Drew Wutka
DWUTKA at Marlow.com
Wed Jun 3 17:19:32 CDT 2009
Ok, we now have a domain controller setup, now it's time to get our network ready. This is where a home network is fair less efficient then a domain with the proper network services. In a standard 'home' network, you have a DHCP server (which hands out IP addresses), which is usually a DSL/Cable Modem/router, and that's it. So communication between computers on a home network is reliant on Computer Browsing, which is a Window's service which broadcasts out to find other computers on the network. It's horribly inefficient, and very often unreliable. The reason that this is, is because there is no one local resource always available to act as a traffic cop.... But with our new domain controller, that's what we have. We are going to setup DNS, DHCP, and WINS. DNS - Domain Name Service (this was actually already setup during our DCPROMO process). A DNS server resolves domain names (and computers on a domain) with an IP Address. So, when you go to www.msn.com, a DNS server on the internet has the address of msn.com, and it looks up the www part, and returns an IP address (in this case: 207.68.173.76). There are internet DNS servers all over, when you are connected to the internet, your ISP is providing DNS services too you, which allows you to look up computers on the internet, but their DNS servers are not registering your local machines. So we are going to host our own DNS server, so that it registers the local machines, and forwards internet based DNS requests onto your ISP's DNS servers. DHCP - Dynamic Host Configuration Protocol. Internet communication uses TCP/IP (Transfer Control Protocol/Internet Protocol). Each computer using this protocol receives an IP address (4 numbers 0 to 255, in the format: 192.168.0.1). When a computer starts up, it will request an IP address (if one isn't statically assigned, like we did with out Domain controller in the previous post). It does this by broadcasting a message throughout the local network looking for a DHCP server. If it finds one, the DHCP server assigns the requesting computer an IP address (and with a Microsoft DHCP server we will get more options then you normally would with a standard wireless/internet home router DHCP service). WINS - Windows Internet Name Service. This is a little out dated, but it's similar to DNS. However, instead of looking for specific domain names, WINS can host more detailed information, such as whether a computer is a file server, a domain controller, etc. DNS is just a name to IP, WINS is a little more robust, and gives more of a purpose to IP address. So, again, to save space on the links, the screenshots are http://www.marlow.com/downloads/NetworkServices1.jpg through http://www.marlow.com/downloads/NetworkServices28.jpg 1: DNS is already installed, so first we need to 'install' WINS and DHCP. Go to the Add/Remove Programs in your control panel, and select Add/Remove Windows Components. Select Networking Services and click "Details'. 2: Put a checkbox next to DHCP and WINS. Click Ok, then Next, and you'll need your Windows 2003 CD while Windows installs these services. 3: I would recommend that you then go to Administrative Tools, (from your Start Menu) and 'Send To' the desktop the following: WINS, DHCP, DNS and Active Directory Users and Computers (because we'll be going into all three. Open DHCP. (Through your shortcut, or through Administrative Tools). As you can see, it's telling us we need to create a 'scope'. In my screen shot, you can see my server name is win2003 (it's presented as win2003.accessd.net, which is the full computer name (computer.domainname)). Right clicking on that gives us a New Scope option...click that option. 4:New Scope Wizard, click Next. 5: Give the Scope a name (this is just so you know it's your scope, you can setup multiple scopes, but that is beyond this demo). Click Next 6: Setup the IP range. Put in 192.168.0.1 and 192.168.0.254, click Next. (This is the range of IP addresses that our DHCP server is going to hand out.) 7: Add Exclusions: Put in 192.168.0.1 and 192.168.0.2 (1 is going to be reserved for our internet router, and 2 is our domain controller). 8: Once you have entered your exclusions, click 'Add'. (note we didn't click next on step 7. This 'process' is going to occur several times, where we are going to put information in, but it's not really there until you click add. This is because there are going to be places where we could enter multiple 'answers/responses', and that is how these dialogues deal with that). Click Next. 9: Lease Duration: Defaults to 8 days. I typically set this to 1 day. What this is, is the amount of time that a computer that has received an IP address will wait before it verifies if it needs a new one. On a home network, this is relatively unimportant, unless you are just into playing around with networking. It is more geared to a larger network, where you may have to 'conserve' IP addresses, on a home network, if you have 254 computers running, you have a very big home....however, it's not uncommon to have a dozen items getting an IP address (a few computers, gaming systems, PDA's, etc.) Click Next 10: Make sure the 'Yes' option is selected, click yes. 11: Router/Default Gateway: This is going to be your internet router, put in 192.168.0.1, click Add, click Next. 12:DNS and domain name: Put in your domain (it's blank on my screenshot (I actually forgot that part....whoops)), in this demos case it would be AccessD.net . Now, in the 'server name' box, put in the name of the machine we are working on (in my case it's win2003), and click 'Resolve', you'll see it puts 192.168.0.2 in the IP Address boxes, click Add, then click Next. 13: WINS Server: (repeat the last part of #12 (put in computername, resolve, add, next) 14: Yes, we want to activate it, Next. 15: Yeah, DHCP is setup (almost), click Finish. 16: Notice in the DHCP window it's telling use we need to 'authorize' DHCP in Active Directory. Just a side note here, a Domain and Active Directory are actually two different creatures. They work together, but they are separate beasts. This 'authorization' is just a security method to prevent an random DHCP server from trying to butt into your network. To 'authorize' oru DHCP server, right click on the server name (win2003.accessd.net in this case) and select authorize. Now close out DHCP and open it again, and .... 17: You should not see the Authorize message anymore. 18: Click the Address Leases node, notice there are none displayed....(when we put a client on our network, that will change) 19: Scope Options: If you click the scope options node, you will see the 'options' we have added to DHCP. If you right click on Scope Options, you can 'Configure Options' and there are a LOT of extra options in there, that all help things find network services better. The wizard took care of the ones we really need, but feel free to poke around...you won't find any of that in a standard wireless router 'dhcp server'. Now, I didn't put in the WINS information when we setup our NIC during the previous post. But we didn't have a WINS server setup, so now's as good a time as any to set that up. Go into your Local Area Connections properties (or whatever you named your NIC). I typically have the 'show icon in notification area when connection option' checked so I just double click the icon in the system tray, if you don't have that checked, you'll have to go to your network connection window. 20: Click Properties 21: select TCP/IP and click properties 22: Click Advanced 23: select the WINS tab, click Add, and put in 192.168.0.2, click ok, ok, ok, and close. Time to setup WINS....oh, wait, WINS is already setup once it's installed PHEW!!! ;) Open the WINS panel (either through the shortcut you put on the desktop or through Administrative Tools). 24: Notice it gives some instructions on how to 'filter' the entries, right click on Active Registrations and click 'Display Records' 25: Click Find now (we aren't putting any filters in place) 26: Wow, look at that, there are 7 entries, 6 of which are all for 192.168.0.2...this is the information that other machines on the network can use to find network resources. Feel free to poke around, close WINS when you're done. 27: Open DNS (through shortcut or Administrative Tools). Right click on the computer name (win2003 in this case, and select properties) 28: Click the Forwarders tab.... Now this needs a little explanation. The DNS server we setup is only good for our local network. It will know the IP address of every client we connect to our network, but it has no clue about any other addresses, such as internet domain names. So we need to give it the IP addresses of some internet DNS servers to forward those DNS queries along. I recommend one of two options. Either find the DNS servers that your ISP is currently assigning your internet router, OR use public DNS servers: http://www.walltechnet.com/dnsserverlist_site/dnsserverlist.htm Put in as many as you want (two should be fine), be sure to click add for each one, the click OK, and close DNS. Now we are almost ready for a client machine. The next post is going to be a short one about our 'gateway'. Drew The information contained in this transmission is intended only for the person or entity to which it is addressed and may contain II-VI Proprietary and/or II-VI Business Sensitive material. If you are not the intended recipient, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. You are notified that any review, retransmission, copying, disclosure, dissemination, or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited.