Special Program for Technical Vocational Education

COMPUTER SYSTEMS
SERVICING

LEARNING MATERIAL
Quarter 1
TANZA NATIONAL TRADE SCHOOL
Technical Vocational Education
SPTVE Computer Systems Servicing
 Weekly Learning Activity Sheets

Table of Contents Pages ​Date/Duration

Introduction 4
Pre-Test ​ 5
Quarter I: SETTING UP COMPUTER SERVERS
LO 1: Set up user access
Information Sheet 1.1 Network operating systems features 11 Week 1
Self-Check 1.1 15
Activity Sheet 1.1 16
Information Sheet 1.2 User access level configurations 18 Week 1
Self-Check 1.2 44
Activity Sheet 1.2 45
Information Sheet 1.3 Network policies and services 46 Week 2
Self-Check 1.3 56
Activity Sheet 1.3 57
Task Sheet 1.3 58
Information Sheet 1.4 Set up peer-to-peer (P2P) network access 59 Week 2
Self-Check 1.4 68
Activity Sheet 1.4 69

LO 2: Configure network services

Information Sheet 2.1 Configure server function 70 Week 3
Self-Check 2.1 82
Activity Sheet 2.1 83
Information Sheet 2.2 Server modules and addons 84 Week 3
Self-Check 2.2 86
Activity Sheet 2.2 87
Information Sheet 2.3 Network services and its operation 88 Week 3
Self-Check 2.3 92
Activity Sheet 2.3 93
Information Sheet 2.4 Procedures in respond to unplanned 94 Week 3
events and condition
Self-Check 2.4 98
Activity Sheet 2.4 99
Information Sheet 2.5 Domain controller (Active Directory) 100 Week 4
Operation Sheet 2.5 112
Self-Check 2.5 120
Activity Sheet 2.5.1 122
Activity Sheet 2.5.2 123
Assignment Sheet 2.5 124
Information Sheet 2.6 Domain Name Server 125 Week 5

2
Self-Check 2.6 139
Activity Sheet 2.6 140
Assignment Sheet 2.6 141
Information Sheet 2.7 Dynamic Host Configuration Protocol server 142 Week 6
Operation Sheet 2.7 156
Self-Check 2.7 165
Activity Sheet 2.7.1 167
Activity Sheet 2.7.2 168
Assignment Sheet 2.7 169
Information Sheet 2.8 File server 170 Week 7
Operation Sheet 2.8 178
Self-Check 2.8 183
Activity Sheet 2.8 184
Assignment Sheet 2.8 185
Information Sheet 2.9 Printer server 186 Week 8
Operation Sheet 2.9 192
Self-Check 2.9 197
Activity Sheet 2.9 199
Assignment Sheet 2.9 200
References 201

3
 Introduction

In this learning material, there will be two (2) most essential learning
competencies that you will encounter: (1) Set up user access and (2) Configure
network services. The two most essential learning competencies contain sub-topics
that discuss the details on ​setting up computer servers​.

The competencies for this learning material are:

LO 1: Set up user access

1.1 Create user folder in accordance with Network operating system features
1.2 Configure user access level based on NOS features
1.3 Establish network access policies/end user requirements
1.4 Perform security check in accordance with established network access
policies/end user requirements

LO 2: Configure network services

2.1 Check normal server function in accordance with manufacturer’s
instructions
2.2 Install and update required modules/add-ons on NOS installation
procedures
2.3 Confirm network services based on user/system requirements
2.4 Check operation of network services based on user/system requirements
2.5 Respond to unplanned events or conditions in accordance with
established procedures

4
Direction: Choose the correct answer from the given choices. Write your answer on a
separate sheet of paper.

1. Which network protocol used on IP networks where it is automatically assigns an

IP address and other information to each host on the network?
a. DHCP Server c. DNS Server
b. HTTP d. List Server
2. What do you call a computer program that provides a service to another
computer programs and their users?
a. DHCP Server c. DNS Server
b. Server d. List Server
3. These are primarily comprised of individual routines (SrvRoutines) that are
typically coded to perform database centric processing.
a. Server Module c. Client Manager
b. FTP Server d. List Server
4. It is a network protocol used to move computer files between a client and server.
a. DHCP Server c. FTP Server
b. HTTP d. List Server
5. It is a program that uses HTTP to serve the files that form Web pages to users, in
response to their requests.
a. DHCP Server c. FTP Server
b. HTTP d. List Server
6. A window Server 2008 computer that has been configured with the Active
Directory DS role is referred to as
a. Domain controller c. Global catalog
b. Domain manager d. DNS server
7. It is a component of Windows Server 2008.
a. Domain controller c. NPAS
b. Active manager d. DNS server

5
8. Provides traditional dial-up remote access to support mobile
users or home users who are dialing in to an organization's intranets
a. Remote Access c. Client
b. DNS d. Server
9. What is the Microsoft implementation of a RADIUS server and Proxy?
a. Active Domain c. DHCP
b. Network Policy Server d. Forest
10. It makes server administration more efficient by allowing administrators to do
tasks in the following table by using a single tool.
a. DHCP Server c. Server Manager
b. FTP Server d. List Server
11. These files are also named unmanaged modules, because they are not created
by using the ASP.NET model.
a. Native Modules c. DNS Server
b. Managed Modules d. Client
12. These modules are created by using the ASP.NET model.
a. Native Modules c. Server
b. Managed Modules d. List Server
13. Operating system designed for the sole purpose of supporting workstations,
database sharing, application sharing and file and printer accessing and sharing
among multiple computers in a network.
a. NOS c. Global catalog
b. Domain manager d. DNS server
14. Database of user accounts and other information that network administrators
use to control access to shared network resources.
a. Domain controller c. NPAS
b. Active manager d. Directory Services
15. What is the highest available forest functional?
a. Windows 2008 c. Windows server 2008
b. Windows server 2003 d. Windows 2009

6
16. These are a method for assigning access rights to specific user accounts and
user groups.
a. Read c. Full control
b. Permission d. Modify
17. Allows you to authenticate to Windows or any other operating system so that you
are granted authorization to use them
a. User group c. Windows server 2008
b. Full control d. User Account
18. It allows reading, writing, changing and deleting of any file and subfolder
a. Permission c. Full Control
b. User group d. Modify
19. Collection of user accounts that share the same security rights and
permissions.
a. Permission c. Administrator
b. User group d. Windows 2009
20. It is part of an access control procedure for computer systems, which allows a
system administrator to set up a hierarchy of users.
a. Windows 2008 c. Windows server 2008
b. User Access Level Configuration d. User Group
21. Hierarchical structure that stores information about objects on the network.
a. Active Directory c. Directory
b. Active Directory Domain Services d. Domain Controller
22. Stores information about user accounts, such as names, passwords, phone
numbers, and so on, and enables other authorized users on the same network to
access this information.
a. Active Directory c. Directory
b. Active Directory Domain Services d. Domain Controller
23. Uses a structured data store as the basis for a logical, hierarchical organization of
directory information.
a. Active Directory c. Directory
b. Active Directory Domain Services d. Domain Controller

7
24. Server that is running a version of the Windows Server® operating system and
has Active Directory® Domain Services installed.
a. Active Directory c. Directory
b. Active Directory Domain Services d. Domain Controller
25. Naming system allows for growth on the Internet and the creation of names that
are unique throughout the Internet and private TCP/IP-based intranets.
a. Zone c. Geographical Domain
b. Organizational Domain d. Domain Name System
26. These are named by using a 3-character code that indicates the primary function
or activity of the organizations contained within the DNS domain.
a. Zone c. Geographical Domain
b. Organizational Domain d. Domain Name System
27. These are named by using the 2-character country/region codes established by
the International Standards Organization (ISO) 3166.
a. Zone c. Geographical Domain
b. Organizational Domain d. Domain Name System
28. Contiguous portion of the DNS namespace.
a. Zone c. Geographical Domain
b. Organizational Domain d. Domain Name System
29. The full consecutive range of possible IP addresses for a network. Scopes
typically define a single physical subnet on your network to which DHCP services
are offered.
a. DHCP c. IPv4
b. DHCP Server d. Scope
30. IP standard for simplifying management of host IP configuration.
a. DHCP c. IPv4
b. DHCP Server d. Scope
31. Service that holds information about available IP addresses and related
configuration information, as defined by the DHCP administrator, and responds to
requests from DHCP clients.
a. DHCP c. IPv4
b. DHCP Server d. Scope

8
32. Most widely deployed version of Internet Protocol which defines an addressing
scheme based on 32-bit addresses.
a. DHCP c. IPv4
b. DHCP Server d. Scope
33. Provides a central location on your network where you can store files and share
them with users across your network.
a. Share and Storage Management c. File Server
b. Namespace d. Disk Management
34. System utility for managing hard disks and the volumes or partitions that they
contain.
a. Share and Storage Management c. File Server
b. Namespace d. Disk Management
35. Enable to group shared folders into one locally structured location.
a. Share and Storage Management c. File Server
b. Namespace d. Disk Management
36. Provides a centralized location for you to manage two important server
resources.
a. Share and Storage Management c. File Server
b. Namespace d. Disk Management
37. Creates a Web site hosted by Internet Information Services.
a. Print Server c. Print and Document Services
b. Print Management d. Internet Printing
38. Helps you monitor print queues and receive notifications when print queues stop
processing print jobs.
a. Print Server c. Print and Document Services
b. Print Management d. Internet Printing
39. Role in Server Manager that enables you to share printers and scanners on a
network, setup print servers and scan servers, and centralize network printer and
scanner management tasks by using the Print Management and Scan
Management Microsoft Console (MMC) snap-ins respectively.
a. Print Server c. Print and Document Services
b. Print Management d. Internet Printing

9
40. Required role service of the Print Services role.
a. Print Server c. Print and Document Services
b. Print Management d. Internet Printing

10
Learning Objectives:
After reading this Information Sheet, the learner is expected to:
a. Identify Network Operating system
b. Enumerate Network Operating system features
c. Explain each features of Network Operating System

A network operating system is an operating system designed for the sole purpose of
supporting workstations, database sharing, application sharing and file and printer
accessing and sharing among multiple computers in a network. It provides services
to clients over a network.
A server is a running instance of an application (software) capable of accepting
requests from the client and giving responses accordingly. Servers can run on any
computer including dedicated computers, which individually are also often referred to
as "the Servers operate within a Servers are computer programs running to serve
the -requests of other programs, the clients. Thus, the server performs some tasks
on behalf of clients. It facilitates the clients to share data, information or any
hardware and software resources. The clients typically connect to the server through
the network but may run on the same computer. In the context of Internet Protocol
(IP) networking, a server is a program that operates as a socket listener. Servers
often provide essential services across a network, either to private users inside a
large organization or to public users via the Internet. Typical computing servers are
database server, file server, mail server, print server, web server, and numerous
systems use this client server networking model including Web sites and email
services. An alternative model, enables all computers to act as either a server or
client as needed. Usage The term server is used quite broadly in information
technology. Despite the many server-branded products available (such as server

11
versions of hardware, software or operating systems), in theory, any computerized
process that shares a resource to one or more client processes is a server.
Network operating systems (NOS) typically are used to run computers that act
as servers. They provide the capabilities required for network operation.

Directory Services
A directory service is a database of user accounts and other information that network
administrators use to control access to shared network resources. When users
connect to a network, they have to be authenticated before they can access network
resources.

Authentication
Authentication is the process of checking the user's credentials (usually a user name
and a password) against the directory. Users that supply the proper credentials are
permitted access according to the permissions specified by the network
administrator. Successful user authentication in a Windows 2000 2003,2008
computing environment consists of separate processes: interactive logon, which
confirms the user's identification to either a domain account or a local computer, and
network authentication, which confirms the- user's identification to any network
service that the user attempts to access.

Windows Server 2008 is designed around certain roles and features. A role is a
primary duty that a server performs. A feature is something that helps a server
perform its primary duty (Windows Backup, network load balancing). Certain roles
are comprised of sub-elements called Role Services, which are distinct units of
functionality.
o The server manager console ​introduced in the full installation of Windows 2008
server r2 made the installation of roles and features straightforward.
o Group Policy Management Console (GPMC) is a scriptable Microsoft
Management Console (MMC) snap-in, providing a single administrative tool for
managing Group Policy across the enterprise. GPMC is the standard tool for
managing Group Policy.

12
 Group Policy Object (GPO) is a collection of settings that define what a system
will look like and how it will behave for a defined group of users. Microsoft
provides a program snap-in that allows you to use the Group Policy Microsoft
Management Console (MMC). The selections result in a Group Policy Object.
The GPO is associated with selected Active Directory containers, such as sites,
domains, or organizational units (OUs). The MMC allows you to create a GPO
that defines registry-based polices, security options, software installation and
maintenance options, scripts options, and folder redirection options.
​Some Features:
● Active Directory Domain Services (AD DS) stores information about users,
computers, and other devices on the network. AD DS helps administrators
securely manage this information and facilitates resource sharing and
collaboration between users. AD DS is also required to be installed on the
network in order to install directory-enabled applications such as Microsoft
Exchange Server and for applying other Windows Server technologies such as
Group Policy.
● DNS Server - Domain Name System (DNS) provides a standard method for
associating names with numeric Internet addresses. This lets users refer to
network computers by using easy-to-remember names instead of a long series
of numbers. Windows DNS services can be integrated with DHCP services,
eliminating the need to add DNS records as computers are added to the
network.
● Dynamic Host Configuration Protocol (DHCP) is responsible for assigning IP
addresses to the computers automatically. IP addresses assigned to the
computers by DHCP server are known as dynamic IP addresses, and the
computers that are configured to obtain the IP addresses automatically from the
DHCP server are called DHCP client computers.
● File Services provides technologies for storage management, file replication,
distributed namespace management, fast file searching, and streamlined client
access to files, such as UNIX-based client computers.
● Print and Document Services enables you to centralize print server and network
printer management tasks. With this role, you can also receive scanned

13
 documents from network scanners, and route the documents to a shared
network resource, a Windows SharePoint Services site, or to e-mail addresses.
● Remote Desktop Services provides technologies that enable users to access
Windows-based programs that are installed on a remote desktop server, or to
access the Windows desktop itself, from almost any computing device. Users
can connect to a remote desktop server to run programs and to use network
resources on that server.

14
 Direction: Write ​T if the statement is TRUE or ​F if it is FALSE. Write the letter of
your answer before each number.

_____1. A server is a running instance of an application (software) capable of

accepting requests from the client and giving responses accordingly.

_____2. Authentication is the process of checking the user's credentials (usually a

user name and a password) against the directory.

_____3. Network operating systems (NOS) typically are used to run computers that
act as client.
_____4. Active Directory Domain Services (AD DS) stores information about users,
computers, and other devices on the network.
_____5. DHCP stands for Dynamic Host Commercial Protocol.

_____6. Users can connect to a remote desktop server to run programs and to use
network resources on that server.
_____7. Client provide essential services across a network, either to private users
inside a large organization or to public users via the Internet.
_____8. File Services provides a standard method for associating names with
numeric Internet addresses

_____9. Domain Name System (DNS) provides a standard method for associating
names with numeric Internet addresses.

_____10. Network operating system ​provides services to clients over a network.

15
Identification: Write your answer on the space provided.

____________1. It stores information about users, computers, and other devices on

the network.

____________2. ​An operating system designed for the sole purpose of supporting

workstations, database sharing, application sharing and file and

printer accessing and sharing among multiple computers in a

network.

____________3. IP addresses assigned to the computers by DHCP server

____________4. The computers that are configured to obtain the IP addresses

automatically from the DHCP server

____________5. It is a scriptable Microsoft Management Console (MMC) snap-in,

providing a single administrative tool for managing Group Policy

across the enterprise

____________6. It enables you to centralize print server and network printer

management tasks.

____________7. It provides technologies for storage management, file replication,

distributed namespace management, fast file searching, and

streamlined client access to files

16
____________8. The process of checking the user's credentials (usually a user
name

and a password) against the directory

____________9. It is a database of user accounts and other information that

network

administrators use to control access to shared network resources

____________10. It provides a standard method for associating names with numeric

Internet addresses

17
Learning Objectives:
After reading this Information Sheet, the learner is expected to:
a. Define user access level configuration
b. Configure user access level
c. Create user account in accordance with network operating systems features

User Access Level Configuration is part of an access control procedure for computer
systems, which allows a system administrator to set up a hierarchy of users. Thus,
the
low level users can access only a limited set of information, whereas the highest
level
users can access the most sensitive data on the system. Also called access rights.

A user account is a collection of settings and information that tells Windows which
files and folders you can access, what you can do on your computer, what are your
preferences, and what network resources you can access when connected to a
network.

The user account allows you to authenticate to Windows or any other operating
system so that you are granted authorization to use them. Multi-user operating
systems such as Windows don’t allow a user to use them without having a user
account.

In Windows, you can manage your computer’s user accounts by going to the
“Control Panel” and then to “User Accounts and Family Safety > User Accounts.”

18
 A user account in Windows is characterized by the following attributes:

● User name – the name you are giving to that account.

● Password – the password associated with the user account (in Windows 7 or older
versions you can also use blank passwords).
● User group – a collection of user accounts that share the same security rights and
permissions. A user account must be a member of at least one user group.
● Type – all user accounts have a type which defines their permissions and what they
can do in Windows.

Windows 7 User Accounts

Windows 7 and earlier versions has three important types of accounts:

19
Administrator

The “Administrator” user account has complete control over the PC. He or she can
install anything and make changes that affect all users of that PC.

Standard

The “Standard” user account can only use the software that’s already installed by the
administrator and change system settings that don’t affect other users.

Guest

The “Guest” account is a special type of user account that has the name Guest and
no password. This is only for users that need temporary access to the PC. This user
can only use the software that’s already installed by the administrator and cannot
make any changes to system settings.

Windows 8 User Accounts

Windows 8 introduces two new types of user accounts, alongside those already in
Windows 7:

20
Microsoft account

Microsoft accounts are user accounts with an associated e-mail address that give
you access to all Microsoft products and services. They always have password that’s
not blank. If you are using an outlook.com e-mail address (let’s say
[email protected]), you have a Microsoft account with that address.

To further complicate things, Microsoft allows people to create Microsoft accounts

using third-party e-mail services like Gmail. To simplify things for you, remember that
you have a Microsoft account when you use an email address to log into Windows or
to any Microsoft product or service.

Microsoft accounts work on multiple systems and devices. Therefore you can use
the same account to log into all your Windows 8.x devices, your Xbox One console
and your Windows Phone. You don’t have to create a separate account for each
device.

Microsoft accounts can be administrators or standard user accounts.

Local account

21
Local accounts are classic user accounts that exist locally and can use blank
passwords. For example, in Windows 7 all user accounts are local accounts. Local
accounts can be administrators or standard user accounts. They work on a single
system only, so if you do have multiple devices, you’ll have to create a separate
account for each.

User accounts provide the added benefit of letting you share the same computer with
several people, while having your own files and settings. Each person accesses his
or her user account without interfering with others.

How to tell them apart?

In Windows 8.x you can quickly differentiate local user accounts from Microsoft
accounts by looking at whether they use an email address or not. Look at the
screenshot below, sharing the Manage Accounts window, which is accessed by
going to “Control Panel > User Accounts and Family Safety > User Accounts >
Manage Accounts.”

The first account, named Ciprian Rusen, is a Microsoft account. All the other user
accounts are local accounts. The Microsoft account is an administrator, which is
marked by the “Administrator” statement beneath its email address. All other user
accounts are standard user accounts because they do not have the “Administrator”
statement.

22
What is a User Group?

As mentioned earlier, the user group is a collection of user accounts that share the
same security rights and permissions.

Keep Reading…

Windows has a long list of predefined user groups which includes “Administrators”
and “Users.” However, most predefined user groups do not have user accounts until
the administrator or third-party apps start customizing them. User groups can also be
created by third-party software and services like virtual machines which create
hidden user accounts and groups in order to provide different features or services.

A user account is a member of at least one user group while some user accounts are
members of two groups or more, depending on how they are set.

For example, all user accounts that are set as administrators will be part of the
“Administrators” group. Standard user accounts are part of the “Users” group.
However, both types of user accounts will become members of the “HomeUsers”
group, when you start using the Homegroup networking feature in Windows.

User groups are managed automatically by Windows and you won’t need to fiddle
with them, even though you can if you are an administrator. This concept is

23
 important so that you better understand how file sharing works, how permissions are
assigned, etc.

What are File & Folder Permissions?

Permissions are a method for assigning access rights to specific user accounts and
user groups. Through the use of permissions, Windows defines which user accounts
and user groups can access which files and folders, and what they can do with them.
To put it simply, permissions are the operating system’s way of telling you what you
can or cannot do with a file or folder.

To learn the permissions of any folder, right click on it and select “Properties.” In the
Properties window, go to the Security tab. In the “Group or user names” section you
will see all the user accounts and use groups that have permissions to that folder. If
you select a group or a user account, then see its assigned permissions, in the
“Permissions for Users” section.

In Windows, a user account or a user group can receive one of the following
permissions to any file or folder:

● Read – allows the viewing and listing of a file or folder. When viewing a folder, you
can view all its files and subfolders.

24
● Write – allows writing to a file or adding files and subfolders to a folder.
● List folder contents – this permission can be assigned only to folders. It permits the
viewing and listing of files and subfolders, as well as executing files that are found in
that folder.
● Read & execute – permits the reading and accessing of a file’s contents as well as
its execution. When dealing with folders, it allows the viewing and listing of files and
subfolders, as well as the execution of files.
● Modify – when dealing with files, it allows their reading, writing and deletion. When
dealing with folders, it allows the reading and writing of files and subfolders, plus the
deletion of the folder.
● Full control – it allows reading, writing, changing and deleting of any file and
subfolder.

Generally, files inherit the permissions of the folder where they are placed, but users
can also define specific permissions that are assigned only to a specific file. To make
your computing life simpler, it is best to edit permissions only at a folder level.

Why are Permissions Important to Sharing in Windows?

Permissions are important because when you share something in Windows, you
actually assign a set of permissions to a specific user account or user group. A
shared folder can only be accessed by someone with a user account that has the
permission to access that folder.

For example, when using the Sharing Wizard, you choose the user name or the user
group and then one of these two permission levels:

● Read/Write – it is the equivalent of the “Modify” permission level.

● Read – it is the equivalent of the “Read & execute” permission level.

25
 When using the Sharing Wizard you will also see a permission level named “Owner.”
This is not a permission level per-se. It just signals that the folder you are about to
share is owned by the user account for which you see this entry. An owner has full
control over that folder. You will learn more about the Sharing Wizard and how to
use it in lesson 6.

When using advanced sharing, you can assign one of these three permission levels:

● Full Control – it allows reading, writing, changing, and deleting of any file and
subfolder.
● Change – it is the equivalent of the ​Modify​ permission level.
● Read – it is the equivalent of the ​Read & execute​ permission level.

26
 When sharing resources with the network, you will encounter a special group that’s
named “Everyone.” This user group stands for anyone with or without a user account
on the computer who is sharing the resource with the network. As you will learn in
future lessons, this user group is very useful when you have a network with very
diverse devices and operating systems. Advanced sharing will be explained in detail,
in lesson 7.

Why is it Useful to Use a Microsoft Account in Your Network?

Using a Microsoft account has both benefits (e.g. the ability to sync all your apps and
settings across multiple devices) and downsides (e.g. you will give more data to
Microsoft). From a network sharing perspective, using a Microsoft account can be
useful if you have a network with many PCs and devices with Windows 8.x:

● You log in with the same Microsoft account on all your devices, using the same
credentials.
● You don’t have to create separate local accounts on each computer or device with
Windows 8.x.
● Setting up permissions when sharing is easier because you don’t have to deal with
multiple local user accounts.

27
● Accessing network shares is also easier because you log in with the same user
account everywhere and you can quickly access everything that’s shared with it.

Source: http://www.businessdictionary.com/definition/system-access-level.html

https://www.howtogeek.com/school/windows-network-sharing/lesson1/

Note:

If "Access permissions" are granted to users who are registered to computers,

they are authorized to operate folders and files.
There are two types of access permissions:
● Network-level access permission
This is to control users who access to the shared folder over the network.
● Local-level access permission
This is to control users who access folders by logging on to their computers.
The local-level access permission can be set only when the drive in which folders
are located is formatted in NTFS.
Shared Folder without Access Control
In Windows Server 2008, you can use the special folder named "Public folder,"
which allows files to be shared with other users on the same network. Using the
Public folder, you can set up a shared folder without access control.
NOTE:
By default, the Public folder is created in the [Users] folder, on the drive (e.g. C
drive) Windows Vista is installed on.
Example: \Public\share
For Windows Server 2008 users

Sharing the Public folder

1. On the [Start] menu, select [Control Panel] to open [Control Panel] window.
2. Click [Set up file sharing] to open the [Network and Sharing Center] window.

28
3. In the [Network and Sharing Center] window, click the downwards arrow next to
[Public folder sharing].

4. Select [Turn on sharing so anyone with network access can open, change, and
create files], and then click [Apply].

29
NOTE:
● Do not select [Turn on sharing so anyone with network access can open files].
Otherwise, you will not be able to store a document scanned with this machine
in a shared folder.
● If the [User Account Control] dialog box appears in Windows Server 2008, click
[Continue].
5. Click the downwards next to [Password protected sharing].

6. Check [Turn off password protected sharing], and then click [Apply].

30
NOTE:
If the [User Account Control] dialog box appears in Windows Server 2008, click
[Continue].
For Windows Server 2008 R2 users

Sharing the Public folder

1. On the [Start] menu, select [Control Panel] to open [Control Panel] window.
2. Click [View network status and tasks] to open the [Network and Sharing Center]
window.

31
3. Click [Change advanced sharing settings] in the [Network and Sharing Center]
window.

4. In the [Advanced sharing settings] window, under [Public folder sharing], select
[Turn on sharing so anyone with network access can read and write files in the
Public folders].

32
5. Under [Password protected sharing], select [Turn off password protected sharing],
and then click [Save changes].

Creating a folder to store a file

33
You can store a file in the first level of the Public folder. This section describes the
procedure for creating a new folder in which to store a file in the Public folder.
1. Display the Public folder in Windows Explorer, etc.
2. Create a new folder in the Public folder.

NOTE:
It is recommended that you write down the folder name you created here.
Shared Folder with Access Control

Creating a User Account for Accessing a Shared Folder

You need to create user accounts for users who access the shared folder in
advance. This section describes the procedure for creating a new account on your
computer.
NOTE:
Even if you do not create a new account by following the procedures below, you
can add a pre-registered account for users who are permitted to access the
shared folder. In such case, you need to create a password if one has not been
set for the pre-registered account. Once the password is created, the user is
prompted to type it when he/she logs on to a computer.
1. On the [Start] menu, select [Control Panel] to open [Control Panel] window.
2. Click [Add or remove user accounts].

34
3. In the [Manage Accounts] dialog box, click [Create a new account].

4. In the [Create New Account] dialog box, enter the user name, check [Standard
user], and then click [Create Account].

35
NOTE:
● The user name must be up to 20 alphanumeric characters long.
● It is recommended that you write down the user name you created here.
5. Click the user name created in step 4, and then click [Create a password].

6. In the [Create Password] dialog box, type the password in two boxes, and then
click [Create password].

36
NOTE:
● The password must be up to 14 alphanumeric characters long.
● It is recommended that you write down the password you created here.
7. Close the [Change an Account] dialog box.

Setting a Shared Folder and Access Permissions

Once you create the account on your computer, create a shared folder. Add the
created account to the shared folder as a user who is permitted to access that folder.
Set the permission which allows the user to access the folders as well.
NOTE:
If "Access permissions" are granted to users who are registered for computers,
they are authorized to operate folders and files.
This section describes the procedure for granting FULL Control permission to the
"Everyone" account so that any user can access the shared folder.
There are two types of access permissions:
● Network-level access permission
This is to control users who access to the shared folder over the network.
● Local-level access permission
This is to control access to folders by users who are logged on to the computer.
The local-level access permission can be set only when the drive in which folders
are located is formatted in NTFS.
The [File Sharing] dialog box is used to set up the access permissions. The
network-level and local-level access permissions for a user will be set
simultaneously when you select a permission level in the [File Sharing] dialog box.

37
For Windows Server 2008 users
1. Create a folder in any drive.
It is recommended to create the folder in a place where users can find it easily, such
as the first level in C drive.
Ex) C:\share
2. Right-click the created folder.
3. Select [Share...] to open the [File Sharing] dialog box.

4. Click [ ] on the left side of [Add], and select the user

38
5. Click [Add].

6. Select the added user. Select the [Contributor] or [Co-owner] check box. Click
[Share].

39
● If the [User Account Control] dialog box appears in Windows Server 2008, click
[Continue].
● Access permissions in Windows Server 2008
- Reader: A reader can only view shared files.
- Contributor: A contributor can create, alter and delete shared files, but not alter
access permissions.
- Co-owner: A co-owner can perform all file operations including creating, altering,
deleting shared files and altering access permissions.
7. Click [Done] to close the [File Sharing] dialog box.

For Windows Server 2008 R2 users

40
1. Create a folder in any drive.
It is recommended to create the folder in a place where users can find it easily, such
as the first level in C drive.
Ex) C:\share
NOTE:
It is recommended that you write down the folder name you created here.
2. Right-click the created folder.
3. Select [Share with], and then select [Specific people...] to open the [File Sharing]
dialog box.

4. Click [ ] on the left side of [Add], and then select the user.

41
5. Click [Add].

6. Select the added user. Select the [Read/Write] check box. Click [Share].

42
NOTE:
Access permissions in Windows Server 2008 R2
- Read: "Read" can only view shared files.
- Read/Write: "Read/Write" can create, alter and delete shared files, but not alter
access permissions.
7. Click [Done] to close the [File Sharing] dialog box.

Sources: ​https://support.usa.canon.com/kb/index?page=content&id=ART108077

43
Direction: Match column A with the correct answer on column B. Write only the letter

on the space provided before each number.

COLUMN A COLUMN B

___1. These are a method for assigning access A. user account

rights to specific user accounts and user groups.

___2. Allows you to authenticate to Windows B. user group

or any other operating system so that you

are granted authorization to use them

___3. It allows reading, writing, changing and deleting C. permission

of any file and subfolder

___4. ​A collection of user accounts that share the same D. full control

security rights and permissions​.

___5. It is part of an access control procedure for computer E. user access

systems, which allows a system administrator configuration

to set up a hierarchy of users.

44
A. Direction: Answer the given questions. Write your answer on the separate answer
sheet.

1. What is user access configuration level?

2. What are the two types of access permission? (2pts)

3. Why are Permissions Important to Sharing in Windows?

4. What are File & Folder Permissions?

B. Arrange the following steps by putting number (1-7) on the space provided.

* For Windows Server 2008 R2 users

_____ Click [View network status and tasks] to open the [Network and Sharing

Center] window.

_____ Click [Change advanced sharing settings] in the [Network and Sharing

Center] window.

_____ In the [Advanced sharing settings] window, under [Public folder sharing],

select [Turn on sharing so anyone with network access can read and write

files in the Public folders].

_____ On the [Start] menu, select [Control Panel] to open [Control Panel] window.

_____ Under [Password protected sharing], select [Turn off password protected

sharing], and then click [Save changes].

45
Learning Objectives:
After reading this Information Sheet, the learner is expected to:
a. Understand network policies and services
b. Install network policies and services
c. Value the importance of network security policy

Network Policy and Access Services​ (NPAS) is a component of ​Windows Server

2008​. It replaces the ​Internet Authentication Service​ (IAS) from ​Windows Server
2003​.
NPAS helps you safeguard the health and security of a network.
The Network Policy Server is the core component of a NAP deployment. It is used
to manage network access through the VPN server, RADIUS servers, and other
points of access to the network. Depending on your network environment, you may
deploy multiple NPS servers.

Network Policy and Access Services provides the following network connectivity
solutions:

● Network Access Protection (NAP). NAP is a client health policy

creation, enforcement, and remediation technology that is included in
the Windows Vista® client operating system and in the
Windows Server® 2008 operating system. With NAP, system
administrators can establish and automatically enforce health policies,
which can include software requirements, security update
requirements, required computer configurations, and other settings.
Client computers that are not in compliance with health policy can be
provided restricted network access until their configuration is updated

46
 and brought into compliance with policy. Depending on how you
choose to deploy NAP, noncompliant clients can be automatically
updated so that users can quickly regain full network access without
manually updating or reconfiguring their computers.

● Secure wireless and wired access. When you deploy 802.1X wireless
access points, secure wireless access provides wireless users with a
secure password-based authentication method that is easy to deploy.
When you deploy 802.1X authenticating switches, wired access allows
you to secure your network by ensuring that intranet users are
authenticated before they can connect to the network or obtain an IP
address using DHCP.

● Remote access solutions. With remote access solutions, you can

provide users with virtual private network (VPN) and traditional dial-up
access to your organization's network. You can also connect branch
offices to your network with VPN solutions, deploy full-featured
software routers on your network, and share Internet connections
across the intranet.

● Central network policy management with RADIUS server and proxy.

Rather than configuring network access policy at each network access
server, such as wireless access points, 802.1X authenticating
switches, VPN servers, and dial-up servers, you can create policies in
a single location that specify all aspects of network connection
requests, including who is allowed to connect, when they can connect,
and the level of security they must use to connect to your network.

Role services for Network Policy and Access Services

When you install Network Policy and Access Services, the following role services are
available:

● Network Policy Server (NPS)​. NPS is the Microsoft implementation of

a RADIUS server and proxy. You can use NPS to centrally manage

47
network access through a variety of network access servers, including
wireless access points, VPN servers, dial-up servers, and 802.1X
authenticating switches. In addition, you can use NPS to deploy secure
password authentication with Protected Extensible Authentication
Protocol (PEAP)-MS-CHAP v2 for wireless connections. NPS also
contains key components for deploying NAP on your network.

The following technologies can be deployed after the installation of the

NPS role service:

● NAP health policy server​. When you configure NPS as a NAP

health policy server, NPS evaluates statements of health (SoH)
sent by NAP-capable client computers that want to
communicate on the network. You can configure NAP policies
on NPS that allow client computers to update their configuration
to become compliant with your organization's network policy.

● IEEE 802.11 Wireless​. Using the NPS MMC snap-in, you can
configure 802.1X-based connection request policies for IEEE
802.11 wireless client network access. You can also configure
wireless access points as Remote Authentication Dial-In User
Service (RADIUS) clients in NPS, and use NPS as a RADIUS
server to process connection requests, as well as perform
authentication, authorization, and accounting for 802.11 wireless
connections. You can fully integrate IEEE 802.11 wireless
access with NAP when you deploy a wireless 802.1X
authentication infrastructure so that the health status of wireless
clients is verified against health policy before clients are allowed
to connect to the network.

● IEEE 802.3 Wired​. Using the NPS MMC snap-in, you can
configure 802.1X-based connection request policies for IEEE
802.3 wired client Ethernet network access. You can also
configure 802.1X-compliant switches as RADIUS clients in NPS,
48
 and use NPS as a RADIUS server to process connection
requests, as well as perform authentication, authorization, and
accounting for 802.3 Ethernet connections. You can fully
integrate IEEE 802.3 wired client access with NAP when you
deploy a wired 802.1X authentication infrastructure.

● RADIUS server​. NPS performs centralized connection

authentication, authorization, and accounting for wireless,
authenticating switch, and remote access dial-up and VPN
connections. When you use NPS as a RADIUS server, you
configure network access servers, such as wireless access
points and VPN servers, as RADIUS clients in NPS. You also
configure network policies that NPS uses to authorize
connection requests, and you can configure RADIUS accounting
so that NPS logs accounting information to log files on the local
hard disk or in a Microsoft® SQL Server™ database.

● RADIUS proxy​. When you use NPS as a RADIUS proxy, you

configure connection request policies that tell the NPS server
which connection requests to forward to other RADIUS servers
and to which RADIUS servers you want to forward connection
requests. You can also configure NPS to forward accounting
data to be logged by one or more computers in a remote
RADIUS server group.

● Routing and Remote Access​. With Routing and Remote Access, you
can deploy VPN and dial-up remote access services and multiprotocol
LAN-to-LAN, LAN-to-WAN, VPN, and network address translation
(NAT) routing services.

The following technologies can be deployed during the installation of

the Routing and Remote Access role service:

49
 ● Remote Access Service​. Using Routing and Remote Access,
you can deploy Point-to-Point Tunneling Protocol (PPTP),
Secure Socket Tunneling Protocol (SSTP), or Layer Two
Tunneling Protocol (L2TP) with Internet Protocol security (IPsec)
VPN connections to provide end users with remote access to
your organization's network. You can also create a site-to-site
VPN connection between two servers at different locations.
Each server is configured with Routing and Remote Access to
send private data securely. The connection between the two
servers can be persistent (always on) or on-demand
(demand-dial).

Remote Access also provides traditional dial-up remote access

to support mobile users or home users who are dialing in to an
organization's intranets. Dial-up equipment that is installed on
the server running Routing and Remote Access answers
incoming connection requests from dial-up networking clients.
The remote access server answers the call, authenticates and
authorizes the caller, and transfers data between the dial-up
networking client and the organization intranet.

● Routing​. Routing provides a full-featured software router and an open

platform for routing and internetworking. It offers routing services to
businesses in local area network (LAN) and wide area network (WAN)
environments.

Health Registration Authority (HRA)​. HRA is a NAP component that

issues health certificates to clients that pass the health policy
verification that is performed by NPS using the client SoH. HRA is used
only with the NAP IPsec enforcement method.

● Host Credential Authorization Protocol (HCAP)​. HCAP allows you

to integrate your Microsoft NAP solution with Cisco Network Access

50
 Control Server. When you deploy HCAP with NPS and NAP, NPS can
perform client health evaluation and the authorization of Cisco 802.1X
access clients.

Managing the Network Policy and Access Services server role

The following tools are provided to manage the Network Policy and Access Services
server role:

● NPS MMC snap-in​. Use the NPS MMC to configure a RADIUS server,
RADIUS proxy, or NAP technology.

● Netsh commands for NPS​. The Netsh commands for NPS provide a
command set that is fully equivalent to all configuration settings that
are available through the NPS MMC snap-in. Netsh commands can be
run manually at the Netsh prompt or in administrator scripts.

● HRA MMC snap-in​. Use the HRA MMC to designate the certification
authority (CA) that HRA uses to obtain health certificates for client
computers and to define the NPS server to which HRA sends client
SoHs for verification against health policy.

● Netsh commands for HRA​. The Netsh commands for HRA provide a
command set that is fully equivalent to all configuration settings that
are available through the HRA MMC snap-in. Netsh commands can be
run manually at the Netsh prompt or in administrator-authored scripts.

● NAP Client Management MMC snap-in​. You can use the NAP Client
Management snap-in to configure security settings and user interface
settings on client computers that support the NAP architecture.

● Netsh commands for configuring NAP client settings​. The Netsh

commands for NAP client settings provide a command set that is fully
equivalent to all configuration settings that are available through the
NAP Client Management snap-in. Netsh commands can be run
manually at the Netsh prompt or in administrator-authored scripts.

51
● Routing and Remote Access MMC snap-in​. Use this MMC snap-in to
configure a VPN server, a dial-up networking server, a router, NAT,
VPN and NAT, or a VPN site-to-site connection.

● Netsh commands for remote access​. The Netsh commands for

remote access provide a command set that is fully equivalent to all
remote access configuration settings that are available through the
Routing and Remote Access MMC snap-in. Netsh commands can be
run manually at the Netsh prompt or in administrator scripts.

● Netsh commands for routing​. The Netsh commands for routing

provide a command set that is fully equivalent to all routing
configuration settings that are available through the Routing and
Remote Access MMC snap-in. Netsh commands can be run manually
at the Netsh prompt or in administrator scripts.

● Wireless Network (IEEE 802.11) Policies - Group Policy

Management Console (GPMC)​. The Wireless Network (IEEE 802.11)
Policies extension automates the configuration of wireless network
settings on computers with wireless network adapter drivers that
support the Wireless LAN Autoconfiguration Service (WLAN Autoconfig
Service). You can use the Wireless Network (IEEE 802.11) Policies
extension in the Group Policy Management Console to specify
configuration settings for either or both Windows XP and
Windows Vista wireless clients. Wireless Network (IEEE 802.11)
Policies Group Policy extensions include global wireless settings, the
list of preferred networks, Wi-Fi Protected Access (WPA) settings, and
IEEE 802.1X settings.

When configured, the settings are downloaded to Windows wireless

clients that are members of the domain. The wireless settings
configured by this policy are part of the Computer Configuration Group
Policy. By default, Wireless Network (IEEE 802.11) Policies are not
configured or enabled.
52
 ● Netsh commands for wireless local area network (WLAN)​. Netsh
WLAN is an alternative to using Group Policy to configure
Windows Vista wireless connectivity and security settings. You can use
the Netsh wlan commands to configure the local computer, or to
configure multiple computers using a logon script. You can also use the
Netsh wlan commands to view wireless Group Policy settings and
administer Wireless Internet Service Provider (WISP) and user wireless
settings.

● Wired Network (IEEE 802.3) Policies - Group Policy Management

Console (GPMC)​. You can use the Wired Network (IEEE 802.3)
Policies to specify and modify configuration settings for Windows Vista
clients that are equipped with network adapters and drivers that
support Wired AutoConfig Service. Wireless Network (IEEE 802.11)
Policies Group Policy extensions include global wired and IEEE 802.1X
settings. These settings include the entire set of wired configuration
items associated with the ​General​ tab and the ​Security​ tab.

Using NPS as a RADIUS server

You can use NPS as a RADIUS server when:

● You are using an AD DS domain or the local SAM user accounts database as
your user account database for access clients.
● You are using Remote Access on multiple dial-up servers, VPN servers, or
demand-dial routers and you want to centralize both the configuration of
network policies and connection logging and accounting.
● You are outsourcing your dial-up, VPN, or wireless access to a service
provider. The access servers use RADIUS to authenticate and authorize
connections that are made by members of your organization.
● You want to centralize authentication, authorization, and accounting for a
heterogeneous set of access servers.

53
The following illustration shows NPS as a RADIUS server for a variety of access
clients.

The following illustration shows NPS as a RADIUS proxy between RADIUS clients
and RADIUS servers.

With NPS, organizations can also outsource remote access infrastructure to a

service provider while retaining control over user authentication, authorization, and
accounting.

NPS configurations can be created for the following scenarios:

54
 ● Wireless access
● Organization dial-up or virtual private network (VPN) remote access
● Outsourced dial-up or wireless access
● Internet access
● Authenticated access to extranet resources for business partners

Source:
http://techgenix.com/understanding-configuring-network-policy-access-services-server-2012-
part1/

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server
2012-r2-and-2012/hh831683(v=ws.11)
http://winintro.ru/nas.en/

55
Multiple Choice. Encircle the letter of the correct answer.

1. A window Server 2008 computer that has been configured with the Active

Directory DS role is referred to as

a. Domain controller c. Global catalog

b. Domain manager d. DNS server

2. It is a component of Windows Server 2008.

a. Domain controller c. NPAS

b. Active manager d. DNS server

3. What is the highest available forest functional?

a. Windows 2008 c. Windows server 2008

b. Windows server 2003 d. Windows 2009

4. It is also provides traditional dial-up remote access to support mobile

users or home users who are dialing in to an organization's intranets

a. Remote Access c. Client

b. DNS d. Server

5. What ​is the Microsoft implementation of a RADIUS server and

Proxy?

56
 a. Active Domain c. DHCP
b. Network Policy Server d. Forest

Direction: Answer the given questions below. Write your answer on the space
provided.

1-2. What are the role services available when you install NPAS?
_________________________________________________
_________________________________________________

3-7 What are the tools provided in managing NPAS?

_________________________________________________
_________________________________________________
_________________________________________________
_________________________________________________
_________________________________________________

8-10 A​fter the installation of the NPS role service, what are the

​technologies can be deploy?

_________________________________________________
_________________________________________________
_________________________________________________

57
Direction: Explain the difference of the two (2) given illustration. (10pts)

Illustration 1

Illustration 2

58
Learning Objectives:​ After reading this Information Sheet, the learner is expected
to:
a. Understand peer to peer networking
b. Create peer to peer server
c. Value the importance of peer to peer network access

In a peer-to-peer (P2P) network, the "peers" are computer systems which are
connected to each other via the Internet. Files can be shared directly between
systems on the network without the need of a central server. In other words, each
computer on a P2P network becomes a file ​server​ as well as a client.

Once connected to the network, P2P software allows you to search for files on other
people's computers. Meanwhile, other users on the network can search for files on
your computer, but typically only within a single folder that you have designated to
share. While P2P networking makes file sharing easy and convenient, is also has led
to a lot of software piracy and illegal music downloads. Therefore, it is best to be on
the safe side and only download software and music from legitimate websites.

Create peer to peer Server

59
 o Computer Name→ IP Address→ Subnet Mask→ Primary DNS Server→ Test
Network Connection using PING

PEER TO PEER METWORK SHARING

Step 1: Navigate to the Desktop. Open command prompt and then use the
command <cd Desktop> to change into the desktop directory. This step is simply for
convenience so that it is easier to find the folder you're going to be working with .
You can open command prompt by clicking on the windows button at the bottom left
and tying <cmd>.

60
Step 2: Create Your Folder

Use the command <md *folder name*> . Make sure that it is visible on your desktop.
The command md allows you to create a new folder. After tying md press space and
type the name of the folder you want to create. If the folder has more than one word
in the name make sure to put the name in quotation marks.

Step 3: Navigate to the Folder and Open the Properties

Open the file explorer and go under the Desktop section. Left-click then right-click on
the folder. The left-click highlights the folder, and the right-click opens a menu of
options. Once the menu of options pops up click on the properties. When you open
the properties window go to the sharing section.

61
Step 4: Choose Who You Want to Share With.

Type <Everyone> and click add. Once you're done with that click share and then go
to the advanced sharing.The default setting for the folder is set to only read. This
means that if a person accesses the folder they will only be able to view the files and
not actually be able to write to the folder.

62
Step 5: Sharing the Folder

Press the box that lets you share the folder and then go into the permissions section.

Step 6: Permissions

Make sure to give full control to the people that have access to the shared folder.
Click Apply then click OK. Once you press OK you'll be back at the advanced
sharing page. Press Apply and OK on that page too.

63
Step 7: Open Control Panel

Navigate into the control panel and click on the Network and Internet section.

Step 8: Network and Sharing

Navigate into the Network and Sharing section.

64
Step 9: Advanced Sharing

Navigate to the advanced sharing settings.

Step 10: Choose Home and Work / Public

There are many settings that need to be changed in both of the options.

65
Step 11: Select All Options

There are going to be many options, the ones you need for the sharing to work are
pretty common sense like making sure that your device is allowed to be discovered.
And turn off password protected sharing.

66
Step 12: Go Into Network

Go onto another computer and open the file explorer. Go into the Network section
found on the left hand side at the bottom.

Step 13: Find the Device

Find the original device that the file was shared from.

67
Step 14: Find the Folder That Was Shared

Once you click on the device you will find all the files that were shared from it. You
can tell that the folder is shared over the network because it has the green
crossroads looking thing under its name.

Source: ​https://techterms.com/definition/p2p

https://www.instructables.com/id/Peer-to-Peer-Network-Sharing/

68
Direction: Arrange the following steps on peer to peer networking by putting number
(1-15) on the space provided.

____ Go Into Network. Go onto another computer and open the file explorer. Go into
The Network section found on the left hand side at the bottom.
____ Create Your Folder. Use the command <md *folder name*> . Make sure that it
is visible on your desktop. The command md allows you to create a new
folder.
____ Navigate to the Desktop. Open command prompt and then use the command
<cd Desktop> to change into the desktop directory.
____ Open Control Panel. Navigate into the control panel and click on the Network
and Internet section.
____ Choose Who You Want to Share With.Type <Everyone> and click add. Once
you're done with that click share and then go to the advanced sharing
____ Find the original device that the file was shared from.
____ Navigate to the Folder and Open the Properties
____ Find the Folder That Was Shared
____ Select All Options ​and turn off password protected sharing

____ Navigate to the advanced sharing settings.

____ Network and sharing. Navigate into the Network and Sharing section
____ Choose Home and Work / Public
____ Permissions. Make sure to give full control to the people that have access to
the
shared folder. Click Apply then click OK.
____ Sharing the folder. Press the box that lets you share the folder and then go into
the permissions section.
____ You can tell that the folder is shared over the network because it has the green

69
 crossroads looking thing under its name.

A. Direction: Explain concisely the illustration below about Networking. (5pts)

__________________________________________________________________

___________________________________________________________________

___________________________________________________________________

___________________________________________________________________

B. Arrange the steps in creating peer to peer Server. Write the correct sequence on
the space provided.

Computer Name→ 1. ____________

70
IP Address→ 2. ____________
Subnet Mask→ 3. ____________
Test Network Connection using PING→ 4. ____________
Primary DNS Server→ 5. ____________

Learning Objectives:
After reading this Information Sheet, the learner is expected to:
a. Understand server function
b. Configure server manager
c. Appreciate the importance of server function

Server is a computer program that provides a service to another computer programs

and their users. A physical computer which runs a server programme is frequently
refer to as a ​SERVER​. Servers perform various essential tasks and activities that is
a very crucial thing of any organization's IT infrastructure. The many complex
processes that take place during an activity, for example a security and
authentication to billing and orders, the purchase could not take place without
several powerful servers handling the load hence servers are very much important
for any organisation.

Functions of Server:
The main and important function of a server is to listen in on a port for incoming
network requests, and a good demonstration of this is the interaction between a Web
server and browser. For a user the process is instantaneous, but when he clicks a
link while surfing on the Web, several things are taking place behind the scenes like
the request for the Web page is transmitted to the corresponding web server, and
the server fetches and assembles the Web page and retransmits it using a protocol
like HTTP, and, the user's browser receives the data, converts it, and displays the
page.

Types of Servers

71
There are mainly three types of Server Hardware are as given below.

1. Tower server
It is a computer intended for use as a server that built in an upright cabinet that
stands alone. The cabinet is called a tower which is similar in size and shape to the
cabinet for a tower-style personal computer.

2. Rack server
A rack server, is a rack-mounted server and a computer dedicated server to use as a
server and designed to be installed in a framework called a rack. The rack contains
multiple mounting slots, each designed to hold a hardware unit secured in place with
screws.

3. Blade server

Blade server is a server architecture that houses multiple server modules in a single
chassis. It is widely used to improve system management and either self-standing or
rack mounted, the chassis provides the power supply, and each blade has its own
CPU, RAM and storage.

There are some common servers used by organizations are mention below.

1. Proxy server

It is a server that is called a computer, acts as an intermediary between the user's

computer and the Internet and allows client computers to make indirect network
connections to other network services.

2. Mail server

A mail server is a computer system that sends and receives email using standard
email services protocols like the SMTP protocol that sends messages and handles
outgoing mail requests.

72
3. DNS name

It is a program that uses HTTP to serve the files that form Web pages to users, in
response to their requests. Dedicated computers and appliances are may be called
as Web servers.

4. Application server

This type of server is acts as a set of components accessible to the software

developer through a standard API defined for the platform itself. These are usually
performed in the same running environment as their web server(s), and their main
work is to support the construction of dynamic pages.

5. Active Directory Server

Active Directory (AD) is consists of several services that run on Windows Server to
manage permissions and access to networked resources. AD stores data as objects
and it is a single element, such as a user, group, application or device, such as a
printer. These objects are normally defined as either resources like printers or
computers or security principals such as users or groups.

6. DHCP SERVER

Here DHCP stands for a dynamic host configuration protocol. Which is a network
protocol used on IP networks where it is automatically assigns an IP address and
other information to each host on the network hence it can communicate efficiently
with other endpoints.

7. DNS SERVER

DNS stands for Domain Name System. It is the Internet's system for converting
alphabetic names into numeric IP addresses for example, when a URL is typed into
a browser, DNS servers return the IP address of the Web server associated with that
name.

73
8. Terminal Server

A terminal server is a network device that enables connections to multiple client

server network systems and connect to a LAN network. Microsoft introduced this
concept by releasing terminal services as a part of the Windows Server OS.

9. Print Server

It is also called as printer server, which is a device that connects printers to client
computers over a network. Print server accepts print jobs from the computers and
sends the jobs to the appropriate printers.

10. Real-time communication server

It is a term used for any live telecommunications that occur without transmission
delays and it is nearly instant with minimal latency. RTC (Real-time communication
server) data and messages are not stored between transmission and reception.

11. FTP server

It is a network protocol used to move computer files between a client and server.
FTP (File Transfer Protocol) is built on a client-server model architecture using
separate control and data connections between the client and the server.

12. List Server

It is a Server or a server program that handles subscription requests for a mailing list
and distributes new messages and other postings from the list's members to the
entire list of subscribers.

13. Telnet Server

It is a network text-only protocol that offers bidirectional interactive communications

facility using virtual terminal connection. Telnet allows connecting to a remote
computer over Internet and using programs and data as if they were on your local
machine.

74
14. Open Source Server

It is a program whose source code is made available to use or modification as users

where open source software is always developed as a public collaboration and made
freely available.

How Does A Server Works?

In Networking, Servers are named depending on what they serve. It is referred to a
system which is capable of serving contents and many important things. The system
may be running windows, Linux or other operating systems. Take an example, web
server can be running windows, Linux or any other OS depending on your choice.
After choosing the operating system for the web server then you can install the
software needed for that system to be web server.

Configuring Your Server

After you’ve installed Windows Server 2008, the computer automatically reboots,
and you’re presented with the Initial Configuration Tasks Wizard. This wizard guides
you through the most important initial tasks for configuring your new server.

75
The following list describes the server configuration settings available from this
wizard:

● Set the Administrator Password: The very first thing you should do after
installing Windows is set a secure administrator password.

● Set the Time Zone: This is necessary only if the indicated time zone is
incorrect.

● Configure Networking: The default network settings are usually

appropriate, but you can use this option to change the defaults if you
wish.

● Provide Computer Name and Domain: This option lets you change the
server’s computer name and join a domain.

● Enable Automatic Updating: Use this option if you want to let the server
automatically check for operating system updates.

● Download and Install Updates: Use this option to check for critical
operating system updates.

76
 ● Add Roles: This option launches the Add Roles Wizard, which lets you
configure important roles for your server.

● Add Features: This option lets you add more operating system
features.

● Enable Remote Desktop: Use this option to enable the Remote

Desktop feature, which lets you administer this server from another
computer.

● Configure Windows Firewall: If you want to use the built-in Windows

firewall, this option lets you configure it.

Server Manager is a management console in Windows Server that helps IT

professionals provision and manage both local and remote Windows-based servers
from their desktops, without requiring either physical access to servers, or the need
to enable Remote Desktop protocol (rdP) connections to each server. Although
Server Manager is available in Windows Server 2008 R2 and Windows Server 2008,
Server Manager was updated in Windows Server 2012 to support remote,
multi-server management, and help increase the number of servers an administrator
can manage.

In our tests, Server Manager in Windows Server 2016, Windows Server 2012 R2,
and Windows Server 2012 can be used to manage up to 100 servers, depending on
the workloads that the servers are running. The number of servers that you can
manage by using a single Server Manager console can vary depending on the
amount of data that you request from managed servers, and hardware and network
resources available to the computer running Server Manager. As the amount of data
you want to display approaches that computer's resource capacity, you can
experience slow responses from Server Manager, and delays in the completion of
refreshes. To help increase the number of servers that you can manage by using
Server Manager, we recommend limiting the event data that Server Manager gets
from your managed servers, by using settings in the ​Configure Event Data​ dialog
box. Configure Event Data can be opened from the ​Tasks​ menu in the ​Events​ tile.

77
To start Server Manager on a client computer

1. Follow instructions in ​Remote Server Administration Tools​ to install Remote

Server Administration Tools for Windows 10.
2. On the ​start​ screen, click ​Server Manager​. The ​Server Manager​ tile is
available after you install Remote Server Administration Tools.
3. if neither the ​Administrative Tools​ nor the ​Server Manager​ tiles are displayed
on the ​start​ screen after installing Remote Server Administration Tools, and
searching for Server Manager on the ​start​ screen does not display results,
verify that the ​Show administrative tools​ setting is turned on. To view this
setting, hover the mouse cursor over the upper right corner of the ​start​ screen,
and then click ​Settings​. If ​Show administrative tools​ is turned off, turn the
setting on to display tools that you have installed as part of Remote Server
Administration Tools.

Important

By default, Server Manager and Windows PowerShell remote management is

enabled in Windows Server 2016.

To perform management tasks on remote servers by using Server Manager, remote

servers that you want to manage must be configured to allow remote management
by using Server Manager and Windows PowerShell. If remote management has
been disabled on Windows Server 2012 R2 or Windows Server 2012 , and you want
to enable it again, perform the following steps.

To configure Server Manager remote management on Windows Server 2012 R2 or

Windows Server 2012 by using the Windows
interface
1. Note

The settings that are controlled by the ​Configure remote Management​ dialog
box do not affect parts of Server Manager that use DCOM for remote
communications.

78
 Do one of the following to open Server Manager if it is not already open.

o On the Windows taskbar, click the Server Manager button.

o On the ​start​ screen, click ​Server Manager​.
2. In the ​Properties​ area of the ​Local Servers​ page, click the hyperlinked value
for the ​remote management​ property.
3. Do one of the following, and then click ​OK​.
o To prevent this computer from being managed remotely by using Server
Manager (or Windows PowerShell if it is installed), clear the ​Enable
remote management of this server from other computers​ check box.
o To let this computer be managed remotely by using Server Manager or
Windows PowerShell, select ​Enable remote management of this server
from other computers​.

To enable Server Manager remote management on Windows Server 2012 R2 or

Windows Server 2012 by using Windows
PowerShell

1. Do one of the following.

o To run Windows PowerShell as an administrator from the ​start​ screen,
right-click the ​Windows PowerShell​ tile, and then click ​Run as
Administrator​.
o To run Windows PowerShell as an administrator from the desktop,
right-click the ​Windows PowerShell​ shortcut in the taskbar, and then
click ​Run as Administrator​.
2. type the following, and then press ​Enter​ to enable all required firewall rule
exceptions.

Configure-SMremoting.exe -Enable

Note

This command also works in a command prompt that has been opened with
elevated user rights (Run as Administrator).

79
Tasks that you can perform in Server Manager

Server Manager makes server administration more efficient by allowing

administrators to do tasks in the following table by using a single tool. In Windows
Server 2012 R2 and Windows Server 2012 , both standard users of a server and
members of the Administrators group can perform management tasks in Server
Manager, but by default, standard users are prevented from performing some tasks,
as shown in the following table.

Note

Server Manager cannot be used to add roles and features to servers that are running
Windows Server 2008 R2 or Windows Server 2008 .

start Server Manager

Server Manager starts automatically by default on servers that are running Windows
Server 2016 when a member of the Administrators group logs on to a server. If you
close Server Manager, restart it in one of the following ways. This section also
contains steps for changing the default behavior, and preventing Server Manager
from starting automatically.

To start Server Manager from the start screen

● On the Windows ​start​ screen, click the ​Server Manager​ tile.
To start Server Manager from the Windows desktop
● On the Windows taskbar, click ​Server Manager​.
To prevent Server Manager from starting automatically

1. In the Server Manager console, on the ​Manage​ menu, click ​Server Manager
Properties​.
2. In the ​Server Manager Properties​ dialog box, fill the check box for ​Do not
start Server Manager automatically at logon​. Click ​OK​.
3. Alternatively, you can prevent Server Manager from starting automatically by
enabling the Group Policy setting, ​Do not start Server Manager
automatically at logon​. The path to this policy setting, in the Local Group
80
 Policy editor console, is computer Configuration\Administrative
Templates\System\Server Manager.

Restart remote servers

You can restart a remote server from the ​Servers​ tile of a role or group page in
Server Manager.

Important

Restarting a remote server forces the server to restart, even if users are still logged
on to the remote server, and even if programs with unsaved data are still open. This
behavior is different from shutting down or restarting the local computer, on which
you would be prompted to save unsaved program data, and verify that you wanted to
force logged-on users to log off. Be sure that you can force other users to log off of
remote servers, and that you can discard unsaved data in programs that are running
on the remote servers.

To restart remote servers in Server Manager

1. Open a role or server group home page in Server Manager.

2. select one or more remote servers that you have added to Server Manager.
Press and hold ​Ctrl​ as you click to select multiple servers at one time. For
more information about how to add servers to the Server Manager server pool,
see ​add Servers to Server Manager​.
3. Right-click selected servers, and then click ​Restart Server​.

Export Server Manager settings to other computers

In Server Manager, your list of managed servers, changes to Server Manager

console settings, and custom groups that you have created are stored in the
following two files. You can reuse these settings on other computers that are running
the same release of Server Manager (or Windows 10 with Remote Server
Administration Tools installed). Remote Server Administration Tools must be running

81
on Windows client-based computers to export Server Manager settings to those
computers.

Note
● Manage As (or alternate) credentials for servers in your server pool are not
stored in the roaming profile. Server Manager users must add them on each
computer from which they want to manage.
● The network share roaming profile is not created until a user logs on to the
network, and then logs off for the first time. The ​Serverlist.xml​ file is created at
this time.

You can export Server Manager settings, make Server Manager settings portable, or
use them on other computers in one of the following two ways.

● To export settings to another domain-joined computer, configure the Server

Manager user to have a roaming profile in active directory Users and
computers. You must be a Domain Administrator to change user properties in
active directory Users and computers.
● To export settings to another computer in a workgroup, copy the preceding two
files to the same location on the computer from which you want to manage by
using Server Manager.

Source:

https://docs.microsoft.com/en-us/windows-server/administration/server-manager/server-man
ager

https://www.dummies.com/programming/networking/network-server-setup-installation-and

configuration/

https://www.sancuro.com/blog/post/What-Is-A-SERVER-And-What-Are-the-Functions-of-It/

https://dirteam.com/sander/2010/07/03/server-manager-in-windows-server-2008-r2-part-1/

82
Multiple Choice. Encircle the letter of the correct answer.

1. Which network protocol used on IP networks where it is automatically assigns an

IP address and other information to each host on the network?

a. DHCP Server c. DNS Server

b. HTTP D. List Server

2. What do you call a computer program that provides a service to

another computer programs and their users?

a. DHCP Server c. DNS Server

b. Server D. List Server

3. It makes server administration more efficient by allowing administrators to do

tasks
83
 in the following table by using a single tool.

a. DHCP Server c. Server Manager

b. FTP Server D. List Server

4. It is a network protocol used to move computer files between a client and server.

a. DHCP Server c. FTP Server

b. HTTP D. List Server

5. It is a program that uses HTTP to serve the files that form Web pages to users, in

response to their requests.

a. DNS Server c. FTP Server

b. HTTP D. List Server

Identification. Write your answer on the space provided.

__________1. It starts automatically by default on servers that are running Windows

Server 2016 when a member of the Administrators group logs on to a
server.
__________2. It is the Internet's system for converting alphabetic names into
numeric
IP addresses.
__________3. A computer system that sends and receives email using standard
email
services protocols
__________4. It is a program whose source code is made available to use or

84
 modification as users
__________5. Consists of several services that run on Windows Server to manage
permissions and access to networked resources.
__________6. This type of server is acts as a set of components accessible to the
software developer through a standard API defined for the platform
itself.
__________7. A computer program that provides a service to
another computer programs and their users.
__________8. This option launches the Add Roles Wizard, which lets you configure
important roles for your server.
__________9. It is a network protocol used to move computer files between a client
and server.
__________10. Use this option to check for critical operating system updates.

Learning Objectives:
After reading this Information Sheet, the learner is expected to:
a. Understand server module add-ons
b. Configure server module add-ons
c. Value the importance of server modules and add-ons

Server Modules are primarily comprised of individual routines (SrvRoutines) that are
typically coded to perform database centric processing. They also provide Session
handling features allowing data to persist between calls to the server and a timeout
to
be specified.

85
Configuring Modules in IIS 7

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows
Vista

The IIS 7 extensibility model lets you develop and deploy Web server components,
named ​modules,​ as either native DLLs that use native C++ APIs or managed types
developed by using ASP.NET APIs. Web server modules can be either of the
following types:

● Native modules (native .dll files): These files are also named ​unmanaged
modules,​ because they are not created by using the ASP.NET model. By
default, most of the features included in the Web server are implemented as
native modules.
● Managed modules (managed types created by .NET assemblies): These
modules are created by using the ASP.NET model.

This section includes the following tasks:

Configuring Native Modules (IIS 7)

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows
Vista

Modules process parts of a request to provide a desired service, such as

authentication or compression. This process is similar to the manner that Internet
Server API (ISAPI) filters work. Typically, modules do not generate responses to
clients; instead, handlers perform this action because they are better suited for
processing specific requests for specific resources. Native modules are loaded when
a Web server worker process is initialized. These modules can provide services—for
example, authentication or compression—for a site or an application.

86
For security reasons, native modules are registered or unregistered only at the Web
server level by the server administrator. However, you can enable or remove
registered native modules at the site or application level.

Configuring Managed Modules (IIS 7)

Applies To: Windows 7, Windows Server 2008, Windows Server 2008 R2, Windows
Vista

Modules process parts of a request to provide a desired service, such as

authentication or compression. They operate much like the manner in which Internet
Server API (ISAPI) filters work. Typically, modules do not generate responses to
clients; instead, handlers perform this action because they are better suited for
processing specific requests for specific resources.

Managed modules can be configured separately for each site or application. They
are loaded for processing only when this is required by that site or application.

Source: ​https://docs.microsoft.com/en-usServerModule

Multiple Choice. Encircle the letter of the correct answer.

1. ​These files are also named ​unmanaged modules​, because they are not created by

using the ASP.NET model.

a. Native Modules c. DNS Server

b. Managed Modules D. Client

2. ​These modules are created by using the ASP.NET model.

87
 a. Native Modules c. Server

b. Managed Modules D. List Server

3. These​ are primarily comprised of individual routines (SrvRoutines) that are

typically coded to perform database centric processing.

a. Server Module c. Client Manager

b. FTP Server D. List Server

4. It ​can be either native or managed module.

a. Client-Server c. FTP Server module

b.Peer-to-Peer D. Web server module

5. ​The ____________model lets you develop and deploy Web server components,

named ​modules,​ as either native DLLs that use native C++ APIs or managed types

developed by using ASP.NET APIs.

a. DNS Server c. ​IIS 7 extensibility

b. HTTP D. List Server

Direction: Answer the following question. Write your answer on the space provided?

1. What is server modules?

___________________________________________________________________
___________________________________________________________________

2. What are the different types of web server modules?

88
___________________________________________________________________
___________________________________________________________________

3. How to configure nature server module?

___________________________________________________________________
___________________________________________________________________

4. How to configure managed server module?

___________________________________________________________________
___________________________________________________________________

5. What is the importance of server modules and add-ons?

___________________________________________________________________
___________________________________________________________________

Learning Objectives:
After reading this Information Sheet, the learner is expected to:
a. Identify network services and its operation
b. Enumerate the different types of network services
c. Signify the importance of network operation
In computer networking, a network service is an application running at the
network ​application layer​ and above, that provides data storage, manipulation,

89
presentation, communication or other capability which is often implemented using
a ​client-server​ or ​peer-to-peer​ architecture based on application layer ​network protocols​.

Each network service is usually provided by a ​server component​ running on one

or more computers (often a dedicated server computer offering multiple services)
and accessed via a network by ​client components​ running on other devices.
However, the client and server components can both be run on the same machine.

Clients and servers will often have a ​user interface​, and sometimes other
hardware associated with it.

Examples are the ​Domain Name System​ (DNS) which translates domain names
to ​Internet protocol​ (IP) addresses and the ​Dynamic Host Configuration
Protocol​ (DHCP) to assign networking configuration information to network
hosts. ​Authentication servers​ identify and authenticate users, provide user account
profiles, and may log usage statistics.

E-mail​, ​printing​ and ​distributed (network) file system​ services are common
services on ​local area networks​. They require users to have permissions to access
the shared resources.

Other network services include:

● Directory services
● e-Mail
● File sharing
● Instant messaging
● Online game
● Printing
● File server
● Voice over IP
● Video on demand
● Video telephony
● World Wide Web
● Simple Network Management Protocol

90
● Time service
● Wireless sensor network

DIFFERENT TYPES OF NETWORK SERVICES

The term network services is used to describe a wide range of software and
connectivity tools that are managed by a central group and distributed to the
networked computers. A networked computer environment occurs when multiple
computers are connected to each other or a central server. The computers are able
to access shared files and utilities from a central location. There are several
advantages to this type of environment, ranging from increased ​quality control​ to
performance and issue management.
Server maintenance is a type of network service.
There are four types of network services: user management, ​email​, printing, and
system administration. In a networked environment, the desktops are known as
client computers or workstations. The servers are typically stored in a special
temperature-controlled room that is often physically located in a different building or
space than the workstation users. Access is provided through network cables that
are used to transmit data packages within the network. These cables also provide
access to the Internet, typically after being routed through a central server or ​network
switch​.
Photocopiers are often connected to a network, allowing users to schedule print jobs
from their desks.
User management is a range of services, from the creation of user names and
passwords to the allocation of rights, privileges, and access. For example, when a
new staff member joins a department, the ​network administrator​ must create a new
account for this person to access the network services. Access to applications, files,
services, and tools this person will require to complete his or her job must be
provided by the system administrator. This is known as user management and
authentication.
Email is a widely used productivity tool that requires connection to the Internet. In
addition, many organizations have a policy surrounding the email software that can
be used, the maximum storage capacity, and the file sizes that can be transmitted.

91
Most organizations provide staff with a company-specific email address, which
requires the creation and maintenance of an email server.

Shared printing is one of the primary network services required in any

organization. Instead of individual printers at each desk, all the users can submit
printing jobs to a central unit. This unit is often a multi-function printer, scanner, and
photocopier. In order to provide this type of network service, many firms implement
special printer management software to control the flow of documents and protect
confidential documents. From a system administration perspective, the ability to
control all the workstations from a central location is the best network service. The
administrator is responsible for deploying new software applications, updating the
operating systems, and maintaining the same versions of ​software programs​ on all
the workstations. Many firms lock the workstations, so only the system administrator
can add new software or run new programs. This increases the overall quality of the
network and reduces staff time spent on computer maintenance.

System administration capabilities are used in conjunction with manual

troubleshooting to locate network issues.

Source:

https://www.wisegeek.com/what-are-the-different-types-of-network-services.htm

https://en.wikipedia.org/wiki/Network_service

92
Fill in the Blank.

Direction. Write the correct answer on the space provided.

1. ____________ is one of the primary network services required in any

organization. Instead of individual printers at each desk, all the users can submit

printing jobs to a central unit.

93
2. ___________are used in conjunction with manual troubleshooting to locate
network
issues.

3-4______________ and _____________________ are common services on ​local

area networks​. They require users to have permissions to access the shared
resources.

5. _______________ usually provided by a ​server component​ running on one or

more

computers (often a dedicated server computer offering multiple services) and

accessed via a network by ​client components​ running on other devices.

Direction: Explain concisely.

1-6 In computer networking, a network

service _____________________________________________________________
___________________________________________________________________
___________________________________________________________________
___________________________________________________________________
___________________________________________________________________

94
6-10 Enumerate the following:
Different Types of Network services
________________________
________________________
________________________
________________________
________________________
________________________

11-15 Types of network services

________________________
________________________
________________________
________________________

Learning Objectives:
After reading this Information Sheet, the learner is expected to:
a. Explain hazards and risks in the workplace
b. Apply contingency measures in accordance with the OHS procedures
c. Appreciate the importance of​ ​procedures in respond to unplanned
events and condition

95
Occupational safety and health (OSH) is a planned system of working to prevent
illness and injury where you work by recognizing and identifying hazards and risks.
Health and safety procedure is the responsibility of all persons in the computer and
technology industries. You must identify the hazards where you are working and
decide how dangerous they are. Eliminate the hazard or modify the risk that it
presents.

Examples of workplace hazards include: -frayed electrical cords (could result in

electrical shock) -boxes stacked unsecurely (they could fall on someone) -noisy
machinery (could result in damage to your ear)

Whenever you spot a hazard, assess the risk by asking yourself two questions: -
How
likely is it that the hazard could harm me or someone else? - How badly could I or s
omeone else be harmed?

Sometimes you may be able to fix simple hazards yourself, as long as you don't put
yourself or others at risk. For
example, you can pick up things from the floor and put them away to eliminate a trip
hazard. What to do?
• Ask your supervisor/teacher for instructions and training before using
equipment.
• Ask for help moving or lifting heavy objects.

Watch video clip about OHSP type this link on the address bar:
https://www.youtube.com/watch?v=aR-1kKCvmLE

96
Is an agent, factor or circumstance that can cause harm with or without contact.
They
can be classified as type of occupational hazard or environmental hazard. One of the
most common physical hazards involving computer technicians is cables running
across the floor. If someone trips, falls, and hurts himself because of a cable you ran
across the floor, someone (you, your employer, or your customer) has a serious
legal
negligence problem.
For cables that are temporary but will need to run across the floor for a longer period
of time, use "gaffers tape". Gaffers tape is a heavy tape with strong adhesive to stick
to the floor. It comes in a wide range of colors, from unintrusive matte black to
hazard
warning red. Although it has strong adhesive, it can be removed easily and cleanly.
● ​It is created as a result of either powered or manual (human) use of tools,
equipment or machinery and plant. When working on electronic equipment,
ask yourself "Is there any way this equipment could hurt me?. You might stick
your hand in a printer and suddenly the paper feed arm moves, feeding not
only paper through the printer, but a piece of your finger too. When working
on electronic equipment always be
● A type of occupational hazard caused by exposure to chemicals in the
workplace. Exposure to chemicals in the workplace can cause acute or
long-term detrimental health effects. There is a wide array of chemicals used
with electronic equipment. There are display cleaning chemicals, keyboard
cleaning chemicals, compressed gas dirt and dust removers, and many
cleaning solvents. Some of these chemicals can be harmful if accidentally
swallowed, get on bare skin

97
 ● Inside computers and electronic equipment, there is a range of voltages from
3.3 volts to 25 volts, most of these are harmless. But at the power supply,
you'll find line voltage, which is a lethal 220 volts. Most of the time while
working inside computers and electronic equipment, you'll want them
unplugged from the wall socket. If you need to work on equipment while it is
still plugged in or powered up, remove all jewelry and wrist watches. If you
must work
● CRT monitors are becoming less common nowadays, but should you run into
one, it is best NOT to open it up. Instead, outsource any CRT repair job to a
qualified CRT repair service. A CRT monitor has a high-voltage anode inside
it, which can carry a charge of up to 25,000 volts, and it can still be holding a
high charge days after the power is removed. If you must open a CRT monitor
case for some reason, be sure to study the proper way to discharge a CRT
before you proceed.
Procedure:

1. Identify the hazard.

2. Clear the area close to the hazard.

3. Partition the hazard off or clearly identify the

area to protect other people from harm.

4. If the hazard is can be easily and safely cleared,

then do so.

5. Report the hazard to the appropriate person

(such as teacher in charge, principal etc.) to obtain assistance.

6. After clearing of the hazard, fill out the correct documentation to assist in

identifying improved practice to reduce further incidence of hazards.

98
A. Direction: Read carefully each statement below. Write T if the statement is
TRUE or F if the statement is FALSE.

99
 _____ 1. Health and safety procedure is the responsibility of all persons in the
computer and technology industries.
______ 2. Spotting the hazards means working out how likely it is that a
hazard will harm someone and how serious the harm could be.
______ 3. If you need to temporarily run a cable across the floor, place a
Danger sign similar to those "wet floor" signs used by cleaning services.
______ 4. An LCD monitor has a high-voltage anode inside it, which can
carry a charge of up to 25,000 volts, and it can still be holding a high charge
days after the power is removed.
______ 5. Inkjet printer cartridges, or laser printer toner cartridges are
hazardous to users.

A. Make a list of hazards that may be present in your own home when operating
a personal computer. Give the possible risk of the said hazards.

________________________________________
________________________________________

100
 ________________________________________

B. Choose an industry or type of workplace e.g. computer laboratory,

computer
manufacturing, or a computer shop. Make a list of hazards that may be
present in that workplace e.g. slippery floors from spilt water, oil etc;
uneven
floors from changing floor level.

________________________________________
________________________________________
________________________________________

C. Write down ways to control the risks.

________________________________________
________________________________________
________________________________________
________________________________________
________________________________________

Learning Objectives
At the end of the lesson, the learner must be able to:
a. Identify an active directory and domain controller

101
 b. Illustrate hierarchical structure of an active directory
c. Distinguish the core elements of the active directory

A ​directory is a hierarchical structure that stores information about objects on

the network. A directory service, such as ​Active Directory Domain Services (AD
DS), provides the methods for storing directory data and making this data available
to network users and administrators. For example, ​ADDS stores information about
user accounts, such as names, passwords, phone numbers, and so on, and enables
other authorized users on the same network to access this information.

Active Directory stores information about objects on the network and makes
this information easy for administrators and users to find and use. ​Active Directory
uses a structured data store as the basis for a logical, hierarchical organization of
directory information.

This data store, also known as the directory, contains information about Active
Directory objects. These objects typically include shared resources such as servers,
volumes, printers, and the network user and computer accounts.

Security is integrated with Active Directory through logon authentication and

access control to objects in the directory. With a single network logon, administrators
can manage directory data and organization throughout their network, and
authorized network users can access resources anywhere on the network.
Policy-based administration eases the management of even the most complex
network.
Active Directory also includes:

● A set of rules, the ​schema​, that defines the classes of objects and
attributes contained in the directory, the constraints and limits on
instances of these objects, and the format of their names. For more
information about the schema, see Schema.

102
 ● A ​global catalog that contains information about every object in the
directory. This allows users and administrators to find directory
information regardless of which domain in the directory actually
contains the data. For more information about the global catalog, see
The role of the global catalog.

● A ​query and index mechanism​, so that objects and their properties

can be published and found by network users or applications. For more
information about querying the directory, see Finding directory
information.

● A ​replication service that distributes directory data across a network.

All domain controllers in a domain participate in replication and contain
a complete copy of all directory information for their domain. Any
change to directory data is replicated to all domain controllers in the
domain. For more information about Active Directory replication, see
Replication overview.

❖ Active Directory Structure and Storage Technologies

Administrators use Active Directory to store and organize objects on a

network (such as users, computers, devices, and so on) into a secure hierarchical
containment structure that is known as the logical structure. Although the logical
structure of Active Directory is a hierarchical organization of all users, computers,
and other physical resources, the forest and domain form the basis of the logical
structure. Forests, which are the security boundaries of the logical structure, can be
structured to provide data and service autonomy and isolation in an organization in
ways that can both reflect site and group identities and remove dependencies on the
physical topology.

Note:

103
In Windows 2000 Server and Windows Server 2003, the directory service is named
Active Directory. In Windows Server 2008 and Windows Server 2008 R2, the
directory service is named Active Directory Domain Services (AD DS). The rest of
this topic refers to Active Directory, but the information is also applicable to Active
Directory Domain Services.
Domains can be structured in a forest to provide data and service autonomy
(but not isolation) and to optimize replication with a given region. This separation of
logical and physical structures improves manageability and reduces administrative
costs because the logical structure is not affected by changes in the physical
structure. The logical structure also makes it possible to control access to data. This
means that you can use the logical structure to compartmentalize data so that you
can control access to it by controlling access to the various compartments.

The data that is stored in Active Directory can come from many diverse
sources. With so many different data sources and so many different types of data,
Active Directory must employ some type of standardized storage mechanism so that
it can maintain the integrity of the data that it stores. In Active Directory, objects are
used to store information in the directory, and all objects are defined in the schema.
The object definitions contain information, such as data type and syntax, that the
directory uses to ensure that the stored data is valid. No data can be stored in the
directory unless the objects that are used to store the data are first defined in the
schema. The default schema contains all the object definitions that Active Directory
needs to function; however, you can also add object definitions to the schema.

While the directory is exposed to you through a logical structure that consists
of elements such as domains and forests, the directory itself is implemented through
a physical structure that consists of a database that is stored on all domain
controllers in a forest. The Active Directory data store handles all access to the
database. The data store consists of both services and physical files. These services
and physical files make the directory available, and they manage the processes of
reading and writing the data inside the database that exists on the hard disk of each
domain controller.

104
❖ Active Directory Structure and Storage Architecture

The Active Directory structure and storage architecture consists of four parts:
1. Active Directory domains and forests. Forests, domains, and organizational
units (OUs) make up the core elements of the Active Directory logical
structure. A ​forest ​defines a single directory and represents a security
boundary. Forests contain domains.

2. Domain Name System (DNS) support for Active Directory. DNS provides a
name resolution service for domain controller location and a hierarchical
design that Active Directory can use to provide a naming convention that can
reflect organizational structure.

3. Schema. The schema provides object definitions that are used to create the
objects that are stored in the directory.

4. Data store. The data store is the portion of the directory that manages the
storage and retrieval of data on each domain controller.

The following figure illustrates the Active Directory data structure and storage
architecture.

105
Figure 2.5-1 Active Directory Data Structure and Storage Architecture
Active Directory Domains and Forests
Domains partition the directory into smaller sections within a single forest.
This partitioning results in more control over how data is replicated so that an
efficient replication topology can be established and network bandwidth is not
wasted by replicating data where it is not required. OUs make it possible to group
resources in a domain for management purposes, such as applying Group Policy or
delegating control to administrators.

The following figure illustrates the relationships of OUs, domains, and forests in the
logical structure architecture.

Figure 2.5-2 Logical Structure Architecture

DNS Support for Active Directory

106
 Active Directory uses DNS as its domain controller location mechanism.
When any of the principal Active Directory operations, such as authentication,
updating, or searching, is performed, domain joined computers use DNS to locate
Active Directory domain controllers, and these domain controllers use DNS to locate
each other. For example, when a network user with an Active Directory user account
logs on to an Active Directory domain, the user’s computer uses DNS to locate a
domain controller for the Active Directory domain to which the user wants to log on.

To log on to a network that consists of an Active Directory forest, a client

workstation must first be able to locate a nearby domain controller. The domain
controller is necessary for initial authentication of both the workstation and the user
and for subsequent authorization of the user for the files and resources to which the
user needs access. The support that is provided to Active Directory by DNS enables
a client workstation to locate a domain controller.

Active Directory Schema

Active Directory schema contains definitions for all the objects that are used
to store information in the directory. There is one schema per forest. However, a
copy of the schema exists on every domain controller in the forest. This way, every
domain controller has quick access to any object definition that it might need, and
every domain controller uses the same definition when it creates a given object. The
data store relies on the schema to provide object definitions, and the data store uses
those definitions to enforce data integrity. The result is that all objects are created
uniformly, and it does not matter which domain controller creates or modifies an
object because all domain controllers use the same object definition.

The following figure illustrates the relationship of the schema to the data store in the
schema architecture.

107
Figure 2.5-3 Schema Architecture

Active Directory Data Store

The Active Directory data store is made up of several components that
together provide directory services to directory clients. These components include
the following:

Four interfaces:
1. Lightweight Directory Access Protocol (LDAP)
2. Replication (REPL) and domain controller management interface
3. Messaging API (MAPI)
4. Security Accounts Manager (SAM)

Three service components:

1. Directory System Agent (DSA)
2. The database layer
3. Extensible Storage Engine (ESE)

The directory database where the data is actually stored.

108
The following figure illustrates the relationships of these components in the data
store architecture.

Figure 2.5-4 Data Store Architecture

❖ Domain and Forest Components

TABLE 2.5-1 Domain and Forest Components

Component Description

Forest A forest is the highest level of the

logical structure hierarchy. An Active
Directory forest represents a single
self-contained directory. A forest is a
security boundary, which means that
administrators in a forest have complete
control over all access to information
that is stored inside the forest and to the
domain controllers that are used to
implement the forest.

Domain Domains partition the information that is

stored inside the directory into smaller

109
 portions so that the information can be
more easily stored on various domain
controllers and so that administrators
have a greater degree of control over
replication. Data that is stored in the
directory is replicated throughout the
forest from one domain controller to
another. Some data that is relevant to
the entire forest is replicated to all
domain controllers. Other data that is
relevant only to a specific domain is
replicated only to domain controllers in
that particular domain. A good domain
design makes it possible to implement
an efficient replication topology. This is
important because it enables
administrators to manage the flow of
data across the network, that is, to
control how much data is replicated and
where that replication traffic takes
place.

OU (Organizational Unit) OUs provide a means for administrators

to group resources, such as user
accounts or computer accounts, so that
the resources can be managed as one
unit. This makes it much easier to apply
Group Policy to multiple computers or to
control the access of many users to a
single resource. OUs also make it

110
 easier to delegate control over
resources to various administrators.

Domain Controller

A domain controller is a server that is running a version of the Windows

Server® operating system and has Active Directory® Domain Services installed.

When you install Windows Server on a computer, you can choose to

configure a specific server role for that computer. When you want to create a new
forest, a new domain, or an additional domain controller in an existing domain, you
configure the server with the role of domain controller by installing AD DS.

By default, a domain controller stores one domain directory partition

consisting of information about the domain in which it is located, plus the schema
and configuration directory partitions for the entire forest. A domain controller that
runs Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003 can
also store one or more application directory partitions. There are also specialized
domain controller roles that perform specific functions in an AD DS environment.
These specialized roles include global catalog servers and operations masters.

Active Directory Installation

Active Directory Installation Wizard

The ​Active Directory Installation Wizard (dcpromo.exe) configures a server to

be a domain controller by installing Active Directory. Using the Active Directory
Installation Wizard you can either add a domain controller to an existing domain or
create the first domain controller in a new domain. The wizard provides the option to
do this.

111
You can run the Active Directory Installation Wizard from the command line, or from
the Configure Your Server Wizard. You can also install Active Directory using an
unattended setup script called an answer file.

When running the wizard from the command line, you can append the /adv switch to
the dcpromo command to populate the directory using a backup of system state data
from another domain controller in the same domain. Installing from backup media
reduces the amount of data that must be replicated over the network, thus reducing
the time required to install Active Directory.

Before installing Active Directory, the wizard verifies that the server is eligible to run
Active Directory by checking certain criteria. The following are examples of some of
the criteria that the wizard checks before allowing an Active Directory installation to
proceed:
● There is sufficient disk space on the computer to store the Active Directory
database.
● You have sufficient privileges to install Active Directory on the computer.
● The computer is running a correct version of the operating system.

After all prerequisites have been met, a user interface is used to gather
information specific to the environment in which Active Directory will be installed,
such as the Domain Name System (DNS) name and the storage locations for the
Active Directory database and the SYSVOL shared folder. If you are installing Active
Directory using an answer file, you will prepopulate the script with this information.
Finally, the wizard configures Active Directory and makes the server a domain
controller.

Active Directory Functional Levels

Although most Active Directory features are available by default, certain new
features of Windows Server 2003 Active Directory, such as efficient group
membership replication and domain rename, cannot be enabled until all domain

112
controllers within a given scope (domain or forest) are running Windows Server
2003.

Windows Server 2003 Active Directory does not automatically enable such a
feature even when all domain controllers within a forest are running Windows Server
2003. Instead, the responsibility for the decision is administrative so that you can still
add domain controllers that are running earlier versions of Windows. By advancing
the functional level of a Windows Server 2003 domain or forest, you enable new
features within that scope.

Functional levels protect against incompatibility. Before you raise a functional level,
Active Directory verifies that all domain controllers are running the correct version of
the operating system. After you raise the functional level, Active Directory no longer
allows the introduction of a domain controller with an incompatible version of
Windows.

113
To install the ADDS and DNS follow these steps:

1. Open ​Server Manager and click on roles, this will bring up the Roles
Summary on the right hand side where you can click on the Add Roles
link.

2. This will bring up the Add Roles Wizard where you can click on next to see
a list of available Roles. Select Active Directory Domain Services from the
list, you will be told that you need to add some features, click on the Add
Required Features button and click next to move on.

114
3. A brief introduction to Active Directory will be displayed as well as a few
links to additional resources, you can just click next to skip past here and
click install to start installing the binaries for Active Directory.

4. When the installation is finished you will be shown a success message,

just click close.

115
Configuration Procedures for Domain Controller and Functional Level

5. Open up Server Manager, expand Roles and click on Active Directory

Domain Services. On the right hand side click on the Run the Active
Directory Domain Services Installation Wizard (dcpromo.exe) link.

116
6. This will kick off another wizard, this time to configure the settings for you
domain, click next to continue.

7. The message that is shown now relates to older clients that do not support
the new cryptographic algorithms supported by Server 2008 R2, these are
used by default in Server 2008 R2, click next to move on.

8. Choose to create a new domain in a new forest.

117
9. Now you can name your domain, we will be using a .local domain the
reason why will be explained in an upcoming article.

10. Since this is the first Domain Controller in our domain we can change our
forest functional level to Server 2008 R2.

118
 (Domain Name System) DNS Server
11. We want to include DNS in our installation as this will allow us to have an
AD Integrated DNS Zone, when you click next you will be prompted with a
message just click yes to continue.

119
12. You will need to choose a place to store log files, it is a best practice to
store the database and SYSVOL folder on one drive and the log files on a
separate drive, but since this is in a lab environment I will just leave them
all on the same drive.

13. Choose a STRONG Active Directory Restore Mode Password and click
next twice to kick off the configuration.

You will be able to see what components are being installed by looking in
the following box.

120
14. When its done you will be notified and required to reboot your PC.

15. Click Finish.

121
Direction: Choose the letter of the correct answer from the given options. Write your
answer on a separate sheet of paper.

A. Schema F. Forest L. Data Store

B. Replication Service G. Domains M. ADDS
C. Organizational Unit H. Domain Controller N. Active Directory
D. Global Catalog I. DNS Installation Wizard
J. Directory O. Active directory
E. Functional levels K. Dcpromo.exe

1. Hierarchical structure that stores information about objects on the network.

2. Stores information about user accounts, such as names, passwords, phone
numbers, and so on, and enables other authorized users on the same
network to access this information.
3. Uses a structured data store as the basis for a logical, hierarchical
organization of directory information.
4. Provides object definitions that are used to create the objects that are stored
in the directory.
5. Contains information about every object in the directory.
6. Distributes directory data across a network.

122
7. The portion of the directory that manages the storage and retrieval of data on
each domain controller.
8. The highest level of the logical structure hierarchy.
9. Partition the information that is stored inside the directory into smaller
portions.
10. Provide a means for administrators to group resources, such as user
accounts or computer accounts, so that the resources can be managed as
one unit.
11. Server that is running a version of the Windows Server® operating system
and has Active Directory® Domain Services installed.
12. Provide a naming convention that can reflect organizational structure.
13. Configures a server to be a domain controller by installing Active Directory.
14. Windows server operating system command that opens the Active Directory
Installation Wizard
15. Active Directory no longer allows the introduction of a domain controller
with an incompatible version of Windows.

123
Directions:
1. Create a hierarchical structure showing domain within an Active Directory.
2. Select an organization from the top-level domains.
3. Use the following Active Directory Forest Functional Level: Domain,
Organizational Unit, Administrator, Group Policy Object, Users
4. Must have at least 5 client computers.
5. Use the example as guide.
6. Have a separate sheet of short bond paper for your answer.

124
Directions: Arrange the procedures in their proper order. Write the letter of the
correct answer on a separate sheet of paper.

1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.

125
Direction: Answer the following questions on a separate sheet of paper.

1. What is the function of the Active Directory Domain Services in a server?

(3 points)

2. What is the function of the Domain Controller in a server?

(3 points)

3. What are the core elements of the Active Directory logical structure? Describe
the function of each component.
(6 points)

4. What is the importance of the active directory functional level?

(3 points)

126
Learning Objectives
At the end of the lesson, the learner must be able to:
a. Identify a domain name system
b. Create an internet domain namespace
c. Recognize a DNS server

Terminology:

TCP/IP ​- The Transmission Control Protocol/Internet Protocol, is a suite of

communication protocols used to interconnect network devices on the
internet. TCP/IP can also be used as a communications protocol in a private
computer network (an intranet or an extranet).
IP ​- Internet Protocol address (IP address) is a numerical label assigned to
each device connected to a computer network that uses the Internet Protocol
for communication. An IP address serves two main functions: host or network
interface identification and location addressing.
RFCs 1034/1035 - Organizational Interoperability Agreement in using the
DNS standardized by IETF.
IETF - The Internet Engineering Task Force (IETF) The IETF is the Internet's
longest-established technical standardization body, and its open,

127
 decentralized structure derives from the Internet's early history. The IETF is
more a community than a hierarchical organization.

DNS Infrastructure

The Domain Name System (DNS) infrastructure consists of DNS servers that
run the DNS Server service and DNS clients that run the DNS Client service.

Hierarchy of Managed Entities

DNS Server
A DNS server hosts the information that enables client computers to resolve
memorable, alphanumeric DNS names to the IP addresses that computers use to
communicate with each other. Most often, the DNS server responds to requests from
DNS clients to provide the IP address associated with a host's DNS domain name.
DNS servers can also be configured to provide the name of a host when it receives a
query containing the host's IP address, and DNS servers can also provide the IP
addresses of other servers configured to provide certain services, such as e-mail.

DNS names are organized into a hierarchy of domains, and domains are grouped
and managed in zones on the DNS server.

The DNS Server role in Windows Server 2008 combines support for standard DNS
protocols with the benefits of integration with Active Directory Domain Services (AD

128
DS) and other Windows networking and security features, including such advanced
capabilities as secure dynamic update of DNS resource records.

DNS Client
The DNS Client service is the client component that resolves and caches Domain
Name System (DNS) domain names. When the DNS Client service receives a
request to resolve a DNS name that it does not contain in its cache, it queries an
assigned DNS server for an IP address for the name. If the DNS Client service
receives the requested address, it stores the name and address in its cache to
resolve future requests without having to query the DNS server. All computers that
use DNS to resolve domain names (including DNS servers and domain controllers)
use the DNS Client service for this purpose.

Although TCP/IP uses IP addresses to locate and connect to hosts

(computers and other TCP/IP network devices), users typically prefer to use friendly
names. For example, users prefer the friendly name ftp.reskit.com, instead of its IP
address, 172.16.23.55. The Domain Name System (DNS), defined in RFCs 1034
and 1035, is used on the Internet to provide a standard naming convention for
locating IP-based computers.

On the Internet, before the implementation of DNS, the use of names to locate
resources on TCP/IP networks was supported by a file called Hosts. Network
administrators entered names and IP addresses into Hosts, and computers used the
file for name resolution.

Both the Hosts file and DNS use a namespace. A namespace is a grouping in
which names can be used to symbolically represent another type of information,
such as an IP address, and in which specific rules are established that determine
how names can be created and used. Some namespaces, such as DNS, are
hierarchically structured and provide rules that allow for the namespace to be divided
into subsets of names for distributing and delegating parts of the namespace. Other
namespaces, such as the Hosts namespace cannot be divided and must be
distributed in their entirety. Because of this, using the Hosts file posed a problem for

129
network administrators. As the number of computers and users on the Internet grew,
the task of updating and distributing the Hosts file became unmanageable.

DNS replaces the Hosts file with a distributed database that implements a
hierarchical naming system. This naming system allows for growth on the Internet
and the creation of names that are unique throughout the Internet and private
TCP/IP-based intranets.

Basic DNS Concepts

▪ DNS servers.​ Computers that run DNS server programs containing DNS
database information about the DNS domain tree structure. DNS servers also
attempt to resolve client queries. When queried, DNS servers can provide the
requested information, provide a pointer to another server that can help
resolve the query, or respond that it does not have the information or that the
information does not exist.

▪ DNS resolvers​. Programs that use DNS queries to query for information from
servers. Resolvers can communicate with either remote DNS servers or the
DNS server program running on the local computer. Resolvers are usually
built into utility programs or are accessible through library functions. A
resolver can run on any computer, including a DNS server.

▪ Resource records.​ Sets of information in the DNS database that can be used
to process client queries. Each DNS server contains the resource records it
needs to answer queries for the portion of the DNS namespace for which it is
authoritative. (A DNS server is authoritative for a contiguous portion of the
DNS namespace if it contains information about that portion of the
namespace.)

▪ Zones.​ Contiguous portions of the DNS namespace for which the server is
authoritative. A server can be authoritative for one or more zones.

130
 ▪ Zone files​. Files that contain resource records for the zones for which the
server is authoritative. In most DNS implementations, zones are implemented
as text files.

Domain Namespace

The naming system on which DNS is based is a hierarchical and logical tree
structure called the domain namespace. Organizations can also create private
networks that are not visible on the Internet, using their own domain namespaces.
Figure 2.6-1 shows part of the Internet domain namespace, from the root domain
and top-level Internet DNS domains, to the fictional DNS domain named reskit.com
that contains a host (computer) named Mfgserver.

Figure 2.6-1 Domain Name System

Each node in the DNS tree represents a DNS name. Some examples of DNS
names are DNS domains, computers, and services. A DNS domain is a branch

131
under the node. For example, in Figure 2.6-1, reskit.com is a DNS domain. DNS
domains can contain both hosts (computers or services) and other domains (referred
to as subdomains ). Each organization is assigned authority for a portion of the
domain namespace and is responsible for administering, subdividing, and naming
the DNS domains and computers within that portion of the namespace.

Subdividing ** is an important concept in DNS. Creating subdivisions of the

domain namespace and private TCP/IP network DNS domains supports new growth
on the Internet and the ability to continually expand name and administrative
groupings. Subdivisions are generally based on departmental or geographic
divisions.

For example, the reskit.com DNS domain might include sites in North America and
Europe. A DNS administrator of the DNS domain reskit.com can subdivide the
domain to create two subdomains that reflect these groupings: noam.reskit.com. and
eu.reskit.com. Figure 2.6-2 shows an example of these subdomains.

Figure 2.6-2 Subdomains

Domain Name
Computers and DNS domains are named based on their position in the
domain tree. For example, because reskit is a subdomain of the .com domain, the
domain name for reskit is reskit.com.

Every node in the DNS domain tree can be identified by a ​fully qualified
domain name (FQDN). The ​FQDN is a DNS domain name that has been stated

132
unambiguously so as to indicate with absolute certainty its location relative to the
root of the DNS domain tree. This contrasts with a relative name, which is a name
relative to some DNS domain other than the root.

For example, the FQDN for the server in the reskit.com DNS domain is constructed
as Mfgserver.reskit.com ., which is the concatenation of the host name (Mfgserver)
with the primary DNS suffix (reskit.com), and the trailing dot (.). The trailing dot is a
standard separator between the top-level domain label and the empty string label
corresponding to the root.

Note
In general, FQDNs have naming restrictions that allow only the use of characters
a-z, A-Z, 0-9, and the dash or minus sign (-). The use of the period (.) is allowed only
between domain name labels (for example, "reskit.com") or at the end of a FQDN.
Domain names are not case-sensitive.

You can configure the Windows 2000 DNS server to enforce some or all RFC
character restrictions or to ignore all character restrictions. For more information, see
"Windows 2000 DNS" in this book.

Internet Domain Namespace

The root (the top-most level) of the Internet domain namespace is managed
by an Internet name registration authority, which delegates administrative
responsibility for portions of the domain namespace to organizations that connect to
the Internet.

Beneath the root DNS domain lie the top-level domains, also managed by the
Internet name registration authority.

There are three types of top-level domains:

133
 1. Organizational domains.​ These are named by using a 3-character code that
indicates the primary function or activity of the organizations contained within
the DNS domain.
2. Geographical domains.​ These are named by using the 2-character
country/region codes established by the International Standards Organization
(ISO) 3166.
3. Reverse domains​. This is a special domain, named in-addr.arpa, that is used
for IP address-to-name mappings.

The most commonly used top-level DNS name components for organizations in
the United States are described in the Table 2.6-1.

Table 2.6-1 Top-Level Name Component of the DNS Hierarchy

Top-Level Description Example DNS
Name Domain Name
Component
.com An Internet name authority delegates portions of microsoft.com
the domain namespace under this level to
commercial organizations, such as the Microsoft
Corporation.

.edu An Internet name authority delegates portions of mit.edu

this domain namespace to educational
organizations, such as the Massachusetts
Institute of Technology (MIT).

.gov An Internet name authority delegates portions of whitehouse.gov

this domain namespace to governmental

134
 organizations, such as the White House in
Washington, D.C.

.int An Internet name authority delegates portions of nato.int

this domain namespace to international
organizations, such as the North Atlantic Treaty
Organization (NATO).

.mil An Internet name authority delegates portions of ddn.mil

this domain namespace to military operations,
such as the Defense Date Network (DDN).

.net An Internet name authority delegates portions of nsf.net

this domain namespace to networking
organizations, such as the National Science
Foundation (NSF).

.org An Internet name authority delegates portions of cnidr.org

this domain namespace to noncommercial
organizations, such as the Center for
Networked Information Discovery and Retrieval
(CNIDR).

In addition to the top-level domains listed above, individual countries have

their own top-level domains. For example, .ca is the top-level domain for Canada.

Beneath the top-level domains, an Internet name authority delegates domain

to organizations that connect to the Internet. The organizations to which an Internet
name authority delegates a portion of the domain namespace are then responsible
for naming the computers and network devices within their assigned domain and its
subdivisions. These organizations use DNS servers to manage the name-to-IP
address and IP address-to-name mappings for host devices contained within their
portion of the namespace.

135
Zones
A zone is a contiguous portion of the DNS namespace. It contains a series of
records stored on a DNS server. Each zone is anchored at a specific domain node.
However, zones are not domains. A DNS domain is a branch of the namespace,
whereas a zone is a portion of the DNS namespace generally stored in a file, and
can contain multiple domains. A domain can be subdivided into several partitions,
and each partition, or zone, can be controlled by a separate DNS server. Using the
zone, the DNS server answers queries about hosts in its zone, and is authoritative
for that zone. Zones can be primary or secondary. A primary zone is the copy of the
zone to which the updates are made, whereas a secondary zone is a copy of the
zone that is replicated from a master server.

Zones can be stored in different ways. For example, they can be stored as
zone files. On Windows 2000 servers, they can also be stored in the Active Directory
™ directory service. Some secondary servers store them in memory and perform a
zone transfer whenever they are restarted.

Figure 2.6-3 shows an example of a DNS domain that contains two primary zones. In
this example, the domain reskit.com contains two subdomains: noam.reskit.com. and
eu.reskit.com. Authority for the noam.reskit.com. subdomain has been delegated to
the server noamdc1.noam.reskit.com. Thus, as Figure 2.6-3 shows, one server,
noamdc1.noam.reskit.com, hosts the noam.reskit.com zone, and a second server,
reskitdc1.reskit.com, hosts the reskit.com zone that includes the eu.reskit.com
subdomain.

136
Figure 2.6-3 Domains and Zones

Rather than delegating the noam.reskit.com zone to

noamdc1.noam.reskit.com, the administrator can also configure reskitdc1 to host the
zone for noam.reskit.com.

Also, you cannot configure two different servers to manage the same primary
zones; only one server can manage the primary zone for each DNS domain. There is
one exception: multiple computers can manage Windows 2000 Active
Directory–integrated zones.

You can configure a single DNS server to manage one zone or multiple
zones, depending on your needs. You can create multiple zones to distribute
administrative tasks to different groups and to provide efficient data distribution. You
can also store the same zone on multiple servers to provide load balancing and fault
tolerance.

Name Resolution
DNS clients use libraries called ​resolvers that perform DNS queries to servers
on behalf of the client. Keep in mind throughout this discussion that a DNS server
can also be a client to another server.

137
Note
Computers running under Microsoft® Windows NT® Workstation or Microsoft®
Windows NT® Server version 4.0 use DNS name resolution when a name query
contains a name that contains a period or is greater than 15 bytes in length.
Computers running Windows 2000 always try DNS name resolution. For more
information about DNS and NetBIOS name resolution, see "TCP/IP Troubleshooting"
and "Windows 2000 DNS" in this book.

DNS clients can make two types of queries: recursive and iterative.

DNS Servers
DNS servers store information about no zones, one zone, or multiple zones.
When a DNS server receives a DNS query, it attempts to locate the requested
information by retrieving data from its local zones. If this fails because the server is
not authoritative for the DNS domain requested and thus does not have the data for
the requested domain, the server can check its cache, communicate with other DNS
servers to resolve the request, or refer the client to another DNS server that might
know the answer.

DNS servers can host primary and secondary zones. You can configure
servers to host as many different primary or secondary zones as is practical, which
means that a server might host the primary copy of one zone and the secondary
copy of another zone, or it might host only the primary or only the secondary copy for
a zone. For each zone, the server that hosts the primary zones is considered the
primary server for that zone, and the server that hosts the secondary zones is
considered the secondary server for that zone.

Primary zones are locally updated. When a change is made to the zone data,
such as delegating a portion of the zone to another DNS server or adding resource
records in the zone, these changes must be made on the primary DNS server for
that zone, so that the new information can be entered in the local zone.

138
 In contrast, secondary zones are replicated from another server. When a zone
is defined on a secondary server for that zone, the zone is configured with the IP
address of the server from which the zone is to be replicated. The server from which
the zone file replicates can either be a primary or secondary server for the zone, and
is sometimes called a master server for the secondary zone.

When a secondary server for the zone starts up, it contacts the master server
for the zone and initiates a zone transfer. The secondary server for the zone also
periodically contacts the master server for the zone to see whether the zone data
has changed. If so, it can initiate a transfer of the zones, referred to as a zone
transfer .

You must have a primary server for each zone. Additionally, you should have
at least one secondary server for each zone. Otherwise, if the primary server for the
zone goes down, no one will be able to resolve the names in that zone.

Secondary servers provide the following benefits:

▪ Fault tolerance When a secondary server is configured for a zone, clients
can still resolve names for that zone even if the primary server for the zone
goes down. Generally, plan to install the primary and secondary servers for
the zone on different subnets. Therefore, if connectivity to one subnet is lost,
DNS clients can still direct queries to the name server on the other subnet.
▪ Reduction of traffic on wide area links You can add a secondary server for
the zone in a remote location that has a large number of clients, and then
configure the client to try those servers first. This can prevent clients from
communicating across slow links for DNS queries.
▪ Reduction of load on the primary server for the zone The secondary server
can answer queries for the zone, reducing the number of queries the primary
server for the zone must answer.

Dynamic Update

139
 Dynamic update is a new standard, specified in RFC 2136, that provides a
means of dynamically updating zone data on a zone's primary server.

Originally, DNS was designed to support only static changes to a zone

database. Because of the design limitations of static DNS, the ability to add, remove,
or modify resource records could only be performed manually by a DNS system
administrator.

For example, a DNS system administrator would edit records on a zone's

primary server and the revised zone database is then propagated to secondary
servers during zone transfer. This design is workable when the number of changes is
small and updates occur infrequently, but can otherwise become unmanageable.

With dynamic update, on the other hand, the primary server for the zone can
also be configured to support updates that are initiated by another computer or
device that supports dynamic update. For example, it can receive updates from
workstations registering A and PTR resource records, or from DHCP servers.
Updates are sent using a standard UPDATE message format and can include the
addition or deletion of individual resource records (RRs) or sets of resource records
(RRsets).

In order for a request for a dynamic update to be performed, several

prerequisite conditions can also be identified. Where prerequisites are set, all such
conditions must be met before an update is allowed.

Some examples of prerequisites that can be set are:

a. A required RR or RRset already exists or is in use prior to an update.
b. A required RR or RRset does not exist or is not in use prior to an
update.
c. A requester is permitted to initiate an update of a specified RR or
RRset.

Each prerequisite must be satisfied in order for an update to occur. After all
prerequisites are met, the zone's primary server can then proceed with an update of

140
its local zones. Multiple updates can be processed concurrently only if one update
does not depend on the final result of another update.

141
Direction: Match Column A with Column B. Choose the correct term that best
describe the statement. Write the letter of the correct answer on a separate sheet of
paper.

142
Direction: Create your own domain name system by using the following namespace
accordingly in the Philippines. Use the table on a separate sheet of paper.

Domain namespace Domain Name System

.com

.edu

.gov

.mil

.org

Rubric: Originality – 3 points

Relativity – 2 points

Total Score: 25 points

143
Direction: Answer the following questions on a separate sheet of paper.

1. What is FQDN in configuring the DNS? (3 points)

2. What is the relationship of the DNS Server to zones? (3 points)

3. Why do you need to consider the domain namespace in creating a DNS?

(3 points)

4. What is the importance of Secondary servers in the DNS Server? (3 points)

5. What is dynamic update in DNS? (3 points)

144
Learning Objectives
At the end of the lesson, the learner must be able to:
a. Identify the DHCP Server
b. Assign an IP scope for the DHCP server
c. Install the DHCP server

Terminology:
address pool - Addresses that remain after you define a DHCP scope and
apply exclusion ranges. Pooled addresses are eligible for dynamic
assignment by the server to DHCP clients on your network.
exclusion range - A limited sequence of IP addresses within a scope,
excluded from DHCP service offerings. Exclusion ranges assure that any
addresses in these ranges are not offered by the server to DHCP clients on
your network.
Lease - A length of time that a DHCP server specifies, during which a client
computer can use an assigned IP address. When a lease is made to a client,
the lease is active. Before the lease expires, the client typically needs to
renew its address lease assignment with the server. A lease becomes inactive
when it expires or is deleted at the server. The duration for a lease determines
when it will expire and how often the client needs to renew it with the server.
options class - A way for the server to further manage option types provided
to clients. When an options class is added to the server, clients of that class
can be provided class-specific option types for their configuration. Options
classes can be of two types: vendor classes and user classes.

145
option types - Other client configuration parameters a DHCP server can
assign when serving leases to DHCP clients. For example, some commonly
used options include IP addresses for default gateways (routers), WINS
servers, and DNS servers. Typically, these option types are enabled and
configured for each scope. You can use the DHCP console to configure
default option types that are used by all scopes added and configured at the
server. Most options are predefined through RFC 2132, but you can use the
DHCP console to define and add custom option types, if required.
Reservation - Used to create a permanent address lease assignment by the
DHCP server. Reservations assure that a specified hardware device on the
subnet can always use the same IP address.
Scope - The full consecutive range of possible IP addresses for a network.
Scopes typically define a single physical subnet on your network to which
DHCP services are offered. Scopes also provide the primary way for the
server to manage distribution and assignment of IP addresses and any
related configuration parameters to clients on the network.
Superscope - An administrative grouping of scopes that can be used to
support multiple logical IP subnets on the same physical subnet. Superscopes
only contain a list of member scopes or child scopes that can be activated
together. Superscopes are not used to configure other details about scope
usage. For configuring most properties used within a superscope, you need to
configure member scope properties individually.

146
DHCP Infrastructure
Dynamic Host Configuration Protocol (DHCP) is an IP standard for simplifying
management of host IP configuration. The DHCP standard provides for the use of
DHCP servers as a way to manage dynamic allocation of IP addresses and other
related configuration details for DHCP-enabled clients on your network.

Hierarchy of Managed Entities

Dynamic Host Configuration Protocol (DHCP) server is a computer running the

DHCP Server service that holds information about available IP addresses and

147
related configuration information, as defined by the DHCP administrator, and
responds to requests from DHCP clients.

Managed Entities

1. Dynamic Host Configuration Protocol (DHCP) NAP Components

Network Access Protection (NAP) is a health policy creation, enforcement,
and remediation technology that is included in Windows Vista and Windows Server
2008. With NAP, system administrators can enforce health requirements, which can
include software requirements, security update requirements, required computer
configurations, and other settings.
Dynamic Host Configuration Protocol (DHCP) enforcement includes a DHCP
NAP enforcement server component and a DHCP NAP enforcement client
component. By using DHCP enforcement, DHCP servers can enforce health policy
requirements any time a computer attempts to lease or renew an IP address
configuration on the network. DHCP enforcement is the easiest enforcement to
deploy because all DHCP client computers must lease IP addresses.
DHCP NAP requires proper NPS/RADIUS configuration.

2. DHCP Scopes
A Dynamic Host Configuration Protocol (DHCP) scope is the consecutive
range of possible IP addresses that the DHCP server can lease to clients on a
subnet. Scopes typically define a single physical subnet on your network to which
DHCP services are offered. Scopes are the primary way for the DHCP server to
manage distribution and assignment of IP addresses and any related configuration
parameters to DHCP clients on the network.

Managed Entities:

A. DHCP BOOTP Configuration

The Bootstrap Protocol (BOOTP) is a host configuration protocol
developed before Dynamic Host Configuration Protocol (DHCP). DHCP

148
improves on BOOTP and resolves its limitations as a host configuration
service.
The BOOTP service can request Internet Protocol (IP) addresses for
BOOTP clients from the DHCP server. If the DHCP server cannot provide IP
addresses, the BOOTP service might not function correctly.

B. DHCP Client Option Configuration

Dynamic Host Configuration Protocol (DHCP) uses options to pass
additional Internet Protocol (IP) settings to DHCP clients on a network.
Examples of DHCP options include:
● The default gateway IP address
● The Domain Name System (DNS) server IP address
● The DNS domain name
You can configure options for an entire server, a scope, or for a single
reserved client. If the server does not recognize the options sent by the client,
it ignores the options.

C. DHCP Lease Availability

Internet Protocol (IP) addresses are leased by the Dynamic Host
Configuration Protocol (DHCP) server to its clients. Each lease has an
expiration date, which the client must renew if it is going to continue to use
that IP address. The DHCP server cannot issue leases to clients if the number
of available IP addresses in the scope is insufficient.

D. DHCP Scope Configuration

Before Dynamic Host Configuration Protocol (DHCP) clients can use a
DHCP server for dynamic Transmission Control Protocol/Internet Protocol
(TCP/IP) configuration, you must define and activate scopes for your DHCP
clients. A scope is the full, consecutive range of possible Internet Protocol (IP)
addresses for a subnet. The IP addresses in a scope defines a single subnet
on which DHCP services are offered. DHCP servers use scopes to manage
network IP address distribution and the configuration of DHCP options.

149
3. DHCP Runtime
Dynamic Host Configuration Protocol (DHCP) runtime includes normal
operating functions of the DHCP server. Examples of these functions include lease
issuance and rogue detection.
Managed Entities:
Name Description

Audit Logging Dynamic Host Configuration Protocol (DHCP) servers include

several logging features and server parameters that provide
enhanced auditing capabilities. You can specify the following
features:

● The file path in which the DHCP server stores audit log
files. DHCP audit logs are located by default at
%windir%\System32\Dhcp.
● A maximum size restriction (in megabytes) for the total
amount of disk space available for all audit log files
created and stored by the DHCP service.
● An interval for disk checking that is used to determine
how many times the DHCP server writes audit log events
to the log file before checking for available disk space on
the server.
● A minimum size requirement (in megabytes) for server
disk space that is used during disk checking to determine
if sufficient space exists for the server to continue audit
logging.

Authorization When configured correctly and authorized for use on a network,

and Conflicts Dynamic Host Configuration Protocol (DHCP) servers provide a
useful administrative service. However, a misconfigured or
unauthorized DHCP server can cause problems. For example, if
an unauthorized DHCP server starts, it might begin either
leasing incorrect IP addresses to clients or negatively

150
 acknowledging DHCP clients that attempt to renew current IP
address leases.

To resolve these issues, DHCP servers are verified as

authorized in Active Directory Domain Services before they can
service clients. This prevents most of the accidental damage
caused by either misconfigured DHCP servers or correctly
configured DHCP servers running on the wrong network.

Backup/Restor Maintaining a backup of the Dynamic Host Configuration

e Protocol (DHCP) database protects you from data loss in the
event of data corruption or a hard disk failure.

There are three backup methods supported by the DHCP

Server service:

● Synchronous backups that occur automatically. The

default backup interval is 60 minutes.
● Asynchronous (manual) backups, performed by using the
Backup command in the DHCP snap-in.
● Backups using Windows Backup (Ntbackup.exe) or other
backup software.

When a synchronous or asynchronous backup occurs, the entire

DHCP database is saved.

BOOTP Boot The Bootstrap Protocol (BOOTP) is a host configuration protocol

File developed before Dynamic Host Configuration Protocol (DHCP).
Configuration DHCP improves on BOOTP and resolves its limitations as a
host configuration service.

To configure your DHCP server to assign Internet Protocol (IP)

address information to BOOTP clients, you must add a
reservation for each BOOTP client. The reservation builds an
151
 association between the media access control (MAC) address
and the IP address

General General availability of the Dynamic Host Configuration Protocol

Availability (DHCP) server refers to its ability to service clients. General
availability depends on:

● Proper authorization of the DHCP server

● Presence of Active Directory Domain Services
● Successful loading of the DHCP dynamic-link libraries
(DLLs)

Lease Internet Protocol (IP) addresses are leased by the Dynamic

Issuance Host Configuration Protocol (DHCP) server to its clients. Each
lease has an expiration date, which the client must renew if it is
going to continue to use that IP address. If conflict detection is
enabled, the DHCP server pings the client before assigning the
IP address to determine whether an IP address is already in use
on the network.

If the DHCP client cannot be pinged by the server, the server

assumes no IP address conflict and assigns the IP address to
the client.

Server Active For proper authorization and operation, the Dynamic Host
Directory Configuration Protocol (DHCP) server relies on a valid Active
Availability Directory Domain Services configuration. The DHCP server
must find a valid directory services-enabled domain controller.

Server For proper network communication between the Dynamic Host

Communication Configuration Protocol (DHCP) server and other network
services, such as Active Directory Domain Services and
Winsock, the DHCP server must have a working network
connection.

152
Server DNS You can configure the Dynamic Host Configuration Protocol
Registration (DHCP) Server service to impersonate an account to perform
Domain Name service (DNS) registrations and secure dynamic
updates. The Netsh.exe tool can be used to configure the
impersonation credentials. You must create a dedicated user
account in Active Directory Domain Services before you use the
Netsh.exe tool to configure the use of impersonation credentials.

Server When the network interfaces or Internet Protocol (IP) addresses

Interface with which the Dynamic Host Configuration Protocol (DHCP)
Change server is configured are changed, the server might not
Notification recognize these changes, and the interfaces might not function
correctly.

Server Rogue When configured correctly and authorized for use on a network,
Detection Dynamic Host Configuration Protocol (DHCP) servers provide a
useful administrative service. However, a misconfigured or
unauthorized DHCP server can cause problems. For example, if
an unauthorized DHCP server starts, it might begin either
leasing incorrect IP addresses to clients or negatively
acknowledging DHCP clients that attempt to renew current
address leases.

To resolve these issues, DHCP servers are verified as

authorized in Active Directory Domain Services before they can
service clients and unauthorized, or rogue, servers are detected.
This prevents most of the accidental damage caused by either
misconfigured DHCP servers or correctly configured DHCP
servers running on the wrong network.

Service When the Dynamic Host Configuration Protocol (DHCP) Server

Initialization service initializes, it checks for proper configuration of
Transmission Control Protocol/Internet Protocol (TCP/IP),
including the presence of a static IP address. Successful

153
 initialization results when the DHCP server has established
network communication by using TCP/IP.

Users Group To function properly, the Dynamic Host Configuration Protocol

Configuration (DHCP) service must be able to create or look up the DHCP
Users and DHCP Administrators local groups.

4. DHCP Database
The Dynamic Host Configuration Protocol (DHCP) service database is a
dynamic database that is updated as DHCP clients are assigned or as they release
their TCP/IP configuration parameters.
The DHCP server database can be backed up and restored, or migrated to
another server.

5. DHCPv6 Service
The Dynamic Host Configuration Protocol version 6 (DHCPv6) Server service
is a process that runs in the background on a computer running Windows Server and
that provides Internet Protocol version 6 (IPv6) addresses to clients.

DHCPv6 Lease Availability

A Dynamic Host Configuration Protocol version 6 (DHCPv6) scope consists of
a pool of IPv6 addresses on a specific subnet that the DHCP server can lease to
clients. If there are more clients requesting IP addresses than are available in the
DHCP scope, you either need to add a sufficient number of IP addresses to the
scope or configure shorter lease times.

6. DHCPv6 Runtime
Dynamic Host Configuration Protocol version 6 (DHCPv6) runtime includes
normal operating functions of the DHCPv6 server. Examples of these functions
include lease issuance and rogue detection.

DHCPv6 Scopes
A Dynamic Host Configuration Protocol version 6 (DHCPv6) scope is the
consecutive range of possible IPv6 addresses that the DHCP server can lease to

154
clients on a subnet. Scopes typically define a single physical subnet on your network
to which DHCP services are offered. Scopes are the primary way for the DHCP
server to manage distribution and assignment of IP addresses and any related
configuration parameters to DHCP clients on the network.

DHCP Client
With a DHCP server installed and configured on your network,
DHCP-enabled clients can obtain their IP address and related configuration
parameters dynamically each time they start and join your network. DHCP
servers provide this configuration in the form of an address-lease offer to
requesting clients.

DHCP Client Address Conflicts

Dynamic Host Configuration Protocol (DHCP) operates on a lease
renewal basis. During the leasing process, IP address conflicts can occur as
leases are renewed and expired. Client lease requests might be denied by the
server for invalid (out of pool) or duplicate IP addresses. Multiple IP address
conflict messages can indicate that your lease period, your scope, or both,
need adjustment in your DHCP server configuration.

DHCP Client Configuration

Each time a DHCP client starts, it requests IP configuration information
from a DHCP server including:
● IP address
● Subnet mask
● Additional configuration parameters, such as a default gateway
address, Domain Name System (DNS) server addresses, a DNS
domain name, and Windows Internet Name Service (WINS) server
addresses

DHCP Deployment Design Goal: Allocating IP Addresses

155
 DHCP enables the allocation of IP addresses to client computers and other
devices in enterprise environments.

If you look at your installed base of TCP/IP devices, you can roughly separate
them into three categories:

✔ Network devices: These include routers, firewalls, and switches.

✔ Servers: Computers that provide services to other computers.

✔ Clients: Computers that consume services provided by the servers.

Each of these devices needs an IP address to be fully functional. However, the

method for allocating addresses to these devices can differ, depending on the
category of the device.

The most widely deployed version of Internet Protocol (IP) is ​IP version 4​, which
defines an addressing scheme based on 32-bit addresses. Each address includes a
network/subnet address component and an individual host address component;
therefore, there are practical limitations to the numbers of addresses available. If all
IP devices were required to have a globally unique IP address, the available pool of
addresses would have run out long ago. Class C IP addresses, for example, have 24
bits reserved for network ID, which means that there are approximately 16 million
network IDs available. This might seem like a lot of IDs, but each of them can have
only 254 possible hosts on it (because there are only 8 bits left for host IDs).

Given the limitations of providing globally unique IP addresses, most enterprise

networks use private IP addressing within the organization. The private IP address
space is defined as three sets of IP addresses set aside by the Internet Assigned
Numbers Authority (IANA) and is specified in RFC 1918.

The reserved IP ranges are:

156
 ▪ 10.0.0.1 through 10.255.255.254
▪ 172.16.0.1 through 172.31.255.254
▪ 192.168.0.1 through 192.168.255.254

Private addressing schemes are typically used in conjunction with technologies

such as network address translation (NAT), which allows hosts with private
addresses to access external services through proxy devices. NAT works by
temporarily allocating a real registered address for the duration of a given session
only.

If you need to use registered IP addresses for public devices, it is crucial that you
do not waste addresses on unused hosts. However, even if you are using private
addressing within the organization, your addressing scheme might require you to
reuse addresses where possible. For this reason, an IP address allocation and
management solution is required.

DHCP Hardware Requirements

A manually configured IP allocation scheme requires planning documents,

lists of addresses to assign, and a method for recording addresses in use. This
information must be updated and kept accurate for as long as the method is used;
this includes keeping track of all network configuration changes that occur during the
lifetime of the service.

If you intend to use an automated IP allocation scheme, you will need at least
one computer that meets the hardware requirements of the operating system and the
allocation software package you choose. Regardless of the software package, the
service will be more responsive with the addition of RAM and a faster disk
subsystem to the host computer.

The minimum hardware requirement for the DHCP service in Windows Server
2008 is a Class 1 server for both member and clustered DHCP server roles; the

157
clustered servers require extra hardware for clustering. The following table provides
the basic hardware requirements for this server type.

Component Type Component Configuration

Processor Two processors, 700 megahertz (MHz) to 1.6 gigahertz

(GHz).

Memory 256 megabytes (MB) to 2 gigabytes (GB). The minimum

memory requirement includes the base requirement for
Windows Server 2008 and an additional 128 MB for the
DHCP service.

Local storage Drive controller: SCSI 3

Hard disks: 30-36 GB

Hard disk bays: 2-4

Network adapter Two 10/100 Fast Ethernet adapters supporting PXE

(Pre-boot Execution Environment).

The following table provides the additional components required by the clustered
DHCP servers.

Component Type Component Configuration

Network adapter Three network adapter ports:

▪ Two configured in a fault-tolerant NIC team.

▪ One used for cluster heartbeat (single port network
adapter).

Host bus Two host bus adapters configured for fault tolerance and
adapters connected to the SAN.

Local storage RAID 1 (mirrored) drive hosting the operating system.

158
SAN attached RAID 1 (mirrored) drive hosting the Quorum drive for the
storage cluster set and the DHCP database drive.

The amount of RAM and hard disk specification (disk spindles/speed) are the critical
hardware elements; processor speed is not as important.

To install the DHCP Server follow these steps:

1. Open Server Manager. Click Add Roles, to open Add Roles Wizard.

159
2. Check DHCP Server in the Add Roles Wizard, click Next.

Take note that the ADDS and DNS can be installed together with the DHCP
Server.

3. The DHCP informational screen appears. Read it and click Next.

160
4. The Select Network Connection Bindings screen appears. Keep the static IP
address selected and click Next.

5. The Specify IPv4 DNS Server Setting screen appears.

161
6. Validate the Preferred DNS server IPv4 address, click Next.

7. The Specify IPV4 WINS Server Settings screen appears. Retain the default
option. Click Next.

162
8. The Add or Edit DHCP Scopes screen appears. Click Add.

9. The Add Scope screen appears. Activate this scope.

163
10. Enter the scope name, starting IP address, ending IP address, subnet type,
subnet mask, and default gateway. Click OK.

164
11. You return to the Add or Edit DHCP Scopes screen, with the scope in place.
Click Next.

12. The Configure DHCPv6 Stateless Mode screen appears. Select ​Disable
DHCPv6 stateless mode for this server. Click Next.

165
13. The Specify IPv6 Server Settings screen appears. Accept the defaults and click
Next.

14. The Authorize DHCP Server screen appears. Select User current credentials.
Click Next.

166
15. The installation runs and the Installation Progress screen appears.

16. The installation completes and the Installation Results screen appears. Close and
Reboot.

167
Direction: Choose the correct answer from the given options. Write your answers on
a separate sheet of pad paper.

A. Backup/Restore
B. Bootstrap Protocol
C. Database
D. DHCP Client
E. DHCP Service Initialization
F. DHCPv6 Scope

168
 G. DHCPv6 Service
H. Dynamic Host Configuration Protocol
I. Dynamic Host Configuration Protocol (DHCP) server
J. IPv4
K. Lease Availability
L. NAP Components
M. Reservation
N. Runtime
O. Scope

1. The full consecutive range of possible IP addresses for a network. Scopes

typically define a single physical subnet on your network to which DHCP services
are offered.
2. IP standard for simplifying management of host IP configuration.
3. Service that holds information about available IP addresses and related
configuration information, as defined by the DHCP administrator, and responds to
requests from DHCP clients.
4. System administrators can enforce health requirements, which can include
software requirements, security update requirements, required computer
configurations, and other settings.
5. Host configuration protocol developed before Dynamic Host Configuration
Protocol.
6. Has an expiration date, which the client must renew if it is going to continue to
use that IP address.
7. Includes normal operating functions of the DHCP server.
8. Protect the database from data loss in the event of data corruption or a hard disk
failure.
9. Dynamic structure that is updated as DHCP clients are assigned or as they
release their TCP/IP configuration parameters.
10. Process that runs in the background on a computer running Windows Server and
that provides Internet Protocol version 6 (IPv6) addresses to clients.
11. Consecutive range of possible IPv6 addresses that the DHCP server can lease to
clients on a subnet.

169
12. Requests IP configuration information from a DHCP server.
13. Most widely deployed version of Internet Protocol which defines an addressing
scheme based on 32-bit addresses.
14. Used to create a permanent address lease assignment by the DHCP server.
15. Checks for proper configuration of Transmission Control Protocol/Internet
Protocol (TCP/IP), including the presence of a static IP address.

Directions: Arrange the procedures in their proper order. Write the letter of the
correct answer on a separate sheet of paper.

1.
2.
3.
4.
5.
6.
7.
8.
9.
170
 10.
11.
12.
13.
14.
15.

Direction: Find as much as 15 terminologies related to Dynamic Host Configuration

Protocol. List the words you get on a separate sheet of paper.

P E N O K T N C T S P B G I G L R J J J
E K W O N P W M T K R E C I V R E S P X
I C F E I K D N J S O D Q Y Y Y T H C C
X C I D A T E E F C T H H O S F R C S N
T L B D M N A Q K J O D T A U C H F Z G
C D E C O I V Z N X C N Y T V K O A E T
L T O P D A D F I B O S E R V E R P Q Y
K Q M H Y H U N Q L L H F I F D D M E J
171
 X O G B C B W O R K A O E L V C P H L M
C T V P F A R I L S O I M B L B U K N M
R N K I B E T T E P M S T O E Z K R O X
Y S F W S J Q A A Z K D O I V J C K F E
R R F T B O Q V S E O R A G N J A I Q P
S H O W T V J R E P M X U T R I B R F O
L R E E H S J E B Q R I M U A P V I T I
E V T H M F L S D O S C T A Q B J P Z I
R V L B T F R E J E B S S N Y S A I K I
E G W N A R Z R F I D V I C U J R S M W
R D B L L S Z A W B O O T S T R A P E I
R M Z M B D X H B H L A D M S U I V H L

Direction: Answer the following questions on a separate sheet of paper.

1. Discuss the difference between DHCP Server and DHCP Client. (6 points)

2. Discuss the difference between IPv4 and IPv6? (6 points)

3. What is the importance of DHCP Scope? (2 points)

4. What is the importance of DHCP Lease Availability? (3 points)

172
 5. What is the importance of DHCP Database? (3 points)

Learning Objectives
At the end of the lesson, the learner must be able to:
a. Identify file services
b. Select file services
c. Install files services role

A file server provides a central location on your network where you can store
files and share them with users across your network. When users require an
important file that is intended to be accessed by many users, such as a project plan,

173
they can access the file remotely on the file server instead of having to pass the file
between their separate computers.
If your network users need access to the same file and applications, or if
centralized backup and file management are important to your organization, you
should configure this computer as a file server by adding the File Services role.

The following topics provide information about using File Services snap-ins.
● DFS Management
● Disk Management
● File Server Resource Manager
● Removable Storage: Welcome
● Services for Network File System
● Shadow Copies of Shared Folders
● Share and Storage Management
● Shared Folders
● Storage Explorer
● Storage Manager for SANs

❖ DFS Management

Distributed File System is implemented as a role service of the File Services

role and consists of the following role services:
● DFS Namespaces
● DFS Replication

To manage DFS Namespaces and DFS Replication, you can use the DFS
Management snap-in hosted by Server Manager, or you can use the DFS
Management snap-in from the Administrative Tools folder. Or you can use command
prompt tools, as discussed later in this topic.

174
 To manage Distributed File System from a command prompt you can use the
DfsUtil, DfsCmd, DfsrAdmin, and DfsrDiag commands or write scripts that use
Windows Management Instrumentation (WMI).

Role service descriptions

DFS Namespaces and DFS Replication are role services in the File and
Storage Services role.

DFS Namespaces Enables you to group shared folders that are located on
different servers into one or more logically structured namespaces. Each namespace
appears to users as a single shared folder with a series of subfolders. However, the
underlying structure of the namespace can consist of numerous file shares that are
located on different servers and in multiple sites.

DFS Replication Enables you to efficiently replicate folders (including those

referred to by a DFS namespace path) across multiple servers and sites. DFS
Replication uses a compression algorithm known as remote differential compression
(RDC). RDC detects changes to the data in a file, and it enables DFS Replication to
replicate only the changed file blocks instead of the entire file.

Practical applications
You can use DFS Namespaces and DFS Replication to achieve the following
goals:

DFS Namespaces Provide users with a centralized folder namespace

through which to access and store files. You can host the underlying file shares on
different servers and in different sites to improve availability and performance.

DFS Replication Synchronize folder contents efficiently between servers,

across LAN or WAN network connections.

❖ Disk Management

175
 Disk Management is a system utility for managing hard disks and the volumes or
partitions that they contain. With Disk Management, you can initialize disks, create
volumes, and format volumes with the FAT, FAT32, or NTFS file systems. Disk
Management enables you to perform most disk-related tasks without restarting the
system or interrupting users. Most configuration changes take effect immediately.

In this version of Windows, Disk Management provides the same features you
may already be familiar with from earlier versions, but also adds some new features:
​ hen you right-click a volume, you can choose
● Simpler partition creation. W
whether to create a basic, spanned, or striped partition directly from the menu.
● Disk conversion options. When you add more than four partitions to a basic
disk, you are prompted to convert the disk to dynamic or to the GUID partition
table (GPT) partition style.
● Extend and shrink partitions. You can extend and shrink partitions directly
from the Windows interface.

❖ File Server Resource Manager

File Server Resource Manager is a suite of tools for Windows Server® 2008 that
allows administrators to understand, control, and manage the quantity and type of
data that is stored on their servers. By using File Server Resource Manager,
administrators can place quotas on folders and volumes, actively screen files, and
generate comprehensive storage reports. This set of advanced instruments not only
helps the administrator efficiently monitor existing storage resources, but it also aids
in the planning and implementation of future policy changes.

❖ Removable Storage

You can use Removable Storage to easily track your removable storage media
(tapes and optical disks) and to manage the libraries that contain them (such as
changers and jukeboxes).

176
Removable Storage does the following:
● Labels, catalogs, and tracks media.
● Controls library drives, slots, and doors.
● Provides drive-cleaning operations.

This component works with your data-management programs, such as Backup.

You use data-management programs to manage the actual data stored on the
media. Removable Storage makes it possible for multiple programs to share the
same storage media resources, which can reduce your costs.

Removable Storage organizes all the media in your libraries into different media
pools. It also moves media between media pools in order to provide the amount of
data storage your applications require.

Removable Storage does not provide volume management, such as for media
siding or striping. Also, Removable Storage does not provide file management, such
as for data backup or disk-extender operations. These services are provided by
data-management applications such as Backup or Remote Storage.

You must run all your data-management programs on the same computer that
connects to your library. Removable Storage does not support multiple
data-management programs running on different computers that are connected to
the same library.

❖ Services for Network File System

Services for Network File System (NFS) provides a file sharing solution for
enterprises that have a mixed Windows and UNIX environment. With Services for
NFS, you can transfer files between computers running Windows Server 2008 and
UNIX operating systems using the NFS protocol.

Services for NFS includes the following improvements:

177
 ● Active Directory Lookup​. The Identity Management for UNIX Active Directory
schema extension includes UNIX user identifier (UID) and group identifier
(GID) fields. This enables Server for NFS and Client for NFS to look up
Windows-to-UNIX user account mappings directly from Active Directory
Domain Services. Identity Management for UNIX simplifies Windows-to-UNIX
user account mapping management in Active Directory Domain Services.
● 64-bit support​. You can install Services for NFS components on all editions of
Windows Server 2008, including 64-bit editions.
● Enhanced server performance.​ Services for NFS includes a file filter driver,
which significantly reduces common server file access latencies.
● Unix special device support​. Services for NFS supports UNIX special devices
(mknod).
● Enhanced Unix support.​ Services for NFS supports the following versions of
UNIX: Sun Microsystems Solaris version 9, Red Hat Linux version 9, IBM AIX
version 5L 5.2, and Hewlett Packard HP-UX version 11i.

❖ Shadow Copies of Shared Folders

Shadow Copies of Shared Folders provides point-in-time copies of files that

are located on shared resources, such as a file server. With Shadow Copies of
Shared Folders, users can view shared files and folders as they existed at points of
time in the past. Accessing previous versions of files, or shadow copies, is useful
because users can:
● Recover files that were accidentally deleted. If you accidentally delete a file,
you can open a previous version and copy it to a safe location.
● Recover from accidentally overwriting a file. If you accidentally overwrite a file,
you can recover a previous version of the file.
● Compare versions of a file while working. You can use previous versions
when you want to check what has changed between two versions of a file.

❖ Share and Storage Management

178
 Share and Storage Management provides a centralized location for you to
manage two important server resources:
● Folders and volumes that are shared on the network
● Volumes in disks and storage subsystems

Shared resources management

You can share the content of folders and volumes on your server over the
network using the Provision a Shared Folder Wizard, which is available in Share and
Storage Management. This wizard guides you through the necessary steps to share
a folder or volume and assign all applicable properties to it. With the wizard, you can:
● Specify the folder or volume that you want to share or create a new folder
to share.
● Specify the network sharing protocol used to access the shared resource.
● Change the local NTFS permissions for the folder or volume you will be
sharing.
● Specify the share access permissions, user limits, and offline access to
files in the shared resource.
● Publish the shared resource to a Distributed File System (DFS)
namespace.
● If Services for Network File System (NFS) has been installed, specify
NFS-based access permissions for the shared resource.
● If File Server Resource Manager is installed on your server, apply storage
quotas to the new shared resource, and create file screens to limit the type
of files that can be stored in it.

Using Share and Storage Management, you can also monitor and modify
important aspects of your new and existing shared resources. You can:
● Stop the sharing of a folder or volume.
● Change the local NTFS permissions for a folder or volume.
● Change the share access permissions, offline availability, and other
properties of a shared resource.
● See which users are currently accessing a folder or a file and disconnect a
user if necessary.

179
 If Services for Network File System (NFS) has been installed, change the
NFS-based access permissions for a shared resource.

❖ Shared Folders

You can use the Shared Folders Microsoft Management Console (MMC)
snap-in to centrally manage file shares on a computer. Shared Folders enables you
to create file shares and set permissions, as well as view and manage open files and
users connected to file shares on the computer.
● Share a Folder or Drive
● Stop Sharing a Folder or Drive
● Close an Open File
● Disconnect a User
● Set Permissions for Shared Folders
● Set Caching Options for Shared Folders
● Limit the Number of Users of a Shared Folder
● Understanding Shared Folders and the Windows Firewall
● Troubleshooting Shared Folders

❖ Storage Explorer

With Storage Explorer, you can view and manage the Fibre Channel and
iSCSI fabrics that are available in your storage area network (SAN).

A fabric is a network topology where devices are connected to each other

through one or more high-efficiency data paths. In the case of a Fibre Channel
fabric, the network includes one or more Fibre Channel switches that allow servers
and storage devices to connect to each other through virtual point-to-point
connections. For iSCSI fabrics, the network includes one or more Internet Storage
Name Service (iSNS) servers that provide discoverability and partitioning of
resources.

180
 Storage Explorer can display detailed information about servers connected to
the SAN, as well as components in the fabrics such as host bus adapters (HBAs),
Fibre Channel switches, and iSCSI initiators and targets.

You can also perform many administrative tasks on an iSCSI fabric—for

example, you can log on to iSCSI targets, configure iSCSI security, add iSCSI target
portals, add iSNS servers, and manage Discovery Domains and Discovery Domain
Sets.

❖ Storage Manager for SANs

Storage Manager for SANs helps you create and manage logical unit
numbers (LUNs) on Fibre Channel and iSCSI disk drive subsystems that support
Virtual Disk Service (VDS) in your storage area network (SAN).

A LUN is a logical reference to a portion of a storage subsystem. A LUN can

comprise a disk, a section of a disk, a whole disk array, or a section of a disk array in
the subsystem. Using LUNs simplifies the management of storage resources in your
SAN because they serve as logical identifiers through which you can assign access
and control privileges.

To install the File Server follow these steps:

1. Log on to the Windows Server 2008 R2 system with an account with

administrator privileges.
2. Click Start, click All Programs, click Administrative Tools, and select Server
Manager.

181
3. In the tree pane, click on the Roles node or In the tasks pane, click on the Add
Roles link.

4. When the Add Roles Wizard window opens, read the information on the Before
You Begin page and if the system meets the recommendations to have a strong
administrator password, static IP address, and be updated with the latest
Windows security updates, click Next to continue.

182
5. On the Select Server Roles page, check the File Services check box, and click
Next to continue.

183
6. The next page provides a short introduction to the File Services role and notes
the fact that the Windows Search Service and the indexing service cannot be
installed on the same system. Click Next to continue with the installation of the
File Services role.
The Role Services page enables administrators to select which File Services role
services will be installed on the system. The File Server service is selected by
default. After checking the desired services, click Next to continue.

7. The Confirm Installation Selections page enables the administrator to review the
chosen settings. After confirming that the settings are correct, click Install to
install and configure the services and tools chosen.

184
8. Wait for the Installation Progress

185
9. Review the Installation Results if the Files Services selected was successfully
installed.

10. View and configure File Services in the Server Manager.

186
Direction: Identify the following terms. Choose the best answer form the given
choices. Write your answer on a separate sheet of paper.

A. Share and Storage E. File services

Management F. File server resource manager
B. Shadow Copies of Shared G. File server
Folders H. Disk management
C. Services for Network File I. DFS REPLICATION
System J. DFS NAMESPACE
D. Removable storage

1. Provides a central location on your network where you can store files and
share them with users across your network.
2. Used to configure the computer as a file server.
3. Enable to group shared folders into one locally structured location.
4. Efficiently duplicate folders across multiple servers and sites.
5. System utility for managing hard disks and the volumes or partitions that they
contain.
6. Suite of tools for Windows Server® 2008 that allows administrators to
understand, control, and manage the quantity and type of data that is stored
on their servers.
7. Easily track your removable storage media and to manage the libraries it
contains.
8. Provides a file sharing solution for enterprises that have a mixed Windows
and UNIX environment

187
 9. Provides point-in-time copies of files that are located on shared resources,
such as a file server.
10. Provides a centralized location for you to manage two important server
resources.

Directions: Arrange the procedures in their proper order. Write the letter of the
correct answer on a separate sheet of paper.

1.
2.
3.
4.
5.
6.
7.
8.
9.
10.

188
Direction: Answer the following questions on a separate sheet of paper.

1. Differentiate the functions of each file system: FAT, FAT32, NTFS. (6 points)

2. Differentiate the partitions styles: MBR, GPT. (4 points)

3. Enumerate features of Disk Management. (5 points)

4. Enumerate the functions of Removable Storage. (5 points)

189
Learning Objectives
At the end of the lesson, the learner must be able to:
a. Identify print services
b. Manage print service
c. Install Print and Document Services Role

Print Services in Windows Vista and Windows Server 2008 enables you to
share printers on a network and centralize print server and network printer
management tasks by using the Print Management Microsoft Management Console
(MMC) snap-in.

The following sections provide more information about Print Services:

● Tools for managing a print server
● Print Services role services

Tools for managing a print server

There are two primary tools that you can use to administer a Windows print

server: Server Manager and Print Management. On Windows Server 2008, you can

use Server Manager to install the Print Services server role, optional role services,

and features. Server Manager also displays print-related events from Event Viewer

190
and includes an instance of the Print Management snap-in, which can administer the

local server only.

The Print Management snap-in is available in the Administrative Tools folder

on computers running Windows Vista Business, Windows Vista Enterprise, Windows

Vista Ultimate and Windows Server 2008. You can use it to install, view, and

manage all of the printers and Windows print servers in your organization.

Print Management provides current details about the status of printers and

print servers on the network. You can use Print Management to install printer

connections to a group of client computers simultaneously and to monitor print

queues remotely. Print Management can help you find printers that have an error

condition by using filters. It can also send e-mail notifications or run scripts when a

printer or print server needs attention. On printers that provide a Web-based

management interface, Print Management can display more data, such as toner and

paper levels.

Note

To manage a remote print server, you must be a member of the Print Operators or

Server Operators groups, or the local Administrators group on the remote print

server. You do not need these credentials to monitor remote print servers, though

some functionality will be disabled.

Print and Document Services

191
 Print and Document Services is a role in Server Manager that enables you to

share printers and scanners on a network, setup print servers and scan servers, and

centralize network printer and scanner management tasks by using the Print

Management and Scan Management Microsoft Console (MMC) snap-ins

respectively. Print management helps you monitor print queues and receive

notifications when print queues stop processing print jobs. It also enables you to

migrate print servers and to deploy printer connection using Group Policy (to be

discussed to next lessons). Scan management enable you to monitor network

scanners and scan servers, process scanned documents and then route them to

network folders, Windows SharePoint Web sites, and to email recipients.

The Print and Document Services role in Windows Server 2008 R2 includes

three role services:

● Print Server

● LPD Service

● Internet Printing

Together, these role services provide all of the functionality of a Windows print

server. You can add these role services while you are installing the Print Services

role using the Add Roles Wizard of Server Manager. Or you can install them at a

later time by using the Add Role Services Wizard of Server Manager.

Print Server

Print Server is a required role service of the Print Services role. It adds the Print

Services role to Server Manager, and it installs the Print Management snap-in. Print

192
Management is used for managing multiple printers or print servers and migrating

printers to and from other Windows print servers. After you share a printer, Windows

enables the File and Printer sharing exception in Windows Firewall with Advanced

Security.

LPD Service

The Line Printer Daemon (LPD) Service installs and starts the TCP/IP Print Server

(LPDSVC) service, which enables UNIX-based computers or other computers that

are using the Line Printer Remote (LPR) service to print to shared printers on this

server. It also creates an inbound exception for port 515 in Windows Firewall with

Advanced Security.

No configuration is necessary for this service. However, if you stop or restart the

Print Spooler service, the TCP/IP Print Server service is also stopped, and it is not

automatically restarted.

To use a computer that is running Windows Vista or Windows Server 2008 to print to

a printer or print server that uses the LPD protocol, you can use the Network Printer

Installation wizard and a Standard TCP/IP printer port. However you must install the

Line Printer Remote (LPR) Port Monitor feature to print to a UNIX print server. To do

so, use one of the following methods:

● In Windows Vista: in Control Panel, click Programs and Features, click Turn

Windows features on or off, expand Print Services, select the LPR Port

Monitor check box, and then click OK.

193
 ● In Windows Server 2008: in Server Manager, click Add Features, select the

LPR Port Monitor check box, and then click OK.

Internet Printing

The Internet Printing role service in Windows Server 2008 creates a Web site hosted

by Internet Information Services (IIS). This Web site enables users to:

● Manage print jobs on the server.

● Use a Web browser to connect and print to shared printers on this server by

using the Internet Printing Protocol (IPP). (Users must have Internet Printing

Client installed.)

To manage a server by using the Web site created by Internet Printing, open a Web

browser and navigate to http://servername/printers, where server name is the UNC

path of the print server.

The ​Universal Naming Convention is the naming system used in Microsoft Windows for
accessing shared network folders and printers on a local area network.
Support for working with UNC paths in Unix and other operating systems use cross-platform
file sharing technologies like Samba.
UNC Name Syntax
UNC names identify network resources using a specific notation. These names
consist of three parts: a host device name, a share name, and an optional file path.

The Host-Name Section

The host-name portion of a UNC name can consist of either a ​network name string
set by an administrator and maintained by a network naming service like ​DNS or ​WINS​, or by
an ​IP address​. These hostnames normally refer to either a Windows PC or a
Windows-compatible printer.
The Share-Name Section

194
 The share-name portion of a UNC pathname references a label created by an
administrator or, in some cases, within the operating system. In most versions of Microsoft
Windows, the built-in share name admin$ refers to the ​root directory of the operating system
installation—usually C:\Windows but sometimes C:\\WINDOWS. UNC paths do not include
Windows driver letters, only a label that may reference a particular drive.
The File_Path Section
The file_path portion of a UNC name references a local subdirectory beneath the
share section. This part of the path is optional. When no file_path is specified, the UNC path
simply points to the top-level folder of the share. The file_path must be absolute. Relative
paths are not allowed.

To install the Internet Printing Client, use one of the following methods:

● In Windows Vista: in Control Panel, click Programs and Features, click Turn

Windows features on or off, expand Print Services, select the Internet Printing

Client check box, and then click OK.

● In Windows Server 2008: in Server Manager, click Add Features, select the

Internet Printing Client check box, and then click OK.

195
To install the Print Services server role with the Print Server and Internet Printing

role services follow these steps:

1. In Server Manager, right click Roles and select Add Roles, this will load the

Add Roles Wizard.

196
2. On the Before You Begin page, click Next.

3. On the Server Roles page, select the Print Services check box and click Next.

197
4. On the Print Services page, click Next.

198
5. On the Select Role Services page, select the Print Server and Internet

Printing check boxes, and click Next.

6. On the Confirmation page, click Install.

199
7. Wait for Installation Progress.

8. On the Results page, click Close.

200
Direction: Choose the correct answer from the given options. Write your answer on a

separate sheet of paper.

A. File path G. Print Management

B. Host-name H. Print Server
C. Internet Printing I. Print Services
D. Line Printer Daemon Service J. UNC path
E. Name Syntax
F. Print and Document
Services

201
1. Enables you to share printers on a network and centralize print server and

network printer management tasks by using the Print Management Microsoft

Management Console (MMC) snap-in.

2. Helps you monitor print queues and receive notifications when print queues

stop processing print jobs.

3. Role in Server Manager that enables you to share printers and scanners on a

network, setup print servers and scan servers, and centralize network printer

and scanner management tasks by using the Print Management and Scan

Management Microsoft Console (MMC) snap-ins respectively.

4. Required role service of the Print Services role.

5. Installs and starts the TCP/IP Print Server (LPDSVC) service, which enables

UNIX-based computers or other computers that are using the Line Printer

Remote (LPR) service to print to shared printers on this server.

6. Creates a Web site hosted by Internet Information Services

7. Naming system used in Microsoft Windows for accessing shared network

folders and printers on a local area network.

8. Identify network resources using a specific notation.

9. Consist of either a network name string set by an administrator and

maintained by a network naming service like DNS or WINS, or by an IP

address.

10. References a local subdirectory beneath the share section.

202
Direction: Find as much as 10 words in the word search puzzle. Write your answers

on a separate sheet of paper.

M E S Z E J B D K G T R H Z K
P X C L O T S F C N D E R H F
X R I I G G K D E N A T X Q F
G F I L V U V M T T I N G L C

203
 P I L N P R U N E S N I V S B
M Y M A T C E N L F N R W B B
B A T W O I R S F L W P D Z S
E H N D Z E N X J Z I S Q G Z
W E X A T K A G W T O G Y T C
P I O N G T V A T O T B D B X
W G I G N E Z D J S L X T I L
O E H Y B O M E M Y O U Y A Y
Y E S I H J T E J I C H J L K
D S F Y E P T A N I N D R F L
F G U T Y J S M W T S O N E T

Direction: Write your answer on a separate sheet of pad paper.

Write procedures on how to deploy a printer driver in Windows Server 2008 R2.

(10 pts.)

204
REFERENCES:

IS2.5

https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/

active-directory-domain-services-overview

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

003/cc759186(v=ws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

003/images%5ccc759186.ccf65c10-edb1-4a3a-ad87-38775ee43b8a(ws.10).gif

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

003/images%5ccc759186.2fabcc84-463e-4ead-be8c-a9d5bad61281(ws.10).gif

205
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

003/images%5ccc759186.33e6bd85-d00a-41f4-8fce-9503ed0e22d7(ws.10).gif

https://www.howtogeek.com/99323/installing-active-directory-on-server-2008-r2/

https://www.howtogeek.com/wp-content/uploads/2011/12/xsshot-1.png.pagespeed.g

p+jp+jw+pj+ws+js+rj+rp+rw+ri+cp+md.ic.85WT-7qwgu.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-5.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-6.png

https://www.howtogeek.com/wp-content/uploads/2011/12/xsshot-7.png.pagespeed.g

p+jp+jw+pj+ws+js+rj+rp+rw+ri+cp+md.ic.TvwBELiGrV.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-8.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-9.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-10.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-11.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-12.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-13.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-14.png

https://www.howtogeek.com/wp-content/uploads/2011/12/sshot-15.png

IS2.6

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc732575(v%3dws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-ser

ver/cc958965(v=technet.10)

206
https://cdt.org/wp-content/uploads/standards/ietf.shtml#:~:text=The%20Internet%20

Engineering%20Task%20Force,community%20than%20a%20hierarchical%20organi

zation.

https://searchnetworking.techtarget.com/definition/TCP-IP

https://en.wikipedia.org/wiki/IP_address

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-ser

ver/cc958962(v=technet.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-ser

ver/images%5ccc958962.cncc01(en-us,technet.10).gif

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-ser

ver/images%5ccc958962.cncc05(en-us,technet.10).gif

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-ser

ver/cc958980(v=technet.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-ser

ver/images%5ccc958980.cncc02(en-us,technet.10).gif

IS2.7

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc726909(v=ws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc726954(v%3dws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc726862(v%3dws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc732944(v=ws.10)

207
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/images/dd380273.4a8e09bc-d127-44fe-ab60-e850488e1fad(ws.10

).gif

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-R2-and-2008/dd283016(v=ws.10)?redirectedfrom=MSDN

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-R2-and-2008/dd296703(v=ws.10)

https://www.blackbaud.com/files/support/infinityinstaller/infinity-installation.htm#instal

lermaster/tkaddadanddhcprolestoapplicationserver.htm%3FTocPath%3DBefore%20

You%20Install%7C_____4

IS2.8

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc733004(v=ws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc732006(v%3dws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

012-R2-and-2012/jj127250(v=ws.11)?redirectedfrom=MSDN

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc754414(v%3dws.10)

208
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc732369(v%3dws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc771305(v%3dws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc731884(v%3dws.10)

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc771378(v%3dws.10)

https://www.youtube.com/watch?v=uJ0yVkCbiXY

http://tutorial.programming4.us/windows_server/Windows-Server-2008-R2---Adding-t

he-File-Services-Role.aspx

IS2.9

Windows Help and Support for Windows Server 2008 R2

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2

008-r2-and-2008/cc731857(v%3dws.10)

https://www.youtube.com/watch?v=DcNtcVmj8m8

http://techgenix.com/installing-the-print-service-server-role-in-windows-server-2008-4

6/

https://www.lifewire.com/unc-universal-naming-convention-818230

209
210
211