1、Chapter 13: Managing Internet and Network Interoperability,Learning Objectives,Install and configure a Web server and a Media Services server Install and configure DNS and WINS servers Install and configure a DHCP server,Learning Objectives (continued),Install and configure a terminal server Configu
2、re a Telnet server Install and configure a NetWare gateway,Microsoft Internet Information Services,Internet Information Services (IIS): A Microsoft Windows 2000 Server component that provides Internet Web, FTP, mail, newsgroup, and other services, and that is particularly offered to set up a Web ser
3、ver,Requirements for Installing a Web Server,Windows 2000 Server installed TCP/IP installed Access to an Internet service provider Sufficient disk space for IIS-related files Disk storage formatted for NTFS (recommended) Name resolution software, such as DNS and WINS,Installing IIS,IIS is a Windows
4、component that is installed in one of two ways: From the Control Panel Add/Remove Programs icon From the Administrative Tools menu using the Configure Your Server tool,IIS Components,Several IIS components can be installed, such as Web server, FTP server, NNTP service, and SNMP service Network News
5、Transfer Protocol (NNTP): A TCP/IP-based protocol used by NNTP servers to transfer news and informational messages to client subscribers who compose “newsgroups”,Internet Information Services Components,Table 13-1 Internet Information Services Components,Internet Information Services Components (con
6、tinued),Internet Information Services Components (continued),Selecting IIS Components for Installation,Figure 13-1 Specifying Internet Information Services components,Troubleshooting Tip,After the IIS components are installed in Windows 2000 Server, check all of the services associated with those co
7、mponents to make sure they are started and set to start automatically,Configuring IIS,Use the Configure Your Server tool (in the Administrative Tools menu) to further configure IIS services, such as creating a virtual directory,Configuring IIS,Figure 13-2 Configuring an IIS Web server,Virtual Direct
8、ory,Virtual directory: A URL formatted address that provides an Internet location (virtual location) for an actual physical folder on a Web server that is used to publish Web documents,Virtual Directory Security and Properties Settings,When you create a virtual directory on a Web server, be sure to
9、configure the appropriate security and other properties of the directory,Virtual Directory Security Options,Table 13-2 Virtual Directory Security Options,Virtual Directory Properties Tabs,Table 13-2 Virtual Directory Security Options,Configuring Virtual Directory Properties,Figure 13-3 A virtual dir
10、ectorys properties,Managing an IIS Web Server,An IIS Web server is managed using the Internet Services Manager (also called the Internet Information Services tool) which is started from the Administrative Tools menu or as an MMC snap-in,Elements Managed through the Internet Services Manager,The Inte
11、rnet Services Manager enables you to manage these elements: Default Web site Administration Web site FTP site SMTP virtual server NNTP virtual server,Using the Internet Services Manager,Figure 13-4 Managing a Web site,Default Web Site Properties,When a Web site is implemented, configure the Default
12、Web site properties such as security, the home directory, managers of the Web site, and performance options,Default Web Site Properties Tabs,Default Web Site Properties Tabs (continued),Configuring a Web Site,Figure 13-5 Configuring Web site properties,Setting Web Site Security,In the Web site prope
13、rties, click the Directory Security tab to configure the following authentication options: Basic authentication (password is sent in clear text): For clients who cannot use an encrypted password Digest authentication: For hashed security Integrated Windows authentication: For a secret code security
14、determined by a cryptographic formula,Configuring IP Security Access for Intranets/VPNs,You can control access to a Web server by restricting it using any combination of the following: IP addresses subnets domains,Configuring IP Address Restrictions,Figure 13-6 Configuring restricted IP access,Troub
15、leshooting IIS,Table 13-5 Troubleshooting IIS,Troubleshooting IIS (continued),Troubleshooting IIS (continued),Troubleshooting IIS (continued),Troubleshooting IIS (continued),Troubleshooting IIS (continued),Windows Media Services,Install Windows media services to offer voice and video multimedia serv
16、ices on a Web site, to enable the streaming mode, and to take advantage of multicasting Streaming: Playing a multimedia audio, video, or combined file received over a network before the entire file is received at the client,Configuring Windows Media Services,Use the Windows Media Services Administra
17、tor accessed from the Administrative Tools menu to configure Windows Media Services,Using the Windows Media Server Administrator,Figure 13-7 Windows Media Server Administrator,Microsoft DNS Server,DNS server: A Microsoft service that resolves computer names to IP addresses, such as resolving the com
18、puter name Brown to IP address 129.77.1.10, and that resolves IP addresses to computer names,Design Note,When you install Active Directory, you must have at least one DNS server A DNS server is also needed for an IIS server,Installing DNS Server,Install DNS as a Windows component from the Control Pa
19、nel Add/Remove Programs icon Double-click Networking Services in the Windows Components dialog box and select Domain Name System (DNS),Selecting DNS,Figure 13-8 Installing Microsoft DNS,Design Tip,Assign a static IP address to DNS servers On medium and large sized networks, configure at least two DN
20、S servers on the same or different networks in case one fails,Configuring DNS,Configure a forward and reverse lookup zone in the DNS server: Forward lookup zone: A DNS server zone or table that maps computer names to IP addresses Reverse lookup zone: A DNS server zone or table that maps IP addresses
21、 to computer names Zones are created and managed by using the DNS tool in the Administrative Tools menu,Viewing a Forward Lookup Zone,Figure 13-9 DNS Forward lookup zone,Creating a Reverse Lookup Zone,Figure 13-10 Creating a reverse lookup zone,Subnets,Folders can be created in a reverse lookup zone
22、 to reflect subnets,Reverse Lookup Zone Subnet Folders,Figure 13-11 Reverse lookup zone subfolders for subnets,Forward Lookup Zone Records,A forward lookup zone typically contains a host address (A) resource record: Host address (A) resource record: A record in a DNS forward lookup zone that consist
23、s of a computer name correlated to an IP version 4 address,Configuring a Host Address (A) Resource Record,Figure 13-12 Creating a host address (A) resource record,Reverse Lookup Zone Records,A reverse lookup zone typically contains a pointer (PTR) resource record: Pointer (PTR) resource record: A re
24、cord in a DNS reverse lookup zone that consists of an IP (version 4 or 6) address correlated to a computer name,Creating a PTR record,Figure 13-13 Creating a PTR record,Troubleshooting DNS,If DNS is not working, make sure that the DNS Server and DNS Client services are started and set to start autom
25、atically,Using Microsoft WINS,Install and use Microsoft WINS to resolve NetBIOS computer names WINS is installed as a Windows component via the Control Panel Add/Remove Programs tool WINS is a subcomponent of the Networking Services Windows component,DHCP,Install Microsoft DHCP to implement dynamic
26、IP addressing on a network DHCP is installed as a Windows component from the Control Panel Add/Remove Programs icon Double-click Networking Services in the Windows Components dialog box and select Dynamic Host Configuration Protocol (DHCP),Scope,Configure one or more scopes after DHCP is installed:
27、Scope: A range of IP addresses that a DHCP server can assign to clients Create scopes and manage DHCP by using the DHCP management tool from the Administrative Tools menu or as an MMC snap-in,Specifying a Scope,Figure 13-14 Creating a scope,Authorizing a DHCP Server,Authorize a DHCP Server in the Ac
28、tive Directory via the DHCP management tool: Right-click the server in the tree Click Authorize,Configure the DHCP Server to Update DNS Records,Configure the DHCP server so that it automatically registers new IP address in the DNS server (so you dont have to) To configure the DHCP server: Open the D
29、HCP management tool Right-click the DHCP server and click Properties Click the DNS tab,Configuring DNS Updating,Figure 13-15 Configuring automatic DNS registration,Troubleshooting a DHCP Server,Troubleshooting a DHCP Server (continued),Troubleshooting a DHCP Server (continued),Troubleshooting a DHCP
30、 Server (continued),Terminal Server Defined,Terminal server: A server configured to offer terminal services so that clients can run applications on the server, similar to having clients respond as terminals,Reasons for Using a Terminal Server,To support thin clients To centralize program access To r
31、emotely administer Windows 2000 Server,Thin Client Defined,Thin client: A specialized personal computer or terminal device that has a minimal Windows-based operating system. A thin client is designed to connect to a host computer that does most or all of the processing. The thin client is mainly res
32、ponsible for providing a graphical user interface and network connectivity.,Other Terminal Services Clients,Windows 2000 terminal services supports operating systems other than thin clients such as: MS-DOS Windows 3.x Windows 95/98 Windows NT and Windows 2000 UNIX and X-terminals Macintosh,Design Ti
33、p,If you plan to have many clients running multiple sessions on a terminal server, use a server computer that has a fast CPU and ample RAM,Terminal Services Components,Installing Terminal Services,Terminal Services is a Windows component that is installed using the Control Panel Add/Remove Programs
34、tool Install both the Terminal Services and Terminal Services Licensing components,Terminal Services Modes,When you install terminal services, select either the Remote administration mode (to remotely administer a server) or the Application server mode (for clients to run software on the server),Sel
35、ecting the Mode,Figure 13-16 Selecting the function of a terminal server,Terminal Services Management Tools,Table 13-8 Terminal Services Management Tools,Terminal Services Components,Configure the Terminal Services properties such as permission security, client connection settings, session timeout s
36、ettings, and others,Terminal Services Components,Table 13-9 Terminal Services Components,Terminal Services Components (continued),Configuring Terminal Services Components,Figure 13-17 Terminal service connection properties,Terminal Services Permissions,The allow and deny permissions associated with
37、terminal services are: Full Control: For access that includes query, set information, reset server, remote control, logon, logoff, message, connect, disconnect, and virtual channel use User Access: Enables access to query, connect, and send messages Guest Access: Enables access to logon,Terminal Ser
38、vices Encryption Options,The terminal services encryption options are: Low: Data sent from the client to the server is encrypted Medium: Data sent from the client to the server and from the server to the client is encrypted using the default server encryption High: Data sent from the client to the s
39、erver and from the server to the client is encrypted using the highest encryption level at the server,Creating a Terminal Services Client Installation Disk,Use the Terminal Services Client Creator tool (from the Administrative Tools menu) to create a client installation disk,Configuring a Client Ins
40、tallation Disk,Figure 13-18 Creating a terminal services installation disk,Installing Applications for Terminal Services,After installing and configuring Terminal Services, use the Control Panel Add/Remove Programs tool to install software applications that clients will access (and reinstall applica
41、tions that were installed before Terminal Services),Planning Tip,Avoid running 16-bit programs through Terminal Services, because these create extra server overhead reducing the number of connections by 60 percent and increasing demands on RAM by 50 percent,Monitoring Terminal Services,Use the Termi
42、nal Services Manager (on the Administrative Tools menu) to monitor connection sessions, including: Viewing a sessions status Connecting to view a session Logging off a user or resetting a session Sending a message Ending a process Controlling a session remotely,Troubleshooting a Terminal Server,Tabl
43、e 13-10 Troubleshooting a Terminal Server,Troubleshooting a Terminal Server (continued),Troubleshooting a Terminal Server (continued),Troubleshooting a Terminal Server (continued),Telnet Server,Another way for clients to access the resources on a Windows 2000 server is to configure it as a Telnet se
44、rver Telnet is TCP/IP-based and enables a computer to be set up as a network host to clients,Configuring Telnet Server,To configure a Telnet server: Use the Computer Management or Services tool to start the Telnet Server service An alternative method is to open the Command Prompt window and enter ne
45、t start tlntsvr,Gateway Service for NetWare,Gateway Service for NetWare (GSNW): A service included with Windows NT and Windows 2000 Server that provides connectivity to NetWare resources for Windows NT and Windows 2000 servers and their clients with the Windows NT/2000 server acting as a gateway,Ins
46、talling and Configuring Gateway Service for NetWare,Install the Gateway Service for NetWare using the Network and Dial-up Connections tool Use the GSNW icon on the Control Panel to configure Gateway Service for NetWare Use the Add Printers tool to connect to NetWare print queues through the gateway,
47、Chapter Summary,A Windows 2000 Server can become a Web server by installing IIS Install DNS and WINS to resolve computer names and IP addresses Install DHCP to enable a Windows 2000 server to automatically assign IP addresses to clients,Chapter Summary,Terminal services enable thin clients and other
48、 client operating systems to access Windows 2000 Server and run applications on the server Terminal services are also used to enable an administrator to remotely manage a server,Chapter Summary,Use Telnet server for basic TCP/IP client access Gateway Services for NetWare enables Windows 2000 Server clients to access NetWare servers,