Network Management and Administration (3360703) 196080307553

PRACTICAL 1 
AIM: Execute Basic TCP/IP utilities and commands. 
 
ARP: 
 The ARP utility helps diagnose problems associated with the Address Resolution
Protocol (ARP). TCP/IP hosts use ARP to determine the physical (MAC) address that
corresponds with a specific IP address. Type arp with the – a option to display IP
addresses that have been resolved to MAC addresses recently.

APR -a:
 Displays current ARP entries by interrogating the current protocol data. If internet
address is specified, the IP and Physical addresses for only the specified computer are
displayed. If more than one network interface uses ARP, entries for each ARP table
are displayed.

1
Network Management and Administration (3360703) 196080307553

FTP:
 Transfers files to and from a computer running a File Transfer Protocol (FTP) server
service such as Internet Information Services. Ftp can be used interactively or in batch
mode by processing ASCII text files. This command is available only if the Internet
Protocol (TCP/IP) protocol is installed as a component in the properties of a network
adapter in Network Connections. Ftp can be used interactively. After it is started, ftp
creates a sub environment in which you can use ftp commands. You can return to the
command prompt by typing the quit command. When the ftp sub environment is
running, it is indicated by the ftp > command prompt.

Ping: 
 The ping command is used to test connectivity between two hosts. It sends ICMP
echo request messages to the destination. The destination host replies with
ICMP replies messages. If the ping command gets a reply from the destination host, it
displays the reply along with round-trip times. 

2
Network Management and Administration (3360703) 196080307553

 The ping command uses the following syntax. 

ping destination host IP or name 

3
Network Management and Administration (3360703) 196080307553

Ipconfig:
 Ipconfig is a command line tool used to manage the network connections. Ipconfig is
a troubleshooting tool for problems related to TCP/IP connection. All the network
settings currently assigned by the network can be displayed using the Ipconfig
command. It can also be used to check network connections and network settings.
 The basic function of Ipconfig is to display IP address, subnet mask, and default
gateway of each network adapter. It can also be used to display or reset the DNS
cache, refresh registered DNS names, set and display the DHCP class IDs for an
adapter.
 The default is to display only the IP address, subnet mask and default gateway for
each adapter bound to TCP/IP. For Release and Renew, if no adapter name is
specified, then the IP address leases for all adapters bound to TCP/IP will be released
or renewed.

Syntax :

 Ipconfig

4
Network Management and Administration (3360703) 196080307553

 ipconfig /all Display full configuration information.

 Ipconfig /release Release the IP address for the specified adapter.

5
Network Management and Administration (3360703) 196080307553

 Ipconfig /renew Renew the IP address for the specified adapter.

Netstat:

 Netstat (Network Statistics) displays network connections (both incoming and outgoing),
routing tables, and a number of network interface statistics. It is an important part of the
Network + exam but it's a helpful tool in finding problems and determining the amount of
traffic on the network as a performance measurement.
 Netstat is a command line diagnostic tool which displays the information about TCP/IP
network protocol. The basic function of netstat is to check which ports are active on the
machine. It also gives information about the different ports such as the port number, the
associated protocol and status. This information is helpful in getting information about
which ports are closed or open and to determine which port are vulnerable to attacks.
 When you enter netstat on the command prompt, it provides you with a list of information
about the connection. It also provides details such as the different protocol being used,
name of you machine, TCP/IP connection, foreign address (the other computer or
network device), local address (your computer) and status of connection.

Syntax :

 Netstat

6
Network Management and Administration (3360703) 196080307553

 Netstat –e –t 5
Displays all connections and listening ports. (Server-side connections are normally not
shown).

 Netstat–f

 Netstat –o.
Shows Active Connection.

7
Network Management and Administration (3360703) 196080307553

Nslookup:

 Nslookup provides a command-line utility for diagnosing DNS problems. In its most
basic usage, Nslookup returns the IP address with the matching host name.

Syntax :

 Nslookup

 Server [Link]

Telnet:

The Telnet protocol creates a communication path through a virtual terminal connection. The
data distributes in-band with Telnet control information over the transmission control
protocol (TCP).

Unlike other TCP/IP protocols, Telnet provides a log-in screen and allows logging in as the
remote device’s actual user when establishing a connection on port 23. This type of access
grants direct control with all the same privileges as the owner of the credentials.

 telnet

 telnet [Link] 80

8
Network Management and Administration (3360703) 196080307553

The command goes to a blank screen, indicating the port is available.

Running the command on an open port 23 displays the screen of the telnet host,
confirming an established Telnet connection:

Tracert:
 Tracert is very similar to Ping, except that Tracert identifies pathways taken along each
hop, rather than the time it takes for each packet to return (ping).
 If I have trouble connecting to a remote host I will use Tracert to see where that
connection fails. Any information sent from a source computer must travel through many
computers / servers / routers (they're all the same thing, essentially) before it reaches a
destination.
 It may not be your computer but something that is down along the way. It can also tell
you if communication is slow because a link has gone down between you and the
destination.
 If you know there are normally 4 routers but Tracert returns 8 responses, you know your
packets are taking an indirect route due to a link being down.

Syntax :-

 Tracert

 Tracert [Link]

9
Network Management and Administration (3360703) 196080307553

PRACTICAL 2

AIM: - Configure a router (Ethernet and Serial Interface) using router

commands including access lists on network simulator.
 Designing a network

10
Network Management and Administration (3360703) 196080307553

 Assign IP on Routers Fastethernet0/0 with CLI shown as below:

Router0

Router1

Router2

11
Network Management and Administration (3360703) 196080307553

 Same as FastEthernet also Assign the IP on the RIP ports of Routers.

Router0

Router1

12
Network Management and Administration (3360703) 196080307553

Router2

 Assign IP to Computer which is connected with switch with gateway where it is assign at
Router.

13
Network Management and Administration (3360703) 196080307553

PC0

PC1

PC3

14
Network Management and Administration (3360703) 196080307553

PC5

 Ping the IP with different network of Pc to check Routes is working or not.

15
Network Management and Administration (3360703) 196080307553

 So the data can be transfer in different network and share information easily.

PRACTICAL 3
16
Network Management and Administration (3360703) 196080307553

Aim: Setup and Configure VPN.

VPN (virtual private network) technology lets a computer using a public internet connection
join a private network by way of a secure “tunnel” between that machine and the network.
This protects the data from being seen or tampered with by bad actors. The two most
common use cases are consumer VPN services that allow individuals to surf privately from
home or a public setting, and business-oriented solutions that allow employees to securely
connect to a corporate network remotely.
For the most part, VPN connections are handled by custom software such as the many
consumer VPN services we’ve reviewed, or by third-party generic software such as the
OpenVPN client or Cisco AnyConnect.
Another option that’s generally supported by most virtual private networks is to use
Microsoft’s built-in VPN client. This is useful when some VPNs don’t provide their own
client or if you want to use a VPN protocol not supported by your VPN’s client such as
IKEv2.

Steps to creating a VPN in Windows 11:

 Open control panel, go to Network and Sharing Center and click Set up a new
connection or network.

 Select Connect to a workplace.

17
Network Management and Administration (3360703) 196080307553

 Create a new connection.

 Select use my Internet connection (VPN)

18
Network Management and Administration (3360703) 196080307553

 Enter your internet address and connection name and click Create.

 We can see the connection is created or not in Control Panel > Network and Internet >
Network Connections.

19
Network Management and Administration (3360703) 196080307553

Now go to client-side system and configure VPN to connect.

 Press win key and search for VPN settings.

 Add the VPN Connection

20
Network Management and Administration (3360703) 196080307553

 Enter all the details provided from administrator and click save.

 The VPN is added successfully, click Connect to connect to the VPN.

 We are connected to the VPN Successfully!

21
Network Management and Administration (3360703) 196080307553

PRACTICAL 4
22
Network Management and Administration (3360703) 196080307553

Aim: Design and implement small network using actual physical components
with IP address scheme.
Network:
The first task in understanding how to build a computer network is defining what a network is
and understanding how it is used to help a business meet its objectives. A network is a
connected collection of devices and end systems, such as computers and servers that can
communicate with each other. Networks carry data in many types of environments, including
homes, small businesses, and large enterprises. In a large enterprise, a number of locations
might need to communicate with each other, and you can describe those locations as follows:
 Main office: A main office is a site where everyone is connected via a network and
where the bulk of corporate information is located. A main office can have hundreds
or even thousands of people who depend on network access to do their jobs. A main
office might use several connected networks, which can span many floors in an office
building or cover a campus that contains several buildings.
 Remote locations: A variety of remote access locations use networks to connect to
the main office or to each other.
 Branch offices: In branch offices, smaller groups of people work and communicate
with each other via a network. Although some corporate information might be stored
at a branch office, it is more likely that branch offices have local network resources,
such as printers, but must access information directly from the main office.
 Home offices: When individuals work from home, the location is called a home
office. Home office workers often require on-demand connections to the main or
branch offices to access information or to use network resources such as file servers.
 Mobile users: Mobile users connect to the main office network while at the main
office, at the branch office, or traveling. The network access needs of mobile users are
based on where the mobile users are located.
Common Physical Components of a Network:
These are the four major categories of physical components in a computer network:
 Personal computers (PCs): The PCs serve as endpoints in the network, sending and
receiving data.

Personal Computer
 Interconnections: The interconnections consist of components that provide a means
for data to travel from one point to another point in the network. This category
includes components such as the following:
Network interface cards (NICs) that translate the data produced by the computer
into a format that can be transmitted over the local network

23
Network Management and Administration (3360703) 196080307553

Network media, such as cables or wireless media, that provides the means by which
the signals are transmitted from one networked device to another
Connectors that provide the connection points for the media
Switches: Switches are devices that provide network attachment to the end systems
and intelligent switching of the data within the local network.
Routers: Routers interconnect networks and choose the best paths between networks.

Router Switch (24 Port)

Ethernet Media and Connection Requirements:
Distance and time dictate the type of Ethernet connections required.
 Twisted Pair Cable: Twisted-pair is a copper wire–based cable that can be either
shielded or unshielded. UTP cable is frequently used in LANs. Figure shows an
example of a UTP cable and STP cable.

UTP Cable:
UTP cable is a four-pair wire. Each of the eight individual copper wires in UTP cable
is covered by an insulating material. In addition, the wires in each pair are twisted
around each other. The advantage of UTP cable is its ability to cancel interference,
because the twisted-wire pairs limit signal degradation from electromagnetic
interference (EMI) and radio frequency interference (RFI). To further reduce crosstalk
between the pairs in UTP cable, the number of twists in the wire pairs varies. Both
UTP and shielded twisted-pair (STP) cable must follow precise specifications
regarding how many twists or braids are permitted per meter. UTP cable is used in a
variety of types of networks. When used as a network medium, UTP cable has 4 pairs
of either 22- or 24-gauge copper wire. UTP used as a network medium has an
impedance of 100 ohms, differentiating it from other types of twisted-pair wiring,
such as that used for telephone wiring.
Because UTP cable has an external diameter of approximately 0.43 cm or 0.17 inches,
its small size can be advantageous during installation. Also, because UTP can be used

24
Network Management and Administration (3360703) 196080307553

with most of the major network architectures, it continues to grow in popularity.

Categories of UTP cable:

Category 1: Used for telephone communications; not suitable for transmitting data
Category 2: Capable of transmitting data at speeds of up to 4 Mbps
Category 3: Used in 10BASE-T networks; can transmit data at speeds up to 10 Mbps
Category 4: Used in Token Ring networks; can transmit data at speeds up to 16 Mbps
Category 5: Capable of transmitting data at speeds up to 100 Mbps
Category 5e: Used in networks running at speeds up to 1000 Mbps (1 Gbps)
Category 6: Consists of 4 pairs of 24-gauge copper wires, which can transmit data at
speeds of up to 1000 Mbps
The most commonly used categories in LAN environments today are Categories 1
(used primarily for telephony), 5, 5e, and 6.
RJ-45 Connector:

If you look at the RJ-45 transparent-end connector, you can see eight colored wires,
twisted into four pairs. Four of the wires (two pairs) carry the positive or true voltage
and are considered "tip" (T1 through T4); the other four wires carry the inverse of
false voltage grounded and are called "ring" (R1 through R4). Tip and ring are terms
that originated in the early days of the telephone. Today, these terms refer to the
positive and negative wires in a pair. The wires in the first pair in a cable or a
connector are designated as T1 and R1, the second pair as T2 and R2, and so on. The
RJ-45 plug is the male component, crimped at the end of the cable. As you look at the
male connector from the front, the pin locations are numbered from 8 on the left to 1
on the right. The jack is the female component in a network device, wall, cubicle
partition outlet, or patch panel.
In addition to identifying the correct EIA/TIA category of cable to use for a
connecting device (depending on which standard is being used by the jack on the
network device), you need to determine which of the following to use:
1. A straight-through cable
2. A crossover cable
In Figure, the RJ-45 connectors on both ends of the cable show all the wires in the
same order. If the two RJ-45 ends of a cable are held side-by-side in the same
orientation, the colored wires (or strips or pins) can be seen at each connector end. If
the order of the colored wires is the same at each end, the cable type is straight-
through.

Straight-Through Cable Vs Crossover Cable

25
Network Management and Administration (3360703) 196080307553

Use straight-through cables for the following cabling:

Switch to router
Switch to PC or server
Hub to PC or server

Use crossover cables for the following cabling:

Switch to switch
Switch to hub
Hub to hub
Router to router
Router Ethernet port to PC NIC
PC to PC

 Router Set up and configuration.

1. Open the router's administration tool. From the computer connected to the router,
first open your Web browser. Then enter the router's address for network administration
in the Web address field and hit return to reach the router's home page. Many routers are
reached by either the Web address "[Link] or "[Link] Consult
your router's documentation to determine the exact address for your model. Note that
you do not need a working Internet connection for this step.

2. Log in to the router. The router's home page will ask you for a username and password.
Both are provided in the router's documentation. You should change the router's
password for security reasons, but do this after the installation is complete to avoid
unnecessary complications during the basic setup.

26
Network Management and Administration (3360703) 196080307553

3. If you want your router to connect to the Internet, you must enter Internet connection
information into that section of the router's configuration (exact location varies). If
using DSL Internet, you may need to enter the PPPoE username and password.
Likewise, if you have been issued a static IP address by your provider (you would need
to have requested it), the static IP fields (including network mask and gateway) given to
you by the provider must also must be set in the router.

4. If you were using a primary computer or an older network router to connect to the
Internet, your provider may require you to update the MAC address of the router with
the MAC address of the device you were using previously.

5. If this is a wireless router, change the network name (often called SSID). While the

router comes to you with a network name set at the factory, you will never want to use
this name on your network.

27
Network Management and Administration (3360703) 196080307553

6. Verify the network connection is working between your one computer and the router.
To do this, you must confirm that the computer has received IP address information
from the router.

28
Network Management and Administration (3360703) 196080307553

Step 3: Assign static ip address to all pc or dynamic ip address to all pc.

 Open the Network and Sharing Center and then click on Change adapter settings.

 Right-click on Local Area Connection and select Properties.

 In the Local Area Connection Properties window highlight Internet Protocol Version

4 (TCP/IPv4) then click the Properties button.

29
Network Management and Administration (3360703) 196080307553

 Now select the radio button Use the following IP address and enter in the correct IP,
Subnet mask, and Default gateway that corresponds with your network setup. Then
enter your Preferred and Alternate DNS server addresses.
 Check Validate settings upon exit so Windows can find any problems with the
addresses you entered. When you’re finished click OK.

 Now close out of the Local Area Connections Properties window.

 Same as above give static IP address to all pc.

30
Network Management and Administration (3360703) 196080307553

PRACTICAL 5
Aim: Configuration of the following.
A) Remote Login Service – TELNET/SSH
B) Configuration of FTP server and accessing it via FTP Client.

Remote Login Service – TELNET/SSH:-

A terminal emulation program for TCP/IP networks such as the Internet. The Telnet program
runs on your computer and connects your PC to a server on the network. You can then enter
commands through the Telnet program and they will be executed as if you were entering
them directly on the server console. This enables you to control the server and communicate
with other servers on the network. To start a Telnet session, you must log in to a server by
entering a valid username and password. Telnet is a common way to remotely control Web
servers. To telnet means to establish a connection with the Telnet protocol, either with
command line client or with a programmatic interface. Secure Shell (SSH) is a cryptographic
network protocol for secure data communication, remote shell services or command
execution and other secure network services between two networked computers that
connects, via a secure channel over an insecure network, a server and a client (running SSH
server and SSH client programs, respectively). It was designed as a replacement for Telnet
and other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which
send information, notably passwords, in plaintext, rendering them susceptible to interception
and disclosure using packet analysis. The encryption used by SSH is intended to provide
confidentiality and integrity of data over an unsecured network, such as the Internet. A
network protocol that ensures a high-level encryption, allowing for the data transmitted over
insecure networks, such as the Internet, to be kept intact and integrate. SSH and SSH Telnet,
in particular, work for establishing a secure communication between two network-connected
computers as an alternative to remote shells, such as TELNET, that send sensitive
information in an insecure environment. In contrast to other remote access protocols, such as
FTP, SSH Telnet ensures higher level of connection security between distant machines but at
the same time represents a potential threat to the server stability. Thus, SSH access is
considered a special privilege by hosting providers and is often assigned to users only per
request. Let us apply Telnet and SSH on packet tracer.

31
Network Management and Administration (3360703) 196080307553

Take the topology as in the above diagram. Set IPs on the PCs. As, by default, all PCs are in
LAN
 We will create a virtual interface on switch with VLAN 1 as follows.

32
Network Management and Administration (3360703) 196080307553

 Now, we can ping to switch by our hosts because hosts are in VLAN 1 and switch also
has a VLAN 1
interface.

 Now, try to telnet the switch from our PC, it refuses because we have not applied
authentication on the switch yet.

33
Network Management and Administration (3360703) 196080307553

 So, let’s apply line authentication on the switch. The system supports 20 virtual tty (vty)
lines for Telnet, Secure Shell Server (SSH) and FTP services. Each Telnet, SSH, or FTP
session requires one vty line. You can add security to your system by configuring the
software to validate login requests.

 Now, we can easily telnet. But it does not let us go in the switch enabled mode because
we have not set the password on the switch yet.

 Let’s apply password on the switch enabled mode.

 Now, we can go inside Switch configuration mode from our pc.

34
Network Management and Administration (3360703) 196080307553

 So, now let us apply SSH on the switch.

 Now, we try to telnet it but it is refused because ssh has over ruled telnet. So, we will use
SSHprotocol on it. By default username is admin.

35
Network Management and Administration (3360703) 196080307553

 And we can apply any sort of configuration on our switch from out pc.

 Now, if we want to change the username from admin to something else, we will do it as
follows.

36
Network Management and Administration (3360703) 196080307553

 And from our PC as follows.

Configure FTP Server on Windows 2012 Server: -

37
Network Management and Administration (3360703) 196080307553

The following is a list of the steps you need to perform to configure and enable the built-in
Windows 2012 server. Before you start, you need to make sure that you actually have the
FTP server installed. Depending on what server role you selected during the Windows 2012
server install process; you may or may not have FTP installed.

Steps for installing FTP server.

 Open server manager and click on add roles and features.

 Click Next.

38
Network Management and Administration (3360703) 196080307553

 Select Role-based installation and Click Next.

 Select the Server from server pool and click Next.

39
Network Management and Administration (3360703) 196080307553

 Select Web Server (IIS).

 Click Add Features to add the Web Server features and then click Next.

40
Network Management and Administration (3360703) 196080307553

 Leave the Features as it is and click Next.

 Read the information about the Web Server and click Next.

41
Network Management and Administration (3360703) 196080307553

 Scroll Down and select all the FTP Server Role Services and click Next.

 Read the Confirmation Installation and click Next.

42
Network Management and Administration (3360703) 196080307553

 Wait until it installs the Roles and Features, then restart your PC.

 Go to start menu and open Administrative Tools.

43
Network Management and Administration (3360703) 196080307553

 Open Internet Information Service (IIS) Manager.

 Expand your system and open Sites.

44
Network Management and Administration (3360703) 196080307553

 Now Right click on sites and click Add FTP Sites.

 Enter your FTP site name and set physical path for FTP, click next.

45
Network Management and Administration (3360703) 196080307553

 Enter your server IP address and port number, select no SSL and click Next.

 Select Authentication, select users access and Permission as per your requirement and
click Finish.

46
Network Management and Administration (3360703) 196080307553

 Now you can see, your FTP site is created.

47
Network Management and Administration (3360703) 196080307553

 Now go to any local system which connected in same network and go to any browser
then type your ftp IP address, you will see a pop-up window asking for username and
password, enter your username and password and click Log on.

 Now you will see your FTP path folder and open in browser and you access the data
which is stored in FTP folder.

 The Content File is shown as Below.

48
Network Management and Administration (3360703) 196080307553

PRACTICAL 6
Aim: Setting up and Configuring Local Print Device and Network Print Device.

Setting up Local Print Device:

Follow this step to setting up Local Print Device:
1. Open the Printers folder. (Select Start-Settings-Printers)
2. In the Printers folder, double-click Add Printer.
3. The Add Printer Wizard begins. Click Next.
4. The Local or Network Printer screen appears. Ensure that the check box next to
“Automatically detect and install my Plug and Play printer” is cleared. Click Next.
5. The Select the Printer Port screen appears, as shown in Figure Notice that LPT1: is
the default selection. Select the port that the print device is connected to form the list.
If the port you want to use is not displayed, select the “Create a new port” option, and
select the type of port you want to create from the Type drop-down list box. Then
follow the instructions presented on-screen to create the new port. Click Next.
6. The Add Printer Wizard screen is displayed, as shown in below Figure. Select your
print device’s manufacturer from the list on the left. Then select the print device’s
model from the list on the right.
7. If you’re print device does not appear in the list, and you have drivers for the device
(either on a floppy disk, CD-ROM, or downloaded from the Internet), click Have Disk
and follow the instructions on-screen.
On the Name Your Printer screen, either accepts the default name displayed for this
printer, or type in a different name in the “Printer name” text box. Also choose
whether you want this printer to be the default printer for all Windows-based
programs on this computer. Click Next.
8. On the Printer Sharing screen, choose whether or not to share this printer. If you
choose to share the printer, either accepts the default name displayed for the shared
printer, or type in a different name in the “Share as” text box. Click Next.
9. If you choose to share the printer in step 8, a Location and Comment screen appears
on which you can describe the location and features of the printer you are adding. All
entries on this screen are optional. Enter information as appropriate and Click Next.
10. The Print Test Page screen is displayed. Select Yes to print a test page, or select No to
skip printing a test page. Click Next.
11. On the Completing the Add Printer Wizard screen, click Finish.
12. The local printer you just added is displayed in the Printers folder. Close the Printers
folder.

Setting up Network Print Device:

Follow this step to setting up Network Print Device:
1. Open the Printers folder. (Select Start-Settings-Printers)
2. In the Printers folder, double-click Add Printer.
3. The Add Printer Wizard begins. Click Next.
4. The Local or Network Printer screen appears. Select the option next to “Network
printer”. Click Next.
5. The Locate Your Printer screen appears, as shown in Figure.

49
Network Management and Administration (3360703) 196080307553

On this screen, you specify how you want to locate the shared network printer you are
adding. The options you can select from are:
 Find a printer in the Directory: Select this option if you want to have Windows
search Active Directory for the shared network printer. If you select this option
(which is default setting), you can use the Find Printers dialog box to search
Active Directory for the printer.
 Type the printer name, or click Next to browse for a printer: Select this option if
you want to specify a UNC path to the shared network printer, or if you want to
browse the network for this printer. If you select this option, you can select the
shared network printer from a browse list.
 Connect to a printer on the Internet or on your intranet: Select this option if you
want to specify a URL for an Internet printer.
6. If the computer that hosts the shared network printer you are adding does not have
drivers for the print device that are supported by Windows 2000, Windows 2000
prompts you to install drivers on the local Windows 2000 computer to enable it to
print to the shared network printer. If this Connect to Printer warning dialog box does
not appear, skip to step 8. If this Connect to Printer warning dialog box appears, click
OK and continue.
7. In the Add Printer Wizard dialog box, select the shared network print device’s
manufacturer from the list on the left. Then select the print device’s model from the
list on the right.
If the shared network print device does not appear in the list, and you have drivers for
the device (either on a floppy disk, CD-ROM, or downloaded from the Internet), click
Have Disk and follow the instructions on-screen. Click Next.
8. On the Default Printer Screen, choose whether the network printer you are adding will
be the default printer for all Windows-based programs on this computer. Click Next.
9. On the Completing the Add Printer Wizard screen, click Finish.
10. The network printer you just added is displayed in the Printers folder. Close the
Printers folder.

50
Network Management and Administration (3360703) 196080307553

PRACTICAL 7
Aim: Creating Windows Server Boot Disk and Install Windows Server.
Creating Windows Server Boot Disk
 Creating a windows server boot disk is a relatively straightforward process.
 You need a program (software) to pull the boot image file from your regular Windows
Server CD (DVD).
 You need an installed program to create the CD (DVD).
 You can use software like Nero, ISO Buster to pull the boot image file from the CD.
 ISO Buster is a part freeware and part shareware data recovery tool.
 Follow these steps to make the CD (DVD) bootable:
 Download and install ISO Buster. Insert the Windows server CD into your CD
drive and load ISO Buster.
 Expand the CD drive in ISO Buster until you see a floppy disk icon with the
Bootable CD label.
 Click on the bootable CD in the left pane, and in the right pane of ISO Buster you
will see a file called Microsoft [Link], which is the boot image file for
the CD.
 Right click on the .img file and select Extract [Link]. Remember the
location where you save this file, then close ISO Buster.
 Open your CD-burning program. Click File/New CD Project/Bootable CD. A
screen will pop up: Choose Type of Bootable CD. There are a few settings you
need to know about on this screen. Browse to where you stored that boot image
file, import it and click OK.
 You should see two .bin files in the CD project files window. Use the dropdown
menu at the top left to select the folder where you stored the file.
 Customize the CD Project Properties.
 Now you are ready to create the CD. Insert the blank CD and select Record. In a
few minutes it will be completed, and you will have your very own customized
Windows Server installation CD.
Installing windows server
To use Windows Server 2012 you need to meet the following minimum hardware
requirements.
Requirements
Components Itanium Based
32 bit Server 64 bit Server
Server
CPU 1 GHZ 1.4 GHZ 2 GHZ
Memory 512 MB 512 MB 1 GB
Free Disk Space 10 GB 10 GB 10 GB
Display SVGA 800x600 SVGA 800x600 SVGA 800x600
Drive DVD ROM DVD ROM DVD ROM
Keyboard YES YES YES
Mouse YES YES YES

51
Network Management and Administration (3360703) 196080307553

Follow this step to install Windows Server 2012:

1. Insert the Windows Server 2012 installation media (Bootable DVD) into your DVD
drive and set first boot device DVD drive in CMOS setup (Pressing Del or F2 key for
enter in CMOS Setup when computer is start).
2. Reboot the computer, now your computer boot from Windows Server 2012 Bootable
media.
3. In this prompt, select language to install, keyboard or input method and Click Next.

4. Press Install Now to begin the installation process of Windows Server 2008.

52
Network Management and Administration (3360703) 196080307553

5. Select the version of core you wish to install.

6. Read and accept the license terms by clicking to select the checkbox and Pressing
Next.

53
Network Management and Administration (3360703) 196080307553

7. Select your preferred option.

8. Select New to partition the hard disk and Select drive size in MB and then click
Apply.

54
Network Management and Administration (3360703) 196080307553

9. Copying windows files started > sit back and relax while Installation takes a moment.

10. After rebooting, type an administrative password and then click finish.

55
Network Management and Administration (3360703) 196080307553

11. Login together with your current password to login Windows Server 2012.

56
Network Management and Administration (3360703) 196080307553

12. Home Screen of the Windows Server 2012 R2.

57
Network Management and Administration (3360703) 196080307553

PRACTICAL 8
Aim: Install and Configuring Linux Server.

Red Hat Enterprise Linux (RHEL) 6 Server Installation:

Red Hat Enterprise Linux Server is most widely used operating system in the Data Center for
production environment. Most of the applications like Oracle; Mail Servers & Web servers
are installed on RHEL Servers. Current stable version is 8.1. Red Hat Enterprise Linux is one
of the best and stable Linux Operating systems.
Red Hat Enterprise Linux is a Linux-based operating system developed by Red Hat and
targeted the commercial market
There are numbers of new technology and features are added; some of the important features
are listed below:
 Ext4 a default file system, and the optional XFS file system.
 XEN is replaced by KVM (Kernel based Virtualization). However, XEN is supported
till RHEL 8 life cycle.
 Supported future ready File system called Btrfs pronounced “Better F S”.
 Upstart event driven which contains scripts that are only activated when they are
needed. With Upstart, RHEL 8.1 has adopted a new and much faster alternative for
the old System V boot procedure.
Installation steps:
1. Download the RHEL 8.1 ISO file from the Red Hat portal:
[Link]
2. Now Burn the downloaded ISO file into DVD or USB drive.
3. There are number of installation types such as unattended installation called Kickstart,
and Text-based Installer, we used Graphical Installer. Please choose packages during
installation as per your need.
4. Change the Server's Boot medium; select the DVD or USB drive depending upon
your media. Below Screen will after booting with bootable media and Select 'Install
or Upgrade an existing system' option and press enter.

58
Network Management and Administration (3360703) 196080307553

5. Select Installation Destiny to Select a HDD Drive.

59
Network Management and Administration (3360703) 196080307553

6. Select HDD to Install.

7. Select Time Zone for India, Kolkata

60
Network Management and Administration (3360703) 196080307553

8. Now Begin Installation to Complete the Setup.

9. Set the Root username and password to login.

61
Network Management and Administration (3360703) 196080307553

10. Make user as Administrator with giving a unique Username.

11. Now setup is complete and click on reboot.

12. Confirm the licensed agreement with check mark on the option.

62
Network Management and Administration (3360703) 196080307553

63
Network Management and Administration (3360703) 196080307553

13. Now Login with your username.

14. Setup is completed.

64
Network Management and Administration (3360703) 196080307553

PRACTICAL 9
Aim: Installing Active Directory, Create Domain Controller & Creating AD
Objects.

Installing Active Directory:

Before installing Active Directory you should ensure that your computer has:
 A meaningful name i.e. Server, DC.
 A static IPv4 address.
 At least one NTFS partition.
 A Network connection.
The Active Directory Domain Controller role is actually a two-step process to get the Active
Directory DC installed: first you install the role and second you run dcpromo.
Setup Active Directory Domain Services
1. Log into your Windows Server and start the Server manager from task bar.

2. Now Click on Add Roles and features.

3. Click Next to start setup.

65
Network Management and Administration (3360703) 196080307553

4. Server Selection is not necessary for this, click Next.

5. Select Active Directory Domain Services.

66
Network Management and Administration (3360703) 196080307553

6. Click Add Features.

7. Click Next.

67
Network Management and Administration (3360703) 196080307553

8. Select .NET 3.5 Feautres and click Next.

9. Read the AD DS and click Next.

68
Network Management and Administration (3360703) 196080307553

10. Check the mark for Restart and click Yes to give permission.

11. Click Install to start installing the feature.

69
Network Management and Administration (3360703) 196080307553

12. Wait until the setup finished.

13. After finishing the Feature Installation, click Close.

70
Network Management and Administration (3360703) 196080307553

14. Now, Click on the flag and promote this server to Domain Controller.

15. Select Add a new forest and enter your Root domain name.

71
Network Management and Administration (3360703) 196080307553

16. Select Whether Client has Lower version of Windows Server to Get into Domain.
Click Next.

17. Click Next.

72
Network Management and Administration (3360703) 196080307553

18. Check Whether Domain is correct or not or need to change the name and click next.

19. Click Next.

73
Network Management and Administration (3360703) 196080307553

20. Read the Review Options and click Next.

21. Click Install.

74
Network Management and Administration (3360703) 196080307553

22. Then it will restart the PC.

75
Network Management and Administration (3360703) 196080307553

76
Network Management and Administration (3360703) 196080307553

77
Network Management and Administration (3360703) 196080307553

You will able to manage the domain through the new tools that will appear in the
Administrative tools folder in the start menu. Followings are appear.
 Active Directory Domain and Trusts.
 Active Directory sites and Services.
 Active Directory Users and computers.
 ADSI Edit.
 DNS
 Group Policy Management.

Active Directory Objects:

Real-world entities such as users, computers are represented as objects in Active Directory.
One important aspect with respect to object characteristics is that some of the objects can
contain other objects. Objects that contain other objects are container objects while others are
just leaf objects.

Each object consists of a set of attributes which best describes it. For example, consider a
user object. A user is described by attributes like Name, Address, and Telephone number and
so on. Active Directory supports numerous types of objects. The objects that can be
authenticated and to which permissions can be assigned are called as security principals. Each
security principal object has a security identifier associated with it in addition to the global
identifier. User, computer and group objects are referred to as security principal objects.

Active directory supports various types of objects like User, Group, Contact, Computer,
Shared Folder, Printer and Organizational Unit.

A user object represents individuals who need access to the resources in a network. Each user
account has a user name and a password. The purpose behind creating user accounts is to
authenticate the identity of the user and authorize the access to the network resources. Active
Directory supports two types of built in user accounts – Administrator and Guest account.

A computer object represents a work station or a server in a network. A computer account

helps in authenticating and authorizing its access to network resources.

A group object represents a collection of user accounts, computer accounts, contacts and
other groups that can be managed as a single unit. Groups facilitate role based access to
network resources. There are two types of groups – Security and Distribution groups.
Security groups are mainly used for the purpose of providing access to network resources.
Distribution groups are not security enabled and can be used only for communication
purpose. Groups can vary in scope which limits its membership and scope of operation.

A contact object contains the contact information about people who are associated with the
organization but are not part of it like contractors, suppliers. A contact object does not have a
SID associated with it which prevents it from having access to the network resources.

A shared folder object is used to share files across the network. It is mapped to a server
share.

A printer object corresponds to a printer resource in a network.

78
Network Management and Administration (3360703) 196080307553

Creating objects in Active Directory:

Active Directory is the Windows directory service, and its role is to maintain information
about enterprise resources, including users, groups, and computers. Resources can be divided
into Organizational Units (OUs) to facilitate manageability and visibility that is, they can
make it easier to find objects.

You can create objects in Active Directory by using the Active directory users and computers
console.

1. Start -> Administrators tools -> Active Directory users and computers.
2. On the Active Directory users and computers console, right click on the container
object within which you would like to create an object.
3. A submenu pops out, from that choose the option new.
4. On choosing the option “new” another submenu pops out with a list of objects, from
that choose the object that you intend to create.
5. After you choose an object, respective dialogue boxes appear in which you can enter
the attribute values for the object .When you complete this, the object has been
created.

Organizational Unit:
Select New> Select Organizational Unit. Assign a descriptive name and ensure Protect
Container from Accidental Deletion is selected. Then click OK to create the OU.

79
Network Management and Administration (3360703) 196080307553

Note: The Windows Server 2008 administrative tool adds a new option: the Protect Container
from Accidental Deletion. This option adds a safety switch to the OU so that it cannot be
accidentally deleted. Two permissions are added to the OU:
Everyone::Deny::Delete
And Everyone:: Deny::Delete Subtree.
No user, not even an administrator, will be able to delete the OU and its contents
accidentally. It is highly recommended that you enable this protection for all new OUs.
Users
Select New>Select User. Fill in the user’s details and Click Next. Assign a temporary
password and ensure User must change password at next logon is selected. Then Click Next.
Click Finish to create the user.
Groups
Select New>Select Group. Assign a descriptive name and a group scope and group type and
Click OK to create the group
Note: There are two main functions of groups in Active Directory:
Gathering together objects for ease of administration
Assigning permissions to objects or resources within the Directory.
There are three types of group scope in Active Directory: Universal, Global, and Domain
Local.
There are two types of groups in Active Directory: Security and Distribution.
Security groups are used for assigning permissions and are the most commonly used.
Distribution groups are solely used for grouping users together for administrative purposes,
for example e-mail and messaging. You cannot assign permissions to distribution groups.
Computers
Select New>Select Computer. Assign Computer name. User or group who have the
permissions to join a computer to the domain, default is Domain Admins. Do not select the
check box labeled Assign This Computer Account as a Pre-Windows 2000 Computer unless
the account is for a computer running Microsoft Windows NT 4.0. Click OK to create
computer object.

80
Network Management and Administration (3360703) 196080307553

PRACTICAL 10
Aim: Create new Users, assign privileges/ Permission & Modify/ Delete/
Deactivate Users and groups.
User Account:
 Everyone who accesses the gain of any windows server, he/she must have account
established on the server on domain.
 The account defines the user name and password, along with a host of other
information specific to each user.
 Creating, maintaining and deleting user account is very easy in all windows server
like 2000, 2003, 2008 and 2012.
 Maintain a user account; you use the active directory users and computers
management console.
 You can open this console by clicking the start menu-control panel-administrative
tools and click on active directory users and computers management console.
 Once the console is open, open the tree for the domain you are administering and then
click the user’s folder.
 To accomplish activities in the console, you first select either a container in the left
pane or an object in the right pane, and then right-click the container or object or open
the action pull-down menu and choose from the available options.
 Because the available options change based on the selected container or object, first
selecting an object with which to work is important.
Creating a User:
To add a user with the active directory user and computers console.
 First start by selecting the user’s container in the left pane with the tree opens to the
domain you are administering.
 Right click on the user container, choose from the pop-up menu, and choose user from
the submenu.
 You see the Create new Object dialog box shown in figure.
 Fill up the details in field shown in figure like First name Last name, Name, User
logon Name and click on next, you shown figure.
 In this second dialog box, you enter the initial password that the account will use.
 You also select the several options that will apply to the account as follow.

 User Must Change Password at Next Logon: If you select this checkbox then
users choose their own password when they first login to system.
 User Cannot Change Password: If you not want to enable users to change their
passwords, you should not select this option. Most sites allow users to change

81
Network Management and Administration (3360703) 196080307553

their own passwords and you want enable them to do so if you have set passwords
to automatically expire.
 Password Never Expires: If you choose this option, to allow the password to
remain workable for as long as the users chooses to it. Activating this option for
most users is generally considered a poor security practice, so consider carefully
whether you should enable this option.
 Account Disabled: Selecting this option disables the new account. The
administrator can enable the account when needed by clearing the checkbox.
After entering a password and selecting option click on next to constitute. And you
will see a confirmation on screen click next to create account and back to change any setting.
Modifying a User:
 You can see a dialog box of creating a user account, creating a user account is much
simpler than the one you see when modifying a user account. The dialog box in which
you modify the information about a user contains many other fields that you can use
to document the account and to set some other security options.
 To modify an existing user account, right click the user object you wish to modify and
properties from the pop-up menu. You then see the tabbed dialog box shown in figure.
 In the first two tabs general and address, you can enter some additional information
about the user, such as his or her title, mailing address, telephone number, e-mail
account, description etc.
 The third tab, account is where you can set some important user accounts options.
Figure shows the account tab.
 The first line of the dialog box defines the user’s windows server domain in which the
user has primary membership.
 The second line defines the user’s Windows NT logon Name, which the User can
optionally use if he or she needs to log in the domain from a Windows NT computer
or use an application that does not yet support active Directory logins.
 Clicking the Logon Hours button displays the dialog box show in figure. In this dialog
box, you select different blocks of time within a standard week and then click the
appropriate option button to permit or deny access to the network for that time period.
 In figure the setting permit logon times only for normal works hours, with some
cushion before and after those times to allow for slightly different work hours.
 By default, users are permitted to log on to the network at any time, any day of the
week. For most networks, particularly smaller networks, permitting users to log on at
any time is generally acceptable.
 The accounts options section of the account tab is account tab is account expires, by
default, it is set to never. If you wish to define an expiration date, you do so in the end
of field. When the date indicated is reached, the account is automatically disabled
 Another tab you often you will use in the users properties dialog box is the member of
tab. In this tab you define the security groups for a user, you can see in figure.
 Also some time we use organization tab in the users properties dialog box.
Deleting or Disabling a User:
Follow bellowing step to deleting or disabling a user account using active directory users and
group management console.
 First click on Start Menu-Control Panel-Administrative Tools.

82
Network Management and Administration (3360703) 196080307553

 Click on Active Directory Users and Group management console.

 Use the left Pane to select the user’s folder.
 Select the user in the right pane.
 Right click on user and choose Delete or open the action pull-down menu and choose
Delete.
 User account disabling is very easy, right click on user account and choose disable or
open the action pull-down menu and choose disable.

PRACTICAL 11
Aim: Configure Print Server & Backup Server.
Print Server:
 A print server is a computer that manages one or more printers
 A print server, or printer server is a computer or device that is connected to one or
more printers and to client computers over a network, and can accept print jobs from
the client computers and send the print jobs to the appropriate network connected
printer.
 Print servers allow printers to be shared by other users on the network.
 Supporting either parallel and/or serial interfaces, a print server accepts print jobs
from any person on the network using supported protocols and manages those jobs on
each appropriate printer.
 From the Server Manager Wizard, Select Roles, click on Add Roles, choose Print and
Document Services and click the Next button. This will install the Print Server.
 Installing the print server role automatically starts a wizard in which you can choose
to install a shared printer immediately. You can otherwise add printers to the print
server using the Add Printer program in the Printers and Faxes folder.
 The print server role service adds all components necessary to set up, share, and
manage network printer.
 After installing this role, you will notice that the Print Management console will be
added to Server Manager and can be accessed from the node Roles-Print and
Documents Services-Print Management see in figure.
 Using the print management console, you can manage all your network printers from
one central console.
 One of the first steps you will want to perform is to install network printers on your
print server. This can be done by performing the Add Printer Wizard.
Windows Backup:
 One task is more important than any other task for a network administrator is making
regular and reliable backups for data on the systems.
 You can use Windows Server Backup to back up a full server (all volumes), selected
volumes, the system state, or specific files or folders.
 You can use Windows Server Backup to create and manage backups for the local
computer or a remote computer. And, you can schedule backups to run automatically.
 Hardware failure are not the only reason for data lost, applications or users often
make mistake that lose important data. So having good copies of that data on multiple
backup tapes can save the day.

83
Network Management and Administration (3360703) 196080307553

 Before search into the details of how Windows server backup software works, you
should review some key terms and concepts important in backups.
 Every file and folder object on a server has a number of attribute bits attached to it.
 Some designate the files as being read only, as system files or even as hidden files,
one is called archive, which marks whether a file has been backed up.
 Windows server keeps track of files that have been modified. Any time a file is
modified on the disk, the archive bit is set to “on”. When you back up the system, the
backed up files have the archive bit cleared again. This is how the system knows
which files need to be backed up and which one have been backed up.

 Different types of backup:

 Full (Normal) backups: Full backup is the starting point for all other types of
backup and contains all the data in the folders and files that are selected to be
backed up. Because full backup stores all files and folders, frequent full backups
result in faster and simpler restore operations.
 Copy backups: Copy backups are used to make a backup without disturbing a
sequence of Normal, Incremental and Differential backups.
 Incremental backups: Incremental backup stores all files that have changed since
the last FULL, DIFFERENTIAL OR INCREMENTAL backup. The advantage of
an incremental backup is that it takes the least time to complete. However, during
a restore operation, each incremental backup must be processed, which could
result in a lengthy restore job.
 Differential backups: Differential backup contains all files that have changed
since the last FULL backup. The advantage of a differential backup is that it
shortens restore time compared to a full backup or an incremental backup.
However, if you perform the differential backup too many times, the size of the
differential backup might grow to be larger than the baseline full backup.

 The easy way for backup is just to run normal backups every night or you make a
Normal backup Friday night and then a Differential on each day of the week.
 Remember always, after completion of back up store that back up in Magnetic tape,
CD, DVD or external Hard Disk.
Using Windows Servers Backup Software:
 Windows server includes reliable and easy to use backup software.
 To access the Backup program, open the Start Menu and choose All Programs,
Accessories, System Tools and then Windows Server Backup.
 If you cannot find software then install, follow the below step for installation.

 Click Start, Click Server Manager, in the left pane Click Features, and then in the
right pane click add features. This opens the add features wizard.
 In the add features wizard, on the Select Features page, expand Windows Sever
Backup Features, and then select the check boxes for Windows Server Backup
and Command-line Tools.
 Click Add Required Features and then click Next, Click Ok.

 When you start a program, you can see its welcome screen.
 Backup has important things are its backups files and another is restores those files.

84
Network Management and Administration (3360703) 196080307553

 Click on Next button and you can see figure.

 You can select options for back up is Full Server or Custom, if you select custom then
click next and add any drive or folder you want to back up.
 After selection of any drive or folder, press click on ok button.
 In this section you select a specific backup time, click next.
 In next option select specific Destination Type. In this section you can select any one
option among three options. After select any one option click next.
 You can show a selection of Destination disk, where you want to store a server
backup. Add specific location for a scheduled backup, this can be another hard drive
or a network share.
 After you make your selection, Click Next. If you are presented with a warning to
format the disk and you are positive you want to use the selected disk, Click Yes.
Otherwise, Click No, and select another drive to store your backup.
 Review the confirmation screen, and Click Finish to create the scheduled task for
backup.
 You can store back up on any kind of media attached to the computer, including
another disk drive, removable media such as Magnetic Tapes, Zip drives, CD, DVD
or external Hard disk.
 Scheduling information for the backup, which can be used to schedule a backup to
take place later, and can also be used to set up automatically recurring backup jobs,
which will be managed by windows server scheduler service.
 Restoring files is easier than backing them up, you can either use the Restore tab or
Restore Wizard. In both methods you can select either the media or the file you used
for the backup from which you want to restore.

85
Network Management and Administration (3360703) 196080307553

PRACTICAL 12
Aim: Identify, Network Faults and troubleshoot.

Understanding the problem

Troubleshooting:
 Troubleshooting is perhaps the most difficult task that computer professionals face.

 Computers never seem to fail at a conventional time. Failures occur in the middle of a
job or when there are deadlines, and pressures to fix the problem immediately are
intense.

 After a problem has been diagnosed, locating resources and following the procedures
required to correct the problem are straightforward. But before that diagnosis occurs,
it is essential to isolate the true cause of the problem from irrelevant factors.

 Troubleshooting is more of an art form than an exact science. However, to be efficient

and effective as a trouble-shooter, you must approach the problem in an organized and
methodical manner.

 Remember that you are looking for the cause, not its symptoms; yet frequently,
problems as originally reported are just symptoms and not the true cause.

 As a trouble-shooter you need to learn to quickly and confidently eliminate as many

alternate causes as possible. This will allow you to focus on the things that might be
the cause of the problem. To do this, you, must take a systematic approach.

The process of troubleshooting a computer network problem can be divided into five steps.
Step 1: Defining the Problem
 The first phase is the most critical, yet most often ignored. Without a complete
understanding of the entire problem, you can spend a great deal of time working on
the symptoms, without getting to the cause. The only tools required for this phase are
a pad of paper, a pen (or pencil), and good listening skills.

 Listening to the client or network user is your best source of information.

86
Network Management and Administration (3360703) 196080307553

 Remember that while you might know how the network functions and be able to find
the technical cause of the failure, those operating the network on a daily basis were
there before and after the problem started and probably recall the events that led up to
the failure.

 By drawing on their experience with the problem, you can get a head on narrowing
down the possible causes. To help identify the problem, list the sequence of events, as
they occurred, before the failure. You might want to create a form with these
questions (and others specific to the situation) to help organize your notes.
Step 2: Isolating the Cause
 The next step is to isolate th problem. Begin by eliminating the most obvious
problems and work toward the more complex and obscure. Your purpose is to narrow
your search down to one or two general categories.

 Be sure to observe the failure yourself. If possible, have someone demonstrate the
failure to you. If it is an operator-induced problem, it is important to observe how it is
created, as well as the result.

 The most difficult problems to isolate are those which are intermittent and that never
seem to occur when you are present. The only way to resolve these is to re-create the
set of circumstances that cause the failure.

 Sometimes, eliminating causes that are not the problem is the best you can do. This
process takes time and patience. The user also needs to keep detailed records of what
is being done before and when the failure occurs. It can help to tell the user to refrain
from doing anything with the computer when the problems recurs, accepts to call you.
That way, the "evidence" won't be disturbed.

 While the information collected the foundation for isolating the problem, the
administrator should also refer to documented baseline information to compare with
current network behavior. Now it is time to put that knowledge to work. Rerun tests
under the same set of conditions as prevailed when you created the baseline, and then
compare the two results. Any changes between the two can indicate the source of the
problem.

 Information gathering involves scanning the network and looking for an obvious
cause of the problem. A quick scan should include a review of the documented history
of the network to determine if the problem has occurred before and, if so, whether
there is a recorded solution.
Step 3: Planning the Repair
 After you have lessened, your search down to a few categories, the final process of
elimination begins.

 Create a planned approach to isolating the problem based on your knowledge at this
point.

 Start by trying out the most obvious or easiest solution to eliminate and continue
toward the more difficult and complex. It is important to record each step of the
process; document every action and its results.

87
Network Management and Administration (3360703) 196080307553

 After you have created your plan, it is important to follow it through as designed.
Jumping ahead and randomly trying things out of order can often lead to problems.

 If the first plan is not successful (always a possibility), create a new plan based on
reassess any assumptions you might have made in the previous plan.

 After you have located the problems, either repairs the defect or replace the defective
components. If the problem is software-based, be sure to record the "before" and
"after" changes.
Step 4: Confirming the result
 No repair is complete without confirmation that the job has been successfully
concluded.

 You need to make sure that the problem no longer exists.

 Ask the user to test the solution and confirm the results.

 You should also make sure that the fix did not generate new problems. Be sure to
confirm not only the problems you fixed, but also that what you have done has not
had a negative on any other aspect of the network.
Step 5: Documenting the outcome
 Finally, document the problem and the repair.

 Recording what you've learned will provide you with invaluable information.

 There is no substitute for experience in troubleshooting, and each new problem

presents you with an opportunity to expand that experience.

 Keeping a copy of the repair procedure in your technical library can be useful when
the problem (or one like it) occurs again.

 Documenting the troubleshooting process is one way to build, retain, and share
experience.

 Remember that any changes you have made might have affected the baseline. You
might need to update the network baseline in anticipation of future problems and
nards.
Segmenting the Problem:
 If the initial review of network statistics and symptoms does not expose an obvious
problem, dividing the network into smaller parts to isolate the cause is the next step in
the troubleshooting process.

 The first question to ask is whether the problem stems from the hardware, or the
software.

 If the problem appears to be hardware-based, starts by looking at only one segment of

the network, then looking at only one types of hardware.

 check the hardware and network components including:

88
Network Management and Administration (3360703) 196080307553

 NICs (network interface card)

 Cabling and connectors.

 Connectivity components such as repeaters, bridge, routers, brouters, and gateways.

 Network Switch or Hubs.

 Protocols.

 Often, isolating or removing a portion of the network will help to get the rest
of the network up and operational again.

 If removing a portion solved the problems for the rest of the network, the
search for the problem can be focused on the part that was removed.

 Network protocols require special attention because they are designed to

bypass network problems and attempts to overcome network faults.

 Most protocols use what's known as "retry logic", in which the software
attempts an automatic recovery from a problem. This becomes noticeable
through slow network performance as the network makes new and repeated
attempts to perform correctly.

 Failing hardware devices, such as hard drives and controllers, will use retry
logic by repeatedly interrupting the CPU for more processing time to complete
their task.

 When you are assessing hardware performance problems, use the information
obtained from the hardware baseline to compare again to currents symptoms
and performance.
Isolating the problem:
 After you have gathered the information, rank the list of possible causes in
order, beginning with out the most likely and moving to the least cause of the
problem.

 Then select the most likely candidate from the list of possible causes, tests it
and see if that is the problem.

 Start from the most obvious and work to the most difficult.

 For example, if you suspect that a faulty network interface card (NIC) in one
of the computers is the causes of the trouble, replace it with a NIC that is
known to be in good working order.

Setting priorities:
 A fundamental element in network problem solving is setting priorities.

 Everyone wants his or her computer fixed first, so setting priorities is not an

89
Network Management and Administration (3360703) 196080307553

easy job.

 While the simplest approach is to prioritize on a "first come, first served"

basic, this does not always work, as some failure are more critical to resolve
than others.
 Therefore, the initial step is to assess the problem's impact on the ability to
maintain operations. For example, a monitor that is gradually getting fuzzy
over several days would have a lower priority to address than the inability to
access the payroll file server prior to a check run.

PRACTICAL 13
Aim: Manage Microsoft Windows Internet Name Service (WINS)

Windows Internet Name Service (WINS) enables computers running Windows to find
other computers using NetBIOS across subnets. Some programs rely on WINS to function
across the network. Membership in Domain Admins, or equivalent, is the minimum required
to perform this procedure.

WINS is a Microsoft NetBIOS Name Server (NBNS) that’s still widely used in the
industry. WINS provides a dynamic NetBIOS name to IP address database. It also interacts
with the Browser Service, which assembles and provides the Browse List, or what’s better
known as Network Neighborhood.

Many folks rely on browsing the Neighborhood to “look” for resources and shares on
servers, such as browsing for shared drives, shared printers, etc (if not using AD to search for
published printers), including mapped drive UNC paths, etc.

Install and manage WINS servers:

 Install a WINS server

1. Click Start, click Control Panel, double-click Add or Remove programs, and then

click Add/Remove Windows Components. 

2. Under Components, scroll to and click Networking Services.

3. Click Details.

4. Under Subcomponents of Networking Services, click Windows Internet Name

Service (WINS), click OK, and then click Next.

5. If prompted, type the full path to the Windows Server 2003 distribution files and
click Continue. 

Required files are copied to your hard disk, and server software can be used after
restarting the system. It is strongly recommended that you manually configure the
computer to use a static IP address.

90
Network Management and Administration (3360703) 196080307553

 Open the WINS console

1. Click Start, click Control Panel, double-click Administrative Tools, and then

double-click WINS.

The WINS console is an administrative tool for managing WINS servers.

 Add a WINS server to the console

1. Click Start, click Control Panel, double-click Administrative Tools, and then

double-click WINS.

2. In the console tree, click WINS.

3. On the Action menu, click Add Server.

4. In Add Server, under WINS Server, type the appropriate server information. 

Optionally, click Browse to locate the WINS server computer by name on your

network.

To perform this procedure, you must be a member of the Administrators group on the
local computer, or you must have been delegated the appropriate authority. If the
computer is joined to a domain, members of the Domain Admins group might be able
to perform this procedure.

If WINS is locally installed on a server, the local WINS server is added to the console
automatically. For remote WINS servers, you must add them to the console, and then
save the file.

 Remove a WINS server from the console

1. Click Start, click Control Panel, double-click Administrative Tools, and then

double-click WINS.

2. Click the WINS server that you want to remove.

3. On the Action menu, click Delete.

4. When prompted "Are you sure you want to remove WINS server server
name from this list?" click Yes.

This procedure affects only the management console at which you are working, not
the WINS server itself which continues to provide service and registration on the
network.

91
Network Management and Administration (3360703) 196080307553

 Start or stop a WINS server

1. Click Start, click Control Panel, double-click Administrative Tools, and then

double-click WINS.

2. In the console tree, click the applicable WINS server.

Where?

o WINS/applicable WINS server

3. On the Action menu, point to All Tasks, and then click one of the following:

o To start the service, click Start.

o To stop the service, click Stop.
o To interrupt the service, click Pause.
o To stop and then automatically restart the service, click Restart.

After you pause or stop the service, the Resume option appears and can be clicked to
immediately resume WINS service.

You can also perform most of these tasks at a command prompt by using the
following commands:

o net start wins

o net stop wins
o net pause wins
o net continue wins

 Remove or uninstall WINS

1. Stop the WINS service on this computer.

2. Click Start, click Control Panel, double-click Add or Remove programs, and then

click Add/Remove Windows Components.

3. In Windows Components, select the Networking Services check box in the list of

components, and then click Details.

4. In Subcomponents of Networking Services, scroll to Windows Internet Name

Service (WINS), and clear the check box.

When you remove WINS, all WINS files are deleted from the server except program
files that are in use. When the system is restarted, these files are removed as well.

If you do not stop the WINS service in step 1, this procedure only deletes the WINS
server registry entries.

92
Network Management and Administration (3360703) 196080307553

PRACTICAL 14
Aim: Manage Desktop Configuration using Group Policy & Remote
Installation Services.

Group Policy

Group Policy is a set of rules which control the working environment of user accounts and
computer accounts. Group Policy provides the centralized management and configuration of
operating systems, applications and users' settings in an Active Directory environment.

Group Policy is an infrastructure that allows you to implement specific configurations for
users and computers. Group Policy settings are contained in Group Policy objects (GPOs),
which are linked to the following Active Directory service containers: sites, domains, or
organizational units (OUs). The settings within GPOs are then evaluated by the affected
targets, using the hierarchical nature of Active Directory. Consequently, Group Policy is one
of the top reasons to deploy Active Directory because it allows you to manage user and
computer objects.

Group Policies helps administrators to control and configure the working environment in
Active Directory domain architecture such as Windows 2000, Windows 2003 or Windows
2008. It is a directory service system that automates the network management, user data,
security, and other resources in the domain. All the information is stored in a central database
which is accessible through the entire domain. In order to be able to control and manage all
these resources, Microsoft has developed the Group Policies so all the resources and domain
configuration and settings can be managed in a more centralized way. Domain
Administrators don't need to configure each server and computer or other type of resource in
the domain individually, they can instead use Group Policy to manage groups of users,
computers, or other resources. Group Policies can be also used to deploy software to the
computers, install printers, and connect network drives or simply to lock down the security.

In order to be able to implement a Group Policy infrastructure we will need to have a domain

and an Active Directory database that will hold all our information about the objects in our
network. To have a fully functional Active Directory domain we will need to have a server
that will act as a Domain Controller, which is a server that holds a writable copy of the
Active Directory Database. In our scenario we will use Windows 2008 R2 as a server
platform. To install and configure a domain controller, we will need to complete these tasks:

93
 Network Management and Administration (3360703) 196080307553

 Install Windows Server 2008 R2

 Install Active Directory on the domain controller
 Configure the DNS service

Group Policy Management Console

Group Policy Management Console (GPMC) is a scriptable Microsoft Management Console

(MMC) snap-in, providing a single administrative tool for managing Group Policy across the
enterprise. GPMC is the standard tool for managing Group Policy.

 Creating a Group Policy Object

Please log in on the server with an account that is a member of the "Domain Admins" group.
To create, edit and deploy Group Policy Objects you will need to access the Group Policy
Management Console. Go to Start > Administrative Tools > Group Policy Management. A
new window with the Group Policy Management console will open. Expand Forests, expand
Domains, and expand "[Link]" domain. Select "Group Policy Objects". As default you
will see two Group Policy Objects (GPO). The "Default Domain Controllers Policy" which is
the GPO assigned to all the Domain Controllers in the domain, and the "Default Domain
Policy" which is applied domain wide.

Let's try to make a new simple GPO. The goal of this GPO would be something simple like:
1. Disable the sound on all the machines this policy is applied to.
2. Do not allow the user’s access to the Control Panel.
3. Configure Desktop Wallpaper (“Background”)
4. Configure Remote Desktop

In order to accomplish this we will need to create a new GPO. Right click the Group Policy
Objects and select "New". A "New GPO" window will pop-up and we will have to write the
name of the new GPO. Let's call it "Lock Down" so we know by the name what this policy is
about. Press OK, select it from the list, right click and select "Edit".

94
 Network Management and Administration (3360703) 196080307553

 Editing the GPO Settings

Now, the Group Policy Objects have two components, the Computer Configuration that will
apply to the computer objects and the User Configuration that will apply to the user objects.
To accomplish our goal, we will need to make changes to both User and Computer
Configuration.

1. The first thing we want to accomplish is to disable the sound on the client computer.
Lucky for us there is a special setting under the User Configuration that will help us
with that. Expand "Computer Configuration" > "Windows Settings" > "Security
Settings" and go to the "System Services". On the right side you will see a list with
the standard services present on the client computers. Find the "Windows Audio"
service, double click it and mark the "Define this Policy Setting" and select the
"Disabled" Startup option then press OK. Our first goal is now accomplished.
2. Next we need to remove the access to the Control Panel to any users affected by this
GPO. We will go now to the User Configuration and expand "Policies" >
"Administrative Templates" > "Control Panel" and select it. On the right side we can
see the available settings. Select the "Prohibit access to the Control Panel" from the
right side, right clicks and selects "Edit".

95
Network Management and Administration (3360703) 196080307553

On the left side select "Enabled" then click OK. All the users affected by this GPO are
now restricted from accessing the Control Panel. The only thing remaining now it is
to LINK this GPO to an Active Directory Organizational Unit (OU). An
Organizational Unit is an Active Directory container into which you can place users,
groups, computers, and other organizational units.

3. One of the most commonly configured settings in Group Policy is the ability to
configure the Desktop Wallpaper image. The “Desktop Wallpaper” method is of
course the most commonly used way for configuring the Wallpaper on a computer.
This setting can be found under User Configuration > Administrative Templates >
Desktop > Desktop. On the right side we can see the available settings. Select the
"Desktop wallpaper" from the right side, right clicks and selects "Edit" and is straight
forward to configure as all you have to do is specify the explicit local path or a UNC
to the image you want displayed as the desktop wallpaper.

96
Network Management and Administration (3360703) 196080307553

Note: 
 If you are running Windows 7/Server 2008 R2 pre-Service Pack 1 you will need
to install hotfix [Link] this setting to work.
 If you are configuring this setting I recommend that you use the “Fill” Wallpaper
Style as this will work best with most screen resolutions (especially on Windows
7).
 If you configure this setting you will need to wait for the user to logoff the
computer before the background is updated.

4. Two group policy changes should do the trick. This setting can be found under:
 Computer Configuration > Policies > Administrative Templates > Network >
Network Connections > Windows Firewall > Domain Profile > “Windows
Firewall: Allow Inbound Remote Desktop Exception”
 Computer Configuration > Policies > Administrative Templates > Windows
Components > Remote Desktop Services > Remote Desktop Session Host >
Connections > enable the policy “Allow Users to connect remotely using Remote
Desktop Services” Note: this used to be  > Windows Components > Terminal
Services > “Allow users to connect remotely using Terminal Services”.

Enable both of those options and you’ll be Remote Desktop into PCs by the next day
or rather, until your Domain clients refresh their Group Policy settings. Now you
should be able to remote desktop into any domain member which the policy is applied
to.

97
 Network Management and Administration (3360703) 196080307553

 Linking the GPO

Go to Start > Administrative Tools > Active Directory Users and Computers. A new
management console will open displaying your Active Directory structure. Expand the
"[Link]" domain, select it, then right click and select "New" > "Organizational Unit".
Write the name of OU. You have now created a new OU where you can place the computers
or users that should be affected by the new GPO. Go back to the Group Policy Management
console and press F5 to refresh the configuration. The newly created OU will now appear
under your domain. Select the OU right clicks it and select "Link an Existing GPO". Select
the "Lock Down" GPO from the list and press OK.
In the same way you can create other Group Policy Objects and link them to your
Organizational Units in the domain or to the whole domain in order to simplify your
administrative tasks.

Automated OS Installation via RIS

What better ways to leverage Group Policy than to start using it right away as you deploy
client systems? RIS, which showed up initially in Win2K Server, is an optional component
that lets administrators create automated installation images for Windows 2003, XP, and
Win2K. You can deploy these images to clients and servers. You use the Remote Installation
Services node of GPE to control the Choice Screen Options that Windows provides to RIS
clients. From the Choice Options Properties screen you can configure the Automatic Setup,
Custom Setup, Restart Setup, and Tools options for RIS.

The Setting:

98
Network Management and Administration (3360703) 196080307553

User Configuration\ Windows Settings\ Remote Installation Services\ Choice Options

Software Installation Policy for Automated Application Deployments

Software installation and maintenance are part of Microsoft's IntelliMirror functionality, and
you can control both with Group Policy. You can configure settings within GPE to assign or
publish an application to users or computers. Software installation and maintenance
functionality works with programs that use Windows Installer technology (i.e., .msi files). Of
course, Microsoft applications such as Office use Windows Installer technology for their
installation process, which means you can assign Office to a user or computer population and
have it installed automatically. You can create custom installations using msi transforms and
use security group filtering to target specific groups of users to which the custom installation
will be applied. And in case you're wondering, you can also use software installation and
maintenance functionality to deploy XP SP2. You can assign XP SP2's [Link] only to
machines; assigning to users isn't supported. For more information, see the Microsoft article
"Best Practices for Using [Link] to deploy Service Packs,"
[Link]

The Settings:

User Configuration\ Software Installation

Computer Configuration\ Software Installation

Windows Deployment Service:

Windows Deployment Service (WDS) is Microsoft's replacement for Remote

Installation Service. Windows Deployment Services is a technology used to deploy Windows
operating systems through a network. It is one the most convenient way to install an
operating system in a corporate environment. The RIS (Remote Installation Service) is the
forerunner of Windows deployment service (WDS). WDS can be used to deploy Windows
XP, Windows Vista, Windows 7 and Windows server 2008 operating system. There are two
installation methods in WDS:
1. Attended installation - Installation that is performed by user interaction during its
progress.
2. Unattended installation - Installation that is performed without user interaction during
its progress or with no user present at all.

There are two types of WDS servers: transport and domain-based. A WDS transport
server was designed for smaller environments that don't have an Active Directory (AD)
domain. While transport servers require fewer infrastructures than domain-based server,
they're more difficult to set up and configure. Domain-based WDS requires infrastructure,
including an AD domain, DNS, DHCP, and an NTFS partition.

Installation and configuration of Windows Deployment Service in Server 2008R2:

1. Open the server manager in Server2008 R2 and click Roles > Add Roles.
2. Select the Windows Deployment Service check box and click next.
3. You will get a WDS overview screen, read it out and click next.
4. You will be prompted to select the role services. As of now select both deployment
server and Transport server. Click next.

99
Network Management and Administration (3360703) 196080307553

5. You will get a confirmation screen, click Install.

6. The WDS installation will finish within a few minutes.
7. You will get a confirmation page after the successful installation. Click close.
8. Now you can see the WDS management console in All programs > Administrative
tools. Open up WDS management console.
9. When you open the console you will be notified that the WDS Server is not yet
configured. Now we have to configure the server by going to the Action
tab>Configure server.
10. You will get a welcome page, verify the prerequisites and click next.
11. Choose a folder to store all the configuration details of WDS. It will be much better if
you can choose a drive other than the system volume.
12. WDS server configuration is completed. Click finish.
13. Now you can upload install image and boot images for remote deployment.
14. In our scenario I am going to add an image of windows 7. For this we need an
installation disc of Windows 7. Insert the disc in your PC, explore it and search for the
Source folder. Inside the Source folder you will see '[Link]' and '[Link]' file.
Copy these two files and paste it in a local drive of your WDS server.
15. Right click the 'Boot Images' tab and click 'Add Boot Image' > Browse for the
'[Link]' file which is stored in your local drive and click next.
16. You can give the name and description of the image you are uploading.
17. The boot image will be displayed as below after the upload.
18. Add Install image by right clicking 'Install Images' and 'Add Install Image'. Browse
for the '[Link]' file and upload it to the server.
19. The WDS server configuration is almost completed with the above step. Let’s
configure WDS server properties now. Launch the Windows Deployment Services
Console, right click the WDS server and click on Properties. Click on Boot and
make sure require the user to press the F12 key to continue the PXE boot is
selected for known and unknown clients.
20. Click on PXE Response and make sure that Respond to all client computers (known
and unknown) is selected. Click on Apply and Okay.

Now you can boot the computer from the network and test the Windows Deployment
Services. While you boot a computer from the network make sure that the PXE boot & LAN
boot is enabled in the BIOS. If you enable unattended installation then the OS installation
will start automatically with the PXE boot.

100