Monday, February 11, 2008

Lab 3 : Installing and Configuring DNS

Lab 3

Installing and Configuring DNS


Zulfadli Bin Mohd Saad

Computer Technology, Department of Electronic

MARA Vocational Institute, Sik, Kedah.


Lab 3: Domain Name Services
In this exercise you will implement a domain name server for your network. This server provides a means of resolving Internet domain host names to TCP/IP addresses.

The first step is required to ensure that you are using a static IP address and that the DNS settings on the computer have been correctly configured. Make sure your have hook up your PC to the network before you start.

1. Log on to Windows Server 2003 as "Administrator"
2. Close the dialog box "Manage Your Server" 3. Open Local Area Connection (Start – Control Panel – Network Connections – Local Area Connection).
4. Click Properties button.

5. Ensure that the computer has a static IP address and that the DNS server address has been set to the same IP address.

This server is going to act also as a DNS server, thus needs to send requests to itself.



6. Click the Advanced button

7. Close the remaining dialog boxes.

8. Right-click My Computer and select Properties.

9. Click the Computer Name tab, then click Change.

10. Click More.

11. Specify domain.net as the Primary DNS Suffix for This Computer.

12. Click OK.

13. Click OK to close the remaining dialog boxes, and then click YES to restart the computer.

Now that you have verified that the computer is correctly configured to use DNS and has a static IP address, it is now time to proceed and install the DNS service on this computer.

14. Open Control Panel and click “Add Remove Programs”, then click “Add/Remove Windows Components

Scroll down the list and
double-click the “Networking Services” option.

15. Scroll down the list and check the option “Domain Name System (DNS)

After checking the option, Click OK.

16. Click NEXT to install the DNS service.

17. Once the service has been installed, the Windows Components Wizard will appear.

Click “Finish” to close the wizard.

18. Close any remaining dialog boxes.

Now that the DNS service is installed, it is time to configure it. When the service is run for the first time, it asks to configure the root name server. If you are connected to the Internet, DO NOT configure a root name server (you would only do this if you were creating an Intranet and your company had no Internet connection).

19. Click Start, All Programs, Administrative Tools, DNS

20. The DNS management tool is now displayed. Your computer should appear as an icon in the left pane window.

Click on the computer icon to display the message as shown in this example.

A DNS server uses zone files (forward and reverse) to perform lookup requests. In each zone file records are used to map computer names to IP addresses. In the following section you will create a forward and reverse zone for your network, and create records that map computer names to IP addresses.

21. Click Action then Configure a DNS server. The Welcome to the Configure a DNS Server Wizard appears.

Click Next.

Specify the option "Create a forward and reverse lookup zones".

Click NEXT.

22. It is now time to create a forward lookup zone that will resolve computer names to IP addresses.

Select the option "Yes, create a forward lookup zone now".

Click Next.

23. Select "Primary Zone". Click NEXT.

24. The New Zone Wizard dialog box requests the name for the zone. Enter the name that has been assigned to your domain as given to you by your instructor (this example uses domain.net).

Once you have entered the correct name for the zone file, click NEXT.

25. The dialog box now displays the name that will be used to the new zone file.

Leave the filename as suggested, then click NEXT.

26. Select the option "Do not allow dynamic updates". Click NEXT.


27. Select the option "Yes, create a reverse lookup zone now". Click NEXT.


28. Select the zone type as "Primary Zone". Click NEXT.

29. A reverse zone maps IP addresses to computer names, so it has to know what range of IP addresses it will be responsible for.

Enter the first 3 octets of the IP address that has been allocated to your network domain by the instructor.

After entering the network ID, click NEXT.

30. The wizard will display the name of the reverse zone file that it will create.

31. What is the name of the reverse file?

____________________________________________________

32. Click NEXT.

33. Select the option "Do not allow dynamic updates". Click NEXT.

34. Select the option "No, it should not forward queries". Click NEXT.

35. Click FINISH so the wizard will create the reverse lookup zone.

You have now successfully created a primary zone (domain.net) and forward zone lookup file.

Double-click on the computer icon to expand the tree and display the forward lookup zone.

36. What is listed under “Forward Lookup Zones”?

____________________________________________________

____________________________________________________

37. What are the entries listed under domain.net?

____________________________________________________

____________________________________________________

____________________________________________________

38. What is listed under “Reverse Lookup Zones”?

____________________________________________________

____________________________________________________

Dynamic DNS Updates
The Microsoft DNS supports dynamic updating of information, such as computer names and their IP addresses. In networks where computers are assigned IP addresses dynamically (using DHCP), this information needs to be integrated into DNS.

1. Expand the Forward Lookup Zones to reveal the domain (domain.net)

2. Right-click the domain name and select properties.

The option "Dynamic updates" supports the ability to update DNS information dynamically.

To enable dynamic updates select "Nonsecure and secure".

Click APPLY.

Click OK.

Repeat the procedure to enable dynamic updates for the reverse zone.

3. Close the DNS manager.

Adding a PTR (pointer) record
In this exercise you will add a reverse lookup record (PTR) for a host computer. A reverse lookup record resolves an IP address back to a host name.

1. In the DNS manager window, double-click the computer icon and expand the “Reverse Lookup Zone “ field.

2. Expand the subnet field.

3. Right-click the subnet field and select “New Pointer

Enter the IP address and the server name, followed by .domainx.net. (be sure to use a trailing dot after net, and replace x with a number representing your domain).

Click OK.

Click "Refresh" button.

Testing the DNS
In this section you verify that the DNS is installed, running, and correctly configured.

1. In the DNS manager window, right-click the computer icon and select properties.

Click the Monitoring tab.

2. Enable both tests and click Test Now button.

3. What was the result?

____________________________________________________

Do not proceed till the test results indicate a PASS.

Using NSLOOKUP to query DNS
In this exercise you will use a client tool to check the operation of the DNS server. You will query both a forward and reverse lookup.

1. Close the DNS manager window.

2. Click START, then RUN, and enter nslookup (then press ENTER).

3. A command prompt DOS window will appear with the program nslookup running in it.

4. The default server name and IP address of the DNS server will be shown.

What is the default server name?

____________________________________________________

What is the IP address listed?

____________________________________________________

5. To perform a forward lookup (resolve a computer name to an IP address) enter the name of the computer (e.g. 3aserver1.net) and press ENTER.

What is the fully qualified domain name returned?

____________________________________________________

What is the IP address given?

____________________________________________________

6. To perform a reverse lookup (resolve an IP address to a computer name), enter the IP address given in step 5.

What is the fully qualified domain name returned?

____________________________________________________

7. Close the command prompt windows.

Summary
The DNS server is a database that manages computer names and their IP addresses. Zone files are used to store this information. Within a zone, a forward lookup resolves computer names to IP addresses. A reverse zone resolves IP addresses to computer names.

A client tool such as NSLOOKUP can be used to test the operation of a DNS server.

Lab 2: Modifying the Start Display List

Lab 2


Modifying The Startup Display List

Zulfadli Bin Mohd Saad

Computer Technology, Department of Electronic

MARA Vocational Institute, Sik, Kedah.

Lab 2: Modifying the Start Display List
You have successfully installed Windows Server 2003 on the computer and it is now running. You should currently be logged in as Administrator. Close any dialog boxes that are active.

After installing Windows Server 2003, the computer now has two operating systems on it. The default operating system that the computer starts has been changed from Windows XP to Windows Server 2003.

In this exercise, you will alter the startup settings of the computer so that it reverts back to Windows XP instead of Windows Server 2003. You will also modify the startup display list to include an adequate description of your installation, so that you can readily identify it from other installations on the same computer (the computer may end up with two or more Windows Server 2003 installations due to the size of student groups, so you need to know which your installation is).

The file boot.ini resides on the boot partition [drive c:] and allows the computer to display a list of installed operating systems at boot time.

Accessing Boot.ini
1. Click on My Computer (Start – My Computer)
2. Double-click on Local Disk (C:)

You will note that the file boot.ini does not appear in the window. This is because the folder view for the current window does not display hidden files, so you will now need to change the folder view.

Changing the folder view
3. Click on the Tools option on the menu bar and select Folder Options
4. Select the View tab
5. Select the option Show hidden files and folders

6. Uncheck the box Hide protected operating system files

7. Click YES to the warning dialog box that appears concerning the hiding of protected operating system files.

8. Click Apply
9. Click OK

You will now have an icon that represents the file boot.ini in the window.

Editing boot.ini
10. Double click boot.ini

This will load boot.ini into a text editor (notepad) so you can edit it. The file will look similar to

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk
(0)partition(2)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)
partition(2)\WINDOWS="Windows Server 2003, Enterprise" /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

11. Change the line

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows Server 2003, Enterprise" /fastdetect

to

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Your domain name here" /fastdetect

(replace "Your domain name here" with the domain name given to you by your instructor [e.g. 3a Server 21]).

example :

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="3a Server 21" /fastdetect

12. Save the file and exit notepad.

13. Close My Computer.

SPECIFYING BOOT OPTIONS
Currently, the computer will boot Windows Server 2003. This is not what it used to be prior to the installation you just performed.

In this section you will set the default boot operating system back to Windows XP. You could have done this when you were modifying boot.ini earlier (as that is where it is specified).

1. Open System (click Start, Control Panel, System)

2. Click the Advanced tab

3. Click Setting on Startup and Recovery section.

4. Select "Microsoft Windows XP Professional" /noexecute=optin /fastdetect as the startup operating system

5. Click OK

6. Click OK to close System Properties

RESTART THE COMPUTER

Lab 1 - Installing Windows Server 2003

Lab 1

Installing

Windows Server 2003


Zulfadli Bin Mohd Saad

Computer Technology, Department of Electronic

MARA Vocational Institute, Sik, Kedah.


Installing Windows Server 2003
In this section you will install a Windows Server 2003 from CD. This will comprise a Windows Server 2003 and a client computer running Windows XP Professional.

Active Directory
When you install Windows Server 2003 as the computer in charge of your network, you will also install active directory. This is like a large data store that holds information about users, policies, computers and other information.

In a Windows 2003 network, all servers keep their own copy of the Active Directory, and when changes are made, the changes are sent to all the other servers (that are configured as domain controllers) in the network.

You will enable Active Directory when you install the Windows 2003 Server, thus creating a network for your organization. This active directory will be used in subsequent exercises.

File System Types
Windows Server 2003 support the following file-systems. Which file system you choose depends upon a number of factors.

FAT [File Allocation Table]

Supported by MSDOS and Windows 9x. No file-level security. Partition sizes less than 2GB.

FAT32

Supported by MSDOS and Windows 9x. No file-level security. Partition sizes larger than 2GB but maximum 32GB.

NTFS [NT File System]

Windows NT, XP, 2000 and 2003 support this file system. Choose this file system if you want file level security [permissions at the file level]. If you intend to support Macintosh computers, or migrate Netware servers to Windows Server 2003, you must choose NTFS. The other features that NTFS supports are disk compression, disk quotas and file encryption.

FAT file systems can be converted to NTFS either during installation or afterwards. It is not possible to convert an NTFS partition to FAT (you have to remove the partition, recreate it, then format it as a FAT partition).

Advantages Disadvantages
FAT Allows MS-DOS access to your files. Widely used. Files remain unprotected. Automatic disk restoration not possible. Allows access to files via an intruder using MS-DOS. Filenames restricted to 8.3 format.

NTFS File level security possible. Automatic disk restoration possible. Supports long filenames. Disk quotas. File compression and encryption. Only supported by Windows 2003, Windows 2000, Windows XP or Windows NT. If the boot partition is NTFS, you cannot access any files if booting under MS-DOS.

You will use an NTFS file system because we are interested in security and will assign permission rights to folders and files.

Comparison Of Supported File Systems

Feature

FAT

FAT32

NTFS

Granular security



Compatibility

Can read FAT32; cannot read NTFS

Can read FAT; cannot read NTFS

Can read both FAT and FAT32

Support for Recovery Console in emergencies



Support for becoming a domain controller



Can be converted

To FAT32 or NTFS

To NTFS

No conversion supported

Licensing Modes
The licensing mode refers to the way in which client licenses are managed. The two modes are

Per Seat License
A separate client license is required for each client computer on the network. This is preferred for large networks where client computers may connect to more than one server, and thus is easier to manage.

Per Server License
Each server is configured to support a specific number of client computers, each of which is fully licensed. On smaller networks where client computers may only access a single server, this option allows you to specify the maximum number of simultaneous connections that the server can support.

In the lab exercise, you will specify the “per server license” mode.

Different ways to install Windows Server 2003
Windows Server 2003 can be installed using one of TWO ways.

Network Install
The Windows files are placed on a network share. The computer must be booted with either a compatible operating system that has network access, or a client network boot disk that can access the network share.

CD-ROM Install
The Windows files reside on a CD-ROM drive that is supported by and recognized by Windows [check Hardware Compatibility List]. The computer must be booted with either a compatible operating system that recognizes the CD-ROM, or a boot disk that includes a CD-ROM driver.

During the install process, a folder $Win_nt$.~bt is created on the target computer, and the Windows 2003 installation files are copied into that folder.

Network Installation of Windows Server 2003
The Windows files are copied from the distribution CD-ROM into a folder on an existing server. This folder is then shared with the appropriate permissions to allow network access.

If the computer does not have an operating system installed on the hard disk, the installer boots the computer (from a system boot disk that has a network client) and maps a network drive to the share point that holds the Windows files. The program WINNT.EXE is then executed.

If the computer is already running Windows (such as Windows 9x or NT workstation), it can be upgraded to Windows 2003 using the WINNT32.EXE program. The installer boots the computer system using the installing operating system, logs on, then accesses the shared network folder where the install files are located, and runs WINNT32.EXE to either install or upgrade to Windows 2003.

INSTALLATION SUMMARY
Use WINNT.EXE if you are upgrading from MS-DOS or there is no operating system installed on the hard disk of the computer.

Use WINNT32.EXE if you are upgrading from NT Server.

To create a Windows network, a Windows 2003 server is installed first. This server will hold information about the network, such as usernames and passwords, the names of computers that belong to the network and other information. Windows 2003 stores this information in the Active Directory.

Using NTFS provides file-level security. This lets you secure files, folders, printers and other resources.

LAB 1. INSTALLING WINDOWS SERVER 2003

This section requires you to work in groups (a group comprises two students) using two computers. One computer will act as a server for your network. The other computer will act as a client computer.

It is important that you perform the steps in the suggested order. Some steps are very dependent upon the earlier steps having been successfully completed.


Preliminary Setup
Before you start install Windows Server 2003, you have to make sure your PC have the following configuration :

Computer: Pentium D 2.8GHz, 512MB RAM, 80GB Disk

Partition 1: C Drive, formatted as NTFS, 20GB, installed with Windows XP Professional SP2. (User name = Administrator, password = student.)

Partition 2: D Drive, formatted as FAT32, 20GB, free space. Used to install the Windows Server 2003 software

Partition 3: E Drive, formatted as FAT32, 20GB, free space.

Partition 4: F Drive, formatted as FAT32, 20GB, free space.

PREPARING TO INSTALL WINDOWS SERVER 2003
Work in pairs, and install the Server first. You will need two computers, preferably side by side. You will be performing a CD-ROM install.

The computer will need a name. This will identify the computer on the network from other computers, so must be a unique name. Please use the computer name assigned by your instructor. Your network will also require TCP/IP network details. Obtain these from your instructor.

The organization will also need a domain name. In a later exercise, you will install additional services (such as Domain Name Services) that rely on this name. Please use the domain name assigned by your instructor.

Please enter the following information before continuing.

Name of This Computer

serverSN

Name of Organization

IKM

Role of This Computer

Server

Network Share for Server Files

\\noz\s2003

Local Directory to store Server Files

D:\w2003x[where x represents 1, 2, 3 or 4]
Ask your instructor.

Name of Installer

Administrator

Domain Name

3CLserverSN.net (e.g. 3aserver21.net)

TCP/IP Address

192.168.10.SN

TCP/IP Subnet Mask

255.255.255.0

TCP/IP Gateway

192.168.10.100

Note : SN = Station Number; CL = your class ( A or B or C )

The computers you are using have Windows XP Professional SP2 installed on Drive C: and there is space allocated on Drive D: for your installation.

After installing Windows 2003, the computer will have two operating systems installed on it. Windows XP Professional SP2 will be on Drive C: and Windows Server 2003 will be on drive D:

Beware: You are going to install Windows Server 2003 onto a computer that has an operating system installed. The disk is already partitioned. Be very careful you follow the instructions, and if unsure, ASK you lab instructor.

YOU WILL INSTALL WINDOWS SERVER 2003 INTO DRIVE D:

Step 1: Installing Windows Server 2003

1. Boot your PC using Windows Server 2003 CD.
2. Press ENTER. (To install Windows Server 2003 )

TEXT MODE SETUP PHASE
During this step, the installation process displays the partition information and allows you to select the partition on which to install Windows 2003. The files are then copied to the partition specified. Once this is finished, the computer reboots.

3. Windows Server 2003 Welcome Screen

The Welcome to Windows Setup screen will appear. Press Enter to continue.
Press ENTER to setup Windows Server 2003 on this computer.

4. Windows Server 2003 License Agreement

Read the terms of the license agreement.
If you accept (which, of course, you have to do to continue installation), press F8 to continue.

5. Windows Server 2003 Setup

You are presented with options to Setup, repair or quit.
Press ENTER to setup Windows Server 2003 on this computer.

6. Windows Server 2003 Setup: Partition List

A list of available partitions is displayed.
Highlight the D: partition (move the highlight bar using the cursor down arrow key so the highlight bar is over Drive D:)

Press ENTER to continue.

7. Partition Options

Windows 2003 setup displays a list of options, such as formatting the partition or leaving the file system intact. Highlight the option

Select "Format the partition using the NTFS file system"

then press ENTER to continue.

Wait until format finish. After finish, your PC will be automatically restart.

Press "ESC" or wait 20 second and your PC will boot from hard disk

8. Windows Server 2003 Setup: Copying Files

The files are copied from the temporary installation folder to the D: partition folder.
Once the files have been copied, the computer will restart.

GUI MODE SETUP PHASE
In this phase, the installation process continues. You are prompted using setup wizards that allow you to select components and configurations.

9. Installing Devices

Windows 2003 will automatically detect hardware devices. This process can take a few minutes so please be patient.

10. Regional and Language Options

This allows you to specify your country and your keyboard layout. By default, text input language and method is : US Keyboard layout.
If you not sure, ask your instructor.
Click Next to continue.

11. Personalize your software

Enter "Student" as the Name, "IKM" as the organization.
Click Next to continue.

12. Product Key

Enter "Product Key" as given by your instructor.
Click Next to continue.

13. Licensing Mode

Select Per Server as the licensing mode and set the number of client connections to 10.
Click Next to continue.

14. Computer Name and Administrative password

Enter the computer name given to you earlier by your instructor (serverSN). Set the administrative password to "stKm_ikm" and reconfirm password to "stKm_ikm".
Click Next to continue.

15. Date and Time Settings

Select the time zone appropriate for your location.
[(GMT+08:00) Kuala Lumpur, Singapore].
Click Next to continue.

16. Network Settings

Windows 2003 will now install the network components.
Select Custom Settings
Click Next to continue.

17. Networking Components

A list of components is presented

Client for Microsoft Networks


Network Load Balancing

File and Printer Sharing for Microsoft Networks

Internet Protocol (TCP/IP)

Click Next to continue.

18. Workgroup or Computer Domain

Select No, this computer is not on a network or is on a network without a domain.
Make this computer a member of the following workgroup.

SERVER

Click Next to continue.

19. Performing Final Tasks

Please wait whilst Windows 2003 installs the start menu items, registers the components, saves the settings and removes the temporary installation files.

20. Completing the Windows 2000 Setup wizard

When finished, the computer will restart automatically.

Once the computer has restarted, logon as "Administrator". The next step will be to modify the boot-up sequence so that the computer reverts back to using Windows XP. This will allow other students to use these computers normally.

21. First time Login

When you first time login, the "Manage Your Server" dialog box will appear.

Mark the box as below to stop this dialog box displayed at logon.

Don't display this page at logon

Close this page to continue.

Congratulation! You have finish install the Windows Server 2003.

Summary
In this section you installed Windows Server 2003 on a computer. In the following exercises you will install Active Directory and other services, creating a small network for you to administer.