Results 1 to 9 of 9

Thread: Little help needed whit local domain setup tutorial/how to's. Thank You!

  1. #1
    Junior Member
    Join Date
    Jan 2005
    Posts
    4

    Little help needed whit local domain setup tutorial/how to's. Thank You!

    Hello
    Hmmm... i try to look up some good tutorials or how-to's for one person,but i havent found exacly what she needs, maybe ya guys can help? My english is bad & i am not so Pro eighter, that i could give 100% instructions to someone on paper lol.anyway:
    Her project:

    Greate domain for server/local network; server PC is on XP-pro whit DSL (she have Windows 2000 Pro Server OS to, but she likes XP more becouse it's more user friendly probably, personally i think 2000 is more secure, right?) . All 10 clients are on XP pro also.
    Available hardware: DSL modem, 20 port hub, netgear 4 port router & extra 5 port d-link wireless router).

    * Greate password protected user account for 8 stations and assign a static IP.
    * Greate private folder for 8 users in server computer, for backup perposes "user1", "user2", "user3" ...
    * 3 units from 10 are wireless notebooks, what should be able just access the internet white out an login as guest's & as well log in as network user/client, to access backup
    older in server.Other 2 units should have access ONLY the internet conection
    * Greate one global/shared folder in server where every user can access (exept the 2 units who just need internet conection)
    * Set up every unit to log in to domain on start up whit theyr username/password
    * 5 extra slots whit the IP margin for DHCP to enable guests to access the internet when necessary (wireless notebook or PC)
    * Set up network printer (connected to server) for all users/guests
    * disable all unnessesary shares & services on client computers, secure every client whit extra software firewall (sygate pro i guess) & antivirus (Nod32 admin release i think is good pick)
    ---

    I was looking network admin. software from http://www.snapfiles.com/Shareware/n...etworkman.html, is any of them actually whort to buy?

    Thank You!

  2. #2
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,940
    Well, going to be a lengthy thread here, a lot of back and forths. Glad to help, but your help will come over time as we look into this.

    First lets make sure we're on the same playing field here. You say she has Windows 2000 Pro Server OS. There is no such thing. It's either "Windows 2000 Professional", which is a desktop operating system. Or "Windows 2000 Server", which comes in several different versions. Big difference between "Pro" and "Server". I'll assume (and hope) you meant "2000 Server". Because you cannot create a domain trying to do this with 2000 Pro acting as a server.

    For the "Client" workstations, Windows XP Pro would be my vote. Security difference between 2000 Pro and XP? Bah, nothing. For a longer lifetime of her existing setup, I'd roll out XP Pro. 2000 is already old, and it's supported lifetime will be over sooner than XP. Personally I'd also roll out 2003 server instead of 2000 server, but you hint that she might have 2000 server already, so we're stuck with that.

    Now, planning ahead...we have several things to think about before we even build the server. You mention she has a router already, and will be using DSL. Good, router means a hardware firewall, NAT. So your network will be protected, and also...the router will handle your PPPoE logon for the network, so you don't have to risk screwing up the server installing some buggy PPPoE software (which I highly recommend nobody ever installs onto a domain controller).

    So the router, lets assume that the default LAN IP address for the router is 192.168.1.1. And, the router would normally hand out 192.168.1.100 to something like 192.168.1.200 to clients. That's a pretty standard DHCP setup. However, when you have a real server involved on your network, I recommend using your servers DHCP service over one from a router...much more reliable. Now, normally a routers DHCP service will hand out your ISPs two DNS servers to clients. However...a Windows 2000 or higher network, when a domain is involved, relies on DNS...the workstations must....MUST...query the server, for their primary DNS. Now, you can still edit your routers DHCP and enter your domain controllers IP as the DNS server, or not use DHCP at all and enter static IPs on all the machines. But running DHCP from your server is best, in my opinion.

    So, back to if the router is 192.168.1.1, 255.255.255.0 subnet mask, lets pick an IP address for your server. Pick something low. I usually stack things according to 10 on the IP range, so I'll usually put servers at 192.168.1.11, 192.168.1.12 for the next one, 192.168.1.13, etc. And have TCP print servers at the next range of 10...192.168.1.20, 192.168.1.21, etc. And workstations will be the usual .100 on up.

    So your server is 192.168.1.11, with a 255.255.255.0 subnet mask. Now that you chose an IP, lets install the server operating system. Having the router already setup, plugged in, and live on the DSL, setup the server on the LAN side of the router...and unbuckle the operating system (run Windows setup). Throughout setup, the server will install much like any desktop OS, until you are at your first functional desktop. Here's where I setup a static LAN IP on the server, and also, in the gateway section, enter the LAN IP of the router, 192.168.1.1, and in the DNS section, enter the servers own IP address, 192.168.1.11. Nothing else, you can also do the gateway and DNS part after this next step. You'll have a screen that keeps popping up, configure your server. You can set it up as a domain controller here through a wizard (basically what's called DCPROMO). Now, think of a name for this networks domain. Except, don't end it with a .COM or any of those usual ones, but end it with a .LOCAL. There are reasons we can into later about why. If she has a website out there, you can use that theme, but just end it in .local. Continue through the wizard, it will do all the active directory schema and what not.

    The server will crunch away for a while, and eventually, when you reboot, the control+alt+del logon screen will have an "Options" button where you can flip it down and log onto the domain now, instead of the local workstation logon. You'll change it to this, and keep that permanent.

    You should get your antivirus package on as soon as possible (I love Esets NOD32 by the way), and all of your windows updates.

    Also there will be some tweaking of the DNS service properties, you'll want to change the fowarders to point to your ISPs two DNS servers, which you can find on the status tab of your DLink routers web admin page.

    You'll have several questions in this area I'm sure, read several times and ask away. Next stop...workstation configuration.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  3. #3
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,940
    Workstation configuration....several things to consider.
    TCP/IP
    1) Workstations must have 3x things in their TCP configuration, same IP range as your server/router...so have them at something like 192.168.1.100 to 192.168.1.200. Same 255.255.255.0 subnet mask.

    2) Gateway, the router, 192.168.1.1

    3) DNS...they will only use the server as their DNS server, so 192.168.1.11

    Windows 2000 and XP clients don't needs WINS for a simple setup like this.

    Properly joining the domain, they must go through the action of joining the domain, done in your system properties (right click My Computer, select properties, the network tab). Once you join a domain, you'll have an options tab at logon to flip them over to a domain login instead of a local login.

    Then the users are usually added to the local administrators group of the workstation.

    Have your antivirus installed (create your NOD32 mirror and roll it out), and run windows updates on them.

    Have to run for a bit, hectic today. Read, digest, come up with some questions.

    When is this being implemented?
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  4. #4
    Junior Member
    Join Date
    Jan 2005
    Posts
    4
    [not real questions jet, i print your help out & read some more info & then come back & talk about problems etc.]

    Quote Originally Posted by YeOldeStonecat
    Workstation configuration....several things to consider.
    Have to run for a bit, hectic today. Read, digest, come up with some questions.
    When is this being implemented?
    OMG, guy, You are like walking guide for dummies lol, this is best reply what i have ever got from different forums, thank You so much for taking time off for this. ower 22 thousant posts... i just do not know what to say lol
    [ reply what i got from other forum]"
    *----------------------
    Install win2000 or Win2003 server.
    then activate the Active Directory Service and
    fill welcome in your Domain.
    After this go to DNS service Console and add Reverse Lookup Zone.
    By Default Active Directory add only Forward.
    Setup DHCP and that's it.
    --------------------------
    [end]

    Okey, i asked & they have Win 2000 Server OS installed, sorry about the "professional" confuse.
    The one who installed this just plugged DSL to the modem, modem to 4 port Router & from router 3 cables to the nearest computers & 4rd slot was plugged to 20 port hub & all other computers was getting internet connection from there. Then he installed all sort of IM's & crap to the server computer, set up bunch of printers what wasn't working (or existing) & was unable to make any real file sharing between computers. + after i recommend her to scan PC's whit spyware scanners, they found A LOT of "stuff" from almost every computer ( i guess users had no restrictions eighter in net) So he got fired... lol, i wonder why : Anyway, so they tried to make file sharing like did in small office network whit XP's before, but of course they cant (that's why they are tryng to go whit XP i guess, but like i understand, they cant use XP as network controller [even after all the ISS tools from http://www.microsoft.com/windowsserv...s/default.mspx ?] ) So i guess they would need to still reinstall the server PC to make clear start, i do not even think there is need to save any other information then ISP information.



    Lol, I tried to look up electronic version of "windows 2000 server for dummies" but i haven’t found any jet from p2p or from ftp's. Amazon is the answer, but it would take like 2 weeks to ship it to me / her.
    I have actually "Microsoft Exchange 2000 Server: Administrator Companion" but it's like 800 pages & there is so much high tech information, that i haven’t found all my answer yet. I do not know where to start, Maybe i should give you content guide & ya can tell me what i NEED to read there lol. Actually there is over 90MB ebook included on CD, if you want i can upload it for you - oh, actually i think ya know it all anyway.

    Okey, i called & they told that they can get (probably) Windows 2003 Server, that on their other branch of business (on next island) they buy for they network there, so they 'borrow' it i guess... I think by law they must buy new license but it's weary small island & we can look it like that : they basically paid for that - they just use it in one extra computer - it shouldn’t be big crime, right? If there is just the activation problem, then i can fix that white out a problem, i hope there is nothing "extra" what i should worry about. After all, the win 2000 what they have is from same place anyway. I do not try to help whit piracy or anything, i personally own 2 home & 3 XP pro license - would be good if i can sell them to someone LOL, kidding.

    Anyway, i have 3 computers & laptop, i was thinking to practice this thing a little, so i would see what problems i have / what i do not know, i definitely add this forum to my favorites right now

    You was talking about TCP print server, this printer what they want to use, is not actually real "network printer" whit network card, it's more like just big black & white office printer, connected whit USB(or parallel) cable to the 'server' computer - does it matter?
    I can get you all the router names & stuff if there is any big differences between different marks ( do not really think that there is, they all should work kind of same way, but i could be wrong)
    Excuse my bad English

    Okey, I go now and make some reading (:

    Thank You Brian

  5. #5
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,940
    Quote Originally Posted by Waffa
    Okey, i asked & they have Win 2000 Server OS installed, sorry about the "professional" confuse. but like i understand, they cant use XP as network controller [even after all the ISS tools from http://www.microsoft.com/windowsserv...s/default.mspx ?] ) So i guess they would need to still reinstall the server PC to make clear start, i do not even think there is need to save any other information then ISP information.

    I'm confused by the above. On the computer that is supposed to be their "server"....which OS is actually up and running on it?

    As for the physical setup, DSL modem==>Router (which is your NAT firewall)==>All the PCs....that's how you want it, it's fine. However, check the routers web admin and make sure you know what ports are open/forwarded, and make sure there are no computers setup in the DMZ. It's prudent you check on this.

    As for your licensing, no, pirating server operating systems is not good. The company should get current on their licensing. 2003 Server won't allow you to anyways, you have to activate it, if you install the same copy twice, you'll activate the first server fine, then go to activate the second server...it'll see that the serial key is already in use, and shut you down.

    Not knowing what hardware specs your servers are, might just want to stay with 2000 server for now.

    As for the workstations, and all the user accounts...on the server, you'll add your user accounts. Then on the workstations, logging in as a local administrator, you'll go through the steps of "Joining the domain"...done when you right click "My Computer", select "properties", click on the "Computer Name" tab...then the "Change" button. Join a domain, you'll be prompted to authenticate yourself as a domain admin (enter the credentials)...then if DNS is setup correctly, within 30 seconds you should get a "Welcome" message. Then when you reboot...you'll see a button on your ctrl+alt_del window, which allows you to flip that 3rd line from a local login, to a domain login. You'll be doing domain login from this point on, no more local logins anymore. Log in as domain administrator.....then the next step is to add the users domain account (the user who will be using this computer) to the local administrators group. Once done, log off as domain admin, log into the domain as the new user...and you're setup.

    Notice each time you log into the computer as a new user, you get the default Windows and desktop settings. Also based on this, take a peek into the C:\Documents and Settings directory...you'll see a subdirectory based on each user you logged in as...local logins, such as "Waffa", and domain logins, such as "waffa.mydomain".
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  6. #6
    Junior Member
    Join Date
    Jan 2005
    Posts
    4

    :)

    Quote Originally Posted by YeOldeStonecat
    I'm confused by the above. On the computer that is supposed to be their "server"....which OS is actually up and running on it?
    Okey, i got pic of setup what is there right now.:
    http://www.abok.net/public/network.JPG this setup is there right now, it's little different then she told me, mut it’s still mess, right?

    Microsoft told that "... for the physical setup, DSL modem==>Router (which is your NAT firewall)==>All the PCs" is un secure & not reliable.. hm.. that she should install 2 cards to server etc


    Any way, what of these 3 would be the right way to set it up? Like maybe the 3rd one, but maybe from router to server ==>from server to hub ==> from hub to other computers & to wireless router/access point?
    & in need to configure bought NIC's in server right? is there any difference whit's type of network cards she uses?

    Quote Originally Posted by YeOldeStonecat
    As for your licensing, no, pirating server operating systems is not good. The company should get current on their licensing. 2003 Server won't allow you to anyways, you have to activate it, if you install the same copy twice, you'll activate the first server fine, then go to activate the second server...it'll see that the serial key is already in use, and shut you down.
    Actually if win 2003 uses activation like XP & 2000 uses, then it's really easy to get rid of activation, so that updates & everything works But i told them anyway, to buy new license or use 2000.


    Quote Originally Posted by YeOldeStonecat
    Not knowing what hardware specs your servers are, might just want to stay with 2000 server for now.
    Hub: Linksys ethernet 4116
    router: netgear cable router gateway
    modem: ADSL router modem (but verizon setting it up only as"modem"
    server PC: Pentium 4 1.2Ghz, 512 ram (mybe they need better one?)

    I can get exact spesif. if you want
    Last edited by Waffa; 01-28-05 at 01:35 AM.

  7. #7
    Junior Member
    Join Date
    Jan 2005
    Posts
    4
    Some one told me to use login scripts from http://www.computerperformance.co.uk...on_scripts.htm , does theymake life easyer?

  8. #8
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,940
    Quote Originally Posted by Waffa
    Some one told me to use login scripts from http://www.computerperformance.co.uk...on_scripts.htm , does theymake life easyer?
    Yeah, if you need to map network drives, I still use login scripts for that. Back in the Win9x days I'd almost always use them for both drive mapping, shared printer mapping, and setting the workstation clocks across the network to the servers time so everybodies Windows were on the same time. Plus Win9X would occasionally "forget" a drive mapping, so constant forcing of maps via script was good.

    But since 2K/XP came out, with 2K or higher servers, time setting in a domain is automatic now, printers are treated a bit differently, so pretty much the only reason left is to map drives, if you have clients that need that for some reason. Not many reasons left, as most software now works over UNC paths (you know, \\servername\sharename) instead of the old fashioned drive mapping of a share to a letter.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  9. #9
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,940
    Quote Originally Posted by Waffa
    Okey, i got pic of setup what is there right now.:
    http://www.abok.net/public/network.JPG this setup is there right now, it's little different then she told me, mut itís still mess, right?

    Microsoft told that "... for the physical setup, DSL modem==>Router (which is your NAT firewall)==>All the PCs" is un secure & not reliable.. hm.. that she should install 2 cards to server etc
    Neither of those 3 drawings is what I would do.

    DSL modem into the Router. Now the router you have probably has 4x LAN ports on the built in switch. Uplink your 4116 to one of those ports. Put your server and all your workstations into that 4116. Server will only use a single NIC. Everyone is on the 192.168.1.XXX scope. If you need wireless, add a wireless access point to the 4116 also.

    By the way, your Linksys 4116 is a switch, not a hub. A switch is better than a hub.

    Good that Verizon is sending you a modem/router set as modem only (bridge). Westell unit, right?
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

Similar Threads

  1. Exchange 2000 setup info needed
    By super20g in forum Networking Forum
    Replies: 21
    Last Post: 09-17-03, 05:26 PM
  2. 2003 Backup Domain Server Setup help needed
    By super20g in forum Networking Forum
    Replies: 2
    Last Post: 08-27-03, 06:49 PM
  3. cant log into domain
    By m4a2t0t in forum Networking Forum
    Replies: 13
    Last Post: 04-24-03, 07:16 PM
  4. what hardware is needed for this setup?
    By pinoypc in forum Networking Forum
    Replies: 5
    Last Post: 09-03-02, 02:05 PM
  5. Help needed: domain name change in Microsoft exchange server v5.5
    By Web_Woman in forum General Discussion Board
    Replies: 4
    Last Post: 02-15-02, 04:19 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •