LOOKING AFTER YOUR

L.A.W.N.

Local – Area - Windows - Network

CURRICULUM NETWORK

1

Table of ContentsPLANNING................................................................................................................................................. 4

Partition Sizes....................................................................................................................................... 4Suggested Partition Sizes..................................................................................................................4Alternate Suggested Partition Sizes...................................................................................................4Your partition sizes............................................................................................................................4

Storage................................................................................................................................................. 4Shared Folders................................................................................................................................... 4Commonly Shared Folders.................................................................................................................5Your shared folders............................................................................................................................5Folder Permissions.............................................................................................................................5

Common Permissions............................................................................................................................5Your Folder Permissions.....................................................................................................................5

IP Addressing........................................................................................................................................ 6Fixed IP Register................................................................................................................................6Common Reserved addresses...........................................................................................................6

User Accounts....................................................................................................................................... 7Default User Accounts.......................................................................................................................7

Backup Existing Data............................................................................................................................7Multiple Domain Controllers..................................................................................................................7

Installation of Microsoft Server 2008 R2 (64bit Edition)............................................................................8Initial Configuration................................................................................................................................19

1. Provide Computer Information..................................................................................................191. Activate Windows.....................................................................................................................192. Set Time Zone..........................................................................................................................193. Configure Network...................................................................................................................204. Provide computer name and domain.......................................................................................21

2. Update This Server...................................................................................................................221. Enable automatic updating and feedback................................................................................222. Download and install updates..................................................................................................22

3. Customize This Server..............................................................................................................231. Configure your Domain Controller & DNS.................................................................................232. Configure your DHCP................................................................................................................323. Configure your Group Policies..................................................................................................39

2

Before starting, there are additional resources that you may wish to view.

EdWiki - http://www.granths.com.au/edwiki/index.php?title=Special:Allpages

A large resource of information about all tech things. Some relevant ones are listed below.

http://www.granths.com.au/edwiki/index.php?title=Windows_Activation

Alternative methods to activate windows server.

http://www.granths.com.au/edwiki/index.php?title=KMS

How to install and register KMS which is needed to validate windos 7 pc’s

http://www.granths.com.au/edwiki/index.php?title=LAWNv2

Additional information on setting up a server

http://www.granths.com.au/edwiki/index.php?title=USB_Drive_Letter_Manager

USBDLM is used to forcibly map drive letters to external usb devices.

http://www.granths.com.au/edwiki/index.php?title=Admin_to_Curriculum_Drive_Mapping

To map drives on an admin pc from the curric server

http://www.granths.com.au/edwiki/index.php?title=Deploying_Printers

Various ways to deploy printers

http://www.granths.com.au/edwiki/index.php?title=Microsoft_Deployment_Toolkit_2010_U1

How to install MDT. MDT is used to deploy windows images across a network.

Hartley - http://www.hartley.sa.edu.au/support/

This contains DSADDLite to assist in creating multiple users at once

Windows Server Updates Listed Below

http://www.microsoft.com/download/en/details.aspx?id=17669

Windows Server 2008 SP2

http://www.microsoft.com/download/en/details.aspx?id=5842

Windows Server 2008R2 SP1

2008R2 SP1 x64 = 903.2mb

2008R2 SP1 x86 = 537.8mb

3

PLANNING

Partition Sizes To separate the system data from the user data, the hard-drive will be split into sections call partitions. These partitions will be for the following – operating system, staff data, student data and network utilities.

With this being a network server, there will be very little software installed and the utilities will not need very much space leaving the rest to be divided between the staff and students data.

Suggested Partition Sizes Capacity C: OS D: Management E: Staff F: Student G: Share H: VM I: Backup4x1TB Raid 5 (2792Gb) 2x172Gb Raid 1 300Gb 600Gb 600Gb 500 450 342

D: Management is used by the tech for document, drivers, program storage, items to be installed over the network etc. Staff and students do not have access to this drive/share.

G: Share is used for staff & student share or public folders.

H: VM is used for vmware/hyper-v virtual machines (dual isp, bookmark, fog/wds).

I: Backup is used for quick retrieval of deleted items. Alternate portable/off site back options should also be used.

Your partition sizes Into the table below, record your partition sizes. These will be used later.

Capacity C: OS D: Management E: Staff F: Student G: Share H: VM I: BackupGb Gb Gb Gb Gb Gb Gb Gb

Storage

Shared Folders So that data is available to users, some folders must be shared and then made accessible to selected groups of users. Some folders are created and shared automatically during the installation of the server operating system but there are some that will need to be created and shared later in the set up process. You may want to create others, planning them now will save time later. Be aware though, that the ‘home’ folders for staff and students (or classes if you do not need individual student identities) will be created later, as sub-folders in the staff or student folder semi-automatically.

Note: Some sites use “USBDLM” to forcibly map drive letters to external usb devices. For example P:, Q:, R:, S: to allow 4 usb drives to be plugged in. This may need to be taken into account when choosing drive letters to map and share.

Commonly Shared Folders

Below is listed who has access to specific shared folders

Share Name Admin Staff Students GuestStudent Public Yes Yes Yes YesStaff Public Yes Yes No NoStaff Yes Owner Only No NoStudents Yes Yes Owner Only NoThese last two folders will house individual staff and student (Home) folders

4

Your shared folders If you need shared folders other than those above, make a note of them here

Share Name Admin Staff Students Guest

Note that share names cannot contain blank spaces, you will need to replace any spaces between words with an underscore at the time of creation.

Folder Permissions Drive mappings to shared folders make finding your data much simpler. All the shared folders described on the previous page will be assigned a ‘drive letter’ by the logon script or group policy preferences when uses log on. There are however some letters than need to be left for automatic assigning and others that are saved for specific software use and some folders that are not shared but are mapped for ease of use.

Common Permissions

Share Name Mapped To Shared Access & RightsHome Folder H: No Owner – read, write, executeStudent Public I: Yes Staff, Students – read, write, executeStaff Public J: Yes Staff – read, write, executeBookmark K: Yes Everybody - read, write, execute

The actual mappings to shared folders will be achieved using logon scripts & group policy preferences later in the setup process.

Your Folder Permissions The shares you noted before need to be mapped as well. Copy the names from the previous page and indicate who will have access rights.

Share Name Mapped To Shared Access & RightsL:M:N:O:

5

IP Addressing

Fixed IP Register During the installation of the server and some peripheral hardware, certain IP addresses are going to be assigned and the number allocation should be planned before commencing. An important aspect in this planning is ensuring that certain sections of the Curriculum network are accessible from the Administration network. This ability to ‘see’ from Admin into Curriculum is only one way. Curriculum must not be able to see into the Administration network. If it can, then call the Customer Support Centre (phone 8204 1866) and ask for help in isolating the problem.

An IP address contains four octets (groups of three numbers) the first three octets will be allocated to your schools by D.E.C.S. and the last octet can be assigned at school level.

Note: Any Curriculum resource (computer or printer) that you want Admin to have access to, must be numbered between 48 and 55. The main curriculum server you will notice falls into this range.

So that you do not need to write the first three octets into every address in the list, make a note of them here for easy reference.

Yours:

Common Reserved addresses

IP Device Description1 Default Gateway This is the main Curriculum gateway

2-20 Routers & Switches Although not all are used, this range is normally reserved for use by the router and/or switches

21-46 For printers or additional equipment47 Dual ISP This is for any Cache/Dual ISP school484950 Server – Main PDC Main Primary Domain controller51 Server – 2nd DC Secondary Domain controller525354 Printer/copier Shared copier available to admin and curric computers55 Printer/copier Shared copier available to admin and curric computers

56-60

From the table above ther are 4 IP’s available within the Admin to curric shared range to allow for any VM’s that admin require to access. A printer server, intranet server etc

6

10 18Example: 176

User Accounts

Default User Accounts Throughout the setup and customization of the network you will be asked to create accounts and enter passwords. So that you are consistent and can have a record for when you need them in six months time, record all passwords in the following table.

Extra columns have been left in case you have to change them later. The last entry in each column will then be the latest (current) password.

Description Password #1 Password #2 Password #2administrator (local) textbookadministrator (local) studystaff template welcomestudent template studymcafee virusfreeBookmark bookmark

Backup Existing Data Before you install the new operating system make sure that you:

• Back up user data to an external media such as tape or DVD • Record any fixed IP addresses for printers, squid server etc • Record any port or specific printer settings that you are going to need when you come

to re-install these network assets • Any generic logons that you will need to recreate such as classroom and Bookmark • The logon scripts and batch files • The names and permissions of all network shared folders

Multiple Domain Controllers Having more than one Domain Controller on your network can be of benefit as it provides a level of redundancy and support should one controller go off line or have a lot of users try to log on at the same time. In these cases, the second or subsequent Domain Controllers can take over and/or share the task of allowing users to log on.

Another reason there is to have a second Domain Controller running Active Directory is when you need to upgrade or replace your main server and do not want to shut the network down during the implementation process. In this case, the first Domain controller can be removed from the network, upgraded and returned without any degradation of the networking function.

If you are currently running a second server with Windows 2008 Server as a file or print server then you may wish to consider adding the Domain Controller role as well.

Before installing a second Domain Controller, you must: • Have Active Directory running on your main W2008 network server• Have a DHCP and DNS server running

To install a second or subsequent Domain Controller: • Use the notes commencing on page 11 to install your main Windows 2008 server • Install the basic Server 2008 operating system on a second machine but do not set

up any of the options using the Manage Your Server wizard. • Assign a static IP address to the second server as described on page 19 • Use the notes on page 77 to set up the second Domain Controller.

7

Installation of Microsoft Server 2008 R2 (64bit Edition)

BACKUP ANY EXISTING DATA BEFORE PROCEEDING

Make sure your computer BIOS is configured to boot from the CD drive and turn on thecomputer.

1. Insert the Windows 2008 CD and if required, restart the computer. 2. If there is an operating system installed on the computer already, you will be asked to

select a CD boot or hard-drive boot. Make sure you select to boot from the CD otherwise you will be returned to your original operating system.

3. An analysis and file copy process will commence with hardware settings and a number of other parameters being examined.

4. After a few minutes, the Install Windows screen will be displayed set your Time and

currency format and then press [Next]

8

5. and then press [Install Now].

6. Select the operating system that you will be installing and then press [Next].

Make sure you have the required licence purchased for the OS you are installing

9

7. Tick to agree to the License terms and then press [Next].

8. Select to do a Custom(Advanced)Installation.

10

9. To separate the system files and your data files you will need to partition the hard-drive. At the next screen. This will in effect create multiple hard-drives on the one physical drive. Initially you will only need to create one partition for the operating system. The other partitions will be created later.

Select [Drive Options].

10. and then press [New].

11

11. Enter the {partition size} in Mb (decided in the planning stage) & then press [Apply].

12. When prompted to create the additional partition for the system files press [OK].

12

13. When you are returned to the previous window you will see that a new partition has been created. These is where the operating system will be installed. Press [NEXT].

14a. Installation will then continue.

14b. Installation will then continue.

13

15. Installation will then RESTART the computer.

16a. Computer restarted...

14

16b. Computer restarted...

17. Computer finalising installation and then restarts

15

18. Computer starts up...

16

19. Initial Login

20a. Set Administrator Password – Don’t forget the password must be ‘complex’ so it needs to include a mix of alpha-numerical, uppercase, lowercase & symbols.

17

20b. Set Administrator Password

18

Initial Configuration

1. Provide Computer Information

1. Activate WindowsYou must activate your Windows Server installation

NOTE: See the links at the start of this document

19

20

2. Set Time ZoneYou must set your Date and Time details

3. Configure NetworkYou must configure your TCP/IP settings

21

Please note that the subnet mask for most smaller schools is 255.255.254.0For larger schools it is 255.255.252.0.Please check what your subnet is.

4. Provide computer name and domainYou must configure computer name for your server.

Then Restart and go onto 2. Update This Server

22

2. Update This ServerNotice the changes in part 1 – Provide Computer Information – should now be showing all your updated information

1. Enable automatic updating and feedbackYou must enable automatic updates to keep your server up-to-date!

2. Download and install updatesBefore continuing onto installing server roles… make sure that your server is up-to-date!

Download and install Service Packs listed at the start of this document first

If you are installing a WSUS server later, make sure to change the settings in windows update/group policy to reflect this

23

Once completed a restart maybe required & then go onto 3. Customize This Server

3. Customize This ServerI have switched to “Server Manager” to setup: Active Directory, DNS, DHCP, IIS etc

1. Configure your Domain Controller & DNSSelect “Add Role”

This will bring up the wizard to install Server Roles

24

Select Active Directory Domain Services

(If Required) Select “Add Required Features”

Press NEXT

25

The Active Directory Wizard will not appear (Read information) and select NEXT

Review Summary and then select INSTALL

Active Directory will then install

26

Once the installation have completed you will be prompted to run a command “DCPROMO.EXE” or select the link to run the Active Directory Domain Controller wizard.

Press NEXT

27

If creating a new domain from scratch, Select “Create a new domain in a new forest” and then Press NEXT

If you are adding a new server to an existing domain, pl;ease jump to setp xxxxx

Type in your domain name (e.g athelstone.sa.edu.au) and then Press NEXT

TO BE FIXED - DO NOT USE .SA.EDU.AU AT THE END OF THE DOMAIN NAME. USE .LOCAL INSTEAD

If you are running only Windows 2008 Domain Controllers then select “Windows Server 2008” as the Forest Functional Level

28

If you have any existing Server 2000 or 2003 on the network, then select the relevant function level

Press NEXT

Now searches for a DNS Server, Cant Find One so will install DNS for you

Press NEXT

29

Press NEXT

Type in a PASSWORD and then Press NEXT

30

Review the summary and then Press NEXT

Active Directory will not install (Tick “Reboot on completion”)

31

Computer will restart

Then Login to new Domain controller…

Once you login… On the initial configuration screen… Notice that you know have AD, DNS and Group Policy Management tool installed… whenever you install a role all associated “features” will also be installed…

If you don’t want this screen to show up each time you login tick the box to say not to show this window

32

2. Configure your DHCPTo install additional roles – select “Roles” and then “Add Roles”

To install DHCP – select “DHCP Server” and then Press NEXT

33

The DCHP Server wizard will now run – Read Information and then Press NEXT

Select the network card (IP Address) to bind this DHCP server – and then Press NEXT

Specify your DNS details and then “Validate” and then Press NEXT

34

Specify if you are running WINS or not and then Press NEXT

WINS is rarely required these days, I would suggest not install it at this stage.

You now need to enter the range of IP Address this DHCP Server will be assigning to PCs – Select ADD

Enter the Scope details for this DHCP Server and then Press OK35

As described at the start of this document, include your entire IP range into the scope, then designate exclusions.

Confirm Details of Scope and then Press NEXT

Specify if you will have IPV6 Enable or Disables and then Press NEXT

Confirm User details and then Press NEXT

36

Review summary and then Press INSTALL

Once the installation is complete go to Server Manager and confirm that DHCP is ACTIVE

37

Once you have clients on your network up and running you will be able to confirm DHCP server is working by looking at the “Address Leases” and confirming that your PCs are in there.

38

3. Configure your Group PoliciesTO BE CONTINUED!!

39