IIS Server 7.0

Installing Internet Information Services

• Click the Start button and type server in the Search programs and files text box
• Click Server Manager in the Programs list

The steps above are highlighted in the image below:

• In the Server Manager, right click Roles and click Roles

The step above is highlighted in the image below:

• On the Before you Begin screen, review the verification steps, ensure that each bullet point is true on the server your working on, then click Next

The step above is highlighted in the image below:

• On the Select Server Roles screen, select the check box next to Web Server (IIS) and click Next

The step above is highlighted in the image below:

• On the Web Server (IIS) screen, review the information and click Next

The step above is highlighted in the image below:

• On the Select Role Services screen, select the check box on the top item – Web Serverto select all items in the Role services list and click Next

The step above is highlighted in the image below:

• On the Confirm Installation Selections screen, review the informational messages and click Install

The step above is highlighted in the image below:

• Wait for the Installation Progress screen to complete

The step above is highlighted in the image below:

• On the Installation Results screen, click Close to complete the installation

The step above is highlighted in the image below:

• In the Server Manager screen you can now expand the Roles and select the Web Server (IIS) to configure Internet Information Services

The step above is highlighted in the image below:

Additional Domain Controller

To create an additional domain controller

1. Click Start, click Run, and then type dcpromo /adv to open the Active Directory Installation Wizard with the option to create an additional domain controller from restored backup files.
   
2. On the Operating System Compatibility page, read the information and then click Next.
   
   If this is the first time you have installed Active Directory on a server running Windows Server 2003, click Compatibility Help for more information.
   
3. On the Domain Controller Type page, click Additional domain controller for an existing domain, and then click Next.
   
4. On the Copying Domain Information page, do one of the following:
   
   
   • Click Over the network, and then click Next.
     
   • Click From these restored backup files, and type the location of the restored backup files, or click Browse to locate the restored files, and then click Next.
     
5. On the Network Credentials page, type the user name, password, and user domain of the user account you want to use for this operation, and then click Next.
   
   The user account must be a member of the Domain Admins group for the target domain.
   
6. On the Database and Log Folders page, type the location in which you want to install the database and log folders, or click Browse to choose a location, and then click Next.
   
7. On the Shared System Volume page, type the location in which you want to install the Sysvol folder, or click Browse to choose a location, and then click Next.
   
8. On the Directory Services Restore Mode Administrator Password page, type and confirm the password that you want to assign to the Administrator account for this server, and then click Next.
   
   Use this password when starting the computer in Directory Services Restore Mode.
   
9. Review the Summary page, and then click Next to begin the installation.
   
10. Restart the computer.
    

Notes

• To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.
  
• The /adv switch is only necessary when you want to create a domain controller from restored backup files. It is not required when creating an additional domain controller over the network.
  
• In step 3, when choosing the option to copy domain information over the network, all directory data for the domain in which this domain controller will be a member will be copied over your network connection. You will have the option to cancel non-critical replication, if necessary.
  
• In step 3, when choosing the option to copy domain information from restored backup files, you will need to first back up the System State data of a domain controller running Windows Server 2003 from the domain in which this member server will become an additional domain controller. Then, the System State backup must be restored locally on the server on which you are installing Active Directory. To do this using Backup, choose the option Restore files to: Alternate location. For more information about restoring backups, see Related Topics.
  
• If a domain controller that was backed up contained an application directory partition, the application directory partition will not be restored on the new domain controller. For information about how to manually create an application directory partition on a new domain controller, see Related Topics.
  
• If the domain controller from which you restored the System State data was a global catalog, you will have the option to make this new domain controller a global catalog.
  
• You can also use a smart card to verify administrative credentials. For more information about smart cards, see Related Topics.
  
• You cannot install Active Directory on a computer running Windows Server 2003, Web Edition, but you can join the computer to an Active Directory domain as a member server. For more information about Windows Server 2003, Web Edition, see Related Topics. 

Child Domain

To create a new child domain

1. Click Start, click Run, and then type dcpromo to start the Active Directory Installation Wizard.
   
2. On the Operating System Compatibility page, read the information and then click Next.
   
   If this is the first time you have installed Active Directory on a server running Windows Server 2003, click Compatibility Help for more information.
   
3. On the Domain Controller Type page, click Domain controller for a new domain, and then click Next.
   
4. On the Create New Domain page, click Child domain in an existing domain tree, and then click Next.
   
5. On the Network Credentials page, type the user name, password, and user domain of the user account you want to use for this operation, and then click Next.
   
   The user account must be a member of the Enterprise Admins group.
   
6. On the Child Domain Installation page, verify the parent domain and type the new child domain name, and then click Next.
   
7. On the NetBIOS Domain Name page, verify the NetBIOS name, and click Next.
   
8. On the Database and Log Folders page, type the location in which you want to install the database and log folders, or click Browse to choose a location, and then click Next.
   
9. On the Shared System Volume page, type the location in which you want to install the Sysvol folder, or click Browse to choose a location, and then click Next.
   
10. On the DNS Registration Diagnostics page, verify the DNS configuration settings are accurate, and then click Next.
    
11. On the Permissions page, select one of the following:
    
    
    • Permissions compatible with pre-Windows 2000 server operating systems
      
    • Permissions compatible only with Windows 2000 or Windows Server 2003 operating systems
      
12. On the Directory Services Restore Mode Administrator Password page, type and confirm the password that you want to assign to the Administrator account for this server, and then click Next.
    
    Use this password when starting the computer in Directory Services Restore Mode.
    
13. Review the Summary page, and then click Next to begin the installation.
    
14. Restart the computer.
    

Notes

• To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.
  
• The server on which you install Active Directory using this procedure will be the first domain controller in a new child domain.
  
• Before installing Active Directory, you will need to consider pre-Windows 2000 compatible security levels and identify the DNS name of the domain. For more information, see the checklist in Related Topics.
  
• When a child domain is added to an existing tree domain, a two-way, transitive parent and child trust is established by default.
  
• The wizard options on the Permissions page affect application compatibility with computers running pre-Windows 2000 and Windows Server 2003 operating systems and are not related to domain functionality. For more information about permissions, see Related Topics.
  
• You can also use a smart card to verify administrative credentials. For more information about smart cards, see Related Topics.
  
• The Active Directory Installation Wizard allows Active Directory domain names up to 64 characters or up to 155 bytes. Although the limit of 64 characters is usually reached before the limit of 155 bytes, the opposite could be true if the name contains Unicode characters consuming three bytes. These limits do not apply to computer names.
  
• You cannot install Active Directory on a computer running Windows Server 2003, Web Edition, but you can join the computer to an Active Directory domain as a member server. For more information about Windows Server 2003, Web Edition, see Related Topics. 

E Book's

• Red Hat Enterprises Linux 6 E book's RHCE.
• RH124 E Book
• RH134 E Book .
• RH254 E Book .    

• Windows 2003 server Ebook's MCSE.
• Installation, Network Configuration and Desktop, Resource and Printer Management, 70-270
• Managing and Maintaining a Windows Server 2003 Environment, 70-290
• Implementing, Managing and Maintaining a Windows Server 2003 Network 70-291
• Implementing and Administering Security in a Windows Server 2003 Network, 70-299
• Planning and Maintaining a Windows Server 2003 Network Infrastructure, 70-293
• mplementing and Maintaining a Windows Server 2003 Active Directory Infrastructure, 70-294
• Designing Security for a Windows Server 2003 Network, 70-298
• Windows 2008 Enterprises Server MCITP .
• 70-643 Windows Server 2008 Application Infrastructure
• 70-640 Windows Server 2008 Active Directory, Configuring
• 70-642 Windows Server 2008 Network Infrastructure
• Exam 70-647- PRO Windows Server 2008, Enterprise Administrator
• Exam 70-680- MCTS Configuring Windows 7
• Cisco  EBook's . 
• CCNA
• 640-802 CCNA ICND1 , ICND2 MIX
• 640-822 ICND1
• 640-816 ICND2
• 640-554 IINS
• CCNA Voice 640 461
• CCNP
• 642-902 ROUTE
• 642-813 SWITCH
• 642-832 TSHOOT

DHCP Installation

            DHCP 

How do I... Install and configure a DHCP server in Windows Server 2008?

Dynamic Host Configuration Protocol (DHCP) is an invaluable service when you have a network larger than a handful of computers. It’s also a standard component of enterprise networks and sub networks. Microsoft Windows Server 2008’s built-in DHCP server allows Windows machines (and any other TCP/IP-based machines and devices) to obtain their IP addresses and network settingsautomatically, which can vastly simplify network configuration. In this document, we’ll discuss how to install and configure a DHCP server in Windows Server 2008, and we’ll explore some of the advanced features DHCP has to offer.

Create a plan

Before you configure your DHCP server, it is a good idea to have all your ducks in a row. Prepare and have all the necessary information up front before sitting down and configuring your server. For example, you may need to know:

• The scope of IP addresses that your server will manage (e.g., 192.168.1.50 to 192.168.1.200).
• Which machines require static IP addresses (i.e., those machines such as servers and routers that will not use DHCP to receive their IP addresses but will be set manually).
• Which network information you want to send out to DHCP clients when they get their IP addresses (e.g., the addresses for your default gateway, DNS servers, and WINS servers).

It is much easier to configure your DHCP server with this information in hand rather than scrambling for it at implementation time.

Installing DHCP

Installing a DHCP server in Windows 2008 is a snap. They created a very simple wizard that walks you through the entire process. Follow me on this journey.

To install a DHCP server from the Control Panel, follow these steps:

1. From the Start menu, select | Control Panel | Administrative Tools | Server Manager.
2. Expand and click Roles (Figure A).
3. Choose Add Roles and follow the wizard by selecting the DHCP role (Figure B).
4. A new DHCP wizard appears to help you configure a DHCP server.

Figure A

Server Manager

Figure B

Add Roles Wizard

In the previous release of Windows, a wizard did not appear to walk you through creating a DHCP server. Windows Server 2008 has really simplified this process by allowing you to configure a DHCP server in roughly seven steps. Of course, you can still manage your DHCP server from the DHCP Microsoft Management Console (MMC) snap-in or delete and create scopes on the fly.

Let’s continue on through the wizard. Your network cards and static IP addresses are automatically detected and you can choose how DHCP will service clients on different subnets, as shown inFigure C.

Figure C

Choose your static IP addresses to service DHCP clients

On the next window (Figure D), you can specify the applicable DNS server(s) to be used with DHCP when an address is assigned. Figure E displays where you would enter the applicable WINS servers if you require it on your network.

Figure D

Enter your DNS server IP address

Figure E

Enter your WINS server IP address

About scopes

When you create a scope, you must select the range of IP addresses and you must specify the appropriate scope options to include. These options are what we were referring to above when we mentioned that you can assign other network information to your clients at the time they are given an IP address.

There are two types of scope options: Global and Scope. Global options are propagated to all the scopes that you create on that DHCP server, while Scope options are only for the individual scope that you are working with.

For example, if you have different scopes for several different subnets and each subnet will have a different default gateway but will share the same DNS servers, you would want to set the DNS servers as a Global option while the default gateways would be set separately in each scope as a Scope option.

On the DHCP scope window, you will create your scope. Depending on the size of your network and the amount of users that will be assigned IP addresses, some thought must be given to the parameters of your scope selections. In my example (Figure F), I created a simple scope.

Figure F

Creating your scope

The subnet type dropdown allows you to choose wireless as well (Figure G). It defaults to 24 hours. If you want to activate the scope when the wizard is complete, click the Activate this scope checkbox. If you leave it empty, you must activate the scope in the DHCP Microsoft Management Console (MMC) snap-in.

Figure G

You can add multiple scopes before continuing the wizard

With Windows Server 2008, if you have a router (Figure H) that supports and is configured to take advantage of IPv6, you can enable this functionality on your network.

Figure H

Enable IPv6 stateless mode

Authorizing the DHCP server and activating scopes

In previous versions of Windows Server, you had to install and configure your DHCP server and then authorize it in the DHCP MMC snap-in. Authorizing your DHCP server allows you to prevent hackers from configuring rogue DHCP servers. In Windows Server 2008, you have the ability to either authorize the server in the Wizard or authorize it after the fact in the DHCP MMC-snap-in (Figure I).

Figure I

Authorizing your DHCP server

You are now ready to review (Figure J) and confirm your settings before applying your DHCP settings (Figure K).

Figure J

Reviewing your DHCP configuration before applying

Figure K

DHCP installation in progress

Once you have installed the DCHP server, you can manage it from the DHCP MMC snap-in (Figure O) located in Administrative tools. On this screen you can create additional exclusions and reservations.

Adding reservations

In addition to specifying exclusions, you can add reservations to your DHCP server. By adding a reservation, you ensure that a machine always receives the same IP address from the DHCP server.

1. Right-click on Reservations and choose new reservation.
2. Enter a friendly name for the reservation and the IP address you want to assign to the computer or device.
3. Enter the MAC address of the computer or device. (For Windows machines, you can find the MAC address by running ipconfig/all from the command prompt of the machine.)
4. Enter a description and then choose the following reservation type: DHCP, BOOTP (going across a router), or both, as shown in Figure L. Click Add.

Figure L

Adding a reservation

Adding exclusions

In addition to specifying reservations, you can add exclusions to your DHCP server (Figure M). By adding exclusions, you ensure that machines never receive a DHCP lease for that range of IP addresses. This is very useful to block IP addresses for your servers and routers.

Figure M

Adding an exclusion

In order to add Exclusions, right-click on Address Pools and choose New Exclusion Range as shown in Figure N and Figure O.

Figure N

IP address Exclusion range

Figure O

DCHP MMC snap-in

Troubleshooting DHCP

After configuring DHCP, the easiest way to troubleshoot it is to use Ipconfig from a command prompt. To view all TCP/IP information on a machine just type ipconfig/all. To release a DHCP lease, type ipconfig/release; to renew a lease, type ipconfig/renew.

DNS INSTALLATION

How do I... Install and configure a DNS server in Windows Server 2008?

.

Installation

You can install a DNS server from the Control Panel or when promoting a member server to a domain controller (DC) (Figure A). During the promotion, if a DNS server is not found, you will have the option of installing it.

Figure A

Domain controller

To install a DNS server from the Control Panel, follow these steps:

• From the Start menu, select | Control Panel | Administrative Tools | Server Manager.
• Expand and click Roles (Figure B).
• Choose Add Roles and follow the wizard by selecting the DNS role (Figure C).
• Click Install to install DNS in Windows Server 2008 (Figure D).

Figure B

Expand and click Roles

Figure C

DNS role

Figure D

Install DNS

DNS console and configuration

After installing DNS, you can find the DNS console from Start | All Programs | Administrative Tools | DNS. Windows 2008 provides a wizard to help configure DNS.

When configuring your DNS server, you must be familiar with the following concepts:

• Forward lookup zone
• Reverse lookup zone
• Zone types

A forward lookup zone is simply a way to resolve host names to IP addresses. A reverse lookup zone allows a DNS server to discover the DNS name of the host. Basically, it is the exact opposite of a forward lookup zone. A reverse lookup zone is not required, but it is easy to configure and will allow for your Windows Server 2008 Server to have full DNS functionality.

When selecting a DNS zone type, you have the following options: Active Directory (AD) Integrated, Standard Primary, and Standard Secondary. AD Integrated stores the database information in AD and allows for secure updates to the database file. This option will appear only if AD is configured. If it is configured and you select this option, AD will store and replicate your zone files.

A Standard Primary zone stores the database in a text file. This text file can be shared with other DNS servers that store their information in a text file. Finally, a Standard Secondary zone simply creates a copy of the existing database from another DNS server. This is primarily used for load balancing.

To open the DNS server configuration tool:

1. Select DNS from the Administrative Tools folder to open the DNS console.
2. Highlight your computer name and choose Action | Configure a DNS Server… to launch the Configure DNS Server Wizard.
3. Click Next and choose to configure the following: forward lookup zone, forward and reverse lookup zone, root hints only (Figure E).
4. Click Next and then click Yes to create a forward lookup zone (Figure F).
5. Select the appropriate radio button to install the desired Zone Type (Figure G).
6. Click Next and type the name of the zone you are creating.
7. Click Next and then click Yes to create a reverse lookup zone.
8. Repeat Step 5.
9. Choose whether you want an IPv4 or IPv6 Reverse Lookup Zone (Figure H).
10. Click Next and enter the information to identify the reverse lookup zone (Figure I).
11. You can choose to create a new file or use an existing DNS file (Figure J).
12. On the Dynamic Update window, specify how DNS accepts secure, nonsecure, or no dynamic updates.
13. If you need to apply a DNS forwarder, you can apply it on the Forwarders window. (Figure K).
14. Click Finish (Figure L).

Figure E

Configure

Figure F

Forward lookup zone

Figure G

Desired zone

Figure H

IPv4 or IPv6

Figure I

Reverse lookup zone

Figure J

Choose new or existing DNS file

Figure K

Forwarders window

Figure L

Finish

Managing DNS records

You have now installed and configured your first DNS server, and you’re ready to add records to the zone(s) you created. There are various types of DNS records available. Many of them you will never use. We’ll be looking at these commonly used DNS records:

• Start of Authority (SOA)
• Name Servers
• Host (A)
• Pointer (PTR)
• Canonical Name (CNAME) or Alias
• Mail Exchange (MX)

Start of Authority (SOA) record

The Start of Authority (SOA) resource record is always first in any standard zone. The Start of Authority (SOA) tab allows you to make any adjustments necessary. You can change the primary server that holds the SOA record, and you can change the person responsible for managing the SOA. Finally, one of the most important features of Windows 2000 is that you can change your DNS server configuration without deleting your zones and having to re-create the wheel (Figure M).

Figure M

Change configuration

Name Servers

Name Servers specify all name servers for a particular domain. You set up all primary and secondary name servers through this record.

To create a Name Server, follow these steps:

1. Select DNS from the Administrative Tools folder to open the DNS console.
2. Expand the Forward Lookup Zone.
3. Right-click on the appropriate domain and choose Properties (Figure N).
4. Select the Name Servers tab and click Add.
5. Enter the appropriate FQDN Server name and IP address of the DNS server you want to add.

Figure N

Name Server

Host (A) records

A Host (A) record maps a host name to an IP address. These records help you easily identify another server in a forward lookup zone. Host records improve query performance in multiple-zone environments, and you can also create a Pointer (PTR) record at the same time. A PTR record resolves an IP address to a host name.

To create a Host record:

1. Select DNS from the Administrative Tools folder to open the DNS console.
2. Expand the Forward Lookup Zone and click on the folder representing your domain.
3. From the Action menu, select New Host.
4. Enter the Name and IP Address of the host you are creating (Figure O).
5. Select the Create Associated Pointer (PTR) Record check box if you want to create the PTR record at the same time. Otherwise, you can create it later.
6. Click the Add Host button.

Figure O

A Host (A) record

Pointer (PTR) records

A Pointer (PTR) record creates the appropriate entry in the reverse lookup zone for reverse queries. As you saw in Figure H, you have the option of creating a PTR record when creating a Host record. If you did not choose to create your PTR record at that time, you can do it at any point.

To create a PTR record:

1. Select DNS from the Administrative Tools folder to open the DNS console.
2. Choose the reverse lookup zone where you want your PTR record created.
3. From the Action menu, select New Pointer (Figure P).
4. Enter the Host IP Number and Host Name.
5. Click OK.

Figure P

New Pointer

Canonical Name (CNAME) or Alias records

A Canonical Name (CNAME) or Alias record allows a DNS server to have multiple names for a single host. For example, an Alias record can have several records that point to a single server in your environment. This is a common approach if you have both your Web server and your mail server running on the same machine.

To create a DNS Alias:

1. Select DNS from the Administrative Tools folder to open the DNS console.
2. Expand the Forward Lookup Zone and highlight the folder representing your domain.
3. From the Action menu, select New Alias.
4. Enter your Alias Name (Figure Q).
5. Enter the fully qualified domain name (FQDN).
6. Click OK.

Figure Q

Alias Name

Mail Exchange (MX) records

Mail Exchange records help you identify mail servers within a zone in your DNS database. With this feature, you can prioritize which mail servers will receive the highest priority. Creating MX records will help you keep track of the location of all of your mail servers.

To create a Mail Exchange (MX) record:

1. Select DNS from the Administrative Tools folder to open the DNS console.
2. Expand the Forward Lookup Zone and highlight the folder representing your domain.
3. From the Action menu, select New Mail Exchanger.
4. Enter the Host Or Domain (Figure R).
5. Enter the Mail Server and Mail Server Priority.
6. Click OK.

Figure R

Host or Domain

Other new records

You can create many other types of records. For a complete description, choose Action | Other New Records from the DNS console (Figure S). Select the record of your choice and view the description.

Figure S

Create records from the DNS console

Troubleshooting DNS servers

When troubleshooting DNS servers, the nslookup utility will become your best friend. This utility is easy to use and very versatile. It’s a command-line utility that is included within Windows 2008. With nslookup, you can perform query testing of your DNS servers. This information is useful in troubleshooting name resolution problems and debugging other server-related problems. You can access nslookup (Figure T) right from the DNS console.

Figure T

Nslookup utility