Hardware and Networking Service Level III

Module Title: Configuring and Administering Server

LG CODE: EIS HNS3 M06
TTLM Code: EIS HNS3 TTLM 1220 V1
LO #1- Confirm Server Specification

Information Sheet 1.1 Confirming network operating system and server design

Confirm server design with client

The first step in building and configuring a server is to confirm that theinformation about
the project is correct, current and that the client agrees withdocumented specifications
and design.
You will need to reconfirm with the client
 The role of the server
 How it will function with the remaining IT infrastructure, and the required
configuration.

Functional requirements

Functional requirements capture the intended behavior of the system. This behavior
may be expressed as a service, task or function that the system is required to perform.
The functional requirements documents are the ‘blueprint’ for the project implementation
Requirements issues
One of the first and most important activities to get on when confirming server
specifications is to confirm client needs and to ensure that they acknowledge that
requirements have been captured correctly and sign-off on the requirements

So one of the tasks in confirming client needs is to document the requirements.

This may include identifying or clarifying

 The business case

 What the client considers the project’s main objectives are, including the
services that are to be performed
 What IT infrastructure is already in place
 Basic specifications
 Conflicting or overlapping requirements
  Maintenance and backup requirements
 Bandwidth issues that may affect the project
 Role definition of parties involved
 The nature of the data (e.g. text, multimedia)
 Security needs (e.g. levels of user access and privileges)
 Available support resources.
 Costing.

Functional requirements specification

The functional specification describes what the system will do, as opposed to how it
will be done. This distinction is important because the client may not be interested in the
details of how a function is implemented, and the technical details may simply cause
confusion for the client the implementation details may need to change during the
design and development of the project. You don’t want to have to negotiate changes to
the functional specification just to change details of implementation the technical
specification for large projects will be detailed in a separate document, and you should
not entangle one with the other.

User requirements

 How many users are expected to use the system?

 How many people will be utilizing the solution at one time?
 Where the users will be located (e.g. overseas, interstate or at home?

Technical requirements

 What types of computers/operating systems will the users operate?

 Are their desktops all the same?

 What bandwidth restrictions occur presently?

  What security (login) will they need?

 What backup policies need to be in place?

 Who will have administration rights?

 What will the business do if the system fails at any stage?

 Who is the project sponsor?

 What does management expect the system will do and won’t do?

Hardware

 Compatibility: will the solution work with existing systems?

 Support for proprietary formats: will the existing systems and architecture support
all types of data?

 Will the new system be supported by existing resources within the company?

 What funding is available for new hardware?

 What is the backup strategy? Has this been cost?

 Does the system need to be redundant, load balanced or clustered?

 Will there be time delays to purchase and install hardware?

 Who will be building the server?

 Are there other projects that you may be able to share hardware costs with?

Software

 What is the true cost of the software?

  Are there licensing issues? As the system is in development, should you pay for
all the licensing now or when the system is in live mode?

 Can the software be licensed for use by multiple users who use it on different
machines? (Concurrent licensing)

 How long has the software been on the market for?

 What happens if the software company becomes insolvent? Who supports it?

 Who owns the source code?

 What happens if the source code is modified? Who supports the product then?

 Does the solution work with all other company software systems?

 If web-based, does the solution function on all common browsers?

 If security is a concern, can the software be delivered in a ‘locked down’ format?

 Does the software support all file formats?

 Is the software easy to use, or are there major training issues/costs?

Stage sign-off

A project is divided into many stages. Each stage will have entry and exit criteria that
must be met before the project can progress further.

At the planning stage, the owner of the system or project steering committee must sign-
off on stage exit criteria, which would include server design documentation. This then
would trigger the start of the next stage of the project the development stage.

The exit criteria will normally state that the following items have been identified and
agreed to:

 Server platforms
  Operating systems

 Applications

 Hardware and software limitations

 Client and developer responsibilities

 Privacy issues

 Initial timelines

 Budget

 State and federal regulations.

Identify specifications

Once requirements have been defined and client needs are clarified, it’s time to start
thinking about identifying products that fit the solution. In this case, we need to focus on
the possible server solutions. Remember: a server consists of

 Hardware

 Software

 Network connections.

There are different types of server designs that need to be considered when identifying
equipment. There are multiple server architectures to choose from, including

 Mainframe architecture

 File sharing architecture

 Client/server architecture

 Web based architecture

  Thin client architecture

 Blade architecture.

Network operating system

Definition– Network operating system is like as software that is installed on the server
side on the network infrastructure. Network operating system provides the several
functionalities for managing the data, applications, security, and other functions. In this
system, all computers and other terminal are connected each other through LAN (Local
Area Network) line or Inter-network system. Main objective of NOS (Network operating
system) is to share data, printer access, and other devices. Novell NetWare was
introduced as a first network operating system, in 1983.

There are some working functionality of network operating system.

 NOS allows the protection of data, information, and their hardware components
from unauthorized users.

 It allows to program testing routines.

 It can memory management while loading of programs.

 To detect the all errors and bugs while execution of their jobs.

 It provides the remote access to server/client machines.

 It manages the sequence of all their processing jobs.

 NOS allows to all users for creating user account, and they can manage them as
well.

 It allows to all Configuration and management of entire network resources.

 It allows to all communication services.

 It can monitor as well as troubleshooting the entire network.

There are two types of components of network operating system such as hardware and
software components.

Hardware Components

There are some devices which are physically connected with each other.

 Server M/C

 Client M/C

 Peer M/C

 Communication medium – Guided media – coaxial cable, fiber optic cables.

 Unguided media – microwaves, infra-red waves

 Connecting Terminals – Routers, Bridges, Hubs, Repeaters, Gateways,

Switches, hub, Network Interface Card, Shared printers.

Software Components

These are some programs which are installed on the network machines.

 Networking Operating System – UNIX, Linux, Windows 2000, Windows 98,

Windows XP.

 Protocol Suite – OSI Model (Open System Interconnections), TCP / IP Model

Self-Check1.1. Written Test

Directions: Answer all the questions listed below.

I. Elaborate the following

1. List and explain multiple server architecture. 3points
2. List 3 working functionality of network operating system 3points
3. List 3 thing that server consist. 3 points
4. List four requirement issues of server. 4 points

Information Sheet 1.2. Identify product, vendor architecture and equipment

Identify vendor architecture

Each vendor in the marketplace supports specific platforms and server architecture.
When selecting equipment for the server, you will need to consider the hardware and
software platforms from each vendor.

Hardware platform refers to the hardware components that make up the computer
system.

Software platform refers to the operating system or programming language developed

for the hardware. There are defined terms used in the IT industry to describe the types
of platforms, including o Wintel o Lintel o Mac, Macintel o Mainframe o UNIX o Alpha
AXP o Java o .Net.

Platform selection

Platform choice is an important consideration very early on in a project. Most projects

cannot be changed midstream, as there are many different factors such as file formats
and protocols that are fixed requirements. There are many different types of server
platforms designed to perform many types of functions. A server’s platform will mainly
depend on the type of service provided.
Some of the functions provided by a server are

 mail services

 web services

 transactional processing services

 streaming media services

 remote access services

 file storage and retrieval services

 network access

 Application services.

Hardware and software specifications

Detailed information about server hardware is available from the server documentation
and from the hardware manufacturer’s website. At a minimum, the server vendor will
have a component list detailing what hardware is in the server.

Identifying network equipment’s

Hub

Hubs connect multiple computer networking devices together. A hub also acts as a
repeater in that it amplifies signals that deteriorate after traveling long distances over
connecting cables. A hub is the simplest in the family of network connecting devices
because it connects LAN components with identical protocols.

A hub can be used with both digital and analog data, provided its settings have been
configured to prepare for the formatting of the incoming data. For example, if the
incoming data is in digital format, the hub must pass it on as packets; however, if the
incoming data is analog, then the hub passes it on in signal form.

Hubs do not perform packet filtering or addressing functions; they just send data
packets to all connected devices. Hubs operate at the Physical layer of the Open
Systems Interconnection (OSI) model. There are two types of hubs: simple and
multiple port.

Switch

Switches generally have a more intelligent role than hubs. A switch is a multiport device
that improves network efficiency. The switch maintains limited routing information about
nodes in the internal network, and it allows connections to systems like hubs or routers.
Strands of LANs are usually connected using switches. Generally, switches can read
the hardware addresses of incoming packets to transmit them to the appropriate
destination.

Using switches improves network efficiency over hubs or routers because of the virtual
circuit capability. Switches also improve network security because the virtual circuits are
more difficult to examine with network monitors. You can think of a switch as a device
that has some of the best capabilities of routers and hubs combined. A switch can work
at either the Data Link layer or the Network layer of the OSI model. A multilayer
switch is one that can operate at both layers, which means that it can operate as both a
switch and a router. A multilayer switch is a high-performance device that supports the
same routing protocols as routers.

Switches can be subject to distributed denial of service (DDoS) attacks; flood guards
are used to prevent malicious traffic from bringing the switch to a halt. Switch port
security is important so be sure to secure switches: Disable all unused ports and use
DHCP snooping, ARP inspection and MAC address filtering.

Modem
Modems (modulators-demodulators) are used to transmit digital signals over analog
telephone lines. Thus, digital signals are converted by the modem into analog signals of
different frequencies and transmitted to a modem at the receiving location. The
receiving modem performs the reverse transformation and provides a digital output to a
device connected to a modem, usually a computer. The digital data is usually
transferred to or from the modem over a serial line through an industry standard
interface, RS-232. Many telephone companies offer DSL services, and many cable
operators use modems as end terminals for identification and recognition of home and
personal users. Modems work on both the Physical and Data Link layers.

Router

Routers help transmit packets to their destinations by charting a path through the sea of
interconnected networking devices using different network topologies. Routers are
intelligent devices, and they store information about the networks they’re connected to.
Most routers can be configured to operate as packet-filtering firewalls and use access
control lists (ACLs). Routers, in conjunction with a channel service unit/data service unit
(CSU/DSU), are also used to translate from LAN framing to WAN framing. This is
needed because LANs and WANs use different network protocols. Such routers are
known as border routers. They serve as the outside connection of a LAN to a WAN, and
they operate at the border of your network.

Router are also used to divide internal networks into two or more sub networks. Routers
can also be connected internally to other routers, creating zones that operate
independently. Routers establish communication by maintaining tables about
destinations and local connections. A router contains information about the systems
connected to it and where to send requests if the destination isn’t known. Routers
usually communicate routing and other information using one of three standard
protocols: Routing Information Protocol (RIP), Border Gateway Protocol (BGP) or Open
Shortest Path First (OSPF).

Routers are your first line of defense, and they must be configured to pass only traffic
that is authorized by network administrators. The routes themselves can be configured
as static or dynamic. If they are static, they can only be configured manually and stay
that way until changed. If they are dynamic, they learn of other routers around them and
use information about those routers to build their routing tables.

Routers are general-purpose devices that interconnect two or more heterogeneous

networks. They are usually dedicated to special-purpose computers, with separate input
and output network interfaces for each connected network. Because routers and
gateways are the backbone of large computer networks like the internet, they have
special features that give them the flexibility and the ability to cope with varying network
addressing schemes and frame sizes through segmentation of big packets into smaller
sizes that fit the new network components. Each router interface has its own Address
Resolution Protocol (ARP) module, its own LAN address (network card address) and its
own Internet Protocol (IP) address. The router, with the help of a routing table, has
knowledge of routes a packet could take from its source to its destination. The routing
table, like in the bridge and switch, grows dynamically. Upon receipt of a packet, the
router removes the packet headers and trailers and analyzes the IP header by
determining the source and destination addresses and data type, and noting the arrival
time. It also updates the router table with new addresses not already in the table. The IP
header and arrival time information is entered in the routing table. Routers normally
work at the Network layer of the OSI model.

Crimpers

Crimpers are tools used to make cold weld joints between two wires or a wire and a
connector, such as lugs. Ideally, the electrical and mechanical properties of the weld
joint are as strong as the parent materials. Crimping tools are sized according to the
wire gauges (using AWG - American Wire Gauge) they can accept.
Self-Check1.2. Written Test

Directions: Answer all the questions listed below.

I. DIRECTION: TRUE or FALSE. Write “TRUE” if the statement is

correct or “FALSE” if the statement is incorrect.
1. Crimping tools are sized according to the wire gauges they can accept. 2pts
2. Modems are used to transmit analog over digital signals telephone lines. 2pts
3. Router are also used to divide internal networks into two or more sub networks.
2pts
4. A switch can work at either the Data Link layer or the Network layer of the OSI
model. 2pts
5. Hub is not acting like a repeater. 2pts

II. DIRECTION: CHOOSE THE BEST ANSWER AND ENCIRCLE THE

CORRECT LETTER OF YOUR CHOICE
1. One of the following is the functions provided by a server. 2.5pts
A. Mail server C. File storage service
B. Print server D. ALL
2. Each router interface has its own Address Resolution Protocol (ARP) module, its
own LAN address (network card address) and its own Internet Protocol (IP)
address. 2.5pts
A. Router C. Hub
B. Switch D. Repeater
 Information Sheet 1.3. Identify technologies and resource

Identify server technologies

Information technology is constantly changing and improving at a high speed. Common

hardware technologies are

 Processors

 Random access memory

 Storage

 Optical drive.

System requirements

For hardware and software components, you will need to ensure that any minimum
system requirements are met. You will find this information at manufacturer’s websites
as whitepaper, installation documentation, and product overviews.

For software, you will need to ensure that your system meets minimum requirements for

 the type and speed of the processor o memory

 available disk space o operating system

 for hardware components you will need to ensure compatibility with the
existing system o

 processor — ensure motherboard support for new CPU is available

 memory — ensure type and size is compatible with the motherboard

 Hard drives and optical drives — ensure that there is an available drive
bay, power cable and interface connection.
  Expansion cards — ensure that there is a suitable expansion slot for
installation of the expansion card.

Windows Server 2008 Core Technologies

 New Technology File System

 Active Directory

 Microsoft Management Console

 Disk Management

 File and printer sharing

 Windows networking

 Internet Information Services

New Technology File System

 Successor to FAT/FAT32

 Native support for long filenames, file and folder permissions, support for large
files and volumes, reliability, compression, and encryption

 Most significant is the added ability for more granular file access control

Active Directory

 Provides a single point of administration of resources (Users, groups, shared

printers, etc.)

 Provides centralized authentication and authorization of users to network

resources
  Along with DNS, provides domain-naming services and management for a
Windows domain.

 Enables administrators to assign system policies, deploy software to client

computers, and assign permissions and rights to users of network resources

Microsoft Management Console (MMC)

 Creates a centralized management interface for administrators

 Uses snap-ins, which are designed to perform specific administrative tasks (such
as disk management or active directory configuration)

 Multiple snap-ins can be combined into a single MMC, providing quicker access
to commonly used tools

Disk Management

 Monitors disk and volume status

 Initializes new disks

 Creates and formats new volumes

 Troubleshoots disk problems

 Configures redundant disk configurations (RAID)

File and Printer Sharing

 Shadow copies

 Disk quotas

 Distributed File System (DFS)

  Also possible to configure options that allow redundancy, version control, and
user storage restrictions.

Windows Networking Concepts

The Workgroup Model:

 A small group of computers that share common roles, such as sharing

files or printers.

 Also called a peer-to-peer network

 Decentralized logons, security, and resource sharing

 Easy to configure and works well for small groups of users (fewer than 10)

The Domain Model:

 A Windows Server 2008 server that participates in a workgroup is referred

to as a domain model

 Preferred for a network of more than 10 computers or a network that

requires centralized security and resource management

 Requires at least one computer to be a domain controller

 A domain controller is a Windows server that has Active Directory installed

and is responsible for allowing client computers access to domain
resources

 A member server is a Windows Server that’s in the management scope of

a domain but doesn’t have Active Directory installed is stand-alone server
Windows Networking Components

 Network Interface

 Composed of two parts; the network interface card (NIC) and the device
driver software

 Network Protocol

 Specifies the rules and format of communication between network devices

 Network Client and Server Software

 Network client sends requests to a server to access network resources

 Network server software receives requests for shared network resources

and makes those resources available to a network client

Internet Information Services

 Windows Server 2008 provides IIS 7.0

 Modular design

 Unused features aren’t available for attackers to exploit

 Extensibility

 Functionality is easily added via modular design

 Manageability

 Delegated administration; can assign control over some aspects of the

website to developers and content owners
  Appcmd.exe provides the ability to manage IIS via scripts and batch files

Self-Check1.3. Written Test

Directions: Answer all the questions listed below.

I. Elaborate the following

1. List the network components. 3pts
2. What are windows technologies. 7pts
3. What are the feature of IIS 7 ? 3pts

LO #2- Verify server compatibility and inter-operability

Information Sheet 2.1.Reviewing Hardware and software to ensure compatibility

Ensuring Hardware Compatibility

Networking is hardware-dependent, and not all hardware products are compatible. In

order for two computers to communicate, they must use the same protocol.

Computer hardware raises similar issues. In some instances, two pieces of hardware
simply can't communicate with each other. For example, consider an analogy to
automobile parts: two parts might look alike and be able to perform the same function,
but each is designed to work in a different car.

This lesson examines the issue of ensuring hardware compatibility and what you can do
to resolve incompatibilities.

When Hardware Is a Problem

Hardware incompatibilities are a fact of life. In today's computer industry, hundreds of
manufacturers develop hardware and software.

Each developer has a unique perspective on the best way to accomplish the same task,
and each will provide a unique solution. Copyright and patent issues further
complicatethe matter. Evaluating and selecting hardware is a major part of planning for
network implementation.

It is likely that you will have to create a network out of an existing collection of hardware.
In such cases, the likelihood that problems stemming from incompatible hardware will
arise is very high. It is sometimes more cost-effective to discard the old hardware and
start over. The most common incompatibilities occur between hardware and software.
Changing or upgrading a computer or network operating system can lead to major
problems.

Reading the Documentation

Read all the documentation about the products involved. Your hardware or software
might have a recurring problem or might conflict with another product. Frequently, the
manufacturer will document these conflicts and provide a fix. If you do not find the
solution in the supplied documentation, you might contact the manufacturer of the
product and ask for undocumented conflicts.

Detection during Installation

When you install a new computer or network operating system, your computer will
usually attempt to detect the hardware in the system during the installation process and
load the appropriate drivers for it.

Check the list of detected hardware and ensure that it matches what is already in the
machine. If you are installing Novell's Intranet Ware, for example, the install utility will
automatically scan your computer for hardware such as hard disks, CD-ROM drives,
and NICs. If the devices are recognized, the appropriate drivers will then be loaded for
the recognized devices.

COMPUTER
Checking Minimum Requirements

As a first step before you install, make sure that you exceed the minimum requirements
for the resources in the computer. These resources include processor speed, memory,
and disk space. Table1.1 Minimum computer Hardware Requirements for server 2008
lists some minimum computer hardware requirements for server 2008

Requirement Standard Enterprise Datacenter Web Edition

Edition Edition Edition

Minimum CPU 133 MHz 133 MHz for 400 MHz for 133 MHz
x86-based x86-based
Speed
computers733 computers733
MHz for Itanium- MHz for
based Itanium-based
computers* computers*

Recommended 550 MHz 733 MHz 733 MHz 550 MHz

CPU Speed

Minimum RAM 128 MB 128 MB 512 MB 128 MB

Recommended 256 MB 256 MB 1 GB 256 MB

Minimum
RAM

Maximum RAM 4 GB 32 GB for 64 GB for 2 GB

x86based x86based
computers512 computers512
GB for GB for
Itaniumbased
Itanium-based
computers*
computers*

Multiprocessor Up to 4 Up to 8 Minimum 8 Up to 2
Support ** required
Maximum 64

Table 1 Minimum computer Hardware Requirements for server 2008

Switch
Requirement Specification

Operating speed 0.01 mm to 1m/s * 1

Mechanical 240 operations/min

Operating frequency
Electrical 20 operations/min

Insulation resistance 100 MΩ min. (at 500 VDC)

Contact resistance 15 mΩ max. (initial value)

1,000 VAC, 50/60 Hz for 1 min between

terminals of the same polarity
2,000 VAC, 50/60 Hz for 1 min between the
Dielectric strength current-carrying metal parts and the ground,

and between each terminal and non-current-

carrying metal parts

Vibration resistance Malfunction 10 to 55 Hz, 1.5-mm double amplitude * 2

Destruction 1,000 m/s2 max.

Shock resistance
Malfunction 300 m/2 max. * 1 * 2

Mechanical 1,000,000 operations min.

Durability
Electrical 500,000 operations min.

Degree of protection IP00

Degree of protection against electric shock Class I

Proof tracking index (PTI) 175

Ambient operating temperature -25 ° C to 80 ° C (with no icing)

Ambient operating humidity 35% to 85%RH

Weight Approx. 22 to 58 g

Table 2 Minimum switch Requirements for server 2008

Software compatibility
Application software

When evaluating software, the cost of the product will be determined by how many
licenses are required. A license is a legal agreement to use software, and the exact
terms of the agreement vary.

An important part of managing software licenses is to purchase the right types and mix
of licenses. Software licenses are offered as follows:

 A site license for a number of computers at a particular office

 A license assigned to a specific computer
 A license assigned to one specific user.

Self-Check2.1 Written Test

Directions: Answer all the questions listed below.

I. DIRECTION: TRUE or FALSE. Write “TRUE” if the statement is

correct or “FALSE” if the statement is incorrect.
1. Evaluating and selecting hardware is a major part of planning for network
implementation. 2pts
2. When evaluating software, the cost of the product will be determined by how
many licenses are required. 2pts
3. A license is not assigned to a specific computer. 2pts
4. A first step before you install a server is , make sure that you exceed the
minimum requirements for the resources in the computer.2pts
5. The most common incompatibilities occur between hardware and software.2pts
 Information Sheet 2.2. Obtaining all hardware required for server installation

Network Hardware

Definition – Network Components is also called the “Network Device” or “Network

Equipment” or “Computer Networking Devices” which are used to need make
communication and interaction between multiple computers over network.

We need to obtain the following hardware for server installation

Network hardware is not as susceptible as software to conflicts and compatibility

problems. Connectivity Devices, covers the basics of how these devices (repeaters,
bridges, routers, routers, and gateways) work.

Since these devices are common to many different types of networks and work mainly
with data packets, they are less likely to present conflicts. The manufacturers of these
products maintain strict adherence to the IEEE 802.x standards.

Therefore, any device that meets an IEEE standard can communicate with another
device that meets the same standard. The only situation in which you can expect
incompatibility issues to arise is when two devices meet different standards. There are
some network hardware that’s stated below.

NIC

NIC stands for “Network Interface Card”, and this hardware component is used to link
multiple computers with each other over the network. NIC performs some activates
such as sending and receiving data as well as controlling data flow between linked all
terminals over the network. NIC is capable to send and receive data on (10,100 to 1000
Mb/s) transfer rate. All NIC contain unique id (MAC address) that is programmed on
chip, and it is embedded on the network interface card.
NIC has two variant such as –

1. Wired NIC – Cables and connectors are connected to Wired NIC, which is
embedded inside the motherboard.

2. Wireless NIC – Wireless NIC has small type antenna, it helps to make
connection on the wireless network.

Modem

Modem stands for “Modulator – Demodulator”. Main objective of using of Modem in

computer network is to move data from one computer terminal to another computer
terminal via telephone line system.

Types of modem are:

Ethernet modem – It is connected into NIC in the computer system.

Wireless modem – Wireless modem contains small antenna, and it is connected with
computer terminal through wireless network.

Switches

Switches are used in the wired network such as Ethernet network. Switch is a small
type of hardware component that helps to receive data from other different input ports
and send this got data to appropriate output port, and finally destination terminal obtains
data over the network.
Here, some types of switches

Unmanaged switches – These switches are used in the small area such as home
network.

Managed switches – These switches are used in medium size of area such as small
and large organizations. There are two types such as Smart switches and Enterprise
managed switches.

Ethernet switches – These types of switches are mostly used to decrease network
congestion, and it helps to make connection with LAN points.

PoE switches – PoE switches stands for “Power over Ethernet”, and they deliver to
great flexibility by cabling process.

Client

Client is edge point of computers which are obtained the requests and received services
from server side, and it uses computer network resources such as printer, scanner,
plotter, and more.

Server

Server is high level computer which are get high configuration. It has responsibility to
handle all resources of the entire network system. On the server, a special type of
operating system is installed, it is known as network operating system.

Server has some variants such as –

 File servers

 Database servers

 Print servers, and more

Self-Check2.2. Written Test

Directions: Answer all the questions listed below.

I. DIRECTION: CHOOSE THE BEST ANSWER AND ENCIRCLE THE

CORRECT LETTER OF YOUR CHOICE. (each question have 2pts)
1. One of the following is a high level computer which are get high configuration
A. Mainframe computer C. Personal computer
B. Server computer D. server installed computer
2. Which of the following is stands for “Modulator – Demodulator
A. Switch C. Router
B. Repeater D. Modem
3. ----------------has small type antenna, it helps to make connection on the wireless
network.
A. Wireless NIC C. weird Modem
B. Weird NIC D.wireless Modem
4. These types of switches are mostly used to decrease network congestion, and it
helps to make connection with LAN points
A. Unmanaged switch C. Ethernet switch
B. Managed switch D. PoE switch
5. These switches are used in the small area such as home network.
A. Unmanaged switch C. Ethernet switch
B. Managed switch D. PoE switch

Information Sheet 2.3. Installing required operating system and software

Installing an operating system?

The steps for installing an operating system, like Linux or Microsoft Windows, depends
on the operating system version you are installing. Each version has different steps and
options that are unique to that operating system.
On this page, you'll find general steps and guidelines for installing an operating system
on your computer.

Purchase the operating system

First, you need to purchase the operating system that you want to install on the
computer. The best place to purchase the operating system from is a retail store, like
Best Buy, or through an online store, like Amazon or Newegg. The operating system
may come on multiple CD or DVD discs, or it may even come on a USB flash drive.

Downloading a copy of the operating system is usually the most convenient way to
obtain it. However, be sure you obtain the operating system from the publisher, like
Microsoft. Downloading it from another source may result in an unusable or illegal copy
of the software.

Install the operating system

To install the computer's operating system using a CD or DVD, you need to configure
your computer to boot from the CD/DVD drive. You can change the boot sequence in
your BIOS setup, and setting the CD/DVD drive to be the first boot device. Some
computers may also allow you to access the boot sequence directly at computer start
up, without entering the BIOS, by pressing a specific key on the keyboard. The key to
press differs for each computer, but is often the Delete key or one of the function keys.

 entering the BIOS or CMOS setup

If the operating system software came on a USB flash drive, you need to configure the
computer to boot to a USB device as the first boot device.

Once the computer is configured to boot to the proper device, the computer should load
the operating system installation program and guide you through the install process.
You will be asked questions along the way for configuration of basic settings, like date
and time, user account name, and if you want to enable automatic operating system
updates. Go through the installation steps, answering questions and selecting the
preferred options
 Operation Sheet 2.1. Installing operating system and software

Operation title: Installing window server 2008

Equipment ,tools and materials: computer and server software

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step 1. Insert the appropriate Windows Server 2008 installation media into your
DVD drive.
Step 2. Reboot the computer.

Step 3.When prompted for an installation language and other regional options, make
your selection and press Next.
Step4. Next, press Install Now to begin the installation process.

Step5. Product activation is now also identical with that found in Windows Vista. Enter
your Product ID in the next window, and if you want to automatically activate Windows
the moment the installation finishes, click Next.
Step6. If you do not have the Product ID available right now, you can leave the box
empty, and click next. You will need to provide the Product ID later, after the server
installation is over. Press No.

Step7. Because you did not provide the correct ID, the installation process cannot
determine what kind of Windows Server 2008 license you own, and therefore you will be
prompted to select your correct version in the next screen, assuming you are telling
the truth and will provide the correct ID to prove your selection later on.
Step8. If you did provide the right Product ID, select the Full version of the right
Windows version you're prompted, and click Next.

Step9. Read and accept the license terms by clicking to select the checkbox and
pressing Next.
Step 10. In the "Which type of installation do you want?" window, click the only
available option – Custom (Advanced).

Step 11. In the "Where do you want to install Windows?", if you're installing the
server on a regular IDE hard disk, click to select the first disk, usually Disk 0, and click
Next.
Step12.The installation now begins, and you can go and have lunch. Copying the setup
files from the DVD to the hard drive only takes about one minute. However, extracting
and uncompressing the files takes a good deal longer. After 20 minutes, the operating
system is installed. The exact time it takes to install server core depends upon your
hardware specifications. Faster disks will perform much faster installs… Windows
Server 2008 takes up approximately 10 GB of hard drive space.

Step 13. Then the server reboots you'll be prompted with the new Windows Server
2008 type of login screen. Press CTRL+ALT+DEL to log in.
Step 14. Click on Other User.

Step 15. The default Administrator is blank, so just type Administrator and press
Enter.

Step 16.You will be prompted to change the user's password. You have no choice but
to press Ok.
Step 17. In the password changing dialog box, leave the default password blank (duh,
read step #15…), and enter a new, complex, at-least-7-characters-long new password
twice. A password like "topsecret" is not valid (it's not complex), but one like
"T0pSecreT!" sure is. Make sure you remember it.

Step 18.Someone thought it would be cool to nag you once more, so now you'll be
prompted to accept the fact that the password had been changed. Press Ok.
Step 19. Finally, the desktop appears and that's it, you're logged on and can begin
working. You will be greeted by an assistant for the initial server configuration, and
after performing some initial configuration tasks, you will be able to start working

Precautions: Care should be taken while connecting with electric power

Quality criteria: install all roll of server 2008

 Information Sheet 2.4. Installing additional tools or third-party software
Installing additional software
Additional tools or third party software is very necessary after we install server 2008
software and on the client computer. So one of third party software is driver.

Installing device drivers is necessary in many instances. Unfortunately, for someone

who does not have a lot of experience with these drivers, the task may sound somewhat
overwhelming. The good news is that it does not have to be. In fact, if you are using
Microsoft Windows, chances are good the process will be fast, efficient and even easy
to understand!

First off, keep in mind that the method of installation is dependent on the type of device
driver you are working with. Each type has its own particular needs and methods. In
addition, each developer of the driver may have specifics on how they would like the
driver to be downloaded and used.

Consider the following methods to installing device drivers, most commonly found.

CD And Discs: When it comes to Windows, almost all manufacturers of hardware and
computer components will include a group of device drivers for each of these devices
on a CD or other disc. However, remember this, too. Often times, the same CD will
contain drivers for more than just one driver. For example, if you obtained a device
driver for a printer on CD form, chances are good that CD also has drivers for numerous
other printers. Therefore, it is critical to select only the driver right for the printer you
have.

Downloading: In this day and age, it is easy to find what you need online. That goes for
device drivers, too. Most of the drivers you need can be downloaded from the web.
These are going to download in an executable file in most situations that will be
compressed. You will need to uncompressed the file and extract the information from it.
This is all done by answering questions that are posed to you as the driver downloads.
It is also helpful to note that when you are done downloading these files, you can delete
them from your computer. They are not necessary files after you have installed the
driver and just take up space.

Take the time to find the right device driver for the computer component that you are
downloading. It is critical to have the exact information in place to ensure that you are
actually downloading the right driver, since even small number differences can make
problems rather than solutions.

The good news is that most manufacturers realize that people do not have extensive
knowledge of how to use these drivers and therefore they make the process simple
using on screen navigation screens. Even if you do know how to use these files, these
on screen steps make the process simplistic. Simply follow the commands as directed.

Learning how to install drivers is a onetime thing. Once you know how to do so, you will
see that the process is easy and can be highly efficient. Keep in mind that as new
media becomes available, the methods for installation may differ. Nearly all computer
components you need device drivers for will come with specific directions on how to
download these to your computer.

The importance of driver

What are device drivers and why do you have to worry about them? If you just
purchased a printer, camera or even a new video card, you need device drivers. You
cannot often take these items out of the box, slide them into your computer and assume
that they will work. In some instances, these devices may work like this, however they
may also have problems, including glitches. This can be quite frustrating for anyone that
just wants to start using what they purchased. The fact is, you need to download device
drivers to your computer to work between your new hardware and the computer itself.

Device drivers

A device driver is a set of instructions. The driver tells your computer what to do with the
hardware you are installing in it. For example, you may have a new printer. Your
computer does not have information installed in it to handle all types of printers, since
every printer is slightly different. Therefore, it needs something to tell it what to do.
Device drivers are created by the manufacturers of the hardware (in this case the printer
manufacturer) and provide very specific instructions on how to use the device.

Just about all computer devices require the use of device drivers. They tell the computer
what the device is and how to use it. This includes both internal and external devices.

Installing Drivers

The good news is that it is usually fairly easy for you to download device drivers to your
computer so that you can start using the device. Most of the time, device drivers are
sent with the manufacturer of the device to you when you purchase the device. This is
often done in the form of a CD ROM. All you need to do is to insert the CD and follow
the directions provided to you. The driver will be automatically loaded onto your
computer.

Repairing Drivers

Device drivers are a form of software. Therefore, you have to keep in mind that these
drivers may in fact become corrupt or they may not work properly over time. The good
news is that you can often reinstall the device driver to fix the problem. If you need to do
this, try to use the same installation disk you used rather than investing in a third party
to have the driver you need.

If you cannot find the device driver you need from the installation disk, or you do not
have a disk, you can visit the manufacturer's website, as well as a number of third party
websites, to obtain the driver. It is important to have the right driver, so look for them
based on the manufacturer and model number.

You do need device drivers to operate many of the software and hardware that is
installed on your computer. They provide a fundamental resource for your computer in
telling your computer what to do with the device. Device drivers do not have to be
difficult to find or use, if you know where to look.
The Importance of Choosing Compatible Device Drivers

Why do you use your computer? Unless you just use it to play games or to write reports
just for your own information, you need device drivers. If you watch videos online line
you need video and audio drivers in addition to sound and video cards. The drivers you
install must be compatible with the device as well as your computer and its operating
system. You can't simply choose drivers you may have from another system and expect
them to work - it just won't happen. If the drivers are not compatible with the device on
which you install them, the device will not work.

That doesn't mean each device needs its own driver - there are some drivers that will
work on more than one type of device - if that were not the case we would find probably
millions of different device drivers on the market. It is essential for the user to choose
the drivers that are designed to work with the hardware they have on their computer.
Failure to do this will render the device unusable. You can buy the most expensive
printer you can find, connect it to your computer, but if you do not use the printer drivers
that are compatible with your hardware nothing you do will make the printer work. The
same holds true for network drivers, probably the most important of your drivers.
Without compatible network drivers your compute will not be able to communicate with
other computers in the network or allow you to access the Internet.

Wouldn't it be easier to design drivers that will work on any device by any
manufacturer? It might seem it would be easier but in reality, it would be much more
complicated. Each hardware device has a different set of components, so to make
drivers that would work with all of those components interchangeably would be very
complicated indeed. Even if it were possible, there is a good probability those drivers
would lack the efficiency of those that are designed for specific hardware devices.
Using compatible drivers for each hardware device will make that device more efficient
and assure a long life for both the device and the drivers. If you were to attempt to use
the wrong drivers for an audio device, it would likely provide a distorted sound quality if
it even worked at all. If you think back to the days when we relied on typewriters, you
will remember ribbons and then later printer balls were designed for specific models.
Certainly, the same one worked in more than one model but only if you choose the one
that was compatible with that model. The same holds true for device drivers.

Whether you are operating a home or business computer it is essential for you to
understand the importance of drivers and choosing ones that are compatible with the
hardware you are using. Have no doubts about it - the wrong drivers will reduce the
efficiency of your device or will prevent it from working entirely.

Self-Check 2.4 Written Test

Directions: Answer all the questions listed below.

I. DIRECTION: TRUE or FALSE. Write “TRUE” if the statement is

correct or “FALSE” if the statement is incorrect.(each 2pts)
1. The method of installation of driver is dependent on the type of device driver you
are working with.
2. The driver not tells your computer what to do with the hardware you are installing
in it.
3. The drivers you install must be compatible with the device as well as your
computer and its operating system.
4. Device drivers are not a form of software.
5. Device drive may not work properly over time
 Operation Sheet 2.2. Installing third-party software

Operation title: Installing driver pack solution

Equipment ,tools and materials: computer and driver pack solution software

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required, need available power all time and internet
connection.

Procedures :

Step 1- Download Driver Pack Solution

Download and run it easily, and it will check your computer configurations.
Step2- After checking your computer configurations, the application will look like
below
You can chose to do automatic setup or you can click on the expert mode on the below
bar to customize your driver and programs installations, and that’s what i recommend

Step3- Exploring the Expert Mode

You can chose what to install from the driver and what not, same for the software
package, as for “Security Tab” it will guide you about the unnecessary application if you
have and you need to remove it
Step4- Choosing what software to install

On this step you will select which software do you need for your computer
Step5- The most important step and it’s Drivers installation

Select the required drivers that you need to install and also you will notice that
Driverpack can update your current drivers
After made your selections with each tab (Drivers,Software,Security,..Etc) click Install
everything, and the driver pack will download your required drivers and software to
install

Precautions: Care should be taken while connecting with electric power

Quality criteria: install all needed driver for network installation

 Information Sheet 2.5. Patching operating system and applications

Patching Operating Systems

Patching operating systems is a strategy used by IT professionals and businesses to

ensure all known or potential system vulnerabilities are fixed (or patched) thereby
reducing the likelihood of malware entering the system via glitches. Hackers specifically
look for old and outdated operating systems to breach. A patch updates one
component of the software, perhaps to fix a bug or error discovered after product
release. ... Security patches address vulnerabilities in the software cybercriminals
might use to gain unauthorized access to your device and your data.

Patching doesn’t remove virus!

It's pretty much useless. New threats that have been discovered since its last update
cannot be picked up, as it'll not show any no record of it being a vulnerability. Patching
your anti-virus means that it can pick up everything that it should do.

Patch management system

Patch management is the process of distributing and applying updates to software. ...
Common areas that will need patches include operating systems, applications, and
embedded systems (like network equipment). When a vulnerability is found after the
release of a piece of software, a patch can be used to fix it.

Patching

A patch is a set of changes to a computer program or its supporting data designed to

update, fix, or improve it. ... This includes fixing security vulnerabilities and other bugs,
with such patches usually being called bugfixes or bug fixes.Poor patch management
can leave an organization’s data exposed, subjecting them to malware and ransom
ware attacks where data is hijacked unless a ransom is paid; typically in the form of
Bitcoin.
Security is the most critical benefit of patch management. Network security breaches
are most commonly caused by missing patches in operating systems and other
applications. For example, security breaches are regularly discovered in MS Windows
ActiveX, IIS and Internet Explorer .

Self-Check 2.5 Written Test

Directions: Answer all the questions listed below.

I. DIRECTION: TRUE or FALSE. Write “TRUE” if the statement is

correct or “FALSE” if the statement is incorrect.(each 2pts)
1. Patching operating systems is a strategy used by IT professionals and
businesses to ensure all known or potential system vulnerabilities are fixed.
2. Security patches does not address vulnerabilities in the software cybercriminals
3. A patch is a set of changes to a computer program to fix bug.
4. Security is the most critical benefit of patch management.
5. Network security breaches are most commonly caused by missing patches in
operating systems and other applications

Operation Sheet 2.3. Installing operating system patching

Operation title: Installing (or uninstall) patches/service packs in Windows servers

and workstations

Equipment ,tools and materials: windows server 2008 installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step1. Navigate to Configurations tab and choose Install/Uninstall Patch

configuration from the list of Windows Configurations.

Step 2. Name the Configuration

Provide a name and description for the Install/uninstall Patches Configuration.

Step3. DefineConfiguration

Parameter Description

Add the Patches If you have reached this configuration page from the Patch
Management tab by selecting the patches, the selected patches
automatically gets added to the List of Patches.

Click the Add More Patches button to invoke the Patch Browser. From
the patch browser select the patches and service packs that have to
be applied. The patch browser has an option to view the missing
patches/service packs or all patches/service packs, which can then be
filtered based on the application and service pack.

Scheduler Settings Install After

 Select this option and specify the date and time after which the
patches have to be installed. The patches will be installed
based on the Install Options selected after the scheduled time.

Expiry date

 Set an expiry date for installation/uninstallation of patches.

Deployment If you have set any Policy as default, then the default policy will be
Settings automatically applied to the configuration. You can choose from the
policies which are listed under "Apply Deployment Policy". You can
see the Policies segregated as My Policies and Created by Others.
You can click on View Details to see the policy details and the list of
configurations to which the policy is applied.
If you do not have an existing policy, you can create one by clicking on
create policy

Deployment Rule: Deployment can be continued even if some patches

cannot be downloaded. If the failed patches are successfully
redownloaded, they will be installed in the subsequent refresh cycle
(within deployment window).
Step 4.Define Target

Using the Defining Targets procedure, define the targets for deploying the Install
Patches Configuration.

Step 5.Deploy Configuration

Click the Deploy button to deploy the defined Install Patches Configuration in the
defined targets. Deployment will be initiated during the next system startup.

To save the configuration as draft, click Save as Draft.

Precautions: Care should be taken while connecting with electric power

Quality criteria: install all patch file and safe computer from any kind of security threat.

Operation Sheet 2.3. Installing application software patching

Operation title: Installing application software patching

Equipment ,tools and materials: windows 10 and office 2013 installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step 1. Click on the Windows "start" icon (bottom-left corner of your screen).

Step 2. Click on "Settings". The "Windows Settings" window should appear.

Step 3. Click on "Apps". The "Apps and Features" window containing a list of your
installed programs should appear.

Step 4. Select "Microsoft Office" (or "Microsoft Excel" if you do not have the full Office
installation).

Step 5.Click"Modify".
Step 6. Choose from "Quick Repair" or "Online Repair".

Precautions: Care should be taken while connecting with electric power

Quality criteria: install all patch file and repair MS office 2013

Practical Demonstration
LAP Test 1

Instructions: Given necessary templates, workshop, tools and materials you are
required to perform the following tasks within 3 hours.
Task1: installing server 2008 operating system
1. Install Windows Server 2008 Operating System on the Server Computer
Task2: installing deriver pack solution
Task3: installing operating system patch
Task4: installing application software patch
LO #3- Configure and test server

Information Sheet 3.1. Configuring server and its applications using technical
requirements

Server configuration

Configuring server hardware and software means setting up the way the hardware and
software operates to suit the IT environment and organizational or user requirements.
Generally, server hardware is configured before the server operating system is installed
or afterwards, if hardware components in an operating server are being changed or
added. Software may be configured when installed, as part of the installation process,
or afterwards, if a default installation has been performed. Some specific considerations
for configuring server hardware and software configuration follow.
Server Hardware Configuration
Server hardware configurations will depend on what components make up the server.
Configurations you may need to consider include those for
 Storage
 Boot sequence
 Specific device
 Redundant component

Server Software Configuration

Configurations for server software depend on the purpose or function of the server.

Generally, a server may be configured for one or more of the following roles:

 An application server which runs specific software applications for end

users, such as a server that runs a central Oracle Database that is
accessed by users across an organization.

 A storage server which provides a central storage place for data that can
be accessed by computer users around a network.
  A network services server which provides specific services such as print,
user authentication and authorizations, dynamic host configuration protocol
(DHCP), and domain name system (DNS) are some examples of the
services that can be provided.
Server Items to be Configured

Generally, the following items will need to be configured on a server:

 Network setting, which includes network protocol to be used, network

addressing, server name and network adaptor settings.

 Services, which include enabling and configuring specific services to run

on the server, such as setting the server to run dynamic host configuration
protocol (DHCP) and domain name system (DNS) services for an
organization.

 Authentication, which involves setting how users of the server will be

identified. This may involve setting up local user accounts with passwords
on the server or setting the server to authenticate users via some other
mechanism.

 Authorization, which is setting up which authenticated users are permitted

to access and use the server, such as allocating user permission to access
data storage or server applications or programs.

Environment setting and policies, which are settings for the server to operate as
required or settings dictated by organizational policy. Having data backup schedules for
the server is an example of environment setting.

Types of Servers

 The multiple types of servers or types of network servers are as follows:

 File Server Provides convenient, centralized access to files and

directories for individual users, departments, and entire organizations.
  Choosing this option allows you to manage user disk space by
enabling and configuring disk quota management and to provide
improved file system.

 Print Server Provides centralized and managed access to printing

devices by serving shared printers and printer drivers to client computers.

 Application Server (IIS, ASP.NET) Provides infrastructure components

required to support the hosting of Web applications.

 Mail Server (POP3, SMTP) Installs POP3 and SMTP so that the server
can act as an e-mail server for POP3 clients.

 DHCP Server Provides automatic IP addressing services to clients

configured to use dynamic IP addressing.

 Terminal Server Provides applications and server resources, such as

printers and storage, to multiple users as if those applications and
resources were installed on their own computers.

 Remote Access/VPN Server Provides multiple-protocol routing and

remote access services for dial-in, local area networks (LANs) and wide
area networks (WANs).

 Domain Controller (Active Directory) Provides directory services to

clients in the network.

Active directory

Installing Active Directory on Windows Server 2008

Microsoft Active Directory provides the structure to centralize the network management
and store information about network resources across the entire domain.Active
Directory uses Domain Controllers to keep this centralized storage available to network
users. In order to configure a Windows Server 2008 machine to act as Domain
Controller, several considerations and prerequisites should be taken into account, and
several steps should be performed.

Considerations when installing a new Windows Server 2008 forest

When you install AD to create the first domain controller in a new Windows Server 2008
forest, you must keep the following considerations in mind:

 You must make forest and domain functional level decisions that determine
whether your forest and domain can contain domain controllers that run Windows
2000 Server, Windows Server 2003, or both.
 Domain controllers running the Microsoft Windows NT Server 4.0 operating
system are NOT supported with Windows Server 2008.
 Servers running Windows NT Server 4.0 are NOT supported by domain
controllers that are running Windows Server 2008, meaning you MUST have
additional DCs running Windows 2000/2003 to support older NT 4.0 servers.
 The first Windows Server 2008 domain controller in a forest must be a global
catalog server

Considerations when installing a new Windows Server 2008 domain in an existing

Windows 2000/2003 forest

When you install AD to create the first domain controller in a new Windows Server 2008
domain, you must keep the following considerations in mind:

 Before you create a new Windows Server 2008 domain in a Windows 2000/2003
forest, you must prepare the forest for Windows Server 2008 by extending the
schema.
 You must make domain functional level decisions that determine whether your
domain can contain domain controllers that run Windows 2000 Server, Windows
Server 2003, or both.
General considerations

Installing Active Directory Domain Services (AD-DS)

In Windows Server 2008, unlike previous server operating Systems, there is an

additional step that needs to be taken before running DCPROMO to promote the server
to Domain Controller and installing Active Directory on it. This step is the installation of
Active Directory Domain Services (AD-DS) role on the server. In fact, the AD-DS role is
what enables the server to act as a Domain Controller, but you will still need to run
DCPROMO the regular way.

User Objects

User objects are, well, users! Users, after all, are the foundation of your organization.

When you right-click a User object and select Properties, you’ll see the screen shown in
Figure 1.

Figure 1 : sample user property

The Properties page for a user object

Tabs on User objects include:

General: Displays general descriptive information about the user, including name, email
address and primary telephone number.

Address: This tab displays postal addresses for the selected user.

Account: The Account tab holds detailed account information for the user, including the
logon name for the user and, via the Logon Hours button on this tab, account
restrictions.

The Account options section gives you a way to force users to change their password at
next logon, prevent them from changing passwords, require a Smart Card for logon, and
enable delegation for the account. You’ll also use this page if the account gets locked
out due to logon failures. Microsoft has made is easy to unlock accounts by adding an
“Unlock account” option to this tab.

Profile: The Profile tab holds fields that specify the paths to any logon scripts the user
needs to access. You can also specify a path to the user’s profile and home folder here.

Telephones: This tab serves as a repository for any telephone numbers you have for
the user, including pagers, cell phones, and IP telephone numbers.

Organization: Don’t confuse this tab with Active Directory’s Organizational Unit object.
Here, you’ll place information about the user’s company, including job title, department,
and company name. You can also link the user to his or her manager’s Active Directory
object.

Terminal Services Profile: This tab is similar to the Profile tab, but this only controls
profile information for the Terminal Services session, including home folder location.

COM+: You can assign the user to be part of a COM+ partition set here. COM+ partition
sets allow users in a domain to access COM+ applications throughout the domain.
Attribute Editor (new tab in Windows Server 2008): In Windows Server 2008,
Microsoft has borrowed from the ADSI Edit utility and added this tab, which allows you
to directly manipulate all of the attributes associated with the selected object.

Security: This tab controls the Active Directory rights other objects have to this object.
The Group or users box lists the objects with rights and the Permissions box describes
the permissions of the selected object.

Environment: This tab controls the Terminal Services startup environment for the user.

Sessions: The information on the Sessions tab helps you control how the user interacts
with Terminal Services, including how long a session stays connected and what
happens if she disconnect from the server.

Remote Control: This tab indicates whether a user’s Terminal Server session can be
remotely controlled. You can set options that allow you to establish view-only sessions
or that allow interaction.

Published Certificates: This tab allows you to associate X.509 security certificates with
the user.

Group Objects

There are a couple of kinds of group objects that can be created in Active Directory. The
first kind, the security distribution group, provides a way to manage access rights for
multiple users (or other objects) all at once. Rather than assign individual permissions to
a file share, for example, you can give rights to the security group and then add and
remove group members as needed. Security groups can also be used as email
distribution groups. The second kind of group, called a distribution group, is used solely
as an email distribution list. This article focuses on security groups.

If you right click a Group object, you’ll see the screen shown in Figure 2.
Figure 2: domain admins properties

The Properties page for the Domain Admins group object

Tabs on the Group object include:

 General: This tab displays information about the object. You can view, but not
change Group Scope and Group Type for Groups. You can change all other
fields on this page.
 Member: Here you can add and remove group members. By clicking the Add
button, you can add individual objects or select multiple objects.
 Member Of: This tab lists the groups that the object belongs to. You can add or
delete group membership here.
 Managed By: Here you can enter information about who’s in charge of the
computer. You can quickly assign someone by selecting their information directly
from Active Directory.
 Object: This tab displays information about the object including its name, when it
was created, when it was last updated, and the Update Sequence Numbers for it.
On this tab, you can also indicate that the object should be protected from
accidental deletion.
 Security: This tab controls the Active Directory rights other objects have to this
object. The Group or users box lists the objects with rights and the
Permissions box describes the permissions the selected object has.
 Attribute Editor (new tab in Windows Server 2008): In Windows Server 2008,
Microsoft has borrowed from the ADSI Edit utility and added this tab, which
allows you to directly manipulate all of the attributes associated with the selected
object.
 Operation Sheet 3.1.1Installing active directory

Operation title: Installing active directory

Purpose: installing AD for full function of server 2008 in three ways

Equipment ,tools and materials: server 2008 software CD and windows server 2008
installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Method 1 – Server Manager/Initial Configuration Tasks

Roles can and should be added from Server Manager (but they can also be initiated
from the Initial Configuration Tasks wizard that auto-opens the first time you log on to
the server).

Step 1.Open Server Manager by clicking the icon in the Quick Launch toolbar, or from
the Administrative Tools folder.

Step2. Wait till it finishes loading, then click on Roles > Add Roles link.

Step3. In the Before you begin window, click Next.

Step4. In the Select Server Roles window, click to select Active Directory Domain
Services, and then click Next.

Step 5.In the Active Directory Domain Services window read the provided information if
you want to, and then click Next.

.
Step 6.In the Confirm Installation Selections, read the provided information if you want
to, and then click Next.

 Wait till the process completes.

Step 7.When it ends, click Close.

Step 8. Going back to Server Manager, click on the Active Directory Domain
Services link, and note that there's no information linked to it, because the DCPROMO
command has not been run yet.
Step 9.Now you can click on the DCPROMO link, or read on.

To run DCPROMO

Step 1.enter the command in the Run command, or click on the DCPROMO link from
Server Manager > Roles > Active Directory Domain Services.

Step 2. Depending upon the question if AD-DS was previously installed or not, the
Active Directory Domain Services Installation Wizard will appear immediately or after a
short while. Click Next.
Note: The Advanced features of DCPROMO will be discussed in a future article.

Step 10. In the Operating System Compatibility window, read the provided information
and click Next.

Step 11. In the Choosing Deployment Configuration window, click on "Create a new
domain in a new forest" and click Next.
Step 12. Enter an appropriate name for the new domain. Make sure you pick the right

domain name, as renaming domains is a task you will not wish to perform on a daily

basis. Click Next.

Note: Do NOT use single label domain names such as "mydomain" or similar. You
MUST pick a full domain name such as "mydomain.local" or "mydomain.com" and so
on.
The wizard will perform checks to see if the domain name is not already in use on the
local network.

Step 13. Pick the right forest function level. Windows 2000 mode is the default, and it
allows the addition of Windows 2000, Windows Server 2003 and Windows Server 2008
Domain Controllers to the forest you're creating.
Step 14.Pick the right domain function level. Windows 2000 Native mode is the default,
and it allows the addition of Windows 2000, Windows Server 2003 and Windows Server
2008 Domain Controllers to the domain you're creating.

Note: If you select "Windows Server 2008" for the forest function level, you will Not be
prompted to pick a domain function level.

Step15.The wizard will perform checks to see if DNS is properly configured on the local
network. In this case, no DNS server has been configured, therefore, the wizard will
offer to automatically install DNS on this server.
Note: The first DCs must also be a Global Catalog. Also, the first DCs in a forest cannot
be a Read Only Domain controller.

Step16.It's most likely that you'll get a warning telling you that the server has one or
more dynamic IP Addresses. Running IPCONFIG /all will show that this is not the case,
because as you can clearly see, I have given the server a static IP Address. So, where
did this come from? The answer is IPv6. I did not manually configure the IPv6 Address,
hence the warning. In a network where IPv6 is not used, you can safely ignore this
warning.

Step 17.You'll probably get a warning about DNS delegation. Since no DNS has been
configured yet, you can ignore the message and click Yes.
Step 18Next, change the paths for the AD database, log files and SYSVOL folder. For
large deployments, carefully plan your DC configuration to get the maximum
performance. When satisfied, click Next.

Step19.Enter the password for the Active Directory Recovery Mode. This password
must be kept confidential, and because it stays constant while regular domain user
passwords expire (based upon the password policy configured for the domain, the
default is 42 days), it does not. This password should be complex and at least 7
characters long. It is strongly suggest that you do NOT use the regular administrator's
password, and that you write it down and securely store it. Click Next.

Step 20.In the Summary window review your selections, and if required, save them to
an un attend answer file. When satisfied, click Next.

Step 21.The wizard will begin creating the Active Directory domain, and when finished,
you will need to press Finish and reboot your computer.
Note: You can automate the rebooting process by checking the Reboot on Completion
checkbox.

Method 2 – Servermanagercmd.exe

Servermanagercmd.exe is the command prompt equivalent of the Add Roles and Add
Features wizards in Server Manager. Through the use of various command line options,
you can quickly and easily add or remove features and roles to or from your server,
including the AD-DS role.

Step1. To install AD-DS by using Servermanagercmd.exe, simply enter the following

command in the Command Prompt window:
Servermanagercmd.exe –I ADDS-Domain-Controller

Let the command run and when it finishes, AD-DS will be installed on the server.

Method 3 – Letting DCPROMO do the job

Step1.Oh yes. If you forget to install AD-DS or simply want to skip clicking on some
windows, you can run DCPROMO from the Run command and before it is executed, the
server will check to see if the AD-DS binaries are installed. Since they are not, they will
auto-install.

Step 2.After you complete the Add Roles Wizard, either click the link to start the Active
Directory Domain Services Installation Wizard, or close Server Manager and manually
run DCPROMO from the Run command.

Running DCPROMO

After installing the AD-DS role, we need to run DCPROMO to perform the actual Active
Directory database and function installation.

Precautions: Care should be taken while connecting with electric power

Quality criteria: install all rolls which are available in server 2008
 Operation Sheet 3.1.1.1 Creating Users and User Templates in Windows Server
2008 Active Directory

Operation title: Creating a New User Account in Active Directory

Purpose: To create user in server 2008 and use template for huge amount of user

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step1. To start let’s go ahead and open up Server Manager

Step2.Next we will open up the Roles section, next to Active Directory Users and
Computers section and finally the Active Directory Users and Computers. You
should now see your domain name.
Step3.We are going to click on our Users section where we are going to create a new
User Account. To do so, right-click on the blank section, point to New and select User.
Step 4.In this window you need to type in the user’s first name, middle initial and last
name. Next you will need to create a user’s logon name.

In our example we are going to create a user account for Billy Miles and his logon name
will be bmiles. When done, click on the Next button.

Step 5.In the next window you will need to create a password for your new user and
select appropriate options.

In our example we are going to have the user change his password at his next logon.
You can also prevent a user from changing his password, set the password so that it
will never expire or completely disable the account.When you are done making your
selections, click the Next button.
Step 6.And finally, click on the Finish button to complete the creation of new User
Account.
Creating user using template

Step1.To start out, right-click on the empty space, point to new, and select User.

Step 2. Type in the user’s name (with asterisks if so desired) and click Next.
Step3.Create the template’s password and do not forget to check the box next to the
Account is disabled option. When ready, click Next.

Step 4.Once the account is created, you can go ahead and add all the properties you
need for that template. To do so, double-click on that account and navigate to a specific
tab. Once done click OK.
How To Use a User Template in Active Directory

Step 1.Now in order to use that user template, we are going to select it, copy it and add
the unique information such as user name, password, etc.We can do that for as many
users as needed. Let’s start by right-clicking on the template and selecting Copy.

Step 2. Next we are going to enter the user’s name, login and password information
while making sure the checkbox next to Account is disabled is unchecked.
Step 3. Once we finish, our new user account is created with all the properties of the
template account. Now wasn’t that easy!

Logon information procedures

Right click on users and click on “Show Logon info”

Notice how a prompt is displayed showing the additional information for that user
account.

Precautions: Care should be taken while connecting with electric power

Quality criteria: create a user using template

 Operation Sheet 3.1.1.2 Creating group in Windows Server 2008 Active Directory

Operation title: Creating group in Active Directory

Purpose: To create group in server 2008 and add user in group

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step 1.ClickStart, click Administrative Tools, and then click Active Directory
Users and Computers. The Active Directory Users and Computers MMC opens. If
it is not already selected, click the node for your domain. For example, if your
domain is example.com, click example.com.

Step 2.In the details pane, right-click the folder in which you want to add a new
group.

Where?

 Active Directory Users and Computers/domain node/folder

Step 3.Point to New, and then click Group.

Step 4.InNew Object – Group, in Group name, type the name of the new group.

By default, the name you type is also entered as the pre-Windows 2000 name of
the new group.

Step 5.In Group scope, select one of the following options:

 Domain local
 Global
 Universal
 Step 6.In Group type, select one of the following options:

 Security
 Distribution

Step 7.ClickOK.

To assign group membership

Step 1.ClickStart, click Administrative Tools, and then click Active Directory
Users and Computers. The Active Directory Users and Computers MMC opens. If
it is not already selected, click the node for your domain. For example, if your
domain is example.com, click example.com.

Step 2.In the details pane, double-click the folder that contains the group to which
you want to add a member.

Where?

 Active Directory Users and Computers/domain node/folder that contains

the group

Step 3.In the details pane, right-click the group to which you want to add a member,
and then click Properties. The group Properties dialog box opens. Click the
Members tab.

Step 4.On the Members tab, click Add.

Step 5.In Enter the object names to select, type the name of the user, group, or
computer that you want to add, and then click OK.

Step 6.To assign group membership to other users, groups or computers, repeat
steps 4 and 5 of this procedure.

Precautions: Care should be taken while connecting with electric power

Quality criteria: create a group and add all user in created group

Operation Sheet 3.1.1.3 Creating Organizational Unit (OU) Active Directory

Operation title: Creating Organizational Unit (OU)

Purpose: To create OU in server 2008 and organize all group

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step 1.In the Active Directory Users and computers Window right click on FQDN
(project.sbk.com) and in the appeared menu select New then Select Organizational
Unit
Step 2.Creating OU write the require Name, check protection container option and click
OK
The required OU(Student) is created below FQDN (project.sbk.com)

Precautions: Care should be taken while connecting with electric power

Quality criteria: organize all group in OU

1.1.2 DNS and DHCP servers

DNS

 Domain Name System (DNS)

  A hierarchical, distributed, and scalable database that contains various
entries known as resource records
 To understand its workings and how it performs its functions, you must
understand the structure of DNS
 DNS structure
 To fully identify a host in the DNS hierarchy, you use a Fully Qualified Domain
Name (FQDN)
 An FQDN is a segmented name that uses a host name together with
its domain names, separated by dots
 It completely identifies a host on a TCP/IP network such as the Internet
 Understanding the DNS hierarchy makes it easy to understand the way DNS works
to resolve host names to IP addresses and IP addresses to host names
 To perform all this on a Windows Server 2003 network, DNS requires two main
components
 Resolver
 Name server
 Resolver
 Runs on the DNS client computers
 Is the service used to request resolution of a name from a DNS server
 During DNS name resolution, if the client is unable to resolve the destination
host name on its own, the resolver sends a query to the server configured as
the primary DNS name server, requesting the required data
 Name server
 A DNS name server is simply a server with the DNS Server service installed
and running
 While a name server usually includes one or more zone files used for
authoritatively resolving queries to one or more zones, this is not required
 Servers that have no zone files are typically used to cache requests for large
numbers of clients, and are known as caching-only servers
 DNS zones
 DNS is based on the concept of zones
  Zones are an area of authority consisting of one or more contiguous domains
 When a server contains a particular zone, it is said to be authoritative for that
zone, meaning that any query it receives for that zone can be answered with
direct knowledge; no other servers must be asked
 DNS zones
 Zones are broken into two primary types
 Forward lookup zones
 Standard DNS zones
 Primarily used for resolving name-to-IP lookups using A records
 Reverse lookup zones
 Are used for inverse queries
 Typically resolve IP-to-name lookups using PTR (pointer)
records

Operation Sheet 3.1.2.install Domain Name System (DNS) role

Operation title: Install Domain Name System (DNS) role

Purpose: installing DNS for name resolution purpose

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step 1.InServer Manager window, and let’s click with right mouse button on Roles and
let’s select Add roles.

Step 2. Now we have Add Roles Wizard, and we have to select DNS Server role (or
any other Windows Server 2008 role) in Select Server Roles screen. Then, click on
Next.

Step3.Now, you’ll see Introduction to DNS Server.

Step 4. Just click on Next, and then you’ll get Confirm installation selections
window, where you have to click on Finish.

Step 5.Computer will then reboot and that’s it, you have Domain Name System Server
installed on Windows Server 2008.

Precautions: Care should be taken while connecting with electric power

Quality criteria: install DNS rolls which are available in server 2008 try to resolve IP to
domain
DHCP

"Dynamic Host Configuration Protocol (DHCP) is an IP standard designed to reduce the

complexity of administering IP address configurations." - Microsoft's definition. A DHCP
server would be set up with the appropriate settings for a given network. Such settings
would include a set of fundamental parameters such as the gateway, DNS, subnet
masks, and a range of IP addresses. Using DHCP on a network means administrators
don't need to configure these settings individually for each client on the network. The
DHCP would automatically distribute them to the clients itself. The DHCP server
assigns a client an IP address taken from a predefined scope for a given amount of
time.

If an IP address is required for longer than the lease has been set for, the client must
request an extension before the lease expires. If the client has not requested an
extension on the lease time, the IP address will be considered free and can be assigned
to another client. If the user wishes to change IP address then they can do so by typing
"ipconfig /release", followed by "ipconfig /renew" in the command prompt.

This will remove the current IP address and request a new one. Reservations can be
defined on the DHCP server to allow certain clients to have their own IP address (this
will be discussed a little later on). Addresses can be reserved for a MAC address or a
host name so these clients will have a fixed IP address that is configured automatically.

Most Internet Service Providers use DHCP to assign new IP addresses to client
computers when a customer connects to the internet - this simplifies things at user level.
Figure 3: internet IP distribution

The above diagram displays a simple structure consisting of a DHCP server and a
number of client computers on a network.The DHCP Server itself contains an IP
Address Database which holds all the IP addresses available for distribution. If the client
(a member of the network with a Windows 2000 Professional/XP operating system, for
example) has "obtain an IP address automatically" enabled in TCP/IP settings, then it is
able to receive an IP address from the DHCP server.

Forests

A forest is one or more trees connected at the tree roots by a Kerberos bidirectional
transitive trust. As with a tree, this now means that every single domain in a forest trusts
every other domain in the forest, even those domains in other trees. Why would you
need more than one tree in the first place? Remember, a tree is a contiguous
namespace. If you needed a separate namespace, maybe you wanted a domain to be
named savtech.org, you could not place this into the existing savilltech.net tree. Instead,
when you created this new domain you would specify that you wanted to join an existing
forest and give the name of the existing tree. For example, you would give the name
savilltech.net, and as with domains in a tree, a trust between the two tree roots would
be created .The phrase “domain and forest functionality” refers to the scope of Active
Directory features you have available in your enterprise

The Dynamic Host Configuration Protocol (DHCP)

The Dynamic Host Configuration Protocol (DHCP) is responsible for allocating IP

addresses to machines on the network. Not every machine should have a dynamically
allocated IP address, however. Any server that is accessed consistently by clients and
that would be hampered if its IP address changed should have a static IP address

After DHCP is running on a network, configure clients to obtain IP addresses via DHCP
and they automatically request an IP address upon startup.
 Operation Sheet 3.1.2.1 Installing and Performing DHCP Initial Configuration

Operation title: Installing and Performing DHCP Initial Configuration

Purpose: To install and automatically assign IP address for all computer in the network

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Installing and Performing DHCP Initial Configuration

Step1.Select the Add Roles link within the Roles section of the tool (either ICT or Server
Manager)

FIGURE1. The Add Roles option is also available via the ICT environment.

Step2. The Add Roles wizard is displayed and gives warnings that you should ensure
the Administrator has a strong password, a static IP address, and the latest updates.
Click Next

Step3.A list of all roles is displayed. Select DHCP Server and click Next
Step4.The wizard now guides you through the basic configuration of DHCP with seven
steps. Click Next.

The role-based method is far more attractive than the old style Add/Remove Windows
Components in previous versions.

Step5.The first step is determining which network connections are bound for the DHCP
server. All connections with a static IP address are listed. Confirm that the bindings are
correct and click Next.
Step6.The DNS information that is given to clients, including the DNS domain of the
client parent, the primary DNS server, and the secondary DNS server (if available), is
configured. Click Next . This configuration is set at the global level and so applies to all
scopes created on the DHCP server.

Selecting the network connections with which the DHCP server provides service.
Configuring the DNS domain and servers for the DHCP server.

Step7.The next screen configures WINS (if required). If any of your applications still use
NetBIOS names, configure the WINS servers. Click Next.

Step8.DHCP scopes can be configured by clicking the Add button, which opens up the
scope properties. Configure the name, its default gateway, subnet mask, and starting
and ending IP address. You can also select the type of subnet (see Figure 7-8). If it’s
wireless, this generally assumes devices are connected for less time and so have a
lease of only eight hours. Wired devices are normally more permanent fixtures in the
environment and therefore have a lease of six days. Check the Activate the Scope
option and click OK. Click Next after scopes have been defined.
Step9.The option to enable DHCPv6 protocol on the server is displayed. It is set to Yes,
so click Next. If you are not using IPv6, disable this setting for now. You can enable it in
the future.

Step10.The DNS settings for IPv6 DNS must be configured if you selected to enable
DHCPv6. After the configuration is done, click Next.

Step11. Finally, the DHCP server must be authorized with the current credentials or an
alternate set of credentials. You can also decide to skip the authorization. Make a
choice and click Next
Selecting credentials for authorizing a DHCP server.

Step12.A summary of the configuration is displayed, which can be output to an HTML

file and opened in Internet Explorer Click Install to start the DHCP installation. After the
install is complete, a summary is displayed. Click Close.

DHCP server role installation progress display

Precautions: Care should be taken while connecting with electric power

Quality criteria: exclude 192.168.1.0 and 192.168.1.1 from automatically assigned IP

3.1.3 Application server IIS 7

You can use Microsoft® Web Platform Installer (Web PI) to easily install Internet
Information Services (IIS) and applications that run on IIS. However, if you choose to
install IIS manually, you can use this article for guidance.

IIS 7.0 is the Web server role in Windows Server ® 2008 and the Web server in Windows
Vista®. IIS 7.5 is the Web server role in Windows Server ® 2008 R2 and the Web server
in Windows® 7. Windows Server 2008 R2 and Windows Server 2008 operating systems
have all the IIS features needed to support the hosting of Web content in production
environments. Windows 7 and Windows Vista also include IIS features, but the
available features depend on the operating system versions.

The Web server was redesigned in IIS 7.0 to enable you to customize a server by
adding or removing modules to meet your specific needs. Modules are individual
features that the server uses to process requests. For example, IIS 7.0 and IIS 7.5 use
authentication modules to authenticate client credentials and use cache modules to
manage cache activity. Both versions of IIS also provide:

 A new management interface. The interface lets you quickly and easily change
the settings for each Web site. It is also possible to edit the settings of a Web site
in a text-based configuration file.
 The ability to share tasks with Web site owners. A hoster with multiple sites can
delegate administrative control to developers or content owners.

New in IIS 7.5

IIS 7.0 and IIS 7.5 are together known as IIS 7 or IIS 7 and above; however, IIS 7.5 and
Windows Server 2008 R2 include several new features not found in IIS 7.0:

 Microsoft® ASP.NET runs on Windows Server 2008 R2 Server Core installations.

 Some of the extensions available to be added to the IIS 7.0 platform are
integrated into the IIS 7.5 platform, including:
  FTP publishing.
 Web-based Distributed Authoring and Versioning (WebDAV)
publishing.
 Windows PowerShell™ snap-in for IIS.
 IIS Administration Pack modules.

IIS 7.5 includes configuration logging and tracing (IIS 7.0 does not include any built-in
tracing mechanisms for configuration changes).IIS 7.5 includes the Best Practice
Analyzer, an automated tool for helping to ensure compliance with security best
practices.
 Operation Sheet 3.1.3Installing IIS 7

Operation title: Installing IIS 7

Purpose: To install IIS7 for internet service

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step1.Click Start -> All Programs -> Administrative Tools -> Server Manager.

Step2.In the Server Manager window, scroll down to Roles Summary, and then
click Add Roles. The Add Roles Wizard will start with aBefore You Begin page. The
wizard asks for verification of the following:

a. The administrator account has a strong password.

b. The network settings, such as IP addresses, are configured.

c. The latest security updates from Windows® Update are installed.

Step 3.Select Web Server (IIS) on the Select Server Roles page. An introductory page
will open with links for further information.

Note: When you use the Add Roles Wizard to install IIS, you get the default
installation, which has a minimum set of role services. If you need additional IIS role
services, such as Application Development or Health and Diagnostics, make sure to
select the check boxes associated with those features in the Select Role
Services page of the wizard.

Step 4Select the IIS services to be installed on the Select Role Services page. Add
only the modules necessary. In this case, ASP.NET is selected, and a description of
ASP.NET appears in the right pane. Once desired modules are added, click Next.
Step5.Add any required role services.

Step 6 IIS is now installed with a default configuration for hosting ASP.NET on Windows
Server. Click Close to complete the process.
Step 7 Confirm that the Web server works by using http://localhost.
Note: Install only the absolutely necessary IIS services to minimize the IIS installation
footprint. This also minimizes the attack surface, which is one of the benefits of IIS 7
and above.

Precautions: Care should be taken while connecting with electric power

Quality criteria: displaying default web page

FTP servers

FTP Server is a highly secure, fully featured and easy-to-administer file transfer server
for Microsoft Windows® systems. FTP Server lets you create a host that makes files
and folders on your server available to other people. Users can connect (via the Internet
or a local area network) to your host, list folders and files, and (depending on
permissions) download and upload data. Administrators can control access to data and
files with granular permissions by folder, user, and group. Administrators can also
create multiple hosts that function as completely distinct sites. FTP Server is proven and
reliable. It is used by administrators globally to support millions of end users and enable
the transfer of billions of files. WS_FTP Server complies with the current Internet
standards for FTP and SSL protocols. Users can connect to the server and transfer files
by using an FTP client that complies with these protocols, such as Ipswitch WS_FTP LE
or IFTP Professional. FTP Server with SSH also includes support for SFTP transfers
over a secure SSH2 connection.
 Operation Sheet 3.1.4 Installing FTP on Windows Server 2008 R2

Operation title: Installing FTP on Windows Server 2008 R2

Purpose: To install FTP and transfer file

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step 1.Open Server Manager by going to Start>All Programs>Administrative

Tools>Server Manager
Step2. In Server Manager, select Roles and then click on Add Role Services.
Step3.In Select Role Services, scroll down and check the box next to FTP
Server. Once done, click Next.

Step4.Review what is being installed. Once ready, click Install.

Step5.You should then see a progress bar. Once complete, click Close.
Step6.Now FTP is installed. You cannot yet connect to your Web Site via FTP. Next,
you will need to Add a FTP Publishing to your site.

Step 7.Open IIS, expand your computer, expand Sites, right click on your Web Site and
then click on Add FTP Publishing…
Step 8.IIS Manager: Add FTP Publishing Once the Add FTP Site Wizard comes up:

 Choose an IP address for your FTP site from the IP address drop-down, or
choose to accept the default selection of “All Unassigned.”
 Normally, you would enter the TCP/IP port for the FTP site in the port box. For
this how-to, choose to accept the default port of 21.
 For this how-to, we will not use a host name, so make sure that the Virtual
Host box is blank.
 Make sure that the Certificates drop-down is set to “Not Selected” and that the
Allow SSL option is selected.
 When you have completed these items, click Next.
Binding and SSL Setting On the Authentication and Authorization Information page:

 Select Basic for the Authentication settings.

 For the Authorization settings:
 Choose “Specified users” from the Allow access to drop-down
 Type “Administrator” for the user name.
 Select Read and Write for the Permissions option.
 When you have completed these items, click Finish.

Step 9.Authentication and Authorization Last thing to make sure is if your Windows
Firewall has a rule set for FTP default port 21.

Step10. Open Windows Firewall with Advanced Security by going to Start>All

Programs>Administrative Tools>Windows Firewall with Advanced Security.
Step11.Start: Windows Firewall and Advanced Security

Once opened, click on Inbound Rules and then click on New Rule under the Actions
Pane.
Step12.Windows Firewall with Advanced Security The New Inbound Rule Wizard will
pop up. You will select Port and click Next.
Step 13.Rule Type Since this is for the default port 21 for FTP, we will use the TCP
protocol and 21 for the Specific local ports. Once done, click Next.
Step14. Protocol and Ports In the Action page, we will select to Allow the connection
and click Next.
Step15.Action The next page is the Profile page, which we will check all the boxes and
then click Next.
Step16.Profile On the last page, you will need to select a name for the new rule. Here,
we will name it “FTP” and then click Finish.
Step17.Name now the firewall rule has been added for the default port 21. We can now
test FTP connection to the Web Site. In this how-to, I will use FileZilla to show
connection but there are many FTP clients out there to use.

With FileZilla, we will need to fill in the Host/IP Address, Username, Password and Port
# to connect. Earlier, I set up FTP to use a specific user (administrator) and also used
the default FTP port 21. Once you hit Connect, you will be connected to your Web Site
via FTP!

Step 18.Test Connection

Precautions: Care should be taken while connecting with electric power

Quality criteria: connecting to website through FTP

Print server

Print Services in Windows Server 2008 allows you to share printers on a network and
consolidate print server and network printer management tasks by using the Print
Management console. The Print Service role in Windows Server 2008 includes Server
Manager and Print Management.

Operation Sheet 3.1.5 Installing Print server

Operation title: Installing Print server

Purpose: To install print server and print through network

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step1.In Server Manager, right click Roles and select Add Roles, this will load the Add
Roles Wizard.
Step 2.On the Before You Begin page, click Next.
Step3. On the Server Roles page, select the Print Services check box and click Next.
Step4.On the Print Services page, click Next.
Step5.On the Select Role Services page, select the Print Server and Internet Printing
check boxes, and click Next.
Step6.If IIS is not installed, in the Add Roles wizard dialog box, click Add Required Role
Services.
Step7.On the Select Role Services page, click Next.
Step8.On the web Server (IIS) page, click Next.
Step9.On the Select Role Services page, you're prompted to select the role services
you want to install to support IIS. Click Next to accept the default settings.
Step10.On the Confirmation page, click Install.
Step11.On the Results page, click Close.

Precautions: Care should be taken while connecting with electric power

Quality criteria: protecting printer to not print for weekend

E-mail server

We can say that an email server (or mail server or mail server) is your digital
correspondence agency. It's a machine or application responsible for handling
messages. In other words, an e-mail server receives and delivers e-mails, this is its
function.

So, when you send an email, your message usually goes through a series of email
servers until it reaches the recipient.

The process is so fast and efficient that it looks simple, but there is a great deal of
complexity behind sending and receiving e-mails.

To avoid confusion, it is important to be clear that the term email server can have
different meanings depending on the context. Sometimes an email server can mean a
computer or a machine that has a complete system that includes different services or
applications.

At other times, the term e-mail server can be used precisely as a synonym for some of
these services or applications.

In this post, we'll talk more about the following topics:

 Types of email servers.

 SMTP.
  POP3.
 IMAP.
 How is the process of sending emails.
 Email security.

Types of email servers: outgoing and incoming servers

When we use the term email server in the sense of services or applications, we can
separate email servers into 2 main categories: outgoing email servers and incoming
email servers.

SMTP, POP3 and IMAP

Outgoing e-mail servers are called SMTP servers(Simple Mail Transfer Protocol).

Incoming email servers are known by the acronyms POP3 (Post Office Protocol) and
IMAP (Internet Message Access Protocol).

Before you ask yourself about the difference between IMAP and POP3, we answer you.
With IMAP, messages are stored on the server itself. While with POP3, messages are
usually kept on the device, that is, on your computer or cell phone.

In general, IMAP is more complex and flexible than POP3.

Sending emails in 4 steps

To facilitate understanding, we have created a basic step-by-step process for sending

e-mail. It is a very simplified version, but it allows you to understand how an email is
sent and delivered. Check out.

Step 1: Connecting to the SMTP server

When you send an email, your email service or provider, such as Gmail, Exchange,
Office 365 and Zimbra, will connect to the SMTP server. That SMTP server is
connected to your domain and has a specific address, such as smtp.gatefy.com. or
smtp.example.com.

At this stage, your e-mail service will provide the SMTP server with some important
information, such as your e-mail address, the message body and the recipient's e-mail
address.

Step 2: Processing the recipient's email domain

The SMTP server will now identify and process the recipient's email address. If you are
sending an email to someone else in your company, that is, to the same domain, the
message will be directed directly to the IMAP or POP3 server.

Otherwise, if you are sending the message to another company, for example, the SMTP
server will need to communicate with that company's e-mail server.

Step 3: Identifying the recipient's IP

At this stage, your SMTP server will need to connect with DNS (Domain Name System)
to find the recipient's server.

The DNS works like a translation system. It will help to convert the recipient's domain
into an IP address. By the way, the IP is a unique number that identifies a machine or
server connected to the internet.

SMTP needs IP to perform its function correctly, thus being able to direct the message
to the recipient's server.

Step 4: Delivering the email

But not everything is as simple as it seems. Generally, your email will go through
different unrelated SMTP servers until it reaches the recipient's SMTP server.
When the recipient receives the email, the SMTP checks the message and then directs
it to the IMAP or POP3 server. The email then enters a queue and is processed until it
is available for the recipient to access.

There, now the email can be read. And you know the basics about incoming and
outgoing mail servers. But to conclude, we still need to talk about email protection and
security.

Email security

Here we show a simplified process. Sending and receiving e-mails involves different
and complex processes and protocols, which, unfortunately, are usually forged or
falsified.

In fact, e-mail is the main vector for cyber-attacks, the most used way by criminals and
attackers to commit scams and fraud.

This means that if you have a business and want to keep it free from threats, you need
to be careful with email protection. Your company's email security needs to take into
account several aspects, from creating internal policies for the use of email to adopting
protection solutions.

If you use G Suite, Office 365, Exchange or Zimbra, for example, read more about how
to improve the protection of these platforms and, consequently, your company's
information and data.

Operation Sheet 3.1.6. Installing mail server

Operation title: Installing Mail server

Purpose: To install mail server accept mail using installed server

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required, internet connection and need available
power all time.

Procedures :

Step1.Open Server Manager Console and under Features select Add Features
Step2.Select SMTP Server option
Step3.Click on Install wait until finish and click close
Step4.Open IIS 6.0 Manager under Administrative Tools -> Internet Information
Services 6.0
Step5.Under [SMTP Virtual Server] second mouse click and properties
Step6.Select Relay under Access Tab
Step7.Select Only the list below and click on Add button
Step8.Enter IP Address 127.0.0.1 for relay
Step9.Send a manual email through telnet to confirm everything working successfully.
Telnet local host 25 or telnet your public IP 25 and make sure you open the specific port
on your firewall to be available to public.

Precautions: Care should be taken while connecting with electric power

Quality criteria: send receive mail using installed server

FIREWALL SERVER

The new features of the Windows Server 2008 Advanced Firewall and how to configure
this powerful host-based firewall using the new MMC snap-in.

Since its inception, the Windows Server 2003 SP1 firewall has been a basic, inbound-
only, host based, state full firewall. With Windows Server 2008, the built-in firewall has
been dramatically improved. Let's find out how the new advanced firewall can help you
and how to configure it using the MMC snap-in.

The benefit of using the Windows host-based firewall

Many companies today secure their network using the "hard outer shell / gooey center"
approach. What this means is that they create a strong perimeter around their network
with firewalls and IPS systems, protecting themselves from malicious attackers on the
Internet. However, if an attacker could penetrate the outer perimeter and gain access to
the internal network, there would only be Windows authentication security to stop them
from gaining access to the company's most valuable assets - their data.

This is because most IT Pros don't secure their servers with host-based firewalls. Why
is that? We see host-based firewalls as being "more trouble than they are worth".

After reading this article, I hope that many of you will take a second look at the Windows
host-based firewall. With Windows Server 2008, the host-based firewall is built in to
Windows, is already installed, now has more features, and is now easier to configure.
Plus, it is really one of the best ways to secure a crucial infrastructure server. So, what
can the Windows Server Advanced firewall do for you and how do you configure it?
Let’s find out.

The new advanced firewall offering

New with Windows Server 2008, the built-in firewall is now “advanced”. And it isn’t just
me saying that, Microsoft now calls it the “Windows Firewall with Advanced Security”
(let’s abbreviate that as WFAS).

Here are the new features that help justify that new name:

 New GUI interface – an MMC snap-in is now available to configure the

advanced firewall.
 Bi-directional – filters outbound traffic as well as inbound traffic.
  Works better with IPSEC – now the firewall rules and IPSec encryption
configurations are integrated into one interface.
 Advanced Rules configuration – you can create firewall rules (exceptions) for
Windows Active Directory (AD) service accounts & groups, source/destination IP
addresses, protocol numbers, source and destination TCP/UDP ports, ICMP,
IPv6 traffic, and interfaces on the Windows Server.

With the addition of being a bi-directional firewall, a better GUI, and advanced rules
configuration, the Windows Advanced firewall is bordering on being as good as
traditional host-based firewalls (like ZoneAlarm Pro, for example).

I know that the first concern of any server admin in using a host-based firewall is: what if
it prevents critical server infrastructure apps from functioning? While that is always a
possibility with any security measure, WFAS will automatically configure new rules for
any new server roles that are added to the server. However, if you run any non-
Microsoft applications on your server that need inbound network connectivity, you will
have to create a new rule for that type of traffic.

By using the advanced windows firewall, you can better secure your servers from
attack, your servers from attacking others, and really nail down what traffic is going in
and out of your servers. Let’s see how it is done.

The options for configuring Windows Firewall with Advanced Security

Previously, with Windows Server, you could configure the Windows firewall when you
went to configure your network adaptor or from the control panel. The configuration was
very basic.

With Windows Firewall with Advanced Security (WFAS), most admins will configure the
firewall either from Windows Server Manager or the MMC with only the WFAS snap-in.
 Operation Sheet 3.1.7 Installing firewall server

Operation title: Installing firewall server

Purpose: To install firewall server and protect our server from attack

Equipment ,tools and materials : AD installed computer

Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :

Step1.Click Windows 2008 Server Manager

Step2.Windows 2008 Firewall with Advanced Security MMC only

What I have found is that the quickest & easiest way to start the WFAS MMC is to just
type firewall in the Start menu Search box, like this:
There is also a new netshadvfirewall CLI option for configuring WFAS.
Step3.Profiles now available in Windows 2008 Firewall with Advanced Security

Note: Windows 2003 Server Firewall Exception windowNow, let’s compare that to
Windows 2008 Server:
Step4.Windows 2008 Server Advanced Firewall Exception window

Notice how the Protocols and Ports tab is just a small part of the multi-tabbed window.
You can also configure rules to apply to Users & Computers, Programs and Services,
and IP address Scopes. With this type of sophisticated firewall rules configuration,
Microsoft has pushed WFAS more toward Microsoft’s IAS server.

The number of default rules offered by WFAS is truly amazing. In Windows 2003
Server, there were the 3 default exceptions (rules). Not so in Windows Server. WFAS
offers about 90 default inbound firewall rules and at least 40 default outbound rules –
WOW!
Step5. Windows 2008 Server Advanced Firewall Default Inbound Rules

Precautions: Care should be taken while connecting with electric power

Quality criteria: ready your server installed computer from any attack

3.1.8 Proxy Server

A proxy server provides a gateway between users and the internet. It is a server,
referred to as an “intermediary” because it goes between end-users and the web pages
they visit online.
When a computer connects to the internet, it uses an IP address. This is similar to your
home’s street address, telling incoming data where to go and marking outgoing data
with a return address for other devices to authenticate. A proxy server is essentially a
computer on the internet that has an IP address of its own.

Proxy Servers and Network Security

Proxies provide a valuable layer of security for your computer. They can be set up as
web filters or firewalls, protecting your computer from internet threats like malware.

This extra security is also valuable when coupled with a secure web gateway or other
email security products. This way, you can filter traffic according to its level of safety or
how much traffic your network—or individual computers—can handle.

Some people use proxies for personal purposes, such as hiding their location while
watching movies online. For a company, however, they can be used to accomplish
several key tasks such as:

1. Improve security
2. Secure employees’ internet activity from people trying to snoop on them
3. Balance internet traffic to prevent crashes
4. Control the websites employees access
5. Save bandwidth by caching files or compressing incoming traffic

Proxy Works

Because a proxy server has its own IP address, it acts as a go-between for a computer
and the internet. Your computer knows this address, and when you send a request on
the internet, it is routed to the proxy, which then gets the response from the web server
and forwards the data from the page to your computer’s browser, like Chrome, Safari,
Firefox, or Microsoft Edge
Getting a Proxy

Proxy servers have hardware and software versions. Hardware solutions sit between
your network and the internet, where they get, send, and forward data from the web.
Software proxies are typically hosted by a provider or reside in the cloud. You install an
app on your computer that facilitates interaction with the proxy.

Often, a software proxy can be obtained for a monthly fee. Sometimes, they are free.
The free versions tend to offer users fewer addresses and may only cover a few
devices, while the paid proxies can meet the demands of a business with many devices.

Proxy Set Up

To get started with a proxy server, you have to set it up in your computer, device, or
network. Each operating system has its own setup procedures, so check the steps
required for your computer or network.

In most cases, however, setup means using an automatic configuration script. If you
want to do it manually, there will be options to enter the IP address and the appropriate
port.

The Proxy Protect Computer Privacy and Data

A proxy server performs the function of a firewall and filter. The end-user or a network
administrator can choose a proxy designed to protect data and privacy. This examines
the data going in and out of your computer or network. It then applies rules to prevent
you from having to expose your digital address to the world. Only the proxy’s IP address
is seen by hackers or other bad actors. Without your personal IP address, people on the
internet do not have direct access to your personal data, schedules, apps, or files.

With a proxy server in place, web requests go to the proxy, which then reaches out and
gets what you want from the internet. If the server has encryption capabilities,
passwords and other personal data get an extra tier of protection.
Benefits of a Proxy Server

Proxies come with several benefits that can give your business an advantage:

1. Enhanced security: Proxy servers can act like a firewall between your system
and the internet. Without them, hackers have easy access to your IP address,
which they can use to infiltrate your computer or network.
2. Private browsing, watching, listening, and shopping: Use different proxies to
help you avoid getting inundated with unwanted ads or the collection of IP-
specific data.
3. Access to location-specific content: You can designate a proxy server with an
address associated with another country. You can, in effect, make it look like you
are in that country and gain full access to all the content computers in that
country are allowed to interact with.
4. Prevent employees from browsing inappropriate or distracting sites: You
can use a proxy server to block access to websites that run contrary to your
organization’s principles. Also, you can block sites that typically end up
distracting employees from important tasks. Some organizations block social
media sites like Facebook and others to remove time-wasting temptations.

Types of Proxy Servers

While all proxy servers give users an alternate address with which to use the internet,
there are several different kinds—each with its own features.

Forward Proxy

A forward proxy sits in front of clients and is used to get data to groups of users within
an internal network. When a request is sent, the proxy server examines it to decide
whether it should proceed with making a connection.

A forward proxy is best suited for internal networks that need a single point of entry. It
provides IP address security for those in the network and allows for straightforward
administrative control. However, a forward proxy may limit an organization’s ability to
cater to the needs of individual end-users.

Transparent Proxy

A transparent proxy can give users an experience identical to what they would have if
they were using their home computer. In that way, it is “transparent.” They can also be
“forced” on users, meaning they are connected without knowing it.

Transparent proxies are well-suited for companies that want to make use of a proxy
without making employees aware they are using one. It carries the advantage of
providing a seamless user experience. On the other hand, transparent proxies are more
susceptible to certain security threats, such as SYN-flood denial-of-service attacks.

Anonymous Proxy

An anonymous proxy focuses on making internet activity untraceable. It works by

accessing the internet on behalf of the user while hiding their identity and computer
information.

A transparent proxy is best suited for users who want to have full anonymity while
accessing the internet. While transparent proxies provide some of the best identity
protection possible, they are not without drawbacks. Many view the use of transparent
proxies as underhanded, and users sometimes face pushback or discrimination as a
result.

High Anonymity Proxy

A high anonymity proxy is an anonymous proxy that takes anonymity one step further. It
works by erasing your information before the proxy attempts to connect to the target
site.

A high anonymity proxy server is best suited for users for whom anonymity is an
absolute necessity, such as employees who do not want their activity traced back to the
organization. On the downside, some of them, particularly the free ones, are decoys set
up to trap users in order to access their personal information or data.

Distorting Proxy

A distorting proxy identifies itself as a proxy to a website but hides its own identity. It
does this by changing its IP address to an incorrect one.

Distorting proxies are a good choice for people who want to hide their location while
accessing the internet. This type of proxy can make it look like you are browsing from a
specific country and give you the advantage of hiding not just your identity but that of
the proxy, too. This means even if you are associated with the proxy, your identity is still
secure. However, some websites automatically block distorting proxies, which could
keep an end-user from accessing sites they need.

Data Center Proxy

Data center proxies are not affiliated with an internet service provider (ISP) but are
provided by another corporation through a data center. The proxy server exists in a
physical data center, and the user’s requests are routed through that server.

Data center proxies are a good choice for people who need quick response times and
an inexpensive solution. They are therefore a good choice for people who need to
gather intelligence on a person or organization very quickly. They carry the benefit of
giving users the power to swiftly and inexpensively harvest data. On the other hand,
they do not offer the highest level of anonymity, which may put users’ information or
identity at risk.

Residential Proxy

A residential proxy gives you an IP address that belongs to a specific, physical

device. All requests are then channeled through that device.

Residential proxies are well-suited for users who need to verify the ads that go on their
website, so you can block suspicious or unwanted ads from competitors or bad actors.
Residential proxies are more trustworthy than other proxy options. However, they often
cost more money to use, so users should carefully analyze whether the benefits are
worth the extra investment.

Public Proxy

A public proxy is accessible by anyone free of charge. It works by giving users access
to its IP address, hiding their identity as they visit sites.

Public proxies are best suited for users for whom cost is a major concern and security
and speed are not. Although they are free and easily accessible, they are often slow
because they get bogged down with free users. When you use a public proxy, you also
run an increased risk of having your information accessed by others on the internet.

Shared Proxy

Shared proxies are used by more than one user at once. They give you access to an IP
address that may be shared by other people, and then you can surf the internet while
appearing to browse from a location of your choice.

Shared proxies are a solid option for people who do not have a lot of money to spend
and do not necessarily need a fast connection. The main advantage of a shared proxy
is its low cost. Because they are shared by others, you may get blamed for someone
else’s bad decisions, which could get you banned from a site.

SSL Proxy

A secure sockets layer (SSL) proxy provides decryption between the client and the
server. As the data is encrypted in both directions, the proxy hides its existence from
both the client and the server.

These proxies are best suited for organizations that need enhanced protection against
threats that the SSL protocol reveals and stops. Because Google prefers servers that
use SSL, an SSL proxy, when used in connection with a website, may help its search
engine ranking. On the downside, content encrypted on an SSL proxy cannot be
cached, so when visiting websites multiple times, you may experience slower
performance than you would otherwise.

Rotating Proxy

A rotating proxy assigns a different IP address to each user that connects to it. As users
connect, they are given an address that is unique from the device that connected before
it.

Rotating proxies are ideal for users who need to do a lot of high-volume, continuous
web scraping. They allow you to return to the same website again and again
anonymously. However, you have to be careful when choosing rotating proxy services.
Some of them contain public or shared proxies that could expose your data.

Reverse Proxy

Unlike a forward proxy, which sits in front of clients, a reverse proxy is positioned in
front of web servers and forwards requests from a browser to the web servers. It works
by intercepting requests from the user at the network edge of the web server. It then
sends the requests to and receives replies from the origin server.

Reverse proxies are a strong option for popular websites that need to balance the load
of many incoming requests. They can help an organization reduce bandwidth load
because they act like another web server managing incoming requests. The downside
is reverse proxies can potentially expose the HTTP server architecture if an attacker is
able to penetrate it. This means network administrators may have to beef up or
reposition their firewall if they are using a reverse proxy.

Proxy Server vs. VPN

On the surface, proxy servers and virtual private networks (VPNs) may seem
interchangeable because they both route requests and responses through an external
server. Both also allow you to access websites that would otherwise block the country
you’re physically located in. However, VPNs provide better protection against hackers
because they encrypt all traffic.

Choosing VPN or Proxy

If you need to constantly access the internet to send and receive data that should be
encrypted or if your company has to reveal data you must hide from hackers and
corporate spies, a VPN would be a better choice.

If an organization merely needs to allow its users to browse the internet anonymously, a
proxy server may do the trick. This is the better solution if you simply want to know
which websites team members are using or you want to make sure they have access to
sites that block users from your country.

A VPN is better suited for business use because users usually need secure data
transmission in both directions. Company information and personnel data can be very
valuable in the wrong hands, and a VPN provides the encryption you need to keep it
protected. For personal use where a breach would only affect you, a single user, a
proxy server may be an adequate choice. You can also use both technologies
simultaneously, particularly if you want to limit the websites that users within your
network visit while also encrypting their communications.
 Operation Sheet 3.1.7.1 configure client computer for joining server
Operation title: configure client computer
Purpose: configure client computer for joining server
Equipment ,tools and materials : AD installed computer
Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :
Step1.Configure the following settings for each DNS client:

 TCP/IP settings for DNS

 Host name and domain membership

The following procedures require you to log on with an account that belongs to the
Administrators group on the client computer.

To configure client settings on a computer running Windows XP

Step2.On the computer that you want to configure to use DNS, click Start, point to
Control Panel, and then click Network Connections.

Step3.Right-click the network connection that you want to configure, and then click
Properties.

Step4.On the General tab, click Internet Protocol (TCP/IP), and then click
Properties.
Step 5.Click Use the following IP address.

Step6.In IP address, type the address of the client computer.

Step7.In Subnet mask, type the subnet mask of the domain controller.

Step 8In Default gateway, type the address of the default gateway of the domain
controller.

Step9.Click Use the following DNS server addresses.

Step10.In Preferred DNS server, type the IP address of the DNS server that you
installed in Installing and Configuring AD DS and DNS.

Important
Do not use the IP address of a DNS server that is provided by your Internet service
provider (ISP) as a primary or alternate DNS server.
Step11.Click OK, and then click Close.

Note
It is not necessary to restart the computer at this time if you intend to change the
computer's name or domain membership in the following steps.

Step12.In Control Panel, double-click System.

Step13.On the Computer Name tab, click Change.
Step 14.In Computer name, type the name of the computer (the host name).
Step 15.ClickDomain, and then type the name of the domain that you want the
computer to join.

Step 16.If a second Computer Name Changes dialog box appears, in User
Name, type the domain name and user name of an account that has permission to
join computers to the domain.

Step17.In Password, type the password of the account.

Separate the domain name and user name with a backslash, for example, domain\
 user_name.

Step18.Click OK to close all dialog boxes.

To configure client settings on a computer running Windows Vista
Step1.On the computer that you want to configure to use DNS, click Start, and
then click Control Panel.

Step2.In Control Panel, click Network and Internet.

Step3.Click Network and Sharing Center. In the Tasks pane, click Manage
network connections.
Step4.Right-click the network connection that you want to configure, and then click
Properties.

Step5.On the Networking tab, click Internet Protocol Version 4 (TCP/IPv4), and
then click Properties.
Step6.Click Use the following IP address.
Step7.In IP address, type the address of the client computer.
Step8.In Subnet mask, type the subnet mask of the domain controller.
Step9.In Default gateway, type the address of the default gateway of the domain
controller.

Step10.Click Use the following DNS server addresses, and in Preferred DNS
server, type the IP address of the domain controller that you installed in Installing
and Configuring AD DS and DNS.

Important
Do not use the IP address of a DNS server that is provided by your ISP as a
primary or alternate DNS server.
Step11.Click OK to exit.
Step12.If Internet Protocol Version 6 (TCP/IPv6) is selected, click it, and then
click Properties. Perform the same steps as for TCP/IPv4, and then click OK and
Close.

Note
It is not necessary to restart the computer at this time if you intend to change the
computer's name or domain membership in the following steps.

Step14.In Control Panel, click System and Maintenance, and then click System.

Step15.Under Computer name, domain, and workgroup settings, click Change

settings.
Step16.On the Computer Name tab, click Change.
Step17.In Computer name, type the name of the computer (the host name).
 Step18.Click Domain, and then type the name of the domain that you created in
Installing and Configuring AD DS and DNS.

Step19.If the Computer Name Changes dialog box appears:

 In User Name, type the domain name and user name of an account that has
permission to join computers to the domain.
 In Password, type the password of the account. Separate the domain name
and user name with a backslash, for example, domain\user_name.

1. Click OK to close all dialog boxes.

Precautions: Care should be taken while connecting with electric power
Quality criteria: join the client computer to server using administrator account
 Operation Sheet 3.1.7.2File sharing
Operation title: File sharing
Purpose: share file and access by another user
Equipment ,tools and materials : AD installed computer
Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :
Step1.Create a local folder on your server computer. For example, create a folder
called TVET on the C:\ drive.

Step2.Right click the folder, and then click Properties.

Step3.Click the Sharing tab, and then click Share.

Step4.Enter the name of your Windows user, and click Add.

Step5.In the Permission level column, select Read/Write, then click Share.

Precautions: Care should be taken while connecting with electric power

Quality criteria: share a folder for specific user
 Operation Sheet 3.1.7.3logon hour
Operation title: set logon hour
Purpose: set logon hour for restriction
Equipment ,tools and materials : AD installed computer
Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :
Logon hours restriction is done by editing a user's account in the following way:
Step1.Open the user object whose account you want to restrict logon hours for.
Step2.Select account tab and put a check against the Logon hours box. Click Logon
hours button.

Click Logon hours button.

Step3.In the next window, select the time that you want to restrict or allow them to
logon.
Group policy allows you to lock a user out when their logon time expires. Follow the
steps given below to configure this setting:

Step3. Run → gpmc.msc and create a new GPO called "Logon restrictions" Right click
on this GPO and click edit.

Step4.Move to Computer configurations → Policies → Windows Settings → Security

Settings → Local Policies → Security Options.
Step5.In the right pane of the Group Policy snap-in, double-click Microsoft network
server: Disconnect clients when logon hours expire. Click to select the Define this policy
setting check box, click Enabled, and then click OK.

So using this GPO we can enforce clients to disconnect if there are active sessions
running when the logon hours expire.

Precautions: Care should be taken while connecting with electric power

Quality criteria: restrict specific user from using in a time that is specified on logon
hour
Self-Check 3.1 Written Test

Directions: Answer all the questions listed below

I. DIRECTION: TRUE or FALSE. Write “TRUE” if the statement is
correct or “FALSE” if the statement is incorrect.(each 2pts)
1. A VPN is better suited for business use than a proxy server.
2. we can create firewall rules (exceptions) for Windows Active Directory (AD)
service accounts & groups but not for TCP port.
3. Sometimes an email server can mean a computer or a machine that has a
complete system that includes different services or applications.
4. IIS 7.0 and IIS 7.5 are together known as IIS 7 because they are exactly the
same.
5. After we install DHCP on our server clients should configure their IP address on
their own computers.
II. DIRECTION: CHOOSE THE BEST ANSWER AND ENCIRCLE THE
CORRECT LETTER OF YOUR CHOICE. (each question have 2pts)
1. Server hardware configurations may need to consider:
A. Storage C. Specific
device
B. Boot sequence D. All
2. To promote your server you need to use one of the following.
A. DCPROMO C.PROMO
B. IPCONFIG D.IPPROMO
3. From user object one of the following displays general descriptive information
about the user, including name, email address and primary telephone number
A. Profile C. General
B. Address D. Account
4. ---------- is primarily used for resolving name-to-IP lookups using A records
A. Forward look up C. Back ward look up
B. Reverse look up D. ALL
 5. Some of the extensions available to be added to the IIS 7.0 platform are
integrated into the IIS 7.5 platform, including:
A. FTP publishing C. window powershell
B. WebDAV D. All

Information Sheet 3.2. Defining the scope and applicability of testing

Define the scope of testing

Integrated tests are performed during a server development project. A test is performed
on the interoperability of each component. When complete, the testing process should
verify that all the tests performed support the acceptance by the user of the totally
integrated product.

 Tasks performed during stress and load testing of an integrated platform include

 Establishing testing acceptance criteria and procedures

 Performing test events
 Diagnosing test results
 Resolving software defects.
Test events are designed to establish operational levels at which the new server starts
to fail and to measure how it performs under overloaded conditions. The failure and
performance levels are compared with the acceptance criteria and are either accepted
or rejected.

 Test events aim to reveal failures such as

 Total system crashes

 Bottlenecks in interfaces between components
 Data corruption
 process overloading
 Performance degradation below a usable level.
Self-Check 3.2 Written Test

Directions: Answer all the questions listed below

I Elaborate the following question (each question 5pts)

1. What kind of failure wants test reveal ?

2. What tasks are performed during stress and load testing of an integrated
platform?

Information Sheet 3.3. Develop test plan

Test Plan
A Test Plan is a detailed document that describes the test strategy, objectives,
schedule, estimation, deliverables, and resources required to perform testing for a
software product. Test Plan helps us determine the effort needed to validate the quality
of the application under test. The test plan serves as a blueprint to conduct software
testing activities as a defined process, which is minutely monitored and controlled by the
test manager.

As per ISTQB definition: “Test Plan is A document describing the scope, approach,
resources, and schedule of intended test activities.”

Let’s start with following Test Plan example/scenario: In a meeting, you want to discuss
the Test Plan with the team members, but they are not interested - .
Fig 4.
In such case, what will you do? Select your answer as following picture

Fig 5.
Importance of Test Plan?
Making Test Plan document has multiple benefits
 Help people outside the test team such as developers, business managers,
customers understand the details of testing.
  Test Plan guides our thinking. It is like a rule book, which needs to be followed.
 Important aspects like test estimation, test scope, Test Strategy are
documented in Test Plan, so it can be reviewed by Management Team and re-
used for other projects.

How to write a Test Plan

You already know that making a Test Plan is the most important task of Test
Management Process. Follow the seven steps below to create a test plan as per IEEE
829

1. Analyze the product

2. Design the Test Strategy
3. Define the Test Objectives
4. Define Test Criteria
5. Resource Planning
6. Plan Test Environment
7. Schedule & Estimation
8. Determine Test Deliverables
Fig 6: test plan

Step 1) Analyze the product

How can you test a product without any information about it? The answer is
Impossible. You must learn a product thoroughly before testing it.

The product under test is Guru99 banking website. You should research clients and the
end users to know their needs and expectations from the application

 Who will use the website?

 What is it used for?
 How will it work?
  What are software/ hardware the product uses?
You can use the following approach to analyze the site

Fig 7: approach to analyze the site

Step 2) Develop Test Strategy

Test Strategy is a critical step in making a Test Plan in Software Testing. A Test
Strategy document, is a high-level document, which is usually developed by Test
Manager. This document defines:

 The project’s testing objectives and the means to achieve them

 Determines testing effort and costs
Back to your project, you need to develop Test Strategy for testing that banking website.
You should follow steps below
Fig 8: test strategy
Step 2.1) Define Scope of Testing
Before the start of any test activity, scope of the testing should be known. You must
think hard about it.

 The components of the system to be tested (hardware, software, middleware,

etc.) are defined as "in scope"

 The components of the system that will not be tested also need to be clearly
defined as being "out of scope."

Defining the scope of your testing project is very important for all stakeholders. A
precise scope helps you

 Give everyone a confidence & accurate information of the testing you are
doing

 All project members will have a clear understanding about what is tested and
what is not

How do you determine scope your project?

To determine scope, you must –
 Precise customer requirement
 Project Budget
 Product Specification
 Skills & talent of your test team
Step 2.2) Identify Testing Type
A Testing Type is a standard test procedure that gives an expected test outcome.
Each testing type is formulated to identify a specific type of product bugs. But, all
Testing Types are aimed at achieving one common goal “Early detection of all the
defects before releasing the product to the customer” .The commonly used testing
types are described as following figure

Fig 9: Test type

Commonly Used Testing Types
There are tons of Testing Types for testing software product. Your team cannot have
enough efforts to handle all kind of testing. As test tanager, you must set priority of the
Testing Types

 Which Testing Types should be focused for web application testing?

 Which Testing Types should be ignored for saving cost?
Step 2.3) Document Risk & Issues
  Risk is future’s uncertain event with a probability of occurrence and a potential
for loss. When the risk actually happens, it becomes the ‘issue’.

 In the article Risk Analysis and Solution, you have already learned about the
‘Risk’ analysis in detail and identified potential risks in the project.

Step 2.4) Create Test Logistics

In Test Logistics, the Test Manager should answer the following questions:
 Who will test?
 When will the test occur?
Who will test?
You may not know exact names of the tester who will test, but the type of tester can be
defined.

To select the right member for specified task, you have to consider if his skill is qualified
for the task or not, also estimate the project budget. Selecting wrong member for the
task may cause the project to fail or delay.

Person having the following skills is most ideal for performing software testing:
 Ability to understand customers point of view
 Strong desire for quality
 Attention to detail
 Good cooperation
In your project, the member who will take in charge for the test execution is the tester.
Base on the project budget, you can choose in-source or outsource member as the
tester.

When will the test occur?

Test activities must be matched with associated development activities.
Step 3) Define Test Objective
Test Objective is the overall goal and achievement of the test execution. The objective
of the testing is finding as many software defects as possible; ensure that the software
under test is bug free before release.

To define the test objectives, you should do 2 following steps

1. List all the software features (functionality, performance, GUI…) which may need
to test.
2. Define the target or the goal of the test based on above features
Let’s apply these steps to find the test objective of your Guru99 Bank testing project
You can choose the ‘TOP-DOWN’ method to find the website’s features which may
need to test. In this method, you break down the application under test to component
and sub-component.

In the previous topic, you have already analyzed the requirement specs and walk
through the website, so you can create a Mind-Map to find the website features.

This figure shows all the features which the Guru99 website may have.
Based on above features, you can define the Test Objective of the project Guru99 as
following

 Check that whether website Guru99 functionality(Account, Deposit…) is

working as expected without any error or bugs in real business environment

 Check that the external interface of the website such as UI is working as

expected and & meet the customer need

 Verify the usability of the website. Are those functionalities convenient for user
or not?

Step 4) Define Test Criteria

Test Criteria is a standard or rule on which a test procedure or test judgment can be
based. There’re 2 types of test criteria as following

Suspension Criteria
Specify the critical suspension criteria for a test. If the suspension criteria are met during
testing, the active test cycle will be suspended until the criteria are resolved.

Test Plan Example: If your team members report that there are 40% of test cases failed,
you should suspend testing until the development team fixes all the failed cases.

Fig 10 :Suspension Criteria

Exit Criteria
It specifies the criteria that denote a successful completion of a test phase. The exit
criteria are the targeted results of the test and are necessary before proceeding to the
next phase of development. Example: 95% of all critical test cases must pass.

Some methods of defining exit criteria are by specifying a targeted run rate and pass
rate.
  Run rate is ratio between number test cases executed/total test cases of test
specification. For example, the test specification has total 120 TCs, but the tester
only executed 100 TCs, So the run rate is 100/120 = 0.83 (83%)

 Pass rate is ratio between numbers test cases passed / test cases executed.
For example, in above 100 TCs executed, there’re 80 TCs that passed, so the
pass rate is 80/100 = 0.8 (80%)

This data can be retrieved in Test Metric documents.

 Run rate is mandatory to be 100% unless a clear reason is given.
 Pass rate is dependent on project scope, but achieving high pass rate is a
goal.
Test Plan Example: Your Team has already done the test executions. They report the
test result to you, and they want you to confirm the Exit Criteria.
Fig 11.
In above case, the Run rate is mandatory is 100%, but the test team only completed
90% of test cases. It means the Run rate is not satisfied, so do NOT confirm the Exit
Criteria

Step 5) Resource Planning

Resource plan is a detailed summary of all types of resources required to complete
project task. Resource could be human, equipment and materials needed to complete a
project

The resource planning is important factor of the test planning because helps in
determining the number of resources (employee, equipment…) to be used for the
project. Therefore, the Test Manager can make the correct schedule & estimation for
the project.

Step 6) Plan Test Environment

What is the Test Environment
A testing environment is a setup of software and hardware on which the testing team is
going to execute test cases. The test environment consists of real business and user
environment, as well as physical environments, such as server, front end running
environment.

How to setup the Test Environment

Back to your project, how do you set up test environment for this banking website?
To finish this task, you need a strong cooperation between Test Team and
Development Team
 fig 12.
You should ask the developer some questions to understand the web application under
test clearly. Here’re some recommended questions. Of course, you can ask the other
questions if you need.

 What is the maximum user connection which this website can handle at the same
time?

 What are hardware/software requirements to install this website?

 Does the user's computer need any particular setting to browse the website?

Step 7) Schedule & Estimation

In the article Test estimation, you already used some techniques to estimate the effort
to complete the project. Now you should include that estimation as well as the schedule
to the Test Planning

Then you create the schedule to complete these tasks.

Making schedule is a common term in project management. By creating a solid
schedule in the Test Planning, the Test Manager can use it as tool for monitoring the
project progress, control the cost overruns.

To create the project schedule, the Test Manager needs several types of input as
below:
  Employee and project deadline: The working days, the project deadline,
resource availability are the factors which affected to the schedule

 Project estimation: Base on the estimation, the Test Manager knows how long
it takes to complete the project. So he can make the appropriate project schedule

 Project Risk : Understanding the risk helps Test Manager add enough extra time
to the project schedule to deal with the risks

Step 8) Test Deliverables

Test Deliverables is a list of all the documents, tools and other components that has to
be developed and maintained in support of the testing effort.

There are different test deliverables at every phase of the software development
lifecycle.

Fig 13.

Test deliverables are provided before testing phase.

 Test plans document.
 Test cases documents
 Test Design specifications.
Test deliverables are provided during the testing
 Test Scripts
 Simulators.
 Test Data
 Test Traceability Matrix
 Error logs and execution logs.
Test deliverables are provided after the testing cycles is over.
 Test Results/reports
 Defect Report
 Installation/ Test procedures guidelines
 Release notes

Self-Check3.3 Written Test

Directions: Answer all the questions listed below

I. DIRECTION: TRUE or FALSE. Write “TRUE” if the statement is
correct or “FALSE” if the statement is incorrect.(each 2pts)
1. In Test Logistics, the Test Manager should answer what to test.

2. Test data are provided during the testing.

3. Test report are provided during the testing.

4. The components of the system to be tested are defined as "in scope".

5. Test plan document after testing cycle is over .

II. Elaborate the following

1. List test deliverables. (3pts)

2. What skill need to perform software test .(2pts)

 Information Sheet 3.4. Run system test

Run system test

Test Documentation
When objectives, scope and tests have been identified, they are used to prepare the
requirements documentation for each test.

 Test requirements include

 Test objectives: list what the test is supposed to test

 Acceptance criteria: conditions for the test passing or failing
 Test environment: conditions under which the test is to be performed
 Roles and responsibilities
 Test script: steps to be performed during the test steps
 Results: procedures for processing and authorizing results.
Determining defects
Determining critical defects
Critical defects are non-conformance of product to requirements, rendering the product
unusable. System tests usually encompass multiple software modules working together
to perform a user requirement. The ultimate critical defect is software causing the whole
system to crash. However, common critical defects involve the interoperability of
modules, the loss of data flow and poor performance.

Examples include
Data stored by one module in a system test cannot be accessed and processed
by another interface to a legacy system fails a process fails to initiate another in a
defined sequence System crashes at less than maximum transaction levels.
Self-Check3.4 Written Test

Directions: Answer all the questions listed below

I. List and Elaborate the following
1. What are test requirements? (10pts)

Information Sheet 3.5. Analyzing error report and making changes

Windows Error Reporting

By using Windows Error Reporting, Windows can send descriptions of problems on your
server to Microsoft and look for steps you can take to solve them. Windows Error
Reporting is enabled by default.

If you choose to send generic information automatically about a problem, Microsoft will
send back either the most current solution or use the information to start working on a
solution.

Windows Error Reporting advanced options

On the Windows Error Reporting Configuration dialog box, the following two options
disable Windows Error Reporting:

 I don't want to participate, and don't ask me again

This option disables Windows Error Reporting, and prevents it from prompting
you to send information about application failures to Microsoft.
Ask me about sending reports every time an error occurs
This option disables Windows Error Reporting, but allows it to prompt you to
send information about application failures to Microsoft whenever a failure
occurs.

The following two options enable Windows Error Reporting. Each option provides a
different level of detail in the information sent to Microsoft when failures occur.
  Yes, automatically send detailed reports. Notify me if there are possible
solutions to the problem.
When this option is selected, if an application failure occurs, detailed reports are
automatically sent to Microsoft. Portions of documents you were working on at
the moment a program failed, or data you provided to Web sites or forms may be
included in these reports. The contents of log files, and portions of the registry,
may also be sent to Microsoft.

 Yes, automatically send summary reports. Notify me if there are possible

solutions to the problem.
When this option is selected, if an application failure occurs, only non-personal
data is sent to Microsoft. Data about your computer's configuration, the program
in which you were working, and any operations that triggered the failure is sent to
Microsoft.

Elaborate the following

1. List and elaborate what are on the Windows Error Reporting
Configuration dialog box.

Operation Sheet 3.5. Error reporting

Operation title: Error reporting

Purpose: To make it error reporting function on
Equipment ,tools and materials : AD installed computer
Conditions or situations for the operations: All tools, equipment’s and materials
should be available on time when required and need available power all time.

Procedures :
Error reporting
Step1. Locate Control Panel from Windows startup.

Step2. Click Control Panel> System and Security> Security and Maintenance.
Step3.Look out for Report problems. Make it 'On'.

Precautions: Care should be taken while connecting with electric power

Quality criteria: protecting printer to not print for weekend

Information Sheet 3.6. Validating changes or additions against specifications

There is nothing worse for a user than annoying, overly persistent, inaccurate, or
uninformative validation. For example, error messages that describe an error but don't
specify which field contains the error are difficult to correct. However, there is no recipe
for balancing validation with system requirements: what is pleasing or mandated by
requirements in one application might be annoying or useless in another.

Validation is actually two processes: finding errors and presenting error messages.
Finding errors can be interactive, where data is checked as it's entered, or post-
validation, where the data is checked after entry. Presenting errors can be field-by-field?
where a new error message is presented to the user for each error found? or it can be
batched, where all errors are presented as a single message. There are other
dimensions to validation and error processing, such as the degree of error that is
tolerated and the experience level of the user. However, considering only the basic
processes, the choice of when to error-check and when to notify the user, leads to four
common approaches:

Interactive validation with field-by-field errors

The data in each field is validated when the user exits or changes the field. If there is an
error, the user is alerted to that error and may be required to fix the error before
proceeding.

Interactive validation with batched errors

The data in all fields is validated when the user leaves one field. If there are one or
more errors, the user is alerted to these, and can't proceed beyond the current page
without fixing all errors.
Post-validation with field-by-field errors

The user first enters all data with no validation. The data is then checked and errors are
reported for each field, one by one. The user fixes each error in turn and resubmits the
data for revalidation.

Post-validation with batched errors

The user first enters all data with no validation. The data is then checked, and all errors
in the data are reported in one message to the user. The user then fixes all errors and
resubmits the data for revalidation.

elf-Check3.6 Written Test

Directions: Answer all the questions listed below

I. List and Elaborate the following
1. What are the common approach error checking notify the users? (10pts)

Practical Demonstration
LAP Test 2

Instructions: Given necessary templates, workshop, tools and materials you are
required to perform the following tasks within 3 hours.
Task1: installing server 2008 operating system
2. Install Windows Server 2008 Operating System on the Server Computer

3. Establish connections among the Server and the two Clients

4. Configure the Server as a DNS and Active Directory for the Server Computer
using the HRM.local as a domain name.

5. Configure server as DHCP with range of 192.168.1.2 to 192.168.1.4

Task2:-configure the server
Task3:-Create Groups of Computer using two group names Human recourse and
Director Office and make sure that the Client Computers joined the groups.

Task4:-Create Users and Passwords for the two Groups as follows:

A For Human recourse group, Users ( Alemu and Almaz ),
Password (Pa$$w0rd1 and Pa$$w0rd2 ) respectively.

B For Director office group, Users (Mamo and Abrehet ), Password

(Pa$$w0rd 3 and Pa$$w0rd 4) respectively.

Task5:-Set the Access limitation time for the Human recourse group users to access
the network from Monday to Friday during lunch hour from 12:30AM to 1:30PM only.

Task6:-Add (join) the Client Computers to the Domain HRM local.

Task7:-Make your server secure by using Firewall
Task8:-create technical documentation for every network devices that you use on this
task
Task9:-save one document on the desktop by the name documentation
Task10:-share the document for the clientsalemu and almaz full control and mamo and
abrehet read only

Task11:-print the shared document from the clients

Task12:-create a notepad file on server computer from client computer