Chapter 12

Chapter 12

Guide to Networking Essentials 7th Edition Chapter 12 Network Management and Administration Objectives Create and work with user and group accounts Create and manage permissions on storage volumes Work with shared files and printers Monitor a systems performance and reliability Describe fault-tolerance and backup solutions Guide to Networking Essentials, 7th Edition Cengage Learning 2016

2 Managing User and Group Accounts User accounts have two main functions: Provide a method for users to authenticate themselves to the network Provide detailed information about a user Group accounts are used to organize users so that assignment of resource permissions and rights can be managed more easily than working with dozens or hundreds of individual user accounts Guide to Networking Essentials, 7th Edition Cengage Learning 2016

3 Account and Password Conventions In a large network, a scheme for naming user and group accounts as well as network devices is crucial. Consider the following: Is there a minimum and maximum number of characters user account names should have? Should the username be based on the users real name or if security is important, should names be more cryptic? Some OSs distinguish between uppercase and lowercase letters. Should usernames contain both as well as special characters? Guide to Networking Essentials, 7th Edition

Cengage Learning 2016 4 Account and Password Conventions Considerations for password naming conventions: Minimum length Complexity requirements use of uppercase and lowercase along with special characters User or administrator created Password change frequency Group account names should reflect the group membership or the resource to which the group is assigned permissions Once naming conventions have been established, stick to them

Guide to Networking Essentials, 7th Edition Cengage Learning 2016 5 Working with Accounts in Windows When Windows is first installed, two users are created Administrator and Guest (usually disabled) The Administrator account has full access to a computer Windows domain users are created in Active Directory Users and Computers You can create folders for organizing users and groups (called organization units or OUs)

Guide to Networking Essentials, 7th Edition Cengage Learning 2016 6 Creating User Accounts in Windows Domains Figure 12-1 The Active Directory Users and Computers management console Guide to Networking Essentials, 7th Edition Cengage Learning 2016 7 Creating User Accounts in Windows

Domains To create a new user: Open the folder where you want to create the user. Right-click the folder, point to New, and click User. The New Object User Dialog box opens **Everything you create in Active Directory is considered an object Guide to Networking Essentials, 7th Edition Cengage Learning 2016 8 Creating User Accounts in Windows

Domains Next, you will need to set the password with the following options: User must change password at next logon User cannot change password Password never expires Account is disabled Guide to Networking Essentials, 7th Edition Cengage Learning 2016 9

Creating User Accounts in Windows Domains Figure 12-4 User properties in Active Directory (left) and in Windows 10 (right) Guide to Networking Essentials, 7th Edition Cengage Learning 2016 10 Creating Group Accounts in Windows Domains Group accounts only require a name in order to be created (other options can be configured) Group scope has three options: Domain local Can be used to assign permissions to

resources only in the domain in which the group is created Global The default option and contains users from the domain in which they are created but can be assigned permissions to resources in other domains Universal Used in multidomain networks; users from any domain can be members and be assigned permission to resources in any domain Guide to Networking Essentials, 7th Edition Cengage Learning 2016 11 Creating Group Accounts in Windows Domains Group accounts only require a name in order to be

created (other options can be configured) Group scope has three options: Domain local Global Universal Group type has two options: Security (default) Distribution Guide to Networking Essentials, 7th Edition Cengage Learning 2016 12 Creating Group Accounts in Windows

Domains Guide to Networking Essentials, 7th Edition Cengage Learning 2016 13 Creating Group Accounts in Windows Domains Guide to Networking Essentials, 7th Edition Cengage Learning 2016 14

User Profiles User profile a collection of users personal files and settings that define their working environment Created when a user logs on for the first time A user profile stored on the same system where the user logs on is called a local profile When logging off, profile settings are saved in their local profiles so that all their settings are preserved If administrators want to make users profiles available on any computer they log on to, they can set up roaming profiles Guide to Networking Essentials, 7th Edition Cengage Learning 2016

15 User Profiles A roaming profile follows the user no matter which computer he or she logs on to Stored on a network share Any changes the user makes to the profile are replicated from the locally cached copy to the profile on the network share when the user logs off Roaming profiles are rarely used in workgroup networks but is a feature Active Directory administrators use frequently Mandatory profiles discard a users profile changes at log off so the profile is always the same Guide to Networking Essentials, 7th Edition

Cengage Learning 2016 16 Working with Accounts in Linux User and group accounts in Linux are used for the same purpose as Windows: User authentication and authorization Linux also has a default user who has full control over the system named root Most Linux administration takes place at the command line useradd newuser (replace newuser with the logon name for the user account youre creating) You will then be prompted to create a new password and enter the users full name and other information

Guide to Networking Essentials, 7th Edition Cengage Learning 2016 17 Working with Accounts in Linux All users must belong to at least one group in Linux When a new user is created, a new group with the same name is also created and the user is made a member Use the groupadd command to create groups To add users to a group: useradd username groupname Many administrators prefer the command-line method for creating users because they can import

user information from a text file Guide to Networking Essentials, 7th Edition Cengage Learning 2016 18 Storage and File System Management Network administrators need to: Make sure enough storage space is available to store files needed Manage who has access to file storage Prevent users from storing inappropriate types of data on company servers Locally attached storage a device, such as a hard

disk, that is connected to a storage controller on the server Guide to Networking Essentials, 7th Edition Cengage Learning 2016 19 Volumes and Partitions A volume is part or all of the space on one or more disks that contains (or is ready to contain) a file system In Windows, volumes are assigned a drive letter In Linux, volumes are accessed as though they were a folder The term partition is sometimes used interchangeably with volume but dont always describe the same thing

In Windows, a basic disk can be divided into one to four partitions A primary partition can be formatted with a file system and assigned a drive letter (considered a volume) An extended partition is divided into one or more logical drives that can be formatted and assigned a drive letter (considered a volume) Guide to Networking Essentials, 7th Edition Cengage Learning 2016 20 Volumes and Partitions Only a primary partition can be the active partition (partition that can hold boot files) The active primary partition storing the Windows

boot loader is referred to as the system partition The partition or logical drive holding the Windows OS files is called the boot partition A dynamic disk can be divided into one or more volumes; the term partition is not used in this context Linux systems refer to disks by using their device driver name plus a letter, starting with a Example: /dev/sda Guide to Networking Essentials, 7th Edition Cengage Learning 2016 21 The FAT File System The File Allocation Table (FAT) file system has two

variations: FAT16 is usually referred to as FAT and has been around since the mid-1980s Supported by most OSs FAT32 was released with Windows 95 OSR2 in 1996 FAT16 is limited to 2 GB partitions in most cases FAT32 allows partitions up to 2 TB but in Windows 2000 and later, Microsoft limits them to 32 GB because the file system becomes noticeable slower with larger partition sizes Guide to Networking Essentials, 7th Edition Cengage Learning 2016 22

The NTFS File System NTFS is a full-featured file system that Microsoft introduced in 1993 with Windows NT Features available in NTFS that arent in FAT: Disk quotas limit amount of data users files can occupy Volume mount points No need for a drive letter to access Shadow copies allows users to restore older file versions or files that were accidentally deleted File compression files can be compressed Encrypting File System makes encrypted files inaccessible to everyone except the user who encrypted the file Including users who have been granted permission to the file Guide to Networking Essentials, 7th Edition Cengage Learning 2016

23 The NTFS File System Guide to Networking Essentials, 7th Edition Cengage Learning 2016 24 The NTFS File System Guide to Networking Essentials, 7th Edition Cengage Learning 2016 25

The NTFS File System Guide to Networking Essentials, 7th Edition Cengage Learning 2016 26 NTFS Permissions Two modes for accessing files on a networked computer: Network (sometimes called remote) Interactive (sometimes called local) Share permissions are applied when a user attempts network access to shared files

NTFS permissions always apply Whether file access is attempted interactively or remotely through a share Permissions can be viewed as a gatekeeper to control who has access to folder and files Guide to Networking Essentials, 7th Edition Cengage Learning 2016 27 NTFS Permissions General security rule for assigning permissions: To give users the least access necessary for their job NTFS permissions can be configured on folders and

files By default, when permissions are configured on a folder, subfolders and files in that folder inherit the permissions but can be changed by the admin To view or edit permissions on an NTFS folder, access the Security tab of the Properties dialog box Guide to Networking Essentials, 7th Edition Cengage Learning 2016 28 NTFS Permissions NTFS standard permissions for folders and files:

Read Read & execute List folder contents Write Modify Full control Guide to Networking Essentials, 7th Edition Cengage Learning 2016 29

The Linux File System Linux supports many files systems Ext3, Ext4, ReiserFS, and XFS Ext3 and Ext4 are the default file system for most Linux distributions There are only three permissions read, write, and execute There are only three user types that can be assigned one or more permissions: owner owner of the file or folder group The primary group to which the owner belongs other All other users Guide to Networking Essentials, 7th Edition Cengage Learning 2016

30 The Linux File System Guide to Networking Essentials, 7th Edition Cengage Learning 2016 31 Working with Shared Files and Printers The dominant file-sharing protocol is Server Message Block (SMB) The native Windows file-sharing protocol but is supported by Linux and MAC OS Network File System (NFS) is the native Linux filesharing protocol and Windows can support NFS with

the right software installed Printer sharing also uses SMB The native Linux printer-sharing protocol is line printer daemon/line printer remote (LPD/LPR) Guide to Networking Essentials, 7th Edition Cengage Learning 2016 32 Sharing Files and Printers in Windows In Windows, users are subject to both share and NTFS permissions when accessing network files Share permissions are somewhat simpler than NTFS permissions with only 3 options: Read

Change Full Control Guide to Networking Essentials, 7th Edition Cengage Learning 2016 33 Sharing Files and Printers in Windows Methods to use when configuring shares: File Sharing WizardTo start this wizard, right-click a folder and click Share with, and click Specific people Advanced Sharing dialog boxTo

open this dialog box, click Advanced Sharing in the Sharing tab of a folders Properties dialog box Guide to Networking Essentials, 7th Edition Cengage Learning 2016 34 Sharing Files and Printers in Windows Methods to use when configuring shares (contd): Shared Folder snap-ina component of the Computer Management console File and Storage ServicesTo most advanced method for creating shares

Guide to Networking Essentials, 7th Edition Cengage Learning 2016 35 Sharing Printers in Windows Components of a shared printer: Print device Two basic types of print device: Local print device: Connected to an I/O port on a computer Network print device: A printer attached to and shared by another computer Printer The icon in the Printers folder that represents print devices Print server A Windows computer sharing a printer

Print queue Storage for print jobs awaiting printing Guide to Networking Essentials, 7th Edition Cengage Learning 2016 36 Sharing Printers in Windows Benefits of using a shared printer: Access control Printer pooling

Printer priority Print job management Availability control Guide to Networking Essentials, 7th Edition Cengage Learning 2016 37 Sharing Printers in Windows Figure 12-24 The Sharing tab for a print server Guide to Networking Essentials, 7th Edition Cengage Learning 2016

38 Sharing Files and Printers in Linux Linux supports Windows file sharing by using SMB in a software package called Samba Printer sharing in Linux is straightforward after Samba has been installed When you create a new printer in Linux, it is shared automatically Guide to Networking Essentials, 7th Edition Cengage Learning 2016 39

Monitoring System Reliability and Performance Windows Server includes tools to manage and monitor server operation and resources: Task Manager Event Viewer Performance Monitor You have already used Task Manager so this section focuses on the other two Guide to Networking Essentials, 7th Edition Cengage Learning 2016 40

Event Viewer Allows administrators to view event log entries, categorized by these levels: Information indicate normal operations, such as service stops and starts Warning Provide information about events that should be brought to the administrators attention Error often generated when a process or service is unable to perform a task or stops unexpectedly You can examine several log files in Event Viewer, including Application, Security, Setup, and System logs Guide to Networking Essentials, 7th Edition Cengage Learning 2016

41 Event Viewer Guide to Networking Essentials, 7th Edition Cengage Learning 2016 42 Performance Monitor A collection of tools for pinpointing which resources are being overloaded and how theyre being overloaded Contains the following folders: Monitoring Tools contains the Performance Monitor tool Data Collector Sets contains user- and system-defined templates with sets of data points called data collectors

Reports contains system- and user-defined performance and diagnostic reports Performance Monitor uses counters to track the performance of a variety of objects A counter is a value representing some aspect of an objects performance Guide to Networking Essentials, 7th Edition Cengage Learning 2016 43 Performance Monitor Guide to Networking Essentials, 7th Edition

Cengage Learning 2016 44 Performance Monitor In order to track an objects performance you need to create a baseline Performance baseline is a record of performance data gathered when a system is performing well under normal operating conditions Generally, baseline data is collected shortly after a system is put into service and then again each time changes are made To create a baseline of performance data, you create a data collector set that specifies the performance counters you want to collect, how often

to collect them, and the time period Guide to Networking Essentials, 7th Edition Cengage Learning 2016 45 Enhancing Network Performance Factors that can cause poor performance: Poor or inadequate network design Poor network traffic management Network errors

Denial-of-service attacks Guide to Networking Essentials, 7th Edition Cengage Learning 2016 46 Network Performance Monitoring A network administrator must monitor the performance of the network Two network protocols designed to do that: Simple Network Management Protocol (SNMP) Remote Monitoring (RMON) Guide to Networking Essentials, 7th Edition

Cengage Learning 2016 47 Simple Network Management Protocol To use SNMP: SNMP software agents are loaded on network devices you want to manage and monitor Agents monitor network traffic and device status Stores information in a management information base (MIB) Management station communicates with software agents and collects data stored in the MIBs You can set thresholds for sending alert messages to administrators when thresholds are exceeded

Guide to Networking Essentials, 7th Edition Cengage Learning 2016 48 Remote Monitoring RMON is an advanced network-monitoring protocol Extends SNMPs capabilities Comes in two versions: RMON1 and RMON2 RMON1 defines RMON groups to collect data and communicate with a management station RMON1 captures statistics at the Data Link and Physical layers RMON2 can collect and analyze traffic at the Network

and higher layers Guide to Networking Essentials, 7th Edition Cengage Learning 2016 49 Backup and Fault Tolerance Regular backups provide a safety net to restore a system to working order in the event of a disk failure or file corruption A popular type of backup is an image backup, in which a copy of an entire disk is created that can be restored without reinstalling the OS Cant restore separate files so image backups are usually done along with traditional file backup

Fault tolerance provides methods for a system to continue running after a system failure has occurred Guide to Networking Essentials, 7th Edition Cengage Learning 2016 50 Windows Backup Windows Server Backup comes with Windows Server 2016 and has the following features: Backups can be run manually or scheduled to run automatically You can create a system recovery backup that automatically includes all volumes containing critical system data Manual backups can be stored on network drives,

fixed and removable basic disk volumes and CD or DVD Guide to Networking Essentials, 7th Edition Cengage Learning 2016 51 Windows Backup Windows Server Backup has the following features (contd): Backups can be stored on a hard disk dedicated for backups, a non-dedicated volume, or a shared network folder You can use a Volume Shadow Copy Service (VSS) backup, which means even open files can be backed up

By default, Windows Server Backup is configured to back up the local computer, but you can also back up files remotely Guide to Networking Essentials, 7th Edition Cengage Learning 2016 52 Windows Backup Windows Server Backup is a satisfactory tool but it has limitations An enterprise-class backup program, such as Symantec NetBackup and CommVault Galaxy Backup and Recovery, offers advanced disaster recovery solutions

Windows 7 has the Backup and Restore program This program is still available in Windows 10 but the File History feature is the preferred method for restoring files Guide to Networking Essentials, 7th Edition Cengage Learning 2016 53 Protecting Data with Fault Tolerance Recall that fault tolerance provides methods for a system to continue running after a system failure has occurred Three forms of fault tolerance that are common on networks and servers: Redundant power supply and uninterruptible power

supply Redundant disk systems Server clustering Guide to Networking Essentials, 7th Edition Cengage Learning 2016 54 Redundant Power A computer requires a constant, clean source of power Or else it may reboot causing lost work or damage A redundant power supply is a second power supply unit in the computer case, so if one power supply fails, the other unit takes on the full load

An uninterruptible power supply (UPS) is a device with a built-in battery, power conditioning, and surge protection If power fails, the UPS battery provides enough power to keep your computer running until power is restored or you can shut down the computer safely Guide to Networking Essentials, 7th Edition Cengage Learning 2016 55 Redundant Power UPSs come in two main categories: online and standby A standby UPS supplies power to plugged-in devices by passing power from the wall outlet directly to the device An online UPS supplies power continuously to plugged-in

devices through the UPS battery, which is recharged continually by the wall outlet power Other benefits of using a UPS Power conditioning cleans the power, removing noise caused by other devices on the circuit Surge protection protects the computer from voltage spikes or surges Guide to Networking Essentials, 7th Edition Cengage Learning 2016 56 Redundant Disk Systems Redundant disk systems are based on the redundant array of independent disks (RAID) technology

Disk Mirroring (RAID 1) requires two disks When data is written to one disk, its also written to the second disk If either disk fails, the system can continue operating because both disks have the same data Disk Striping with Parity (RAID 5) requires minimum of three disks but is more space efficient than RAID 1 Works by spreading data across multiple disks and using one disk in each write operation to store parity information Parity info is generated by a calculation on data being written, so if one of the disks fails, it can be used to re-create lost data from the failed disk Guide to Networking Essentials, 7th Edition Cengage Learning 2016 57

Server Clustering A server cluster is made up of two or more servers that are interconnected and appear as a single unit Two common types of clustering: A failover cluster involves two or more servers sharing a high-speed link used to synchronize data One server is the primary and others are standby. In the event the primary fails, a standby server takes its place A load-balancing cluster consists of two or more servers that appear as a single unit to users. All servers in the cluster operate and share the load Guide to Networking Essentials, 7th Edition Cengage Learning 2016

58 Summary User accounts are the link between real people and network resources User accounts and passwords should have naming conventions for their creation Group accounts are used to organize users so that assignment of resource permissions and rights can be managed more easily than working with individual user accounts A user profile is a collection of a users personal files and settings that define his or her working environment Guide to Networking Essentials, 7th Edition Cengage Learning 2016

59 Summary Locally attached storage is a device thats connected to a storage controller on the server Storage is divided into volumes or partitions The Linux file systems include Ext3, Ext4, ResierFS, and XFS SMB is the Windows default file sharing protocol while NFS is the native Linux file-sharing protocol Windows Server includes tools to manage and monitor server operation and resources Guide to Networking Essentials, 7th Edition Cengage Learning 2016

60 Summary A single bottleneck in the network can bring a highperforming network to a crawl A network administrator must monitor the performance of the network as a whole Regular backups provide a safety net to restore a system to working order in the event of a disk failure or file corruption A server cluster is made up of two or more servers that are interconnected and appear as a single unit Guide to Networking Essentials, 7th Edition Cengage Learning 2016

61

Recently Viewed Presentations

  • Chapter Five: Love Made Fruitful Welcoming a New

    Chapter Five: Love Made Fruitful Welcoming a New

    The children suffer the most in a marital breakdown. I beg you not to take your children hostage! Don't put the burden of your separation on them. Speak well of your former spouse in front of your children. Pastoral ministers...
  • Say goodbye to passwords - Microsoft

    Say goodbye to passwords - Microsoft

    Nobody likes passwords. Alpha-numeric passwords are hard for humans to remember and easy for computers to guess. Credential reuse across multiple services increases attack surfaces
  • "When Lilacs Last in the Dooryard Bloom'd"

    "When Lilacs Last in the Dooryard Bloom'd"

    "When Lilacs Last in the Dooryard Bloom'd" Walt Whitman Areas of Focus The poem as pastoral elegy The structure The symbol of the lilac blossom The pastoral elegy This poem part of a series of pieces written after Lincoln's assassination...
  • A negatively-charged piece of plastic exerts an attractive

    A negatively-charged piece of plastic exerts an attractive

    A. electrons are less massive than atomic nuclei. B. the electric force between charged particles decreases with increasing distance. C. an atomic nucleus occupies only a small part of the volume of an atom.
  • Bucolic - MRS. TATUM'S AP LANGUAGE

    Bucolic - MRS. TATUM'S AP LANGUAGE

    Word structure: Latin root word man ... Hebrew, literally: ear of grain; the word issued in the Old Testament by the Gileadites as a test-word for the Ephraimites, who could not pronounce the sound sh (Judges 12:4-6) ...
  • Friezes and Mosaics - Queen's University

    Friezes and Mosaics - Queen's University

    Friezes and Mosaics The Mathematics of Beauty Frieze patterns in the Taj Mahal The gardens and corridors have many frieze patterns. Mosaics in the Taj Mahal The ground around the Taj Mahal is laid with a tiling pattern of four-pointed...
  • Cengage Learning Australia hereby permits the usage and

    Cengage Learning Australia hereby permits the usage and

    IMC building blocks. IMC is a communication process involving the planning, creation, integration and implementation of diverse forms of marketing communications that are delivered over time to a brand's targeted customers and prospects.
  • Software Engineering

    Software Engineering

    On Design. There is no "one true correct design" There are wrong designs. Inflexible. Unreliable "Ugly" GRASP and other OO guidelines (SRP, etc) are meant to help make decisions but are not rules that must be followed.