systemsol thứ 6 bảo vệ

7/31/2019 SYSTEMSOL th 6 bo v

1/55

PROJECT REPORT

PROJECT QUARTER6

SYSTEMSOL INC.

Name of Developer:Name of Developer: Nguyn V Hong LmNguyn V Hong Lm

Phan Hng CngPhan Hng Cng

ClassClass ::

C6NE2Reg. No.Reg. No. ::

Coordinator :Coordinator : Mr. Nguyn Quc LongMr. Nguyn Quc Long


2/55

Page 2

PROJECT ON

SystemSol, Inc.

Developed by

Name: Nguyen Vu Hoang Lam

Phan Hung Cuong

Reg. No.:


3/55

Page 3

SYSTEMSOL, INC.

Batch Code:

Start Date : October 26th,2012 End Date : October 2nd, 2012

Name of the Coordinator : Mr. Nguyen Quoc LongName of Developer : Nguyen Vu Hoang Lam

Phan Hung Cuong

Date of Submission : October 2nd, 2012


4/55

Page 4

CERTIFICATE

This is to certify that this report titled SystemSol, Inc.embodies the original work done by Nguyen Vu Hoang Lam,Phan Hung Cuong in partial fulfillment of their courserequirement at NIIT.

Coordinator : Nguyen Quoc Long


5/55

Page 5

ACKNOWLEDGEMENT

We have benefited a lot from the feedback and suggestionsgiven to us by Mr. Nguyen Quoc Long and other facultymembers, and the machine room coordinator.


6/55

German, for various clients. According to their organization policy, a software developer

works on more than on

Page 6

SYSTEM ANALYSIS

System summary:

Background

SystemSol Inc. is an IT enabled services provider that has expand its operations to two

different locations in New Delhi, India and Beijing, China. The company has its head

office situated in New York and has a network setup of more than 7000 computer

across all the three locations. these locations have their separate network and have

independent domains SystemSolIndia.net and SystemSolChina.net.

As the next step towards upgrading the network infrastructure, the organization isplanning to connect the two separate domains into a single windows server 2003 base

network. for better performance and connectivity, the organization is planning to have

a single active directory forest with a single domain tree to connect the tree locations

in India, China, and U.S.

Existing System

The employee from the different locations are facing various problems related to

network connectivity. these problems are:

No IP based network restrictions: there is no standard IP series defined for differentdepartments, which makes it very difficult to implement IP based restrictions on the

network. Currently, there is a single DHCP server at each location, which is providing

IPs from a single scope. As a result, any user on the network can access any resource,

which is a big internal security threat for the organizational resources.

Decline in network performance: the network performance declines as the single DNS

server at each location is unable to handle the increasing load of internal as well as

external queries.

Lack of co-ordination: as the offices at the three locations are separate and have

independent domains, the inter-organization co-ordination is very expensive and

inefficient.

High cost of system administration: due to separate and independent domains, the

cost of administration is very high. this is because separate dedicated system

administration teams are required at each location to manage the domain and it

resources.

Work from home policy: to cut costs, the organization is planning to provide work from

home facility as a management policy, these employees have to be provided access to

line of business a lications from their homes.


7/55

Page 7

PROJECT ACTIVITIES

1. Install root domain controllers

2. Install and create child domains controllers

3. Create and connect AD sites

4. Install DNS servers on every domain controller

5. Create AD integrated DNS zones replicated to all the domain controllerswithin each domain

6. Configure conditional forwarding for external name resolution to rootdomain controllers on all DNS servers

7. Configure scavenging and aging on DNS servers

8. Install DHCP server and configure scopes

9. Install and configure DHCP relay agents

10. Create reservations and exclusions

11. Create users and groups

12. Install terminal server and allow users access on the terminalservers

13. Configure terminal server profiles for terminal server users

14. Create shared folders on terminal servers and assign permissions toterminal server users on them

15. Create OUs for departments16. Delegate administrative access to OUs


8/55

Page 8

MACHINE CONFIGUARATION

Processor Intel core i7 3770k Ivy BridgeHard Disk 1TBRAM 8 GBVGA ATI Radeon HD6850 1GBCD-ROM Drive N/A


9/55

Page 9

MACHINE DETAILS

Machine NameNo of Partitions 2OS (C:\) 20GBApplications (D:\) 20GBOperating System Installed Windows Server 2003CD Drive G:\


10/55

Page 10

1.Install Root Domain Controler

Server New York: Click Starts>>Run>>DCPROMO

Click Next

Click Next

Click Domain controller for a new Domain>>Next

Click Domain in a new forest>>Next


11/55

Page 11

Enter name: systemsolnewyork.net:

Choose store the Active Directory database>>Next


12/55

Page 12

Choose Install and configue the DNS server onthis computer,and set

this computer to use this DNS server as its preferren DNS server>>

Next

Choose Permissions compatible only with Windows 2000 or Windows

Server 2003 operating systems>>Next


13/55

Page 13

Type Password and Confirm Password

Wait few minutes and Restart Computer


14/55

Page 14

2.INSTALL AND CREATE

CHILD DOMAINS

Same RootDomain, server China & India: Start>>run>>dcpromo>>click Next

Choose Child domain in an existing domain tree>>Next


15/55

Page 15

Login: Account of Domain New York

In Parent domain: type systemsolnewyork.net ( Domain New

York ) & Create Child Domain>>Next


16/55

Page 16

Finish


17/55

3. To v kt ni cc ADTi Server NewYork chn ti Active Directory Sites andServices

Page 17


18/55

Click chu t ph i vo tn Server China v India r i ch n New Object t o subnet cho 2 Sites. Trong m c Select a site Object for this subnet tr n server t ng

ng v i subnet c n gn

4/ Cu hnh phn gii tn bn ngoi iu khin tn min gctrn tt c cc my ch DNS

Page 18


19/55

Ti Server NY chn ti DNS>>trong phn Reverse LookupZones chn New Zone

Ch n ti p Primary Zone

Ch n ti p: To all domain>>>Next>>r i c u hnh subnet>>finish

Page 19


20/55

Sau khi c u hnh tn mi n phn gi i ngh ch th vo l i tr ng d n n Sites:

Page 20


21/55

8. Ci t DHCP server v c u hnh

Trn Server NY: vo Control Panel>>Add or Remove Programs

Ch n t i Networking Services>>details

Page 21


22/55

Click ch n DNS v DHCP>>next: trong qu trnh ci t my s yu c u CD windows server 2003

Ch qu trnh ci t k t thc v restart my hon t t qu trnh ci t.

Page 22


23/55

7/ C u hnh DHCP

Click Start>>Administrative Tools>>DHCP

Click ph i chu t vo Server ch n New Scope>>Next>>hi n ra h p tho i

Page 23


24/55

Nh p vo dy a ch IP c n c p pht cho cc my tr m CLients

Nh p vo dy IP m gi i h n khng c p pht d phng cho nhu c u pht tri n sau ny:

Page 24


25/55

Nh p a ch IP c a Route

Nh p tn Server v IP c a server

Page 25


26/55

9/ T o OU v User.

Click Start>>Administrative tools>>Active Directory Users and Computer>>Ch n n server NY>>New Organization Unit

Page 26


27/55

Ty ch n thi t l p tn ng nh p, h v tn

M t kh u c a User, s d ng cc ty ch n ph h p cho User>>Finish k t thc

Page 27


28/55

Page 28


29/55

9/ y quy n truy c p n cc OU

Trong Server NY>>ch n n User>>Group Policy Creator

Owners>>Properties>>Members>>c p cc quy n qu n tr cho OU

Sau Click ph i chu t vo bi u t ng Computer>>Properties>>Remote r i tch vo Enable Remote Desktop on this computer

Page 29


30/55

ti p theo vo ph n Default Domain Controller>>Local Policies>>User Rights Assignment>> Allow logon locally>>add User c n y quy n qu n tr vo

t ng t i v i ph n Allow logon throught Terminal Services

Page 30


31/55

Sau ta c th ng nh p vo t Client , yu c u Client ph i ci adminpak.msi.

Page 31


32/55

9. Ci t v c u hnh DHCP relay agent

Start>>Administrative Tools>>Routing and Remote access>>Click ph i chu t vo Server>>Configure and Enable Routing and Remote Access>>Next>>Ch n

Custom

Ch n n Lan Routing

Page 32


33/55

Finish k t thc

Trong ph n IP Routing Click ph i chu t vo General>>New Routing Protocol

Page 33


34/55

Ch n DHCP Relay Agent

Add a ch IP

Page 34


35/55

CLick ph i chu t vo DHCP Relay Agent>>New Interface>>ch n card m ng ph h p r i ok

Page 35


36/55

Page 36


37/55

Page 37


38/55

Page 38


39/55

Page 39


40/55

Page 40


41/55

Page 41


42/55

Page 42


43/55

Page 43


44/55

Page 44


45/55

Page 45


46/55

Page 46


47/55

Page 47


48/55

Page 48


49/55

Page 49


50/55

Page 50


51/55

Page 51


52/55

Page 52


53/55

Page 53


54/55

Page 54


55/55

systemsol thứ 6 bảo vệ

Documents