Embed Doc
Copy Link
Readcast
Collections

CommentGo Back

Implementing and Administering a MS Windows 2000 Network Infrastructure

Introduction

Windows 2000 is fast becoming the most widely deployed network operating system in the corporateworld and as the computer network industry advances in both technology and size, the need for provenskills and expertise is of prime significance. Microsoft has already realized the need of the situationand thus revised its Microsoft Certified Professional (MCP) program to give us appropriate credentialsto demonstrate our expertise of Microsoft Windows 2000 family of products and services. Windows2000 actually consists of several different flavors including Windows 2000 Server/Advanced Server,Data Center Server, and Windows 2000 Professional depending upon the client server environmentrequirements.This study guide provides an overview what you need to pass the exam 70-217 Implementing andAdministering a MS Windows 2000 Network Infrastructure and summarize the skills required toinstall, configure, and troubleshoot DNS, DHCP, remote access in a Windows 2000 network infrastructure, network protocols, IP routing, connection sharing and security.

Overview of Networking and TCP/IP

A network is a group of computers that share resources. A server is a central computer that containsfiles and resources that other computers can share. A client computer connects to the server and usesthese resourcesTCP/IP is the network protocol that provides Internet access. It is the protocol used by most servers,although you can use additional or different network adapters and their associated protocols on your servers. To use TCP/IP, make sure that each server is provided with an IP address, either a dynamic or automatic address provided through software, or a static address that you obtain and set. Because theseaddresses are numbers and therefore hard to remember, you will also have to provide users with namesthat are easier to use. Mapping this type of name to an IP address is called name resolution, and can beaccomplished by various methods, primarily the Domain Name System (DNS) and Windows Internet Name Service (WINS).

Name resolution for TCP/IP

Name resolution is a process that provides users with easy-to-remember server names, instead of requiring them to use the numerical IP addresses by which servers identify themselves on the TCP/IPnetwork. The name-resolution services are the DNS and WINS.

Domain Name System(DNS)

DNS is a hierarchical naming system used for locating computers on the Internet and private TCP/IPnetworks.It is used to map Internet domain and computer names into IP addresses and vice versa. DNSworks at the application layer and uses TCP and UDP for transport. TCP is only used if returned datais truncated. DNS was originally based on HOSTS files that were maintained by a centralized Network Information Center. Today it is based on a hierarchy of servers with a distributed hierarchicaldatabase throughout the network or Internet.One or more DNS servers are needed in most installations. DNS is required for Internet e-mail; Web browsing, and Active Directory. DNS is also required in domains with clients running Windows 2000.DNS is installed automatically when you create a domain controller (or promote a server to become a

domain controller), unless the Windows 2000 software detects that a DNS server already exists for that domain. (Alternatively, you can explicitly select DNS as a component to install during or after Setup.)

DNS Levels

DNS is a hierarchical naming structure with the following levels:

•

Root designated by a dot (.).

•

First level - This indicates country or type of organization such as "org", "com", and "net".

•

Second level - Indicates the organization name and can be purchased for a yearly fee. Notice that the highest level of the domain is listed last. An example of a domain name that you may be familiar with is: Microsoft.com.

DNS OperationDNS Servers

On the client side, a DNS resolver is used to send queries to DNS servers. The resolver is normally part of a library routine or it is built into the application. DNS uses zone files to keep name and IPaddress database information for the internet domain or hierarchial set of domains. Zones are a storageof information in a file for a DNS domain or DNS subdomains (DNS domains are not the same asWindows domains). DNS does not yet support dynamic configuration but has been modified for Windows systems to do so. Different aliases may be created by the administrator for the same host.Three types of name servers as defined by how it relates to the zone information:

•

Primary -

Locally stored files exist on the name server database. The master zone file copy isstored here.

•

Secondary -

Gets data called a zone transfer from another server that is the zone authority.

•

Caching Only -

Caches name server information and does not contain its own files.A primary and secondary name server should be used on a network. When a zone is defined, someserver must be configured to be a master name server for the zone. There can be different master nameservers for different zones. The master server provides copies of the zone information to the secondaryDNS server. Name servers can be configured to get information from other name servers when theinformation is not found in the local database. These types are forwarders and slaves. Name servers ascategorized by function:

•

Master - The zone authority that contains the master zone files.

•

Forwarders - A name server that passes name resolution requests to other name servers. Thisconfiguration is done on a per server basis.

•

Slaves - Slave name servers are configured to use forwarders.Windows introduces additional terminology:

•

Standard primary -

The same as a primary DNS server listed above. This is a master server by function.

•

Active Directory Integrated (primary) -

DNS entries are stored with Active Directory datarather than a normal zone file. More than one of these Active Directory primary servers mayexist due to Active directory replication. This term is used to refer to both the Active DirectoryIntegrated zones and files that support the zone.

•

Standard secondary -

The same as a secondary DNS server listed above. This is a slaveserver by function.

•

Root server -

The server that has the DNS data for the root zone. The root zone is theorganization internal network root zone or Internet root zone. It is used when a private network is not directly on the internet (no connection or via proxy server).If the DNS server is connected to the Internet, the DNS Server Wizard will not allow the DNS server to be configured as a root server.

Queries

Query types are:

•

Inverse -

Getting the name from the IP address. These are used by servers as a security check.

•

Iterative -

Server gives its best answer. This type of inquiry is sent from one server to another.

•

Recursive -

Cannot refer the query to another name server.

Zone Transfers

The DNS zone file serial number is used to track DNS changes. The notify function is used to initiatezone transfers. Zone transfer types are:

•

Full -

AXFR Query - Secondary server refresh interval expires and it sends an AXFR query.

•

Incremental -

IXFR query - Only new or updated entries are copied.

DNS Zones

Possible zones include:

•

Forward lookup zone -

Name to IP address map.

•

Reverse lookup zone -

IP address to name map.

•

Standard primary zone (primary zone) -

A master copy of a forward or reverse lookup zone.

•

Active Directory integrated zone -

A copy of a standard primary or Active Directoryintegrated zone. The IP address and computer name is stored in Active Directory and replicatedto all local domain controllers. DNS information is not replicated to domain controllers outsidethe domain.

•

Standard secondary zone (secondary zone)

Microsoft DNS

Microsoft DNS is compatible with BIND, but it is not the same. Windows 2000 Server or moreadvanced server is required to run DNS. It will not run on Windows 2000 Professional.Windows 2000 DHCP clients register forward lookup entries (A record) by default. The DHCP server registers forward (A) and reverse (PTR) DNS records.Windows 2000 computers can register their IP address and names with the network DNS server thatsupports dynamic updates (Not all DNS servers support dynamic updates, but Windows 2000 DNSservers do). Other operating systems other than Windows 2000 cannot register their IP address andnames with DNS dynamically. A Windows DHCP server can be configured to register assigned IPaddress and host names with the DNS server, which can support dynamic updates.