Windows Server 2008

KHOA TIN HC 2008
QUN TR MNG WINDOWS SERVER
CHNG 1: GII THIU WINDOWS SERVER I. WINDOWS NT SERVER
1. H iu hnh mng Windows NT 2. Cc c ch qun l ca Windows NT 2.1Qun l i tng (Object Manager) 2.2C ch bo mt (SRM - Security Reference Monitor) 2.3Qun l nhp / xut (I/O Manager) 2.4I/O Manager 3. Cc phin bn ca h iu hnh Windows NT II. WINDOWS SERVER 2000
1. Windows 2000 Server 2. Cc c trng ca Windows 2000 III. WINDOWS SERVER 2003 1. 2. 3. 4. 5. Cc phin bn ca h iu hnh Windows server 2003 Nhng c im mi ca Windows server 2003 Yu cu v phn cng Nng cp thnh Windows server Enterprise Edition Bng so snh cc c tnh ca Windows server 2003
IV. WINDOWS SERVER 2008 1. 2. 3. 4. Tnh nng vt tri Cc phin bn ca Windows Server 2008 Yu cu phn cng Bng cc tnh nng trong Windows Server 2008
TNG QUAN V WINDOWS SERVER 2008
CHNG 2:
I. II. 1. 2. 3. 4. 5. 6. 7. 8. 9.
GII THIU WINDOWS SERVER 2008 CC TNH NNG CA WINDOWS SERVER 2008 Cng c qun tr Server Manager Windows Server Core Power Shell Windows Deloyment Services Terminal Services Network Access Protection Read Only Domain Controllers Cng ngh Failover Clustering Windows Firewall with Advance Security
III. MT S TNH NNG MI 1. Cng ngh o ha Hyper-V
Nguyn Vn Ti 1/147
KHOA TIN HC 2008
2. 3. 4. 5. 6.
Processor Compartibility Mode File Classification Infrastructure Qun l trong a v file Ci tin giao thc v m ha Mt s tnh nng khc
IV. CC LI CH CA WINDOWS SERVER 2008
1. Web 2. o ha 3. Bo mt 3.1. Network Access Protection (NAP) 3.2. Read Only Domain Controller (RODC) 3.3. BitLocker 3.4. Windows Firewall V.
1. 2. 3. 4.
CC PHIN BN CA WINDOWS SERVER 2008 Windows Server 2008 Standard Edition Windows Server 2008 Enterprise Edition Windows Server 2008 Datacenter Edition Windows Web Server 2008
CHNG 3: CI T WINDOWS SERVER 2008
I. II. III. IV.
YU CU PHN CNG CC CCH CI T NNG CP LN WINDOWS SERVER 2008 CC BC CI T
CHNG 4: DNG DOMAIN I. TO DOMAIN CONTROLLER II. NG NHP MY CLIENT VO DOMAIN CHNG 5: .I .1 .2 .3 .4 .5 .II XY DNG CC DCH V
DCH V DNS Gii thiu DNS Server Ci t DNS Server Cu hnh DNS Server Cu hnh a ch DNS Server trn my Client B sung cc bn ghi DNS vo DNS Server DCH V DHCP
.1 Gii thiu dch v DHCP .2 Hot ng ca giao thc DHCP .3 Ci t trn Windows Server 2008 3.1. Trn my Server
Nguyn Vn Ti 2/147
KHOA TIN HC 2008
3.2. Trn my Client .4 Cu hnh DHCP IV.1.To Scope 4.2. Thay i options ca Scope 4.3. Thay i Server options .5 Backup DHCP Server .6 Remove DHCP Server .III DCH V TH MC ( Directory Services) .1 Chun b .2 Cu hnh II.1. Trn my Server II.2. Cho Client vo Domain .IV DCH V TP TIN (File Services) .1 .2 .3 .4 .V Trin khai File Sevices Qun l File Screen Qun l Quota Qun l cc bo co DCH V IN N (Print Services)
.1 Ci t .2 Truy cp Print Services Tools .3 Qun l cc my in trong mng .VI DCH VU WEB .1 Gii thiu v IIS 7.0 .2 Ci t IIS7.0 .VII DCH VU FTP .1 Gii thiu .2 Ci t v cu hnh 2.1. Ci t 2.2. Cu hnh CHNG 6: USER GROUP I. GII THIU V LOCAL USER V LOCAL GROUP II. TO CC LOCAL USER III. TO LOCAL GROUP CHNG 7: CHNH SCH BO MT(GROUP POLICY) I. ACCOUNT POLICY 1. Password Policy 2. Account Lockout Policy II. LOCAL POLICY
Nguyn Vn Ti 3/147
KHOA TIN HC 2008
1. User rights assignment 2. Sercurity options CHNG 8: QUYN TRUY CP NTFS I. KIM SOT QUYN TRUY CP H THNG TP NTFS 1. Phn quyn n gin 2. Phn quyn c bn 2.1 Gii thiu c ch phn quyn NTFS 2.2 Cc cng c phn quyn NTFS 2.3 Thc hin cc quyn c bn ca d liu doanh nghip trn NTFS II. NGUYN TC KHI P DNG QUYN TRUY CP 1. Nguyn tc hoch nh th mc chng trnh 2. Nguyn tc hoch inh th mc d liu 3. Nguyn tc hoch nh th mc c nhn 4. To th mc c nhn (Home Folder) trn Volume NTFS III. SHARE PERMISSION CHNG 9: XY DNG M HNH SERVER CLIENT I. CU HNH A CH IP,DNS,DHCP II. TO OU,USER V GROUP III.GROUP POLICY,DISK QUOTA IV. CHIA S D LIU V. KIM TON
VI. QUN L MY IN
CHNG 1: I.
GII THIU WINDOWS SERVER
WINDOWS NT SERVER
1. H iu hnh mng Windows NT Windows NT l h iu hnh mng cao cp ca hng Microsoft. Phin b n u c tn l Windows NT 3.1 pht hnh nm 1993, v phin bn server l Windows NT Advanced Server (trc l LAN Manager for NT). Nm 1994 phin bn Windows NT Server v Windows
Nguyn Vn Ti 4/147
KHOA TIN HC 2008
NT Workstation version 3.5 c pht hnh. Tip theo ra i cc bn version 3.51. Nm 1995, Windows NT Workstation v Windows NT Server version 4.0 ra i. L h iu hnh mng p ng tt c cc giao thc truyn thng ph d ng nht. Ngoi ra n va cho php giao lu gia cc my trong mng, va cho php truy nhp t xa, cho php truyn file v.v... Windows NT l h iu hnh va p ng cho mng c c b (LAN) v a p ng cho mng din rng (WAN) nh Intranet, Internet. Windows NT server hn hn cc h iu hnh khc bi tnh m m d o,a d ng trong qu n l. N va cho php qun l mng theo m hnh mng phn bit (Clien/Server), v a cho php qun l theo m hnh mng ngang hng (peer to peer). Ci t n gi n, nh nhng v iu quan trng nht l n tng thch vi hu nh tt c cc h mng. 2. Cc c ch qun l ca Windows NT 2.1. Qun l i tng (Object Manager) Tt c ti nguyn ca h iu hnh c thc thi nh cc i tng. Mt i tng l mt i din tru tng ca mt ti nguyn. N m t trng thi bn trong v cc tham s c a ti nguyn v tp hp cc phng thc (method) c th c s dng truy c p v i u khin i tng. Bng cch x l ton b ti nguyn nh i t ng Windows NT c th thc hin cc phng thc ging nhau nh: to i tng, bo v i tng, gim st vic s dng i tng (Client object) gim st nhng ti nguyn c s d ng b i m t i tng. 2.2. C ch bo mt (SRM - Security Reference Monitor) c s dng thc hin vn an ninh trong h thng Windows NT. Cc yu c u t o mt i tng phi c chuyn qua SRM quyt nh vic truy c p ti nguyn c cho php hay khng. SRM lm vic vi h thng con bo m t trong ch user. H th ng con ny c s dng xc nhn user login vo h thng Windows NT. 2.3. Qun l nhp / xut (I/O Manager) Chu trch nhim cho ton b cc chc nng nhp / xu t trong h i u hnh Windows NT. I/O Manager lin lc vi trnh iu khin ca cc thit b khc nhau. 2.4. I/O Manager S dng mt kin trc lp cho cc trnh iu khin. Mi b phn iu khin trong lp ny thc hin mt chc nng c xc nh r. Phng php tip c n ny cho php m t thnh phn iu khin c thay th d dng m khng nh hng phn cn li c a cc b phn iu khin. 3. Cc phin bn ca h iu hnh Windows NT Windows NT 3.1 Windows NT Advanced Server Windows NT Server Windows NT Workstation version 3.5 Windows NT version 3.51 Windows NT Workstation Windows NT Server version 4.0
II. WINDOWS SERVER 2000
1. Windows Server 2000
Nguyn Vn Ti 5/147
KHOA TIN HC 2008
y l phin bn thay th cho Windows NT Server 4.0, n c thi t k cho ng i dng l nhng doanh nghip ln, hng phc v cho cc mng ln. N tha hng li tt c nhng chc nng ca Windows NT Server 4.0 v thm vo l giao di n h a thn thi n vi ngi s dng. H h iu hnh Windows 2000 Server c 3 phin bn chnh l: Windows 2000 Server, Windows 2000 Advanced Server, Windows 2000 Datacenter Server. Vi m i phin b n Microsoft b sung cc tnh nng m rng cho tng loi dch v. 2. Cc c trng ca Windows 2000 Nhng thay i quan trng nht so vi NT c gm c: - Active Directory - H tng kin trc ni mng TCP/IP c ci tin - Nhng c s h tng bo mt d co gin hn - Vic chia s dng chung cc tp tin tr ln mnh m hn so v i h th ng t p tin phn tn (Distributed File System) v dch v sao chp tp tin (File Replication Service) - Khng l thuc cng nhc vo cc mu t a na nh cc i m n i (junction point) v cc a gn ln c (mountable drive)
- Vic lu tr d liu trc tuyn mm do, linh ng hn nh c tnh nng Removable Storage Manager.
III. WINDOWS SERVER 2003 1. Cc phin bn ca h iu hnh Windows Server 2003 - Windows Server 2003 c 4 phin bn c s dng rng ri nht l: Windows Server 2003 Standard Edition, Enterprise Edition, Datacenter Edition, Web Edition. Windows Server 2003 Web Edition: ti u dnh cho cc my ch web Windows Server 2003 Standard Edition: bn chun dnh cho cc doanh nghip, cc t chc nh n va. Windows Server 2003 Enterprise Edition: bn nng cao dnh cho cc t chc, cc doanh nghip va n ln. Windows Server 2003 Datacenter Edittion: bn dnh ring cho cc t chc ln, cc tp on v d nh IBM, DELL. 2. Nhng c im mi ca Windows Server 2003 - Kh nng kt chm cc Server san s ti (Network Load Balancing Clusters) v ci t nng RAM (hot swap). - Windows Server 2003 h tr h iu hnh WinXP tt hn nh: hiu c chnh sch nhm (group policy) c thit lp trong WinXP, c b cng c qun tr mng y cc tnh nng chy trn WinXP. - Tnh nng c bn ca Mail Server c tnh hp sn: i vi cc cng ty nh khng chi ph mua Exchange xy dng Mail Server th c th s d ng d ch v POP3 v SMTP tch hp sn vo Windows Server 2003 lm mt h th ng mail n gi n ph c v cho cng ty. - Cung cp min ph h c s d liu thu gn MSDE (Mircosoft Database Engine) c c t xn t SQL Server 2000. - NAT Traversal h tr IPSec l mt ci tin mi trn mi trng 2003 ny, n cho php cc my bn trong mng ni b thc hin cc kt ni peer-to-peer n cc my bn ngoi
Nguyn Vn Ti 6/147
KHOA TIN HC 2008
Internet, c bit l cc thng tin c truyn gia cc my ny c th c m ha hon ton. - B sung thm tnh nng NetBIOS over TCP/IP cho dch v RRAS (Routing and Remote Access). - Phin bn Active Directory 1.1 ra i cho php chng ta y quyn gia cc g c r ng v i nhau ng thi vic backup d liu ca Active Directory cng d dng hn. - H tr tt hn cng tc qun tr t xa do Windows 2003 ci ti n RDP (Remote Desktop Protocol) c th truyn trn ng truyn 40Kbps - H tr mi trng qun tr Server thng qua dng lnh phong ph hn - Cho php to nhiu gc DFS (Distributed File System) trn cng mt Server. 3. Yu cu v phn cng c tinh Web Edition Standard Edition Enterprise Edition 128 MB 256 MB 32 GB cho dong may X86, 64 GB cho dong may Itanium 133 Mhz cho dong may x86, 733 Mhz cho dong may Itanium 733 Mhz 8 Datacenter Edition 512 MB 1 GB 64 GB cho dong may x86, 512 GB cho dong may Itanium 400 Mhz cho dong may x86, 733 Mhz cho dong may Itanium 733 Mhz 8 n 32 CPU cho dong may x86 32 Bit, 64CPU cho dong may Itanium
Dung lng 128 MB 128 MB RAM ti thiu Dung lng 256 MB 256 MB RAM gi y Dung lng RAM h tr ti 2 GB 4 GB a Tc ti thiu 133 cua CPU Mhz Tc CPU gi 550 y Mhz H tr CPU nhiu 2 133 Mhz 550 Mhz 4
Dung lng ia trng phu vu 1.5GB cho qua trinh cai t S lng may Khng kt ni trong h tr dich vu Cluser
1.5GB
1.5GB cho dong x86, 1.5GB cho dong may 2GB cho dong may x86, 2GB cho dong may Itanium Itanium 8 may
Khng h 8 may tr
4. Cc h iu hnh cho php nng cp thnh Windows server Enterprise Edition - Windows NT Server 4.0 vi Services Pack 5 hoc ln hn. - Windows NT Server 4.0, Terminal Server Edition, vi Services Pack 5 hoc ln hn. - Windows NT Server 4.0, Enterprise Edition, vi Services Pack 5 hoc ln hn. - Windows 2000 Server - Windows 2000 Advanced Server - Windows Server 2003 Standard Edition
Nguyn Vn Ti 7/147
KHOA TIN HC 2008
5. Bng so snh cc c tnh ca Windows server 2003 c tinh Web Edition Standar Enterprise Datacenter d Edition Edition Edition Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
.NET Framework Yes Act as a Domain Controller in the Active No Yes Directory Microsoft Meta directory Service (MMS) No No support Internet Information Service (IIS) 6.0 Yes Yes ASP.NET ASP.NET Yes Yes Enterprise UDDI service No Yes Network load balancing Yes Yes Server clusters No No Virtual Private Network(VPN) support H tr 1 kt Yes ni Internet Authentication Service (IAS) No Yes Ipv6 Yes Yes Distributed File System (DFC) Yes Yes Encrypting File System (DFC) Yes Yes Shadow Copy Restore Yes Yes Removable and Remote Storage No Yes Fax service No Yes Service For Macintosh No Yes Print Service for Unix Yes Yes Terminal Services No Yes Intel Mirror Yes Yes Remote OS Installation (RIS) Yes Yes 64 bit support for Itanium base computer No No Datacenter Program No No IV. WINDOWS SERVER 2008 1. Tnh nng vt tri
Microsoft Windows Server 2008 l h iu hnh my ch windows th h tip theo ca hng Microsoft. - Cc tnh nng c ci thin mnh m so vi phin bn 2003: + An ton bo mt. + Truy cp ng dng t xa. + Qun l server tp trung. + Cc cng c gim st hiu nng v tin cy. + Failover clustering v h thng file.
Nguyn Vn Ti 8/147
KHOA TIN HC 2008
H tr trong vic kim sot mt cch ti u h tng my ch , ng th i t o nn m t mi trng my ch an ton, tin cy v hiu qu hn trc rt nhiu. 2. Cc phin bn ca Windows Server 2008 - Windows Server 2008 Standard Edition - Windows Server 2008 Enterprise Edition - Windows Server 2008 Datacenter Edition - Windows Web Server 2008 3. Yu cu phn cng ci t Windows Server 2008 Di y l bng yu cu phn cng ci t windows server 2008:
Nguyn Vn Ti 9/147
KHOA TIN HC 2008
4. Bng cc tnh nng trong Windows Server 2008
Nguyn Vn Ti 10/147
KHOA TIN HC 2008
CHNG 2: TNG QUAN V WINDOWS SERVER 2008

I. GII THIU V WINDOWS SERVER 2008
- Microsoft Windows Server 2008 l th h k tip ca h iu hnh Windows Server, c th gip cc chuyn gia cng ngh thng tin c th kim sot t i a c s h t ng c a h v cung cp kh nng qun l v hiu lc cha tng c, l s n ph m h n h n trong vi c m bo an ton, kh nng tin cy v mi trng my ch vng ch c h n cc phin b n trc y. - Windows Server 2008 cung cp nhng gi tr mi cho cc t ch c b ng vi c b o m t t c ngi dng u c th c c nhng thnh phn b sung t cc d ch v t m ng. Windows Server 2008 cng cung cp nhiu tnh nng vt tri bn trong h i u hnh v kh nng chun on, cho php cc qun tr vin tng c thi gian h tr cho cc doanh nghip. - Windows Server 2008 c thit k cung cp cho cc t ch c c c n n t ng s n xut tt nht cho ng dng, mng v cc dch v web t nhm lm vic n nh ng trung tm d liu vi tnh nng ng, tnh nng mi c gi tr v nhng ci thin mnh m cho h iu hnh c bn. - Ci thin h iu hnh cho my ch Windows. Thm vo tnh nng mi, Windows Server 2008 cung cp nhiu ci thim tt hn cho h iu hnh c bn so v i h iu hnh Windows Server 2003. - Nhng ci thin c th thy c gm c cc vn v mng, cc tnh nng b o m t nng cao, truy cp ng dng t xa, qun l role my ch tp trung, cc cng c ki m tra tin cy v hiu sut, nhm chuyn i d phng, s trin khai v h thng file.
II. CC TNH NNG CA WINDOWS SERVER 2008
1. Cng c qun tr Server Manager Server Manager l mt giao din iu khin c thi t k t ch c v qu n l m t server chy h iu hnh Windows Server 2008. Ngi qun tr c th s dng Server Manager vi nhng nhiu mc ch khc nhau. - Qun l ng nht trn mt server - Hin th trng thi hin ti ca server - Nhn ra cc vn gp phi i vi cc role c ci t mt cch d dng hn - Qun l cc role trn server, bao gm vic thm v xa role - Thm v xa b cc tnh nng - Chn on cc du hiu bt thng - Cu hnh server: c 4 cng c ( Task Scheduler, Windows Firewall, Services v WMI Control). - Cu hnh sao lu v lu tr: cc cng c gip bn sao l u v qun l a l Windows Server Backup v Disk Management u nm trn Server Manager. 2. Windows Server Core - Server Core l mt tnh nng mi trong Windows Server 2008. N cho php c th ci t vi mc ch h tr c bit v c th i vi mt s role. - Tt c cc tng tc vi Server Core c thng qua cc dng lnh. Server Core mang li nhng li ch sau:
Nguyn Vn Ti 11/147
KHOA TIN HC 2008
+Gim thiu c phn mm, v th vic s dng dung lng a cng c gim. Ch tn khong 1GB khi ci t. + Bi v gim thiu c phn mm nn vic cp nht cng khng nhiu. + Gim thiu ti a nhng hnh vi xm nhp vo h thng thng qua cc port c m mc nh. + D dng qun l. - Server Core khng bao gm tt c cc tnh nng c sn trong nh ng phin b n ci t Server khc. V d nh .NET Framework hoc Internet Explorer. 3. PowerShell - PowerShell l mt tp hp lnh. N kt ni nhng dng l nh shell v i m t ngn ng script v thm vo hn 130 cng c dng lnh(c gi l cmdlets).Hi n t i, c th s dng PowerShell trong: + Exchange Server + SQL Server + Terminal Services + Active Directory Domain Services. + Qun tr cc dch v, x l v registry. - Mc nh, Windows PowerShell cha c ci t. Tuy nhin bn c th ci t n m t cch d dng bng cch s dng cng c qun tr Server Manager v ch n Features > Add Features 4. Windows Deloyment Services. - Windows Deployment Services c tch hp trong Windows Server 2008 cho php bn ci t h iu hnh t xa cho cc my client m khng c n ph i ci t tr c ti p. WDS cho php bn ci t t xa thng qua Image ly t DVD ci t. Ngoi ra, WDS cn h tr t o Image t 1 my tnh ci t sn Windows v y cc ng dng khc. - Windows Deployment Serviece s dng nh dng Windows Image (WIM). M t c i ti n c bit vi WIM so vi RIS l WIM c th lm vi c t t v i nhi u n n t ng ph n c ng khc nhau. 5. Terminal Services. - Terminal Services l mt thnh phn chnh trn Windows Server 2009 cho php user c th truy cp vo server s dng nhng phn mm. - Terminal Services gip ngi qun tr trin khai v bo tr h thng ph n m m trong doanh nghip mt cch hiu qu. Ngi qun tr c th ci t cc ch ng trnh ph n mm ln Terminal Server m khng cn ci t trn h thng my client, v th vi c c p nht v bo tr phn mm tr nn d dng hn. - Terminal Services cung cp 2 s khc bit cho ngi qun tr v ngi dng cui : - Dnh cho ngi qun tr: cho php qun tr c th kt ni t xa h thng qun tr bng vic s dng Remote Desktop Connection hoc Remote Desktop. - Dnh cho ngi dng cui: cho php ngi dng cui c th ch y cc ch ng trnh t Terminal Services server. 6. Network Access Protection
Nguyn Vn Ti 12/147
KHOA TIN HC 2008
- Network Access Protection (NAP) l mt h thng chnh sch thi hnh (Health Policy Enforcement) c xy dng trong cc h iu hnh Windows Server 2008. - C ch thc thi ca NAP: + Kim tra tnh trng an ton ca client. + Gii hn truy cp i vi cc my client khng an ton. + NAP s cp nht nhng thnh phn cn thit cho cc my client khng an ton, cho n khi client iu kin an ton.Cho php client kt ni nu client tha iu kin. + NAP gip bo v h thng mng t cc client. + NAP cung cp b th vin API (Application Programming Interface), cho php cc nh qun tr lp trnh nhm tng tnh bo mt cho mnh 7. Read-Only Domain Controllers - Read-Only Domain Controller (RODC) l mt kiu Domain Controller m i trn Windows Server 2008.Vi RODC, doanh nghip c th d dng trin khai cc Domain Controller nhng ni m s bo mt khng c m bo v bo mt. RODC l mt phn d liu ca Active Directory Domain Services. - V RODC l mt phn d liu ca ADDS nn n lu tr mi i t ng, thu c tnh v cc chnh sch ging nh domain controller, tuy nhin mt khu th b ngoi tr. 8. Cng ngh Failover Clustering. - Clustering l cng ngh cho php s dng hai hay nhi u server k t h p v i nhau t o thnh mt cm server tng cng tnh n nh trong vn hnh.Nu server ny ng ng hot ng th server khc trong cm s m nhn nhim v m server ngng ho t ng ang thc hin nhm mc ch hot ng ca h thng vn bnh thng. Qu trnh chuyn giao gi l fail-over. Nhng phin bn sau h tr: . Windows Server 2008 Enterprise . Windows Server 2008 Datacenter . Windows Server 2008 Itanium 9. Windows Firewall with Advance Security - Windows Firewall with Advance Security cho php ngi qun tr c th cu hnh a d ng v nng cao tng cng tnh bo mt cho h thng. - Windows Firewall with Advance Security c nhng im mi: + Kim sot cht ch cc kt ni vo v ra trn h thng (inbound v outbound) + IPsec c thay th bng khi nim Connection Security Rule, gip b n c th ki m sot v qun l cc chnh sch, ng thi gim st trn firewall. Kt hp vi Active Directory. + H tr y IPv6. III. MT S TNH NNG MI CA WINDOWS SERVER 2008 1. Cng ngh o ha Hyper-V Hyper-V l cng ngh o ha server th h mi ca Microsoft, s thay i l n nht m Microsoft mang li so vi phin bn Windows Server 2003. Hyper-V ho t ng trn n n h iu hnh 64-bit. Vi Hyper-V, ngi s dng c th s hu mt nn tng o ha linh hot, bo mt, ti a hiu sut v tit kim chi ph:
Nguyn Vn Ti 13/147
KHOA TIN HC 2008
+ Hyper-V c th thch nghi vi doanh nghip ln vi hng nghn my tnh ho c cc doanh nghip nh hay vn phng chi nhnh. Hyper-V h tr b nh o ln n 64GB, a b vi x l. + Kh nng bo mt ging nh cc server vt l. Kt hp cc c ng c b o mt Windows Firewall, Network Access Protectiondo tnh bo mt tt nh mi trng tht. + Hyper-V gip khai thc ti a hiu sut s dng phn cng server. Bng vic hp nht server, cho php mt server vt l c th ng nhiu vai tr c a nhi u server. T , ti t kim c chi ph t cc khong mua server, in, khng gian v bo tr. Hyper-V ch c th h tr n 32 b vi x l. 2. Processor Compatibility Mode - Cho php di tr cc my o sang mt my ch v t l khc v i m t phin b n CPU khc (nhng khng phi l CPU ca nh sn xut khc). Trc y, chuy n m t my o Hyper-V sang mt phn cng khc, cc CPU phi ging nhau, i u yu c u ng i dng thng phi mua li phn cng mi. 3. File Classification Infrastructure - FCI l mt tnh nng built-in cho php cc chuyn gia CNTT phn loi v qu n l d li u trong cc my ch file. D liu c th c phn loi vi tc ng doanh nghip mc thp, cao hoc trung bnh, sau ngi dng c th backup cc d li u quan tr ng nh t d dng hn v hiu qu hn. 4. Qun l trong a v file: - Cung cp kh nng thay i kich thc phn vng. - Shadow Copy h tr a quang, a mng. - Distributed File System c ci tin. - Ci tin Failover Clustering. - Internet Storage Naming Server cho php ng k, hy ng k tp trung v truy xut ti cc a cng iSCS. 5. Ci tin giao thc v m ha - H tr m ha 128 v 256 bit cho giao thc chng thc Keberos. - Hm API m ha mi h tr m ha vng elip v ci tin qun l chng ch. - Giao thc VPN mi Secure Socket Tunneling Protocol. - AuthIP c s dng trong mng VPN Ipsec. - Giao thc Server Message Block 2.0 cung cp cc ci tin trong truyn thng. 6. Mt s tnh nng khc - Windows Deployment Services thay th cho Automated Deployment Services v Remote Installation Services. - IIS 7 thay th IIS 6, tng cng kh nng bo mt, ci tin cng c chun on, h tr qun l. - C thnh phn "Desktop Experience" cung cp kh nng ci tin giao din. IV. CC LI CH CA WINDOWS SERVER 2008 Windows Server 2008 mang n li ch trong bn lnh v c: Web, o ha, Bo mt, Nn tng vng chc cho cc hot ng ca t chc 1. Web
Nguyn Vn Ti 14/147
KHOA TIN HC 2008
-Windows Server 2008 cung cp mt nn tng ng nht trin khai d ch v Web nh tch hp IIS7.0,ASP.NET,Windows Communication Foundation v Microsoft Windows SharePoint Services. - Li ich ca IIS 7.0: + Tinh nng phn tch + Qun tr hiu qu. + Nng cao tnh bo mt. + Gim chi ph h tr. + Giao din thn thin v tin dng + H tr vic sao chp gia cc site. + Copy d dng cc thit lp ca trang web gia cc my ch web khc nhau m khng c n phi thit lp g thm. + Chnh sch phn quyn qun tr cc ng dng v cc site r rng 2. o ha : - Phin bn 64 bit ca Windows Server 2008 c tch hp sn cng ngh o ha hypervisor : + Cho php my o tng tc trc tip vi phn cng my ch hiu qu hn. + C kh nng o ha nhiu h iu hnh khc nhau trn cng 1 phn cng my ch s lm gim chi ph, tng hiu sut s dng phn cng, ti u ha h tng, nng cao tnh sn sng ca my ch. + Tit kim chi ph mua sm bn quyn phn mm. + Tich hp v tp trung cc ng dng phc v cho vic truy cp t xa m t cch d dng bng cch s dng Terminal Services. 3. Bo mt: - Cc tnh nng an ninh bao g m: Network Access Protection, Read-Only Domain Controller, BitLocker, Windows Firewall cung cp cc mc bo v cha tng c cho h thng mng, d liu v cng vic ca t chc. 3.1. Network Access Protection (NAP): - NAP dng thit lp chnh sch mng i vi cc my trm khi my trm mun kt n i vo h th ng m ng ca t chc. Yu c u an ninh i vi my tr m c k t n i vi h th ng m ng: - ci t phm mm dit virus. - cp nht phin bn mi. - ci t cc bn v li h thng hoc ci t phn mm firewall. 3.2. Read-Only Domain Controller (RODC): L mt kiu Domain Controller (DC). - RODC cha mt bn sao cc d liu "ch c" ca d liu Active Directory (AD). - User khng th ghi trc tip vo RODC. - RODC khng cha thng tin v mt khu trong AD, m ch caching cc users c php s dng . RODC thch hp cho vic trin khai cc chi nhnh, ni c iu kin bo mt km cng nh trnh ca nhn vin IT cn hn ch. 3.3. BitLocker: Bo v an ton cho my ch, my trm, my tnh di ng. - M ha ni dung ca a nhm ngn cn
Nguyn Vn Ti 15/147
KHOA TIN HC 2008
- Nng cao kh nng bo v d liu: kt hp chc nng m ha tp tin h thng v kim tra tinh ton vn ca cc thnh phn khi boot. - Ton b tp tin h thng c m ha, gm c file swap v file hibernation. 3.4. Windows Firewall: - Ngn chn cc lu lng mng theo cu hnh v cc ng dng dng chy bo v mng khi cc chng trnh v ngi dng nguy him. -H tr ngn chn cc thng tin vo v ra. - S dng MMC snap-in ( Windows Firewall with Adbanced Security) n gin ha vic cu hnh, qun tr. V. Cc Phin bn ca Windows Server 2008 Windows Server 2008: ng dng cho cc trung tm data ln, ng dng nghip v ring,... kh nng m rng cao cho ti 64 b x l. Windows Server 2008 Standard Edition Windows Server 2008 Standard l mt trong nhng phin bn t t n km nh t c a cc phin bn khc nhau c sn. Windows Server 2008 Stardard h tr ti 4GB RAM v 4 b vi x l. Ch yu nhm mc tiu v cc doanh nghip va v nh. Ch c th nng c p ln Windows Server 2008 Standard t Windows 2000 Server v Windows Server 2003 Standard Edition. Windows Server 2008 Enterprise Edition - Windows Server 2008 Enterprise Edition cung cp chc nng ln hn v c kh nng m rng hn so vi bn tiu chun. Cng nh phin bn Standard Edition th phin bn Enterprise cng c c hai phin bn 32-bit v 64-bit. H tr 8 b x l v ln t i 64GB b nh RAM trn h thng 32-bit v 2TB RAM trn h thng 64-bit. - Cc tnh nng khc ca n bn Doanh nghip bao gm h tr Clustering n 8 nt v Active Directory Federated Services (AD FS). - Cc phin bn Windows Server 2000, Windows 2000 Advanced Server, Windows Server 2003 Standard Edition v Windows Server 2003 Enterprise Edition u c th c nng cp ln Windows Server 2008 Enterprise Edition. Windows Server 2008 Datacenter Edition - Phin bn Datacenter i din cui cng ca lot sn phm my ch Windows 2008 v mc tiu l nhim v quan trng i hi cc doanh nghip n nh v mc thi gian hot ng cao. Windows Server 2008 phin bn Datacenter l lin h cht ch vi cc phn cng c
bn thng qua vic thc hin ty chnh Hardware Abstraction Layer (HAL).
- Windows server 2008 Datacenter cng h tr hai phin b n 32 bit v 64 bit. N h tr 64GB b nh RAM trn nn 32 bit v ln ti 2TB RAM trn n n 64 bt. Ngoi ra phin b n ny cn h tr ti thiu l 8 b vi x l v ti a l 64. - nng cp ln phin bn ny th phi l cc phin bn Datacenter 2000 v 2003. Windows Web Server 2008 - Windows Web Server 2008 l mt phin bn ca Windows Server 2008 c thi t k ch yu cho mc ch cung cp cc dch v web. N bao gm Internet Information Services (IIS) 7,0 cng vi cc dch v lin quan nh Simple Mail Transfer Protocol (SMTP) v Telnet. N cng c cc phin bn 32-bit v 64-bit, phin bn v h tr ln n 4 b vi x l. RAM c gii hn 4GB v 32GB trn 32-bit v 64-bit h thng tng ng. - Windows Web Server 2008 thiu nhiu tnh nng hin din trong cc phin b n khc nh phn nhm,m ha a BitLocker, Multi I/O,Windows Internet Naming Service (WINS),Removable Storage Management v SAN Management.
Nguyn Vn Ti 16/147
KHOA TIN HC 2008
CHNG 3 : CI T WINDOWS SERVER 2008 .I YU CU PHN CNG Phn cng B vi x l Yu cu ti thiu ngh 1 Ghz (x86), 1,4 Ghz 2Ghz hoc ln hn (x64) RAM 512MB RAM 2GB Dung lng trng 15GB 40GB Windows Server 2008 h tr c 2 cu trc vi x l 32-bit v 64-bit. Tuy nhin, phin b n mi nht l Windows Server 2008 R2, Windows Midmarket Server v Windows Small Business vi nhng tnh nng a dch v, cc phin bn ny ch h tr c u trc vi x l 64bit. RAM h tr ti a cho h thng 32-bit l 4GB khi chy phin bn Standard Edition v 64GB khi chy phin bn Enterprise v Datacenter. Nu chy h thng 64-bit, b nh RAM c th h tr ln dn 32GB v 2TB RAM cho phin bn Enterprise v Datacenter. Thm vo , Windows Server 2008 h tr h thng Itanium, tuy nhin chip x l Intel Itanium 2 nhn l cn thit. .II CC CCH CI T C 6 cch ci t Windows Server 2008 T ci t cc nng cp Ci t t kch bn S dng Sconfig Visual Core Configurator 2008 Ci t bng cch s dng Core Configurator 2.0 Ci t trc tip t a CD Windows Server 2008 .III NNG CP LN WINDOWS SERVER 2008 Nhng phin bn trc Nng cp ln Windows Server 2008 Microsoft Windows Server 2003 R2 Standard, H tr y Enterprise hoc DatacenterEdition
Nguyn Vn Ti 17/147
KHOA TIN HC 2008
Microsoft Windows Server 2003 Service Pack H tr y 1(SP1) Standard, Enterprise hoc Datacenter Edition Microsoft Windows Server 2003 Service Pack 2 H tr y (SP2) Standard, Enterprise hoc Datacenter Edition Windows NT 4.0 Khng h tr Windows 2000 Server Khng h tr Windows XP Khng h tr Windows Vista Khng h tr Windows 7 Khng h tr nng cp ln phin bn Windows Server 2008, cn phi chy cc h iu hnh cp server. Khng th nng cp cc phin bn Windows dnh cho ngi dng nh Windows XP hoc Windows Vista ln Windows Server 2008. nng cp ln Windows Server 2008, h thng ca bn phi chy Windows Server 2003. Vic nng c p t Windows NT 4.0 v Windows 2000 Server khng c h tr. Vic nng cp t nhng phin bn Windows Server 2003 ln phin bn Windows Server 2008 Server Core khng c h tr. Vi c nng cp ch thc hin c nhng phin bn ging nhau. Khi nng cp ln phin b n Windows Server 2008, mi cu hnh thit lp, file v cc chng trnh u c gi li .IV CI T WINDOWS SERVER 2008 t a CD vo a, khi ng li my tnh v bt u tin hnh qu trnh ci t.
Language to instalk : ngn ng bn mun hin th. Time and currency format : nh dng thi gian v tin t. Keyboard or input method : nh dng bn phm v phng thc nhp ch.Sau khi la chn, click Next tip tc ci t
Nguyn Vn Ti 18/147
KHOA TIN HC 2008
Click Install now bt u ci t.
La chn phin bn Windows Server thch hp, y chng ta chn phin b n Windows Server Standard without Hyper-V. Click Next tip tc.
Nguyn Vn Ti 19/147
KHOA TIN HC 2008
Ti bng MICROSOFT PRE-RELEASE SOFTWARE LICENSE TERMS l nh ng iu khon s dng sn phm ca Microsoft. nh du ch n vo I accept the license terms chp nhn nhng iu khon v click Next tip tc.
Chn Custom (advaneced) tin hnh ci t ty chn.
Nguyn Vn Ti 20/147
KHOA TIN HC 2008
Tip theo l chn a ci dt Windows. Tip tc click Next sau khi chn a ci t.
i cho n khi hon tt ci t Windows Server 2008 Sau khi h thng hon tt ci t s t ng ng nhp vi ti kho n Administrator, tuy nhin mt khu ang trng thi trng (blank) v th cn phi thit lp mt kh u l n ng nhp u tin.
Nguyn Vn Ti 21/147
KHOA TIN HC 2008
Click OK tin hnh thay i mt khu.Sau ng nh p vo b ng m t kh u v a thay i. n y qu trnh ci t kt thc.
CHNG 4: I.
DNG DOMAIN
TO DNG DOMAIN CONTROLLER
Nguyn Vn Ti 22/147
KHOA TIN HC 2008
Ging nh Windows Server 2003 s vn cn chy dcpromo t nhc lnh Run, tuy nhin cn phi ci t Active Directory Domain Controller role, u tin bn ci t role, sau chy dcpromo.Vo Server Manager Roles Add Roles
Xut hin trang Before You Begin, nhn Next tip tc.
Chn Active Directory Domain Services Add Required Features ci t thm cc tnh nng ny vi Active Directory Server Role.
Nguyn Vn Ti 23/147
KHOA TIN HC 2008
Sau khi chn Active Directory DC Server Role, bn s thy cc thng tin v Server Role. Kch Install ci t cc file yu cu nhm chy dcpromo
Ci t c thc hin thnh cng. Kch Close.
Lc ny vo menu Start, nh dcpromo vo hp tm kim. Kch dcpromo.
Nguyn Vn Ti 24/147
KHOA TIN HC 2008
Thao tc ny s khi chy Welcome to the Active Directory Domain Service Installation Wizard. Kch Next.
Sau tip tc nhn Next.
Nguyn Vn Ti 25/147
KHOA TIN HC 2008
Trong trang Choose a Deployment Configuration Create a new domain in a new forest..
Trong trang Name the Forest Root Domain , nhp vo tn ca min trong hp nhp liu FQDN of the forest room domain.Nhn Next tip tc.
Nhn Next tip tc.
Nguyn Vn Ti 26/147
KHOA TIN HC 2008
Trong trang Set Forest Functional Level, chn Windows Server 2008. Nhn Next tip tc.
Trong trang Additional Domain Controller Options, Chn DNS server v kch Next.
Nguyn Vn Ti 27/147
KHOA TIN HC 2008
Mt hp thoi s xut hin ni rng khng th to i biu cho my ch DNS ny v khng th tm thy vng xc thc hoc n khng chy Windows DNS server. L do cho i u ny l v y l DC u tin trn mng. Nhn Next tip tc.
li th mc Database, Log Files v SYSVOL ,kch Next.
Nguyn Vn Ti 28/147
KHOA TIN HC 2008
Trong Directory Service Restore Mode Administrator Password , nhp mt mt khu mnh vo cc hp nhp liu Password v Confirm password.
Xc nhn cc thng tin trn trang Summary v kch Next.
Nguyn Vn Ti 29/147
KHOA TIN HC 2008
Active Directory s ci t. t mt du kim vo hp chn Reboot on completion my tnh s t ng khi ng li khi ci t DC c hon tt.
. Ci t s hon tt khi ng nhp. II. NG NHP MY CLIENT VO DOMAIN t a ch IP.Click phi vo My Network places Properties.Chn Manager network connectionsClick phi vo biu tng card mng chn Properties.Chn Internet Protocol Version 4 (TCP/IPv4) Properties
Nguyn Vn Ti 30/147
KHOA TIN HC 2008
Click phi My Computer Properties Change Settings. Nhn nt Change.
Chn Domain Nhp tn domain
Nguyn Vn Ti 31/147
KHOA TIN HC 2008
Cng vic thnh cng. Nhn OK chp nhn Restart my.
Nhn Close. Nhn Restart Now.
Sau khi restart, log on vo domain Administrator my tnh tr thnh 1 client ca domain taiphat.net.
Nguyn Vn Ti 32/147
KHOA TIN HC 2008
CHNG 5 : XY DNG CC DCH V I. DCH V DNS 1. Gii thiu v DNS DNS (Domain Name System) Server l my ch c dng phn gii domain thnh a ch IP v ngc li. V cch thc hot ng, DNS Server l u tr m t c s d li u bao gm cc bn ghi DNS v dch v lng nghe cc yu cu.Khi my client g i yu c u phn gii n, DNS Server tin hnh tra cu trong c s d liu v gi kt qu tng ng v my client. 2. Ci t DNS Vo Server Manager Roles Add Roles.Ti bng Select Server Roles, chn DNS Server
- Sau nhn Next tip tc - Chn Instal. Ti bng Confirm Installation Selections xc nhn vic ci t.
Nguyn Vn Ti 33/147
KHOA TIN HC 2008
- Chn Close hon tt ci t.
3. Cu hnh DNS - i vi DNS Server,thng thng nn xy dng ng thi hai h thng l DNS Server chnh (Primary) v DNS Server d phng (Secondary) dng chung mt c s d liu. Vi phng php ny,s hn ch kh nng dch v DNS b ngng khi c s c xy ra trn h thng.
Nguyn Vn Ti 34/147
KHOA TIN HC 2008
- Vo Start Administrative Tools DNS. - Nhp chut phi vo Forward Lookup Zones v chn New Zone.
- Ti bng Welcome to the New Zone Wizard ,chn Next.
- Ti bng Zone Type chn Primary zone cu hnh DNS Server chnh.
Nguyn Vn Ti 35/147
KHOA TIN HC 2008
- Chn Next. Ti bng Zone Name g tn domain vo.
- Chn Next. Ti bng Zone File, mc nh. Chn Next.
Nguyn Vn Ti 36/147
KHOA TIN HC 2008
- Chn Next. Ti bng Completing the New Zone Wizard xem li thng tin. - Sau chn Finish hon tt. - Nhp chut phi vo Reverse Lookup Zones v chn New Zone.
- Ti bng Welcome to the New Zone Wizard chn Next.
Nguyn Vn Ti 37/147
KHOA TIN HC 2008
- Ti bng Zone Type chn Primary zone cu hnh chc nng reverse cho DNS Server chnh.
- Chn Next.Ti bng Reverse Lookup Zone Name chn kiu IP cn phn gii. y chn IPv4.
Nguyn Vn Ti 38/147
KHOA TIN HC 2008
- Chn Next. in Network ID v chn Next.
- Ti bng Zone File mc nh. Chn Next.
- Ti bng Dynamic Update chn Allow both nonsecure dynamic updates.
- Chn Next v xem li thng tin thit lp, v sau chn Finish kt thc.
Nguyn Vn Ti 39/147
KHOA TIN HC 2008
4. Cu hnh a ch DNS Server trn my Client
5. B sung cc bn ghi DNS vo DNS Server - Nu mun to cc record khc.Nhp chut phi vo zone v chn Other New Records.
- Vo Start Administrative Tools DNS. Nhp chut phi vo zone v chn New
Nguyn Vn Ti 40/147
KHOA TIN HC 2008
- G tn host vo mc Name, g a ch IP vo m c IP address. N u mu n t o ra m t b n ghi DNS phn gii ngc tng ng th nh du chn Create associated pointer (PTR) record.
- Sau chn Add Host.Xut hin thng bo thnh cng.
Chn OK. Bng New Host tip tc xut hin, chn Done k t thc t o b n ghi. t o mt bn ghi Alias, nhp chut phi vo zone v ch n New Alias (CNAME). T ng t nh trn, in cc thng tin vo. Ti mc Fully qualified domain name (FQDN) for target host, nu bn khng nh, chn Browse tm tn my cn tht.
Nguyn Vn Ti 41/147
KHOA TIN HC 2008
- Sau khi in thng tin y . Chn OK hon tt.
Nguyn Vn Ti 42/147
KHOA TIN HC 2008
II. DCH V DHCP .1 Gii thiu dich v DHCP - Dch v DHCP cho php chng ta cp ng cc thng s c u hnh m ng cho cc my trm.(client). - C ch s dng cc thng s mng c cp pht ng c u im hn so v i c ch khai bo tnh cc thng s mng nh: Khc phc c tnh trng ng a ch IP v gim chi ph qun tr cho h thng mng.Gip cho cc nh cung cp dch v (ISP) tit kim c s lng a ch IP tht (Public IP).Ph hp cho cc my tnh thng xuyn di chuyn qua l i gi a cc m ng.K t hp vi h thng mng khng dy (Wireless) cung cp cc im Hotspot nh: nh ga, sn bay, trng hc .2 Hot ng ca giao thc Giao thc DHCP lm vic theo m hnh client/server.Khi my client kh i ng, my s g i broadcast gi tin DHCPDISCOVER, yu c u mt server ph c v mnh. Gi tin ny cng cha a ch MAC ca my client.Cc my Server trn mng khi nh n c gi tin yu c u , nu cn kh nng cung cp a ch IP, u gi li cho my Client gi tin DHCPOFFER, ngh cho thu mt a ch IP trong mt khon thi gian nht nh, km theo l mt subnet mask v a ch ca Server. 3. Ci t trn Windows Server 2008 3.1. Trn my Server - Vao Server Manger Roles Add Roles.
- Nhn Next trong muc Roles chon DHCP Server. Nhn Next.
Nguyn Vn Ti 43/147
KHOA TIN HC 2008
- Trong bang nay gii thiu v DHCP va cac im cn lu y Things to Note. Tip tuc nhn Next.
- Chon card mang s dung dich vu nay y chung ta chi co mt card mang nn tip tuc nhn Next nhn Next.
Nguyn Vn Ti 44/147
KHOA TIN HC 2008
- Trong muc Parent Domain in tn domain va in IP DNS server muc Preferred DNS v nhn Validate kim tra va xac nhn tn tai v tip tuc nhn Next.
- Tip tuc nhn Next.
Nguyn Vn Ti 45/147
KHOA TIN HC 2008
- bang Add or Edit DHCP Scopes, nhn Add thm scope, in thng tin scope cn add v nhn OK.
Nguyn Vn Ti 46/147
KHOA TIN HC 2008
- Nhn Next v Tt chc nng IPv6 y chng ta khng s dng IPv6, chon Disable IPv6 Stateless mode v Next.
Nguyn Vn Ti 47/147
KHOA TIN HC 2008
- Chon user co quyn Author Next.
- Xac nhn lai thng tin trc khi cai t dich vu DHCP.
- Nhn Install tin hnh ci t. - Cai t Role hoan tt , v nhn Close

Nguyn Vn Ti 48/147
KHOA TIN HC 2008
Kim tra lai h thng.
3.2 Trn my Client - may client cu hinh TCP/IPv4 cho nhn IP ng.
Nguyn Vn Ti 49/147
KHOA TIN HC 2008
- M Command Prompt, nhp lnh ipconfig /release (xoa IP ng hin tai) va nhp ti p lnh ipconfig /renew (yu cu cp IP ng mi) kim tra vic cp phat ip ng cua DHCP. 4. Cu hnh DHCP
4.1. To Scope
- Vao Administrative Tools DHCP.
- Nhn chut phai vo IPv4 v New Scope.
- Hp thoai New Scope hin ra v Next.

Nguyn Vn Ti 50/147
KHOA TIN HC 2008
- Hp thoai Scope Name v in tn cua scope vo mc Name v nhn Next.
- Hp thoai IP Address Range, in thng s range IP cp phat va subnet mask Next.
Nguyn Vn Ti 51/147
KHOA TIN HC 2008
- Hp thoai Add Exclusions: nhp range ip c bit khng dung cp phat Add Next.
- Hp thoai Lease Duration: thi gian thu ia chi IP mc inh la 8 ngay.
Nguyn Vn Ti 52/147
KHOA TIN HC 2008
- Hp thoai Configuration DHCP Options yu cu chung ta cu hinh thng s dich vu cua scope ngay by gi hoc sau. y ta chon Yes, I want to config these options now v nhn Next.
- Hp thoai Router (Default gateway): nhp ia chi default gateway cua scope nay ri nhn Add v Next.
Nguyn Vn Ti 53/147
KHOA TIN HC 2008
- Hp thoai Domain Name va DNS server : in tn domain, phn IP Address in IP DNS server
- Nhn Next tip tc. - Hp thoi Active Scope chon active scope v nhn Next.
Nguyn Vn Ti 54/147
KHOA TIN HC 2008
- Sau nhn Finish kt thuc. - Xem kt qua scope 192.168.1.0 a c tao:
4.2. Thay i options ca Scope - X scope cn thao tac v chut phai scope options Configure Options. - Hp thoai Scope Options hin ra, trng Available Options la nhng thuc tinh sn sang ma chung ta co th thay i vi nhng thuc tinh a stick la nhng thuc tinh a c cu hinh trc o.
Nguyn Vn Ti 55/147
KHOA TIN HC 2008
- Chung ta se th cu hinh default gateway lai cho scope nay, chon Router. Router Options hin ta cho chung ta thm xoa va edit vi nhng thuc tinh khac cung vy.
4.3. Thay i Server options - Chut phai Server options Configure Options. - Cung nh cach thc thay i thuc tinh cua scope options chi khac la nhng thuc tinh thay i y se ap cho tt ca cac scope cua server.
Nguyn Vn Ti 56/147
KHOA TIN HC 2008
5. Backup DHCP Server - Vao Administrative Tools l DHCP. Nhn chut phai tn may v Backup
- Hp thoai Browse For Folder hin ra yu cu chon ni ct file backup, mc inh la trong C:\Windows\system32\dhcp\backup.
- Chung ta mc inh v OK kt thuc qua trinh backup vao th muc ch bakup kim tra.
Nguyn Vn Ti 57/147
KHOA TIN HC 2008
6. Remove DHCP Server - Vao Server Manager Roles Chon Remove roles.
- Hp thoai Remove Roles Wizard hin ra v nhn Next.
- Bo du stick dich vu DHCP v Next, sau chn Remove xa dch v DHCP
Nguyn Vn Ti 58/147
KHOA TIN HC 2008
- Sau Restart li h thng.

III.
DCH VU TH MC (Directory Services) 1. Chun b Thit lp a ch IP cho card mng ca server hoc bn c th thi t lp a ch IP c a cc DNS Server trong h thng. Nu mun ci t mt Read-Only Domain Controller,b n ph i chun b forest bng lnh adprep /rodcprep.Xy dng cc DNS Server trong h th ng m ng nu c, trong qu trnh ci t AD DS s c ci t DNS Server. 2. Cu hnh 2.1 Trn my Server - Vao Adminstrator Tool chn Server Manager - Trong muc Roles chon Add roles.
Nguyn Vn Ti 59/147
KHOA TIN HC 2008
- Nhn Next, muc nay m ta v AD DS va nhng chu y Things to Note.
- Tip tuc Next, muc nay xac nhn ln cui trc khi cai t dich vu.
Nguyn Vn Ti 60/147
KHOA TIN HC 2008
- Qu trnh ci t thnh cng. Click Close.
- Tin trinh cai t dich vu kt thuc se hin ra cu thng bao yu cu nng cp ln domain bng lnh dcpromo nh Windows Server 2003.
Nguyn Vn Ti 61/147
KHOA TIN HC 2008 2.5.
Cho Client vo Domain
Computer Name: anh tn may vao y nu mun i tn y chon l th9a.
- Tip theo stick vo phn Domain nhp tn Domain , y Domain c tn la taiphat.net. - Nhn OK h thng check DNS server DC cua domain taiphat.net, bang thng bao hin ra yu Xac nhn hoan tt.
- Tip theo chn OK v sau c yu cu Restart lai h thng. IV. DCH V TP TIN (File Services) File Server Resource Manager l mt tp hp cc cng c cho php ngi qun tr c th iu khin v qun l d liu trn cc server chy h iu hnh Windows Server 2008 m t cch hiu qu.Vi cng c ny, c th cu hnh quota trn c a v th mc,ngn cm sao chp nhng nh dng m bn ch nh,ng thi xut ra cc bo co gim st ho t ng ca ngi dng trn khng gian lu tr.
Nguyn Vn Ti 62/147
KHOA TIN HC 2008
- ci t dch v File Services vo Server Manager Roles Add Roles - Ti bng Select Server Roles,chn File Services.
- Chn Next. Ti bng File Services ,xem gii thiu thng tin v dch v File Services
- Chn Next. Ti bng Select Role Services chn File Server Resource Manager.
Nguyn Vn Ti 63/147
KHOA TIN HC 2008
- Chn Next. Ti bng Configure Storage Usage Monitoring ,chn a cn theo di.
- Chn Next. Ti bng Set Report Options, thay i cc ty chn lin quan n bo co s xut ra nh v tr lu tr bo co,gi bo co qua email.
Nguyn Vn Ti 64/147
KHOA TIN HC 2008
- Chn Next. Ti bng Confirm Installation Selections, xem li cc thit lp, sau chn Install. - Sau khi ci t hon tt.Chn Close. - m File Server Reource Manager vo Start Administrative Tools File Server Resource Manager.
Nguyn Vn Ti 65/147
KHOA TIN HC 2008
- Ti y c 3 thnh phn chnh l Quota,File Screening,Storage Report . cu hnh cc ty chn trn File Server Resource Manager nhp chut phi vo File Server Resource Manager (Local) v chn Configure Options.
Ti tab Email Notification, nhp thng tin v Mail Server v a ch email ca ngi nhn h thng gi thng tin cnh bo v cc bo co.
Nguyn Vn Ti 66/147
KHOA TIN HC 2008
tab Notification Limits, bn c th gii hn s lng thng tin cnh bo gi v.
Ti tab Storage Reports c th thit lp nhng thng s mc nh trong cc bo co s xut ra. mi report c th chnh li bng cch chn Edit Parameters.
Nguyn Vn Ti 67/147
KHOA TIN HC 2008
Ti tab Report Locations cho php thit lp v tr lu tr cc bo co.
Ti tab File Screen Audit cho php thit lp bn ghi v file screen trn audit.
Nguyn Vn Ti 68/147
KHOA TIN HC 2008
Chn OK hon tt cc thit lp. 2. Qun l File Screen File Screen l cng c dng ngn chn ngi s dng lu tr m t s file khng c php ln a hoc th mc c cp. Khi to mt file screen,c th chn mt trong 2 hnh thc: - Active Screening : khng cho php ngi s dng lu tr cc loi file khng c php ln server - Passive Screening : cho php ngi s dng lu tr cc lo i file khng c php ln server,ng thi a ra cc cnh bo cn thit phc v cho mc ch kim sot. Ch : vi cc file tn ti trong a hoc th m c tr c khi file screen c t o ra,ngi s dng hon ton c th truy cp c,cho d cc file thuc vo danh sch cc loi file b cm. Cc bc ci t File Screen - to mt file group,vo StartAdministrative ToolsFile Server Resource Manager Click vo File Screening Management .Nhp chut phi vo File Groups chn Create File Group.
Nguyn Vn Ti 69/147
KHOA TIN HC 2008
- Ti bng Create File Group Properties,nhp tn file ca file group vo m c File group name. - Nhp nh dng file vo v chn Add,hoc b th chn Remove. File to include : bao g m cc loi file thuc groupFile to exclude : bao gm cc loi file khng thuc group.
Chn OK hon tt.Lc ny group xut hin ti bng
Nguyn Vn Ti 70/147
KHOA TIN HC 2008
- to mt file screen,ti File Server Resource Manager.Nhp chut phi vo File Screens v chn Create File Screen - Ti bng Create File Screen,ti mc File screen path,chn ng dn th mc s p dng file screen. mc How do you want to configure file screen properties ,chn Derive properties from this file screen template s dng cc template sn c trn h thng.
- Nu mun thit lp cc thuc tnh ring bit do mnh t nh ngha,chn Define custom file screen properties,sau click chn Custom Properties.
Nguyn Vn Ti 71/147
KHOA TIN HC 2008
- Ti bng File Screen Properties ,nu mun copy cc thuc tnh t mt template trn h thng, chn mt template t danh sch Copy properties from template v chn Copy - mc Screening type,chn Active screening hoc Passive screening. - mc File group,chn cc file group tng ng vi file screen.
- Sau khi thit lp xong chn OK . - Sau chn Create .Ti bng Save Custom Properties as a Template,nh du chn Save the custom properties as a template v nhp tn template vo mc Template nameOK.
Nguyn Vn Ti 72/147
KHOA TIN HC 2008
- to mt file screen exception ,nhp chut phi vo Files Screen v chn Create File Screen Exception.
- Ti bng Create File Screen Exception, mc Exception path ,chn ng dn n th mc s p dng file screen exception. Trong mc File groups chn cc file group tng ng a vo file screen exception
Nguyn Vn Ti 73/147
KHOA TIN HC 2008
- Chn OK hon tt. 3. Qun l Quota - to mt Quota vo StartAdministrative ToolsFile Server Resource Manager. - Click vo Quota ManagementQuota Templates - khung gia,nhp chut phi vo mt template v chn Create Quota from Template
Nguyn Vn Ti 74/147
KHOA TIN HC 2008
- Ti bng Create Quota, mc Quota path chn ng dn n a hoc th mc cn thit bng cch click vo Browse. - nh du chn vo Create quota on path - mc Derive properties from this quota template,chn mt template ph hp - mc Summary of quota properties,xem li nhng thuc tnh ca template va chn.
- Chn Create to mt quota mi. thay i template ,nhp chut phi vo mt template v chn Edit Template Properties...Ti y c th thay i cc ty ch n cho ph hp vi yu cu ca mnh nh dung lng a s cp quota,hnh thc quota l hard quota hay soft quota
Nguyn Vn Ti 75/147
KHOA TIN HC 2008
To mt Quota Template .- to mt quota template,nhp chut phi vo Quota Templates v chn Create Quota Template
- Trn bng Create Quota Template,nu mun p dng thuc tnh ca template c vo template ca mnh chn mt template trong danh sch mc Copy properties from quota template (optional) v click chn Copy.Nhp tn template vo mc Template Name.Nhp thng tin miu t vo mc Label(optional) . mc Space Limit,bn nhp dung lng cn cp quota v chn kiu hard quota hoc soft quota.C th b sung cc ngng cnh bo
Nguyn Vn Ti 76/147
KHOA TIN HC 2008
mi cho template ca mnh bng cch s dng chc nng Add mc Notification thresholds.Nu mun ty chnh,chn Edit.Sau chn OK hon tt to template.
ty chnh cho quota template va to, nhp chut phi vo quota template v ch n Edit Template Properties..Sau thc hin cc thay i cn thit v chn OK. Ti bng Update Quotas Derived from Template c 3 s la chn : Apply template only to derived quotas that match the original template : cp nht cho cc quota cha tng c hiu chnh k t khi c to ra. Apply template to all derived quotas : cp nht cho tt c cc quota s dng template ny Do not apply template to derived quotas : khng mun thc hin tao tc cp nht quota
Nhn OK hon tt.
- Vo Start Administrative Tools File Server Resoucre Manager..Righ-click vo File Server Resource Manager v chn Configure Options. tab Storage Reports, mc Configure default parameters, click chn loi bo co mun ty chnh v click vo Edit Parameters.Sau tin hnh thay i v chn OK.
Nguyn Vn Ti 77/147
KHOA TIN HC 2008
- xem li cc thit lp va ri,click vo Review Reports
- Sau chn Close v chn OK hon tt thit lp. lp lch xut ra cc bo co,trong File Server Resource Manager,right-click vo Storage Reports Management v ch n Schedule a New Report Task.
Nguyn Vn Ti 78/147
KHOA TIN HC 2008
- Ti tab Settings, mc Scope,click vo Add chn cc a hay th mc cn xut thng tin bo co. mc Report data,chn cc loi bo co t ng ng.V i m i lo i ,b n c th s dng chc nng Edit Parameters ty chnh cc tham s khi c n. m c Report formats,chn cc nh dng lu tr bo co,mc nh l Dynamic HTML (DHTML).
- gi bo co qua email,m tab Delivery,nh du chn vo Send reports to the following administrators v nhp a ch email ca ngi nhn.
Nguyn Vn Ti 79/147
KHOA TIN HC 2008
- tab Schedule,click vo Create Schedule lp lch.Ti bng Schedule ,click vo New.Sau chn thi gian,nu mun thit lp m rng th click chn Advance.
- Chn OK hon tt . - Sau khi thit lp bo co,gi chng ta s xut ra cc bo co theo nhu c u.Chu t ph i vo Storage Reports Management v chn Generate Reports Now . tab Settings,t i m c Scope,click vo Add v chn cc a hay th mc cn xu t thng tin bo co. m c
Nguyn Vn Ti 80/147
KHOA TIN HC 2008
Report data,chn loi bo co tng ng.Vi mi loi, c th s dng chc nng Edit Parameters ty chnh cc tham s khi cn. mc Report formats,chn cc nh d ng l u tr bo co.
- Ti tab Delivery,nh du chn mc Send reports to the following administrator v nhp a ch email ca ngi nhn
Sau chn OK.Ti bng Generate Storage Reports,chn Generate reports in the background lu cc bo co v xem ti th mc lu tr chng.
Nguyn Vn Ti 81/147
KHOA TIN HC 2008
Chn OK hon tt V. DCH V IN N (Print Services) 1. Ci t Print Services Tools khng c ci t mc nh, v vy s dng n cn phi ci t thnh phn ny trc. - Chut phi My Computer Server Manager Chn Features
- Chn Add Features.
Nguyn Vn Ti 82/147
KHOA TIN HC 2008
- Trong mc Add Features Wizard Chn Print Services Tools Click Next.
- Tip tc nhn Install ci t.V sau c nhn Close hon tt vic ci t.
Nguyn Vn Ti 83/147
KHOA TIN HC 2008
2. Truy cp Print Sevices Tools Chn Start Administrative Tools Print Management
Nguyn Vn Ti 84/147
KHOA TIN HC 2008
3. Qun l cc my in trong mng u tin Windows t cc mc All Printers v All Drivers mt cch t ng trong trng hp ny. Bn cnh my ch m chng ta ci t giao di n Print Management l thnh vin ca min Active Directory. Mt im na l tn my ch t ng ng v i mi my in. Mc d cc my in mng nm mt im no trong m ng nh ng Windows s t ng to mt hng i cho mi my in trn my ch. M t trong cc chc nng chnh c a giao din qun l Print Management l cho php qun l in n mng tp trung. VI. DCH V WEB 1. Gii thiu v IIS 7.0 IIS7 c thit k tr thnh mt nn tng Web v ng dng linh ng v an ton nh t cho Microsoft. Microsoft thit k li IIS t nhng nn tng c tr c . I IS c cc tnh nng - Bo mt - Kh nng m rng - Cu hnh v trin khai - Qun tr v chun on - Hiu sut 2. Ci t IIS 7.0 - ci t IIS7.0 nhp phi chut Computer chn Manage.Chn Roles trong Server Manager sau click chn Add roles.
Nguyn Vn Ti 85/147
KHOA TIN HC 2008
- Chn Web Server (IIS) trong mn hnh Select Server Roles.
- Windows s bt mn hnh Add Roles Wizard nhp chn Add Required Features.Chn cc dch v cn thit cho Server .
Nguyn Vn Ti 86/147
KHOA TIN HC 2008
- Nhn Install bt u ci t.
Qu trnh ci t bt u.
Nguyn Vn Ti 87/147
KHOA TIN HC 2008
- Sau khi ci t hon tt s thy trong Administrative Tools xut hin n 2 dch v IIS l IIS6 v IIS7.
VII. DCH V FTP. 1. Gii thiu v FTP. - FTP l ch vit tc ca File Transfer Protocol - Giao thc truyn file. FTP l m t giao thc truyn file trn mng da trn chun TCP nn ng tin c y.Giao th c truy n t i file FTP l cng c qun l files gia cc my. FTP cho php truy n v t i files, qu n l th mc, v ly mail. FTP khng c thit k truy nhp v thi hnh files, nhng n l cng c tuyt vi truyn ti files.Windows Server 2008 h tr 2 version FTP servers l FTP 6.0 v FTP 7.5 . version FTP 7.5 c h tng cng tnh bo mt v cng c cho nh qun tr d qun l. Nhng im mi : FTP Publishing Server mi gm c rt nhiu tnh nng v cc ci thin. - S tch hp vi IIS 7.0 - H tr cho cc chun Internet mi - Chia s hosting - Kh nng m rng - Logging - Cc tnh nng khc phc s c 2. Ci t v cu hnh. 2.1. Ci t. - Vo Server Manager Roles Web Server(IIS)phi chut chn Add Role Services.
Nguyn Vn Ti 88/147
KHOA TIN HC 2008
- Click chn FTP Publishing Service.
- Click Install ci t.
Nguyn Vn Ti 89/147
KHOA TIN HC 2008
- Qu trnh ci t hon tt. Sau nhn Close. 2.2. Cu hnh : to mt FTP site - Trc tin, ta to th mc cn public :
- Vo StartAdministrator ToolsInternet Information Services (IIS) 6.0 Manager.
Bm phi chut vo FTP Sites hoc Default FTP Sitechn NewFTP Site..
Nguyn Vn Ti 90/147
KHOA TIN HC 2008
- in tn gi nh.
- Nhp IP my server v dng port mc nh FTP l 21
Nguyn Vn Ti 91/147
KHOA TIN HC 2008
- Chn cc mc bo v file v ngn chn truy cp: Do not isolate users : cho php tt c user ng nhp vo FTP site. Isolate users : mi user s t c a vo th mc ch nh Isolate users using Active Directory : Cho php user ng nhp vo FTP site nhng phi c account Active Directory.
- Nhp ng dn th mc cn publish
Nguyn Vn Ti 92/147
KHOA TIN HC 2008
- Thit lp quyn hn cho ngi truy cp i vi file.
- Sau nhn Finish hon tt.
Nguyn Vn Ti 93/147
KHOA TIN HC 2008
CHNG 6: USER - GROUP I. GII THIU V LOCAL USER V LOCAL GROUP Thng thng mt my tnh khng phi ch c mt ngi no s dng duy nht m trn thc t ngay c my nh i vn c t nht t 2-3 ngi s dng. Tuy nhin nu tt c mi ngi u s dng chung mt ti khon th nhng d liu ring t ca mnh khng cho ngi khc thy. Nhng nu my tnh l my chung c a cng ty v v n t ra l ta khng mun ti liu ca ngi mnh, ngi khc c th xem ty tin c. Cch tt nht l cp cho mi nhn vin mt my nht nh v yu cu h t password ln my c a mnh, nhng nh th th rt tn km v khng c a chung. Chnh v th ngi qun tr mng s s dng cng c Local Users and Groups to cc ti khon ng i dng trn cng mt my, khi d liu ca ngi ny ngi kia khng th truy cp c. II. TO CC LOCAL USER - to c User local phi c quyn ngang hng vi Administrator ca h thng. -Vo StartProgramsAdministrative Tools Active Directory Users and Computers.
- Chut phi User New User ti bng New Object User in y cc thng tin vo First Name, Last Name, Full Name. - Chn Next tip tc.Xut hin bng thit lp password.y l mt khu c a b n ng vi tn ti khon to trn,dng ng nhp vo domain. - Pasword phi tha mn cc chnh sch mc nh ca Windows Server 2008.Password t nht l 7 k t v phi c cc thnh phn sau : Cc k t thng : a,b,c,d,e.. Cc k t in hoa : A,B,C,D,E. Cc ch s : 1,2,3,4,5.
Nguyn Vn Ti 94/147
KHOA TIN HC 2008
Cc k t c bit : @,!,$,&,#.... - y khng thit lp password v trong Group Policy Management Editor v hiu ha password.
- Lu 4 dng : User must change password at next logon : bt buc user phi thay i password ln ng nhp k tip User cannot change password : user khng c quyn thay i password Password never expires : password khng c thi hn qui nh Account is disabled : v hiu ha ti khon. - y s khng chn mc no ht. Nhn Next.
Nguyn Vn Ti 95/147
KHOA TIN HC 2008
- Chn Next tip tc. bng tip theo l thng tin v user chun b c to.
- Chn Finish kt thc. - Tip theo,kim tra th user c to .Click p vo User v kim tra.
Nguyn Vn Ti 96/147
KHOA TIN HC 2008
gn cho User c th ng nhp vo domain. Vo Group Policy Management Editor. Chn Allow log on through Terminal Services.
Add User or Group Browse nh tn user ri Check Names OK.
Nguyn Vn Ti 97/147
KHOA TIN HC 2008
User tai , phat c chn logon. V nhn OK Vo Logon as a Service. Cng gn quyn cho user nh trn. User tai , phat c gn quyn c logon.
Xong sau vo Start Run g lnh gpupdate /force cp nht user. Sau Log off ng nhp user vo Administrator.Nhp tn user c gn quyn v nhn OK.(khng cn password) v khi ny ta khng nhp password. Vo Start xem user ng nhp vo.
Nguyn Vn Ti 98/147
KHOA TIN HC 2008
III. TO LOCAL GROUP to mt group mi.Nhp chut phi vo User v chn New Group.
Ti Group name g tn group.Sau chn OK
Nguyn Vn Ti 99/147
KHOA TIN HC 2008
Kim tra li group c to bng cch click vo User
a user vo group phattai ,nhp chut phi vo group v chn Properties. Ti tab Member.Chn Add.. Ti Enter the object name to select bn g tn user mun a vo group. Sau khi g tn user,chn Check Names kim tra. V kt qu l tn ti user ny trn domain.
Nguyn Vn Ti 100/147
KHOA TIN HC 2008
Sau khi thm user vo group.Chn OK xc nhn CHNG 7: POLICY) I. ACCOUNT POLICY 1. Password policy Vo Aministrator Local Sercurity Policy Account policies. CHNH SCH BO MT (GROUP
Nguyn Vn Ti 101/147
KHOA TIN HC 2008
Trong ny bao gm cc mc: Password must meet complexity : khi t password cho wins phi c phc tp.(hoa, thng, s, k t c bit). Mc nh tnh nng ny s b disable, gia tng ch bo mt nn chn Enable Minimum password age: mc nh gi tr ny l 0 nu ta thay n bng con s khc 0 VD l 3 chng hn th user ch c quyn thay i password 3 ngy mt ln m thi. Minimum password length: di ti thiu ca password Enforce password history: nh bao nhiu password khng cho t trng. Store password using reversible : m ho password. 2. Account lockout policy Account lockout threshold: kho account khi ng nhp sai. Account lockout duration: kho account trong 30 pht khi ang nhp sai. Reset account lockout counter after: xo b nh nh pass.
II. LOCAL POLICY 1. User rights assignment: Vo Administrator Local Sercurity Local policies.
Nguyn Vn Ti 102/147
KHOA TIN HC 2008
Deny logon locally: chn user khng cho ng nhp vo my tnh. Change the system time: nhng ngi c thay i gi h thng. Shutdown the system: nhng ngi c quyn tt my. Allow log on through Terminal Services: cho php ng nhp. Log on as a Service: ng nhp nh mt dch v. V cn rt nhiu tnh nng khc 2. Sercurity options
Nguyn Vn Ti 103/147
KHOA TIN HC 2008
Interactive logon: Do not display last user name: Khi user logout my ca s ng nhp s khng ghi li account user va logon. Interactive logon: Message text for users attempting to log on: Bn c th nhn gi mt ni dung no ti cc user trc khi h logon vo my vi ni dung nhn gi y. Interactive logon: Message title for users attempting to log on : Bn nhp tiu ca hp ni dung nhn gi vo y.
CHNG 8: QUYN TRUY CP NTFS
Nguyn Vn Ti 104/147
KHOA TIN HC 2008
I. KIM SOT QUYN TRUY CP H THNG TP NTFS 1. Phn quyn n gin - Windows c mt c ch kim sot truy nhp rt n gin l share ng th i phn quy n. Mun share, chn lnh Share..., ln lt Add mt folder, hy click nt ph c a con chu t vo folder y, s hin context menu tng nhm ngi dng (hay t ng ngi dng), c m i nhm chn Permission Level phn quyn cho nhm y. Xong n nt Share. - Theo cch ny, mi nhm c th c mt trong ba quyn truy nhp. Reader (ngi xem). Xem ton b ni dung folder. Contributor (ngi ng gp). Xem ton b ni dung folder, c th to thm file v folder v sa file / folder m bn thn thm. Co-owner (ng ch s hu). Xem v sa ton b ni dung ca folder, k c cc file/folder m ngi khc to ra.
- Ba quyn ny khng c lp vi nhau. Co-owner bao hm Contributor, v Contributor l i bao hm Viewer. - C ch ny rt d dng v tin dng, nhng khng dng c trong nhi u tr ng h p. Hn na, c ch ny khng c trn Windows Server 2003 m ch c Windows Server 2008. 2. Phn quyn c bn 2.1. Gii thiu c ch phn quynNTFS - C ch kim sot truy nhp c bn trn Windows Server l k t h p gi a hai c ch phn quyn: phn quyn trn h thng tp NTFS v phn quyn trn giao th c chia x t p CIFS (hay cn gi l phn quyn share). Phn quyn CIFS c ba quyn: Read (c) Change (sa) Full Control (ton quyn).
Nguyn Vn Ti 105/147
KHOA TIN HC 2008
- Ba quyn ny khng c lp vi nhau. Full Control bao hm Change, v Change bao hm Read. - Phn quyn NTFS c 6 quyn: Full Control (ton quyn), Modify (sa), Read & Execute (c tp v chy chng trnh),List folder contents (hin ni dung th mc), Read ( c), v Write (vit).
- Khi truy nhp server t my trm, quyn truy nhp l giao gi a hai quy n CIFS v NTFS. Do , trong thc tin lm vic, gim bt s phc tp, khi to nhiu share trn m t
Nguyn Vn Ti 106/147
KHOA TIN HC 2008
server, c th v nn to cc share y theo cng mt quyn (CIFS) thng nht cho mi share v mi ngi dng, c th: Trn mi share t qun, Everyone c quyn Full Control. Trn mi share qun ch, Everyone c quyn Change. - S phn bit quyn truy nhp gia cc nhm khc nhau v trn cc share khc nhau khi s ch th hin phn quyn NTFS. 2.2. Cc cng c phn quyn NTFS - Tt c quyn truy nhp c s ca NTFS l : Traverse folder/execute file (i xuyn qua folder / thi hnh file). List folder/read data (hin th mc, c d liu). Read attributes (c thuc tnh). Read extended attributes (c thuc tnh m rng). Create files/write data (to file, vit d liu). Create folders/append data (to folder, ni d liu). Write attributes (vit thuc tnh). Cho php thay i cc thuc tnh ca file v folder. Write extended attributes (vit thuc tnh m rng). Delete subfolders and files (xa folder con v file). Delete (xa). Read permissions (c quyn). Change permissions (i quyn). Take ownership (ot ch quyn).
Nguyn Vn Ti 107/147
KHOA TIN HC 2008
- Khi phn quyn cho mt folder, quyn phn s c th s p d ng ln c cc folder con v file bn trong, vic ny gi l tha k. Vic tha k thc hin theo mt trong su ki u sau y. This folder only (ch folder ny thi). Quyn ch p dng cho folder ny, khng tha k. This folder, subfolders and files (folder ny, cc folder con v cc file). Quyn p dng cho folder ny, cc folder con v cc file. Tha k ton phn. This folder and subfolders (folder ny v cc folder con). Quyn p dng cho folder ny v cc folder con. Cc folder con tha k. This folder and files (folder ny v cc file). Quyn p dng cho folder ny v cc file. Cc file tha k. Subfolders and files only (cc folder con v cc file thi). Quyn p dng ch cho cc folder con v cc file. Tha k ton phn ngoi tr bn thn. Subfolders only (ch cc folder con thi). Quyn p dng ch cho cc folder con. Cc folder tha k ngoi tr bn thn.
2.3. Thc hin cc quyn c bn ca d liu doanh nghip trn NTFS - Trong h thng tp NTFS, nm quyn c bn trn folder d liu doanh nghip c thc hin theo nhng cng thc sau y: Quyn s dng = Read & Execute, List Folder Contents v Read this folder, subfolders and files. Quyn ng gp = quyn s dng + Create files / Write data v Create folders/Append data this folder and subfolders. Quyn bin tp = quyn s dng + Modify v Write this folder, subfolders and files. Quyn xem th mc = List folder / Read data this folder and subfolders.
Nguyn Vn Ti 108/147
KHOA TIN HC 2008
Quyn xem quyn = Read Permissions this folder and subfolders. Quyn xem quyn = Read Permissions this folder, subfolders and files.
II. NGUYN TC KHI P DNG QUYN TRUY CP 1. Nguyn tc hoch nh th mc chng trnh Di y l 1 s nguyn tc chung cn p dng khi ch nh cc cp truy c p NTFS cho th mc: - B quyn truy cp NTFS mc nh cp Full Control t nhm Everyone v em cp cho nhm Administrators. - Ch nh cp truy cp Full Control hoc Change i vi th m c thch h p cho nh ng nhm chu trch nhim nng cp v x l li phn mm. - Nu cc chng trnh mng thng tr dung chung, c p quy n truy c p c p Read cho nhm Users. 2 Nguyn tc hoch inh th mc d liu B quyn truy cp NTFS cp mc nh Full Control t nhm Everyone v em cp cho nhm Administrators. Ch nh cp Add&Read cho nhm Users v cp PC cho nhm CreatorOwner. Vic ny s cung cp cho ngi dng ng nhp c c b kh nng h y b v s a ch a ch nhng th mc v tp tin h sao chp hoc to ra trn my tnh m h ng nhp. 3. Nguyn tc hoch nh th mc c nhn Tp trung mi th mc c nhn trn 1 Volume NTFS ring bit vi Volume ch a h iu hnh v cc chng trnh, nhm hp l ha cng tc qun tr v sao lu d liu Dng bin %UserName% t ng gn tn ti khon ca ngi dung cho th mc v t ng ch nh quyn truy cp NTFS cp PC cho ngi tng ng. 4. To th mc c nhn (Home Folder) trn Volume NTFS
Nguyn Vn Ti 109/147
KHOA TIN HC 2008
- Lu tr th mc c nhn trn mt Volume NTFS c thun l i r t l n, c th t ch c chng thnh h thng phn tng v gii hn kh nng truy cp nhng ng i dng t ng ng m khng cn chia s tng th mc. III. SHARE PERMISSION - u tin m trnh Windows Explorer ra chn Organize Folder and Search Options.
- Chn Tab View sau click b chn mc Use Sharing Wizard (Recommended).
Nguyn Vn Ti 110/147
KHOA TIN HC 2008
Trong Windows server 2008 chia s mt th mc no nhp chut phi vo th m c cn share chn Share
- Nhp chn Advanced Sharing...
Nguyn Vn Ti 111/147
KHOA TIN HC 2008
- Share Name my s t ly tn default l tn th m c hi n hnh b n c th ch nh s a tn ny ty .
Vi cc ty chn l Allow: User c quyn truy cp ti nguyn vi quyn hn tng ng. Vi cc ty chn l Deny: User khng c quyn truy c p ti nguyn v i quy n h n t ng ng.
Nguyn Vn Ti 112/147
KHOA TIN HC 2008
thc hin phn quyn cho cc Group th ta cn Deny tt c cc quyn ca Group User ny. Sau khi Deny tt c cc quyn ca Group User nh p nt Add th thm Group ho c User vo.
Trong ny gi s Add thm User tai v cng Set quyn cho User ny l Deny tt c mi quyn.
Nguyn Vn Ti 113/147
KHOA TIN HC 2008
Tng t Add thm User phat v Set quyn cho User ny l Allow tt c mi quyn.
to mt th mc m khng mun cho ai thy (ch c g lnh mi vo c) th thm du $ vo ngay sau Share Name ca mnh.
Nguyn Vn Ti 114/147
KHOA TIN HC 2008
VD: My c IP l 192.168.1.10 v th mc Share c tn l New Folder (2)$. Trong ny gi s ta Add thm User tai v Set quyn cho User ny l Allow t t c m i quy n. Khi truy cp t my khc vo phi nhp l \\172.16.1.10\New Folder (2)$ th mi vo c.
By gi t mt my Client khc, truy cp th mc New Folder (2) vi User l tai
My s bo l khng c li vo l do l Set cho User tai b Deny tt c. User tai b t chi truy cp New Folder (2) . Tuy nhin vi User phat th c th xem c cc ti nguyn trong ny.
Nguyn Vn Ti 115/147
KHOA TIN HC 2008
xem cc th mc Share n trong Windows , vo Administrative ToolsShare and Storage Management.
Nguyn Vn Ti 116/147
KHOA TIN HC 2008
Trong ny s lit k ton b cc th mc Share trc .
trnh phi mt cng nhp dng lnh \\[IP my ti]\[th mc share] chng ta c th nh x a i vi cc th mc Share thng xuyn truy cp bng cch nhp ph i vo th mc Share cn nh x v chn Map Network Drive
Nguyn Vn Ti 117/147
KHOA TIN HC 2008
Trong ca s Map Nerwork Drive hin ra bn chn tn a nh x v click Finish.
Vo Computer s thy xut hin thm a mi ( a nh x). Nhp vo y s i n ngay th mc m bn va nh x.
Nguyn Vn Ti 118/147
KHOA TIN HC 2008
CHNG 9 : XY DNG M HNH MNG MT CNG TY
Nguyn Vn Ti 119/147
KHOA TIN HC 2008
I.CU HNH DA CH IP, DHCP,DNS 1. Cu hnh a ch IP IP address Subnet mask Default gateway Preferred DNS 2. Cu hnh DHCP Server 192.168.1.10 255.255.255.0 192.168.1.10 192.168.1.10 Client 192.168.1.11 30 255.255.255.0 192.168.1.10 192.168.1.10
3.Cu hnh DNS
II.
TO OU,USER V GROUP
Nguyn Vn Ti 120/147
KHOA TIN HC 2008
Cng ty taiphat gm 4 phng : Phng Gim c , Phng K Ton , Phng K Thut , Phng Kinh Doanh.
Phng Gim c gm 3 user : gd1, gd2, gd3.
Phng K ton gm 4 user : kt1, kt2, kt3, kt4.
Nguyn Vn Ti 121/147
KHOA TIN HC 2008
Phng K thut gm 3 user : kth1, kth2, kth3.
Kinh Doanh gm 3 user : kd1, kd2 , kd3.
Nguyn Vn Ti 122/147
KHOA TIN HC 2008
III. GROUP POLICY,DICK QUOTA 1. Phng Gim c : cc user ca phng gim c c ton quyn trn domain v dung lng a khng gii hn, khng qui nh thi gian vo mng.
Nguyn Vn Ti 123/147
KHOA TIN HC 2008
2. Phng K Ton : cc user thuc phng k ton c cc yu c u l m t kh u t nh t ph i 8 k t, thi gian thay i mt khu l 30 ngy, ngi dng ng nh p sai 3 l n s b kha account, thi gian kha s l 5 pht, user khng phi n t h p phm Ctrl+Alt+Del khi ng nhp, dung lng a ti a l 100 MB, thi gian vo mng t 8h sang -> 14h cc ngy th hai, t , su.
Mt khu t nht 8 k t, thi gian thay i mt khu l 30 ngy
Nguyn Vn Ti 124/147
KHOA TIN HC 2008
ngi dng ng nhp sai 3 ln s b kha account, thi gian kha s l 5 pht
user khng phi n t hp phm Ctrl+Alt+Del khi ng nhp
Nguyn Vn Ti 125/147
KHOA TIN HC 2008
dung lng a ti a l 100 MB
thi gian vo mng t 8h sang -> 14h cc ngy th hai, t , su 3. Phng Kinh Doanh : Khng cho php user trn Client truy cp vo cha h iu hnh ( C), khng c ci t chng trnh, khng c truy cp vo registry, khng c truy cp Control Panel trn my Client, dung lng a ti a l 100 MB, th i gian ng nh p t 8h -> 15h th ba, nm , by
Nguyn Vn Ti 126/147
KHOA TIN HC 2008
Khng cho php user trn Client truy cp vo cha h iu hnh ( C)
khng c ci t chng trnh
Nguyn Vn Ti 127/147
KHOA TIN HC 2008
khng c truy cp vo registry
khng c truy cp Control Panel trn my Client
Nguyn Vn Ti 128/147
KHOA TIN HC 2008
dung lng a ti a l 100 MB
thi gian ng nhp t 8h -> 15h th ba, nm , by 4. Phng K Thut : mt khu ngoi vic c 8 k t tr ln th cn phi c m t kh u kh, tc l phi c thm cc k t (- _ ? / ). Khng cho php Auto play t t c cc lo i a k c USB. Dung lng a ti a l 100MB . Thi gian vo mng t 5h -> 10h v t 13h -> 18h cc ngy th hai, nm , by , ch nht
Nguyn Vn Ti 129/147
KHOA TIN HC 2008
mt khu c 8 k t tr ln, phi c mt khu kh
Khng cho php Auto play tt c cc loi a k c USB
Nguyn Vn Ti 130/147
KHOA TIN HC 2008
Dung lng a ti a l 100MB
Thi gian vo mng t 5h -> 10h v t 13h -> 18h cc ngy th hai, nm , by , ch nht IV. CHIA S D LIU - Thit lp permission trn th mc DATA : cho php cc user phng K Ton, phng Kinh Doanh, phng K Thut, ch c php c d liu, nhng khng c c cc thuc tnh, v cc thuc tnh m rng, cc user phng Gim c th ton quyn.
Nguyn Vn Ti 131/147
KHOA TIN HC 2008
Nguyn Vn Ti 132/147
KHOA TIN HC 2008
- Thit lp permission trn th mc DATA chung : cho php cc user phng K Ton, phng Kinh Doanh, phng K Thut, c php c d liu v c cc thu c tnh, c php to file v vit d liu, nhng khng c php thay i cc thuc tnh c a file v vi t cc thuc tnh m rng, c php xa nhng khng c xa file.
Nguyn Vn Ti 133/147
KHOA TIN HC 2008
- Thit lp permission trn th mc K Ton : cho php cc user phng K Ton c quyn c, nhng ch c c d liu khng c c cc thuc tnh ca file. c php to file v vit d liu, v c quyn xa sa. Cn cc user phng Kinh Doanh v K Thut ch c php c d liu.
cho php cc user phng K Ton c quyn c, ch c c d liu khng c c cc thuc tnh ca file. c php to file v vit d liu, v c quyn xa sa
Nguyn Vn Ti 134/147
KHOA TIN HC 2008
cc user phng Kinh Doanh v K Thut ch c php c d liu. - Thit lp permission trn th mc Kinh Doanh : cho php cc user phng Kinh Doanh c php c d liu v cc thuc tnh. c php vit d li u,t o file, folder. c php thay i cc thuc tnh ca file v folder nhng khng c php xa file v folder. Cn cc user phng K Ton v phng K Thut ch c quyn c d liu.
Nguyn Vn Ti 135/147
KHOA TIN HC 2008
cc user phng Kinh Doanh c php c d liu v cc thuc tnh. c php vit d liu,to file, folder. c php thay i cc thuc tnh ca file v folder nhng khng c php xa file v folder
cc user phng K Ton v phng K Thut ch c quyn c d liu. - Thit lp permission trn th mc K Thut : cho php cc user phng K Thut c php to file, c d liu v c cc thuc tnh m rng, nhng khng cho php t o folder, vit cc thuc tnh m rng v khng c xa file. Cc user o phng Kinh Doanh v phng K Ton ch c php c v ghi d liu
Nguyn Vn Ti 136/147
KHOA TIN HC 2008
cc user phng K Thut c php to file, c d liu v c cc thuc tnh m rng, nhng khng cho php to folder, vit cc thuc tnh m rng v khng c xa file
Cc user o phng Kinh Doanh v phng K Ton ch c php c v ghi d liu V. KIM TON Thit lp kim ton nhm ghi nhn li nhng trng hp truy cp tri php. Click phi th mc daata Properties.
Nguyn Vn Ti 137/147
KHOA TIN HC 2008
Tab Security Chn Advanced.
Tab Auditing Chn Edit.
Chn Add.
Nguyn Vn Ti 138/147
KHOA TIN HC 2008
Nhp Everyone Check Names OK.
Chn tt c cc chn la OK.
Nguyn Vn Ti 139/147
KHOA TIN HC 2008
V nhn OK hon tt. M Group Policy Management. Click phi ln Default Domain Policy Edit.
Click phi Audit object access Properties. Chn Define these policy settings Chn Success , Failure.
Nguyn Vn Ti 140/147
KHOA TIN HC 2008
M Run nhp lnh GPUpdate /Force. Kim tra : Trn my client log on KT1 truy cp vo th mc daata bo li khng c quyn truy cp.
Trn my Server M Event Viewer.
Nguyn Vn Ti 141/147
KHOA TIN HC 2008
M Windows Logs Security M cc event Audit Failure (& event id 5140).
Quan st thy trng hp truy cp tri php ca KT1 vo th mc daata c ghi nhn li.
Nguyn Vn Ti 142/147
KHOA TIN HC 2008
VI. QUN L MY IN To 4 my in c tn l ph giam doc, ph ke toan ,ph kinh doanh, ph ki thuat tng ng cho mi phng .
Nguyn Vn Ti 143/147
KHOA TIN HC 2008
Gn quyn cho cc user phng Gim c c quyn in trn my in tn ph Gim c. V cho my in ny lun trng thi sn sng, gn u tin cho my in ny l 2.
Ring user gd1 c quyn thay i cc cu hnh v c quyn xa ti li u c s dng trn my in ph Gim c.
Nguyn Vn Ti 144/147
KHOA TIN HC 2008
Trn my in ph K Ton cc user phng K Ton c quyn in trn my in ny, th i gian c in t 7h sng n 18h chiu . Mc u tin 1, cc user phng Gim c c php in trn my in ny, ring user gd1 c php ton quyn.
Nguyn Vn Ti 145/147
KHOA TIN HC 2008
Trn my in ph Kinh Doanh cc user phng Kinh Doanh c quy n in trn my in ny, mc u tin cho my in ny l 1, thi gian c in t 9h sng n 14h chi u. User gd1 c ton quyn.
Nguyn Vn Ti 146/147
KHOA TIN HC 2008
Trn my in ph K Thut cc user phng K Thut c quyn in trn my in ny, th i gian c in t 8h sng n 16h chiu, mc u tin l 1.
Nguyn Vn Ti 147/147

Windows Server 2008

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Windows Server 2008

Uploaded by

Copyright:

Available Formats

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

CHNG 1: GII THIU WINDOWS SERVER I. WINDOWS NT SERVER

III. MT S TNH NNG MI 1. Cng ngh o ha Hyper-V

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

IV. CC LI CH CA WINDOWS SERVER 2008

CHNG 3: CI T WINDOWS SERVER 2008

I. II. III. IV.

YU CU PHN CNG CC CCH CI T NNG CP LN WINDOWS SERVER 2008 CC BC CI T

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

GII THIU WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

1. Windows Server 2000

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

4. Bng cc tnh nng trong Windows Server 2008

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

CHNG 2: TNG QUAN V WINDOWS SERVER 2008

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

Click Install now bt u ci t.

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

Chn Custom (advaneced) tin hnh ci t ty chn.

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

Click OK tin hnh thay i mt khu.Sau ng nh p vo b ng m t kh u v a thay i. n y qu trnh ci t kt thc.

TO DNG DOMAIN CONTROLLER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

KHOA TIN HC 2008

QUN TR MNG WINDOWS SERVER

Ci t c thc hin thnh cng. Kch Close.

Lc ny vo menu Start, nh dcpromo vo hp tm kim. Kch dcpromo.