You are on page 1of 46

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

M U
Sau hn 30 nm ra i v khng ngng pht trin, mng Internet mang nhng c im
ni tri m trong chng ta khng ai c th ph nhn, t kh nng lin kt mnh m n
ngun thng tin di do cng nh vn thi gian v tc x l thng tin. Nhng song
song vi nhng u im th mng Internet li cha ng trong n nhng him ha
khn lng.
Hy tng tng mt ngy p tri no , nhng thng tin mt m chng ta c cng
ct giu li b phi by ra trc tt c mi ngi, n b nh cp m ngay chnh bn thn
chng ta cng khng bit l n b ly i! Thng tin mt ca mt con ngi quan
trng, nhng nu n l thng tin mt ca mt cng ty, mt t chc hay cao hn l ca
quc gia? iu g s xy ra khi n b nh cp?
Trong h thng mng Workgroup, thng tin khng c qun l tp trung dn n rt
nhiu bt cp trong vn qun l cng nh kh nng bo ton d liu. V vy trong mt
cng ty nu s dng mng ny chia s thng tin s v cng nguy him, s dng h
thng mng c qun l theo m hnh Domain l iu tt yu. Mt cng ty vn cha
ng rt nhiu thng tin v trong c nhng thng tin mang tnh chin lc cho s pht
trin ca cng ty, vn qun l v bo mt thng tin c t ln hng u. c th
to dng mt h thng thng tin ni b, d dng cho nhn vin s dng, thun tin cho
cng vic qun l cng nh vic trao i thng tin th vic xy dng h thng File Server
l rt cn thit. T thng tin c qun l tp trung v s dng chin lc Backup
Restore hp l trnh tnh trng thng tin b tht thot!
Da trn tnh hnh thc t, nhm chng ti nghin cu v pht trin d n Kho st ,
thit k v trin khai h thng mng cho doanh nghip vi tnh n nh v bo mt cao
tp trung khai khc cc u im ca File Server .
Chng ti tin tng rng, vi n ny, chng ti c th gip cc cng ty qun l, s
dng v bo mt tt thng tin cng ty tn dng tt cng ngh v ph hp vi ngun ti
chnh ca mt cng ty va v nh ang trn pht trin.

Trang 1

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

CHNG 1 : PHN TCH YU CU


1.

Hin trng cng ty do khc hng cung cp :


C.TY TNHH Giao Nhn Vn Ti Quc T T.S.N l mt cng ty vn ti ng b ,

ng st v ng hng khng . Hin ti cng ty ang ta lc ti mt to nh


TP.HCM. hot ng gn 10 nm v mun xy dng h thng mng ni b m hnh
domain cho cng ty.
Cu trc to nh ca cng ty gm mt tng trt v ba tng lu. Tng mt c s
dng cho ba phng ban, tng hai cho hai phng ban, tng ba l tng qun l tp trung
cc my ch quan trng ca cng ty.
Chi tit: Nhn s v phng ban trong cng ty:
Phng Hnh chnh nhn s: 10 ngi (tng 1)
Phng K hoch kinh doanh: 10 ngi (tng 1)
Phong K Thut: 10 ngi (tng 1)
Phng Ti chnh K Ton: 20 ngi (tng 2)
Phng Ban Gim c: 4 ngi (tng 2)
2.

Thng tin v yu cu ca khch hng :


Xy dng h thng File Server v chin lc sao lu phc hi d liu cho user trong

h thng mng ca Cty vi cc yu cu sau:


Mi Nhn vin u c quyn tng ng trn File Server
H thng File Server cha ti nguyn phi c chia s
Mi Nhn vin khi logon vo h thng s c 2 a mng (dng chung v dng
ring).
Mi Nhn vin khi lm vic d liu phi c lu trn File Server,Khng cho
php nhn vin lu tr d liu trn my local.
Xy dng chin lc sao lu v phc hi d liu cho h thng File Server
Gi thnh h thng hp l, khng vt qu 500 triu ng cho c h thng
Trang 2

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Ni dung chuyn mn cn c :
WSUS
Remote Assistant : dng h tr support t xa khi ngi qun tr t internet
remote v cng ty.
Group policy: account, local, software restriction.
File server: Sharing & NTFS permission, backup & restore.
User & Group: home folder, script (log in).
DHCP.
DNS.
Printer server: ngoi cc cu hnh c bn c thm phn c th s dng printer qua
internet.
RAID
Web, FTP c publish(NAT) ra internet dng RRAS.
Deploy antivirus.

3. Thng tin qua kho st thc t :


3.1 V cu trc ta nh : ng nh thng tin cung cp ca khch hng .
3.2 V hin trng cng ty : l cng ty va v nh ang trn pht trin, kh nng ti
chnh cng c gii hn. V th cn s dng nhng gii php ph hp.
Cng ty hin ang s dng mng workgroup m hnh nh sau:

Trang 3

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Trang 4

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

CHNG 2 : GII PHP


1. Thit k logic v thit k vt l :
Cng ty cn xy dng 1 h thng mng theo m hnh domain qun l tp trung
to iu kin thun li cho vic qun tr h thng mng.
C tc c 5 server, trn mi server chy cc dich v khc nhau tit kim chi ph.
Chi tit v cc dch v trn m hnh chc nng sau:

M hnh thit k vt l ca h thng nh sau :

Trang 5

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

2. La chn thit b v cng ngh :


Cc linh kin thit b c:
53 computer cu hnh mnh v va
2 witch 24 port, 1 switch 16 port, 2 switch 8 port
1 my in LaserJet
Cc thit b cn mua mi:
Thit b

Yu cu

S lng

Server

Server

Modem ADSL

Switch

8 port

Printer

LaserJet

Cable

RJ45-ADC

450 m

Trang 6

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Cng ngh s dng: Tn dng ti a cng ngh ca Microsoft kt hp thm cc dch


v ph tr khc.
u im : cng ngh ph bin v gi thnh r .
Nhc im: h thng c th xy ra li do phn mm nn cn c nhn vin k thut
chuyn mn h tr.
Chi tit v cng ngh s dng:
S dng Windows Server 2003 ci t v qun l tc c cc dch v quan trng
trong cng ty

File server: Lu tr, chia s, qun l d liu tp trung

Domain Controller, DNS, DHCP server: qun l h thng cc i tng, phn

gii tn, cp pht IP ng cho ton b vng mng LAN

Web, FTP, Printer server: Qun l web, ftp v my in mng.

RIS, WSUS: trin khai h iu hnh, cp nht cc bn v li cho h thng

RRAS, Antivirus: lm chc nng router (Lan-Routing, VPN, NAT), qun l vic

qut virus cho cc antivirus client trn my nhn vin v cp nht cc bn dit virus
mi t internet.

3. Chi ph :
( Gi thnh ti thi im thng 12/2011)
Thit b

Yu cu

S lng

Gi thnh

Tng cng

Server

Server

890 $

4450 $

32 $

32 $

Modem ADSL
Switch

8 port

15 $

30 $

Printer

LaserJet in mng

382 $

1528 $

Cable

RJ45-ADC

450m

85$ /thng

135 $

Tng chi ph linh kin: 5793$ (cha bao gm cc chi ph pht sinh v bn quyn phn
mm)
Tng ng: 121.653.000 ng (t gi USD: 21.000 thng 12/2011)

Trang 7

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

4. ng truyn kt ni :
ng truyn trong mng LAN: s dng cp RJ45 tc 100 Mbps
ng truyn Internet: s dng gi cc MegaOFFICE ca FPT
Tc truy cp Internet ti a Download 3,072 Kbps Upload 640 Kbps
Cam kt v tc truy cp Internet ti thiu Download T 128 Kbps Upload T
128 Kbps.

CHNG 3 : PHNG N TRIN KHAI


1. Bng phn hoch IP :

Trang 8

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Deseription

Interface

IP

Mack

Modem ADSL

External

192.168.1.113 255.255.255.252

192.168.1.113

DNS ISP

External

192.168.1.114 255.255.255.252

192.168.1.113

DNS ISP

Router

Internal Server 192.168.1.101 255.255.255.240

Antivirus

LAN Floor 1

192.168.1.1

LAN Floor 2

192.168.1.65 255.255.255.224

Default Gateway DNS Server

255.255.255.192

DC 1

192.168.1.97

DNS 1

Internal Server 1192.168.1.97 255.255.255.240

192.168.1.101

192.168.1.98

DHCP 1

For wader : ISP

DC 2

192.168.1.97

DNS 2

Internal Server 1192.168.1.98 255.255.255.240

192.168.1.101

192.168.1.98
For wader : ISP

DHCP 2
File Server

192.168.1.97
WSUS Server

Internal Server 192.168.1.99 255.255.255.240

192.168.1.101
192.168.1.98

RIS Server
Web Server
192.168.1.97
FTP Server

Internal Server 1192.168.1.100 255.255.255.240

192.168.1.101
192.168.1.98

Printer Server
Floor 1

Floor 2

LAN_Floor 1

LAN_Floor 2

192.168.1.2
255.255.255.192
192.168.1.62
192.168.1.66
255.255.255.224
192.168.1.94

192.168.1.97
192.168.1.1
192.168.1.98
192.168.1.97
192.168.1.65
192.168.1.98

2. Thit k v xy dng s h thng:


2.1 Thit k v xy dng Domain :

Trang 9

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Xy dng cu trc Active Directory

Chc nng ca Domain Controller:


My DC gip qun l cc i tng nh domain, ou, group, user, my in, v rt
nhiu cc i tng khc. my DC hot ng n nh, cu hnh ng l cc k
quan trng. Ta tin hnh xy dng 2 DC ng cp trn h thng gip ti u ha kh
nng lm vic cng nh s an ton cho h thng.
u im:
Hai my DC ng cp c c cu Replicate d liu qua li v hot ng ngang hng.
Khi c mt user gi yu cu ln DC1 x l, thng tin t user th 2 s c tip nhn
bi DC2. Hai my ny s thay phin nhau lm vic, gip h thng vn hnh nh nhng
hn.
Khi c mt my trong h thng khng hot ng na, my DC cn li s c nhim
v thc hin ht tc c cc cng vic iu hnh v qun l cc i tng. Gip h
thng vn vn hnh tt khi c s c vi mt my DC no .
Khi xy dng 2 dc ng cp, d liu truyn qua gia 2 my ny theo c ch nhn
bn (Replicate), bo mt v khng chim qu nhiu bng thng h thng nh qu trnh
transfer.
Ta xy dng 2 my Domain controller ng cp ln lt nh sau:
DC1:

Trang 10

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Domain type: Forest Root Domain


Full quality domain name: server01.tsn.vn
DC2:
Domain type: Additional Domain
Full quality domain name: server02.tsn.vn
DC1 v DC2 ng cp hot ng ngang hng chia s thc hin cc yu cu t cc
client trong h thng. Khi DC1 b s c DC2 c nhim v thc hin qun l cc i
tng cho DC1
2.2 Xy dng cu trc OU v Group :

Chin lc Group c s dng: A-G-P, p dng khi forest c mt domain v t user.


Gii thch chin lc A-G-P : Account Global Group Permission. Cc User
Account (A) c a vo Global Group (G), v gii hn quyn ti group ny (P).
u im:
Cc group khng lng vo nhau nn vic x l s c s d dng hn

Trang 11

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Ti khon thuc v mt phm vi nhm n l.


Nhc im:
Ti mi thi gian mt ngi dng xc nhn vi mt ti nguyn. Server kim tra
thnh vin ca nhm v xc nh n c phi l member khng?
S thc thi b gim st vi v nhm global khng c Cache.
Bng thit k Group cho cng ty C.TY TNHH Giao Nhn Vn Ti Quc T T.S.N :
Group Scope
Group

Group Type
OU

Doman Global Universal Security Distribute


Local

BanGiamDoc

BanGiamDoc

ThuKy

BanGiamDoc

KToan

KeToan

HC-NS

HanhChinhNhanSu

KT-KD

KeHoachKinhDoanh

KThuat

KyThuat

2.2.1 Chin lc Backup v Restore Active Directory :


m bo s an ton cho d liu v kh nng hi phc d liu khi cn thit. Ta tin
hnh backup v restore cho Active Directory
2.3.1

Yu cu khi thc hin Backup Restore cho Active Directory:

m bo d liu c lu tr tt phc hi sau backup


La chn thi ng thi im backup khng gy nh hng hot ng ca my
ch
S dng cc chin lc restore hp l khi gp nhng s c khc nhau trn AD

Trang 12

Thc Tp Tt Nghip

2.3.2

GVHD : Ths . Hunh Tn Phc

nh hng thc hin:

S dng thit b lu tr chuyn dng cho vic backup l Tape Driver: Hewlett
Packard StorageWorks DAT 24 (DW069A) DAT Tape Drive DAT, 12 GB, USB 2.0
Interface, Internal Enclosure, 1.5 MBps, For: PC Platforms. Gi: 220$
Chn thi gian backup thch hp tt nht l vo nhng lc vng nhn vin lm vic
nh vo lc ngh tra hoc sau gi lm vic.
S dng cc chin lc restore ph hp nh: Primary, Non-Authoritative,
Anthoritative
2.3.3 Cch thc hin:
a. Backup System State: dng backup li database ca Active Directory. Dng
chng trnh backup NTBACKUP c sn ca Windows tin hnh backup system
state cho h thng.
b. Restore AD: Ty vo cc trng hp khc nhau ca s c Domain Controller ta tin
hnh cc kiu restote database khc nhau
Trng hp 1: Authoritative Restore
Khi chn cch phc hi ny t my DC1 (file backup trn my ny), d liu c
nhn bn (replicate) ngc li t my DC2. Nu mun chn gi li i tng no
c to ra sau thi im backup trn DC1 ta s chy dng lnh NTDSUNTIL gi
li i tng .
Gi s mun gi li user NV-Ktoan01 trn DC1 c to ra sau thi im backup, ta
ln lt chy dng lnh trn cmd nh sau:
NTDSUNTIL
Authoritative Restore
Restore Object cn=NV-Ktoan01,ou=Ktoan,ou=KeToan,dc=tsn,dc=vn
Quit

Trang 13

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Restart
Trng hp 2: Non-Authoritative Restore
Hnh thc ny s ghi li tnh trng h thng khi tin hnh backup kt hp vi nhng
i tng t my DC bn kia sau khi bn backup c to ra, gi s ta to bn backup
trn DC1 v sau to user NV-Ktoan01 trn DC2. Sau tin hnh restore file
backup. Sau khi restore h thng s bao gm nhng i tng khi backup cng vi
user NV-Ktoan01 c to ra trn DC2 nhn bn qua.
Trng hp 3: Primary Restore
Hnh thc ny s ly trng thi mi nht cho file backup v phc hi li cho DC tin
hnh restore, h thng t ng ng b cho DC khc trn h thng. Ta s dng cch
backup ny khi tc c cc my DC u b mt d liu v mun phc hi li d liu ti
thi im backup.
2.3.4

Tng kt Backup & Restore AD

Mt h thng an ton l h thng c backup thng xuyn v s dng chin lc


restore ng thi im. S dng chin lc backup restore AD gip d liu trn cc
my DC c bo m an xy ra bin c h thng.

3. Thit k v xy dng DNS


DNS l mt mu cht quan trng cho s vn hnh h thng mng. DNS hot
ng tt, ta cn thc hin thit k v ci t ng phng php v chnh xc.
3.1 Chc nng ca DNS server :
Ngoi chc nng phn gii tn min thnh IP v ngc li. V DNS l mt c s d
liu phn tn v c kh nng m rng. N gip ngi qun tr cc b c th qun l d
liu ni b thuc phm vi ca h, d liu ny c truy cp trn ton b h thng theo
m hnh client-server.
u im:
Tng kh nng chu li
Trang 14

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Cn bng ti
Security (dynamic update)
Gim traffic h thng (khng phi transfer m thng tin Dns c replicate chung
voi AD)
3.2 Yu cu nh hng v cch thc hin:
Xy dng 2 DNS primary server m bo tnh sn sng v kh nng chu li. Khi
1 server b s c DNS server cn li s thc hin cc yu cu phn gii ca client.
Xy dng h thng DNS trn server01
Vo control panel ci t Dns service
Cu hnh Primary Zone tch hp AD
Cu hnh Forward lookup zone v Reverse lookup zones
Xy dng DNS trn server02
Ch cn ci t DNS service sau tc c cc d liu s c replicate t my
dns1 qua.
Sau khi cu hnh xong ta s tin hnh kim tra DNS c phn gii ng hay khng
bng lnh nslookup trn CMD . Nu phn gii tt kt thc qu trnh cu hnh v tip
tc xy dng cc dch v khc.
3.3 Tng kt dch v DNS
DNS l mt dch v cc k quan trng trn h thng mng. DNS c th phn gii
ng v c kh nng hot ng n nh, ta cn tin hnh cc bc cu hnh chnh xc

4. Thit k v xy dng DHCP


Khi mt my tnh tham gia vo mng th a ch ca n phi l duy nht khng
trng lp vi bt c my no khc trn h thng. i vi mt h thng mng ln c

Trang 15

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

hng trm my trm th vic gn a ch IP cho tng my trm th s gp rt nhiu kh


khn, mt nhiu thi gian v cng sc.
khc phc tnh trng trn, h thng mng cung cp dch v DHCP cho Server t
ng cung cp a ch IP v cc thng tin cu hnh cn thit cho cc my trm.
4.1 Chc nng ca DHCP server
DHCP Server cp pht IP ng v cc thng tin cu hnh c lin quan cho cc Client.
4.2 u nhc im ca DHCP server
u im :
Gim bt cc hin tng xung t v IP, hay cc li v IP, lun m bo Client
c cu hnh ng.
n gin ha trong cng tc qun tr.
Tit kim c s a ch IP tht.
Tp trung qun tr thng tin v cu hnh IP.
Cu hnh IP ng cho cc my trm mt cch lin mch.
Ph hp vi cc my tnh thng xuyn di chuyn gia cc lp mng.
T ng cp nht thng tin khi c s thay i cu trc mng.
S linh hot v kh nng d m rng.

Nhc im:
a ch IP c cp s b thay i, khng bo m c mt a ch ring bit cho
mt Client trong mi lc khi Client cn mt a ch IP tnh.
Qu trnh cp pht IP gia DHCP client v DHCP server l tn hiu broadcast nn
khng th i qua c Router.
4.3 Cc yu cu chung khi trin khai dch v DHCP server

Trang 16

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

DHCP Client
Windows XP
DHCP Server
Windows Server 2003
DHCP Server Service c ci t trn Server
cu hnh IP tnh, Subnet Mask v Default Gateway
C Range IP hp l

4.4 nh hng v trin khai dch v DHCP server


nh hng thc hin theo m hnh h thng
Xy dng theo chin lc 80/20
Cu hnh 2 Range IP cho 2 Subnet tng ng trong m hnh h thng
Cu hnh Scope Option: 003: Router, 006: DNS Servers, 015: DNS Domain Name
Cu hnh Superscope cho 2 Range IP tng ng
Backup & Restore DHCP database
Nn DHCP database
Cu hnh DHCP Relay Agent
Trin khai dch v theo m hnh h thng

Trang 17

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Ch thch:
003

Router

006

DNS Servers

015

DNS Domain Name

Cu hnh Superscope
Backup & Restore DHCP database
Mc ch:
m bo an ton cho database ca DHCP Server
Khc phc nhanh s c xy ra i vi database ca DHCP Server
Cch thc hin:
To ra mt folder cha file backup ca DHCP trn a C:\
Backup d liu ca DHCP Server n folder to sn trn a C:\
Khi Restore s ch ng dn n folder cha file backup to trn a C:\
Nn DHCP database
Mc ch:
Tit kim dung lng lu tr
Cch thc hin:
Trang 18

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

S dng cu lnh: Jetpack nn file database ca DHCP


CD %SYSTEMROOT%\SYSTEM32\DHCP
NET STOP DHCPSERVER
JETPACK DHCP.MDB TMP.MDB
NET START DHCPSERVER
Cu hnh DHCP Relay Agent
Mc ch:
Trung chuyn gi tin qua li gia cc lp mng thng qua Router
Cch thc hin:
Enable Routing and Remote Access
Add DHCP Relay Agent
Trn DHCP Relay Agent
Properties: add a ch IP ca 2 DHCP Server
New interface: add 2 interface m DHCP Server cn cp
4.5 Tng kt dch v DHCP
Dch v DHCP Server c cu hnh v sn sng cho vic phc v cp pht IP
ng cho cc my trm trong h thng mng ca cng ty VNTransport. Vi cc chc
nng c cu hnh m trnh by trn th nhm chng ti m bo tnh an ton
v hon ton n nh trong sut qu trnh hot ng ca cng ty.

5. Thit k v xy dng cu trc File Server


File Server trong mt h thng mng ng vai tr cc k quan trng v tc c d liu
ca nhn vin c lu tr v chia s ti y. file server hot ng mt cch an
ton v hiu qu ta cn thc hin nhiu chin lc v mt cu hnh cng nh qun l.
5.1 Chc nng ca File server v u nhc im
Lu tr v chia s d liu.
Qun l d liu tp trung.
Trang 19

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

5.2 Cc yu cu cn lm trn File server


D liu c chia ra cc vng khc nhau phn quyn s dng cho nhn vin.
Gii hn khng gian s dng ca tng nhn vin.
Gim st vic s dng ti nguyn ca nhn vin
Phc hi d liu nu l b xa, thay i.
Backup d liu nh k phc hi khi cn thit.
Hot ng nhanh, n nh, bo mt.
5.3 nh hng thc hin
S dng NTFS Permission phn quyn trn cc th mc chia s cho cc Group
cha user trn AD.
S dng Quota gii hn dung lng s dng trn a File server.
S dng Audit gim st vic s dng ti nguyn.
S dng Shadow Copies sao lu v phc hi d liu b xa, thay i tm thi.
S dng Backup & Restore sao lu d liu nh k v phc hi khi cn thit.
S dng Raid 5 sao lu ng thi tng tc hot ng cho a cng File server.
5.4 Xy dng v Cu hnh File server
File server c t trn mt a cng ring v nh dng theo chun NTFS. Trn
a cng ny to phn vng D cha d liu. Phn vng ny ch s dng cho file server
khng c mc ch no khc.
5.4.1 Xy dng cy th mc cha d liu trn phn vng D

Ta to ra 2 th mc chc nng m nhn cng vic ring.


Public: th mc dng chung, nhn vin c th lu v chia s d liu ti y

Trn Public cha 2 th mc dng chung:


+ Report: th mc lu cc bo co ca nhn vin cho ban iu hnh.

Trang 20

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

+ Application: th mc lu tr cc ng dng ph hp deploy xung cho tng


phng ban.
Private: th mc dng ring, lu tr d liu lm vic ca tng nhn
vin ring bit. Mi nhn vin khi logon vo h thng s c mt th mc tng ng,
th mc ny s lm My Document cho tng nhn vin.
5.4.2 nh hng phn quyn NTFS v cch thc thc hin:
a. Yu cu chung:
Nhn vin khng th xa hoc thay i cu trc th mc c sn
Nhn vin c ton quyn trn th mc v d liu mnh to ra
Nhn vin khng chnh sa hoc xa c d liu ca ngi khc
b. Yu cu ring:
Trn Public: Nhn vin c quyn c tc c cc d liu. c quyn to - chnh
sa - xa d liu ca mnh, khng c chnh sa - xa d liu ca ngi khc.
+ Trn Report : Nhn vin ch c quyn c v ghi d liu ca mnh.
+ Trn Application: ch dnh cho admin deploy phn mm.
Trn Private: Cha cc th mc tng ng cho cc nhn vin, khi nhn vin ng
nhp vo h thng ln u tin th s t ng to ra mt th mc trng trn ca user
nhn vin, th mc ny c s dng lm My Documents cho nhn vin khi lm vic
trn h thng. D liu ca nhn vin c lu tr trc tip trn server v nhn vin s
thy duy nht d liu ca mnh, khng thy bt c th mc no ca cc nhn vin
khc.
c. Cch phn quyn NTFS
Cng vic chung:
Share 2 th mc vi tn tng ng
Thit lp Full Control cho Everyone Share Permission cho tc c cc th mc
share
Cu hnh NTFS Permission:

Trang 21

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

+ G b c tnh tha hng trn a D


+ Remove group Nhn vins khi a D
+ Add cc group tng ng ca phng ban vo
+ Thit lp Full control cho ti khon CREATE OWNER trn D
Cng vic ring trn tng th mc share:
Bng phn quyn:
Folder

Share

NTFS (advanced)

Users/Group

Public

Full

Travel Folder /

BanGiamDoc This folders,

control

Execute file

ThuKy

List Folder / Read

KToan

Data
Read Attributes
Read Extend
Attributes

Apply onto
subfolders and
files

HC-NS
KT-KD
KThuat

Create Folders /
Append Data
Report

Full

Travel Folder /

BanGiamDoc This folders,

control

Execute file

ThuKy

List Folder / Read

KToan

Data
Create Folders /
Append Data
Read Attributes

subfolders and
files

HC-NS
KT-KD
KThuat

Write Attributes
Application

Full
control

Full control

Administrator This folders,


subfolders and
files

Trang 22

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

S dng Group Policy cu hnh th mc Private cha cc My Documents ca


nhn vin
5.4.3 S dng Quota gii hn khng gian lu tr
a. u im v nhc im
u im: Gii hn c khng gian s dng a mng cho nhn vin, trnh tnh
trng s dng qu nhiu lm nh hng cho file server, lng ph ti nguyn cng nh
tc truy xut d liu ca nhng nhn vin khc
Nhc im: i vi cc phng khc nhau phi thit lp cc mc hn ngch khc
nhau ty vo nhu cu, mi khi d liu lm vic ca mt ai y chng ta phi
iu chnh li mc hn ngch. Khng th thit lp mt ln s dng mi mi.
b. Cch thc hin
Mi nhn vin ch c s dng 500mb trn a cng ca file server
Thng bo cho nhn vin khi dng n 450mb, n 500mb th khng lu d liu c
na.
Thit lp quota cho tc c cc nhn vin nh sau:
Limit disk space: 500mb
Warning level: 450mb
5.4.4 Gim st hot ng ca nhn vin trn file server vi Audit
Gim st cc hot ng ca nhn vin trn file server nh: to, chnh sa, xa
a. u im v nhc im
u im: gim st gip qun l c cng vic ca user v c th ghi ra bo co
khi cn thit
Nhc im: lm cng vic x l trn file server din ra chm hn do mi ln c
cc s kin xy ra phi ghi li nhng s kin .
b. Cch thc hin
Thm danh sch cc nhn vin mun gim st vo v ty chn cc s kin Successful
hoc Failed ph hp vi quyn ca tng nhn vin trn a
Trang 23

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

5.4.5 S dng Shadow Copies.


Shadow Copies cho php sao lu d liu tm thi do nhn vin to ra v phc hi khi
l b nhn vin v tnh xa hoc ghi ...trong ngy hm .
a. u im v nhc im
u im: restore li mt cch nhanh chng, ghi li nhiu version khc nhau ca
mt file cho php thc hin qu trnh restore theo ngy gi c th.
Nhc im: ch khc phc nhng s c nh khi b xo mt file hay th mc.
Khng th thay th c cc hnh thc sao lu truyn thng.
b. Cch thc hin
Enable chc nng Shadow Copies trn a cng file server.
Lp lch t ng sao lu
Cho my tnh nhn vin ci t chng trnh Previous Versions Client trong th
mc C:\WINDOWS\system32\clients\twclient\x86
thc hin phc hi: t my nhn vin vo th mc m user thc hin thay
i chn Properties -> chn Previous Versions -> Chn thi im sao lu -> Chn
Restore.
5.4.6 Chin lc Backup & Restore cho File Server.
Backup & Restore l hnh thc sao lu truyn thng khng th thiu trn bt c file
server no. N l linh hn ca file server, ng vai tr cc k quan trng trong cng
vic bm m s an ton d liu. D liu c to ra v sao lu, phc hi ti nhng
thi im thch hp gip ta i ph vi bt c tnh hung no khi xy ra s c trn file
server.
a. u im v nhc im
u im: c th kt hp nhiu phng php sao lu, gip ly li gi liu ca bt
c thi im no nu cn thit.
Nhc im: d liu ngy cng tng ln cng tn nhiu thit b lu tr, thi
gian sao lu cng chm.

Trang 24

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

a. Yu cu v nh hng

Cc yu cu:

S dng bng t lu tr (Tape Drive), gip bo qun tt hn l DVD


Backup vo thi im t nhn vin lm vic hoc tc c ngh trnh trng
hp nhn vin cp nht d liu sau thi im backup ca server.
Backup lm sao d liu to ra l t nht, thi gian ngn nht nhng vn m bo
y , n nh, c th ly li d liu ca mt ngy bt k trong tun.

nh hng:

S dng Tape Driver: Hewlett Packard StorageWorks DAT 24 (DW069A) DAT


Tape Drive DAT, 12 GB, USB 2.0 Interface, Internal Enclosure, 1.5 MBps, For: PC
Platforms. Gi: 220$
Backup vo ban m khong 10h l tt nht
S dng backup Normal kt hp vi Incremental v Differential
Gii thiu u im v nhc im ca 3 loi backup trn tin vic la chn s
dng:
Backup Normal:
Backup full, c ngha l s backup ht tt c ci g m mnh chn
Thi im dng: backup full thng lm vo ngy cui tun v u tun
u im: s backup ton b ci g chng ta cn.
Khuyt im: thi gian backup v restore s lu v backup ht v restore ht, cn
c thit b dung lng ln cha file backup.
Backup Incremental:
Kiu backup ny l ch backup li nhng g thay i ca ngy backup so vi ln
backup trc
Thi im dng: cc ngy cn li trong tun tr th 2 v th 7

Trang 25

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

u im: thi gian backup nhanh v ch backup li nhng g thay i so vi ln


trc, khng cn storage ln cha file backup
Khuyt im: phi restore tng file theo th t Full v bakup ngy th 2 ri n
ngy th 3 ... sau cng n ngy cn restore.

Backup Differential:
Kiu backup l file backup c to ra gm backup Full ca ngy hm trc v s
thay i ca ngy cn backup
Thi im dng :Thng dng vo cc ngy cn li trong tun tr th 2 v th 7
u im: bakup li bn Full ca ngy hm trc v s thay i ca ngy backup
nn khi restore s nhanh hn incremental
Khuyt im: thi gian backup s lu hn kiu normal nhng thi gian restore
nhanh hn kiu incremental, cn storage ln cha file backup.
b. Cch thc hin:
Tun 1

Tun 2

Tun 3

Th 2: Bnh Thng

Th 2: Kh khng

Th 2: Kh khng

Th 3: Gia Tng

Th 3: Gia Tng

Th 3: Gia Tng

Th 4: Gia Tng

Th 4: Gia Tng

Th 4: Gia Tng

Th 5: Gia Tng

Th 5: Gia Tng

Th 5: Gia Tng

Th 6: Gia Tng

Th 6: Gia Tng

Th 6: Gia Tng

Th 7: Bnh Thng

Th 7: Bnh Thng

Th 7: Bnh Thng

CN: khng dng

CN: khng dng

CN: khng dng

Bn trn l lch backup nh k hng tun, ph hp vi kh nng v yu cu ca mt


cng ty va v nh. T y chng ta s cn c lp lch backup nh k.
5.4.7 Xy dng a d phng Raid
Sao lu d liu lun l mt nhim v cn thit v cp bch i vi cc doanh
nghip, t chc hay bt k c nhn no. Bt c khi no cng cng c th b hng hay
bad m khng h bo trc v km theo th d liu cng ra i. Vy ti sao thay v

Trang 26

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

vic ngi ch cng m khng t thit lp cho mnh mt h thng sao lu d phng
n gin m khng cn mt qu nhiu cng sc vo vic backup hng ngy, hng gi
(k c khi c chng trnh h tr). a cng hin nay khng cn qu t v qu
sa x, v vy ta cn to cho cng ty mt h thng sao lu d phng c bn (RAID).
S dng Raid gip tng tc truy xut d liu cng nh bo m vic sao lu phc
hi cho a cng h thng mt cch an ton. Ty vo nhu cu ca cng ty ta c th
s dng Raid trn DC, File Server.
Yu cu v nh hng
Yu cu: S dng Raid tng tc truy xut, sao lu an ton v r tin.
nh hng: S dng Raid 5 thc hin.

6. Thit k v xy dng h thng Web server, FTP server


Web l mt cng c truyn ti thng tin cc k hu dng ca cuc sng hin i.
Web v fpt mang li cho chng ta cng c chia s d liu nhanh chng v tit kim rt
nhiu chi ph. Trong h thng mng ni b ca mt cng ty, nhng dch v ny gip
nhn vin cp nht nhanh chng thng tin t ban iu hnh cng nh gi thng tin
ngc tr li. Xy dng ng thi 2 h thng public v private web-ftp khng nhng
gip qung b thng tin ni b m cn cho cng ng s dng mng internet. N l
mt cng c qung co sn phm dch v rt hiu qu v tit kim.
6.1 Cc chc nng v u nhc im
Web gip ta chia s thng tin v cp nht thng tin mi t bt c a im no c
kt ni mng
Chc nng chnh ca FTP l lm ni lu tr d liu di ng trn mng, ch cn c
user v password (nu yu cu) l bt c ai cng c th truy cp vo FTP server ly
v chia s d liu cho mi ngi.
u im: chia s v cp nht thng tin mi lc mi ni.
Nhc im: bo mt km, d dng b hacker li dng v mc ch xu.
6.2 Cc yu cu chung khi trin khai dch v Web v FTP
6.2.1 Yu cu vi cc dch v
Trang 27

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Yu cu khi thit k cu trc chy Web: hot ng nhanh, cp nht kp thi thng
tin cho nhn vin v khch hng.
Vi FTP: gip user c th truy cp trong phm vi mng ni b cng nh t
internet vo
Vi Web: c web ni b v web public cho user v khch hng truy cp.
6.3 Trin khai cc dch v Web v FTP
Ci t IIS Component
To host v alias cho FTP v Web trn DNS server.
Trin khai FTP:
To mt FTP site mi
Cu hnh a ch IP, Port, ng dn n th mc share FTP
Cp quyn cho cc user s dng th mc share FTP, cp quyn Read, Wrire,
Brower cho user trn FTP site.
Trin khai Web:
To Web site mi
Cu hnh a ch IP, Port, ng dn n th mc share web
Cu hnh trang mc nh v cc ng dn dng truy cp web
Cp quyn Read cho user.
Nat port v cu hnh dyndns public FTP v Web:
Vo modem Nat port 80 - ng vi IP: 192.168.1.99 ca web server, Nat port t 20 n
21 - ng vi IP: 192.168.1.99 ca FTP server
Download v cu hnh DynDNS software trn my Web-FTP cp nht a ch IP
ln server min ph ca DynDNS.org (nu c mua IP public v domain th khng cn
phi s dng dch v min ph ca DynDNS.org)
6.4 Tng kt dch v Web v FTP

Trang 28

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Sau khi Web-FTP c thit lp, thng tin ca cng ty c ph bin rng ri cho
cc nhn vin v khch hng. y l dich v h tr cc k hu ch cho bt c mt
cng ty no m bo s tin dng v tit kim chi ph.

7. Thit k v xy dng dch v Printing


Printer server l my tnh hoc thit b chuyn dng khc c s dng kt ni
vi my in v cung cp dch v in n trong mng. Trong thc t hin nay, i a s cc
mng my tnh ca chng ta (Vit Nam) s dng mt my tnh trong mng kt ni
my in v chia s my in dng chung ny cho cc ngi s dng khc trong mng.
7.1 Gii thiu dch v v u nhc im
C 2 cch s dng printer in n trong mng l in mng (internet printing) v in
cc b (local printing)
In mng: s dng printer server
u im:
User c th s dng in t bt c u c internet.
Cng vic in n trn mng c qun l tp trung trn server cu hnh internet
printing
Rt nhiu user c th s dng chung mt my in gim thiu chi ph mua nhiu my
in
Hot ng khng phc thuc vo PC gip cng ty tit kim ti nguyn pc
C phn quyn nn d dng in n hn
Tc in n nhanh
Nhc im:
Printer server gi thnh cao
Khng h tr qun l trc tip trn my printer server
In cc b: s dng my in local
u im:

Trang 29

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Gi thnh r
C th s dng tc c cc loi my in c th in c
Kt ni n gin khng ph thuc vo cu hnh kt ni
n gin d trin khai
Nhc im:
Bt buc my in ni vi PC phi c m lin tc nu tt s nh hng n cc
ngi s dng chung my in trong cng mt phng ban
Tc in n khng cao
Tnh bo mt km
7.2 Trin khai dch v Printer server
a. Trin khai Internet Printing vi Printer server
Ci t dch v Internet Printing trong Control Panel
To my in mng, v tr v a ch printer server v ci t driver cho printer
server
To cc my in logic phn quyn cho cc Group v user khc nhau
To Printing Pool gip h thng khc phc s chm tr khi c qu nhiu yu
cu in
Map my in v my client thng qua trnh duyt internet.
b. Trin khai Local printing
Ci t v cu hnh cho my in cc b trn my tnh c gn my in
Share my in ra cho cc my khc bng ng dn UNC hoc s dng cu lnh
map my in cho tng client. Phn ny s thc hin trong Group Policy.
7.3 Tng kt dch v Printer server
Vi s qun l ca printer server, hot ng n nh - nhanh chng s gip cng vic
in n ca tc c nhn vin thun li hn. Trong m hnh mng ca cng ty

Trang 30

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

VNTRANSPORT s c 1 my printer server v cc my cn li s lm chc nng in


local, va m bo li tit kim.

8. Thit k v xy dng h thng Antivirus m hnh Client Server


Thm ha virus i vi h thng mng l m nh ca nhng ai tng lm vic
trong cc cng ty. Khi virus ly lan trong h thng s lm cc h thng ng bng
hoc hot ng khng n nh, gy nh hng n hot ng ca cng ty c bic l
cc cng ty c xng sng l mng my tnh - hot ng da trn mng my tnh.
phng s ly nhim virus cng nh s ly lan pht tn ca virus trn h thng,
ci t mt h thng phng chng virus l thc s cn thit.
Nhm chng ti quyt nh s dng phn mm Symantec Antivirus 10.0 thc hin
cng vic ny.
8.1 Cc chc nng ca h thng Antivirus
Chc nng ca Antivirus server (ci t trn server): cp nht, qun l tp trung cc
phin bn chng virus mi t internet v trin khai cho my nhn vin, dit virus trn
chnh my ci t.
Chc nng ca Antivirus client (ci t trn my nhn vin): cp nht cc phin bn
dit virus t Antivirus server, tm v dit virus trn tng my ci t n.
8.2 Cc c im chung v u im khi trin khai h thng Symantec Antivirus

Trang 31

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Khi my server kt ni ra internet v update, cc my client s t ng update t


server, my client khng ra internet update. Cc my client cng khng c quyn
g b ci t nu khng c password.
Khi bt k my no trong h thng, thng tin s c gi trc tip ln server,
ngi qun tr s bit ngay v thc hin cc hnh ng trc tip ti my b nhim t
server.
u im ca Symantec Antivirus:
Hot ng nhanh v ph hp vi mt cng ty va v nh
To ra mt h thng Antivirus duy nht cho c h thng my tnh, gip ngi qun
tr n gin hn trong vic qun tr h thng.
Tit kim bng thng trong qu trnh Update
Nng cao bo mt.
8.3 Trin khai h thng Symantec Antivirus
8.3.1 Ci t phn mm Symantec server
Chun b a CD ci t cha: Symantec AntiVirus Corporate Edition v10.1 v
Symantec System Center v10.1
Ci t ln lt cc phn mm vo my server, trong qu trnh ci t ch phn
password cho h thng v check vo AutorunLiveUpdate t ng cp nht t server
trn internet sau khi ci t xong.
8.3.2.

Cu hnh v trin khai Symantec client cho my nhn vin v h thng cc

my member server.
Sau khi ci t v khi ng li h thng, ta tin hnh Unlock cho server v ty chn
cho server l Primary server.
Sau tin hnh trin khai phn mm xung my client (client trn 3 range khc
nhau, range server, range tng 1 v range tng 2)

Trang 32

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Chng ta c 2 cch ci t cho my trm: mt l chng ta ng t Client truy cp


n server bng ng dn UNC, hai l chng ta dng tin ch Client Remote Install
Tool. ci t t xa ta vo Tools\Client Remote Install.
Trong qu trnh ny bc u tin ta s chn v source ci t, ta ty chn Default
Location. Sau ta chn nhng user cn trin khai thc thi.
Qu trnh trin khai xung client thnh cng, sau khi khi ng li phn mm
Antivirus s t ng chy v nhn thy c trn my client.
8.4 Tng kt Antivirus
Symantec Antivirus m bo c kh nng vn hnh nh nhng cng nh m hnh
Client-Server ti u cho cng vic qun tr. S dng phn mm ny trn h thng ca
VNTRANSPORT l rt kh thi v t c mt phn mc tiu bo mt cho h thng
ca nhm 06PBL152.

9. Xy dng h thng v li WSUS


Qun l tnh trng h thng l mt trong nhng cng vic quan trng ca ngi qun
tr mng, qun l vic cp nht cc bn v li phi c tin hnh lin tc cung cp
cho h thng nhng phin bn v li mi nht ca nh sn xut khng nhng mang li
hiu qu bo mt, m cn gip h thng hot ng n nh hn rt nhiu.
Nhng mt iu cn phi ch rng i khi cc bn v li do nh cung cp phn
mm a ra thng chm hn so vi cc bn v li ca cc hng bo mt, mt v d
nh symantec a ra 40 bn v li trong c 20 bn cho h thng my Dell chy
Windows XP v hn 20 bn v li cho Windows 2000 Service Pack 3 trc khi
Microsoft a ra cc bn v li chnh thc vo ma h nm 2003. V vic cp nht
ton b h thng qua Internet l mt gii php kh thc hin khi c nhiu my tnh
trong h thng mng cn c cp nht bn v li ngay. Vic trin khai h thng t
cung cp cc bn v li ngay trong h thng mng l iu cn thit. Chnh v iu ny
nn chng ta cn mt dch v phc v cho nhu cu trn v WSUS l 1 gii php.
WSUS l vit tt ca Windows Server Update Service . Cho php chng ta to ra
mt my ch lu tr phn mm cp nht cho ton b h thng cc phn mm ca hng
Microsoft t Windows cho n cc phn mm Office
Trang 33

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

9.1 Cc chc nng v u nhc im:


Qun l tp trung vn ci t phn mm update trn cc my trm.
Gim thiu lu lng bng thng ra ngoi Internet. Nu khng c wsus cng ty c
hng trm my tnh v yu cu update trc tip thng qua Website ca Microsoft s
gy l hin tng tc nghn v qu ti.
u im: Tit kim c nhiu thi gian qun tr v tng cng thm tnh bo mt
cho h thng cc my trm.
Nhc im: ch c ch trong mt h thng ln v nhiu my client. H thng nh
ci t s gy lng ph server.
9.2 Cc yu cu chung khi trin khai WSUS.
9.2.1 Yu cu v dung lng a cng:
C partition ci t windows v partition ci t WSUS phi l NTFS.
Ti thiu phi c 1 Gb trng cho partition h thng.
Ti thiu phi c 6 Gb trng cho partition ci cc bn update cho WSUS recommend
l 30 Gb.
9.2.2 Cc yu cu v Automatic Updates:
Automatic Updates l mt thnh phn client ca WSUS. Automatic Updates khng
i hi g v phn cng c bit ngoi vic phi c kt ni vi network. Ta c th
s dng Automatic Updates vi WSUS trn bt k my tnh no chy cc h iu hnh
sau y:
Microsoft Windows 2000 Professional with Service Pack 3 (SP3) or Service Pack 4
(SP4), Windows 2000 Server with SP3 or SP4, or Windows 2000 Advanced Server
with SP3 or SP4.
Microsoft Windows XP Professional, with or without Service Pack 1 or Service Pack
2.

Trang 34

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Microsoft Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise
Edition;Windows Server 2003, Datacenter Edition; or Windows Server 2003, Web
Edition.

* Note:
ci t c WSUS ta cn thc hin ci t mt s chng trnh yu cu cho
WSUS:
1. Ci t IIS
2. Ci t Services Pack
3. Ci t dotNetFX35setup.exe
4. Ci t ReportViewer.exe
5. Cui cng l ci t WSUS ( y h thng chng ta s ci t ver3.0)
9.3 nh hng v trin khai thc hin WSUS
My ch SUS s phn tch cc h iu hnh yu cu cp nht, kim tra cc bn
service pack v cung cp cho my client nhng gi tin cn phi download v ci t
cc phin bn cp nht.
9.3.1 ng b d liu v cung cp cho h thng
Khi bt u vic ng b d liu my ch SUS s truy vn n my ch Windows
Update ca Microsoft hay cc my ch SUS khc trong h thng mng v download
ton b ti nguyn v cc bn v li hay cc service pack cho mi sn phm v ngn
ng m ta cu hnh. Qu trnh ng b d liu s c truyn khong 150 MB
cho phin bn English v 600MB cho mi ngn ng khc.
9.3.2 Thit lp Automated Updates trn my client
Ci t cc cp nht t Automatic Updates ca my client bng vic ci t cc gi
MSI. cung cp cc gi cp nht dng MSI bn c th d dng s dng Group

Trang 35

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Policy cung cp . To ra mt GPO mi, gn chng cho cc my tnh trong h thng


mng ca bn, v n s c ci t mt cch t ng.
C th cung cp cc gi MSI cho client di dng logon script gn cho gi tin MSI
v h thng s c thc hin trc khi ngi dng ng nhp vo h thng.

9.3.3 S dng Group Policy p t my Clients Update t WSUS


Ln lch cho qu trnh cp nht cn khc nhau trnh cng mt thi im ton b h
thng yu cu n my ch SUS s lm ton b h thng mng ca bn b tc nghn.
(Tu chn trong phn Reschedule Automatic Updates Scheduled Installations)
To ra nhiu GPO vi nhiu lch trnh khc nhau cho mi OU m bo h thng
lun c p ng tt nht.
9.4 Tng kt WSUS
Vi nhng tnh nng u vic v cp nht v v li cho h thng ca WSUS ( c
phn tch pha trn) th y l dch v kh tt gp phn bo mt cho h thng cty.
Do nhm 06PBL152 chng em trin khai hon chnh dch v ny cho ti ln
ny.

10. Trin khai Policy qun l.


Policy l mt c cu gip ta xc lp cu hnh desktop, permissionmt cch t
ng v tp trung nh nhng Group Policy Object (GPO). Group Policy Object l
nhng i tng thuc nhm Policy qun l, n c s p t cho cp user hoc
Computer c cha trong Site, Domain, Organization Unit (OU).
10.1 Cc yu cu cn lm trn Group Policy
Trin khai cc ng dng sau cho tc c cc phng ban:
Microsoft Word
Microsoft Exel
Microsoft PowerPoint
Trang 36

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Acrobat Reader
Cc phn mm khc cho tng phng ban:
Phong k ton: phn mm k ton
Phng Hnh chnh Nhn s: phn mm qun l nhn s
Phng K hoch kinh doanh: phn mm thit k m hnh Microsoft Visio
Cu hnh GPO p t cc chnh sch khc nh:
T ng khi ng Internet Explore vi trang ch ca cng ty khi user ng nhp
vo mng
Khng nhn thy Properties ca My Documents
Khng nhn thy v khng truy cp c a C trn my Local
Map my in local, map a mng
10.2 Trin khai cc chnh sch t yu cu t ra
S dng cng c Group Policy Management qun l tp trung cc policy c trn
h thng.
Cc ng dng Word, Exel, PowerPoint c qun l trong mt policy chung v trin
khai (lin kt) xung tc c cc OU phng ban.
Cc ng dng phn mm chuyn ngnh, mi phn mm s c cu hnh deploy
trong mt Policy
Thc hin p t cc chnh sch khc: Mi chnh sch c cu hnh trong mt
policy ring.

11. Cc dch v h tr
11.1 Dch v RIS
Trong mt m hnh h thng c nhiu my trm, ci t h iu hnh cho tt c
my trm th i hi ngi qun tr phi mt rt nhiu thi gian ci t cho tng
my. Vi chc nng ci t h iu hnh mt cch t ng qua mng, dch v RIS ra
i ngi qun tr gii quyt vn ny mt cch nhanh chng v c hiu qu.

Trang 37

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

11.1.1 Chc nng


Ci t h iu hnh qua mng cho Client.
11.1.2

u nhc im ca dch v

u im
Ci t h iu hnh mt cch t ng
My trm ch cn c card mng h tr PXE, khng cn c CD-ROM
Ngi qun tr khi mt cng i ci t trn tng my
C th ci t cho tt c my trm vi mi cu hnh
My trm sau khi ci t xong t ng join domain
Nhc im
Cu hnh phc tp
Thi gian ci t s rt lu nu s lng my trm ln
11.1.3 Yu cu chung khi trin khai dch v
My tnh cha dch v RIS Server phi l thnh vin ca Domain hoc l dch v
RIS Server ny nm trn Domain
Server ci t RIS phi c 2 phn vng khc nhau
Phn vng cha file ci t RIS phi c nh dng NTFS
C DHCP Server c Active trn mng
C DNS phn gii tt trn mng
C mt Windows CD hoc c mt folder share cha cc file ci t
My Client phi h tr PXE boot ROM hoc card mng c h tr boot floppy
11.1.4 nh hng v trin khai dch v
nh hng thc hin
Cc my trm trong h thng c cng cu hnh
Ci t h iu hnh Windows XP Professional cho tt c my trm
Trang 38

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Sau khi ci t xong h iu hnh th cc my trm join vo domain v c y


cc thng tin cu hnh c lin quan
Trin khai dch v
Ci phn mm Remote Installation Services
To Image lu trn Server
To a mm boot mng (nu my khng h tr boot mng PXE)
To Answer file t ng tr li cc thng tin khi ci t h iu hnh cho Client
Phn quyn cho User no c th ci t h iu hnh t RIS Server
11.1.5 Tng kt dch v RIS Server
Dch v RIS em li nhiu thun li cho ngi qun tr trong vic ci t H iu
hnh cho nhiu my trm trong cng mt lc thng qua mng. V th, dch v ny
chng ti p dng trin khai cho m hnh nhiu my trm ca chng ti tit
kim thi gian v ti chnh.
11.2 Dch v VPN Client to Site
Mt nhn vin c gng v s pht trin ca cng ty lun lm vic ht sc mnh. H
s c nhu cu lm vic mi lc mi ni nu c th. p ng c cc nhu cu
ca nhn vin, h thng VPN client to site ra i gip nhn vin c th s dng mng
ni b cng ty bt c lc no cn thit.
11.2.1 Cc chc nng v u nhc im
Gip nhn vin c th kt ni vo site ca cng ty thng qua mi trng Internet,
tr thnh mt node ca mng LAN trong cng ty. Gip nhn vin c th s dng mi
ti nguyn chia s trn mng.
u im: tin li cho cc nhn vin lm vic xa cng ty lm vic nh. To ra
m hnh hnh ng (pipe) ring o gip vic trao i d liu khng cn gi gn trong
mt mi trng no m tr nn rng v linh hot hn. Khng phi thu thm cc
knh ring nh Lease Line, tn km hn rt nhiu.

Trang 39

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Nhc im: nu trong h thng mng khng c h thng tng la s rt nguy


him cho d liu ra vo h thng.
11.2.2 Cc yu cu chung khi trin khai dch v VPN client to site.
My ng vai tr l VPN server phi c 2 NIC, my ny s trc tip i ra ngoi
Internet thng qua Modem ADSL, hai NIC ca server c IP ln lt l:
+ External: 192.168.1.113
+ LAN_Floor 1 : 192.168.1.1
Khi s to mt address pool (dy IP) dnh trc cho cc client c nhu cu quay
VPN sao cho cng NetID vi mng LAN bn trong site l c. Theo m hnh cng ty
VNTRANSPORT s c 3 subnet con khc nhau trong site, ta s tin hnh lm tun t
nh nhau cho 3 subnet. Phn ny a ra v d cho subnet Internal_Floor 1
11.2.3 nh hng thc hin VPN client to site
C 2 cch thc hin
Mt l: Bin Modem ADSL thnh 1 Bridge, khi ta s c c IP Public, dng
IP ny l IP cho VPN Server, tuy nhin cch ny hi bt tin l khi ta phi thc
hin Share Net th cc my client mi c th ra net c. (p dng cho nhng modem
khng h tr VPN)
Hai l: Trn Modem ADSL ta s kt hp vi Dynamic DNS trn VPN Server, khi
nu c client quay vo th ta ch vic Nat Port cho Forward qua VPN Server lun.
Ta s s dng cch ny cho vpn client to site trong h thng.
11.2.4 Thit k v xy dng VPN client to site
a. NAT port 1723 ca Router ADSL v my VPN server
b. Cu hnh VPN Server:
To user Client bn ngoi kt ni vo VPN Server (ty vo nhng user no c
nhu cu s dng VPN s to ti khon cho user )
Cho php user c quyn Allow access trong Dial-in

Trang 40

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Enable Routing and Remote Access v cu hnh chc nng Remote Access (dialup or VPN)
Cu hnh Range IP cho cp cho client khi connect vo mng v hon tt qu trnh
trn cu hnh trn server
c. Cu hnh VPN Client trn my Client ngoi vo:

To mt connection mi ti My Network Place, cho Connect to the network at


my workplace
Chn ch Virtual Private Network Connection ti bc tip theo
Ti phn VPN Server Selection, g Hostname ng k trn NO-IP hoc Dyndns
nu c vo Host name or IP address
Ti VPN server phi ci chng trnh cp nht IP cho hostname
Sau c th kt ni n VPN server bng username v password ca mnh trong
h thng.
11.2.5 Tng kt dch v VPN Client to Site
VPN client to site l gii php thc s hiu qu cho vic s dng ti nguyn bn
trong mng ca nhn vin khi lm vic bn ngoi. nng cao bo mt cho dich v
ny, tng lai h thng s phi ci t Firewall nh ISA hoc mt dch v ca bn th
ba no .
11.3 Dch v Remote Assistance
Dch v ny cho php cc nhn vin k thut hoc admin c th vo my tnh ca
nhn vin gip h gii quyt s c trn my. Rt c ch cho vic h tr nhn vin t
xa.
Cc bc trin khai:
To file Remote Assistance trn my client vi username v password bt k.
Chia s file ny cho ngi s gip nhn vin
Nat Port 3389 trn modem v router

Trang 41

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Sau ngi ny s truy cp vo my nhn vin thng qua IP v Port 3389 c


cu hnh trong file . S dng username v password to trc chng thc
C. o to ngi s dng
Sau khi cng vic xy dng h thng mng cho cng ty th cng vic o to ngi
s dng cng quan trng khng km. ngi s dng hiu c cch s dng cc
dch v c trn h thng...v rt nhiu nhng cng vic khc.
Nhng cng vic cn lm:
Tuyn chn i ng o to
B tr thi gian o to
Thit k ti liu o to: bao gm cc phn cn hng dn cho nhn vin cn thc
hin nh
Cch ng nhp vo h thng s dng username v password ca tng nhn vin
Cch s dng file server lu tr d liu lm vic, cch bo co, cch chia s d
liu trn file server.
Cch truy cp vo web, ftp ni b cng nh public
Cch s dng VPN Client to Site connect vo mng cng ty khi cn thit
Cch s dng Remote Assistance cho php cc admin vo my h tr k thut.
D. Kim tra v bn giao vn hnh
1. Kim tra
Sau khi ci t v trin khai xong h thng mng cho cng ty, ta tin hnh kim tra
tng ton din h thng.
Kim tra t my ca nhn vin nhng vn sau:
ng nhp vo user trn domain bng my client
t ip ng, tin hnh release v renew ip, km tra ip ca dhcp cp, kim tra dns bng
nslookup, sau kim tra s lin thng gia cc mng bng lnh ping, ping ra
internet kim tra kt ni internet t my client.
ng nhp vo 2 my client v kim tra phn quyn trn file server

Trang 42

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Kim tra My Documents ca nhn vin sau khi ng nhp vo h thng.


Truy cp vo kim tra dch v web, ftp, to file a qua my khc
kim tra remote assistance.
Kim tra my in v in th trn client.
Kim tra s thi hnh ca cc Group Policy p t xung my client.
2. Bn giao vn hnh
Sau qu trnh kim tra ton din h thng, ta s tin hnh bn giao cng vic vn
hnh h thng li cho ban qun l v phng k thut ca cng ty.
Nhng th cn bn giao:
Cc m hnh h thng v nguyn tc hot ng ca tng thnh phn trn h thng:
DNS, DHCP, DC ng cp, File server, Web - FTP server, Printer server, WSUS,
Antivirus, RRAS, Backup & Restore AD v File server.
T ta tip tc ch ra cc thnh phn quan trng trn h thng, ch cch kim tra
s c v khc phc khi s c xy ra.
Phi hp vi b phn chuyn gia phn cng ln lch bo tr cc thit b trong h
thng.
E.

Chuyn giao ti liu v khch hng nghim thu

1. Chuyn giao ti liu


Cc ti liu cn chuyn giao li cho cng ty nh sau:
Ti liu nguyn cu v thit k h thng
Ti liu o to ngi s dng
2. Nghim thu vi khch hng
Hi nhng thc mc ca khch hng v tr li nhng thc mc
Hi khch hng cho chng ta nh gi v h thng
xut cc phng n m rng h thng khi cng ty pht trin mnh hn

Trang 43

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Tin hnh nhn tin cho vic thit k, lp t v tin thit b t khch hng.
K cc bin bn xc nhn lin quan.
F.

nh gi hiu qu
Sau khi thit k v xy dng h thng ny, nhm 06PBL152 nhn thy rng h

thng ny rt hu ch v mang li hiu qu cao cho hot ng ca cng ty. Sau y l


nhng nh gi m nhm a ra sau khi ln xy dng h thng:
Nh s qun l tp trung ca file server v cc h thng khc, hot ng
ca cng ty cng nhanh hn v tit kim chi ph hn.
Tin li cho vic s dng ca nhn vin v i ng qun l trong cng ty
Thng tin c bo mt hn v qun l d dng hn
Gip cho ngi qun l c th truy cp thng tin nhanh chng v bt k
u, ch cn c mng internet
Vn v kinh ph ph hp vi mt cng ty va v nh
C th pht trin h thng trong tng lai

Trang 44

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

KT LUN
i vi mt h thng th lun bo m ng bn yu cu c bn:
Yu cu v bo mt thng tin
Yu cu v kh nng hot ng nhanh nhy
Yu cu v kh nng chng chu vi mi trng h thng
Yu cu v kh nng m rng
Sau khi hon tc qu trnh xy dng v a vo hot ng, trong tng lai khng xa
kh nng cng ty s pht trin v cn thit mt h thng ln mnh v kh nng bo
mt thng tin cao hn na.
T t ra phng php m rng cho h thng l vn cn c cp ti khi bt
tay vo xy dng mt h thng. Ta s chn la nhng thnh phn v cu trc chnh c
kh nng m rng trong tng lai.
Sau y l phng n m rng h thng m nhm 06PBL152 vch ra cho h thng
trn:
Trin khai CA, IP SEC cho h thng bo mt c nng cao hn
Trin khai vpn (ci radious server nu cn chng thc v qun l trong giao tip
VPN) v kt hp vpn ipsec hoc SSL.

Trang 45

Thc Tp Tt Nghip

GVHD : Ths . Hunh Tn Phc

Trin khai RAID 5 trn my DC Backup ng thi tng tc hot ng ca


server .
Kt hp Load Balancing vo h thng cn bng ti, tng kh nng chng chu .
Ci t ISA v khoanh vng DMZ cho vng server public ra internet .
Ci t h thng Mail exchange tin vic lin lc nu cn thit khi nhn vin
cng ty tng ln ng k .

Ti Liu Tham Kho


- Gio trnh trung cp ca ThS Trn Dzon Mi :
+ Mng c bn , mng nng cao .
- Gio trnh H Gia nh ca Thy Hunh Tn Lu :
+ S l x c mng .
+ Thit k mng c bn .
- Gio trnh H Gia nh ca thy Ng Kim Quc :
+ Lm vic nhm , k thut phn tch .
- Ti liu mng :

http://uet.vnu.edu.vn/tltk/Learning/File_PDF/giao_trinh_mang_doanh_nghiep_0313.pdf
ca H Cng Nghip .
http://www.nhatnghe.com/forum/showthread.php?t=92817 Ca trng Nht Ngh
http://giaiphapmang.biz/ Ca Doanh nghip LTC
Cng nhiu ti liu qu gi su tm trong 3 nm qua .

Trang 46

You might also like