You are on page 1of 8

Expand IDS Companys Network

I.

Problems :

Scale of operations of the company is expanding. To match that growth requires to expand
the companys network.
II.

Methods

Setting up a new server to provide network services needed to create a local network for
the company.
III.

Requirements

Successfully set of services on the server:


-

IV.

Setting up the server may provide dynamic IP using DHCP Services


Setting up the server can identify the domain name using DNS Services
Setting up the server for clients in the network can communicate via internal mail
using Squirrel Mail - Postfix - Dovecot - Apache (Bind Service)
- Set up sharing of environmental data through the system sync corporate intranet
using SAMBA Service
Configuring Server
1. Installing CentOS Server
Server will be installed on a CentOS 7 platform can choose 1 of 2 copies
of the DVD, Minimal
The installation steps are presented in the following article:
https://conglinh.com/596-huong-dan-cai-dat-he-dieu-hanh-centos-7.html
Add 2 users : root and admin
2. Basic settings for server
Update new version using command :
yum update . Follow instructions from the command line
After that you must reboot system
3. Installing and Setting up the DHCP Services for Server
Install some packages :
yum install dhcp
Set up files in all directions as follows :
https://www.youtube.com/watch?v=3uT8BgY0I30
After that you must start an enable dhcpd using command line:
systemctl enable dhcpd
systemctl start dhcpd
Operating Status of DHCP Service : systemctl status dhcpd
Log file to manage the DHCP Service :
tail f /var/log/messages

The client after connection to the system must be in automatic mode to


update IP (DHCP)
4. Configuring DNS Services
Install some packages : yum install bind*
Config file named.conf
Create files to resolve domain name to IP ( frd .zone and rev.zone )
Using command : systemctl start named , to start DNS services
Using command : systemctl enable named, to enable DNS Services
startup with OS
DNS operates through Port 53 . So we are open firewall at port 53
firewall-cmd --permanent --add-port=53/tcp
firewall-cmd --permanent --add-port=53/udp
firewall-cmd --reload
Set permission :
chgrp named R /var/named
Chown -v root:named /etc/named.conf
If you skip this step when accessing services using DNS for name
resolution as mail domain will fail Permission Denied.
Regulations can be found in more detail in:
https://www.unixmen.com/setting-dns-server-centos-7/
5. Configuring Mail Server
Install some packages :
yum install epel-release
yum install postfix
yum install dovecot
yum install squirrelmail
After that , you can configure some parameters :
Set hostname : 192.168.1.40 idsolution.vn trong file /etc/hosts
Disable SElinux
Apache Server operates at port 80 . So we must open port 80 in
firewall
Configure file main.conf
Using command : systemctl start postfix, to start postfix service
Using command : systemctl enable postfix , to enable postfix
service and startup with OS
Configure file dovecot.conf
/etc/dovecot/conf.d/10-mail.conf
/etc/dovecot/conf.d/10-master.conf
/usr/share/squirrelmail/config/
./conf.pl to set up parameters of Mail
You can reference to after link :

https://www.unixmen.com/setup-a-local-mail-server-in-centos-7/
6. Configuring SAMBA server
Purpose : Sharing file and configure to Active Directory Domain
Controller
Step by step :
Sharing file :
o yum install samba*
o Create a folder to share ( /etc/samba/shared)
o Set permission for this folder :
chmod R 0777 /etc/samba/shared
o Configure file smb.conf in folder samba
o You can reference to after article :
o https://www.unixmen.com/install-configure-samba-servercentos-7/

Domain controller
Similar setup steps as above.
o Addition some information to file smb.conf
[global]
workgroup = UNIXMEN

add machine script = /usr/sbin/useradd -d /dev/null -g 200 -s /sbin/nologin -M %u


logon script = logon.bat
logon path = \\%L\Profiles\%U
domain logons = Yes
preferred master = Yes
domain master = Yes
idmap config * : backend = tdb

[homes]
comment = Home Directories
read only = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
print ok = Yes
browseable = No
[netlogon]

comment = Network Logon Service


path = /var/lib/samba/netlogon
browseable = No
[Profiles]
path = /var/lib/samba/profiles
read only = No
create mask = 0755
o Using command: testparm , to test samba
o Create 2 folders are Profiles and netlogon in local folder
samba
o Set permission for those folders ( chose : 1777)
o Add some account to system using command :
useradd [Username]
o Create a group using command :
groupadd [Group name]
o Add password for user , using command :
smbpasswd [Username]
o Disable firewall
o Set SELinux : samba_domain_controller on ;
samba_enable_home_dirs on

7. Network Map

Notices

V.

1. User account ( Server Account )


- Username : root
- Password : 0p;/9ol.
2.
-

Username : admin
Password : 0p;/9ol.
Email
URL : https://idsolution.vn/webmail
Mail : Squirrel Mail
Account :
o Username : minh.vo
o Password : 0p;/9ol.

3. Share file Active Directory Domain Controller (Samba server)


- Username : user1 , user2
- Password : 0p;/9ol.
4.
-

DHCP server
IP : 192.168.2.1 ( router gateway)
Range : 192.168.2.2 192.168.2.254 (253 clients)
Broadcast : 192.168.2.255
Protocols : TCP/UDP

5. DNS server
- DNS : 192.168.1.40 to resolve domain name idsolution.vn
Fill this IP on the client to enter the page idsolution.vn
6. Some problems cant resolve
- Send mail localhost to internet ( eg: Gmail, Yahoo ) .
o Solution : Using iRedMail Server
- Disconnect to internet in IP range 192.168.2.0/24
o Solution : Routing Router to know Range IP (192.168.2.0/24) . You can choose :
RIP or Static Routing for Router.

Summary
After one month from receipt of the problem and go through the process to learn, study the
relevant knowledge. I have completed the work as follows:Xy dng thnh cng mng ni b cho
cng ty
o Building successful internal mail system for the company
o Building successful gadgets to share files between users within the company
Besides, there exist a number of issues unresolved:
o Router not know the way out to the internet
o Not developed internal mail sent to the mail server outside the internet (Gmail,
Yahoo ...)