WINDOWS NT SERVER 3.51

Download Report

Transcript WINDOWS NT SERVER 3.51 

CHAPTER
Other Network Protocols
and Services
Other Network Protocols and
Services
• DLC
• Network Monitor Agent
• Remote Access Service
• Services for Macintosh
Data Link Protocol (DLC)
• Purpose
– Communicate with mainframes
– Support direct connection of printers using
DLC
• Example:
– MS SNA server uses DLC to access the IBM
mainframe
Network Monitor Agent
(NMA)Service
• NIC usage
– Collects and displays statistics
• System Management Server
– Workstations with NMA can be monitored
Remote Access Service
• Supports remote access
– From the workstations to the outside world
– From the outside world to the workstations
• Required to support the Remote Access
Server (RAS) on the network
Remote Access Service (RAS)
Components
Clients, Protocols, WANs, Servers
and Security Options
© N. Ganesan, All rights reserved.
RAS clients
• Access the LAN to use its resources
• Client access supported
–
–
–
–
–
–
–
–
–
Windows XP
Windows 2000
Windows NT
Windows 98
Windows95
Windows for Workgroups
MS-DOS
LAN manager
Any PPP client
Remote Access Protocols
• PPP client access can use :
– TCP/IP
– NetBEUI
WAN access
• WANs
– Acts as facilitator for remote access
• Telephone lines using modems or
modem pools
• DSL
• Cable Modem
• ISDN
• X.25
RAS Server
• Facilitates remote dial-in access
• Installed on a windows NT/2000/2003
server LAN
• Permits up to (256) remote clients to
dial-in
RAS security
• Logon and domain security
• Security hosts
• Data encryption
• Call-back feature
WIN NT, WIN WORK GROUP, MS-DOS, LAN MANAGER,
ANY PPP CLIENT
NT, NetWarE,
LAN
UNIX,
SERVERS
LAN MANAGER
CLIENTS
PPP, SLIP, MS RAS
WAN
POTS
ISDN
X.25
RS-232 NULL MODEM
SECURITY
TCP/IP
IPX
NetBEUI
REMOTE
ACCESS
servers
NT
ANY PPP
ANY SLIP
RAS Hardware Requirements
• NIC with NDIS driver
• Phone connection
– Compatible modem(s)
– Multi-port adapter (multiple-serial ports)
• X.25
– X.25 smart connection
• ISDN
– ISDN card
Module
VPN
© N. Ganesan, All rights reserved.
VPN Types
• Secure VPN
• Trusted VPN
Secure VPN
• IPsec with encryption in either tunnel and transport
modes. The security associations can be set up either
manually or using IKE with either certificates or
preshared secrets. IPsec is described in many RFCs,
including 2401, 2406, 2407, 2408, and 2409.
• IPsec inside of L2TP (as described in RFC 3193) has
significant deployment for client-server remote
access secure VPNs.
• SSL 3.0 or TLS with encryption. TLS is described in
RFC 2246. An excellent book on SSL 3.0 and TLS is
"SSL and TLS: Designing and Building Secure
Systems" by Eric Rescorla (ISBN 0201615983).
• (Source: www.vpnc.org )
Trusted VPN
• Layer 2 Trusted VPN
• Layer 3 Trusted VPN
Layer 2 Trusted VPN
• ATM
• Frame Relay
• Transport of Layer 2 frames over MPLS
Layer 3 Trusted VPN
• MPLS with constrained distribution of
routing information through BGP
• BGP
– Border Gateway Protocol
• MPLS
– Multi-protocol Label Switching
End of Module
Macintosh Services
Apple talk
File server
Print server
© N. Ganesan, All rights reserved.
Macintosh Service Components
• Apple talk protocol
– Facilitates the flow of Mac compatible data
• File server for Macintosh
– Designate a directory for Mac
• Print server
– Spool Mac print jobs on an NT server
Remote Boot
LAN Access Without
Disks
© N. Ganesan, All rights reserved.
Remote Boot
• Purpose
– Access a LAN by booting from the server
• Boot information
– Stored on the server
• Boot initiation
– Remote initial program load (RPL) ROM
chip
– RPL is installed on the NIC
Remote Boot Configuration
NT SERVER
REMOTEBOOT SERVER
NT SERVER
REMOTE
CLIENT
Remote Boot Installation
• Installed from the NT server
distribution disk
– CD-ROM or floppy
• Remote boot clients sample
– Ms-dos
– Ms windows 3.1
Network Clients
Windows, DOS etc.
© N. Ganesan, All rights reserved.
Clients Supported: Some
Examples
• Window XP
• Windows 2000
• Windows95
– Built-in networking
• Windows for workgroup 3.11
– Built-in networking
•
•
•
•
Ms LAN manager for ms-dos 2.2x
Ms-dos 3.0 clients
Ms RAS for ms-dos 1.1a
Ms TCP/IP-32 for EFW 3.11
Clients Support
Implementation Procedure
• Windows 95/98
– Built-in networking supports immediate
connection
• MS Windows for Workgroup 3.11
– Start the computer
– Connect to the server
– Initiate the installation process
Clients Support
Implementation Procedure
cont.
• MS-DOS clients and others
– Create installation disks
• Installation disk creation
– Create from NT server distribution disks
– Implement client access from the
installation disks created
Client Configuration
Requirements
• Applications are executed at the
workstation
• Only file sharing is performed at the
server
Client Configuration
Requirements Cont.
• Workstation
– Capable of executing all the applications
– Minimum requirement
• Pentium 4, >2 GHz, 512M Bytes
– Preferred
• Pentium 4 , 3 GHz, 1G Bytes
Client Configuration
Requirements
cont.
• Execution at the file server
– Possible with 2003 server
– Should be avoided
• Remote Boot
– Execution takes place at the workstation
Client-server Architecture:
a Microsoft Example
Windows Server
WINDOWS XP
WINDOWS 2000
NT Resource Sharing
An introduction to
Files and server disk space
sharing
© N. Ganesan, All rights reserved.
NTFS Installation End Result
• Disk partition completed
– FAT
– NTFS
• Operating system installed
• Server security domain defined
– Primary domain controller
– Secondary domain controller
– Simple nt server
Resource (Server Storage)
Configuration
• Define directory structure
– Application directories
– Directories for tools
– Home directories for users etc.
• Active Directory
Resource (Server Storage)
Configuration cont.
• Install applications
– Use the run option in NT, for example
• Applications
– Database
– Word processor etc.
NT Resource Sharing
Implementation
• Sample resources for sharing
– Directories
– Files
• Name the resource to be shared
• Then, implement sharing through:
– Net share command
– The file manager
Net Share Implementation
• Syntax
– Net share sharename=drive:path
/user:number or /unlimited
/remark:”text”
• Example
– Net share account c:\act95
Share Name
Share Path
NTFS Sharing Implementation
Through File Manager
• Open file manager
• Highlight directory or file to be shared
• Select disk share as
–
–
–
–
Provide share name
Specify path name
Enter comments if desired
Specify user limit
• Define type of permission granted on the
shared object
Resource Sharing: Gaining
Access From a Client
• Connect to the object to be shared
• Assign a drive letter
• Share the virtual drive
• Example:
– Share resource account on the server as
local virtual drive h:
Resource Sharing at the Client;
Windows95 Example
• Map a local drive letter to the resource
object to be shared at the server
• Executed from the my computer icon
–
–
–
–
Right-click on the icon
Select map network drive option
Select drive letter
Define the path name to the object to be
shared
Resource Sharing; Windows95
cont.
• Path name
– Must comply with uniform naming convention
(UNC)
• Compatible with internet naming procedure (TCP/IP)
• UNC syntax
– \\Server\sharename\folder....\Filename
• UNC example
– \\Cis560\access
NTFS sharing summarized
NT SERVER
SHARE C:\ACCESS95 AS ACCESS
USE DISK SHARE AS FROM FILE MANAGER
LINK TO ACCESS AS DRIVE h:
USE MAP NETWORK DIRECTORY
FROM MY COMPUTER ICON
WINDOWS95
CLIENT
End of chapter