Transcript Chapter One

Chapter Eight
Network Operating
Systems and Windows
2000-Based Networking
Questions
What is a server?

Hardware vs. software
NOS installation can be trivial or complex
NOS straddles Application layer and
above on the OSI model
Major types of NOS?
What is all the fuss about Linux?
Introduction to Network Operating
Systems
Selecting a network operating system –
things to consider:




Is it compatible with existing infrastructure?
Will it provide the security required by the
network’s resources?
Can the technical staff manage it effectively?
Will existing applications run smoothly on it?
Introduction to Network Operating
Systems
Selecting a network operating system
(cont.)




Will it accommodate future growth (that is, is it
scalable)?
Does it support additional services the
network’s users require?
How much does it cost?
What type of support can be expected from
the manufacturer?
Network Operating Systems
and Servers
Determining Server Hardware:





How many clients will connect to the server?
What kind of applications will run on the server?
How much storage space will each user need?
How much down time is acceptable?
What can the organization afford?
Must consider processor (multiple?), RAM,
storage requirements, fault-tolerance, & UPS

Cost can vary considerably - $2k to 100k
Compaq, Dell, IBM
Network Operating System
Services and Features
Networks enable client support in:





Creating client accounts and enabling them to
connect to the network
Managing client accounts
Enabling clients to share resources
Managing client access to shared resources
Enabling clients to communicate with other
clients
Client/Server Communication
Redirector

Service that runs on a client workstation and
determines whether the client’s request
should be handled by the client or the server
Authentication (logon process)

Process whereby a network operating system
verifies that a client’s user name and
password are valid and allows the client to log
onto the network
Client/Server Communication
Figure 8-1: A client connecting to a network operating system
Client/Server Communication
Middleware

Software that sits between the client and
server in a 3-tier architecture
Thin client

Type of software that enables a client to
accomplish functions over a network while
utilizing little of the client workstation’s
resources and, instead, relying on the server
to carry the processing burden
Client/Server Communication
Figure 8-2: Middleware between clients and a server
Users and Groups
To more easily manage network access, you can
combine users with similar needs and
restrictions into groups
Table 8-1: Providing security through groups
Directories
Directory

List that organizes resources and associates them
with other properties, or characteristics
Object

Representation of a thing or person associated with
the network
Users, printers, groups, computers, data files, and
applications
Attributes

Properties associated with an object
User object may have name, group membership, security
settings, etc.
Directories
Containers

Logically defined receptacles that serve only
to assemble similar objects
Account

The record of a user that contains all of his or
her properties
Tree

Logical representation of multiple, hierarchical
levels in a directory
Directories
Figure 8-3: A directory tree
Directories
Figure 8-4: Two possible tree for the same organization
File System
An operating system’s method of organizing,
managing, and accessing its files through
logical structures and software routines
Be careful not to confuse file systems with
directories


A file system interacts with the operating system
A directory organizes files so that a user can find
them on a hard disk
FAT (File Allocation Table)
FAT (File Allocation Table)

Original PC file system designed in the 1970s
to support floppy disks and, later, hard disks
FAT16

File system designed for use with early DOSand Windows-based computers
FAT32

Enhanced version of FAT16 that
accommodates the use of longer filenames
and smaller allocation units on a disk
Significant FAT16
Characteristics
Partitions or files cannot exceed 2 GB
(when used with Windows 2000 file
system, cannot exceed 4 GB)
Uses 16-bit fields to store file size
information
Without additional utilities, supports only
filenames with maximum of eight
characters in the name and three in the
extension
Significant FAT16
Characteristics
Characterizes files on a disk as Read, Write,
System, Hidden, or Archive
A FAT16 drive stores data in noncontiguous
blocks and uses links between fragments to
ensure that data belonging to the same file, for
example, can be pieced together when the file is
requested by the operating system
Because of its low overhead, it can write data to
a hard disk very quickly
Significant FAT32
Characteristics
Uses 28-bit fields to store file size information
Supports long filenames
Theoretically supports partitions up to 2
Terabytes in size
Partitions can be easily resized without
damaging data
Provides greater security than FAT16
Supported by Windows 9x, Windows Me, and
Windows 2000
HPFS
High-Performance File System
File system originally designed for IBM’s
OS/2 operating system
Offers greater reliability and efficiency than
FAT
Supports extended attributes

Ex. File history
Sharing Applications
One significant advantage of the client/server
relationship is the ability to share resources
Shared applications are often stored on a file
server specifically designed to run applications
For some applications, you can purchase a site
license

For a fixed price, a site license allows any number of
users on one location to legally access that
application
Sharing Printers
Figure 8-5: Shared printers on a network
Sharing Printers
All NOSs can:







Create an object that identifies printer to rest of
network
Assign printer a unique name
Install drivers associated with printer
Modify printer attributes
Establish or limit access to printer
Remotely test and monitor functionality
Update and maintain printer drivers
Sharing Printers
Figure 8-6: NetWare printer identification screen
Sharing Printers
Printer queue

Logical
representation
of printer’s
input and
output
Figure 8-7: Client issuing a job to a networked printer
Managing System Resources:
Memory
Physical memory

Refers to (RAM) chips installed on computer’s system
board that provide dedicated memory to that machine
Virtual memory


Logically carved out of space on hard disk and added
to physical memory
Stored on hard disk as a page file (or swap file)
Paging

Process of moving pages between RAM and into a
page file on disk
Managing System Resources:
Multitasking
Multitasking

Ability of a processor to perform many
different operations in a brief period of time
Preemptive multitasking


Type of multitasking supported by NetWare,
UNIX, and Windows 2000
Performs one task at a time
Managing System Resources:
Multiprocessing
Process

Routine of sequential instructions that runs
until it has achieved its goal
Thread

Self-contained, well-defined task within a
process
Multiprocessing

Support and use of multiple processors to
handle multiple threads
Managing System Resources:
Multiprocessing
Symmetric multiprocessing

Splits all operations equally among two or
more processors
Asymmetric multiprocessing

Assigns each subtask to a specific processor
Introduction to Windows 2000
Server
Windows 2000 Server serves as a redesign and
enhancement of Windows NT Server

Windows NT was a popular NOS known for its intuitive
graphical user interface (GUI)
Windows 2000 Server carries on many of the
advantages of Windows NT Server, plus provides
additional features and capabilities (see next slide)
Windows 2000 Advanced Server offers same
benefits and features as Windows 2000 Server, but
adds support for clustering



Server – 4GB RAM & 4 processors
Advanced – 8GB RAM & 8 processors
Datacenter – 64GB RAM & 32 processors
Some Benefits of Windows
2000 Server NOS
Advanced system of organizing and managing
network objects, called Active Directory
Multiple, integrated Web services with easy to use
administrator interface
Support for great deal of RAM and multiple
processors
Support for multiple, modern protocols and security
standards
Excellent integration with other NOSs
Simple, centralized management of multiple clients
Flexible, customizable network management interface
Why Choose Windows 2000
Server?
Windows 2000 Server is a popular NOS
because it addresses most of a network
administrator’s needs very well
Its customizable graphical administrative
interface called, the Microsoft
Management Console (MMC), makes
Windows 2000 Server a simple operating
system to manage
Windows 2000 Server
Hardware
Important resource for determining what kind of Windows 2000
hardware to purchase is Microsoft’s Hardware Compatibility
List (HCL)
Table 8-2: Minimum hardware requirements for Windows 2000 Server
Windows 2000 Server Memory
Model
Figure 8-8: Viewing virtual memory
Windows 2000 File Systems
In addition to FAT, FAT32, and HPFS file
systems, Windows 2000 Server supports other
file systems, including:

CDFS (CD-ROM File System)
Used to read from and write to a CD-ROM disk

Universal Disk Format (UDF)
Another file system used on CD-ROM and DVD media

NTFS (New Technology File System)
Developed for Windows NT platform
With release of Windows 2000, Microsoft updated NTFS to
version 5
NTFS Features
Filenames can be maximum of 256
characters long
Stores file size information in 64-bit fields
Files or partitions can be as large as 16
exabytes
Required for Macintosh connectivity
NTFS Features
Incorporates sophisticated, customizable
compression routines
Keeps a log of file system activity to facilitate
recovery if a system crash occurs
Required for encryption and advanced access
security for files, user accounts, and processes
Improves fault tolerance through RAID and
system file redundancy
Microsoft Management Console
(MMC)
Tools added
to MMC
interface
are known
as snap-
ins
Figure 8-9: MMC Window
Active Directory
Schema

Set of
definitions of
kinds of objects
and information
associated with
those objects
that the Active
Directory
database can
contain
Figure 8-10: Active Directory and a simple user schema
Active Directory
Active Directory’s schema may contain
two types of definitions:

Classes
Also known as object classes
Identifies what type of objects can specified in
Active Directory

Attributes
Property associated with an object
Workgroups
Group of interconnected computers that share each
other’s resources without relying on a central server
Figure 8-11: A Windows workgroup network
Domains
Group of
users,
servers, and
other
resources that
share a
database of
account and
security
information
Figure 8-12: Multiple domains in one organization
Domains
Domain controller

Windows 2000 server that contains a replica
of the Active Directory
Member server

Does not hold directory information and,
therefore, cannot authenticate users
Replication

Process of copying Active Directory data to
multiple domain controllers
Domains
Figure 8-13: A Windows 2000 domain model network
Organizational Units
Container within
an NOS
directory used
to group objects
with similar
characteristics
or privileges
Figure 8-14: A tree with multiple domains and OUs
Trees and Forests
Domain tree



Group of hierarchically arranged domains that
share a common namespace in Windows 2000
Active Directory
At base of Active Directory tree is the root domain
From root domain, child domains branch out to
separate objects with the same policies
Forest

Collection of one or more domain trees
Trust Relationships
Relationship between two domains in
which one domain allows another domain
to authenticate its users
Active Directory supports two types of trust
relationships:


Two-way transitive trust
Explicit one-way transitive trust
Two-Way Transitive Trust
Security relationship
between domains in
same domain tree
in which one
domain grants
every other domain
in the tree access to
its resources and, in
turn, that domain
can access other
domains’ resources
Figure 8-15: Two-way trusts between domains in a tree
Explicit One-Way Transitive
Trust
Type of trust
relationship in
which two
domains that
belong to
different NOS
directory trees
are configured
to trust each
other
Figure 8-16: Explicit one-way trust between domains in different trees
Naming Conventions
Namespace

Refers to complete database of hierarchical names
used to map IP addresses to their hosts’ names
Each object on a Windows 2000 network can
have three different names:



Distinguished name (DN)
Relative distinguished name (RDN)
User principal name (UPN)
When creating a user account, user’s login name is added to
a UPN suffix
Naming Conventions
Figure 8-17: Distinguished name and relative distinguished name
Naming Conventions
Naming conventions used by Windows 2000
follow those specified in the Lightweight
Directory Access Protocol (LDAP)

LDAP is a protocol for accessing network
directories
In addition to a DN, RDN, and UPN, each
object has a globally unique identifier
(GUID)
Planning for Installation:
Preinstallation Decisions
How many, how large, and what kind of
partitions will the server requires?
What type of file system will the server
use?
What will the server’s name be?
Which protocols and network services
should the server use?
What will the Administrator password be?
Planning for Installation:
Preinstallation Decisions
Should the network use domains or
workgroups, and, if so, what will they be
called?
Will the server support additional
services?
Which licensing mode should I choose?


Per server
Per seat
How can I remember all of this
information?
Planning for Installation
Be prepared to:






Read and accept the license agreement
Identify your organization
Provide your registration key
Select the appropriate time and date
Specify display settings
Identify and supply drivers for hardware
components
Planning for Installation:
Windows NT Upgrade
Considerations
Back up the existing Windows NT server
On Windows NT network including multiple
servers and domain controllers, upgrade the
Windows NT PDC to a Windows 2000
domain controller first
Be certain to select “Upgrade to Windows
2000 (Recommended)” option on the first
setup screen
Planning for Installation:
Windows NT Upgrade
Considerations
If upgrading Windows NT PDC to Windows 2000
domain controller, indicate that you want to start
a new domain or forest during the Active
Directory Setup Wizard
After all Windows NT servers on network are
upgraded to Windows 2000 Server, convert
domains to native mode
Carefully follow upgrade instructions
Installing and Configuring a
Windows 2000 Server
Figure 8-18: Beginning with setup options
Installing and Configuring a
Windows 2000 Server
Figure 8-19: Selecting Windows 2000 components
Installing and Configuring a
Windows 2000 Server
Figure 8-20: Installing Components window
Initial Configuration
After completing the Windows 2000 Server
installation, the server is not yet ready to
support clients on a network
First, the software must be configured

For instance, to assign it a place in the
domain
Establishing Users, Groups, and
Rights
The Guest account is a predefined user account
with limited privileges that allows a user to log onto
the computer
The Administrator account is a predefined user
account that has the most extensive privileges for
resources both on the computer and on the domain
it controls
A local account only has rights on the server they
are logged onto
A domain account has rights throughout the
domain
Establishing Users, Groups, and
Rights
Figure 8-21: User account password properties
Establishing Users, Groups, and
Rights
A domain local group is one that allows its
members access to resources within a single
domain (usually resources)
A global group allows its members access to
resources within a single domain (usually
users)
A universal group is one that allows its
members to access resources across multiple
domains and forests
Establishing Users, Groups, and
Rights
Figure 8-22: Creating a group
Establishing Users, Groups, and
Rights
Figure 8-23:
The Program
Files Properties
dialog box
Internetworking with Other Network
Operating Systems
Gateway Services for NetWare (GSNW)

Acts as a translator between the Windows 2000 and
NetWare client redirector services
Client Services for NetWare (CSNW)

Can be installed on Windows 2000 clients to enable
them to access NetWare servers
Directory Services Migration Tool (DSMIGRATE)

Enables network administrators to migrate accounts,
files, and permissions from a NetWare NDS directory
to the Windows 2000 Active Server Directory