Professional Documents
Culture Documents
CASE PROBLEM
FOR
SYSTEM INFRASTRUCTURE
Submitted by:
Submitted to:
Mr. Arnel Maghinay
I. INTRODUCTION
Lending is the principal business activity for most commercial banks. The loan
portfolio is typically the largest asset in the predominate source of revenue. As such,
it is one of the greatest source of risk to a bank’s safety and soundness. Whether due
to lax credit standards, poor portfolio risk management, or weakness in the economy,
loan portfolio problems have historically been the major cause of bank losses and
failures.
The company would like to set up a network with centralized server where every
member of the department will log in.
Design an IP address for each department that will fit the need of the company.
Assume that each department will have 254 users. Include in your case study your
IP address per client and its subnet mask.
This study covers ABCs creating a network and displaying the structure of the
company. Making sure all the department sectors will be connected and get the same
information.
• Managing all log in pages from a central log in server to avoid duplication on
every web application
• Managing all other system-wide resources, such as password services pages,
error pages, and terms and conditions pages from a central server.
Login Page Use Cases
The purpose of the following use cases is to get you thinking about configuring
Centralized server authentication. These use cases reflect best practices and are
intended to identify techniques that you can use as part of a global architecture.
These use cases are not intended as a final architecture. Extrapolate the necessary
infrastructure from these cases to configure login pages that best meet the needs of
company.
ABCs Centralized Server Login Page
In this use case,
CA Single Sign-On
directs users to a centralized login page when they request a protected resource.
Specifically:
• A dynamic login page (login.asp) is deployed to the Web Agent host system.
• The dynamic login page is coded to:
o Post to a login FCC file (login.fcc).
o Display an error message when the SMTRYNO cookie is present in
the web browser of the user.
• The login FCC file is configured with an @directive (@smretries) to redirect
users to a failed authentication page (login.unauth) after two failed
authentication attempts.
• A CA Single Sign-On
The following diagram illustrates the authentication process for this use case:
Centralized Server dynamic forms login:
1. A user requests a
protected resource.
2. The Web Agent
contacts the Policy
Server, which
determines that the
resource is protected.
3. The Web Agent
redirects the user
request to login.asp.
4. The user submits
invalid credentials.
The credentials are
posted to the login.fcc
Figure 2.0 Centralized Server
file and processed by Login Authentication
the FCC.
5. The FCC forwards the
credentials to the Policy Server.
6. The Policy Server determines that the credentials are invalid and notifies the
FCC.
7. The FCC inserts the SMTRYNO cookie into the web browser of the user and
redirects the user to the login page.
8. The login page refreshes with an error message. The error message states that
invalid credentials were supplied and to try again.
9. The user submits invalid credentials. The credentials are posted to the
login.fcc file and processed by the FCC.
10.The FCC forwards the credentials to the Policy Server.
11.The Policy Sever determines that the credentials continue to be invalid and
notifies the FCC.
12.The user has exceeded the maximum number of failed authentication attempts
and is redirected to a page that displays a failed authentication message.
Figure 1.0 showed how ABC company active directory service works. Active
Directory uses Lightweight Directory Access Protocol (LDAP). LDAP operates
above TCP/IP and defines ways of address and access to objects between the client
and Active Directory server. Accordingly to LDAP protocol each object in catalogue
has its unique Distinguished Name, and this name distinguishes the object from other
Active Directory objects and also prompts where the given object is located.
Distinguished Name consists of common name (CN) and domain component –
domain constituent.
Common name defines an object or a container in which this object is positioned
whereas the domain component defines the domain where this object is located.
Besides in the distinguished name there could be indicated the organization which
the object belongs to. Logical elements of the Active Directory are objects,
containers (OU), trees, domains and forests.
Object is a definite set of attributes having its unique name e.g. a user of the network.
Accordingly to LDAP protocol, each object in the catalogue has its unique
Distinguished Name and this name distinguishes it from other objects of Active
Directory and also hints us where the given object is located. Unlike the object, the
container does not have physical presentation, and presents the totality of objects
and other containers in the network structure.
Marketing manager and marketing director are often interchangeable in the world of
marketing. A marketing manager typically has the responsibility of carrying out the
marketing strategy for the company. This includes creating marketing messages,
choosing mediums such as website advertising and print advertising, and carrying
out other marketing campaigns and programs to reach the target audience company.
Figured 5.0 Showed the common structure of an IT department which can be applied
in ABCs Company. The IT department develops, manages and maintains an
organization’s technology-related assets (hardware, software, systems, etc.,)
policies, procedure and systems. This includes, but is not limited to, the
administration of the company email systems, business intelligence and enterprise
resource planning [ERP] platforms, network setup, data backup and retrieval and
document storage. The group also provides employees with day-to-day technology
support to ensure that technology-related problems do not interfere with their work.
The systems analyst group works with end users, business unit managers and
customers to understand business needs and develop requirement and specifications
for systems and application. IT analyst acts as intermediaries between technical
developers and in end users and hopes of aligning business needs with system
designs and usability. Activities commonly performed by IT Analysis Group include
use case development, business process mapping and design, end user/stakeholder
interviews and system modelling (UML, SysML, etc.)
Figure 6.0 HR Department
Organizational Unit
Figure 6.0 Human Resource department are often organized along functions and may
be hierarchical in nature. Common units in human resource department:
1. Recruitment:
3. Employee Relations
Through effective training, employees could enhance their knowledge, skills and
work abilities, so that they can improve their job performance. Human resource
department conduct needs analysis to decide what training is necessary to improve
performance and productivity.
5. Workforce Safety
ACCOUNTING
MARKETING
IT
HR
When a user prints a document, the print job is sent to the Sentinel instead of the
printer. The job is then saved on the server until the user identifies themselves at a
printer using their ID card or key code.
Once the user is identified, their job will be sent to the printer where they identified
and printed. This printer does not have to be the printer to which they sent the job,
it can be any Sentinel-controlled printer.
In this way, the user could print the job in one branch of the company, drive to
another branch, identify themselves to a printer at the other branch and print their
job on location.
Additionally, Sentinel can be programmed to limit access to certain printers or to
limit the type and/or amount of pages a given user can print. If the user then tries to
print at an unauthorized printer or over their page limit, their job will not print and
they will be sent a reminder message.
It comes with its own management and report system. Any user can access their
own printing information, but only an administrator can access information about
everyone. Users can delete print jobs waiting to be printed if they don't want to
print them anymore. Also, they can generate their own reports to see their print
activity and change their personal settings.
Administrators can change any user settings, including limiting users' print quota
or printer access. They can generate reports about companywide printing behaviour
and they can access and change the jobs waiting to be printed by any user.
This shows you how simply you can redirect folder in Windows Server with group
policy. The folder redirection is the way to keep a profile folders to a network
location or other location in the local computer. Typically user profiles and settings
are stored in local profile. By redirecting folders, you can access to data regardless
of which computers you are logs in.
In addition to the immediate benefit of having that data on a file server that is
much easier to keep backed up, the user also gets the benefit of being able to go to
multiple computers in your organization and still have access to their data. Using
the default Windows settings and the default share settings on your file server,
these redirection will be even made available offline automatically for your users.
The Policy-Based QoS node
This quality of service (QoS) node, known as the Policy-Based QoS node, defines
policies that manage network traffic. For example, you might want to ensure that
users in the Finance department have priority to run a critical network application
during the end-of-year financial reporting period. You can do that by using the
Policy-Based QoS node.
In the User Configuration node only, the Windows Settings folder contains the
additional Folder Redirection node. With folder redirection, you can redirect user
data and settings folders such as AppData, Desktop, Documents, Pictures,
Music, and Favorites from their default user profile location to an alternate
location on the network, where you can manage them centrally.
3 – In the Name text box, type Redir, and then press Enter.
4 – Right-click the Redir folder, click Share with, and then click Specific people.
1 – In Server Manager, click Tools and then click Group Policy Management.
4 – In the navigation pane, right-click Folder Redirection, and then click Edit.
5 – In the Group Policy Management Editor window, under User
Configuration, expand Policies,expand Windows Settings, and then
expand Folder Redirection.
8 – Ensure that the Target folder location box is set to Create a folder for each
user under the root path.
9 – In the Root Path text box, type \\DC-CLOUD\Redir, and then click OK.
4 – In the command prompt window, when prompted, type the following, and then
press Enter:
Y
5 – Sign in to CLIENT-10 as Windows\Administrator with the
password asd@123.
8 – Verify that on the General tab, the Location field has a value of \\DC-
CLOUD\redir\Administrator.
If this is not successful, repeat steps 2 through 7, and then check the
redirection once again.
IT
that are stored in folders on a
networked computer, you’ll
2. Click the Map Network Drive button on the toolbar to open the Map Network
Drive dialog box.
To be able to map a network folder to a local drive, the folder must be shared and
you must have network permission to access it on the other computer.
3. Select an unused drive letter for the network folder in the Drive drop-down list.
4. In the Folder text box, enter the network share pathname. When you’re done, click
OK.
You can type the path like the \servershare example shown, or you can click the
Browse button and locate the shared network folder. If you want to select a
previously mapped folder, you can select it from the drop-down list of previously
entered pathnames.
5. (Optional) Select the Reconnect at Logon check box to tell Windows to map this
same drive every time you start the computer.
Also, if you’re not an administrator, select the Connect Using Different Credentials
check box. Then ask an administrator on your network to enter their username and
password in the Windows Security dialog box that appears before you click OK.
When you click Finish, Windows creates the network drive and automatically
opens it in Windows Explorer. After that, you can access any of the folder’s
subfolders and files by simply opening the network drive in the Computer window.
The following example sets a quota for user AMER\rallen with a ~381 MB
warning and ~1024 MB limit:
Using VBScript
strComputer = "."
strDrive = "<Drive>" ' e.g., D: intLimit = 1024 * 1024 * 600 ' = 600 MB
intWarning = 1024 * 1024 * 350 ' = 350 MB ' ------ END CONFIGURATION -----
---- set objWMI = GetObject("winmgmts:\\" ...
IV. EXECUTIVE SUMMARY
This case study presents the manner of managing and functioning of the designed
server of ABC company including Accounting, Marketing IT and HR creating a
server based network within the organization. The presented structures can be used
by public companies aside from ABC involved in similar identical activities. The
structured designed by the group was based on what they have research. This was a
learning process for us encountering unfamiliar codes and names. We have learned
so much by just an assumption of collective information. Theoretical this has been
observed by other researched to be effective.
VI. RECOMMENDATION
Hackers are always on the look out for server vulnerabilities. It is your responsibility
to ensure your data is safe and secure. Minimize risks and be confident your data is
safe on secure servers by implementing our server security tips and best practises.
https://docs.microsoft.com/en-us/windows-server/storage/folder-
redirection/deploy-folder-redirection
https://iproject.com.ng/computer-science/automated-loan-lending-management-
system/index.html
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-
software/layer7-identity-and-access-management/single-sign-on/12-52-
02/implementing/implementing-ca-single-sign-on/authentication-and-a-
centralized-login-server.html
https://blog.netwrix.com/2019/06/20/map-network-drives-or-shared-folders-using-
group-policy-in-8-easy-steps/