CHAPTER NO -1

1.1 INTRODUCTION TO THE PROJECT

Our Project is “ENTERPRISE DOMAIN NETWORK IN COLLEGE ”. In this project, we will

manage the whole network of a college by using layer-3devices and servers.

Fig 1.1: Topology

1
1.2 Benefit
1) Centralization: Unlike P2P, where there is no central administration, here in this
architecture there is a centralized control. Servers help in administering the whole set-
up. Access rights and resource allocation is done by Servers.

2) Proper Management : All the files are stored at the same place. In this way, management
of files becomes easy. Also it becomes easier to find files.

3) Back-up and Recovery possible: As all the data is stored on server it’s easy to make a
back-up of it. Also, in case of some break-down if data is lost, it can be recovered easily
and efficiently. While in peer computing we have to take back-up at every workstation.

4) Up gradation and Scalability in Client-server set-up: Changes can be made easily by just
upgrading the server. Also new resources and systems can be added by making necessary
changes in server.

5) Accessibility: From various platforms in the network, server can be accessed remotely.

6) As new information is uploaded in database, each workstation need not have its own
storage capacities increased (as may be the case in peer-to-peer systems). All the changes
are made only in central computer on which server database exists.

7) Security: Rules defining security and access rights can be defined at the time of set-up
of server.

8) Servers can play different roles for different clients.

CHAPTER NO - 2

2
2.1 Software
2.1.1 Virtual BOX

Fig 2.1.1 Virtual Box

Virtual Box is a cross-platform virtualization application. What does that mean? For one thing, it
installs on your existing Intel or AMD-based computers, whether they are running Windows, Mac
or Linux operating systems. Secondly, it extends the capabilities of your existing computer so that
it can run multiple operating systems (inside multiple virtual machines) at the same time. So, for
example, you can run Windows and Linux on your Mac, run Windows Server 2008 on your Linux
server, run Linux on your Windows PC, and so on, all alongside your existing applications. You
can install and run as many virtual machines as you like -- the only practical limits are disk space
and memory.

3
 Virtual Box is deceptively simple yet also very powerful. It can run everywhere from small
embedded systems or desktop class machines all the way up to datacenter deployments and even
Cloud environments.

Why Virtual Box is useful

Running multiple operating systems simultaneously - Virtual Box allows you to run
more than one operating system at a time. This way, you can run software written for one operating
system on another (for example, Windows software on Linux or a Mac) without having to reboot
to use it. Since you can configure what kinds of "virtual" hardware should be presented to each
such operating system, you can install an old operating system such as DOS or OS/2 even if your
real computer's hardware is no longer supported by that operating system.

Easier software installations - Software vendors can use virtual machines to ship entire software
configurations. For example, installing a complete mail server solution on a real machine can be a
tedious task. With Virtual Box, such a complex setup (then often called an "appliance") can be
packed into a virtual machine. Installing and running a mail server becomes as easy as importing
such an appliance into Virtual Box.

Infrastructure consolidation - Virtualization can significantly reduce hardware and electricity

costs. Most of the time, computers today only use a fraction of their potential power and run with
low average system loads. A lot of hardware resources as well as electricity is thereby wasted. So,
instead of running many such physical computers that are only partially used, one can pack many
virtual machines onto a few powerful hosts and balance the loads between them.

4
2.1.2 GNS3

Fig: 2.1.2 GNS3

GNS3 is a Graphical Network Simulator that allows emulation of complex networks. You may
be familiar with Virtual box or Virtual PC that are used to emulate various operating systems in a
virtual environment. These programs allow you to run operating systems such as Windows XP
Professional or Ubuntu Linux in a virtual environment on your computer. GNS3 allows the same
type of emulation using Cisco Internetwork Operating Systems. It allows you to run a Cisco IOS in
a virtual environment on your computer. GNS3 is a graphical front end to a product called
Dynagen. Dynamips is the core program that allows IOS emulation. Dinesen runs on top of
Dynamo ips to create a more user friendly, text-based environment. A user may create network
topologies using simple Windows ini-type files with Dynagen running on top of Dynamics. GNS3
takes this a step further by providing a graphical environment.

5
GNS3 allows the emulation of Cisco IOSs on your Windows or Linux based computer. Emulation
is possible for a long list of router platforms and PIX firewalls. Using an EtherSwitch card in a
router, switching platforms may also be emulated to the degree of the card’s supported
functionality. This means that GNS3 is an invaluable tool for preparing for Cisco certifications
such as CCNA and CCNP. There are a number of router simulators on the market, but they are
limited to the commands that the developer chooses to include. Almost always there are commands
or parameters that are not supported when working on a practice lab. In these simulators you are
only seeing a representation of the output of a simulated router. The accuracy of that representation
is only as good as the developer makes it. With GNS3 you are running an actual Cisco IOS, so you
will see exactly what the IOS produces and will have access to any command or parameter
supported by the IOS. In addition, GNS3 is an open source, free program for you to use. However,
due to licensing restrictions, you will have to provide your own Cisco IOSs to use with GNS3.
Also, GNS3 will provide around 1,000 packets per second throughput in a virtual environment. A
normal router will provide a hundred to a thousand times greater throughput. GNS3 does not take
the place of a real router, but is meant to be a tool for learning and testing in a lab environment.
Using GNS3 in any other way would be considered improper.

2.1.3 Operating system

Client:-win7/win8/win10

Server:-2003/2008/2008R2/2012

6
2.1.4 Putty

PuTTY is a free and open-source terminal emulator, serial console and network file transfer
application. It supports several network protocols, including SCP, SSH, Telnet, rlogin, and raw
socket connection. It can also connect to a serial port. The name "PuTTY" has no definitive
meaning.

PuTTY was originally written for Microsoft Windows, but it has been ported to various other
operating systems. Official ports are available for some Unix-like platforms, with work-in-progress
ports to Classic Mac OS and macOS, and unofficial ports have been contributed to platforms such
as Symbian, Windows Mobile and Windows Phone.

Fig-2.1.3 Putty

7
2.1.5 Packet Tracer

Packet Tracer is a cross-platform network simulator designed by Cisco Systems to run on Mac OS,
Linux and Microsoft Windows. A similar Android app is also available. Packet Tracer allows users
to create simulated network topologies by dragging and dropping routers, switches and various
other types of network devices. A physical connection between devices is represented by a "cable"
item. Packet Tracer supports an array of simulated Application Layer protocols, as well as basic
routing with RIP, OSPF, EIGRP, BGP, to the extents required by the current CCNA curriculum. As
of version 5.3, Packet Tracer also supports the Border Gateway Protocol.

Version 6.0 added support for IOS version 15 and Hot Standby Routing Protocol. Version 6.1.1
added support for various DHCP, EIGRP and OSPF commands, improved support for Zone-Based
Firewall policies. As of version 6.2, Packet Tracer supports an embedded web server with
JavaScript and CSS support. The command line can be used for creating a router-to-pc connection.

Fig 2.1.4 Packet Tracer

8
2.2 Hardware

2.2.1 Server

In computing, a server is a computer program or a device that provides functionality for other
programs or devices, called "clients". This architecture is called the client–server model, and a
single overall computation is distributed across multiple processes or devices. Servers can
provide various functionalities, often called "services", such as sharing data or resources
among multiple clients, or performing computation for a client. A single server can serve
multiple clients, and a single client can use multiple servers. A client process may run on the
same device or may connect over a network to a server on a different device. Typical servers
are database servers, file servers, mail servers, print servers, web servers, game servers, and
application servers.

Client–server systems are today most frequently implemented by (and often identified with) the
request–response model: a client sends a request to the server, which performs some action and
sends a response back to the client, typically with a result or acknowledgement. Designating a
computer as "server-class hardware" implies that it is specialized for running servers on it. This
often implies that it is more powerful and reliable than standard personal computers, but
alternatively, large computing clusters may be composed of many relatively simple, replaceable
server components.

9
 Server type Purpose Clients
Application Hosts web apps (computer programs that run Computers with a web
server inside a web browser) allowing users in the browser
network to run and use them, without having
to install a copy on their own computers.
Unlike what the name might imply, these
servers need not be part of the world wide
web; any local network would do.
Catalog server Maintains an index or table of contents of Any computer program that
information that can be found across a large needs to find something on
distributed network, such as computers, users, the network, such a
files shared on file servers, and web apps. Domain member
Directory servers and name servers are attempting to log in, an
examples of catalog servers. email client looking for an
email address, or a user
looking for a file
Communications Maintains an environment needed for one Communication endpoints
server communication endpoint (user or devices) to (users or devices)
find other endpoints and communicate with
them. It may or may not include a directory of
communication endpoints and a presence
detection service, depending on the openness
and security parameters of the network
Computing Shares vast amounts of computing resources, Any computer program that
server especially CPU and random-access memory, needs more CPU power
over a network. and RAM than a personal
computer can probably
afford. The client must be a
networked computer;
otherwise, there would be
no client–server model.
Database server Maintains and shares any form of database Spreadsheets, accounting
(organized collections of data with predefined software, asset
properties that may be displayed in a table) management software or
over a network. virtually any computer
program that consumes
well-organized data,
especially in large volumes
Fax server Shares one or more fax machines over a Any fax sender or recipient
network, thus eliminating the hassle of
physical access
File server Shares files and folder, storage space to hold Networked computers are
10
 files and folders, or both, over a network the intended clients, even
though local programs can
be clients
Game server Enables several computers or gaming devices Personal computers or
to play multiplayer games gaming consoles
Mail server Makes email communication possible in the Senders and recipients of
same way that a post office makes snail mail email
communication possible
Media server Shares digital video or digital audio over a User-attended personal
network through media streaming (transmitting computers equipped with a
content in a way that portions received can be monitor and a speaker
watched or listened as they arrive, as opposed
downloading a whole huge file and then using
it)
Print server Shares one or more printers over a network, Computers in need of
thus eliminating the hassle of physical access printing something
Sound server Enables computer programs of a computer to Computer programs of the
play sound and record sound, individually or same computer
cooperatively
Proxy server Acts as an intermediary between a client and a Any networked computer
server, accepting incoming traffic from the
client and sending it to the server. Reasons for
doing so includes content control and filtering,
improving traffic performance, preventing
unauthorized network access or simply routing
the traffic over a large and complex network.
Web server Hosts web pages. A web server is what makes Computers with a web
world wide web possible. Each website has browser
one or more web servers.

11
2.2.2 Router

A router is a networking device that forwards data packets between computer networks.
Routers perform the traffic directing functions on the Internet. A data packet is typically
forwarded from one router to another router through the networks that constitute the
internetwork until it reaches its destination node.

A router is connected to two or more data lines from different networks. When a data packet
comes in on one of the lines, the router reads the address information in the packet to determine
the ultimate destination. Then, using information in its routing table or routing policy, it directs
the packet to the next network on its journey. This creates an overlay internetwork.

TYPES OF ROUTER

STATIC DYNAMIC

We can`t add or remove the ports We can add or remove the ports.

Because Router having a fix number

of ports

for e.g.:- Cisco 2500 series for e.g.cisco 1700,

3600, 7200 etc.

Fig 2.2.1 Router

12
2.2.3 Switch

It is intelligent device because it knows the physical address (MAC Address)

It performs broadcasting only first time.
It operates over a full duplex.
It is layer 2 & layer 3 devices.
No chance of collision
ASIC = Application Specific Integrated Circuit
It store MAC Address in CAM Table (Contained Address Memory)

TYPES OF SWITCH

Manageable Unmanageable

It is also called Configurable switch It is also called plug & play switch

Layer 2 Layer 3(router)

It know mac address It know both addresses

MAC Address (Physical address)

IP Address (logical address)

For e.g.: - For e.g.: -

Cisco 2900, 1900 CISCO 3550, 3560,3570,4000,8500 etc.

CHAPTER NO - 3
13
3.1 Open Shortest Path First
OSPF (Open Shortest Path First)
OSPF is a standardized Link-State routing protocol, designed to scale efficiently to support larger
networks.

• OSPF employs a hierarchical network design using Areas.

• OSPF will form neighbor relationships with adjacent routers in the same Area.

• Instead of advertising the distance to connected networks, OSPF advertises the status of directly
connected links using Link-State Advertisements (LSAs)..

• OSPF traffic is multicast either to address 224.0.0.5 (all OSPF routers) or 224.0.0.6 (all
Designated Routers).

• OSPF is a classless protocol, and thus supports VLSMs.

14
 Fig-3.1.1 Configuration

Other characteristics of OSPF include

• OSPF supports only IP routing.

• OSPF routes have an administrative distance is 110.

• OSPF uses cost as its metric, which is computed based on the bandwidth of the link. OSPF has no
hop-count limit.

The OSPF process builds and maintains three separate tables:

• A neighbor table – contains a list of all neighboring routers.

• A topology table – contains a list of all possible routes to all known networks within an area.

• A routing table – contains the best route for each known network.

3.2 VLAN (Virtual LAN)

By default all switch port member of the single broadcast domain so all pc share same broadcast.

To solve the problem switchport vlan. A vlan is a single broadcast domain. All device connected to
the vlan receive broadcast sent by any other vlan member but diff vlan will not receive those same
broadcast.

[VLAN Membership]

Two membership methods exist on catalyst switch:-

Static vlan: - static vlan offer port based membership , in which switch port are assigned to specific
vlan .

Dynamic vlan :- a dynamic vlan membership is configured using a special server called a vlan
membership policy server (vmps).

15
 Fig-3.2.1 Vlan

Configure static vlan

By default all switch ports are assigned to vlan1 , are set to be a vlan type of Ethernet , and have a
MTU size of 1500 byte . vlan always are referenced by a vlan number which can range from vlan
1 and 1002 through 1005 automatically are created and use for specific purpose for example vlan 1
is the default vlan for every switch port vlan 1002 to 1005 are reserved for legacy functions related
to token ring and fddi switching.

To configure static vlan

Switch(config)#vlan<vlan number>

Switch(config-vlan)#name <vlan name>

Or

Switch#vlan database

Switch(vlan)#vlan<vlan id> name <vlan name>

(Assign switch port into vlan)

Switch(config)#interface <int type>

Switch(config-if)#switchport

[The intialswitchport command configure the port for layer2 Operation]

Switch(config-if)#switchport mode access

[ This command force the port to be assigned to only a Single vlan]

Switch(config-if)#switchport access vlan<vlan-id>

Switch#show vlan

Switch#show vlan brief

16
 Fig-3.2.2 Configuration

3.3 VLAN TRUNKING

A trunk link , however can transport more than one vlan through a single switchport trunk link are most
benefit when switch are connected to other switch or switch are connected to routers.Cisco support trunking
on both fastethernet and gigabit Ethernet.

Fig 3.3.1 Vlan Trunking

17
Vlan frame identification

Because a trunk link can transport many vlan a switch must identify frame with their respective
vlan as they are sent and received over a trunk link that is called frame tagging .

Vlan identification can be performed using two method:-

 Isl (inter switch link)

 Ieee 802.1q
ISL:

The isl is a cisco proprietary method .isl perform frame identification in layer 2 by encapsulating
each frame between a header and a trailer .

Before transmit frame isl add 26 byte header and 4 byte trailer to the frame .

Fig 3.3.2 Vlan Frame

IEEE 802.1q
It is open standard protocol .default encapsulation cisco 2900 switch.

The header size of ieee is 4 byte.

Fig 3.3.3 IEEE 802.1q

18
Dynamic trunking protocol:

You can manually configure trunk link on catalyst switch for either isl or 802.1q mode .in addition.
cisco has implemented a proprietory , point to point protocol called DTP that negotiate a common
trunking mode between two switch.(30 sec)

(vlan trunk configuration)

Switch(config)#interface <int name>

Switch(config-if)#switchport

Switch(config-if)#switchport trunk encapsulation { isl | dot1q | negotiate }

A switch port must be in layer 2 mode before it can support a trunk .to accomplish this you use
switchport command.You then can configure the trunk encapsulation with the switchport trunk
encapsulation command.

Isl :-Vlan are tagged by encapsulation each frame using the cisco isl protocol.

Dot1q:-Vlan are tagged in each frame using the ieee 802.1q standard.

Negotiate (default):- the encapsulating is negotiated to select either isl or ieee802.1q .if both end
support both type end support both type isl is favored.

Fig 3.3.4 configuration

19
Inter Vlan Communication

After creating Vlans, each Vlan has own broadcast domain. If we want communication from one
Vlan to another Vlan then we need to perform routing. There are three methods for inter vlan
communication.

(1) Inter Vlan using router on a stick method

(2) Inter Vlan using layer 3 switch

(1) Inter Vlan using router on a stick method

In this method a special router is used for Inter Vlan. In this router, we can create one interface for
each Vlan. The physical interface of router will be connected on trunk port switch. This router will
route traffic on the same interface by swapping vlan id information with the help of frame tagging
protocol.

Router
Fa 0/0.1 – 10.0.0.1 -> Vlan1

Fa 0/0.2 – 11.0.0.1 -> Vlan3

Fa 0/0.3 – 12.0.0.1 -> Vlan5

Fa 0/0

Trunk
Vlan 1, 3, 5
T T T

1 3 5 1 3 5 1 3 5

N/w 10.x.x.x 11.x.x.x 12.x.x.x

Gateway 10.0.0.1 11.0.0.1 12.0.0.1

20
 Router(config)#interface fastethernet
Configuration on Router 0/0.2
Router#configter
Router(config-if)#encapsulation dot1q
Router(config)#interface fastethernet
3
0/0
Router(config-if)#ip address 11.0.0.1
Router(config-if)#no ip address
255.0.0.0
Router(config-if)#no sh
Router(config-if)#no sh
Router(config-if)#exit
Router(config-if)#exit

3.4 VRRP
Virtual Router Redundancy Protocol (VRRP) [RFC 3768] is designed to eliminate the single point
of failure inherent in the static default routed environment. Specifies an election protocol that
dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN.VRRP
provides a function similar to a Cisco Systems, Inc. proprietary protocol named Hot Standby
Router Protocol (HSRP).A Digital Equipment Corporation, Inc. proprietary protocol named IP
Standby Protocol (IPSTB).A virtual router an abstract representation of master and backup
physical routers acting as a group consists of a Virtual Router Identifier (VRID) and a set of
associated IP address(es) across a common LAN. Master router performs packet forwarding for
local hosts answers ARP requests for these IP address(es) associated with a virtual router only one
master router doing the actual routing backup routers“back up” in case the master router fails.

Priority
 A value between 0-255.
 0: indicate the current Master has stopped participating in VRRP
 255: for the VRRP router that owns the IP addresses associated with the virtual router
 Note that if the IP address owner is available, then it will always become the Master.
 1-254: for the VRRP routers backing up a virtual router .

21
Fig 3.4.1 Configuration

22
 CHAPTER NO – 4

4.1 DNS (DOMAIN NAME SYSTEM)

DNS is a protocol in the TCP/IP suite of protocols. It helps in translating computer names into ip
addresses.DNS is a standard technology for name resolution, i.e., translating names into ip.DNS is
widely used in Internet and also in private networks for Name resolution.DNS is also used in
providing and locating network services in a network. In Internet, DNS translates website names or
Internet domain names into IP addresses.
DNS IN PRIVATE NETWORKS/ LANs: In a private network or LAN you can use DNS
to connect computers through names instead of using ip addresses. In a network, PCs connect to
each other through name by using broadcasting. Before DNS, hosts file was used for name
resolution. Hosts file is a text file containing list of names and ip addresses.
DNS is the best solution for name resolution in a network because broadcasting produces network
traffic and it is difficult to maintain Hosts file.
DNS NAMESPACE
DNS has a hierarchical structure. This means, in DNS, we use a main or root name and under this
root name, we can have many sub-names or child names.DNS name structure can be compared
with a tree, having root and then branches. In DNS, we use a special namespace called DNS
DOMAIN NAME in the format xyz.abc. For example, intel.com, nokia.com etc.The dot represents
Root Name. Use of Domain name helps in creating unique computer names and two networks can
use the same names but their full DNS names will always be different.Domain Names are like area
codes in the telephone network.
What is a ZONE in DNS ?
Zone is a database containing list of names and ip addresses. In other words, Zone refers to a DNS
domain name over which DNS server has the full authority.
Zone is of two types:
Forward-Lookup Zone : DNS server having this zone can translate names into ip addresses.
Reverse-Lookup Zone: DNS server having this zone can translate ip addresses into names.This
zone is used for troubleshooting DNS service.

23
TYPES OF DNS SERVERS
1.Primary DNS server : It is also called Master DNS server. This DNS server had the full authority
over the zone created in it and any change can be made in the zone. The zone in this server is
called primary zone.

2. Secondary DNS server : The zone present in this server is the copy of the zone present in the
Primary DNS server. No change can be made in the secondary zone. Secondary DNS servers are
created for offering fault-tolerance and load-balancing for the DNS service.

3. Active Directory-Integrated DNS server: This DNS server is created as the result of Active
Directory Installation and it is used to provide active directory service to the clients.

4. Caching-only DNS server : This server does not contain any zone.It just stores the DNS queries
made by the clients to the other main DNS servers.When main DNS servers are not available,
clients refer to the caching-only DNS server for name resolution.
Components of the DNS Server :-
DNS Query
DNS Zone
DNS Resource Record

DNS Query:- DNS is a request for name resolution that is send to DNS server by the client in
a network. A client can send query to a DNS server or DNS server can also send a DNS query to
another DNS server.

24
DNS Query Are Two Types

1) Recursive DNS Query: In this query DNS server did not take responsible to find best
answer for client. DNS server can forward this query to next another DNS server.

Fig 4.1.1 Recursive DNS Query

25
 2) Iterative DNS Query: Is a query in which the client accept the best available answer from
the DNS server. In case if the server does not know the answer , it may direct forward this
query another DNS server. All Burdon on local DNS server.

Fig 4.1.2 Iterative DNS Query

DNS Resource Record:

Start of Authority (SOA) Record

The first record in any database is represents the SOA record.

Name Server (NS) Records

Name server (NS) records contain the domain name server.

Host (A or AAAA) Resource Records

These records map the DNS domain name of the computer (or host) with their IP address. Exp…..
If the host name server1.abc.com has the IP address is 192.168.0.10.

Server 1 A 192.168.0.10

Alias (CNAME) Records

26
 This is the short name of the FQDN like this pc1.row1.lab18.floor2.o7services.com these IP
address is 50.0.0.1 this CNAME is www.o7services.com these IP 50.0.0.1

Mail Exchange (MX) Record

Used by e-mail applications to locate mail servers with in zone.

Pointer (PTR) Records

Used only to support reverse lookup zone. It converts IP address into host name.

Note: - WINS (Windows Internet Naming Server) it convert NetBIOS into IP address. WINS is old
version of the DNS server

4.2 Installation Of DNS Server

1. Open Server Manager. To open Server Manager, click Start, and then click Server
Manager.

Fig 4.2.1 DNS Installation

27
2. In the results pane, under Roles Summary, click Add roles.

Fig 4.2.2 DNS Installation

3. Select DNS server from the list and click on next.

Fig 4.2.3 DNS Installation

4. Click on install

28
 Fig 4.2.4 DNS Installation
1. Click on close.

4.2.5 DNS Installation

4.3 CONFIGURATION OF DNS SERVER

29
1. Open DNS server management console and right click on forward lookup zone. Give the
zone name e.g. pit. Local

Fig 4.3.1 Configuration DNS Server

2. Click on next

Fig 4.3.2 Configuration DNS Server

3. Click on allow both unsecure and secure updates.

30
 Fig 4.3.3 Configuration DNS Server

4. Click on next

Fig 4.3.4 Configuration DNS Server

5. Add all resource records

31
 Fig 4.3.5 Configuration DNS Server

4.4 DNS COMMANDS

C:>tracert www.yahoo.com :--Command is use to check the path a data packet follow from one
router to another router.

C:>Nslookup :-- Command is display the Domain name with IP.

C:>Ipconfig /all :-Display the IP address with FQDN, IP address MAC address.

C:>ipconfig /flushdns :- Flush and reset the DNS resolver cache

C:>ipconfig /displaydns :- Display the contents of DNS resolver cache.

C:>ipconfig /registerdns :- Register any DNS names.

CHAPTER NO - 5
32
5.1 Active Directory (AD)
We can manage all users and security centralizes with the help of ADS. In simple terms, AD is a
database containing list of user accounts, computer accounts, shared folders, printers, groups and
group policy objects present in the domain network. The service running AD is called Active
Directory Service (ADS). Client PCs use the protocol LDAP (Lightweight Directory Access
Protocol) to access the ADS. Port Number use 389 in LDAP.
Use of DNS in Domain Network
DNS in the Microsoft Domain Network helps in the following ways:
1. DNS provides ADS service to the clients.
2. Clients locate DCs through DNS.
3. DNS provides Name Resolution Service in the network.
4. Active Directory Domain Network is given the same name as the DNS domain
network

5.2 Types of Active Directory

1. Domain.
2. Domain Controller.

1. Domain.
A domain is a group of computer connected logically in a network. The domain enables the
system Administrator to simplify the process of managing the computer and user on the
network.

Types of Domain

1. Domain forest.
A forest is created when you configure the win 2k3 server computer as a domain controller. A
forest is a collection of multiple domain link together and relationship between the domains. You
can add domain tree and domain in a forest.

33
2. Domain Tree.
A domain tree is made up when there is a parent child relationship between domains in a forest.
The child domain name must include the complete parent domain name.
A tree is set of two or more domains sharing common namespace. For example, we can create a
parent domain and then a child domain. (mail.yahoo.com) mail child domain yahoo parent domain.

Fig: 5.2.1 Domain Forest

2. Domain Controller.
 PDC – Primary Domain Controller.
 ADC - Additional Domain Controller.
 CDC- Child Domain Controller.
 RODC-Read Only Domain Controller
 NTR-NEW TREE ROOT
1. PDC – This is first domain controller in the domain all entrees are created in it like user
account, group policy OU etc.
2. ADC – This is true copy of the PDC. This domain controller is use for fault tolerance and
load balance. All Active Directory database is replicated automatically with PDC.
3. CDC – This domain controller is sub domain of the PDC. This is use for load balancing

34
 4. RODC -A read-only domain controller (RODC) is a server that hosts an Active Directory
database's read-only partitions and responds to security authentication requests.
5. NTR-Create a new domain tree only when you need to create a domain whose DNS
namespace is not related to the other domains in the forest.

5.3 Installation of Active Directory

1. Run a command “dcpromo.exe” to install active directory.

Fig 5.3.1 Installation of AD

35
2. It checks if the binaries of active directory domain services are already installed or not.

3. If AD not installed already than, welcome wizard will be displayed on the screen. Click next
to continue.

Fig 5.3.2 Installation of AD

4. Click next.
36
5. This wizard provides two options

Either you can create a new forest or you can create a different domain in the same forest.

Fig 5.3.3 Installation of AD

37
6. Here it asks to provide a full description of domain name that you wish to proceed with.

Fig 5.3.4 Installation of AD

38
7. Provide a NETBIOS name of the domain so that the previous windows users are able to
connect to this domain.

Fig 5.3.5 Installation of AD

8. In the active directory installation wizard, it asks for the forest functional level and provides a
drop down list to choose from.
39
 Fig 5.3.6 Installation of AD

9. As the forest level, the next step is to select a domain functional level from the drop down list.

40
 Fig 5.3.7 Installation of AD

10. In additional domain controller options, it asks if you want to install dns server service on this
domain. If yes, select the DNS option under the ‘select additional options for this domain’.

41
 Fig 5.3.8 Installation of AD

11. Next step shows the path where database, log files as well as the SYSVOL folders would be
stored. You can change the location by providing another path through browse.

12. Here it asks for the ‘directory restore mode administrator password’. One thing you need to
remember is that the ‘restore mode administrator account’ is different from the ‘domain
administrator account’.

42
 Fig 5.3.9 Installation of AD

13. In the installation wizard, this step gives summary of every option you choose while creating
domain. You can also save the settings for further use by exporting the summary on another
volume.

14. As you click next, it checks for the group policy management console.

15. After installation it will ask to restart the server.

43
 Fig 5.3.10 Installation of AD

5.4 Configuration of Active Directory

1. In the start menu, under administrative tools various active directory services would
have been installed. Active Directory Users and Computers is one of them.

44
 Fig 5.4.1 Configuration of AD

2. Your created domain name ‘lkc.local’ would be shown on the left side. Right click on
the domain ‘lkc.local’ and create a new organizational unit under the name ‘IT’.

3. It provides the facility to protect database from accidental deletion.

45
 Fig 5.4.2 Configuration of AD

4. Now in the OU named ‘IT’ , create a user with first name, user logon name and click
next.

46
 Fig 5.4.3 Configuration of AD

5. This wizard asks to set a password for a specific user.

6. It also grants the permissions like password never expires or the user can change
password by himself or not etc.

Fig 5.4.4 Configuration of AD

7. Full details of a particular user are shown, if you want to change any detail you may go
back to those steps. Else click finish and the user would be created.
47
8. Under the IT OU the list will be provided with all the details of users created in
lkc.local.

Fig 5.4.5 Configuration of AD

9. Right click on the user and go to properties. Here you can edit any stting or permission
of this user related to account, profile or environment etc.

48
 Fig 5.4.6 Configuration of AD

10. Right click the user and choose the group from the select groups dialogue box.

Fig 5.4.7 Configuration of AD

11. In the object types, choose the group which you want.

49
 Fig 5.4.8 Configuration of AD

CHAPTER NO - 6

6.1 Distributed file System (DFS):

50
It is a set of client and server services that allow an organization using Microsoft Windows servers
to organize many distributed SMB file shares into a distributed file system. DFS provides location
transparency and redundancy to improve data availability in the face of failure or heavy load by
allowing shares in multiple different locations to be logically grouped under one folder, or DFS
root.

DFS Replication

Early versions of DFS used Microsoft's File Replication Service (FRS) which provides basic file
replication capability between servers. FRS identifies changed or new files, and copies the latest
version of the entire file to all servers.

Windows Server 2003 R2 introduced "DFS Replication" (DFSR) which improves on FRS by only
copying those parts of files which have changed (remote differential compression), by using data
compression to reduce network traffic, and by allowing administrators flexible configuration
options for limiting network traffic with a customizable schedule.

Fig 6.1.1 DFS Replication

6.2 Installation of DFS Server
1. Open server manager and click on add roles. After that select file services from the list.

51
 Fig 6.2.1 Installation of DFS

2. Select Distributed file system from the list.

52
 Fig 6.2.2 Installation of DFS
3. Give the dfs namespace and click on next

Fig 6.2.3 Installation of DFS

4. Select the type of dfs server from the page

53
5. Click on select and give the user name and password to authenticate the user for
configuration of DFS
6. Add namespace

Fig 6.2.4 Installation of DFS

7. Click on install button.

8. Click on close button.

6.3 Configuration of DFS server

54
 1. Open DFS management console and click on namaespace.

Fig 6.3.1 Configuration of DFS Server

2. Right click on namespace and add new folder.

3. Give the folder name and add target path.

55
 Fig 6.3.2 Configuration of DFS Server
4. click on browse button and select server name and folder name also.

Fig 6.3.3 Configuration of DFS Server

56
5. Again add new folder

Fig 6.3.4 Configuration of DFS Server

6.4 File Server

57
In computing, a file server (or fileserver) is a computer attached to a network that has the primary
purpose of providing a location for shared disk access, i.e. shared storage of computer files (such
as documents, sound files, photographs, movies, images, databases, etc.) that can be accessed by
the workstations that are attached to the same computer network. The term server highlights the
role of the machine in the client–server scheme, where the clients are the workstations using the
storage. A file server is not intended to perform computational tasks, and does not run programs on
behalf of its clients. It is designed primarily to enable the storage and retrieval of data while the
computation is carried out by the workstations.

File servers are commonly found in schools and offices, where users use a LAN to connect their
client computers.

A file server may be dedicated or non-dedicated. A dedicated server is designed specifically for use
as a file server, with workstations attached for reading and writing files and databases.

File servers may also be categorized by the method of access: Internet file servers are frequently
accessed by File Transfer Protocol (FTP) or by HTTP (but are different from web servers, that
often provide dynamic web content in addition to static files). Servers on a LAN are usually
accessed by SMB/CIFS protocol (Windows and Unix-like) or NFS protocol (Unix-like systems).

Database servers, that provide access to a shared database via a database device driver,
are not regarded as file servers as they may require Record locking.

Fig 6.4.1 File Server

6.5 Installation of File Server

58
1. Open Server Manager and click on add roles and select file services.

Fig 6.5.1 Installation of File Server

2. Click on next and select file server from the list.

Fig 6.5.2 Installation of File Serve

59
3. Click on install

Fig 6.5.3 Installation of File Server

60
4. Click on close button.

5. We can manage file server using share and storage management console.

Fig 6.5.4 Installation of File Server

CHAPTER NO - 7

7.1 Future Scope

61
In Future, we can implement the more security on this project, using VPN (Virtual Private
Network). We can add a new college site by adding a new PDC or NTR.

7.2 Conclusion

According to college structure ,we need to centralized the database and to overcome this need we
placed PDC in college and to restrict users base for related services and to give access to resources
GPO(Group Policy Objects) comes into the picture.

The project was successful in overcoming the disadvantages of a manually assigning the ip
addresses. The colleges located in two different could share their data with the help of trust created
between PDC and NTR.

We can manage the whole network of college site from the one core device at college site.

7.3 Bibliography

62
1. Name of the Book : MCITP Enterprise Administrator Core Requirements
Author’ s Name: Dan Holme, Danielle Ruest, Nelson Ruest

2. Name of the Book: Windows Server 2008 Enterprise Administrator Study Guide
Author Name: Samuel Johnson

3. Name of the Book: CCNA Routing and Switching Complete Study Guide:
Author Name: Todd Lammle

4. Name of the Book: CCNA Routing and Switching

Author’s Name: Wendell Odom

Websites links:
www.networksolutions.com
www.wikipedia.org
www.technet.microsoft.com
www.cisco.com

63