access to shared resourcesManaging client access to shared resources Enabling clients to communicate with other Enabling clients to communicate with other

clientsclients

Client/Server CommunicationClient/Server Communication

RedirectorRedirector Service that runs on a client workstation and Service that runs on a client workstation and

determines whether the client’s request determines whether the client’s request should be handled by the client or the servershould be handled by the client or the server

Authentication Authentication (logon process)(logon process) Process whereby a network operating system Process whereby a network operating system

verifiesverifies that a client’s user name and that a client’s user name and password are valid and allows the client to log password are valid and allows the client to log onto the networkonto the network


Figure 8-1: A client connecting to a network operating system


MiddlewareMiddleware Software that sits between the client and Software that sits between the client and

server in a server in a 3-tier architecture3-tier architecture

Thin clientThin client Type of software that enables a client to Type of software that enables a client to

accomplish functions over a network while accomplish functions over a network while utilizing little of the client workstation’s utilizing little of the client workstation’s resources and, instead, resources and, instead, relying on the serverrelying on the server to carry the processing burdento carry the processing burden


Figure 8-2: Middleware between clients and a server

Users and GroupsUsers and Groups

To more easily manage network access, you To more easily manage network access, you can combine users with similar needs and can combine users with similar needs and restrictions into restrictions into groupsgroups

Table 8-1: Providing security through groups

DirectoriesDirectories

DirectoryDirectory List that organizes resources and associates them List that organizes resources and associates them

with other properties, or characteristicswith other properties, or characteristics

ObjectObject Representation of a thing or person associated with Representation of a thing or person associated with

the networkthe networkUsers, printers, groups, computers, data files, and Users, printers, groups, computers, data files, and applicationsapplications

AttributesAttributes Properties associated with an objectProperties associated with an object

User object may have name, group membership, security User object may have name, group membership, security settings, etc.settings, etc.


ContainersContainers Logically defined receptacles that serve only Logically defined receptacles that serve only

to assemble similar objectsto assemble similar objects

AccountAccount The record of a user that contains all of his or The record of a user that contains all of his or

her propertiesher properties

TreeTree Logical representation of multiple, hierarchical Logical representation of multiple, hierarchical

levels in a directorylevels in a directory


Figure 8-3: A directory tree


Figure 8-4: Two possible tree for the same organization

File SystemFile System

An operating system’s method of organizing, An operating system’s method of organizing, managing, and accessing its files through managing, and accessing its files through logical structures and software routineslogical structures and software routines

Be careful not to confuse file systems with Be careful not to confuse file systems with directoriesdirectories A A file systemfile system interacts with the operating system interacts with the operating system A A directorydirectory organizes files so that a user can find organizes files so that a user can find

them on a hard diskthem on a hard disk

FAT (File Allocation Table)FAT (File Allocation Table)

FAT (File Allocation Table)FAT (File Allocation Table) Original PC file system designed in the 1970s Original PC file system designed in the 1970s

to support floppy disks and, later, hard disksto support floppy disks and, later, hard disks

FAT16FAT16 File system designed for use with early DOS- File system designed for use with early DOS-

and Windows-based computersand Windows-based computers

FAT32FAT32 Enhanced version of FAT16 that Enhanced version of FAT16 that

accommodates the use of longer filenames accommodates the use of longer filenames and smaller allocation units on a diskand smaller allocation units on a disk

Significant FAT16 Significant FAT16 CharacteristicsCharacteristics

Partitions or files Partitions or files cannot exceed 2 GBcannot exceed 2 GB (when used with Windows 2000 file (when used with Windows 2000 file system, cannot exceed 4 GB)system, cannot exceed 4 GB)

Uses 16-bit fields to store file size Uses 16-bit fields to store file size informationinformation

Without additional utilities, supports only Without additional utilities, supports only filenames with maximum of eight filenames with maximum of eight characters in the name and three in the characters in the name and three in the extensionextension


Characterizes files on a disk as Read, Write, Characterizes files on a disk as Read, Write, System, Hidden, or ArchiveSystem, Hidden, or Archive

A FAT16 drive stores data in A FAT16 drive stores data in noncontiguous noncontiguous blocks and uses linksblocks and uses links between fragments to between fragments to ensure that data belonging to the same file, for ensure that data belonging to the same file, for example, can be pieced together when the file is example, can be pieced together when the file is requested by the operating systemrequested by the operating system

Because of its low overhead, it can write data to Because of its low overhead, it can write data to a hard disk very quicklya hard disk very quickly


Uses 28-bit fields to store file size informationUses 28-bit fields to store file size information

Supports long filenamesSupports long filenames

Theoretically supports partitions up to 2 Theoretically supports partitions up to 2 Terabytes in sizeTerabytes in size

Partitions can be easily resized without Partitions can be easily resized without damaging datadamaging data

Provides greater security than FAT16Provides greater security than FAT16

Supported by Windows 9x, Windows Me, and Supported by Windows 9x, Windows Me, and Windows 2000Windows 2000

HPFSHPFS

High-Performance File SystemHigh-Performance File System

File system originally designed for IBM’s File system originally designed for IBM’s OS/2 operating systemOS/2 operating system

Offers greater reliability and efficiency than Offers greater reliability and efficiency than FATFAT

Supports Supports extended attributesextended attributes Ex. File historyEx. File history

Sharing ApplicationsSharing Applications

One significant advantage of the client/server One significant advantage of the client/server relationship is the ability to relationship is the ability to share resourcesshare resources

Shared applications are often Shared applications are often stored on a file stored on a file serverserver specifically designed to run applications specifically designed to run applications

For some applications, you can purchase a For some applications, you can purchase a site site licenselicense For a fixed price, a site license allows any number of For a fixed price, a site license allows any number of

users on one location to legally access that users on one location to legally access that applicationapplication

Sharing PrintersSharing Printers

Figure 8-5: Shared printers on a network


All NOSs can:All NOSs can: Create an object that identifies printer to rest of Create an object that identifies printer to rest of

networknetwork Assign printer a unique nameAssign printer a unique name Install drivers associated with printerInstall drivers associated with printer Modify printer attributesModify printer attributes Establish or limit access to printerEstablish or limit access to printer Remotely test and monitor functionalityRemotely test and monitor functionality Update and maintain printer driversUpdate and maintain printer drivers


Figure 8-6: NetWare printer identification screen


Printer queuePrinter queue Logical Logical

representation representation of printer’s of printer’s input and input and outputoutput

Figure 8-7: Client issuing a job to a networked printer

Managing System Resources:Managing System Resources:MemoryMemory

Physical memoryPhysical memory Refers to (RAM) chips installed on computer’s system Refers to (RAM) chips installed on computer’s system

board that provide dedicated memory to that machineboard that provide dedicated memory to that machine

Virtual memoryVirtual memory Logically carved out of space on hard disk and added Logically carved out of space on hard disk and added

to physical memoryto physical memory Stored on hard disk as a Stored on hard disk as a page filepage file (or (or swap fileswap file))

PagingPaging Process of moving pages between RAM and into a Process of moving pages between RAM and into a

page file on diskpage file on disk

Managing System Resources:Managing System Resources:MultitaskingMultitasking

MultitaskingMultitasking Ability of a processor to perform many Ability of a processor to perform many

different operations in a brief period of timedifferent operations in a brief period of time

Preemptive multitaskingPreemptive multitasking Type of multitasking supported by NetWare, Type of multitasking supported by NetWare,

UNIX, and Windows 2000UNIX, and Windows 2000 Performs one task at a timePerforms one task at a time

Managing System Resources:Managing System Resources:MultiprocessingMultiprocessing

ProcessProcess Routine of sequential instructions that runs Routine of sequential instructions that runs

until it has achieved its goaluntil it has achieved its goal

ThreadThread Self-contained, well-defined task within a Self-contained, well-defined task within a

processprocess

MultiprocessingMultiprocessing Support and use of multiple processors to Support and use of multiple processors to

handle multiple threadshandle multiple threads

Managing System Resources:Managing System Resources:MultiprocessingMultiprocessing

Symmetric multiprocessingSymmetric multiprocessing Splits all operations equally among two or Splits all operations equally among two or

more processorsmore processors

Asymmetric multiprocessingAsymmetric multiprocessing Assigns each subtask to a specific processorAssigns each subtask to a specific processor

Introduction to Windows 2000 Introduction to Windows 2000 ServerServer

Windows 2000 Server serves as a redesign and Windows 2000 Server serves as a redesign and enhancement of Windows NT Serverenhancement of Windows NT Server Windows NT was a popular NOS known for its intuitive Windows NT was a popular NOS known for its intuitive

graphical user interfacegraphical user interface ( (GUIGUI))

Windows 2000 Server carries on many of the Windows 2000 Server carries on many of the advantages of Windows NT Server, plus provides advantages of Windows NT Server, plus provides additional features and capabilities (see next slide)additional features and capabilities (see next slide)

Windows 2000 Advanced Server offers same benefits Windows 2000 Advanced Server offers same benefits and features as Windows 2000 Server, but adds support and features as Windows 2000 Server, but adds support for for clusteringclustering Server – 4GB RAM & 4 processorsServer – 4GB RAM & 4 processors Advanced – 8GB RAM & 8 processorsAdvanced – 8GB RAM & 8 processors Datacenter – 64GB RAM & 32 processorsDatacenter – 64GB RAM & 32 processors

Some Benefits of Windows Some Benefits of Windows 2000 Server NOS2000 Server NOS

Advanced system of organizing and managing Advanced system of organizing and managing network objects, called network objects, called Active DirectoryActive Directory

Multiple, integrated Multiple, integrated Web servicesWeb services with easy to use with easy to use administrator interfaceadministrator interface

Support for great deal of RAM and multiple Support for great deal of RAM and multiple processorsprocessors

Support for multiple, modern protocols and security Support for multiple, modern protocols and security standardsstandards

Excellent integration with other NOSsExcellent integration with other NOSs

Simple, centralized management of multiple clientsSimple, centralized management of multiple clients

Flexible, customizable network management interfaceFlexible, customizable network management interface

Why Choose Windows 2000 Why Choose Windows 2000 Server?Server?

Windows 2000 Server is a popular NOS Windows 2000 Server is a popular NOS because it addresses most of a network because it addresses most of a network administrator’s needs very welladministrator’s needs very well

Its customizable graphical administrative Its customizable graphical administrative interface called, the interface called, the Microsoft Microsoft Management Console (MMC)Management Console (MMC), makes , makes Windows 2000 Server a simple operating Windows 2000 Server a simple operating system to managesystem to manage

Windows 2000 Server HardwareWindows 2000 Server Hardware

Important resource for determining what kind of Windows 2000 hardware Important resource for determining what kind of Windows 2000 hardware to purchase is Microsoft’s to purchase is Microsoft’s Hardware Compatibility List (HCL)Hardware Compatibility List (HCL)

Table 8-2: Minimum hardware requirements for Windows 2000 Server

Windows 2000 Server Memory Windows 2000 Server Memory ModelModel

Figure 8-8: Viewing virtual memory

Windows 2000 File SystemsWindows 2000 File Systems

In addition to FAT, FAT32, and HPFS file In addition to FAT, FAT32, and HPFS file systems, Windows 2000 Server supports other systems, Windows 2000 Server supports other file systems, including:file systems, including: CDFS (CD-ROM File System)CDFS (CD-ROM File System)

Used to read from and write to a CD-ROM diskUsed to read from and write to a CD-ROM disk Universal Disk Format (UDF)Universal Disk Format (UDF)

Another file system used on CD-ROM and DVD mediaAnother file system used on CD-ROM and DVD media NTFS (New Technology File System)NTFS (New Technology File System)

Developed for Windows NT platformDeveloped for Windows NT platform

With release of Windows 2000, Microsoft updated NTFS to With release of Windows 2000, Microsoft updated NTFS to version 5version 5

NTFS FeaturesNTFS Features

Filenames can be maximum of 256 Filenames can be maximum of 256 characters longcharacters long

Stores file size information in 64-bit fieldsStores file size information in 64-bit fields

Files or partitions can be as large as 16 Files or partitions can be as large as 16 exabytesexabytes

Required for Macintosh connectivityRequired for Macintosh connectivity

NTFS FeaturesNTFS Features

Incorporates sophisticated, customizable Incorporates sophisticated, customizable compressioncompression routines routines

Keeps a Keeps a loglog of file system activity to facilitate of file system activity to facilitate recovery if a system crash occursrecovery if a system crash occurs

Required for Required for encryptionencryption and advanced access and advanced access security for files, user accounts, and processessecurity for files, user accounts, and processes

Improves fault tolerance through RAID and Improves fault tolerance through RAID and system file redundancysystem file redundancy

Microsoft Management Console Microsoft Management Console (MMC)(MMC)

Tools added Tools added to MMC to MMC interface are interface are known as known as snap-inssnap-ins

Figure 8-9: MMC Window

Active DirectoryActive Directory

SchemaSchema Set of Set of

definitions of definitions of kinds of objects kinds of objects and information and information associated with associated with those objects those objects that the Active that the Active Directory Directory database can database can containcontain

Figure 8-10: Active Directory and a simple user schema

Active DirectoryActive Directory

Active Directory’s schema may contain Active Directory’s schema may contain two types of definitions:two types of definitions: ClassesClasses

Also known as Also known as object classesobject classes

Identifies what type of objects can specified in Identifies what type of objects can specified in Active DirectoryActive Directory

AttributesAttributesProperty associated with an objectProperty associated with an object

WorkgroupsWorkgroups

Group of interconnected computers that share each Group of interconnected computers that share each other’s resources without relying on a central serverother’s resources without relying on a central server

Figure 8-11: A Windows workgroup network

DomainsDomains

Group of Group of users, servers, users, servers, and other and other resources that resources that share a share a database of database of account and account and security security informationinformation

Figure 8-12: Multiple domains in one organization

DomainsDomains

Domain controllerDomain controller Windows 2000 server that contains a replica Windows 2000 server that contains a replica

of the Active Directoryof the Active Directory

Member serverMember server Does not hold directory information and, Does not hold directory information and,

therefore, cannot authenticate userstherefore, cannot authenticate users

ReplicationReplication Process of copying Active Directory data to Process of copying Active Directory data to

multiple domain controllersmultiple domain controllers

DomainsDomains

Figure 8-13: A Windows 2000 domain model network

Organizational UnitsOrganizational Units

Container within Container within an NOS an NOS directory used directory used to group objects to group objects with similar with similar characteristics characteristics or privilegesor privileges

Figure 8-14: A tree with multiple domains and OUs

Trees and ForestsTrees and Forests

Domain treeDomain tree Group of hierarchically arranged domains that Group of hierarchically arranged domains that

share a common namespace in Windows 2000 share a common namespace in Windows 2000 Active DirectoryActive Directory

At base of Active Directory tree is the At base of Active Directory tree is the root root domaindomain

From root domain, From root domain, child domainschild domains branch out to branch out to separate objects with the same policiesseparate objects with the same policies

ForestForest Collection of one or more domain treesCollection of one or more domain trees

Trust RelationshipsTrust Relationships

Relationship between two domains in Relationship between two domains in which one domain allows another domain which one domain allows another domain to authenticate its usersto authenticate its users

Active Directory supports two types of trust Active Directory supports two types of trust relationships:relationships: Two-way transitive trustTwo-way transitive trust Explicit one-way transitive trustExplicit one-way transitive trust

Two-Way Transitive TrustTwo-Way Transitive Trust

Security relationship Security relationship between domains in between domains in same domain tree same domain tree in which one in which one domain grants domain grants every other domain every other domain in the tree access to in the tree access to its resources and, in its resources and, in turn, that domain turn, that domain can access other can access other domains’ resourcesdomains’ resources

Figure 8-15: Two-way trusts between domains in a tree

Explicit One-Way Transitive Explicit One-Way Transitive TrustTrust

Type of trust Type of trust relationship in relationship in which two which two domains that domains that belong to belong to different NOS different NOS directory trees directory trees are configured are configured to trust each to trust each otherother

Figure 8-16: Explicit one-way trust between domains in different trees

Naming ConventionsNaming Conventions

NamespaceNamespace Refers to complete database of hierarchical names Refers to complete database of hierarchical names

used to map IP addresses to their hosts’ namesused to map IP addresses to their hosts’ names

Each object on a Windows 2000 network can Each object on a Windows 2000 network can have three different names:have three different names: Distinguished name (DN)Distinguished name (DN) Relative distinguished name (RDN)Relative distinguished name (RDN) User principal name (UPN)User principal name (UPN)

When creating a user account, user’s login name is added to When creating a user account, user’s login name is added to a a UPN suffixUPN suffix


Figure 8-17: Distinguished name and relative distinguished name


Naming conventions used by Windows 2000 Naming conventions used by Windows 2000 follow those specified in the follow those specified in the Lightweight Lightweight Directory Access Protocol (LDAP)Directory Access Protocol (LDAP) LDAP is a protocol for accessing network LDAP is a protocol for accessing network

directoriesdirectories

In addition to a DN, RDN, and UPN, each In addition to a DN, RDN, and UPN, each object has a object has a globally unique identifier globally unique identifier (GUID)(GUID)

Planning for Installation:Planning for Installation:Preinstallation DecisionsPreinstallation Decisions

How many, how large, and what kind of How many, how large, and what kind of partitions will the server requires?partitions will the server requires?

What type of file system will the server What type of file system will the server use?use?

What will the server’s name be?What will the server’s name be?

Which protocols and network services Which protocols and network services should the server use?should the server use?

What will the Administrator password be?What will the Administrator password be?

Planning for Installation:Planning for Installation:Preinstallation DecisionsPreinstallation Decisions

Should the network use domains or Should the network use domains or workgroups, and, if so, what will they be workgroups, and, if so, what will they be called?called?Will the server support additional services?Will the server support additional services?Which licensing mode should I choose?Which licensing mode should I choose? Per serverPer server Per seatPer seat

How can I remember all of this information?How can I remember all of this information?

Planning for InstallationPlanning for Installation

Be prepared to:Be prepared to: Read and accept the license agreementRead and accept the license agreement Identify your organizationIdentify your organization Provide your registration keyProvide your registration key Select the appropriate time and dateSelect the appropriate time and date Specify display settingsSpecify display settings Identify and supply drivers for hardware Identify and supply drivers for hardware

componentscomponents

Planning for Installation:Planning for Installation:Windows NT Upgrade Windows NT Upgrade

ConsiderationsConsiderations

Back up the existing Windows NT serverBack up the existing Windows NT server

On Windows NT network including multiple On Windows NT network including multiple servers and domain controllers, upgrade the servers and domain controllers, upgrade the Windows NT PDC to a Windows 2000 Windows NT PDC to a Windows 2000 domain controller firstdomain controller first

Be certain to select “Upgrade to Windows Be certain to select “Upgrade to Windows 2000 (Recommended)” option on the first 2000 (Recommended)” option on the first setup screensetup screen

Planning for Installation:Planning for Installation:Windows NT Upgrade Windows NT Upgrade

ConsiderationsConsiderations

If upgrading Windows NT PDC to Windows 2000 If upgrading Windows NT PDC to Windows 2000 domain controller, indicate that you want to start domain controller, indicate that you want to start a new domain or forest during the Active a new domain or forest during the Active Directory Setup WizardDirectory Setup Wizard

After all Windows NT servers on network are After all Windows NT servers on network are upgraded to Windows 2000 Server, convert upgraded to Windows 2000 Server, convert domains to native modedomains to native mode

Carefully follow upgrade instructionsCarefully follow upgrade instructions

Installing and Configuring a Installing and Configuring a Windows 2000 ServerWindows 2000 Server

Figure 8-18: Beginning with setup options


Figure 8-19: Selecting Windows 2000 components


Figure 8-20: Installing Components window

Initial ConfigurationInitial Configuration

After completing the Windows 2000 Server After completing the Windows 2000 Server installation, the server is not yet ready to installation, the server is not yet ready to support clients on a networksupport clients on a network

First, the software must be configuredFirst, the software must be configured For instance, to assign it a place in the For instance, to assign it a place in the

domaindomain

Establishing Users, Groups, and Establishing Users, Groups, and RightsRights

The The GuestGuest account is a predefined user account with account is a predefined user account with limited privileges that allows a user to log onto the limited privileges that allows a user to log onto the computercomputer

The The AdministratorAdministrator account is a predefined user account is a predefined user account that has the most extensive privileges for account that has the most extensive privileges for resources both on the computer and on the domain it resources both on the computer and on the domain it controlscontrols

A A local accountlocal account only has rights on the server they only has rights on the server they are logged ontoare logged onto

A A domain accountdomain account has rights throughout the domain has rights throughout the domain


Figure 8-21: User account password properties


A A domain local groupdomain local group is one that allows its is one that allows its members access to resources within a single members access to resources within a single domain (usually resources)domain (usually resources)

A A global groupglobal group allows its members access to allows its members access to resources within a single domain (usually resources within a single domain (usually users)users)

A A universal groupuniversal group is one that allows its is one that allows its members to access resources across multiple members to access resources across multiple domains and forestsdomains and forests


Figure 8-22: Creating a group


Figure 8-23: The Program

Files Properties dialog box

Internetworking with Other Network Internetworking with Other Network Operating SystemsOperating Systems

Gateway Services for NetWare (GSNW)Gateway Services for NetWare (GSNW) Acts as a translator between the Windows 2000 and Acts as a translator between the Windows 2000 and

NetWare client redirector services NetWare client redirector services

Client Services for NetWare (CSNW)Client Services for NetWare (CSNW) Can be installed on Windows 2000 clients to enable Can be installed on Windows 2000 clients to enable

them to access NetWare serversthem to access NetWare servers

Directory Services Migration Tool (DSMIGRATE)Directory Services Migration Tool (DSMIGRATE) Enables network administrators to migrate accounts, Enables network administrators to migrate accounts,

files, and permissions from a NetWare NDS directory files, and permissions from a NetWare NDS directory to the Windows 2000 Active Server Directoryto the Windows 2000 Active Server Directory

Chapter Eight

Documents

Transcript of Chapter Eight