THQTM TranVanNghia 11TLTCNTT

BI 1:Ci t Windows Server 2008 I.
Gii thiu Windows Server 2008 Ngy 12/11/2007 Microsoft chnh thc tung ra th trng phin bn h iu hnh my ch Windows Server 2008, h iu hnh ny gm 6 phin bn chnh: - Windows Server 2008 Standard. - Windows Server 2008 Enterprise. - Windows Server 2008 DataCenter. - Windows Web Server 2008. - Windows HPC (High-performance computing) Server 2008 - Windows Server 2008 for Itanium-based Systems. Vic la chn phin bn no th ph thuc vo yu cu ca ngi s dng. Windows Server 2008 Standard Edition: l la chn tt nht cho doanh nghip nh, khng c nhu cu m rng ca phn cng v khng s dng tnh nng clustering. Windows Server 2008 Enterprise Edition: l la chn tt cho mi trng doanh nghip ln, h tr y cc tnh nng nh: clustering, failover, virtualization v kh nng m rng phn cng. Windows Server 2008 DataCenter Edition (IA-64 DataCenter Edition): l ty chn cho cc doanh nghip dng lu tr d liu ln v s dng tnh nng o ho trn quy m ln. Yu cu phn cng ci t Windows Server 2008: Processor: khuyn co tc b vi x l 2GHz tr ln, tc ti u l 3GHz tr ln Memory RAM: khuyn co b nh RAM nn 1 GB tr ln. Bn Standard (32 bits) support ti a 4GB; Bn Enterprise 32 bits support ti a 32 GB RAM; bn 64 bits th Standard support 32GB RAM; cc phin bn cn li support 2TB RAM. a cng (HDD): Khng gian a cng ti thiu ci t HH Windows Server 2008 l 8 GB; khuyn co ca Mircrosoft i vi bn Full th khng gian a cng cn trng 40 GB; khng gian a cng ti u i vi bn Full l 80 GB. Mt s tnh nng mi Windows Server 2008 so vi Windows Server 2003: Server Manager Terminal Services Advanced Event Viewer Server Core H tr Ipv6 Windows PowerShell Internet Information Services 7.0 My Ch o
II.
Yu cu h thng
Vn : Bt k h iu hnh no cng a ra nhng yu cu ti thiu v ti u v phn cng h thng c th chy mt m. V vy bn cn xc nh xem sc mnh phn cng h thng ca bn c tha mn yu cu ca h iu hnh Windows Server 2008 hay khng? Gii quyt: Xc nh yu cu phn cng ba mc ti thiu, ngh v ti u ca Windows Server 2008, t so snh vi h thng ca bn. Bn cn tp trung vo ba phn chnh, l b nh RAM, b vi x l, v dung lng trng trn cng. Phn cng / Cu hnh B nh RAM B vi x l cng (trng) Ti thiu 512MB 1Ghz 10GB ngh 1GB 2Ghz 40GB Ti u 2GB 3Ghz 80GB
Cu hnh ngh trn ch l yu cu cn thit chy h iu hnh. Bn cn tham kho thm yu cu phn cng ca nhng ng dng s c chy trn h thng c s iu chnh ph hp. Nu bn nng cp b nh RAM ln hn 16GB, bn cn tng thm dung lng trng trn cng dnh ch cho b nh o (pagefile), ch Hibernate v cc tp tin kt xut (dump file). Bn c th s dng cng c Microsoft Assessment and Planning Toolkit (MAP) nh gi h thng my ch. Cng c ny s to bn bo co gip bn xc nh my ch no sn sng ci t Windows Server 2008
III.
Cc bc ci t
Vn : Sau khi bn xc nh c h thng tha mn cc yu cu v phn cng ca Windows Server 2008, bc tip theo l thc hin cc cng on chun b trc khi tin hnh ci t. C th l nhng vic g? Gii quyt: Sau y l danh sch nhng vic cn lm trong qu trnh chun b trc khi ci t.

Kim tra tnh tng thch ca ng dng Ngt kt ni ngun in khng gin on UPS Chy cng c Windows Memory Diagnostic Chun b driver cho cc thit b lu tr Sao lu my ch V hiu ha phn mm chng virus Chun b Active Directory
Trn y l tt c nhng vic nn thc hin trc khi tin hnh ci t Windows Server 2008. C th bn s khng phi thc hin tt c cc thao tc trn, bi n cn ty thuc vic bn s ci t mi hon ton hay nng cp trc tip t h iu hnh c. Ngoi ra, bn ch cn thc hin bc chun b Active Directory nu nh bn c nh bin my tnh s dng Windows Server 2008 thnh mt domain controller (b iu khin min) v thm n vo domain Windows 2000/2003 hin c. Tip theo l chi tit tng cng vic: Kim tra tnh tng thch ca ng dng Trc khi tin hnh ci t Windows Server 2008, bn cn chc chn rng cc ng dng bn th ba s chy trn h thng u c h iu hnh ny h tr. lm vic ny, bn c th tm hiu ti liu km theo ng dng hoc lin h vi nh cung cp c gii p xem liu ng dng ny c chy trn Windows Server 2008 c khng. Trong mi trng lm vic chuyn nghip, ti liu k thut l th v cng quan trng bi n gip bn trin khai ng dng trn h thng ng cch v hiu qu. Mt cng c khc bn c th s dng l Microsoft Application Compatibility Toolkit 5.0 (ACT 5.0). Cng c ny dng thu thp d liu v kh nng tng thch v lu vo mt kho d liu tp trung. y l nhng thng tin rt hu ch khi nh gi ri ro c th xy ra sau khi nng cp h iu hnh. Lu : Bn cng c th dng ACT 5.0 trong cc trng hp h thng c s thay i nh hn, chng hn ch l nng cp trnh duyt hay cp nht Windows. Ngt kt ni ngun in khng gin on UPS Trong qu trnh ci t, Windows Server 2008 s c gng d tm cc thit b kt ni vo cng ni tip. Nu bn ang kt ni ngun UPS qua cng ni tip, bn c th s gp vn vi trnh ci t. V vy tt nht l hy ngt kt ni ngun UPS cho ti khi qu trnh ci t hon tt. Chy cng c Windows Memory Diagnostic Bn hy dng cng c Windows Memory Diagnostic kim tra b nh RAM trn my ch. Bn lm theo cc bc sau:
Chy file mtinst.exe bt u ci t Windows Memory Diagnostic.
Nu bn mun dng a mm khi ng my ch, chn Create Startup Disk ci t Windows Memory Diagnostic ln a mm. Nu bn dng a CD, chn Save CD Image to Disk. Khi ng li my ch bng a khi ng va to. My ch s t khi ng vo giao din Windows Memory Diagnostic v bt u vic kim tra.
Lu : kim tra b nh my ch mt cch k lng hn, bn c th chy thm ch kim tra m rng bng cch nhn T khi Windows Memory Diagnostic ang lm vic. Khi chn ch ny, tt nht bn nn chng trnh chy qua m. Chun b driver cho cc thit b lu tr Nu thit b lu tr ca bn c driver (trnh iu khin) km theo, bn nn lu driver vo a mm, a CD, DVD hoc USB. Trong qu trnh ci t, c th bn s phi cn n cc driver ny. Sao lu my ch Sao lu d liu my ch l thao tc khng th thiu trc khi thc hin cc thay i trn h thng. Cn m bo rng cc d liu quan trng ca bn u c sao lu cn thn. Khi thc hin vic nng cp h iu hnh, bn nn c bn sao lu ca phn vng khi ng h thng cng nh d liu trng thi h thng. Cc d liu ny c th c sao lu bng cch to mt bn sao lu cho Automated System Recovery (ASR) V hiu ha phn mm chng virus Phn mm chng virus s tin hnh qut tt c cc file c copy vo my ch, v vy c th s lm nh hng n tc nng cp h thng. Chun b Active Directory C hai bc chun b dch v Active Directory:

Chun b forest. Chun b domain.
Lu : Bn ch cn chun b Active Directory khi c nh xy dng mt domain controller s dng Windows Server 2008 v tham gia domain Windows 2000/2003 hin c. Cc bc chun b forest:
ng nhp vo Schema Master ca domain hin ti bng ti khon l thnh vin ca mt trong cc nhm Enterprise Administrators, Schema Administrators hoc Domain Administrators. Copy th mc adprep t sources\adprep trn a ci Windows Server 2008 vo Schema Master. T dng lnh, chuyn ti th mc adprep va c copy, sau chy adprep/forestprep. i vi domain controller ch c (RODC), chy adprep/rodcprep. Ch tc v hon tt v nhn bn trc khi tin hnh bc th hai trong cng on chun b dch v Active Directory. ng nhp vo Infrastructure Master ca domain hin ti bng ti khon l thnh vin ca nhm Domain Administrators. Copy th mc adprep t sources\adprep trn a ci Windows Server 2008 vo Infrastructure Master.
Tip theo l cc bc chun b domain:

T dng lnh, chuyn ti th mc adprep va c copy, sau chy adprep\domainprep\gpprep Ch tc v hon tt v nhn bn.
Ti y, bn thc hin xong cc cng on chun b v c th bt u ngay vic ci t Windows Server 2008.
Ci t Windows Server 2008 Vn : Bn quyt nh ci t bn Windows Server 2008 Standard. Tip theo, bn cn la chn xem s tin hnh ci t th cng hay ci t t ng. C th s c nhiu my ch cng cn phi nng cp. Gii quyt: Phn tip theo ca bi vit s trnh by ln lt tng bc ci t Windows Server 2008, c th cng ln t ng. Ci t th cng Tin trnh ci t Windows Server 2008 c t chc rt hp l. Nu tng ci t Windows Server 2003 hn bn vn cn nh rng trong qu trnh ci t, bn c yu cu tr li nhng cu hi v cu hnh. Vi Windows Server 2008, nhng yu cu ny c chuyn ti phn Initial Configuration Tasks Wizard xut hin khi hon tt ci t. Sau y l danh sch nhng thng tin bn cn cung cp trong qu trnh ci t:

Ngn ng, n v tin t v thng tin bn phm (ngn ng nhp liu) Kha kch hot sn phm hp l V tr ci t n bn h iu hnh sp ci t (nu khng nhp kha sn phm) Ci t nng cp hay ci t mi Ci t h iu hnh, bao gm c xc nhn m kha hp l Khi to cu hnh Initial Configuration Tasks Ci t Server Manager
Ton b vic ci t Windows Server 2008 ch qua ba phn:

Ci t h iu hnh Lm theo cc bc sau ci t h iu hnh:

Cho a ci t Windows Server 2008 vo v khi ng my ch t a ci. Khi c yu cu chn ngn ng, thi gian, n v tin t v thng tin bn phm, bn hy a ra la chn thch hp ri click Next.
Thit lp ngn ng, thi gian v n v tin t, thng tin bn phm.

Ty chn Install Now xut hin. Nu cha chc chn v yu cu phn cng, bn c th click vo lin ktWhat to Know Before Installing Windows bit thm chi tit. Nhp kha kch hot sn phm (product key) v nh du kim vo Automatically Activate Windows When Im Online. Click Next.
Nhp kha kch hot sn phm hp l.
Nu cha nhp kha sn phm mc trc, by gi bn s phi la chn n bn Windows Server 2008 sp ci t v nh du kim vo I Have Selected an Edition of Windows That I Purchased. Nu bn nhp kha sn phm hp l, trnh ci t s t ng nhn din c n bn Windows Server 2008 bn sp ci t. Click Next.
La chn bn Windows Server 2008 ci t.

c cc iu khon quy nh v chp nhn bng cch nh du kim. Click Next. ca s mi xut hin, do bn khi ng my t a ci nn ty chn Upgrade (nng cp) b v hiu. Click Custom (Advanced).
Ty chn Upgrade b v hiu khi bn khi ng my t a ci. Lu : Nu bn mun tin hnh ci t nng cp, bn cn chy trnh ci t trong mi trng Windows.
Trn ca s tip theo, bn cn la chn v tr ci t Windows. Nu c driver ca cc thit b lu tr bn th ba, cn ci t ngay bng cch click lin kt Load Driver.
Ti driver ca cc thit b lu tr bn th ba v chn ni ci t. Lc ny, Windows s bt u c ci t vo h thng. Bn c th thy tng bc tin trnh hon tt th hin bng phn trm. Trong qu trnh ci t, my ch s phi khi ng li nhiu ln. Trnh ci t s hon thnh nhng tc v sau y: - Sao chp tp tin - M rng tp tin - Ci t chc nng - Ci t cp nht - Hon thnh
Khi qu trnh ci t hon tt, hy thay i mt khu ti khon qun tr administrator trc khi ng nhp. Sau khi mt khu c thay i v bn ng nhp vo h iu hnh, nh vy l bn xong phn 1 ca vic ci t.
Khi to cu hnh Sau khi bn ng nhp vo h iu hnh, ca s Initial Configuration Tasks Wizard xut hin, gm ba mc:

Provide computer information (Cung cp thng tin h thng) Update this server (Cp nht my ch) Customize this server (Ty bin my ch)
Initial Configuration Tasks Wizard Vy th trong cc mc ny, bn c th a ra nhng thay i no v cu hnh? Trong mc Provide Computer Information, bn c th thc hin nhng vic sau:

Thay i mi gi Thit lp cu hnh mng trn giao din card giao tip mng (NIC). Bn cng c th gn a ch IP tnh, subnet mask, default gateway (cng mc nh) v my ch DNS/WINS. Trong nhiu mi trng, c l bn s c nhm hai card giao tip mng cho mng LAN d liu sn xut (s dng phn mm bn th ba) v c mt card giao tip mng ring bit dnh ring cho vic sao lu d liu c kt ni vi mng LAN sao lu. Ngoi ra, bn c th mc cho cc thit lp t ng c gn bi my ch DHCP, tt nhin trong trng hp bn c my ch DHCP c cu hnh. Lu : Trn thc t, bn s thng gn a ch IP tnh cho my ch c s h tng. Trong trng hp ny, bn s cn thu thp thng tin cng vi a ch IP hp l cho default gateway v cho my ch DNS/WINS trc khi ci t.
Cung cp tn my tnh cho my ch, cng vi thng tin domain hoc workgroup. Bn cn khi ng li my ch cc thay i c tc dng. Cho php t ng cp nht v phn hi Cu hnh vic ti v v ci t nhng cp nht ca h iu hnh
Trong mc Update This Server, bn c th thc hin nhng vic sau:

Trong mc Customize This Server, bn c th thc hin nhng vic sau: 1. Thm vai tr (role) my ch. Khi bn chn mt vai tr, trnh hng dn s gip bn hon thnh vic ci t vai tr. Bn c th la chn cc vai tr sau:

Active Directory Certificate Services Active Directory Domain Services Active Directory Federation Services Active Directory Lightweight Directory Services Active Directory Rights Management Services
Application Server DHCP Server DNS Server Fax Server File Services Network Policy and Access Services Print Services Terminal Services UDDI Services Web Server (IIS) Windows Deployment Services
2. Thm tnh nng. Cng nh thm vai tr, khi bn la chn tnh nng, trnh hng dn s gip bn hon thnh vic ci t tnh nng . C rt nhiu tnh nng cho bn la chn.
La chn tnh nng bn mun ci t Lu : i vi c hai danh sch vai tr v tnh nng, khi bn im sng mt vai tr hoc tnh nng no , bn s thy phn m t bn phi danh sch. Khi bn la chn cc vai tr v tnh nng, cn nh rng nn ci t cng t cng tt, tt nht l ch nn la chn nhng th bn d nh s dng. Nu bn ci t cc vai tr hoc tnh nng khng cn thit, bn s ci t lun c nhng dch v v ch v c kh nng m toang nhng cng khng c gi tr trong sn xut khin my ch khng cn an ton.

Cho php Remote Desktop kt ni ti my ch Cu hnh thit lp tng la h iu hnh. Theo mc nh, tng la c kch hot sn.
Tip theo s l phn ba ca qu trnh ci t. Ci t Server Manager
Server Manager cho bn mt ci nhn ton cc v my ch. Khi nhn vo phn chi tit mc nh, bn c th thy thng tin my tnh, thng tin bo mt v bn tm tt cc vai tr v tnh nng ci t. Nhn xung pha di, bn s thy ti nguyn v phn h tr. Pha bn tri ca s l cc cng c gip bn thm/bt v cu hnh cc vai tr cng nh cc tnh nng. Bn cng s thy cc ty chn chn on, cu hnh v qun l a. Sau khi xc lp cc thay i trong Server Manager, cng vic ci t th cng ca bn thc s hon tt.
Bi 2: Nng cp windows Server 2003 ln Windows Server 2008 I. Yu cu h thng:
- H thng mng windows server 2003 ang hot ng tt.c y cc service ang chy - Trong Acive directory hin nay c 2 user sv1, sv2 - Backup li h thng trc khi lm - a DVD cha Win 2008 - Up raise functional level h thng win 2003 khi mix mode - Xem version Win server 2k3 ( Standar hay Enterprise ) phin bo bao nhiu bit.
B vi x l
B nh
cng Card mn hnh
Ti thiu: 1Ghz (x86) hoc 1,4Ghz (x64) ngh: 2Ghz hoc cao hn Ch : b vi x l Intel Itanium 2 cng cn thit cho Windows Server 2008 cho cc h thng Itanium- Based Ti thiu: 512MB RAM ngh: 2GB RAM hoc cao hn Ti a (32-bit): 4GB (Standard) hoc 64GB (Enterprise v Datacenter) 64-bit: 32GB (Standard) hoc 2TB (Enterprise, Datacenter v Itanium-Based Systems) Ti thiu: 10GB ngh: 40GB hoc cao hn Ch : cn thm 16GB RAM h thng chy cc chc nng nh paging, hibernation v dump file . Super VGA (800x600) hoc phn gii cao hn.
II. Tin hnh nng cp: Bc 1: Kim tra h thng
Bc 2 : Raise functional level ln win2003 cho h thng
Bc 3 : Cho DVD 2k8 vo DVD Bc 4: Start > run >CMD enter Bc 5 : nh vo D:\sources\adprep\adprep.exe /forestprep (D:\ l dia DVD) -> xut hin thng bo, tip tc nhn ch C v enter
Bc 6: nh tip
D:\sources\adprep\adprep.exe /domainprep
Bc 7: nh tip D:\sources\adprep\adprep.exe /domainprep /gpprep
Bc 9: tt ca s CMD, vo DVD chy file setup.exe
Chn ng loi version ca Win2003 ci trc. Win2003 l Enterprise th chn l Enterprise
Sau khi thnh chng ta vo h kim tra cu hnh user c thay i g khng
Upgrade Cng th login thng xem cc OU v
Mi th vn nh lc u vi Winserver 2003. Hai OU Quantri v kythuat vn cn.
BI 3:Cng c qun tr Server Manager Server Manager l mt cng c che php bn thc hin hu ht cc thao tc qun tr trn Windows Server 2008, t cc dch v server nh Active Directory, DNS, DHCP, n cc thnh phn ca h thng nh .NET Framework 3.0, Network Load Balancing, Group Policy Management, ; t h thng firewall, qun l user v group n cc dch v sao lu h thng, qun l a,
1. Gii thiu v Server Manager C th ni rng cng c ny l kt qu ca s kt hp han ho cc cng c qun l trn nhng phin bn Windows trc . Theo mc nh, Server Manager s t ng khi ng ngay sau khi bn ng nhp vo h thng. Nu ng ca s ny, bn c th thc hin mt trong nhng cch sau m li : Kch chut phi vo biu tng Computer trn desktop, chn Manage. T menu Start, chn Programs/Administrative Tools/Server Manager. T menu Start, chn Control Panel/Administrative Tools/Server Manager. Kch chn biu tng Server Manager trn Quick Launch ca Taskbar.
Mn hnh chnh ca Server Manager
2. Cc thnh phn trong Server Manager Khi lm vic vi Server Manager, bn s tng tc vi 5 thnh phn chnh : Roles cho php b sung v loi b cc dch v ca server. Ti y bn cng c th qun l chi tit d liu tng ng vi mi dch v. Features cho php b sung v loi b cc thnh phn trn Windows Server 2008. Chc nng ny tng t nh Add/Remove Windows Components trong cc phin bn Windows trc . Diagnostics tch hp cc thnh phn Event Viewer, Reliability and Performance v Device Manager. Configuration bao gm cc cng c Local Users And Group, Task Scheduler, Windows Firewall with Advanced Security, WMI Control v Services. WMI Control c dng qun l cc dch v Windows Management Instrumentation. Storage tch hp hai cng c Windows Server Backup v Disk Management.
Qun l chi tit trn Active Directory Users and Computer 3. Qun tr h thng vi Server Manager 3.1 Qun l cc dch v Server (Roles) m cc ca s qun l cc dch v server, bn chn mc Roles khung bn tri ca mn hnh Server Manager. Trn Windows Server 2008 ni chung, bn c th trin khai tt c 16 dch v server, t Active Directory Domain Services n cc server nh DHCP, DNS, Web,
Lu : ngoi 16 dch v server c mt trn tt c cc phin bn Windows Server 2008, Microsoft cn cung cp mt dch v server na, l Hyper-V. Hyper-V l cng ngh o ha ch chy trn cc nn tng h iu hnh 64-bit. ci t mt dch v server bt k, bn nh du chn vo tng ng trn hp thoi Select Server Roles. Tip theo, bm nt Install bt u. Trong tin trnh ci t, ty theo c im ring ca tng dch v server, bn s in thng tin v thc hin cc thao tc cn thit hon thnh tin trnh.
Cc dch v Server trn Windows Server 2008 Sau khi ci t xong, thng tin v trng thi ca cc dch v server s hin th trong khung Roles Summary thuc ca s Server Manager. Ti y bn cng c th thc hin cc thao tc b sung v loi b cc dch v server ny. Nu mun qun l chi tit d liu tng ng vi mi dch v server, bn kch chn dch v ngay di mc Roles. 3.2 Qun l cc thnh phn (Features) m ca s qun l cc thnh phn, bn chn mc Features khung bn tri ca mn hnh Server Manager. Trn Windows Server 2008 bn c th tng tc vi tt c 35 thnh phn. ci t mt thnh phn bt k, bn nh du chn vo tng ng trn hp thoi Select Features. Tip theo, bm nt Install bt u. Trong tin trnh ci t, ty theo c im ring ca tng thnh phn, bn s in thng tin v thc hin cc thao tc cn thit hon thnh tin trnh.
Cc thnh phn trn Windows Server 2008 Sau khi ci t xong, thng tin v trng thi ca cc thnh phn s hin th trong khung Features Summary thuc ca s Server Manager. Ti y, bn cng c th thc hin cc thao tc b sung v loi b cc thnh phn ny. Task Scheduler l cng c cho php bn lp lch thc thi cc nhim v trn h thng theo yu cu ca mnh. Chng hn, Windows Server 2008 hin th mt thng bo cho mng mi khi ng nhp thnh cng, bn thc hin theo cc bc sau: 3.3 Cu hnh h thng (Configuration) 3.3.1 Local Users and Group Tng t nh chc nng cng tn trong cc phin bn Windows trc , bn c th s dng cng c ny qun l cc i tng user v group cc b trn Windows Server 2008. 3.3.2 Task Scheduler Task Scheduler l cng c cho php bn lp lch thc thi cc nhim v trn h thng theo yu cu ca mnh. Chng hn, Windows Server 2008 hin th mt thng bo cho mng mi khi ng nhp thnh cng, bn thc hin theo cc bc sau : 1. Chn Task Scheduler trong mc Configuration. 2. Chn Task Scheduler Library trong mc Task Scheduler. 3. Kch chut phi ln Task Scheduler Library, chn New Folder. 4. Nhp tn cho mc va to l My Scheduler v chn OK. 5. Kch chut phi ln My Scheduler, chn Create Task. 6. Nhp "Welcome" vo mc Name. y l tn ca task m bn s to.
To th mc lu tr scheduler
in thng tin chung cho task 7. mc Description, bn nhp dng thng tin ch thch, chng hn "Show a Welcome message on Windows log on". 8. mc Security options, bn chn Run only when user is logged on task ny s c kch hot mi khi user ng nhp thnh cng vo h thng. 9. Di chuyn sang tab Triggers. Ti y, bn bm nt New to mt trigger mi. 10. Trong hp thoi New Trigger, mc Begin the task, bn chn At log on. 11. Bm nt OK lu trigger va to.
To trigger tng tc vi task 12. Di chuyn sang tab Action. Ti y, bn bm nt New gn mt hnh ng tng ng vi task. 13. mc Action, bn chn Display a Message. Ty chn ny s thc hin thao tc hin th mt thng tho khi ngi dng ng nhp thnh cng vo h thng. 14. Nhp "Welcome" vo mc Title. y chnh l tiu ca thng bo s xut hin ngay khi bn ng nhp thnh cng. 15. mc Message, bn nhp "Welcome to Windows Server 2008 Enterprise !". 16. Bm nt OK lu action va to.
To action tng ng vi task 17. Gi nguyn nhng thit lp mc nh trn hai tab Conditions v Settings. 18. Bm nt OK lu li nhng thay i va thit lp. 19. n y, bn c th kim tra kt qu ca mnh bng cch log out h thng v ng nhp tr li. Nu ng nhp thnh cng, bn s nhn c thng bo :
Thng bo xut hin khi ng nhp thnh cng
3.4/- Qun l khng gian lu tr v sao lu d liu (Storage) 3.4.1/- Ci t thnh phn Windows Server Backup Mc nh, Windows Server Backup cha sn dng trn Windows Server 2008. Do , bn cn b sung thnh phn ny vo h thng trc khi s dng. Cc bc thc hin nh sau : 1/- Trong ca s Server Manager, khung Feature Summary, bn chn Add Features. 2/- Trong mn hnh Select Features, nh du chn mc Windows Server Backup Features v bm nt Next.
nh du chn Windows Server Backup Features 3/- Trong mn hnh Confirm Insatallation Selection, bn bm nt Install bt u ci t.
Xc nhn li thng tin ci t 4/- Trong mn hnh Installation Results, bn bm nt Close hon thnh thao tc b sung thnh phn cn thit vo Windows Server 2008. 3.4.2/- S dng Windows Server Backup Sau khi b sung Windows Server Backup vo Windows, bn c th tng tc vi thnh phn ny bng cch truy cp vo mc cng tn trn ca s Server Manager. Chng hn, to mt lch trnh sao lu d liu a C: ca mnh, bn thc hin cc bc nh sau : 1/- Kch chut phi lnh mc Windows Server Backup trong Storage, chn Backup Schedule.
2/- Trong mn hnh Getting started, bm nt Next.
Xc nhn li thng tin ci t 3/- Trong mn hnh Select backup configuration, chn Custom v bm nt Next. 4/- Trong mn hnh Select backup items, bn chn a cha h iu hnh ca mnh, trong trng hp ny l a C: v bm nt Next.
Xc nhn li thng tin ci t 5/- Trong mn hnh Specify backup time, bn chn s ln v thi im sao lu. y, chng ta chn sao lu vo lc 10:00 ti mi ngy (Once a day). Sau khi chn xong, bn bm nt Next. 6/- Trong mn hnh Select destination disk, bn nh du chn vo a m mnh s sao lu n v bm nt Next. 7/- Trong mn hnh Label destination disk, bm nt Next.
Xc nhn li thng tin ci t
7/- Trong mn hnh Summary, bn bm nt Finish hon thnh thao tc to lch trnh sao lu a. Sau bc ny, hot ng sao lu a C: s t ng thc hin ti thi im m bn thit lp trn.
BI 4:Active Directory Domain Services I. Ci t Active Directory Domain Services (AD-DS): Trong h iu hnh Windows Server 2008, khng ging nh nhng h thng trc , cc bn cn p dng thm bc DCPROMO y server ti Domain Controller v ci Active Directory trc tip trn . Bc ny ng vai tr nh vic ci Active Directory Domain Services (AD-DS) trn server. Thc t, vai tr ca AD-DS l kch hot server kim lun nhim v ca Domain Controller, nhng bn vn phi thc hin lnh DCPROMO. AD-DS c th c ci t theo 3 cch sau. B1: Server Manager/Initial Configuration Tasks M Server Manager > Roles > Add Roles:
Nhn Next ti ca s tip theo:
Trong ca s Select Server Roles, chn Active Directory Domain Services v nhn Next:
Ca s Active Directory Domain Services hin th, cc bn c th tham kho thm thng tin c h thng cung cp ti y v nhn Next:
Tip tc nhn Install ti ca s Confirm Installation Selections:
V ch i cho ton b qu trnh ny hon tt:
Nhn Close:
Sau quay tr li Server Manager, nhn vo ng dn Active Directory Domain Services, nhng khng th s dng c v DCPROMO cha c kch hot:
Chn ng dn DCPROMO v tip tc lm theo hng dn ti :
B2: DCPROMO: Sau khi ci t cc role AD-DS, chng ta cn DCPROMO to c s d liu cho Active Directory v cc chc nng khc. G lnh dcpromo t mc Run hoc chn ng dn DCPROMO trong Manager > Roles > Active Directory Domain Services:
Ph thuc vo vic AD-DS c ci hay cha, ca s Active Directory Domain Services Installation Wizards tip tc xut hin, cc bn nhn Next:
Trong ca s Operating System Compatibility, cc bn c th tham kho thm thng tin chi tit v nhn Next:
Tip tc, n phn Choosing Deployment Configuration cc bn chn Create a new domain in a new forest vNext:
in tn ph hp dnh cho domain mi v Next:
Lu rng cc bn khng nn s dng tn domain c dng nh mydomain hoc tng t, m phi khai bo y nh mydomain.local hoc mydomain.com. Qu trnh tip theo din ra, h thng s kim tra tn domain c thch hp v c s dng hay cha:
Chn ng mc ca forest function level, mc nh l Windows 2000 ( y l Windows Server 2008):
Tip theo l mc domain function level, mc nh l Windows 2000 Native ( y l Windows Server 2008):
Nu chn Windows Server 2008 ti mc forest function level, h thng s khng cnh bo ngi s dng chn domain function level. Tip theo, h thng s tip tc tin hnh kim tra xem DNS c cu hnh v thit lp hay cha. Trong trng hp ny, khng c DNS server no c cu hnh, do vy trnh ci t s t ng ci t DNS trn server ny:
Lu li 1 ln na rng DC u tin phi l Global Catalog. Trong hu ht mi trng hp, ngi s dng s nhn c thng tin cnh bo rng server hin ang c 1 hoc nhiu hn 1 a ch IP ng. G lnh IPCONFIG /all. Tnh nng ny t u sinh ra? Cu tr li y l do Ipv6. Trong h thng c IPv6 nhng khng s dng, bn c th b qua cnh bo nh sau:
Tip theo c th l thng bo v vic DNS cha c cu hnh, cc bn b qua v nhn Next:
Thay i ng dn ca c s d liu AD, file log v th mc SYSVOL. i vi nhng m hnh ln, hy thit lp DC sao cho t hiu qu ti u nht c th. Sau nhn Next:
t mt khu cho Active Directory Recovery Mode. Ngi s dng nn t mt khu da trn s kt hp ca chui k t ti thiu l 7, lu rng khng nn t bt k mt khu no trng nhau trong cng 1 h thng. Nhn Next:
Trong ca s cui cng, cc bn c th xem li ton b mc thit lp ca mnh. Nhn Next:
Qu trnh ci t s bt u to domain Active Directory, v khi kt thc th cc bn nhn Finish v khi ng li h thng:
Qu trnh trn hon tt, h thng server c thm vai tr ca Domain Controller. Gi y, cc bn c th kim tra y cc tnh nng bng vic s dng cng c qun l AD nh Active Directory Users and Computers, Event Logs, cc dch v, th mc, tnh nng phn quyn v chia s... va c to.
II. Kt ni my trm n DC: Ti my Client.Thit lp IP Address v DNS cho card mng.
Kim tra 2 my Client v Server thng nhau hay cha. My Server
My Client
Ti biu tng My computer.Click chut phi v chn Properties.Nhn Change thay i tn my tnh hoc domain. i tn my tnh ti Computer Name.Chn Member of l Domain v nhn OK
Nhp tn,ti khon gia nhp domain.Nhn OK
Hp thoi thng bo thnh cng.
Khi ng li my tnh thay i c hiu lc III. Qun l user , group v OU: 1.1. To mi User.
in thng tin ti khon user Next.
Password: yu cu phc tp User must change password at next logon : ti khon sau khi to yu cu thay i mt khu ngay ln ng nhp u tin User cannot change passsword : ti khon ny khng c quyn thay i mt khu Password never expires : mt khu khng bao gi ht hn v trong h thng s c trng policy qun l c sau 1 khong thi gian sn s yu cu ngi dng i mt khu li tng mc bo mt vi ngi dng. Account Disable : ti khon sau khi to s khng c s dng ngay lp tc m s b kha cha c s dng.
1.2.
To mi Group.
3. To Organizational Unit (OU) m hnh mng Workgroup, bn ch c th qun l user tp trung bng cch gom ton b user vo tng group. Vi m hnh domain, bn c th m rng phm vi qun l, bng cch to ra cc OU, ri gom nhiu user, group vo OU. Ti server, bn vo Start > Administrative Tools > Active Directory Users and Computers (hoc vo Start > Run, g lnh DSA.MSC) m ca s qun l thnh vin trong h thng. Bn nhn phi vo tn domain, chnNew > Organizational Unit > nhp tn OU vo Name > OK, OU va to s c lit k bn di tn domain.
thm group, user vo OU, bn nhn chut phi vo tn OU > New > chn Group (to nhm) hoc User (to mi ngi dng), cch thc hin tng t nh trong Workgroup. di chuyn nhng group c sn vo OU, bn nhn chn tn domain, nhn phi ln tn group > Move > chn OU cn di chuyn n > OK.
Lu : Khng cn ngi ti server, bn vn c th truy cp vo Active Directory Users and Computers to v qun l thnh vin t client, bng cch ci thm cng c Remote Server Administration Tool (RSAT). Ty theo h iu hnh ang s dng trn client, bn ti RSAT ti y (Windows Vista), hoc ti y (Windows 7). S dng RSAT trong Windows 7: Sau khi ci xong, bn vo Control Panel > Programs > Turn Windows features on or off, nh du chn cc mc nh hnh sau cho php truy cp vo Active Directory, cu hnh dch v DHCP, DNS t client. Tuy nhin, trc khi ci RSAT, bn phi ng nhp vo client vi ti khon Domain Administrator.
Phn quyn qun tr OU phn quyn qun l OU, bn nhn phi vo tn OU > Delegate Control > Next > nhn nt Add ti ca sUsers or Groups v ch nh user hoc group s qun l OU > Next. Ca s Task to Delegate hin ra cc quyn m ngi qun l OU c php thc thi, gm cc quyn c bn sau: Create, delete, and manage user accounts (to, xa user trong OU), Reset user passwords and force password change at next logon (lm mi li mt khu ca user), Read all user information (xem mi thng tin v user), Create, delete and manage groups(to, xa group trong OU), Modify the membership of a group (chnh sa thnh vin trong group), Manage Group Policy links (qun l Group Policy). Ty theo nhu cu cng vic, bn nhn vo cc quyn cn cho php i vi qun l OU ri nhn Next > Finish.
BI 5:Read-Only Domain Controller Gii thiu Read Only Domain Controller Windows NT l h iu hnh iu hnh Windows Server dnh cho my ch u tin ca Microsoft. Cng ging nh cc h iu hnh Windows Server mi hin nay, Windows NT cng h tr rt nhiu cho min, ch c mt im khc bit duy nht l mt Domain Controller (trnh qun l min) trong mi min c kh nng ghi. Domain Controller ny c bit n vi tn gi Primary Domain Controller hay PDC, l Domain Controller duy nht m admin c th ghi thng tin vo. Sau PDC s cp nht cho cc Domain Controller khc trong min ny. Nhng Domain Controller c cp nht ny c gi l Backup Domain Controller, chng ch c c v cp nht bi Primary Domain Controller. D vn hot ng bnh thng nhng min ny cng tn ti mt s nhc im. ng ch nht l nu c vn no xy ra vi Priamry Domain Controller th ton b min s b nh hng. V Microsoft phi ci tin kh nhiu Domain Controller ny trong Windows Windows 2000 Server. Windows 2000 Server tch hp hai cng c mi cho Domain Controller (c hai cng c ny vn c s dng hin nay) l Active Directory v Multi Master Domain Model. Ngoi nhng tnh nng tng t ca PDC, mt tnh nng rt quan trng nht ca Multi Master Domain Model l mi Domain Controller ca n u c th ghi c. iu c ngha mt admin c th thc hin cp nht cho bt k Domain Controller no, v qu trnh cp nht sau s phi c thc hin cho mi Domain Controller khc trong mng. Multi Master Domain Model c gi li trong Windows Server 2003 v n vn c a vo Windows Server 2008. Tuy nhin Windows Server 2008 cng cho php ngi dng to Read Only Domain Controller. Nhng RDOC ny l nhng Domain Controller m admin khng th s dng cp nht trc tip cho c s d liu Active Directory. Phng php duy nht cp nht nhng Domain Controller ny l p dng mt ci t cho mt Domain Controller c th ghi, sau p dng ci t cho mi RDOC. RDOC h tr rt nhiu cho Windows NT. V tt nhin Microsoft s khng tch hp li cng c ny nu khng nhn thy nhng tnh nng ca n. Nu mun mi Domain Controller trong min c th ghi th bn hy s dng cng c ny, cn nu khng bn c th tt b. Mc d RDOC rt ging vi cng c Backup Domain Controller (BDC) c tch hp trn Windows NT nhng chng c ci tin i cht. RDOC c s dng h tr cho nhm vn phng do s bit lp ca nhng vn phng ny v c th kt ni ca chng. Trong thc t c nhiu phng php khc khc nhau qun l nhm vn phng, nhng mi phng php ny u tn ti u im v nhc im ring. Mt trong nhng phng php thng thng qun l nhm vn phng l t mi my ch ti vn phng chnh v kt ni cho nhng
ngi dng trong vn phng chi nhnh ti nhng my ch ny qua lin kt WAN. Tuy nhin mt nhc im ca phng php ny l lin kt WAN rt d b qu ti v n thng rt chm v hay tc nghn. Mt phng php khc thng s dng qun l nhm vn phng l t t nht mt Domain Controller trong mi vn phng chi nhnh. Domain Controller ny thng hot ng nh mt my ch DNS v nh mt my ch Global Catalog. D phng php ny t ra kh hiu qu nhng chi ph thc hin li kh cao (gm chi ph lp t v vn hnh). V mt vn ny sinh khi t nhng my ch vn phng chi nhnh l kh nng bo mt. chnh l l do ti sao Microsoft tch hp li RODC trong Windows Server 2008. RODC ging vi nhng Domain Controller khc ngoi tr c s d liu Active Directory khng th ghi trc tip. Vic t mt RODC ti mt vn phng chi nhnh cng khng lm nh hng ti lu lng phn hi ca Active Directory, tuy nhin n li lm gim lu lng ti ca nhng my ch ngoi v ch c lu lng phn hi ni b c cho php. RODC c th ci thin bo mt bi v mi nhn vin trong vn phng chi nhnh khng th thc hin thay i c s d liu Active Directory. Ngoi ra, khng c thng tin ti khon no c lu tr trn RODC. iu ny cng c ngha l lu lng phn hi qua lin kt WAN cng c gim i. Trin khai Read Only Domain Controller Trc tin bn cn phi ci t Windows Server 2008 trn Read Only Domain Controller v kt ni my ch ny ti mt min. Bn c th to mt Read Only Domain Controller m khng cn kt ni ti min, nhng nhng thao tc di y c thc hin khi my ch ca bn hin l mt thnh vin ca min. Forest Functional Level Trc khi bt u, bn cn phi ci t cho Forest Function Level l Windows Server 2003 hoc cao hn. thc hin thao tc ny, bn hy m console Active Directory Domains and Trusts sau phi chut ln danh sch Active Directory Forest ri chn Properties. Nh trong hnh 1, Forest Functional Level hin th trong tab General ca hp thoi Properties.
Hnh 1: Xc nhn Forest Fuctional Level c ci t l Windows Server 2003 hoc cao hn. Nu Forest Functional Level khng ph hp bn s phi tng mc ca n ln trc khi bt u. Nh rng, thao tc ny s lm cho bn khng th s dng Domain Controller ca Windows 2000 trong Forest na. tng Forest Functional Level, click OK ng hp thoi Properties sau bn hy phi chut vo danh sch Forest mt ln na v chn Raise Forest Functional Level t Command Prompt. Trong mn hnh hin ra bn hy la chn ty chnWindows Server 2003 ri click vo nt Raise. Cp nht Application Directory Partition Thao tc tip theo l cp nht phn quyn cho cc Application Directory Partition(phn vng th mc ng dng) trong Forest nhng phn vng ny c th c phn hi bi mi RODC ang hot ng nh mt my ch DNS. cp nht Application Directory Partition, bn hy chn a ci t Windows Server 2008 vo Domain Controller c ch nh nh gin ch Schema Masterca min. Sau copy folder \Sources\Adprep t a DVD vo mt folder trng trn cng ca my ch ny. Sau cng, m ca s Command Prompt v iu hng ti folder ADPREP va to v chy lnh sau: ADPREP /RODCPREP
Hnh 2: mn hnh kt qu khi chy lnh ADPREP /RODCPREP. Thng cp my ch ti mt Domain Controller Tip theo chng ta s cu hnh cho my ch hot ng nh mt Read Only Domain Controller. Trc tin bn cn phi ng nhp vo my ch ny bng ti khon thnh vin ca nhm Domain Admins. Sau chy lnh DCPROMO ti Run Prompt ca my ch. Khi Windows s khi chy Active Directory Domain Services Installation Wizard. Wizard ny s thc hin kim tra nhanh m bo rng nhng Active Directory Binary c ci t. Nhng Binary ny khng c ci t mc nh do Wizard ny s t ng ci t chng. Khi Windows hon thnh ci t Binary n s hin th mn hnh Welcome ca Wizard (hnh 3). Ti y bn hy click chn hp chn Active Directory Domain Services Installation Wizard ri nhn Next.
Hnh 3: La chn hp chn Active Directory Domain Services Installation Wizard. Khi nhn Next, Wizard s hi bn Domain Controller s h tr cho Forest vDomain no. Bn hy la chn ty chn b sung Domain Controller vo mt min hin c trong Forest ang s dng.
Hnh 4: La chn ty chn b sung Domain Controller vo min ang s dng. Click Next v Wizard s nhc nh bn nhp tn ca min d nh b sung Domain Controller vo. Bn cng s phi xc nhn mun s dng nhng giy php m hin bn ang ng nhp khi bn thng cp my ch ny ti Domain Controller (hnh 5). Sau khi thc hin xong nhn nt Next.
Hnh 5: Nhp tn ca min mun b sung Domain Controller vo. Ca s tip theo s yu cu bn xc nhn min la chn. Ti y bn ch cn nhnNext.
Hnh 6: Xc nhn min mun b sung Domain Controller vo. Bn cn phi ch mn hnh yu cu xc nh v tr m bn mun lu tr Domain Controller mi (hnh 6). iu ny c bit quan trng vi Read Only Domain Controller bi v chng thng t cc vn phng chi nhnh thng c t trong Active Directory ring bit.
Hnh 7: La chn Active Directory Site cha Domain Controller. Sau click Next v bn s c yu cu la chn nhng ty chn b sung cho Domain Controller ny (hnh 8). Ngoi ty chn Read Only Domain Controller (phi chn), bn nn chn thm ty chn DNS Server v Global Catalog Domain Controller ny hot ng nhu mt my ch DNS v my ch Global Catalog.
Hnh 8: Nhng ty chn b sung cho Read Only Domain Controller. Click tip vo nt Next bn s thy trang Specify the Password Replication Policy(hnh 9). Trang ny cho php kim sot nhng mt khu c phn hi ti Read Only Domain Controller. Bn c th t ln cu hnh hoc s dng nhng cu hnh mc nh. Nhn tip nt Next.
Hnh 9: Bn c th s dng cu hnh Password Replication Policy mc nh. Sau bn c th phn quyn cho ngi udngf v nhm ngi dng hon tt qu trnh ci t. Mn hnh tip theo cho php bn la chn phn hi d liu qua mng t mt Domain Controller hoc xy dng c s d liu Active Directory t mt file. Vic to c s d liu Active Directory t mt file rt hu dng trong trng hp c s d liu ln v kt ni chm. Nu khng bn ch cn phn hi d liu ny qua mng. Ri nhn nt Next.
Hnh 10: La chn ngun phn hi d liu Active Directory. Sau s xut hin mn hnh yu cu bn la chn mt i tng phn hi cho Domain Controller. Tt nht bn nn Windows la chn i tng phn hi nu khng s dng Domain Controller nh mt i tng phn hi. Khi click vo nt Next, bn s thy mn hnh hin th yu cu ch nh a ch lu tr c s d liu Active Directory. Sau khi la chn nhn tip Next. Sau bn s nhn c thng bo nhp mt khu cho Directory Services Restore Mode. Bn hy nhp mt khu ri nhn tip Next. Sau danh sch ty chn c la chn trong qu trnh ci t s hin ln. Nu mi ci t chnh xc, bn hy click vo nt Next bt u qu trnh thng cp Domain Controller. Khi qu trnh hon thnh bn hy nhn nt Finish v khi ng li my ch.
BI 6:Windows Server Backup Feature I. Gii thiu: Khi thm tnh nng Windows Server Backup Features v cc thnh phn cp di, cn ci t cc cng c sau: Windows Server Backup Microsoft Management Console (MMC) snap-in Wbadmin command-line tool Windows PowerShell cmdlets for Windows Server Backup ci t Windows Server Backup, c th s dng mt trong 3 phng php sau: S dng Server Manager S dng Servermanagercmd.exe S dng PowerShell ci t Windows Server Backup, ng nhp vo my tnh bng ti khon Administrator hoc ti khon c cp quyn qun tr. I. Yu cu: Ci t Windows Server Backup Features. III. Tin hnh ci t: ci t Features cc bn xem li bi S dng Server Manager trong Windows Server 2008. - M Server Manager - Kch Features - Kch Add Features
- Trong trang Add Features Wizard, cun chut xung di v chn Windows Server Backup features. Kch Next.
- Trong trang Confirm Installation Selections, kch Install.
- Khng cn khi ng li server sau khi thit lp xong
WINDOWS SERVER CORE 2008 GII THIU:
Ty chn ci t Server Core installation ca h iu hnh Microsoft Windows Server 2008 l mt ty chn mi cho ci t trong Windows Server 2008. Ty chn ny cho php ci t mt s Role cn thit cho h thng, bn c th qun l cc Server Core dch v trn bng giao din Command Line, ngoi ra, bn c th qun l Server Core t xa bng cng c MMC hoc cc cng c Remote Administration c tch hp trong Windows Vista va Windows Server 2008 Ty chn Server Core installation ca Windows Server 2008 mang li cc li ch di y: Gim bt cng vic bo tr do Server Core ch ci t nhng dch v cn thit nh DHCP, File, Print, DNS, Media Services, AD LDS hay Active Directory server Gim b mt tn cng do Server Core s dng giao din ti thiu, c t cc dch v v ng dng chy trn Server Gim s qun l do c t ng dng v dch v c ci t trn Server Gim khng gian a cn thit do Server Core ch yu cu khong 1GB khng gian a trng ci t v xp x 2GB cho cc hot ng sau khi ci t. Ty chn ny cn h tr cc role my ch sau y: - Active Directory Domain Services - Active Directory Lightweight Directory Services (AD LDS) - Dynamic Host Configuration Protocol (DHCP) Server - DNS Server - File Services - Print Server - Streaming Media Services - Web Server (IIS) Ngoi ra Server Core cn h tr cc Feature sau y: - Microsoft Failover Cluster - Network Load Balancing - Subsystem for UNIX-based Applications - Windows Backup - Multipath I/O - Removable Storage Management - Windows Bitlocker Drive Encryption - Simple Network Management Protocol (SNMP) - Windows Internet Naming Service (WINS) - Telnet client - Quality of Service (QoS) Trong bi Lab ny, ti s trnh by mt s thao tc c bn ci t mt my tnh Server Core, nng cp Server ny thnh Domain Controller v DNS Server, gia nhp mt my tnh s dng Windows Server 2008 Server vo domain v s dng cc cng c tch hp trong Windows Server 2008 qun l Active Directoty v DNS t xa. CHUN B:
- My tnh ci t Server Core - My tnh Member Server c ci t Windows Server 2008 THC HIN: Khi ng t a DVD ci t Windows Server 2008
Chn cc thng s v ngn ng, nh dng ngy gi v bn phm
Nhn nt Install Now
B du Check Automatically activate Windows when Im online > Next
Nhn No
Chn Windows Server 2008 Enterprise (Server Core Installation) > I have selectedthe edition of Windows that I purchased > Next
Chn I accept the license term
Chn Partition mun ci t Windows > Next
Qu trnh sao chp cc file cn thit v ci t bt u
Sau khi ci t, bn cn Restart my, nhn nt Restart Now
Sau khi Restart my, bn nhn Other User v nhp UserName: Administrator log on
H thng s yu cn i Password ln Logon ny > Nhn OK
Nhp Password mi l 123 khung New Password v Confirm New Password
H thng thng bo: Password c thay i > OK
Giao din Windows Server Core 2008:
PHN 2: T IP ADDRESS V I TN MY TNH
u tin bn cn xem ID ca Card mng bng lnh sau:
Quan st ID Card mng ct Idx l 2 bn cn t IP Address cho Card mng ny. Sau nh lnh IPCONFIG v Ping 192.168.2.200 kim tra
nh lnh hostname xem tn hin ti ca my tnh, sau i tn my tnh thnh DC25 theo cc lnh bn di, cui cng dng lnh shutdown restart my tnh
Sau khi Restart, tt Firewall cc my tnh khc c th lin lc vi Server ny
PHN 3: NNG CP SERVER THNH DOMAIN CONTROLLER: Chnh thng s Prefered DNS Server thnh IP chnh mnh (192.168.2.25)
Dng lnh IPCONFIG /ALL kim tra:
nh lnh CD\ chuyn ra th mc gc Dng lnh Copy Con C:\Unattend.txt to 1 file vn bn tn l Unattend.txt c ni dung nh sau: Code: [DCINSTALL] ReplicaOrNewDomain=Domain TreeOrChild=Tree CreateOrJoin=Create NewDomainDNSName= dom25.com DNSOnNetwork=yes DomainNetbiosName=dom25 AutoConfigDNS=yes SiteName= Default_First_Site_Name
AllowAnonymousAccess=no DatabasePath=%systemroot%\ntds LogPath=%systemroot%\ntds SYSVOLPath=%systemroot%\sysvol SafeModeAdminPassword=P@ssword CriticalReplicationOnly=No RebootOnSuccess=Yes File ny cung cp y cc thng tin phc v cho qu trnh nng cp t ng (trong v d ny, ti nng cp Server ny thnh 1 Domain Controller, t tn domain l dom25.com, cu hnh t ng ci t v cu hnh DNS), Thc hin nng cp bng lnh sau:
Qu trnh nng cp s t ng din ra, kt thc qu trnh, Server s t ng Restart, sau khi Restart. Server ny tr thnh Domain Controller ca domain dom25.com PHN 4: JOIN DOMAIN Thc hin trn Member Server 1. t a ch IP Click phi vo My Network Places > Properties
Chn Manage network connections Click phi vo biu tng Card mng > Properties
Chn Internet Protocol Version 4 (TCP/Ipv4) > Properties
t thng s IP nh hnh di > OK
Nhn Close
2. Join Domain: Click phi My Computer > Properties
Chn Change Settings
Nhn nt Change
Chn Domain > Nhp tn domain: dom25.com
Nhp User Name: Administrator, Password:123 OK
Cng vic Join Domain din ra thnh cng
Nhn OK chp nhn Restart my
Nhn Close
Nhn Restart Now
BI 8:DHCP Server Gii thiu Dynamic Host Configuration Protocol (DHCP) bn cht l mt dch v c s h tng c trn bt k mt h thng mng no nhm cung cp a ch IP v thng tin DNS server ti cc "PC client" hay mt s thit b khc. DHCP c s dng gip bn khng phi n nh a ch IP tnh cho tt c cc thit b c trong h thng mng ca mnh v gip bn qun l mi vn m a ch IP tnh c th to ra. Qua tng thi k, DHCP ngy cng pht trin c th thch hp trong tng dch v mng mi ging nh "Windows Health Service" hay "Network Access Protection (NAP)". Tuy nhin, trc khi bn c th s dng n tim kim cc tin ch th v m DHCP mang li cho mnh, trc ht bn cn ci t v cu hnh cc c tnh c bn. Sau y, hy xem hng dn v tin hnh nhng g bn cn lm. Ci t "Windows Server 2008 DHCP Server" Vic ci t "Windows Server 2008 DHCP Server" thc t l vic d dng. Cc bn cng bit rng DHP Server hin ti "ng vai tr" l Windows Server 2008 - tc khng phi l thnh phn windows nh n trong qu kh. Do , lm c iu chng ta ang ni y , bn cn c h thng "Windows Server 2008" c ci t v cu hnh cng vi mt a ch IP tnh. Bn cnh bn cn cn bit phm vi a ch IP cho mng ca bn, v nh vo n bn s kim sot c cc "PC client", a ch IP DNS Server hay cc cng vo mc nh. B sung thm mt iu na, bn cng cn phi c mt d n cho tt c cc mng li lin quan, nhng phm v no bn mun xc nh, hay lit k to ra nhng s loi tr nht nh. V c y nh th, bn mi lm tha mn nhu cu ca chnh mnh. Bt u qu trnh ci t DHCP, bn c th click Add Roles t ca s Initial Configuration Tasks hay t Server Manager Roles Add Roles
HNH 1: Thm mi mt Role trong Windows Server 2008 Khi bn Add Roles Wizard, bn c th click Next hin th trn mn hnh trong ca s ci t sau. Tip theo, bn chn DHCP Server Role m bn mun thm vo v click Next
HNH 2: Chn DHCP Server Role Nu bn khng c mt a ch IP tnh gn cho server ca mnh, bn s nhn c mt thng bo rng bn s khng th tip tc tin hnh qu trnh ci t DHCP vi mt a ch IP ng. Do , n im ny, bn s bt u cp nht thng tin cho IP mng bao gm: thng tin v phm vi v thng tin v DNS. Nu bn ch mun ci t server DHCP vi khng mt cu hnh no cho b ch bo hay cc thit t cn c, bn c th ch click Next m khng cn bn tm g n cc cu hi c c trong tin trnh ci t. Trn mt phng din khc, bn c th ty chn cu hnh Server DHCP ca mnh phn ci t ny. Trong trng hp ca ti (tc ch bi vit gc), ti nm bt thi c ny cu hnh mt vi thit t c bn cho IP v cu hnh phm vi DHCP ca ti trc. Hin ti ang hin th mng lin kt kt ni ca ti v c ngh phi xc minh n.
. HNH 3: Network connection binding trn c ni ti mt ngh t "wizard", v ni dung ca n l: "Giao din bn mun cung cp trn dch v DHCP l g ?". Khng bit cc bn nh no, nhng y ti chn mc nh v click Next. Tip theo, ti cng nhp vo Parent Domain, Primary DNS Server, and Alternate DNS Server ca ti (nh bn thy bn di) v click Next
HNH 4: Nhp tn domain v thng tin DNS Ti chn NOT s dng WINS trn mng ca ti v click Next. Sau , ti iu chnh cu hnh phm vi mt DHCP cho Server DHCP mi, Ti cng chn cu hnh phm vi mt a ch IP ca 192.168.1.50-100 theo 25+ PC Client trn gii hn mng ca ti. lm c iu ny, ti click Add thm vo mt phm vi mi. Nh cc bn thy bn di, ti vit li tn Scope WBC-Local, cu hnhstarting v ending IP addresses thnh 192.168.1.50-192.168.1.100, subnet maskthnh 255.255.255.0, default gateway thnh 192.168.1.1, type of subnet vactivated phm vi ny.
HNH 5: Thm mi mt DHCP Scope Quay tr li mn hnh Add Scope, ti click Next v thm vo mt "new scope" ( mt DHCP Server c ci t). Ti chn Disable DHCPv6 stateless mode cho server ny v click Next. Sau , ti cu hnh DHCP Installation Selections ca ti (minh hon theo hnh nh di) v click Install.
HNH 6: Confirm Installation Selections Sau ch mt vi giy, DHCP Server c ci t v ti nhn thy thnh qu ca ti nh hnh di y
HNH 7: Windows Server 2008 DHCP Server Installation c ci t thnh cng Ti click Close ng li ca s ci t, sau chng ta hy chuyn sang mc lm th no c th qun l c DHCP Server mi ny.
Lm th no qun l Windows Server 2008 DHCP Server mi ca bn ? Tng t nh qu trnh ci t, vic qun l Windows Server 2008 DHCP Server cng tht d dng. Hy quay tr li Windows Server 2008 Server Manager, bn di Roles, ti click ln mc mi l DHCP Server.
HNH 8: DHCP Server management trong Server Manager Trong khi ti khng th qun l uc nhng phm vi ca DHCP Server v cc client ti y, ci m ti c th lm l qun l cc s kin, dch v v nhng ti nguyn lin quan n s ci t DHCP Server. Nh vy, y l mt v tr tt i n vic kim tra trng thi ca DHCP Server v nhng bin c g xy ra xung quanh n. Tuy nhin, tht s nh hnh DHCP Server v quan st nhng g client thu c t a ch IP, ti cn phi tin ti DHCP Server MMC. lm c iu ny, ti s Start Administrative Tools DHCP Server, nh y:
HNH 9: Starting the DHCP Server MMC Khi m rng ngoi, MMC a ra rt nhiu cc c tnh. V y l nhng g chng ta thy c t n:
HNH 10: Windows Server 2008 DHCP Server MMC
DHCP Server MMC a ra IPv4 & IPv6 DHCP Server bao gm tt c thng tin v scopes, pools, leases, reservations, scope options, v server options. Nu ti i su vo pool address v cc ty chn scope, ti c th nhn thy cc cu hnh m ti thit lp khi ng ci t DHCP Server. Phm vi a ch IP l , v v th DNS Server v cc cng vo l mc nh.
HNH 11: DHCP Server Address Pool
HNH 12: DHCP Server Scope Options Chng ta s khng th bit c nhng g lm trn c thnh cng hay khng ngay sau khi thit lp xong, v th chng ta cn kim tra tnh kh thi ca n. V sau y, l hng dn cc bn kim tra s hot ng. Lm th no kim tra Windows Server 2008 DHCP Server ca chng ta ? kim tra, ti cn c mt Windows Vista PC Client trn cng h thng mng hin ti nh Windows Server 2008 DHCP server. an ton, ti khng c thit b khc trn h thng mng ny. Ti g IPCONFIG /RELEASE sau l IPCONFIG /RENEW v kim tra rng ti nhn c mt a ch IP t DHCP server mi ny cha. Bn c th xem hnh di y
HNH 13: Vista client nhn a ch IP t DHCP Server mi y, ti ng thi tin n Windows 2008 Server ca ti v xc nhn Vista client mi c a vo danh sch ng vai tr nh mt client trn DHCP Server. Thc t hy kim tra bng hnh nh bn c nhn thy di y:
Cui cng: Win 2008 DHCP Server c Vista client c lit k trong Address Leases
BI 9: DNS Server 1/- Gii thiu v DNS Server V cch thc hot ng, DNS Server lu tr mt c s d liu bao gm cc bn ghi DNS v dch v lng nghe cc yu cu. Khi my trm gi yu cu phn gii n, DNS Server tin hnh tra cu trong c s d liu v gi kt qu tng ng v cho my trm. Trn cc phin bn trc nh Windows 2000 Server hay Windows Server 2003, bn quen thuc vi chc nng ny. i vi Windows Server 2008, cch thc ci t v cu hnh c m t chi tit ngay sau y. 2/- Ci t DNS Server ci t DNS Server, bn thc hin cc bc nh sau : 1/- M ca s Server Manager. Trong khung Roles Summary bn phi, bn bm Add Roles. 2/- Trong mn hnh Select Server Roles, chn DNS Server v bm nt Next.
Khi chy Add Roles Wizard
Chn dch v DNS Server 3/- Trong mn hnh DNS Server, bn s c c hi tip cn vi thng tin gii thiu tng quan v dch v cng tn. ng thi, bn cng nn c k phn ch (Things of Note) nm r nhng khuyn co trong khi trin khai dch v ny. Sau , bm nt Next.
Thng tin tng quan v DNS Server 4/- Trong mn hnh Confirm Installation Selections, bn xem li cc thit lp va thc hin v bm ntInstall bt u ci t. 5/- Sau khi tin trnh ci t kt thc, trong mn hnh Installation Results, bn s nhn c thng bo"Installation succeeded". Bm nt Close hon tt thao tc ci t.
Xc nhn li cc thit lp thc hin trn dch v
Tin trnh ci t dch v DNS Server hon thnh 3/- Cu hnh DNS Server i vi DNS Server, thng thng bn nn xy dng ng thi hai h thng, l DNS Server chnh (Primary) v DNS Server d phng (Secondary) dng chung mt c s d liu. Theo phng php ny, bn s hn ch kh nng dch v DNS b ngng khi c s c xy ra trn h thng. 3.1/- Cu hnh DNS Server chnh cu hnh DNS Server chnh, bn thc hin cc bc sau : 1/- M ca s DNS Manager bng cch bm vo menu Start\Programs\Administrative Tools, chnDNS.
2/- Kch chut phi ln mc Forward Lookup Zones, chn New Zone.
To zone mi 3/- Trong mn hnh Welcome, bm nt Next.
Khi chy Zone Wizard 4/- Trong mn hnh Zone Type, bn chn Primary zone cu hnh DNS Server chnh. Sau , bm ntNext.
Chn loi zone ph hp 5/- Trong mn hnh Zone Name, bn nhp tn zone vo mc Zone name, v d thuvien-it.net. Sau , bm nt Next.
Nhp tn zone 6/- Trong mn hnh Zonle File, bn chp nhn gi tr mc nh v bm nt Next.
To hoc ch nh zone file 7/- Trong mn hnh Dynamic Update, bn c th cm hoc cho php DNS Server ny chp nhn cc my trm cp nht thng tin mt cch t ng. m bo an ton cho h thng, bn nn chn Do not allow dynamic updates. Sau khi hon thnh, bm nt Next.
Cho php hoc cm my trm cp nht thng tin t ng 8/- Trong mn hnh Completing, bn xem li thng tin v DNS Server v bm nt Finish hon thnh thao tc cu hnh DNS Server chnh.
Hon thnh thao tc cu hnh DNS Server chnh Vi cc bc va thc hin trn, bn cu hnh chc nng forward (chuyn tn my thnh a ch IP) trn DNS Server chnh. Tip theo, bn s cu hnh chc nng reverse, chuyn a ch IP thnh tn my. Cc bc thc hin nh sau : 1/- Kch phi chut ln mc Reverse Lookup Zones, chn New Zone.
To zone mi 2/- Trong mn hnh Welcome, bm nt Next. 3/- Trong mn hnh Zone Type, bn chn Primary cu hnh chc nng reverse trn DNS Server chnh. Sau , bm nt Next.
4/- Trong mn hnh Reverse Lookup Zone Name, bn chn th loi a ch IP l Ipv4 hoc Ipv6 v bm nt Next. 5/- Tip theo, bn in network IP ca mnh v bm nt Next.
To reverse lookup zone vi Ipv4
in network ID 6/-Trong mn hnh Zone File, bn chp nhn gi tr mc nh nhm to ra mt file dng lu cc bn ghi DNS cho zone ny, bm nt Next.
To hoc ch nh zone file 7/- Trong mn hnh Dynamic Update, bn chn Do not allow dynamic updates v bm nt Next. 8/- Trong mn hnh Completing, bn bm nt Finish han thnh thao tc cu hnh chc nng reverse trn DNS Server chnh. 3.2/- Cu hnh DNS Server d phng 1/- M ca s DNS Manager bng cch vo menu Start/Programs/Administrative Tools, chn DNS. 2/- Kch chut phi ln mc Forward Lookup Zones, chn New Zone. 3/- Trong mn hnh Welcome, bm nt Next. 4/- Trong mn hnh Zone Type, bn chn Secondary zone cu hnh DNS Server d phng. Sau , bm nt Next.
Chn loi zone ph hp 5/- Trong mn hnh Zone Name, bn nhp tn zone tng t nh trn DNS Server chnh v bm ntNext.
Nhp tn zone 6/- Trong mn hnh Master DNS Servers, bn ch nh a ch IP ca cc DNS Server chnh. Sau , bm nt Next.
in a ch IP ca cc DNS Server chnh
7/- Trong mn hnh Completing, bn xem li thng tin v DNS Server v bm nt Finish hon thnh thao tc cu hnh DNS Server d phng. 3.3/- ng b d liu gia DNS Server chnh v DNS Server d phng ng b d liu gia DNS Server chnh v DNS Server d phng, bn cn cu hnh chc nng Zone Transfers trn DNS Server chnh. Cc bc thc hin : 1/- Trn ca s DNS Manager ca DNS Server chnh, bn kch chut phi vo tn zone, chnProperties. 2/- Trong hp thoi Properties, trn tab Zone Transfers, bn kch chn Allow zone transfers v nh du mt trong ba ty chn tng ng ngay bn di. Nu chn Only to servers listed on the Name Servers tab, bn cn b sung a ch ca DNS Server d phng vo danh sch Name Server ti tabName Servers.
M ca s Properties trn DNS Server chnh
Kch hot ty chn cho php ng b d liu 3/- Sau khi b sung a ch IP ca cc DNS Server d phng vo danh sch Name Servers, bn bm nt OK hon thnh thao tc cu hnh.
in a ch IP ca cc DNS Server d phng 4/- B sung cc bn ghi DNS vo DNS Manager Trong : Host (A) : l bn ghi gm tn my v a ch IP tng ng, v d webserver.thuvien-it.net <-> 172.16.1.1. Alias (CNAME) : l bn ghi dng b danh, cho php nhiu tn cng nh x n mt a ch IP, v d www.thuvien-it.net -> webserver.thuvien-it.net <-> 172.16.1.1. Mail Exchanger (MX) : l bn ghi dnh cho cc Mail Server tng ng vi domain, v d mail.thuvien-it.net -> mailserver.thuvien-it.net <-> 172.16.1.2. Nu mun tng tc vi cc loi record cn li, bn chn Other New Records m hp thoi Resource Record Type.
Cc loi bn ghi DNS Trong phn ny, bn s thao tc vi ba loi bn ghi DNS thng dng. Cc bc thc hin nh sau : 1/- Trong ca s DNS Manager, kch chut phi ln tn zone hoc vng trng tng ng bn phi, chnNew Host (A or AAA) to mt bn ghi Host. 2/- Trong hp thoi New Host, bn nhp tn my vo mc Name. Cng lc , tn y ca my s hin th mc Fully qualified domain name (FQDN). Tip theo, bn nhp a ch IP ca my ny vo mcIP address. Nu mun to ra mt bn ghi DNS phn gii ngc (reverse) tng ng, bn nh du chn vo mc Create associated pointer (PTR) record (bn ghi reverse c dng chuyn i ngc a ch IP thnh tn my). Sau khi in xong, bm nt Add Host.
To mt bn ghi DNS loi Host 3/- Khi thng bo thnh cng xut hin, bn bm nt OK.
Bn ghi DNS c to thnh cng 4/- Trong hp thoi New Host tip tc xut hin ngay sau , bn bm nt Done kt thc thao tc to bn ghi Host. Nu mun tip tc, bn lp li cc thao tc va nu trn vi cc bn ghi khc. 5/- to mt bn ghi Alias, kch chut phi ln tn zone hoc vng trng tng ng bn phi, chnNew Alias (CNAME). 6/- Trong hp thoi New Resource Record, bn nhp tn bn ghi Alias vo mc Alias name. Cng lc , tn y ca tn record s hin th mc Fully qualified domain name (FQDN). Tip theo, bn nhp tn y ca my tng ng vo mc Fully qualified domain name (FQDN) for target host. Nu khng nh, bn bm nt Browse tm ra tn my cn thit. Sau khi in xong, bm nt OK.
To mt bn ghi DNS loi Alias 7- to mt bn ghi Mail Exchanger, kch chut phi ln tn min hoc vng trng tng ng bn phi, chn New Mail Exchanger (MX). 8/- Trong hp thoi New Resource Record, bn nhp cc thng tin cn thit v bm nt OK. 9/- Ngoi ra, nu mun to cc bn ghi phn gii ngc, bn kch chut phi ln tn zone trong mcReverse Lookup Zones hoc vng trng bn phi tng ng, chn New Pointer (PTR).
To mt bn ghi DNS loi Mail Exchanger
Chn loi bn ghi DNS phn gii ngc 10/- Trong hp thoi New Resource Record, bn nhp a ch IP vo mc Host IP address, ng thi nhp tn my vo mc Host name. Nu khng nh, bn bm nt Browse tm ra tn my cn thit. Sau khi in xong, bm nt OK.
To mt bn ghi DNS phn gii ngc 5/- Cu hnh a ch DNS Server trn my trm cu hnh a ch DNS Server trn my trm, bn m ca s Network Connections v truy cp vo hp thoi Internet Protocol (TCP/IP) Properties. Ti y, bn chn Use the following DNS server addresses. Tip theo, nhp ln lt a ch IP ca DNS Server chnh v DNS Server d phng vo cc mcPreferred DNS server v Alternate DNS server, sau bm nt OK.
Cu hnh a ch DNS Server trn my trm 6/- Loi b DNS Server loi b DNS Server khi h thng, bn tin hnh cc bc sau : 1/- M ca s Server Manager. Trong khung Roles Summary bn phi, bn bm Remove Roles. 2/- Trong mn hnh Remove Server Roles, bn b du chn mc DNS Server v bm nt Next.
B chn mc DNS Server 3/- Trong mn hnh Confirm Removal Selections, bn xem li thng tin v server m mnh sp loi b, sau , bm nt Remove. 4/- Trong mn hnh Removal Results, bn bm nt Close. 5/- Khi thng bo "Do you want to restart now" xut hin, bn chn Yes khi ng li h thng. 6/- Khi nhn c thng bo "Removal succeeded" trong mn hnh Removal Results, bn bm nt OK hon thnh thao tc loi b DNS Server.
BI 10: WEB SERVER I. Gii thiu: - IIS 7.0 l phin bn mi nht cho web server ca Microsoft. IIS c trong Windows Server t khi Windows 2000 Server vi t cch l mt thnh phn ca Windows v t Windows NT th l mt ty chn. IIS 7.0 hin c cung cp trong Windows Vista v Windows Server 2008, h iu hnh my ch c d nh s pht hnh vo u nm 2008. IIS 7.0 l mt phin bn c xem xt mt cch t m trong thit k t kinh nghim ca cc phin bn trc. Phin bn 7.0 ra i to mt nn tng linh hot v an ton nht cho vic cu hnh web v cc ng dng. - IIS 7.0 c thit k tr thnh mt nn tng Web v ng dng linh ng v an ton nht cho Microsoft. Microsoft thit k li IIS t nhng nn tng c trc v trong sut qu trnh pht trin, nhm thit k IIS tp trung vo 5 lnh vc ln: Bo mt Kh nng m rng Cu hnh v trin khai Qun tr v chun on Hiu sut II. Ci t v cu hnh IIS: 1. Ci t: -Chn Server Manager ti ng dn : Start Menu Server Manager (hoc c th chn : Start Menu Administrative Tools Server Manager).
- Trong Roles chn Add Roles
- Tick chn Web Server (IIS) mc Roles. ChnNext. -IIS services ci t cc dch v cn thit cho ng dng ca bn (ASP.NET c tick chn
thm): - Nhn install bt u qu trnh ci t.
- Kim tra dch v web va ci t lm vic, ta vo trnh duyt g http://localhost.
2. Thm mt website: - u tin ta to th mc cha trang web mi
- Vo Server Manager chn Roles - Web Server (IIS) - Internet Information Server- Pha bng Connections , chn sites - Add Web Site.
- in thng tin cn thit v trang web (tn, ng dn, v.v..). - Khi chn ok s xut hin 1 thng bo rng binding *:80 c ng k bi 1 site khc. - Lc ny ta cn stop trang Default Web Site mc nh li v start trang web va to lnLab - Kim tra trang web va to hot ng, ta cng vo browser g http://localhost.
3. Ci t dch v qun tr t xa ca IIS: a. Ci t: - Vo Server Manager Trong Roles mc Role Services chn Add Role Service.
- Tick chn Management Service.
-Ci t hon tt.
b. Kch hot dch v: - Vo Start - All Programs Administrative Tools - Internet Information Services (IIS) Manager. -Chn Managerment Service.
- Tick chn Enable remote connections v start dch v.
-Click Yes save v chnh thc start dch v.
- Lc ny ngi qun tr c th ng nhp vo h thng t xa thng qua dch v trn .
BI 11: FTP Server 1.gii thiu FPT Server: FTP File Transfer Protocol : Giao thc truyn file. FTP l mt giao thc truyn file trn mng da trn chun TCP nn rt ng tin cy! I / File Transfer Protocol (FTP) - Giao thc truyn ti file, thng c gi l FTP, l cng c qun l files gia cc my. FTP cho php truyn v ti files, qun l th mc, v ly mail. FTP khng c thit k truy nhp v thi hnh files, nhng n l cng c tuyt vi truyn ti files.
- FTP dng 2 knh TCP. TCP cng 20 l knh d liu, v cng 21 l knh lnh. FTP khc vi tt c ng dngTCP/IP l phi dng 2 knh, cho php gi lp truyn ti lnh v d liu ca FTP. N cng khc cc giao thc khc mt chc nng quan trng : FTP truyn ti files Foreground, so vi giao thc khc Background. Hay ni cch khc, FPT khng dng Spoolers hay Queues, do vy vic truyn ti thc hin bng thi gian thc. - Trong FTP, c 2 knh tn ti gia 2 my gi l Protocol Interpreter, hay PI, v Data Transfer Process, hay DTP. Cu trc truyn ti PI dng knh lnh 21 TCP, v truyn ti d liu DTP trn knh d liu 20 TCP. - FTP gn ging Telnet trong cch dng chng trnh my ch chy lin tc v ngt qung chng trnh chy trn my khch. Trn h thng UNIX, cc chng trnh c goi l ftpd v ftp. II / Lnh ca FTP - Trc khi xem lm th no dng FTP truyn files, bn nn xem cc lnh ca giao thc ny. - Tng t lnh ca Telnet, nhiu lnh ch dng cho giao thc v khng dng cho ngi dng (mc dAdministrators i khi dng lnh FTP g ri v chn on). - Lnh ni b ca FTP gm 4 k t ASCII cch nhau bi newline character. Nhiu lnh cn phi c tham s. Mt li ch chnh dng k t ASCII cho lnh l ngi dng c th quan st cc lnh chy v hiu c n. N gip ch cho qu trnh g ri. N cng m rng kin thc v giao tip trc tip vi FTP server component (ftpd). - Thng tin dng lnh :

ascii : chuyn sang ch truyn file theo dng vn bn binary : chuyn sang ch truyn file theo dng nh phn cd [directory] : chuyn vo th mc directory
cdup : chuyn ln th mc cp trn mt cp cdup : chuyn ln th mc cp trn mt cp close : ngt kt ni vi my ch del [remote-file] : xa 1 file trn my ch dir [remote-directory|file] : lit k ni dung ca th mc hoc danh sch cc file trn my ch help [command] : cho bit hng dn v lnh command lcd [local-directory] : t li th mc lm vic trn client l local-directory ls [remote-directory|file] [-la] :lit k ni dung ca th mc hoc danh sch cc file trn my ch; tham s -la s lit k tt c c km theo m t v quyn mdelete [remote-files] : xa nhiu file trn my ch mget [remote-files]: download cc files trn my ch v mkdir : to th mc c tn directory-name mput [local-files] : upload cc files ln my ch open host [port] : kt ni n my ch FTP c hostname l host v ang chy dch v FTP cng port put [remote-file]: upload local-file ln my ch vi tn mi l remote-file nu c pwd : cho bit th mc ang lm vic hin thi quit : thot recv [local-file]: nhn remote-file trn my ch v lu trn my tnh vi tn local-file nu c rename [from] [to] : i tn file hoc th mc from thnh to rmdir directory-name : xa th mc c tn directory-name send local-file [remote-file] : gi local-file t my tnh ln my ch vi tn mi l remote-file nu c status: cho bit trng thi ca phin lm vic hin ti syst : cho bit h iu hnh ca my ch user user-name [password] [account] : login vo vi tn l user-name, mt khu l password, ti khon l account
- FTP cng dng cc m n gin bo tnh trng truyn ti. Mi return code l s c 3 ch s, s u tin bo thi hnh thnh cng (s u tin l 1, 2, hay 3) hoc tht bi (s u tin l 4 hay 5). S th 2 v 3 din gii chi tit thm tnh trng.
Quote First Digit Description 1 Action initiated. Expect another reply before sending a new command. 2 Action completed. Can send a new command. 3 Command accepted but on hold due to lack of information. 4 Command not accepted or completed. Temporary error condition exists. Command can be reissued. 5 Command not accepted or completed. Reissuing the command will result in the same error (dont reissue).. Reissuing the command will result in the same error (dont reissue). Quote Second Digit Description 0 Syntax error or illegal command 1 Reply to request for information 2 Reply that refers to connection management 3 Reply for authentication command 4 Not used 5 Reply for status of server - FTP cho php truyn files nhiu dng khc nhau, ty thuc h thng. H thng chnh (bao gm h thng UNIX) ch c 2 ch : text v binary. Nhiu h thng mainframe h tr EBCDIC, nhiu trang c nhng dng t nh ngha tng tc truyn ti trong mng ni b (c th dng 32- hoc 64-bit words). - Truyn ti dng Text dng k t ASCII phn cch bi k t carriage-return v newline characters, trong khi truyn ti binary truyn cc k t khng c nh dng. Binary mode nhanh hn text v cho php truyn tt c gi tr ca ASCII (cn thit cho cc file non-text). Trn nhiu h thng, FTP bt u text mode, mc d nhiu nh qun tr h thng thit lp FTP binary mode mc nh cho s tin li ca ngi dng. - Trc khi truyn ti files bng FTP, phi chc chn dng ng dng truyn. Truyn ti binary file bng ASCII mode s thnh mt ng rc Hi nh qun tr h thng nu cha r mode, hoc xem kt qu tr li ca FTP bit mode. 2.cai t Hon ton khng phi b mt ln rng Microsoft cha tng c sn phm FTP server tt nht, khi so vi cc i th cnh tranh khc trong lnh vc thng mi my ch FTP. Mc d Microsoft lun c FTP Server trong hu ht tt c cc phin bn trc ca IIS v Windows Server, nhng h lun thiu rt nhiu cc tnh nng my ch FTP nng cao. Tuy nhin lc ny Microsoft vt qua c rt nhiu vn , vi phin bn mi ca FTP Publishing Service, phin bn c pht hnh chnh thc khi Windows Server 2008 c ra mt. Dch v mi ny c vit li ton b, ging nh IIS 7.0 v n ch cung cp cho IIS 7.0. Ti sao li c hai my ch FTP v s khc nhau gia n l g?

u tin n l mt nng cp minor v kh ging vi FTP Service c trong IIS 6.0. Th hai FTP Service l mt phin bn mi c ci thin, c cung cp nh mt bn download v ch cho IIS 7.0.
Bi ny ca chng ti s tp trung vo phin bn mi c ci thin ca FTP Publishing Service ny. FTP Service mi c nhiu tnh nng cho php cc nh thit k web d dng publish cc ni dung v n cng cung cp nhiu ty chn bo mt v trin khai hn i vi cc qun tr vin. N cng c sn cho Windows Server 2008 c hai phin bn 32-bit v 64-bit.
Nhng im mi FTP Publishing Server mi gm c rt nhiu tnh nng v cc ci thin. Di y chng ti s ch ra mt s ch mi chnh v m t mt trong s cc nng cao mi ny.
S tch hp vi IIS 7.0 FTP service mi ny c tch hp mnh vi giao din qun tr hon ton mi v kho lu tr cu hnh ca IIS 7.0
H tr cho cc chun Internet mi FTP service mi h tr FTP trn SSL, cng c bit n nh FTPS hoc FTP/SSL v s dng chng ch kha cng (SSL/TLS). Bn khng nn nhm ln n vi SFTP hoc FTP trn SSH, y hon ton l mt chun khc hin khng h tr bi Microsoft FTP Publishing Service. N cng h tr cc ci thin khc nh UTF8 v IPv6.
Chia s hosting FTP service mi c ci thin v c tch hp hon ton vo IIS 7.0, n c th cu hnh FTP v cc ni dung web t cng mt site bng cch add mt FTP binding (kt ni FTP) vo mt website ang tn ti. Dch v FTP cng c s h tr cho hostname o, dch v ny lm cho n c th hosting nhiu site FTP trn cng mt a ch IP. N cng ci thin c s cch ly ngi dng dng thng qua cc th mc o.
Kh nng m rng Dch v FTP mi ny c h tr kh nng m rng (API), tnh nng ny lm cho n tr nn d dng hn i vi cc hng phn mm trong vic vit cc ty chnh cho vic chng thc FTP. Logging Vic logging ca FTP c ci thin v nng cao gp tt c lu lng FTP vo cc file bn ghi Cc tnh nng khc phc s c IIS 7.0 c mt s tnh nng khc phc s c mi, nh Event Tracing cho Windows (ETW), dch v FTP h tr tnh nng ny cng vi vic cung cp cc thng bo x l li chi tit v cc thng bo n ngi dng cc b, cng l mt ty chn mi cho IIS 7.0.
Cc iu kin tin quyt cho vic ci t FTP Publishing Service mi hin c cung cp mt cch min ph di dng mt modul c th download t IIS.net DownloadCenter. Mt s iu kin tin quyt cn cho phi bo m trc khi tip tc ci t FTP Publishing Service.

Bn phi ang s dng Windows Server 2008 IIS 7.0 phi c ci t
Nu bn mun qun l cc dch v FTP mi bng giao din IIS 7.0 th phi ci t IIS Management Console. Phi ng nhp vi quyn qun tr vin Cu hnh chia s ca IIS 7.0 phi c v hiu ha trn mi nt trc khi ci t dch v mi ny, v n c th c kch hot tr li sau khi dch v ny c ci t xong. Dch v FTP c trong Windows Server 2008 phi c g b trc khi ci t dch v FTP mi ny
Ci t Trong hng dn tng bc ny chng ti s gii thiu cho cc bn cch ci t dch v FTP trn mt my ch Windows Server 2008 mi. Lu chng ti ch gii thiu n phn ci t FTP ch khng cp n cc dch v ca IIS 7.0.

Download phin bn FTP Service mi t lin kt trn Chy chng trnh download vi quyn qun tr vin ci t hoc ci t bng mt trong hai lnh di y: - x86 version: msiexec /i ftp7_x86_rtw.msi - x64 version: msiexec /i ftp7_x64_rtw.msi Cc bc ny rt quan trng v User Account Control (UAC) thng ngn chn bn thc hin vic truy cp file applicationHost.config. Khi chng trnh ci t bt u, bn kch Next:
Hnh A: Ci t bt u
Chp nhn EULA v kch Next:
Hnh B: EULA
Chn cc ty chn bn mun ci t v kch Next:
Hnh C: Chn cc tnh nng ci t Cc tnh nng ci t c m t:
Common files Cung cp cc file chung cho Microsoft FTP Service for IIS 7.0, nh file lc cu hnh FTP,
cc file ny c yu cu trn tt c cc my ch FTP ang s dng nt cu hnh chia s.
FTP Publishing Service FTP Publishing Service, thnh phn li cn thit cho FTP lm vic v yu cu Process Model ca tnh nng Windows Process Activation Service c ci t.
Managed Code Support H tr cho cc tnh nng m c sn. Tnh nng ny c yu cu khi cc tnh nng m c sn nh ASP.NET users hoc IIS Manager Users, s c s dng vi FTP. Tnh nng ny mang tnh ty chn v s khng lm vic khi chy Windows Server 2008 trong ch Server Core.
Administration Features H tr vic qun tr bng IIS Manager, giao din ngi dng (UI).Tnh nng ny yu cu phi c the IIS Manager v .NET 2.0 Framework c ci t.
Bt u ci t, kch Install:
Hnh D: Bt u ci t
Kch Read notes xem readme v kch Finish:
Hnh E: Ci t kt thc Xc nhn FTP Service c ci t bng cch kim tra xem Microsoft FTP Service c ang chy khng v trong IIS Manager kim tra phn FTP mi vi tt c cc thnh phn qun l cho FTP Service.
Hnh F: Phn FTP trong IIS Manager Mc nh my ch FTP s kha v khng chp nhn cc yu cu FTP. T bn trong IIS Manager bn hon ton c th d dng publish mt FTP mi hoc add mt FTP Publishing vo website tn ti.
Vi mc ch bo mt ngi dng, FTP Service h tr s nc danh, th khng c khuyn khch v cng c hai cch chng thc ngi dng FTP ca bn:
Windows Authentication Ngi dng c t trong Active Directory hoc khu vc lu tr ngi dng ni b trong my ch FTP chuyn dng.
IIS Manager Authentication y l mt tnh nng mi, ni IIS Manager c s dng cho qun tr vin ngi dng v tt c ngi dng c add bng IIS Manager, vic chng thc c qun l bi b cung cp IISManagerAuth mi.
BI 12: Print Server YU CU: - My Domain Controller phi l Windows Server 2003 R2 hoc Windows Server 2008 - Client s dng Windows XP, Windows Server 2003 hoc Windows Vista CHUN B: M hnh 3 my - Server (Windows Server 2008): Domain Controller nhatnghe.local, Print Server v Print Management - PC01 (Windows Vista): join domain nhatnghe.local - PC03 (Windows Server 2003): join domain nhatnghe.local To OU, User v move Computer vo OU tng ng
CC BC THC HIN:
B1: Ci t Print Management B2: Ci t Printer B3: Deploy Printer cho Users B4: Deploy Printer cho Computer B5: Cu hnh Group Policy B6: Client kim tra TRIN KHAI: B1: Ci t Print Management Trong ca s Server Manager, phi chut vo Roles chn Add Roles
Hp thoi Select Server Roles > check vo Print Services
Hp thoi Select Role Services ch chn vo Print Server > Install Vo Administrative Tools > khi ng Print Management
B2: Ci t Printer trn Print Server
Install Printer Canon LBP-1260
Chn Add a local printer
Install Printer HP Laser Jet 5
Kim tra
B3: Deploy Printer cho Users M Print Management, phi chut vo my in s deploy cho users V d: My in Canon LBP-1260 s deploy cho Users
Nhn vo Browse
Chn OU
To Group Policy Object
Name: Deploy Printer for Users
Chn GPO nh hng n users
Nhn Add
Kim tra kt qu
B4: Deploy Printer cho Computers M Print Management, phi chut vo my in s deploy cho Computers V d: My in Canon HP Laser Jet 5 s deploy cho Computers
Nhn vo Browse
Chn OU
To Group Policy Object
Name: Deploy Printer for Computers
Chn GPO nh hng n Computers
Nhn Add
Kim tra kt qu
B5: Cu hnh Group Policy Chn GPO Deploy Printer for Computer
Chn Computer Configuration > Policies > Windows Settings > Scripts
Copy file PushPrinterConnections.exe t ng dn %windir%\system32
Chn Add
Chn GPO Deploy Printer for Users
Chn User Configuration > Policies > Windows Settings > Scripts
Copy file PushPrinterConnections.exe t ng dn %windir%\system32
Chn Add
B6: Client kim tra Client s dng Windows Vista, logon vo user Administrator ch thy my in HP
Logon vo user U1, c thm my in deploy cho Users l Cannon
Client s dng Windows Server 2003, logon vo user Administrator ch thy my in HP
Logon vo user U2, c thm my in deploy cho Users l Cannon
BI 13:File Services I.Tng quan dch v File Services:
- File Services l mt dch v mt role my ch trn Windows Server 2008, cung cp cho ngi qun tr cc k thut qun l dung lng lu tr (storage),c ch backup d liu bng phng thc to bn sao ca d liu server khc (replication) , qun l ti nguyn , chia s, h trowjcacs my tnh *NIX truy cp ti nguyn h thng Windows . Vi dch v ny bn d dng trin khai cc chc nng . File Services Resource Manager : cu hnh quota, to file screen v lp lch to ra storage report. Distributed File Systems : trin khai h thng file phn tn . Services for Network File System : trin khai cc dch v cho php chia s file gia Windows Server 2008 vi cc h thng *NIX Windows Search Service : Trin khai dch v cho php my client tng tc tm kim file trn server Window Server 2003 File Services: trin khai File Services dnh cho cc my tnh chy h iu hnh Windows Server 2003 II. Tng quan File Server Resource Manager: - File Server Resource Manager l tp hp cc cng c cho php ngi qun tr c th hiu, iu khin v qun l d liu trn cc server chy h iu hnh Windows Server 2008 mt cch hiu qu. Vi cng c ny , bn c th cu hnh quota trn c a v th mc, ngn cm sao chp nhng nh dng m bn ch nh, ng thi xut ra cc bo co gim st hot ng ca ngi dng trn khng gian lu tr . - Vi File Server Resource Manager , bn c th thc hin c cc cng vic sau To quota trn a hoc th mc gii hn dung lng cp cho ngi s dng., ng thi gi mail hoc thng tin cnh bo khi ngi dung t n hoc vt qu gii hn quota cho php . T ng sinh ra v cp pht quota cho tt c cc th mc con tn ti hoc nhng th mc con mi to ra trn mt a hoc mt th mc . To cc file screen ch nh th loi file m ngi d dng c th lu tr, ng thi gi thng tin cnh bo khi ngi s dng c gng cc th loi file khng c cho php. nh ngha cc teamplate cho quota v file screen d dng v nhanh chng p dng vi nhng a v th mc mi . Xut ra cc bo co, gim st tnh trng s dng lng a nh k hoc theo nhu cu.
III. Ci t dch v File Server Resource Manager:
- Vo Server Manager Roles Add Roles Next.
-Vo hp thoi Server Roles chn File Services chn Next.
-Hp thoi Select Role Servies bm chn File Sever Resource Manage Next
-Hp thoi Configure Storage Usage Monitoring chn a bn cn theo di v xut bo co.
- Hp thoi Set Report Option cho php chn ni ct report v cu hnh cch thc gi report qua mail cho bn Next .
-Hp thoi Confirm Installation Selections xem li thng tin cu hnh cui chn Install ci t dch v .
- Ci t hon tt chn Close thot .
-Sau vo Admin tools hoc Server Manager File server resource manager kim tra kt qu ci t .
IV.Cu hnh dch v : 1. Cu hnh cc option ca File Server Resource Manager : - Chut phi File Server sresource manager Configure Options .
- Tab Email Notifications. Trong tab ny s cu hnh v mail nhn report bao gm a ch : SMTP server Email s nhn (Default administrator recipients) V gi vi a ch no (Default Frome-mail address)
- tab Nofication Limts cho php gii hn thng tin gi v mail mc nh tt c l 60 .
- tab Storage Reports cho php tinh chnh cc tham s s gi v theo Report .
- tab Report Locations cho php thay i ng dn cha cc file report :
-File screen audit kch hot chc nng ghi nhn li cc thng bo cc hnh ng khi chc nng file screen hot ng .
2.Cu hnh Quota: - Vo File Server Resource Manager Quota Management chut Quotas Create Quota .
- Hp thoi Create Quota. Nhn browse chn th mc, a mun quota Quota path. Ban u mc nh s c nhng quota templates sn cho chng ta s dng mc Derive properties from th quota template bn c th ty chn s dng hoc chn Define custom quota properties chng ta t to nh ngha quota ring , y chng ta s to quota ring stick Define custom quota properties Custom Properties Custom Properties
- Hp thoi Quota Properties ... +Space Limit:
Limit:dung lng gii hn cho php user dung khi s xy ra hai hnh ng Hard Quota khi t ti limit cm user chp thm d liu Soft quota khi t gii hn vn cho php user chp thm d liu nhng s c report ghi nhn . +Sau khi cu hnh xong OK v li trang Creat Quota
- Kim tra li thng s Create quota
-Lc ny hp thoi Save custom properties as a template . Hp thoi hi chng ta c lu quota ny nh mt template hay khng nu khng save nh mc nh OK hon tt.
3.Cu hnh screen : -Bc u tin l to mt file group cha cc kiu file bn mun cm thao tc -Chut phi File Group Create File Group
-Hp thoi Create Group Properties hin ra. in tn ca file group.in ui file vo mc Files to include (nhng kiu file chp nhn) hoc mc Files to exclude (nhng kiu file loi tr) ri Add. y hi kh hiu nh, thc ra ch n gin l bn mun cm kiu file th mc Files to include cn khng mun cm, loi tr kiu file no th mc Files to exclude .
-Bm OK hon tt .
-By gi chng ta s quay tr li vn chnh l to File sreen
Chut phi Files Screen Create File Screen
-Chn th mc a cn p screen ri stick Define custom file screen properties Custom Properties .
-Chng ta c hai hnh ng chnh l Active Screening tc dng khng cho user save nhng file nh ngha v hai l Pasive Screening cho php user dung nh bnh thng nhng s ghi nhn log .Sau chng ta chn file Group mi va nh ngha hoc c th to thm bng cch nhn nt OK Create
4.Lm vic vi report : a) Export ra file report v nhng ghi nhn h thng : - Chut phi Storage Reports Management Generate Reports Now.
-Hp thoi Storage Reports Task Properties . Gm 3 bc : Add th mc, a cn xut thng tin log Chn loi report s xut mc Report data Chn loi file report s xut ra mc Report formats Cui cng l OK xut report
b) To lch s t ng xut report : - Chut phi Storage Reports Management Schedele a New Report Task
- tab Settings chn th mc , a s to report .Chn cc loi s xut report sau l chn kiu file report s xut ra .
Tip theo l tab Delivery chng ta s nhp email nhn report ny .
-Qua tab Schedule Create Schedule New sau thit lp ngy gi to report cho ci task
ngy OK OK .
BI 14:Group Policy
I.
Starter GPOs l g?
Starter GPO. Vi Starter GPO bn c th c kh nng lu cc mu c bn s dng khi to mi cc i tng Group Policy (GPO). Cc mu ny c th c export sang cc mi trng min khc, cho php bn c c kh nng linh hot cao. Khi m GPMC 2.0 bn c th s thy mt mc cha mi (trng rng) c tn "Starter GPOs". Mc ny c th gi nhng g m ti gi l cc mu nhm mc ch to cc GPO mi - vi hn ch rng ch c cc thit lp Administrative Templates c cung cp - t Computer Configuration v User Configuration. Cc thit lp nh Software Settings (ci t phn mm) v Windows Settings (cc kch bn, chnh sch ti khon, quyn ngi dng, cc chnh sch hn ch phn mm,...). khng c trong Starter GPOs, xem trong hnh 1.
Hnh 1: Cc thit lp t Administrative Templates
Khi to cc GPO mi, bn c th chn s dng Starter GPO nh mt Source Starter GPO (hay cn gi l mu) d dng cho vic to a GPO vi cng mt cu hnh c s, xem hnh 2.
Hnh 2: Source Starter GPO
Mt GPO mi s gm c tt c cc thit lp chnh sch Administrative Templates t Starter GPO, chng s c s dng nh mt mu trong sut qu trnh to v cc tnh nng b sung m thng thng chng ta c bn trong cc GPO (nh cc thit lp bo mt Security Settings, ). Mi th ngoi cc thit lp chnh sch Administrative Templates
sau phi c to t nhiu bc phc hp khc nh phin bn hin nay vn ang phi lm. y im gi tr ca cc mu Advanced Group Policy Management (AGPM). Mc d vy, sn phm khng nm trong phm vi ca bi ny nn chng ti s gii thiu cho cc bn vo mt dp khc trong cc bi khc. Th mc mi trong SYSVOL Nu y l ln u tin bn mun kim tra hoc s dng Starter GPOs, bn s phi kch hot tnh nng trong cc min c lin quan n n. Vn ny c thc hin bng cch kch chut vo nt
Create Starter GPOs Folder hoc ch cn kch chut phi vo mc Starter GPOs v chn New, xem hnh 3. Ty chn sau s to cho bn mt th mc Starter GPOs.
Hnh 3: S dng ln u tin Hp thoi New Starter GPO s xut hin, yu cu bn nhp vo tn v ch thch, xem hnh 4.
Hnh 4: To mt Starter GPO mi
Lu rng, bt c th g bn nh vo trong trng Comment s c k tha n bt c GPO no c to vi Starter GPO ny nh mt ti nguyn gc. Vn bn s c ghi li vi t cch l comment ca GPO. Khi bn kch hot ln u tin Starter GPOs trong min, s c mt th mc c tn "StarterGPOs" c to ra bn trong th mc SYSVOL vi ng dn di y: \\domain.com\SYSVOL\domain.com\StarterGPOs y l ni tt c tr o thut c thc hin (xem hnh 5)
Hnh 5: Th mc StarterGPOs trong SYSVOL Vi mi Starter GPO mi to, bn s thy mt th mc mi bn trong th mc ny - mi th mc ny s c mt GUID duy nht (ging nh cc GPO thng thng). V vy khi bn to mt GPO mi vi Starter GPO ng vai tr ngun th qu trnh COPY n gin s c thc hin bn di kch bn. Cc th mc con v cc file bn di th mc Starter GPOs GUID c copy vo th mc \\domain.com\SYSVOL\domain.com\Policies\ [SomeNewGUID] (mt GUID duy nht to trong qu trnh), n lc ny bn hy chun b trin khai mt GPO mi.
Hnh 6: Chun b to mt GPO mi, nhng khng to t bt k ng hn n no Khi kch chut phi vo Starter GPO, xem hnh 6, bn c th chn to New GPO From Starter GPO. Khi s xut hin hu ht cc hp thoi ging nhau khi bn chn to mt GPO mi t mc Group Policy Objects (xem hnh 4) - hoc khi kch chut phi vo mt n v t chc - Organizational Unit (OU), hoc bn thn min v chn ty chn: Create a GPO in this domain, and Link it here... ch lc ny hp chn Source Starter GPO mi b v hiu.
Hnh 7: Source Starter GPO chuyn sang mu xm
Cabinet v nhng th bn trong
C nhng th rt th v m bn c th export cc mu GPO (Starter GPOs) sang file Cabinet (.CAB) v sau import cabinet ny vo mt mi trng khc hon ton c lp vi domain/forest ngun! Chnh v vy lc ny bn c th to mt Starter GPO hon ho, export n (xem nt Save as Cabinet trong hnh 8) v sau mang n ra bn ngoi, chia s n vi cc bn ca bn, trn Website ca bn, trin khai n trn tt c cc h thng m bn c th gi quyn kim sot,. Sau qu trnh import c thc hin rt d dng (xem nt Load Cabinet trong hnh 8), bn hy chun b to cc GPO mi vi Starter GPO ng vai tr
c s.
Hnh 8: Ti v Lu file Cabinet
Nu bn cng t m nh ti, th c th rt mt vi tt c nhng g bn trong file .CAB. Hy cho php ti gii p mi bn tm ca bn: mi file s gm c ti thiu 2 (nu khng c cu hnh) n 6 file nn, ph thuc vo nhng thit lp g bn cu hnh trong Starter GPO ring:
Tn file StarterGPO.tmplx
Ni dung Gm c GUID, thng tin phin bn, tn, m t(nh dng XML)
File ny lun lun nm trong file CAB Report.html Bo co cc thit lp c to ra v bao gm nh mt di dang file HTML cho mi export. c thc hin nhm to tham chiu d dng v ti liu xem xt.
File ny lun lun nm trong file CAB
Machine_Registry.pol
Mt phn Computer Configuration (CC) ca GPO
File ny ch c hin din nu c bt k thit lp no ca CC c hin din trong Starter GPO. User_Registry.pol Mt phn User Configuration (UC) ca GPO
File ny ch c hin din nu bt k thit lp no ca UC c hin din trong Starter GPO. Machine_Comment.cmtx Gm c cc comment (ch thch) c to trn cc thit lp bn trong phn CC ca Starter GPO (nh dng XML).
File ny ch c hin din nu c ti thiu mt thit lp CC c ch thch c lin kt vi n. User_Comment.cmtx Gm c cc comment (ch thch) c to trn cc thit lp bn trong phn UC ca Starter GPO (nh dng XML).
File ny ch c hin din nu c ti thiu mt thit lp UC c ch thch c lin kt vi n.
Bng 1
Mt hn ch i vi vic export Cabinet l bn ch c th export mt Starter GPO trn mt file Cabinet. V vy th tc ny khng c tip qun t mt th tc backup thng thng, vn ny s c gii thiu trong phn tip theo.
Cc Backup Starter GPO tch bit
Bn phi to mt qu trnh backup tch bit cho cc Starter GPO. iu ny l bi v chng khng c backup thng qua phng php GPMC "Backup All" m bn c th thc hin vi cc GPO thng thng nhng chng c mt th tc backup ring. Nu bn kch chut phi vo mc Starter GPOs bn s thy mt ty chn Back Up All. Ty chn ny s backup tt c cc Starter GPO (xem hnh 9).
Hnh 9: Backup tt c Starter GPO cng mt lc
Nu bn ch kch chut phi vo Starter GPO trong panel bn phi ca GPMC th s thy ty chn Back Up. Ty chn ny s to mt backup ch cho ring Starter GPO ny.
Hnh 10: Chn mt backup cc b
y nhim quyn hn
Cng nh nhiu tnh nng khc ca Windows, bn c th y nhim cc iu khon cho php i vi mt ngi dng hay nhm no . Trong trng hp ny, bn c th y nhim cc cho php to Starter GPO trong min. Vn ny c thc hin t tab Delegation, y l mt tab ch thy khi mc Starter GPOs c chn trong cy menu bn tri, bn trong GPMC (xem hnh 11).
Hnh 11: Tab Delegation cho Starter GPOs
Tab ny phn nh cc iu khon bo mt NTFS tn cc StarterGPOs- th mc bn di SYSVOL (xem phn trn); ch c ngi dng hay cc nhm c y quyn mi hin trong y.
II.
Group Policy Preference
Quay li vo thng 10 nm 2006, Microsoft thu nhn c cng ty DesktopStandard. Mt trong nhng sn phm ni ting ca h, PolicyMaker, hin c a vo trong dng sn phm ca Microsoft vi t cch l mt thnh phn ca Windows Server 2008 v c Remote Server Administration Toolkit (RSAT), thnh phn m chng ti mun gii thiu n cc bn trong phn sau.
Phn mm PolicyMaker c kh nng iu khin v cu hnh mt cch d dng hn, t mt im trung tm, hn nhng g Group Policies thng thng c th. Mt s thit lp u tin (Preference) qu thc chng lp vi cc thit lp chnh sch thc, tuy nhin trong trng hp bn li c s la chn gia mt chnh sch v mt s u tin (Preference). V vy bn c th t ra cu hi: S khc nhau y l g? Mt chnh sch l mt ci g m bn p buc v n
khng th b thay i bi ngi dng cn mt u tin (Preference) l mt vic thit lp m bn thch ngi dng m nhn nhng ngi dng lc ny c th thay i n.
Preference c th c thit lp ch p dng mt ln hoc p dng mi ln Group Policy c refresh (mc nh c 90 n 120 pht mt ln trn cc my khch). Chng ta s quay li nhng vn su hn trong hot ng ny phn tip theo ca lot bi ny. Trong hnh 1 bn s thy mt ci nhn hon ton mi t cng c Group Policy Management Editor, lu chnh sch ca chng ti c tn gi GP Preferences c phn thnh Computer Configuration v User Configuration nh thng l, nhng mi mt nt li c phn thnh hai nt cp thp: Policies (mu ), y l mt thnh phn c trong Group Policy trc y m chng ta bit, Preferences (mu xanh), y l thnh phn cho cc thit lp Group Policy Preference (Windows hoc Control Panel).
Hnh 1: Policies v Preferences
L do Group Policy preferences lm vic v cung cp nhiu tnh nng hn cc thit lp Group Policy ang tn ti l v n c mt phn mm nh m rng cho client, Client Side Extension
(CSE). Phn mm nh ny phi hin din trn cc my khch c qun l i vi Group Policy Preferences n c th lm vic. Nhng g CSE cn l mt phn c xy dng km theo trong Windows Server 2008 nhng phi c ti v v ci t trn Windows XP SP2, Windows Server 2003 SP1 v Windows Vista (Windows 2000 v cc h iu hnh trc n khng c h tr). Gi CSE s c cung cp cho c hai h iu hnh 32 v 64 bit.
Chng ta c th thc hin nhng g vi Group Policy Preferences?
Group Policy Preferences cung cp rt nhiu tnh nng u im cho cc qun tr vin. l nhng th m l ra nn c ngay t nhng ngy u c Active Directory, nhng: mun cn hn khng! Nhiu tnh nng Group Policy Preferences mang n l cc thit lp lm cho mi ngi c th to nhiu hoc cc kch bn t phc tp hn - hoc cc mu qun tr ty thch (cc file ADM/ADMX/ADML) - i vi vn , nh drive v nh x ha my in, cc nhim v copy file, desktop shortcuts, s sng to ca ngun d liu ODBC v c l quan trng nht l cc iu chnh registry c kh nng ty chnh cho c cc ng dng phn mm non-Group Policy! Tuy nhin, Group Policy Preferences cung cp cn nhiu hn nhng g chng ti va lit k trn 4 bng di y s cho bn thy c nhng g cng ngh ny c th mang n. Bng 1 cho chng ta c c mt tng v nhng g Group Policy Preferences c th cung cp lin quan n Windows Settings mc Computer Configuration.
Bng 1: Computer Configuration - Windows Settings
Environmen Cho php bn c th thit lp bin mi trng (Environment) cho t User hoc System. Bn c th to/thay th/nng cp hoc xa cc bin ny - hoc thm ch c nhng bin quan trng nh PATH. Files To/thay th/nng cp hoc xa cc file trn client. Bng cch nh ngha cc file ngun v ch bn c bn copy ging nh mt chc nng. Thm vo bn c th thit lp cc thuc tnh (Read-Only, Folders Hidden & Archive) trn cc file. Cho php bn c th to/thay th/nng cp hoc xa cc th mc trn cc client. Khi thay th hoc xa cc th mc bn c th c nhiu ty chn bo m mi th xy ra theo cch bn mun.
Thm vo bn cng c th thit lp cc thuc tnh (Read-Only, Hidden INI Files & Archive) i vi cc th mc. To/thay th/nng cp hoc xa cc file INI. Bn c th ch nh cc tn thuc tnh v vng ca file cng nh cc gi tr thuc tnh. Cu hnh ny cho php bn c th thay i cc thit lp registry trn my khch - bn chn t Registry Items, Collection Items, v Registry Wizard hng dn thng qua ton b qu trnh. Wizard s cho php bn duyt registry trn cc my tnh t xa chn ng dn chnh m bn mun to/thay th/nng cp hoc xa. Bn c th chn cc kiu gi tr di y: REG_SZ, REG_DWORD, REG_BINARY, REG_MULTI_SZ, v REG_EXPAND_SZ y l mt ci thin ln khi so snh vi qu trnh to cc file ADM ty Network Shares chnh (thng khng h tr tt c cc kiu gi tr registry). Cho php bn c th to/thay th/nng cp hoc xa cc chia s trn client. Bn c th chn tn Share, ng dn Folder, Comment, hn ch ngi dng v thm ch c trng thi bng lit k truy cp. Bn cng c th chn nng cp tt c cc chia s thng thng, tt c cc To/thay th/nng cp hoc xa cc shortcut trn cc client. Bn c th nh ngha Target Type (File System Object, URL hoc Shell Object), Location, Path, Arguments, Start in, Shortcut Keys, Icon, Bng 2 cho bn thy c tng v nhng g Group Policy Preferences cung cp lin quan n Control Panel Settings mc Computer Configuration. Bng 2: Computer Configuration - Control Panel Settings
Registry
Shortcuts
Data Source
T o / t h a y t h / n n g c p h o c x a n g
un d liu h thng hoc ngi dng (User or System Data Sources). Chn t DNS (Data Source Names) c sn, chn Data Source Driver (v d nh Excel, Access, SQL Server), t
Username/Password, v cc thuc tnh, V vy, y l cch n gin to mt kt ni c s d liu (ODBC) trn cc client. Devices iu khin cc thit b trn client bng cch kch hot hoc v hiu ha vic s dng Device Class (GUID) hoc Device Type (GUID) c. Thit lp ny gn ging nh chc nng m chng ta c trong Folder Options Windows Vista. nh ngha kiu file v cc lp c lin quan (v d nh Text Document, VBScript Script File, Windows Installer Package,). Thm vo bn c th cu hnh cc thit lp Class nh Icon, Actions Qun l Local Users v Groups bng vic to/thay th/nng cp hoc xa cc Users hoc Groups. Bn cng c th thay i mt khu, v hiu ha nhng ngi dng cc b v kim sot thnh vin nhm ni b, thit lp cc ty chn mt khu, thit lp ngy ht hn, xa tt c cc thnh vin ca mt nhm (ngi dng hay cc nhm), b sung/xa ngi dng hin hnh Network Options vo/ra mt nhm, i ngi hoc ring mt nhm, To/thay th/nng cptn hoc xa dng mt mng o - Virtual Private Network (VPN) hoc kt ni mng quay s - Dial-Up Network (DUN) nh mt kt ni user hoc all users. Bn cng c th nh ngha cc ty chn quay s hay cc chc nng bo mt (m ha, chng thc, ), cc ty chn cho vic kt ni mng, Power Options Cu hnh Power Options and Schemes cho Windows XP. Power Options c cc thit lp nh: Prompt for password when computer resumes from standby (Nhc nh mt khu khi my tnh thc bt sau ch standby), Enable hibernation (Cho php chc nng ng ng) v cc thit lp nt Power. Power Schemes c th to, thay th, nng cp hoc xa. V vy bn c th
Local Users and Groups
v lm cho n hot ng hiu qu. Printers To/thay th/nng cp hoc xa cc my in - thm ch cc my in TCP/IP. Bn c th nh ngha nhng th nh Name, Port (LPT/COM/USB), IP address, Port Settings (RAW/LPR/SNMP), Schedule d Tasks Vi Scheduled Tasks bn c th chn Name, File (in hnh mt kch bn hoc kh nng thc thi) khi chy, bt k cc thuc tnh Arguments, Start in, Comments, Run as (ch nh ti khon v mt khu ca ngi dng trong min hoc cc b) cho d nhim v c c kch hot hay khng, bn cnh lch trnh (thm ch l a lch trnh) cn c mt s cc thit lp nng cao hn. Immediate Task cung cp hu ht cc chc nng nh cc thit lp khi cp trn, ngoi tr Schedule Immediate Tasks chy ngay Services khi chng c np vi mt chnh sch. Thit lp cc thuc tnh trn Services nh ty chn Startup (No change, Automatic, Manual hoc Disabled), chn Action (No change, Start/Stop/Restart service), thit lp thi gian timeout trong trng hp dch v b kha, thit lp cc thuc tnh ng nhp v khi phc, Bng 3 th hin nhng g m Group Policy Preferences cung cp lin quan n cc thit lp Windows mc User Configuration Printer Path, Location, Comment. To/thay th/nng cp hoc xa Scheduled or Immediate Tasks.
Bng 3: User Configuration - Windows Settings
Applications Chng ti s quay li phn ny trong bi bo sau
Drive Maps To/thay th/nng cp hoc xa cc a mng c nh x (ging nh NET USE). Bn c th chn nh x mt k t a no hoc k t a c sn tip theo.
Mt ty chn cng c cung cp y l Connect As cung cp cc thng tin cn thit nh tn ngi dng v mt khu. Ngoi ra bn cn c th chn n mt a nh x hoc tt c cc . Environmen Cho php bn c th thit lp cc bin mi trng cho User hoc h t thng. Bn c th to/thay th/nng cp hoc xa cc bin ny thm ch c bin quan trng nh PATH. Files To/thay th/nng cp hoc xa cc file trn cc client. Bng cch nh ngha cc file ngun v ch bn s c bn copy nh mt chc nng. Thm vo bn c th thit lp cc thuc tnh (Read-Only, Folders Hidden & Archive) trn cc file. Cho php bn c th to/thay th/nng cp hoc xa cc th mc trn cc client. Khi thay th hoc xa cc th mc bn c th c nhiu ty chn bo m mi th xy ra theo mong mun. Thm vo bn c th thit lp cc thuc tnh (Read-Only, Hidden & INI Files Archive) trn cc th mc To/thay th/nng cp hoc xa cc file INI. Bn c th ch nh cc tn thuc tnh v vng ca file cng nh gi tr thuc tnh. Cu hnh ny cho php bn c th thay i cc thit lp registry trn my khch - bn chn t Registry Items, Collection Items, v Registry Wizard hng dn bn thng qua ton b qu trnh. Wizard s cho php bn duyt registry trn cc my tnh t xa chn ng dn chnh m bn mun to/thay th/nng cp hoc xa. Bn c th chn cc kiu gi tr di y: REG_SZ, REG_DWORD, REG_BINARY, REG_MULTI_SZ, v REG_EXPAND_SZ y l mt ci thin ln khi so snh vi qu trnh to cc file ADM ty Shortcuts chnh (thng khng h tr tt c cc kiu gi tr registry). To/thay th/nng cp hoc xa cc shortcut trn cc client. Bn c th nh ngha Target Type (File System Object, URL hoc Shell Object),
Registry
Location, Path, Arguments, Start in, Shortcut Keys, Icon,
Bng 4 l nhng g Group Policy Preferences cung cp lin quan n Control Panel Settings mc User Configuration
Bng 4: User Configuration - Control Panel Settings
Data Sources
To/thay th/nng cp hoc xa ngun d liu h thng hay ngi dng. Chn t DNS (Data Source Names) c sn, chn Data Source Driver (v d nh Excel, Access, SQL Server), t Username/Password, v cc thuc tnh, V vy, y l cch n gin to mt kt ni c s d liu (ODBC) trn
Devices
cc client. iu khin cc thit b trn client bng cch kch hot hoc v hiu ha vic s dng Device Class (GUID) hoc Device Type (GUID) c. Thit lp ny gn ging nh chc nng m chng ta c trong Windows Cho php Vista. bn thit lp Folder Options cho Windows XP hoc Windows Vista - hoc c th thit lp cc lin kt Open With vi cc m rng ca file cho (v d nh Notepad cho cc file .txt,). Thit lp Folder Options cho Windows XP/Vista c kh nng kch hot hoc v hiu ha cc thit lp nh: Show hidden files and folders (Hin cc file v th mc n), Hide extensions for known file types (n phn m rng cho cc kiu file bit), Hide protected operating system files (n cc file h thng c bo v), Show encrypted or compressed NTFS files in color (Hin cc file NTFS c nn hoc m ha theo mu), Use simple file sharing (S dng vic chia s file n gin), v nhiu hn na trong chng
Folder Options
Internet Settings
Cho php bn thit lp Internet Settings cho Internet Explorer 5, 6 hoc Internet Explorer 7. Mt s thit lp ny c chng lp vi cc thit lp Group Policy thng thng.
Internet Settings bao gm vic thit lp Home Page(s), History trnh duyt, vic duyt tab, Accessibility, mc Security theo tng vng, ngn chn Pop-up, cc chng trnh, thit lp Dial-up/LAN Local Users and Groups Qun l Local Users v Groups bng vic to/thay th/nng cp hoc xa cc Users hoc Groups. Bn cng c th thay i mt khu, v hiu ha nhng ngi dng cc b v kim sot thnh vin nhm ni b, thit lp cc ty chn mt khu, thit lp ngy ht hn, xa tt c cc thnh vin ca mt nhm (ngi dng hay cc nhm), b sung/xa ngi dng hin hnh Network Options vo/ra mt nhm, i ngi hoc ring mt nhm, To/thay th/nng cptn hoc xa dng mt mng o - Virtual Private Network (VPN) hoc kt ni mng quay s - Dial-Up Network (DUN) nh mt kt ni user hoc all users. Bn cng c th nh ngha cc ty chn quay s hay cc chc nng bo mt (m ha, chng thc, Power Options Cu hnh Power v Schemes cho Windows XP. ), cc ty chnOptions cho vic kt ni mng, Power Schemes c cc thit lp nh: Prompt for password when computer resumes from standby, Enable hibernation v cc thit lp nt Power. Power Schemes c th to, thay th, nng cp hoc xa. V vy bn Printers c th to mt k hoch hon ho cho chnh bn, trin khai n n cc To/thay th/nng cp hoc xa cc my in - thm ch cc my in TCP/IP. Bn c th nh ngha nhng th nh Name, Port (LPT/COM/USB), IP address, Port Settings (RAW/LPR/SNMP), Printer Path, Location, Comment. Regional Options Bn thm ch cn c th chn my in mc nh cho ngi dng. Cho php bn thit lp thuc tnh Regional Option Properties - nh xc nh v tr ca ngi dng, nh dng s, tin t, thi gian v ngy.
Schedule d Tasks
To/thay th/nng cp hoc xa Scheduled or Immediate Tasks. Vi Scheduled Tasks bn c th chn Name, File (in hnh mt kch bn hoc kh nng thc thi) khi chy, bt k cc thuc tnh Arguments, Start in, Comments, Run as (ch nh ti khon v mt khu ca ngi dng trong min hoc cc b) cho d nhim v c c kch hot hay khng, bn cnh lch trnh (thm ch l a lch trnh) cn c mt s cc thit lp nng cao hn. Immediate Task cung cp hu ht cc chc nng nh cc thit lp khi cp trn, ngoi tr Schedule Immediate Tasks chy ngay khi chng c np vi mt chnh sch. iu chnh c Start Menu ca Windows XP hoc Windows Vista. Tnh nng ny c tt c cc thit lp bit nh biu tng to/nh, s chng trnh trn menu Start, Display Run, Display Log off,
Start Menu
Nh nhng g bn thy trong 4 bng trn, chng ta c rt nhiu kh nng i vi Group Policy Preferen ces.
Dnh cho nhng ai?
Phn ny c l l quan trng nht v vy bn nn xem k Bn c l rt mong c nhng th nh StarterGPOs, Comments, Search/Advanced Filtering v Group Policy Preferences, vy n ng gi bao nhiu? N qu thc khng t, bn s khng phi ci Windows Server 2008 trn tt c cc Domain
Controllers hay bt thnh phn no tng t - tt c nhng g bn cn y l phi c Windows Vista SP1 sp ti v nhng g c th download mt cch min ph, Remote Server Administration Tools (RSAT) toolkit c ci t. RSAT s c GPMC version 2 v cc phin bn c nng cp cc cng c qun tr m chng ta c trong gi cc cng c qun tr (Administration Tools Pack) cho cc h thng Windows Server trc y. Cc gi CSE s c download hon ton min ph t website ca Microsoft, ch cn trin khai phn mm my khch cho cc my tnh Windows XP SP2 ca bn, Windows 2003 SP1 v Windows Vista (v d bng cch s dng Group Policy Software Installation).
BI 15:Terminal Services 1/- Gii thiu Terminal Services (TS) Terminal Services gip ngi qun tr trin khai v bo tr h thng phn mm trong nhng mng ln (enterprise) mt cch hiu qu. Bn nhanh chng ci t cc chng trnh ln Terminal Server m khng cn ci t trn h thng my trm. Do , vic nng cp v bo tr phn mm tr nn d dng hn. Khi mt ngi dng truy cp mt chng trnh trn Terminal Server, chng trnh s c thc hin trn my ch. Ch c d liu nhp t bn phm, chut v thng tin hin th l c truyn qua mng. Mi ngi dng c mt session ring. Cc session c my ch qun l. Khi s dng Terminal Services trin khai cc chng trnh trn mt Terminal Server thay v trn mi my trm, bn s c c nhng thun li sau : 1/- Nhanh chng trin khai cc chng trnh n cc my trm, nht l trong nhng h thng mng ln. Terminal Services c bit hu ch khi h thng mng ca bn bao gm nhng chng trnh thng xuyn cp nht, trong khi khng thng xuyn s dng hoc kh qun l. 2/- Gim s l thuc vo thit b. Ngi s dng c th truy cp cc chng trnh chy trn Terminal Server t nhng thit b nh my tnh bn thng thng, kiosks, my tnh cu hnh thp, thm ch l nhng h iu hnh khc vi Windows. 3/- Ci thin hiu sut thc thi ca cc chng trnh dnh cho ngi s dng cc vn phng chi nhnh khi truy cp kho d liu trung tm (data-intensive programs). Nhng chng trnh ny i khi khng h tr cc giao thc nhm ti u ha cc kt ni tc thp. V vy, khi trin khai vi Terminal Services, hiu sut thc thi ca cc chng trnh nu trn s tt hn so vi khi trin khai trn mt mng WAN thng thng. Trn Windows Server 2008, Terminal Services c b sung mt s im mi sau : Terminal Services RemoteApp (TS RemoteApp) TS RemoteApp gip bn cu hnh cho php ngi s dng ti cc my trm, truy cp t xa vo cc chng trnh trn my ch v s dng nh th chng ang hot ng ngay trn mi my trm .
Terminal Services Web Access (TS Web Access) TS Web Access cho php bn cu hnh ngi s dng c th dng cc chng trnh trn RemoteApp bng mt trnh duyt. Terminal Services Licensing (TS Licensing) Windows Server 2008 cung cp mt h thng qu l bn quyn dnh cho Terminal Services c tn l TS Licensing. H thng ny qun l cc giy php s dng Terminal Services gi l Terminal Services Client Access License (TS CAL) thnh phn cn thit cho mi thit b hoc ngi dng kt ni n Terminal Server. TS Licensing h tr cc Terminal Services trin khai trn nn Windows Server 2008, Windows Server 2003 hoc Windows 2000 Server. Bn s dng TS Licensing ci t, xut ra v theo di cc TS CAL trn mt Terminal Services License Server (TS License Server). Khi mt my trm (thit b hoc ngi s dng) kt ni n mt Terminal Server, my ch ny s xc nh xem c cn mt TS CAL hay khng. Nu c, Terminal Server s yu cu mt TS CAL t TS License Server. Nu tn ti mt TS CAL thch hp trn TS License Server, TS CAL s c xut ra cho my trm. Lc ny, my trm c th kt ni n Terminal Server. s dng Terminal Services, h thng mng ca bn phi c t nht mt TS License Server. Vi nhng mng nh, bn c th ci t ng thi hai dch v Terminal Server v TS License trn cng mt my ch. Nu h thng mng ln, bn nn ci t hai dch v ny trn hai my ch ring bit. ng thi, bn cng cn phi cu hnh TS License mt cch chnh xc Terminal Server c th chp nht cc kt ni t cc my trm. d dng hn trong vic trin khai, Terminal Services cung cp mt khong thi gian hot ng m khng cn n TS License Server. Trong giai on ny, mt Terminal Server c th chp nhn cc kt ni t cc my trm (unlicensed client) m khng gi yu cu TS CAL n TS License Server. Khong thi gian nu trn s bt u c tnh k t ln u tin Terminal Server chp nhn mt kt ni t my trm, v s kt thc khi s lng ngy cho php b vt qu hoc khi bn mua v ci t TS CAL. di ca khong thi gian ph thuc vo h iu hnh : Windows Server 2008 : 120 ngy.
Windows Server 2003 (R2) : 120 ngy. Windows Server 2003 : 120 ngy. Windows 2000 Server : 90 ngy. Trc khi khong thi gian cho php kt thc, bn phi mua v ci t mt s lng TS CAL tng ng vi s my trm cn kt ni n Terminal Server. ng thi, bn cng cn m bo s ph hp gia Terminal Services license mode c thit lp trn Terminal Server v loi TS CAL trn TS License Server. Terminal Services Gateway (TS Gateway) TS Gateway l mt dch v mi trn Windows Server 2008, cho php ngi s dng (authorized remote users) kt ni t xa n ti nguyn trong mng ni b, bng cch s dng cc thit b kt ni Internet (Internet-connected devices) c th chy chng trnh Remote Desktop Connection (RDC). Ti nguyn trong mng ni b c th l cc Terminal Server hoc Terminal Server vi cc phn mm c cu hnh chy trn RemoteApp hoc cc my tnh kch hot tnh nng Remote Desktop. 2/- Ci t Terminal Services V vy, hai dch v s c chn trong qu trnh ci t l Terminal Server v TS Web Access. Cc bc thc hin nh sau : 1/- M ca s Server Manager. Trong khung Roles Summary bn phi, bn bm nt Add Roles. 2/- Trong mn hnh Select Server Roles, chn Terminal Services v bm nt Next. 3/- Trong mn hnh Terminal Services, bn s c c hi tip cn vi thng tin gii thiu tng quan v dch v cng tn. ng thi, bn cng nn c k phn ch (Things of Note) nm r nhng khuyn co trong khi trin khai dch v ny. Sau , bm nt Next. 4/- Trong hp thoi Add role services and features required for TS Web Access, bn bm nt Add Required Role Services b sung cc thnh phn lin quan n TS Web Access.
Khi chy Add Roles Wizard
Chn Terminal Services
Thng tin tng quan v Terminal Services 5/- Trong mn hnh Select Role Services, chn Terminal Server v TS Web Access. Sau , bm ntNext. 6/- Mn hnh Uninstall and ReInstall Applications for Compatibility thng bo rng bn nn ci t Terminal Server trc khi ci t bt k ng dng no cho php ngi dng truy cp. Sau khi m bo yu cu ny, bm nt Next.
Chn Terminal Server v TS Web Access
Yu cu g b v ci t ng dng 7/- Trong mn hnh Specify Authentication Method for Terminal Server, bn chn mt phng php xc thc ph hp v bm nt Next.
Chn phng php xc thc ph hp 8/- Trong mn hnh Specify Licensing Mode, bn chn mt Terminal Servcies Licensing mode ph hp v bm nt Next. 9/- Trong mn hnh Select User Groups Allowed Access To This Terminal Server, bn b sung cc user hoc group c php truy cp Terminal Server v bm nt Next.
10/- Trong mn hnh Web Server (IIS), bm nt Next ci t IIS Web Server cng vi Terminal Services nhm phc v cho dch v TS Web Access.
Chn mt licensing mode ph hp
B sung user, group c php truy cp Terminal Server
Ci t IIS Web Server 11/- Trong mn hnh Select Role Services, chp nhn cc la chn mc nh ca Web Server v bm ntNext. 12/- Trong mn hnh Confirm Installation Selections, bn xem li cc thit lp va thc hin v bm ntInstall bt u ci t. 13/- Trong mn hnh Installation Results, bn bm nt Close v chn Yes trn hp thng bo Do you want to restart now khi ng li my tnh. 14/- Khi mn hnh Installation Results xut hin tr li, bn s nhn c thng bo "Installation succeeded". Bm nt Close han thnh thao tc ci t.
Chp nhn cc lc chn mc nh ca Web Server
Xc nhn li cc thit lp thc hin trn dch v
Tin trnh ci t Terminal Services hon thnh 3/- Trin khai TS RemoteApp 3.1/- Cu hnh Terminal Server Sau khi ci t Terminal Services, bn cn thc hin mt s thao tc cu hnh trn my ch cha dch v ny (Terminal Server). 3.1.1/- Ci t chng trnh ln Terminal Server Bn ch nn ci t cc chng trnh ln my tnh ng vai tr Terminal Server sau khi ci t Terminal Services. Nu ci t mt chng trnh t gi ci t dng Windows Installer package (.msi), chng trnh s t ng c ci t trong ch Terminal Server Install mode. Nu ci t t cc gi ci t dng khc, bn phi s dng mt trong hai phng php sau ci trong Install mode : 1/- S dng chc nng Install Application on Terminal Server trong Control Panel.
S dng chc nng Install Application on Terminal Server 2/- Trc khi ci t mt chng trnh, bn thc hin lnh change user /install chuyn vo Install mode. Tip n, bn tin hnh ci t chng trnh. Sau khi hon thnh, bn thc hin lnh change user /execute ri khi Install mode. 3.1.2/- Kim tra cc thit lp trn kt ni t xa Mc nh, cc kt ni t xa trn Terminal Server c kch hot sau khi bn ci t Terminal Services. kim tra, bn thc hin theo cc bc sau : 1/- Trong Control Panel, nhp i chut ln mc System. 2/- mc Task, chn Remote settings. 3/- Trong hp thoi System Properties, trn tab Remote, m bo rng Remote Desktop c cu hnh mt cch chnh xc v ph hp vi h thng mng ca bn. Trong trng hp ca mnh, chng ti chn Allow connections from computers running any version of Remote Desktop (less secure).
M ca s System
M hp thoi System Properties
Cho php kt ni t xa 4/- b sung cc user hoc group c nhu cu kt ni n Terminal Server thng qua Remote Desktop, bn bm nt Select Users v chn Add b sung.
Cho php user hoc group kt ni t xa 5/- Khi hon thnh, bn bm nt OK hai ln ng hp thoi Remote Desktop Users v System Properties. 3.2/- Qun l chng trnh trn RemoteApp Sau khi cu hnh Terminal Server, bn c th s dng cng c TS RemoteApp Manager b sung, sa hoc xa cc chng trnh trong RemoteApp Programs List. Thm vo , TS RemoteApp Manager cng cho php bn thc hin cc thao tc nh import hoc export cc chng trnh trong RemoteApp. 3.2.1/- B sung chng trnh vo RemoteApp Programs List mt chng trnh trn RemoteApp sn sng vi ngi s dng, trc tin bn cn phi b sung chng trnh ny vo RemoteApp Programs List. Mc nh, cc chng trnh trong List c cu hnh bn c th truy cp thng qua TS Web Access. Cc bc b sung mt chng trnh nh sau : 1/- M ca s TS RemoteApp Manager bng cch vo menu Start/Administrative Tools/Terminal Services, chn TS RemoteApp Manager. 2/- Trong khung Actions, chn Add RemoteApp Programs.
Ca s TS RemoteApp Manager 3/- Trong mn hnh Welcome, bm nt Next.
Khi chy RemoteApp Wizard 4/- Trong mn hnh Choose programs to add to the RemoteApp Programs list, nh du chn vo cc vung tng ng vi mi chng trnh m bn mun b sung vo RemoteApp Programs List. Nu mun thay i thuc tnh ng vi mt chng trnh c th, bn chn chng trnh v bm nt Properties. Sau khi hon thnh, bm nt Next. 5/- Trong mn hnh Review Settings, bn xem li cc thit lp va thc hin v bm nt Finish. Sau bc ny, cc chng trnh m bn chn s xut hin trong RemoteApp Programs List.
nh du chn cc chng trnh
Xem li cc thit lp
Cc chng trnh xut hin trong RemoteApp Programs List 3.2.2/- Thay i hoc xa mt chng trnh trn RemoteApp thay i cc thit lp trn tt c cc chng trnh trong RemoteApp Programs List, trong khungActions, bn kch chn Terminal Server Settings, TS Gateway Settings, hoc Digital Signature Settings.
Cc tnh nng thit lp trn tt c cc chng trnh thay i cc thuc tnh ca mt chng trnh c th, bn chn chng trnh trong RemoteApp Programs List. Trong khung Actions, kch chn Properties.
Cc tnh nng thit lp trn mt chng trnh c th
Trong hp thoi RemoteApp Properties, bn c th thay i cc thuc tnh nh tn, v tr lu tr, alias ca chng trnh xa mt chng trnh, bn chn chng trnh trong RemoteApp Programs List. Trong khung Actions, kch Remove. Trong hp thng bo xut hin ngay sau , bn chn Yes hon thnh thao tc ny. cc chng trnh trong RemoteApp Programs List c th hin th hoc n trn TS Web Access, bn chn chng trnh trong RemoteApp Programs List. Trong khung Actions, kch Show in TS Web Accesshoc Hide in TS Web Access.
Thay i thuc tnh trn mt chng trnh c th 3.2.3/- Import v Export chng trnh trn RemoteApp Vi TS RemoteApp Manager, bn c th sao chp RemoteApp Programs List v nhng thng tin cu hnh lin quan t Terminal Server ny n Terminal Server khc. Thao tc sao chp c chia lm hai phn : import v export. export RemoteApp Programs List, bn thc hin cc bc nh sau :
1/- Trong ca s TS RemoteApp Manager, ti khung Actions, kch chn Export RemoteApp Settings.
M hp thoi Export RemoteApp Settings 2/- Trong hp thoi Export RemoteApp Settings, bn c hai la chn : - Nu chn Export the RemoteApp Programs list and settings to another terminal server, bn cn nhp tn Terminal Server vo mc Terminal Server name. y l my ch c export n. - Nu chn Export the RemoteApp Programs list and settings to a file , bm nt OK. Trong hp thoi Save As, bn ch nh v tr lu tr file v bm nt Save.
Chn la hnh thc export 3/- Khi hp thng bo Successful xut hin, bn bm nt OK.
Thao tc Export thnh cng import RemoteApp Programs List, bn thc hin cc bc nh sau : 1/- Trong ca s TS RemoteApp Manager, ti khung Action, kch chn Import RemoteApp Settings.
M hp thoi Import RemoteApp Settings 2/- Trong hp thoi Import RemoteApp Settings, bn c hai la chn : - Nu chn Import the RemoteApp Programs list and settings from another terminal server bn cn nhp tn Terminal Server vo mc Terminal server name.
Chn la hnh thc import - Nu chn Import the RemoteApp Programs list and settings from a file , bm nt OK. Trong hp thoi Open, bn ch nh file cn import v bm nt Open. 3/- Khi hp thng bo Successful xut hin, bn bm nt OK.
Thao tc import thnh cng
BI 16: Active Directory Certificate Services 1/ Cu Hnh Trn My Server a/Ci t Certificate Services trn VPN Server - M Server Manager > Nhn phi vo Roles > Add Roles :(Hnh 07)
Hnh 07 - Chn vo Active Directory Certificate Services > Next > Next :(Hnh 08)
- Trong Select Roles Services > Chn thm vo Certification Authority Web Enrollment > Next :(Hnh 09)
- Cc hp thoi tip theo la chn mc nh v t tn CA l: NhatNghe-VPNServerCA :(Hnh 10)
- Tip tc mc nh > Nhn Install > Nhn Close :(Hnh 11)
b/ Cu hnh Server Authentication Certificate - Vo Start > Administrative Tools > Certification Authority - Nhn phi vo Certificate Templates > Manage :(Hnh 12)
- Nhn phi vo IPSEC > Chn Duplicate Template :(Hnh 13)
- Chn Windows Server 2003 Enterprise :(Hnh 14)
- Trong Tab General > t tn cho template l: VPN Reconnect :(Hnh 15)
- Trong Tab Request Handling > Chn Allow private key :(Hnh 16)
- Trong Tab Subject Name > Chn vo Supply in the request > Hp thoi hin ln nhn OK :(Hnh 17)
- Trong Tab Extensions > chn Application Policies > Edit :(Hnh 18)
- Nhn Add > Chn Server Authentication > OK > OK :(Hnh 19 & 20)
- Chn Key Usage > Edit :(Hnh 21)
- Kim tra c chn vo Digital Signature > Cancel > OK :(Hnh 22)
- Trong Certification Authority > Nhn phi vo Certificate Templates > New > Certificate template to issue :(Hnh 23)
- Chn VPN Reconnect > OK :(Hnh 24)
Windows Firewall with Advanced Security 1. Gii thiu v Windows Firewall with Advanced Security Windows Firewall with Advanced Security trn Windows Server 2008 l mt s kt hp gia personal firewall (host firewall) v Ipsec,cho php bn cu hnh lc cc kt ni vo v ra trn h thng. Khng ging nh nhng firewall cc phin bn Windows trc ch s dng Windows Firewall trong Control Panel thc hin cc thao tc cu hnh mc gii hn. Trong Windows Server 2008 b sung mt thnh phn mi c tn gi l Windows Firewall with Advance Security. Cng c ny cho php bn d dng thc hin cc thao tc cu hnh a dng v cao cp trn firewall,nhng im mi ng ch l : 1. iu khin kt ni ra vo trn h thng (inbound v outbound) 2. Tch hp cht ch vi Server Manager.Khi bn s dng Server Manager ci t dch v,firewall s c cu hnh mt cch t ng ph hp vi cc dch v va ci t. 3. Nhng ci tin trong qun l v cu hnh cc chnh sch trn IPsec.ng thi ,IPsec cng c thay bng mt khi nim mi , l Connection Security Rules. 4. Nhng ci tin trong hot ng gim st cc chnh sch trn firewall v Ipsec (Connection Security Rules) . Windows Firewall with Advance Security s dng hai loi rule cu hnh : 1. Firewall rules : dng xc nh kt ni no c cho php hoc b cm 2. Connection Security rules : phc v cho mc ch bo mt ng truyn gia my tnh ny vi cc my tnh khc . Sau khi hon thnh vic xy dng cc rule,bn s da vo cc firewall profile p dng rule cho my tnh.Firewall profile l khi nim dng ch v tr m my tnh kt ni.Trn Windows Server 2008 c ba loi firewall profile sau: 1. Domain : p dng khi mt my tnh c kt ni vo domain 2. Private : p dng khi mt my tnh tr thnh thnh vin ca mng ni b nhng cha kt ni vo domain.
2.To mt Firewall Rules Kch chut phi vo nt Connection Security Rules v chn New Rule.
Trong trang Rule Type, phn New Connection Security Rule Wizard, bn hy chn ty chn Isolation v kch Next.
Trong trang Requirements, chn Request authentication for inbound and outbound connections. Khi bn chn ty chn ny, s thm nh quyn s c yu cu khi my tnh to mt kt ni gi i n mt my tnh khc, v khi my tnh khc to mt kt ni gi n i vi my tnh ny. Nu s thm nh thnh cng th bo mt IPsec s c p dng i vi cc session. Tuy vy, nu thm nh tht bi, cc my tnh s quay tr v cc kt ni khng c thm nh. Kch Next.
Trong trang Authentication Method, bn hy chn ty chn Default. Ty chn ny c quyt nh bi cc thit lp trong IPsec Defaults t Properties ca hp thoi Windows Firewall with Advanced Security m chng ta thy. Chng ta s xem xt cc thng tin chi tit ca hp thoi trong phn mt ca lot bi ny, chnh v vy bn nn kim tra cc thng tin chi tit v cc chnh sch mc nh ca IPsec. Cc thit lp mc nh s s dng thm nh quyn Kerberos. V tt c cc thnh vin min u c th s dng Kerberos cho vic thm nh quyn nn s khng cn bt c th g khi bn cn thc hin trn cc my khch v my ch. C mt s cch thm nh, v d nh chng ch my tnh - Computer Certificate hoc kha tin chia s - preshared key. Tuy nhin phng php an ton nht vn l Kerberos, thm vo na l s dng Kerberos rt d dng i vi cc qun tr vin, chnh l cch r rng nht thc hin.
Kch Next.
Trong trang Profile, remove cc hp kim Private and Public c tch. Bn s khng mun cc my tnh di ng ca mnh phi lo lng v vic cch ly min IPsec khi chng khng nm trong mng. Kch Next.
Trong trang Name, hy t mt tn. Trong v d ny chng ti t tn cho rule l DC Request Security.
KchFinish.
Bn s thy rule trong danh sch cc rule nh c th hin trong hnh bn di. Chng ta vn cha c thc hin vi rule, v phi cu hnh cc a ch IP m rule ny cng p dng. Bn c th thy trong dng hin hnh, rule p dng cho bt c Endpoint 1 v Endpoint 2 no. Cc endpoint c th l mt IP n v mt a ch IP khc, hoc mt ci c th l mt nhm cc a ch IP v endpoint kia l mt a ch IP. Trong v d ny chng ta cn to mt endpoint l tt c cc a ch IP trn mng v endpoint th hai l a ch IP ca domain controller c s dng trong v d ny. Kch chut phi vo DC Request Security Rule vo Properties to cc thay i ny.
Trong hp thoi DC Request Security Properties, hy chn ty chn These IP addresses trong khung Endpoint 2. Sau kch nt Add.
Trong hp thoi IP address, hy t vo a ch IP ca domain controller. Chn ty chn This IP address or subnet v nhp vo a ch IP. Lu rng bn cng c thm cc ty chn khc nh This IP address rangev Predefined set of computers. Ty chn Predefined set of computers cho php bn chn t mt s cc my ch c s h tng, v d nh DHCP, DNS, WINS v gateway mc nh cc my tnh khng th thm nh c th c bi min thm nh vi cc my ch c s h tng. V d s l Macs, Unix, Linux v cc h iu hnh khc c th s dng Kerberos cho vic thm nh. Kch OK.
Bn s thy a ch IP ca DC trong khung Endpoint 2. Kch OK trong hp thoi DC Request Security Properties.
Bn cng s thy a ch IP ca domain controller trong ct Endpoint 2 trn dng DC Request Security
Lc ny DC yu cu chnh sch bo mt ng ch, chng ta c th to rule cch ly min cho my ch v my khch yu cu bo mt khi kt ni n cc thnh vin min khc.
BI 18:WINDOWS POWERSHELL I. Gii thiu Windows PowerShell Windows PowerShell l mt mi trng tng tc mi ca h iu hnh Windows, c bit thch hp vi nhim v qun tr h thng. PowerShell ny gm c mt cng c tng tc trn dng lnh v mt mi trng thc thi script. PowerShell i hi NET Framework 2.0, phin bn hin ti l PowerShell 2.0 c tch hp sn trong phin bn Windows Server 2008 R2. Windows PowerShell bao gm mt khi nim mi l cmdlet, l mt tp hp cc cng c n gin v hu hiu c tch hp trn PowerShell. PowerShell bao gm hn 100 cmdlet c bn. PowerShell cn c kh nng truy cp cc file system, registry v cc kho lu tr khc trn h thng. II. Ci t Windows PowerShell M ca s Server Manager. Trong khung Features Summary bn phi chn Add Features. Tip n mn hnh Select Features -> Windows PowerShell -> Next
Mn hnh Confirm Installation Selections Install
Sau khi tin trnh ci t kt thc, mn hnh Installation Results, chn Close kt thc qu trnh ci t
III. Tp lnh c bn trong Powershell m chng trnh Powershell, vo Start->AllProgram->Window Powershell 1.0
lit k y danh sch cc lnh h tr, s dng lnh help
Tng ng vi mi lnh s c 1 cmdlet.V d lnh dir l alias ca cmd GetChildItem Chy nhng chng trnh ng dng bng cu lnh: Xut kt qu ca cu lnh ipconfig /all t file config.txt. u tin, chng ta kt qu ca lnh ipconfig /all vo file config.txt bng lnh: ipconfig /all >config.txt Sau , chng ta s m ni dung ca file config.txt bng notepad bng lnh:
Notepad config.txt
Tng t, bn th chy nhng lnh khc ri gn n vo tp tin xem th. Ngoi cc lnh quen thuc bn cn c th thc hin cc nhim v qun tr h thng thng thng mt cch d dng v nhanh chng bng nhng cmdlet. V d khc phc mt s c trn my ch , bn thng m ca s Task Manager xem tin trnh no ang chy, ai s dng chng, mi tin trnh bao nhiu RAM v nhng thng tin lin quan khc. Vi PowerShell, bn ch cn s dng cmdlet Get-Process.
Xem thng tin Cpu
Xem thng tin v h iu hnh: Bn g lnh: get-wmiobject -class win32_operatingsystem
Xem thng tin v a : Bn g lnh: get-wmiobject -class win32_logicaldisk
Hin th thng tin ngy gi h thng, s dng lnh Get-Date
Thit lp ngy gi : Set-Date
IV. Windows PowerShell Script Trong phn ny, chng ta s dng Script tao hng lot user trong Active Directory u tin chng ta to file CreatLabUser.ps1 c ni dung sau:
$ErrorActionPreference = "SilentlyContinue"
function Select-FileDialog { param([string]$Title,[string]$Directory,[string]$Filter="CSV Files (*.csv)|*.csv") [System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") | Out-Null $objForm = New-Object System.Windows.Forms.OpenFileDialog $objForm.InitialDirectory = $Directory $objForm.Filter = $Filter $objForm.Title = $Title $objForm.ShowHelp = $true
$Show = $objForm.ShowDialog()
If ($Show -eq "OK")
{ Return $objForm.FileName } Else { Exit } }
$FileName = Select-FileDialog -Title "Import an CSV file" -Directory "c:\"
$ExchangeUsersOU = "OU=ExchangeUsers"
$domain = [System.DirectoryServices.ActiveDirectory.Domain]::GetComputerDomain() $DomainDN = (([System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()).Domains | ? {$_.Name -eq $domain}).GetDirectoryEntry().distinguishedName $final = "LDAP://$DomainDN" $DomainPath = [ADSI]"$final" $cOU = $DomainPath.Create("OrganizationalUnit",$ExchangeUsersOU) $cOU.SetInfo()
$UserInformation = Import-Csv $FileName
$OUPath = "LDAP://$ExchangeUsersOU,$DomainDN" $UserPath = [ADSI]"$OUPath" Write-Host "---------------------------------------------------------------" Write-Host "Creating LAB Users" Write-Host "Version 1.1" Write-Host "---------------------------------------------------------------"
Foreach ($User in $UserInformation){
$CN = $User.samAccountName $SN = $User.Surname $Given = $User.givenName $samAccountName = $User.samAccountName $Display = $User.DisplayName
$LABUser = $UserPath.Create("User","CN=$CN") Write-Host "Creating User: $User.samAccountName"
$LABUser.Put("samAccountName",$samAccountName) $LABUser.Put("sn",$SN) $LABUser.Put("givenName",$Given) $LABUser.Put("displayName",$Display) $LABUser.Put("mail","$samAccountName@$domain") $LABUser.Put("description", "Lab User - created via Script") $LABUser.Put("userPrincipalName","$samAccountName@$domain") $LABUser.SetInfo()
$Pwrd = $User.Password
$LABUser.psbase.invoke("setPassword",$Pwrd) $LABUser.psbase.invokeSet("AccountDisabled",$False) $LABUser.psbase.CommitChanges()
} Write-Host "Script Completed"
Tip theo chng ta to sn 1 file cha thng tin v User cn to: (NewUser.csv) GivenName,Surname,samAccountName,DisplayName,Password
Abdul,Yanwube,Abdul.Yanwube,Abdul Yanwube,Password1 Abiola,Yadav,Abiola.Yadav,Abiola Yadav,Password1 Ada,Worboys,Ada.Worboys,Ada Worboys,Password1 Adam,Woolley,Adam.Woolley,Adam Woolley,Password1 Ade,Woodhead,Ade.Woodhead,Ade Woodhead,Password1 Ahsan,Woodford,Ahsan.Woodford,Ahsan Woodford,Password1 Alasdair,Wood,Alasdair.Wood,Alasdair Wood,Password1 Alf,Witham,Alf.Witham,Alf Witham,Password1 Ali,Winfield,Ali.Winfield,Ali Winfield,Password1 Amelia,Wilson,Amelia.Wilson,Amelia Wilson,Password1 Amer,Wilson,Amer.Wilson,Amer Wilson,Password1 Andrea,Wilson,Andrea.Wilson,Andrea Wilson,Password1 Andrea,Wilsdon,Andrea.Wilsdon,Andrea Wilsdon,Password1 Andrew,Williams,Andrew.Williams,Andrew Williams,Password1 Andrew,Whiting,Andrew.Whiting,Andrew Whiting,Password1 Andrew,White,Andrew.White,Andrew White,Password1 Andy,White,Andy.White,Andy White,Password1 Andy,Whatley,Andy.Whatley,Andy Whatley,Password1 Angela,West,Angela.West,Angela West,Password1 Angela,Wells,Angela.Wells,Angela Wells,Password1
Anisha,Watson,Anisha.Watson,Anisha Watson,Password1 Anita,Warner,Anita.Warner,Anita Warner,Password1 Ann,Walters,Ann.Walters,Ann Walters,Password1 Anna,Walsh,Anna.Walsh,Anna Walsh,Password1 Anne,Walrond,Anne.Walrond,Anne Walrond,Password1 Anthony,Wallis,Anthony.Wallis,Anthony Wallis,Password1 Anthony,Walker,Anthony.Walker,Anthony Walker,Password1 Anthony,Wakefield,Anthony.Wakefield,Anthony Wakefield,Password1 Sau , chng ta thc hin thay i chnh sch thc thi sang RemoteSigned cc Script ni b c th thc thi bng lnh Set- Execusion Policy RemoteSigned
Chng ta s dng lnh ./CreatLabUsers.ps1 m file script va to:
Chng ta chn File cha thng tin cn to User.( NewUsers.csv) Powershell s tin hnh to User da vo thng tin trn file NewUsers.csv
Sau khi s dng lnh gpupdate /force, chng ta vo Active Directory Users and Computer xem kt qu
o ha Hyper-V 1. Gii thiu v Hyper-V Trc y c bit n vi ci tn Windows Server Virtualization v tn m Viridian,Hyper-V l cng ngh o ha server thhmi ca Microsoft v l thnh phn quan trng trong h iu hnh Windows Server 2008.
Hyper-V chnh l cng ngh o ha thhktip da trn hypervisor, khai thc phn cng server 64-bit thhmi. Ngi dng (chyu l doanh nghip) khng cn phi mua thm phn mm khai thc cc tnh nng o ho. Kin trc mca Hyper-V cho php cc nhm pht trin ni b v cc nh pht trin phn mm ca hng thba ci tin cng nghny v cc cng c. Vi Hyper-V, Microsoft cung cp mt nn tng o ha mnh v linh hot, c th p ng nhu cu o ha mi cp cho mi trng doanh nghip (DN). Hyper-V c 3 phin bn Windows Server 2008 64 bit l Standard (mt my o), Enterprise (4 my o) v DataCenter (khng gii hn slng my o). Tuy nhin n htrh iu hnh khch trn c32-bit v 64-bit Cc chc nng chnh ca Hyper-V Bng 1: tm tt cc chc nng cbn trong phin bn Windows Server 2008 Hyper-V v Hyper-V Server 2008. Hyper-V VMs htrch iu hnh guest 32-bit v 64-bit v phn phi n bxl my o v 64GB bnhcho cc server Hyper-V chy trn phin bn Windows Server 2008 Enterprise hay Datacenter. Trong ln ra mt ban u, Hyper-V htr16 bxl v 128 my o. Tuy nhin, mt update sau(KB956710) gia tng htrHyper-V htr n 24 bxl logical v maximum l 192 my o cng lc. 2. Kin trc Hyper-V Hyper-V gm 3 thnh phn chnh: hypervisor, ngn o ha v m hnh I/O (nhp/xut) o ha mi. Hypervisor l lp phn mm rt nhhin din ngay trn bxl (BXL) theo cng nghIntel-V hay AMD-V, c vai tr to cc "partition" (phn vng) m thc th o schy trong . Mt partition l mt n vcch ly vmt lun l v c thcha mt h iu hnh lm vic trong . Lun c t nht 1 partition gc cha Windows Server 2008 v ngn o ha, c quyn truy cp trc tip cc thit bphn cng. Partition gc tip theo c thsinh cc partition con (c gi l my o) chy cc HH khch. Mt partition con cng c thsinh tip cc partition con ca mnh.
My o khng c quyn truy cp n BXL vt l, m chnhn thy BXL c hypervisor cp cho. My o cng chsdng c thit b o, mi yu cu n thit b o s c chuyn qua VMBus n thit b partition cha. Thng tin hi p cng c chuyn qua VMBus. Nu thit bpartition cha cng l thit b o, n s c chuyn tip cho n khi gp thit b thc partition gc. Ton b tin trnh trong sut i vi HH khch. Hyper-V c tch hp sn trong HH Windows Server, v hypervisor mc trc tip n cc lung x l ca BXL, nh vy vic vn hnh my o hiu qu hn so vi kin trc o ho trc y
3. Ci t Hyper-V ci t Hyper-V, bn m cng c Server Manager v kch lin kt Add Roles. Tip theo, trong hp thoi Select Server Roles, bn kch chn vai tr Hyper-V.
Khi mn hnh Installation Results xut hin v yu cu khi ng li my tnh, bn thc hin thao tc ny hon tt tin trnh ci t Hyper-V. Tip theo, bn tin hnh to cc my o trn Hyper-V. thc hin, bn m mn hnh Hyper-V Manager menu Start. Tip theo, bn vo menu File > New > Virtual Machine.
Trong cc bc tip theo, bn in tn my o, ch nh v tr lu tr, ch nh kch thc RAM, chn card mng, to a cng o cho my o ca mnh. Cui cng, trong mn
hnh Completing the New Virtual Machine Wizard, bn bm nt Finish to my o.
Sau khi to xong my o, bn kch chut phi ln my o v chn Connect. Tip theo, trong mn hnhVirtual Machine Connection, bn vo menu Action > Start bt u ci t h iu hnh ln my o. 4.Qun l v cu hnh mng o nh ngha nhng tham s cu hnh my o c bn Trc khi s dng Hyper-V to mt my o mi, bn phi bit nhng tham s cn thit sau: Virtual Machine Name. y l tn mc nh c gn cho folder my o mi, cng nh a cng o mi (VHD) cha nhng file d liu v h iu hnh ca my o mi. y cng l tn my o hin th trong Hyper-V Manager Console. Bn cn p dng mt quy tc t tn cho bit thng tin cn thit trong h thng d dng xc nh chnh xc my o mi. Virtual Machine Processor Allocation. Tham s ny i din cho s lng vi x l o phn b cho my o mi ny. Tham s ny s xem xt nhng yu cu ca h iu hnh khch nhng ng dng c lu tr trn my o, cng nh nhng ng dng chy trn cc my o v h iu hnh ch. Mi phin bn Microsoft Windows Server 2008 Hyper-V v Microsoft Hyper-V Server 2008 u h tr ti a 24 vi x l logic trong my ch Hyper-V (gm 4 chip vt l, mi chip c 6 li), v mi my o s c ti a 4 chip.Mc d tham s ny khng c New Virtual Machine Winzard s dng, nhng bn vn phi nh ngha tham s ny m bo rng my o mi c to trn mt my ch Hyper-V vi s h tr ca nhng ti nguyn ph hp. Virtual Machine Memory Allocation. Tham s ny cho bit dung lng b nh phn b cho my o mi. Qu trnh phn b b nh cn xt n dung lng RAM trn my ch vt l lin quan ti nhng yu cu b nh ca h iu hnh khch mi v cc ng dng c lu tr, cng nh nhng ng dng khc chy trn my o. Microsoft Hyper-V Server 2008 v Windows Server 2008 Standard Edition gii hn phn b b
nh cho my o l 30GB, trong khi Microsoft Windows Server 2008 Enterprise v Datacenter Edition cho php phn b dung lng b nh ti a ln ti 64GB. Virtual Har Disk Size and Location. Nu cn ci t mt h iu hnh khch mi, bn s phi nh ngha kch thc cho a cng o IDE mi. Trong Hyper-V, a cng o IDE (VHD IDE) c th h tr ln n 2040GB. Mc d Hyper-V cng tch hp mt trnh iu khin SCSI (mt thit b o khng xut hin trong nhm thit b vt l) nhng khng th d dng n khi ng mt VHD nu khng ci t mt h iu hnh. Nu khng ch nh mt a cng o mi c luuw tr trong th mc my o mc nh s dng tn ging vi my o v mt phn m rng .vhd, hoc nu mun kt ni ti mt VHD to trc ti my o mi bn s phi nh ngha v tr th mc cha a cng o ri copy VHD trc khi to my o. Virtual Network Connection. Tham s ny khai bo mng o my o mi kt ni ti. Nu mun c lp my o, bn c th ci t khng cho adapter mng o kt ni ti bt k mng o no. Hyper-V cho php thc hin kt ni nhiu mng o s dng kt hp nhng adapter mng o Synthetic v Legacy. Tuy nhin, New Virtual Machine Wizard ch h tr kt ni ti mt mng o duy nht. Installation Method and Media. Hyper-V cung cp mt s phng php ci t mt h iu hnh khch trong my o mi. Bn c th s dng phng tin ci t vt l trong mt a CD/DVD-ROM kt ni c nh x ti CD/DVD-ROM o, mt file ISO Image c th truy cp (cha mt Image ca h iu hnh khch c th khi ng), mt disk image khi ng ja mm o hay ci t qua mng. Khi nh ngha nhng tham s c bn ny chng ta c th s dng New Virtual Machine Wizard trong Hyper-V Manager to mt my o. Khi chy Hyper-V Manager Hyper-V Manager MMC c ci t khi Hyper-V Role c cu hnh trong bn ci t y ca Windows Server 2008. l giao din ha cho php ngi dng qun l v cu hnh my ch v my o Hyper-V. Vo menu Start, bn c th la chn Hyper-V Managert menu Administrative Tools nh trong hnh 1. Trong bn ci t mc nh, bn c th m n bng cch s dng ty chn Run ca menu Start hoc nhp ng dn c:Program FilesHyper-Vvirtmgmt.msc vo ca s Command Prompt.
Hnh 1: M Hyper-V Manager trong Administrative Tools. Trong hnh 2, Hyper-V Manager Console c chia lm ba vng, bng bn tri hin th cc my ch Hyper-V c qun l, bng gia hin th nhng my o hin c v trng thi ca chng cng nh nhng hnh chp hin c v mt khung nhn nh ca console my o khi mt my o c la chn. Bng bn phi cha danh sch cc hnh ng hin c qun l my ch v my o Hyper-V. Danh sch hnh ng my o ch c hin th sau khi mt my o c to hay b sung vo my ch Hyper-V.
Hnh 2: Giao din ca Hyper-V Manager. To my o s dng wizard New Virtual Machine to mi mt my o trc tin chng ta s phi vo bng Actions | New | Virtual Machine nh trong hnh 3. Sau New Virtual Machine Wizard s hin ra, ti y chng ta bt u nhp thng tin cu hnh c bn cho my o c s. Hnh 3: Gi wizard New Virtual Machine trong Hyper-V Manager. Hnh 4 hin th trang Begin You Before ca wizard New Virtual Machine.
y l trang u tin ca wizard New VirtualMachine.
Hnh 4: Trang Begin You Before ca wizard New Virtual Machine. Ti y chng ta s nhn Next chuyn sang trang tip theo. Trn trang Specify Name and Location (ch nh tn v v tr) nh trong hnh 5, chng ta s nhp tn cho my o trong trng Name. Nu khng ch nh v tr lu tr my o trong trng Location, th mc nh my o ny s c a vo folder cu hnh. Nu mun ch nh mt v tr mi cho folder my o bn hy la chn hp chn Store The Virtual Machine In A Different Location (Lu tr my o ny trong mt v tr khc), ri nhp ng dn y ti v tr (v d nhp ng dn D:Hyper-V VMsWin2008). Nu folder ny khng tn ti th n s c wizard to. Cn lu la chn mt v tr lu tr c vng trng cn thit nu mun to mt hay nhiu hnh chp cho my o ny.
Hnh 5: Ch nh tn v v tr lu tr my o. Sau khi nhp thng tin cn thit v click Next, bn s thy trang Assign Memory xut hin nh trong hnh 6.
Hnh 6: Cp pht b nh cho my o. Trong trng Memory, nhp dung lng b nh mun cp pht cho my o mi. Gi tr mc nh 512MB l dung lng b nh ti thiu my o cn s dng. Bn cn
thay th gi tr ny da vo nhng yu t nhc ti trong phn nh ngha nhng tham s cu hnh my o c bn trn. Khi click Next, bn s chuyn sang trang Configure Network. Ti y bn hy la chn mt mng o cu hnh trc kt ni ti my o mi trong menu th xungConnection. Nu mun ci t mt h iu hnh yu cu cp nht bn nn la chn ty chn Not Connected hay kt ni my o ny ti mt mng ring m bo my o vn tch bit cho n khi n c cp nht hon ton.
Hnh 7: Trang cu hnh mng cho my o mi.
Khi click Next trang Connect Virtual Hard Disk s hin th nh trong hnh 8. Ti y chng ta s cu hnh cng my o kt ni ti my o.
Hnh 8: Trang thc hin kt ni cng my o. Khi la chn ty chn Create a Virtual Hard Disk l bn la chn to mt o c th m rng mi kt ni ti my o ny. Bn c th la chn lu tr cng my o mi trong folder mc nh hin th trong hp Location hoc la chn mt folder khc. Trong hpSize, hy nhp dung lng a mun s dng cho my o. V loi cng o mi mc nh l c th m rng nn file ny ch cha nhng nhng thng tin c bn cho ti khi mt h iu hnh c ci t. Hyper-V cp pht vng trng file cho cng my o c th ln n mc ti a c nh ngha trc khi cn thit. Nu to mt cng o kt ni ti my o mi, bn hy la chn la chn ty chn Use An Existing Virtual Hard Disk (s dng mt cng o hin c). Sau click vo ntBrowse duyt tm n v tr folder ri la chn file cng o nhp v tr cho hp Location. Cch khc, bn c th nhp ng dn y v tn file. Nu khng mun kt ni cng o ti my o, hy la chn ty chn Attach A Virtual Hard Disk Later (nh km cng o sau). Khi bn s khng th khi ng my o ngay d to xong. Khi click Next, bn s chuyn sang trang Installation Options xut hin nh trong hnh 9. Ti y bn c th la chn ci t h iu hnh khch trn my o mi hay khng v phng php ci t h iu hnh khch trn my o mi.
Hnh 9: Trang Installation Options. Nu mun to my o mi m khng ci t h iu hnh, hy la chn ty chn Install An Operating System Later (ci t mt h iu hnh sau). V d ny s s dng mt ISO Image ca h iu hnh Microsoft Windows Server 2008. Do chng ta s phi la chn ty chn Install An Operating System From A Boot CD/DVD-ROM (ci t h iu hnh t mt CD/DVD-ROM khi ng), v hp Image File (.iso) s hin th v tr ca file ISO. Hoc la chn ty chn Physical CD/DVD Drive kt ni cc phng tin vt l ti my o mi. Nhng phng tin vt l ny s hin th trong CD/DVD-ROM o c t ng cu hnh trong my o mi ny. Nu cn ci t h iu hnh khch t mt Floppy Disk Image, hy la chn ty chnInstall an Operating System From a Boot Floppy Disk. Cn nu la chn ty chn Install an Operating System From A NetworkBased Installation Server, bn phi m bo rng my o cng c kt ni mt my o cung cp ng dn giao tip ti bn ci t my ch. Sau click Next chuyn sang trang Completing the New Virtual Machine Wizardnh trong hnh 10.
Hnh 10: Trang hon thnh ca wizard ta mi my o. Ti trang ny bn c th kim tra li nhng ty chn la chn trc v nhng thng tin nhp trc khi to my o. Mc nh, my o ny s khng c khi ng sau khi Hyper-V khi to. Tuy nhin bn c th la chn ty chn StartThe Virtual Machine After It Is Created (khi chy my o sau khi c to) nu mun khi chy my o ngay sau khi to thnh cng. Khi click Finish, Hyper-V s bt u tin trnh to mi my o. Khi tin trnh to hon thnh, bn c th quay tr li Hyper-V Manager v thay i cu hnh trc khi chy my o v bt u ci t h iu hnh. 5. Qun tr Hyper-V t xa Sau khi ci t Hyper-V trn Server, bncn thc hin cc bc sau kch hot kh nng qun tr t xa server. Trc tin ta cn kch hot cc lut trn Windows Firewall dnh cho Windows Management Instrumentation bng cch thc hin lnh sau: Netsh advfirewall firewall set rule group=Windows Management Instrumentation (WMI) new enable=yes
Cu hnh chnh sch y quyn trn server chy Hyper-V. Nu ti khon thuc nhm Administrators trn c 2 my tnh, bn khng cn thc hin bc ny. Start -> Run -> nhp azman.msc. Mn hnh Authorization Manager xut hin Chut phi ln Authorization, chn Open Authorization Store
Trong hp thoi ny, bn chn mc XML file, Browse n th mc %systemdrive%ProgramDataMicrosoftWindowsHyper-V,chn file InitialStore.xml -> Open -> OK
Chn mc Microsoft Hyper-V services ->Role Assignments, chut phi ln Administrator-> Assign Users and Group, chn From Windows and Active Directory.
Trong hp thoi Select Users, Computers,or Groups nhp tn ti khon tng ng -> OK
B sung ti khon va y quyn trn vo nhm Distributed COM Users. Start -> Programs -> AdministrativeTools -> Computer Management> Local User and Groups -> Groups. Chup phi ln Distributed COM Users, chn Addto Group, add user tng ng
Tip n ta tin hnh cp cc quyn lin quan n WMI cho ti khon tng ng trn hai namspace l CIMV2 v virtualization. Ca s Computer Management -> Services and Applications, chut phi chn WMI control -> Properties
Hp thoi WMI Control Properties , tab Security-> Root -> CIMV2, chn Security -> Add b sung ti khon tng ng -> chn Advanced
Trong hp thoi Advanced Security Settings for CIMV2, tab Permissions, chn ti khon tng ng -> Edit, nh du chn vo Remote Enable trong khung Permissions
Tip theo vi namspace virtualization ta cng thc hin tng t.

THQTM TranVanNghia 11TLTCNTT

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

THQTM TranVanNghia 11TLTCNTT

Uploaded by

Copyright:

Available Formats

BI 1:Ci t Windows Server 2008 I.

Chy file mtinst.exe bt u ci t Windows Memory Diagnostic.

Chun b forest. Chun b domain.

Tip theo l cc bc chun b domain:

Ton b vic ci t Windows Server 2008 ch qua ba phn:

Ci t h iu hnh Lm theo cc bc sau ci t h iu hnh:

Thit lp ngn ng, thi gian v n v tin t, thng tin bn phm.

Nhp kha kch hot sn phm hp l.

La chn bn Windows Server 2008 ci t.

Trong mc Update This Server, bn c th thc hin nhng vic sau:

Tip theo s l phn ba ca qu trnh ci t. Ci t Server Manager

Bi 2: Nng cp windows Server 2003 ln Windows Server 2008 I. Yu cu h thng:

cng Card mn hnh

II. Tin hnh nng cp: Bc 1: Kim tra h thng

Bc 2 : Raise functional level ln win2003 cho h thng

Bc 7: nh tip D:\sources\adprep\adprep.exe /domainprep /gpprep

Bc 9: tt ca s CMD, vo DVD chy file setup.exe

Chn ng loi version ca Win2003 ci trc. Win2003 l Enterprise th chn l Enterprise

Upgrade Cng th login thng xem cc OU v

Mi th vn nh lc u vi Winserver 2003. Hai OU Quantri v kythuat vn cn.

Mn hnh chnh ca Server Manager

Thng bo xut hin khi ng nhp thnh cng

2/- Trong mn hnh Getting started, bm nt Next.

Xc nhn li thng tin ci t

Nhn Next ti ca s tip theo:

Tip tc nhn Install ti ca s Confirm Installation Selections:

V ch i cho ton b qu trnh ny hon tt:

Chn ng dn DCPROMO v tip tc lm theo hng dn ti :

in tn ph hp dnh cho domain mi v Next:

Chn ng mc ca forest function level, mc nh l Windows 2000 ( y l Windows Server 2008):

Trong ca s cui cng, cc bn c th xem li ton b mc thit lp ca mnh. Nhn Next:

II. Kt ni my trm n DC: Ti my Client.Thit lp IP Address v DNS cho card mng.

Kim tra 2 my Client v Server thng nhau hay cha. My Server

Nhp tn,ti khon gia nhp domain.Nhn OK

Hp thoi thng bo thnh cng.

in thng tin ti khon user Next.

- Trong trang Confirm Installation Selections, kch Install.

- Khng cn khi ng li server sau khi thit lp xong

WINDOWS SERVER CORE 2008 GII THIU:

Chn cc thng s v ngn ng, nh dng ngy gi v bn phm

Nhn nt Install Now

B du Check Automatically activate Windows when Im online > Next

Chn I accept the license term

Chn Partition mun ci t Windows > Next

Qu trnh sao chp cc file cn thit v ci t bt u

Sau khi ci t, bn cn Restart my, nhn nt Restart Now

H thng s yu cn i Password ln Logon ny > Nhn OK

Nhp Password mi l 123 khung New Password v Confirm New Password

H thng thng bo: Password c thay i > OK

Giao din Windows Server Core 2008:

PHN 2: T IP ADDRESS V I TN MY TNH

u tin bn cn xem ID ca Card mng bng lnh sau:

Sau khi Restart, tt Firewall cc my tnh khc c th lin lc vi Server ny

Dng lnh IPCONFIG /ALL kim tra:

Chn Internet Protocol Version 4 (TCP/Ipv4) > Properties

t thng s IP nh hnh di > OK

2. Join Domain: Click phi My Computer > Properties

Chn Change Settings

Chn Domain > Nhp tn domain: dom25.com

Nhp User Name: Administrator, Password:123 OK

Cng vic Join Domain din ra thnh cng

Nhn OK chp nhn Restart my

Nhn Restart Now