Windows Server 2008 7083

TRN MNH HNG
QUN TR MNG WINDOWS SERVER 2008
BI GING
1/143
TRN MNH HNG
CHNG 1: GII THIU WINDOWS SERVER

I.
WINDOWS NT SERVER
1. H iu hnh mng Windows NT

2. Cc c ch qun l ca Windows NT
2.1 Qun l i tng (Object Manager)
2.2 C ch bo mt (SRM - Security Reference Monitor)
2.3 Qun l nhp / xut (I/O Manager)
2.4 I/O Manager
3. Cc phin bn ca h iu hnh Windows NT
II.
WINDOWS SERVER 2000
1. Windows 2000 Server

2. Cc c trng ca Windows 2000
III. WINDOWS SERVER 2003
1.
2.
3.
4.
5.
Cc phin bn ca h iu hnh Windows server 2003

Nhng c im mi ca Windows server 2003
Yu cu v phn cng
Nng cp thnh Windows server Enterprise Edition
Bng so snh cc c tnh ca Windows server 2003
IV. WINDOWS SERVER 2008

1.
2.
3.
4.
Tnh nng vt tri

Cc phin bn ca Windows Server 2008
Yu cu phn cng
Bng cc tnh nng trong Windows Server 2008
CHNG 2:
TNG QUAN V WINDOWS SERVER 2008
I.
GII THIU WINDOWS SERVER 2008
II.
CC TNH NNG CA WINDOWS SERVER 2008
1.
2.
3.
4.
5.
6.
7.
8.
Cng c qun tr Server Manager

Windows Server Core
Power Shell
Windows Deloyment Services
Terminal Services
Network Access Protection
Read Only Domain Controllers
Cng ngh Failover Clustering
2/143
TRN MNH HNG
9. Windows Firewall with Advance Security

III. MT S TNH NNG MI
1.
2.
3.
4.
5.
6.
Cng ngh o ha Hyper-V

Processor Compartibility Mode
File Classification Infrastructure
Qun l trong a v file
Ci tin giao thc v m ha
Mt s tnh nng khc
IV. CC LI CH CA WINDOWS SERVER 2008

1. Web
2. o ha
3. Bo mt
3.1. Network Access Protection (NAP)
3.2. Read Only Domain Controller (RODC)
3.3. BitLocker
3.4. Windows Firewall
V.
CC PHIN BN CA WINDOWS SERVER 2008
1. Windows Server 2008 Standard Edition

2. Windows Server 2008 Enterprise Edition
3. Windows Server 2008 Datacenter Edition
4. Windows Web Server 2008
CHNG 3: CI T WINDOWS SERVER 2008
I.
II.
III.
IV.
YU CU PHN CNG
CC CCH CI T
NNG CP LN WINDOWS SERVER 2008
CC BC CI T
CHNG 4: DNG DOMAIN

I. TO DOMAIN CONTROLLER
II. NG NHP MY CLIENT VO DOMAIN
CHNG 5:
I.
1.
2.
3.
4.
5.
XY DNG CC DCH V
DCH V DNS
Gii thiu DNS Server
Ci t DNS Server
Cu hnh DNS Server
Cu hnh a ch DNS Server trn my Client
B sung cc bn ghi DNS vo DNS Server
3/143
TRN MNH HNG
II.
DCH V DHCP
1. Gii thiu dch v DHCP

2. Hot ng ca giao thc DHCP
3. Ci t trn Windows Server 2008
3.1. Trn my Server
3.2. Trn my Client
4. Cu hnh DHCP
4.1. To Scope
4.2. Thay i options ca Scope
4.3. Thay i Server options
5. Backup DHCP Server
6. Remove DHCP Server
III. DCH V TH MC ( Directory Services)
1. Chun b
2. Cu hnh
2.1. Trn my Server
2.2. Cho Client vo Domain
IV. DCH V TP TIN (File Services)
1.
2.
3.
4.
V.
Trin khai File Sevices

Qun l File Screen
Qun l Quota
Qun l cc bo co
DCH V IN N (Print Services)
1. Ci t
2. Truy cp Print Services Tools
3. Qun l cc my in trong mng
VI. DCH VU WEB
1. Gii thiu v IIS 7.0
2. Ci t IIS7.0
VII. DCH VU FTP
1. Gii thiu
2. Ci t v cu hnh
2.1. Ci t
2.2. Cu hnh
CHNG 6: USER GROUP
I. GII THIU V LOCAL USER V LOCAL GROUP
II. TO CC LOCAL USER
III. TO LOCAL GROUP
4/143
TRN MNH HNG
CHNG 7: CHNH SCH BO MT(GROUP POLICY)

I. ACCOUNT POLICY
1. Password Policy
2. Account Lockout Policy
II. LOCAL POLICY
1. User rights assignment
2. Sercurity options
CHNG 8: QUYN TRUY CP NTFS
I. KIM SOT QUYN TRUY CP H THNG TP NTFS
1. Phn quyn n gin
2. Phn quyn c bn
2.1 Gii thiu c ch phn quyn NTFS
2.2 Cc cng c phn quyn NTFS
2.3 Thc hin cc quyn c bn ca d liu doanh nghip trn NTFS
II. NGUYN TC KHI P DNG QUYN TRUY CP
1. Nguyn tc hoch nh th mc chng trnh
2. Nguyn tc hoch inh th mc d liu
3. Nguyn tc hoch nh th mc c nhn
4. To th mc c nhn (Home Folder) trn Volume NTFS
III. SHARE PERMISSION
CHNG 9: XY DNG M HNH SERVER CLIENT
I.
II.
III.
IV.
V.
VI.
CU HNH A CH IP,DNS,DHCP
TO OU,USER V GROUP
GROUP POLICY,DISK QUOTA
CHIA S D LIU
KIM TON
QUN L MY IN
CHNG 1: GII THIU WINDOWS SERVER

I.
WINDOWS NT SERVER
1. H iu hnh mng Windows NT

Windows NT l h iu hnh mng cao cp ca hng Microsoft. Phin bn u c tn l
Windows NT 3.1 pht hnh nm 1993, v phin bn server l Windows NT Advanced Server
5/143
TRN MNH HNG
(trc l LAN Manager for NT). Nm 1994 phin bn Windows NT Server v Windows
NT Workstation version 3.5 c pht hnh. Tip theo ra i cc bn version 3.51. Nm
1995, Windows NT Workstation v Windows NT Server version 4.0 ra i.
L h iu hnh mng p ng tt c cc giao thc truyn thng ph dng nht. Ngoi ra n
va cho php giao lu gia cc my trong mng, va cho php truy nhp t xa, cho php
truyn file v.v... Windows NT l h iu hnh va p ng cho mng cc b (LAN) va p
ng cho mng din rng (WAN) nh Intranet, Internet.
Windows NT server hn hn cc h iu hnh khc bi tnh mm do,a dng trong qun l.
N va cho php qun l mng theo m hnh mng phn bit (Clien/Server), va cho php
qun l theo m hnh mng ngang hng (peer to peer). Ci t n gin, nh nhng v iu
quan trng nht l n tng thch vi hu nh tt c cc h mng.
2. Cc c ch qun l ca Windows NT
2.1. Qun l i tng (Object Manager)
Tt c ti nguyn ca h iu hnh c thc thi nh cc i tng. Mt i tng l mt i
din tru tng ca mt ti nguyn. N m t trng thi bn trong v cc tham s ca ti
nguyn v tp hp cc phng thc (method) c th c s dng truy cp v iu khin
i tng. Bng cch x l ton b ti nguyn nh i tng Windows NT c th thc hin
cc phng thc ging nhau nh: to i tng, bo v i tng, gim st vic s dng i
tng (Client object) gim st nhng ti nguyn c s dng bi mt i tng.
2.2. C ch bo mt (SRM - Security Reference Monitor)
c s dng thc hin vn an ninh trong h thng Windows NT. Cc yu cu to mt
i tng phi c chuyn qua SRM quyt nh vic truy cp ti nguyn c cho php
hay khng. SRM lm vic vi h thng con bo mt trong ch user. H thng con ny c
s dng xc nhn user login vo h thng Windows NT.
2.3.
Qun l nhp / xut (I/O Manager)
Chu trch nhim cho ton b cc chc nng nhp / xut trong h iu hnh Windows NT. I/O
Manager lin lc vi trnh iu khin ca cc thit b khc nhau.
2.4.
I/O Manager
S dng mt kin trc lp cho cc trnh iu khin. Mi b phn iu khin trong lp ny thc
hin mt chc nng c xc nh r. Phng php tip cn ny cho php mt thnh phn
iu khin c thay th d dng m khng nh hng phn cn li ca cc b phn iu
khin.
3. Cc phin bn ca h iu hnh Windows NT
Windows NT 3.1
Windows NT Advanced Server
Windows NT Server
Windows NT Workstation version 3.5
Windows NT version 3.51
Windows NT Workstation Windows NT Server version 4.0
II.
WINDOWS SERVER 2000
1. Windows Server 2000

y l phin bn thay th cho Windows NT Server 4.0, n c thit k cho ngi dng l
nhng doanh nghip ln, hng phc v cho cc mng ln. N tha hng li tt c nhng
6/143
TRN MNH HNG
chc nng ca Windows NT Server 4.0 v thm vo l giao din ha thn thin vi
ngi s dng.
H h iu hnh Windows 2000 Server c 3 phin bn chnh l: Windows 2000 Server,
Windows 2000 Advanced Server, Windows 2000 Datacenter Server. Vi mi phin bn
Microsoft b sung cc tnh nng m rng cho tng loi dch v.
2. Cc c trng ca Windows 2000
Nhng thay i quan trng nht so vi NT c gm c:
- Active Directory
- H tng kin trc ni mng TCP/IP c ci tin
- Nhng c s h tng bo mt d co gin hn
- Vic chia s dng chung cc tp tin tr ln mnh m hn so vi h thng tp tin phn tn
(Distributed File System) v dch v sao chp tp tin (File Replication Service)
- Khng l thuc cng nhc vo cc mu t a na nh cc im ni (junction point) v cc
a gn ln c (mountable drive)
- Vic lu tr d liu trc tuyn mm do, linh ng hn nh c tnh nng Removable Storage
Manager.
III. WINDOWS SERVER 2003

1. Cc phin bn ca h iu hnh Windows Server 2003
- Windows Server 2003 c 4 phin bn c s dng rng ri nht l: Windows Server 2003
Standard Edition, Enterprise Edition, Datacenter Edition, Web Edition.
Windows Server 2003 Web Edition: ti u dnh cho cc my ch web
Windows Server 2003 Standard Edition: bn chun dnh cho cc doanh nghip, cc t chc
nh n va.
Windows Server 2003 Enterprise Edition: bn nng cao dnh cho cc t chc, cc doanh
nghip va n ln.
Windows Server 2003 Datacenter Edittion: bn dnh ring cho cc t chc ln, cc tp
on v d nh IBM, DELL.
2. Nhng c im mi ca Windows Server 2003
- Kh nng kt chm cc Server san s ti (Network Load Balancing Clusters) v ci t
nng RAM (hot swap).
- Windows Server 2003 h tr h iu hnh WinXP tt hn nh: hiu c chnh sch nhm
(group policy) c thit lp trong WinXP, c b cng c qun tr mng y cc tnh nng
chy trn WinXP.
- Tnh nng c bn ca Mail Server c tnh hp sn: i vi cc cng ty nh khng chi
ph mua Exchange xy dng Mail Server th c th s dng dch v POP3 v SMTP
tch hp sn vo Windows Server 2003 lm mt h thng mail n gin phc v cho cng
ty.
- Cung cp min ph h c s d liu thu gn MSDE (Mircosoft Database Engine) c ct
xn t SQL Server 2000.
- NAT Traversal h tr IPSec l mt ci tin mi trn mi trng 2003 ny, n cho php
cc my bn trong mng ni b thc hin cc kt ni peer-to-peer n cc my bn ngoi
Internet, c bit l cc thng tin c truyn gia cc my ny c th c m ha hon ton.
- B sung thm tnh nng NetBIOS over TCP/IP cho dch v RRAS (Routing and Remote
Access).
7/143
TRN MNH HNG
- Phin bn Active Directory 1.1 ra i cho php chng ta y quyn gia cc gc rng vi
nhau ng thi vic backup d liu ca Active Directory cng d dng hn.
- H tr tt hn cng tc qun tr t xa do Windows 2003 ci tin RDP (Remote Desktop
Protocol) c th truyn trn ng truyn 40Kbps
- H tr mi trng qun tr Server thng qua dng lnh phong ph hn
- Cho php to nhiu gc DFS (Distributed File System) trn cng mt Server.
3. Yu cu v phn cng
Web
Edition
c tnh
Standard
Edition
Enterprise Edition
Datacenter Edition
128 MB
512 MB
256 MB
1 GB
32 GB cho dng my
X86, 64 GB cho dng
my Itanium
133 Mhz cho dng my
x86, 733 Mhz cho dng
my Itanium
64 GB cho dng my
x86, 512 GB cho dng
my Itanium
400 Mhz cho dng my
x86, 733 Mhz cho dng
my Itanium
733 Mhz
733 Mhz
8 n 32 CPU cho dng

my x86 32 Bit, 64CPU
cho dng my Itanium
Dung lng a
trng ph v
1.5GB
cho qu trnh ci
t
1.5GB
1.5GB cho dng x86, 1.5GB cho dng my

2GB cho dng my x86, 2GB cho dng my
Itanium
Itanium
S lng my
Khng
kt ni trong
h tr
dch v Cluser
Khng h
8 my
tr
Dung
lng
128 MB 128 MB
RAM ti thiu
Dung
lng
256 MB 256 MB
RAM gi
Dung
lng
RAM h tr ti 2 GB
4 GB
a
Tc ti thiu 133
ca CPU
Mhz
133 Mhz
Tc CPU gi 550
Mhz
550 Mhz
H tr
CPU
nhiu
8 my
4. Cc h iu hnh cho php nng cp thnh Windows server Enterprise Edition

- Windows NT Server 4.0 vi Services Pack 5 hoc ln hn.
- Windows NT Server 4.0, Terminal Server Edition, vi Services Pack 5 hoc ln hn.
- Windows NT Server 4.0, Enterprise Edition, vi Services Pack 5 hoc ln hn.
- Windows 2000 Server
- Windows 2000 Advanced Server
- Windows Server 2003 Standard Edition
5. Bng so snh cc c tnh ca Windows server 2003
c tnh
Web
Edition
Standar
Enterprise Datacenter
d
Edition
Edition
Edition
8/143
TRN MNH HNG
.NET Framework
Yes
Yes
Act as a Domain Controller in the Active
No
Yes
Directory
Microsoft Meta directory Service (MMS)
No
No
support
Internet Information Service (IIS) 6.0
Yes
Yes
ASP.NET
ASP.NET
Yes
Yes
Enterprise UDDI service
No
Yes
Network load balancing
Yes
Yes
Server clusters
No
No
Virtual Private Network(VPN) support
H tr 1 kt
Yes
ni
Internet Authentication Service (IAS)
No
Yes
Ipv6
Yes
Yes
Distributed File System (DFC)
Yes
Yes
Encrypting File System (DFC)
Yes
Yes
Shadow Copy Restore
Yes
Yes
Removable and Remote Storage
No
Yes
Fax service
No
Yes
Service For Macintosh
No
Yes
Print Service for Unix
Yes
Yes
Terminal Services
No
Yes
Intel Mirror
Yes
Yes
Remote OS Installation (RIS)
Yes
Yes
64 bit support for Itanium base computer No
No
Datacenter Program
No
No
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
IV. WINDOWS SERVER 2008

1. Tnh nng vt tri
Microsoft Windows Server 2008 l h iu hnh my ch windows th h tip theo ca hng
Microsoft.
- Cc tnh nng c ci thin mnh m so vi phin bn 2003:
+ An ton bo mt.
+ Truy cp ng dng t xa.
+ Qun l server tp trung.
+ Cc cng c gim st hiu nng v tin cy.
+ Failover clustering v h thng file.
H tr trong vic kim sot mt cch ti u h tng my ch, ng thi to nn mt mi
trng my ch an ton, tin cy v hiu qu hn trc rt nhiu.
2. Cc phin bn ca Windows Server 2008
- Windows Server 2008 Standard Edition
- Windows Server 2008 Enterprise Edition
9/143
TRN MNH HNG
- Windows Server 2008 Datacenter Edition

- Windows Web Server 2008
3. Yu cu phn cng ci t Windows Server 2008
Di y l bng yu cu phn cng ci t windows server 2008:
4. Bng cc tnh nng trong Windows Server 2008
10/143
TRN MNH HNG
CHNG 2: TNG QUAN V WINDOWS SERVER 2008
11/143
TRN MNH HNG
I. GII THIU V WINDOWS SERVER 2008
- Microsoft Windows Server 2008 l th h k tip ca h iu hnh Windows Server, c th

gip cc chuyn gia cng ngh thng tin c th kim sot ti a c s h tng ca h v cung
cp kh nng qun l v hiu lc cha tng c, l sn phm hn hn trong vic m bo an
ton, kh nng tin cy v mi trng my ch vng chc hn cc phin bn trc y.
- Windows Server 2008 cung cp nhng gi tr mi cho cc t chc bng vic bo m tt c
ngi dng u c th c c nhng thnh phn b sung t cc dch v t mng. Windows
Server 2008 cng cung cp nhiu tnh nng vt tri bn trong h iu hnh v kh nng
chun on, cho php cc qun tr vin tng c thi gian h tr cho cc doanh nghip.
- Windows Server 2008 c thit k cung cp cho cc t chc c c nn tng sn xut
tt nht cho ng dng, mng v cc dch v web t nhm lm vic n nhng trung tm d
liu vi tnh nng ng, tnh nng mi c gi tr v nhng ci thin mnh m cho h iu hnh
c bn.
- Ci thin h iu hnh cho my ch Windows.Thm vo tnh nng mi, Windows Server
2008 cung cp nhiu ci thim tt hn cho h iu hnh c bn so vi h iu hnh Windows
Server 2003.
- Nhng ci thin c th thy c gm c cc vn v mng, cc tnh nng bo mt nng
cao, truy cp ng dng t xa, qun l role my ch tp trung, cc cng c kim tra tin cy
v hiu sut, nhm chuyn i d phng, s trin khai v h thng file.
II. CC TNH NNG CA WINDOWS SERVER 2008
1. Cng c qun tr Server Manager

Server Manager l mt giao din iu khin c thit k t chc v qun l mt server
chy h iu hnh Windows Server 2008. Ngi qun tr c th s dng Server Manager vi
nhng nhiu mc ch khc nhau.
- Qun l ng nht trn mt server
- Hin th trng thi hin ti ca server
- Nhn ra cc vn gp phi i vi cc role c ci t mt cch d dng hn
- Qun l cc role trn server, bao gm vic thm v xa role
- Thm v xa b cc tnh nng
- Chn on cc du hiu bt thng
- Cu hnh server: c 4 cng c ( Task Scheduler, Windows Firewall, Services v WMI
Control).
- Cu hnh sao lu v lu tr: cc cng c gip bn sao lu v qun l a l Windows
Server Backup v Disk Management u nm trn Server Manager.
2. Windows Server Core
- Server Core l mt tnh nng mi trong Windows Server 2008. N cho php c th ci t
vi mc ch h tr c bit v c th i vi mt s role.
- Tt c cc tng tc vi Server Core c thng qua cc dng lnh.
Server Core mang li nhng li ch sau:
+Gim thiu c phn mm, v th vic s dng dung lng a cng c gim. Ch tn
khong 1GB khi ci t.
+ Bi v gim thiu c phn mm nn vic cp nht cng khng nhiu.
+ Gim thiu ti a nhng hnh vi xm nhp vo h thng thng qua cc port c m mc
nh.
+ D dng qun l.
12/143
TRN MNH HNG
- Server Core khng bao gm tt c cc tnh nng c sn trong nhng phin bn ci t Server
khc. V d nh .NET Framework hoc Internet Explorer.
3. PowerShell
- PowerShell l mt tp hp lnh. N kt ni nhng dng lnh shell vi mt ngn ng script
v thm vo hn 130 cng c dng lnh(c gi l cmdlets).Hin ti, c th s dng
PowerShell trong:
+ Exchange Server
+ SQL Server
+ Terminal Services
+ Active Directory Domain Services.
+ Qun tr cc dch v, x l v registry.
- Mc nh, Windows PowerShell cha c ci t. Tuy nhin bn c th ci t n mt cch
d dng bng cch s dng cng c qun tr Server Manager v chn Features > Add Features
4. Windows Deloyment Services.
- Windows Deployment Services c tch hp trong Windows Server 2008 cho php bn ci
t h iu hnh t xa cho cc my client m khng cn phi ci t trc tip. WDS cho php
bn ci t t xa thng qua Image ly t DVD ci t. Ngoi ra, WDS cn h tr to Image t
1 my tnh ci t sn Windows v y cc ng dng khc.
- Windows Deployment Serviece s dng nh dng Windows Image (WIM). Mt ci tin c
bit vi WIM so vi RIS l WIM c th lm vic tt vi nhiu nn tng phn cng khc nhau.
5. Terminal Services.
- Terminal Services l mt thnh phn chnh trn Windows Server 2009 cho php user c th
truy cp vo server s dng nhng phn mm.
- Terminal Services gip ngi qun tr trin khai v bo tr h thng phn mm trong doanh
nghip mt cch hiu qu. Ngi qun tr c th ci t cc chng trnh phn mm ln
Terminal Server m khng cn ci t trn h thng my client, v th vic cp nht v bo tr
phn mm tr nn d dng hn.
- Terminal Services cung cp 2 s khc bit cho ngi qun tr v ngi dng cui :
- Dnh cho ngi qun tr: cho php qun tr c th kt ni t xa h thng qun tr bng vic
s dng Remote Desktop Connection hoc Remote Desktop.
- Dnh cho ng i dng cui: cho php ngi dng cui c th chy cc chng trnh t
Terminal Services server.
6. Network Access Protection
- Network Access Protection (NAP) l mt h thng chnh sch thi hnh (Health Policy
Enforcement) c xy dng trong cc h iu hnh Windows Server 2008.
- C ch thc thi ca NAP:
+ Kim tra tnh trng an ton ca client.
+ Gii hn truy cp i vi cc my client khng an ton.
+ NAP s cp nht nhng thnh phn cn thit cho cc my client khng an ton, cho n
khi client iu kin an ton.Cho php client kt ni nu client tha iu kin.
+ NAP gip bo v h thng mng t cc client.
+ NAP cung cp b th vin API (Application Programming Interface), cho php cc nh
qun tr lp trnh nhm tng tnh bo mt cho mnh
13/143
TRN MNH HNG
7. Read-Only Domain Controllers

- Read-Only Domain Controller (RODC) l mt kiu Domain Controller mi trn Windows
Server 2008.Vi RODC, doanh nghip c th d dng trin khai cc Domain Controller
nhng ni m s bo mt khng c m bo v bo mt. RODC l mt phn d liu ca
Active Directory Domain Services.
- V RODC l mt phn d liu ca ADDS nn n lu tr mi i tng, thuc tnh v cc
chnh sch ging nh domain controller, tuy nhin mt khu th b ngoi tr.
8. Cng ngh Failover Clustering.
- Clustering l cng ngh cho php s dng hai hay nhiu server kt hp vi nhau to thnh
mt cm server tng cng tnh n nh trong vn hnh.Nu server ny ngng hot ng
th server khc trong cm s m nhn nhim v m server ngng hot ng ang thc hin
nhm mc ch hot ng ca h thng vn bnh thng. Qu trnh chuyn giao gi l failover.
Nhng phin bn sau h tr:
. Windows Server 2008 Enterprise
. Windows Server 2008 Datacenter
. Windows Server 2008 Itanium
9. Windows Firewall with Advance Security
- Windows Firewall with Advance Security cho php ngi qun tr c th cu hnh a dng
v nng cao tng cng tnh bo mt cho h thng.
- Windows Firewall with Advance Security c nhng im mi:
+ Kim sot cht ch cc kt ni vo v ra trn h thng (inbound v outbound)
+ IPsec c thay th bng khi nim Connection Security Rule, gip bn c th kim sot v
qun l cc chnh sch, ng thi gim st trn firewall. Kt hp vi Active Directory.
+ H tr y IPv6.
III. MT S TNH NNG MI CA WINDOWS SERVER 2008
1. Cng ngh o ha Hyper-V
Hyper-V l cng ngh o ha server th h mi ca Microsoft, s thay i ln nht m
Microsoft mang li so vi phin bn Windows Server 2003. Hyper-V hot ng trn nn h
iu hnh 64-bit. Vi Hyper-V, ngi s dng c th s hu mt nn tng o ha linh hot,
bo mt, ti a hiu sut v tit kim chi ph:
+ Hyper-V c th thch nghi vi doanh nghip ln vi hng nghn my tnh hoc cc doanh
nghip nh hay vn phng chi nhnh. Hyper-V h tr b nh o ln n 64GB, a b vi x l.
+ Kh nng bo mt ging nh cc server vt l. Kt hp cc cng c bo mt Windows
Firewall, Network Access Protectiondo tnh bo mt tt nh mi trng tht.
+ Hyper-V gip khai thc ti a hiu sut s dng phn cng server. Bng vic hp nht
server, cho php mt server vt l c th ng nhiu vai tr ca nhiu server. T , tit kim
c chi ph t cc khong mua server, in, khng gian v bo tr.
Hyper-V ch c th h tr n 32 b vi x l.
2. Processor Compatibility Mode
14/143
TRN MNH HNG
- Cho php di tr cc my o sang mt my ch vt l khc vi mt phin bn CPU khc

(nhng khng phi l CPU ca nh sn xut khc). Trc y, chuyn mt my o HyperV sang mt phn cng khc, cc CPU phi ging nhau, iu yu cu ngi dng thng
phi mua li phn cng mi.
3. File Classification Infrastructure
- FCI l mt tnh nng built-in cho php cc chuyn gia CNTT phn loi v qun l d liu
trong cc my ch file. D liu c th c phn loi vi tc ng doanh nghip mc thp,
cao hoc trung bnh, sau ngi dng c th backup cc d liu quan trng nht d dng hn
v hiu qu hn.
4. Qun l trong a v file:
- Cung cp kh nng thay i kich thc phn vng.
- Shadow Copy h tr a quang, a mng.
- Distributed File System c ci tin.
- Ci tin Failover Clustering.
- Internet Storage Naming Server cho php ng k, hy ng k tp trung v truy xut ti cc
a cng iSCS.
5. Ci tin giao thc v m ha
- H tr m ha 128 v 256 bit cho giao thc chng thc Keberos.
- Hm API m ha mi h tr m ha vng elip v ci tin qun l chng ch.
- Giao thc VPN mi Secure Socket Tunneling Protocol.
- AuthIP c s dng trong mng VPN Ipsec.
- Giao thc Server Message Block 2.0 cung cp cc ci tin trong truyn thng.
6. Mt s tnh nng khc
- Windows Deployment Services thay th cho Automated Deployment Services v Remote
Installation Services.
- IIS 7 thay th IIS 6, tng cng kh nng bo mt, ci tin cng c chun on, h tr qun
l.
- C thnh phn "Desktop Experience" cung cp kh nng ci tin giao din.
IV. CC LI CH CA WINDOWS SERVER 2008
Windows Server 2008 mang n li ch trong bn lnh vc:Web, o ha, Bo mt, Nn tng
vng chc cho cc hot ng ca t chc
1. Web
-Windows Server 2008 cung cp mt nn tng ng nht trin khai dch v Web nh tch
hp IIS7.0,ASP.NET,Windows Communication Foundation v Microsoft Windows
SharePoint Services.
- Li ich ca IIS 7.0:
+ Tinh nng phn tch
+ Qun tr hiu qu.
+ Nng cao tnh bo mt.
+ Gim chi ph h tr.
+ Giao din thn thin v tin dng
+ H tr vic sao chp gia cc site.
15/143
TRN MNH HNG
+ Copy d dng cc thit lp ca trang web gia cc my ch web khc nhau m khng cn
phi thit lp g thm.
+ Chnh sch phn quyn qun tr cc ng dng v cc site r rng
2. o ha :
- Phin bn 64 bit ca Windows Server 2008 c tch hp sn cng ngh o ha hypervisor :
+ Cho php my o tng tc trc tip vi phn cng my ch hiu qu hn.
+ C kh nng o ha nhiu h iu hnh khc nhau trn cng 1 phn cng my ch s lm
gim chi ph, tng hiu sut s dng phn cng, ti u ha h tng, nng cao tnh sn sng ca
my ch.
+ Tit kim chi ph mua sm bn quyn phn mm.
+ Tich hp v tp trung cc ng dng phc v cho vic truy cp t xa mt cch d dng bng
cch s dng Terminal Services.
3. Bo mt:
- Cc tnh nng an ninh bao gm: Network Access Protection, Read-Only Domain Controller,
BitLocker, Windows Firewall cung cp cc mc bo v cha tng c cho h thng mng,
d liu v cng vic ca t chc.
3.1. Network Access Protection (NAP):
- NAP dng thit lp chnh sch mng i vi cc my trm khi my trm mun kt ni
vo h thng mng ca t chc. Yu cu an ninh i vi my trm c kt ni vi h thng
mng:
- ci t phm mm dit virus.
- cp nht phin bn mi.
- ci t cc bn v li h thng hoc ci t phn mm firewall.
3.2. Read-Only Domain Controller (RODC):
L mt kiu Domain Controller (DC).
- RODC cha mt bn sao cc d liu "ch c" ca d liu Active Directory (AD).
- User khng th ghi trc tip vo RODC.
- RODC khng cha thng tin v mt khu trong AD, m ch caching cc users c php s
dng .
RODC thch hp cho vic trin khai cc chi nhnh, ni c iu kin bo mt km cng
nh trnh ca nhn vin IT cn hn ch.
3.3. BitLocker:
Bo v an ton cho my ch, my trm, my tnh di ng.
- M ha ni dung ca a nhm ngn cn
- Nng cao kh nng bo v d liu: kt hp chc nng m ha tp tin h thng v kim tra
tinh ton vn ca cc thnh phn khi boot.
- Ton b tp tin h thng c m ha, gm c file swap v file hibernation.
3.4. Windows Firewall:
- Ngn chn cc lu lng mng theo cu hnh v cc ng dng dng chy bo v mng
khi cc chng trnh v ngi dng nguy him.
-H tr ngn chn cc thng tin vo v ra.
- S dng MMC snap-in ( Windows Firewall with Adbanced Security) n gin ha vic
cu hnh, qun tr.
V. Cc Phin bn ca Windows Server 2008
Windows Server 2008: ng dng cho cc trung tm data ln, ng dng nghip v ring,...
kh nng m rng cao cho ti 64 b x l.
16/143
TRN MNH HNG
Windows Server 2008 Standard Edition

Windows Server 2008 Standard l mt trong nhng phin bn t tn km nht ca cc phin
bn khc nhau c sn. Windows Server 2008 Stardard h tr ti 4GB RAM v 4 b vi x l.
Ch yu nhm mc tiu v cc doanh nghip va v nh. Ch c th nng cp ln Windows
Server 2008 Standard t Windows 2000 Server v Windows Server 2003 Standard Edition.
Windows Server 2008 Enterprise Edition
- Windows Server 2008 Enterprise Edition cung cp chc nng ln hn v c kh nng m
rng hn so vi bn tiu chun. Cng nh phin bn Standard Edition th phin bn Enterprise
cng c c hai phin bn 32-bit v 64-bit. H tr 8 b x l v ln ti 64GB b nh RAM trn
h thng 32-bit v 2TB RAM trn h thng 64-bit.
- Cc tnh nng khc ca n bn Doanh nghip bao gm h tr Clustering n 8 nt v Active
Directory Federated Services (AD FS).
- Cc phin bn Windows Server 2000, Windows 2000 Advanced Server, Windows Server
2003 Standard Edition v Windows Server 2003 Enterprise Edition u c th c nng cp
ln Windows Server 2008 Enterprise Edition.
Windows Server 2008 Datacenter Edition
- Phin bn Datacenter i din cui cng ca lot sn phm my ch Windows 2008 v mc
tiu l nhim v quan trng i hi cc doanh nghip n nh v mc thi gian hot ng
cao. Windows Server 2008 phin bn Datacenter l lin h cht ch vi cc phn cng c bn
thng qua vic thc hin ty chnh Hardware Abstraction Layer (HAL).
- Windows server 2008 Datacenter cng h tr hai phin bn 32 bit v 64 bit. N h tr 64GB
b nh RAM trn nn 32 bit v ln ti 2TB RAM trn nn 64 bt. Ngoi ra phin bn ny cn
h tr ti thiu l 8 b vi x l v ti a l 64.
- nng cp ln phin bn ny th phi l cc phin bn Datacenter 2000 v 2003.
Windows Web Server 2008
- Windows Web Server 2008 l mt phin bn ca Windows Server 2008 c thit k ch
yu cho mc ch cung cp cc dch v web. N bao gm Internet Information Services (IIS)
7,0 cng vi cc dch v lin quan nh Simple Mail Transfer Protocol (SMTP) v Telnet. N
cng c cc phin bn 32-bit v 64-bit, phin bn v h tr ln n 4 b vi x l. RAM c
gii hn 4GB v 32GB trn 32-bit v 64-bit h thng tng ng.
- Windows Web Server 2008 thiu nhiu tnh nng hin din trong cc phin bn khc nh
phn nhm,m ha a BitLocker, Multi I/O,Windows Internet Naming Service
(WINS),Removable Storage Management v SAN Management.
17/143
TRN MNH HNG
CHNG 3 : CI T WINDOWS SERVER 2008
I. YU CU PHN CNG
Phn cng
B vi x l
Yu cu ti thiu
ngh
1 Ghz (x86), 1,4 Ghz 2Ghz hoc ln hn
(x64)
RAM
512MB RAM
2GB
Dung lng trng
15GB
40GB
Windows Server 2008 h tr c 2 cu trc vi x l 32-bit v 64-bit. Tuy nhin, phin bn mi
nht l Windows Server 2008 R2, Windows Midmarket Server v Windows Small Business
vi nhng tnh nng a dch v, cc phin bn ny ch h tr cu trc vi x l 64-bit.
RAM h tr ti a cho h thng 32-bit l 4GB khi chy phin bn Standard Edition
v 64GB khi chy phin bn Enterprise v Datacenter. Nu chy h thng 64-bit, b nh
RAM c th h tr ln dn 32GB v 2TB RAM cho phin bn Enterprise v Datacenter.
Thm vo , Windows Server 2008 h tr h thng Itanium, tuy nhin chip x l Intel
Itanium 2 nhn l cn thit.
II. CC CCH CI T
C 6 cch ci t Windows Server 2008
T ci t cc nng cp
Ci t t kch bn
S dng Sconfig
Visual Core Configurator 2008
Ci t bng cch s dng Core Configurator 2.0
Ci t trc tip t a CD Windows Server 2008
III. NNG CP LN WINDOWS SERVER 2008
Nhng phin bn trc
Nng cp ln Windows Server 2008
Microsoft Windows Server 2003 R2 Standard, H tr y
Enterprise hoc DatacenterEdition
Microsoft Windows Server 2003 Service Pack H tr y
1(SP1) Standard, Enterprise hoc Datacenter
Edition
Microsoft Windows Server 2003 Service Pack 2 H tr y
(SP2) Standard, Enterprise hoc Datacenter Edition
Windows NT 4.0
Khng h tr
Windows 2000 Server
Khng h tr
Windows XP
Khng h tr
Windows Vista
Khng h tr
Windows 7
Khng h tr
nng cp ln phin bn Windows Server 2008, cn phi chy cc h iu hnh cp
server. Khng th nng cp cc phin bn Windows dnh cho ngi dng nh Windows XP
hoc Windows Vista ln Windows Server 2008. nng cp ln Windows Server 2008,
18/143
TRN MNH HNG
h thng ca bn phi chy Windows Server 2003. Vic nng cp t Windows NT 4.0 v
Windows 2000 Server khng c h tr. Vic nng cp t nhng phin bn Windows Server
2003 ln phin bn Windows Server 2008 Server Core khng c h tr. Vic nng cp ch
thc hin c nhng phin bn ging nhau. Khi nng cp ln phin bn Windows Server
2008, mi cu hnh thit lp, file v cc chng trnh u c gi li
IV. CI T WINDOWS SERVER 2008
t a CD vo a, khi ng li my tnh v bt u tin hnh qu trnh ci t.
Language to instalk : ngn ng bn mun hin th.

Time and currency format : nh dng thi gian v tin t.
Keyboard or input method : nh dng bn phm v phng thc nhp ch.Sau khi la chn,
click Next tip tc ci t
19/143
TRN MNH HNG
Click Install now bt u ci t.
La chn phin bn Windows Server thch hp, y chng ta chn phin bn Windows
Server Standard without Hyper-V. Click Next tip tc.
Ti bng MICROSOFT PRE-RELEASE SOFTWARE LICENSE TERMS l nhng iu

khon s dng sn phm ca Microsoft. nh du chn vo I accept the license terms
chp nhn nhng iu khon v click Next tip tc.
20/143
TRN MNH HNG
Chn Custom (advaneced) tin hnh ci t ty chn.
Tip theo l chn a ci dt Windows. Tip tc click Next sau khi chn a ci t.
21/143
TRN MNH HNG
i cho n khi hon tt ci t Windows Server 2008

Sau khi h thng hon tt ci t s t ng ng nhp vi ti khon Administrator, tuy nhin
mt khu ang trng thi trng (blank) v th cn phi thit lp mt khu ln ng nhp
u tin.
Click OK tin hnh thay i mt khu.Sau ng nhp vo bng mt khu va thay i.

n y qu trnh ci t kt thc.
22/143
TRN MNH HNG
CHNG 4: DNG DOMAIN
I.
TO DNG DOMAIN CONTROLLER
Ging nh Windows Server 2003 s vn cn chy dcpromo t nhc lnh Run, tuy nhin cn
phi ci t Active Directory Domain Controller role, u tin bn ci t role, sau chy
dcpromo.Vo Server Manager Roles Add Roles
Xut hin trang Before You Begin, nhn Next tip tc.
23/143
TRN MNH HNG
Chn Active Directory Domain Services Add Required Features ci t thm cc tnh
nng ny vi Active Directory Server Role.
Sau khi chn Active Directory DC Server Role, bn s thy cc thng tin v Server Role.
Kch Install ci t cc file yu cu nhm chy dcpromo
Ci t c thc hin thnh cng. Kch Close.
Lc ny vo menu Start, nh dcpromo vo hp tm kim. Kch dcpromo.
24/143
TRN MNH HNG
Thao tc ny s khi chy Welcome to the Active Directory Domain Service Installation
Wizard. Kch Next.
Sau tip tc nhn Next.

Trong trang Choose a Deployment Configuration Create a new domain in a new forest..
25/143
TRN MNH HNG
Trong trang Name the Forest Root Domain, nhp vo tn ca min trong hp nhp liu
FQDN of the forest room domain.Nhn Next tip tc.
Nhn Next tip tc.
26/143
TRN MNH HNG
Trong trang Set Forest Functional Level, chn Windows Server 2008. Nhn Next tip tc.
Trong trang Additional Domain Controller Options, Chn DNS server v kch Next.
27/143
TRN MNH HNG
Mt hp thoi s xut hin ni rng khng th to i biu cho my ch DNS ny v khng th

tm thy vng xc thc hoc n khng chy Windows DNS server. L do cho iu ny l v
y l DC u tin trn mng. Nhn Next tip tc.
li th mc Database, Log Files v SYSVOL ,kch Next.
28/143
TRN MNH HNG
Trong Directory Service Restore Mode Administrator Password, nhp mt mt khu mnh
vo cc hp nhp liu Password v Confirm password.
Xc nhn cc thng tin trn trang Summary v kch Next.
29/143
TRN MNH HNG
Active Directory s ci t. t mt du kim vo hp chn Reboot on completion my

tnh s t ng khi ng li khi ci t DC c hon tt.
. Ci t s hon tt khi ng nhp.

II. NG NHP MY CLIENT VO DOMAIN
t a ch IP.Click phi vo My Network places Properties.Chn Manager network
connectionsClick phi vo biu tng card mng chn Properties.Chn Internet Protocol
Version 4 (TCP/IPv4) Properties
30/143
TRN MNH HNG
Click phi My Computer Properties Change Settings.

Nhn nt Change.
Chn Domain Nhp tn domain
31/143
TRN MNH HNG
Cng vic thnh cng.

Nhn OK chp nhn Restart my.
Nhn Close.
Nhn Restart Now.
Sau khi restart, log on vo domain Administrator my tnh tr thnh 1 client ca domain
taiphat.net.
32/143
TRN MNH HNG
CHNG 5 : XY DNG CC DCH V

I. DCH V DNS
1. Gii thiu v DNS
DNS (Domain Name System) Server l my ch c dng phn gii domain thnh a ch
IP v ngc li. V cch thc hot ng, DNS Server lu tr mt c s d liu bao gm cc
bn ghi DNS v dch v lng nghe cc yu cu.Khi my client gi yu cu phn gii n, DNS
Server tin hnh tra cu trong c s d liu v gi kt qu tng ng v my client.
2. Ci t DNS
Vo Server Manager Roles Add Roles.Ti bng Select Server Roles, chn DNS Server
- Sau nhn Next tip tc

- Chn Instal. Ti bng Confirm Installation Selections xc nhn vic ci t.
33/143
TRN MNH HNG
- Chn Close hon tt ci t.
3. Cu hnh DNS
- i vi DNS Server,thng thng nn xy dng ng thi hai h thng l DNS Server
chnh (Primary) v DNS Server d phng (Secondary) dng chung mt c s d liu. Vi
phng php ny,s hn ch kh nng dch v DNS b ngng khi c s c xy ra trn h
thng.
34/143
TRN MNH HNG
- Vo Start Administrative Tools DNS.

- Nhp chut phi vo Forward Lookup Zones v chn New Zone.
- Ti bng Welcome to the New Zone Wizard ,chn Next.
- Ti bng Zone Type chn Primary zone cu hnh DNS Server chnh.
35/143
TRN MNH HNG
- Chn Next. Ti bng Zone Name g tn domain vo.
- Chn Next. Ti bng Zone File, mc nh. Chn Next.
36/143
TRN MNH HNG
- Chn Next. Ti bng Completing the New Zone Wizard xem li thng tin.
- Sau chn Finish hon tt.
- Nhp chut phi vo Reverse Lookup Zones v chn New Zone.
- Ti bng Welcome to the New Zone Wizard chn Next.
37/143
TRN MNH HNG
- Ti bng Zone Type chn Primary zone cu hnh chc nng reverse cho DNS Server
chnh.
- Chn Next.Ti bng Reverse Lookup Zone Name chn kiu IP cn phn gii. y chn
IPv4.
38/143
TRN MNH HNG
- Chn Next. in Network ID v chn Next.
- Ti bng Zone File mc nh. Chn Next.

- Ti bng Dynamic Update chn Allow both nonsecure dynamic updates.
- Chn Next v xem li thng tin thit lp, v sau chn Finish kt thc.
39/143
TRN MNH HNG
4. Cu hnh a ch DNS Server trn my Client
5. B sung cc bn ghi DNS vo DNS Server

- Nu mun to cc record khc.Nhp chut phi vo zone v chn Other New Records.
- Vo Start Administrative Tools DNS. Nhp chut phi vo zone v chn New
40/143
TRN MNH HNG
- G tn host vo mc Name, g a ch IP vo mc IP address. Nu mun to ra mt bn ghi

DNS phn gii ngc tng ng th nh du chn Create associated pointer (PTR) record.
- Sau chn Add Host.Xut hin thng bo thnh cng.
Chn OK. Bng New Host tip tc xut hin, chn Done kt thc to bn ghi. to mt
bn ghi Alias, nhp chut phi vo zone v chn New Alias (CNAME). Tng t nh trn,
in cc thng tin vo. Ti mc Fully qualified domain name (FQDN) for target host, nu bn
khng nh, chn Browse tm tn my cn tht.
41/143
TRN MNH HNG
- Sau khi in thng tin y . Chn OK hon tt.
42/143
TRN MNH HNG
II. DCH V DHCP

1. Gii thiu dich v DHCP
- Dch v DHCP cho php chng ta cp ng cc thng s cu hnh mng cho cc my
trm.(client).
- C ch s dng cc thng s mng c cp pht ng c u im hn so vi c ch khai
bo tnh cc thng s mng nh:
Khc phc c tnh trng ng a ch IP v gim chi ph qun tr cho h thng mng.Gip
cho cc nh cung cp dch v (ISP) tit kim c s lng a ch IP tht (Public IP).Ph hp
cho cc my tnh thng xuyn di chuyn qua li gia cc mng.Kt hp vi h thng mng
khng dy (Wireless) cung cp cc im Hotspot nh: nh ga, sn bay, trng hc
2. Hot ng ca giao thc
Giao thc DHCP lm vic theo m hnh client/server.Khi my client khi ng, my s gi
broadcast gi tin DHCPDISCOVER, yu cu mt server phc v mnh. Gi tin ny cng cha
a ch MAC ca my client.Cc my Server trn mng khi nhn c gi tin yu cu , nu
cn kh nng cung cp a ch IP, u gi li cho my Client gi tin DHCPOFFER, ngh
cho thu mt a ch IP trong mt khon thi gian nht nh, km theo l mt subnet mask v
a ch ca Server.
3. Ci t trn Windows Server 2008
3.1. Trn my Server
- Vo Server Manger Roles Add Roles.
- Nhn Next trong mc Roles chn DHCP Server. Nhn Next.
43/143
TRN MNH HNG
- Trong bng ny gii thiu v DHCP v cc im cn lu Things to Note. Tip tc nhn

Next.
- Chn card mng s dng dch v ny y chng ta ch c mt card mng nn tip tc nhn
Next nhn Next.
44/143
TRN MNH HNG
- Trong mc Parent Domain in tn domain v in IP DNS server mc Preferred

DNS v nhn Validate kim tra v xc nhn tn ti v tip tc nhn Next.
- Tip tc nhn Next.
45/143
TRN MNH HNG
- bng Add or Edit DHCP Scopes, nhn Add thm scope, in thng tin scope cn add
v nhn OK.
46/143
TRN MNH HNG
- Nhn Next v Tt chc nng IPv6 y chng ta khng s dng IPv6, chn Disable IPv6
Stateless mode v Next.
47/143
TRN MNH HNG
- Chn user c quyn Author Next.
- Xc nhn li thng tin trc khi ci t dch v DHCP.
- Nhn Install tin hnh ci t.

- Ci t Role hon tt, v nhn Close
48/143
TRN MNH HNG
Kim tra li h thng.
3.2 Trn my Client

- my client cu hnh TCP/IPv4 cho nhn IP ng.
49/143
TRN MNH HNG
- M Command Prompt, nhp lnh ipconfig /release (xa IP ng hin ti) v nhp tip lnh
ipconfig /renew (yu cu cp IP ng mi) kim tra vic cp pht ip ng ca DHCP.
4. Cu hnh DHCP
4 .1. To Scope
- Vo Administrative Tools DHCP.
- Nhn chut phi vo IPv4 v New Scope.
- Hp thoi New Scope hin ra v Next.
50/143
TRN MNH HNG
- Hp thoi Scope Name v in tn ca scope vo mc Name v nhn Next.
- Hp thoi IP Address Range, in thng s range IP cp pht v subnet mask Next.
51/143
TRN MNH HNG
- Hp thoi Add Exclusions: nhp range ip c bit khng dng cp pht Add Next.
- Hp thoi Lease Duration: thi gian thu a ch IP mc nh l 8 ngy.
52/143
TRN MNH HNG
- Hp thoi Configuration DHCP Options yu cu chng ta cu hnh thng s dch v ca

scope ngay by gi hoc sau. y ta chn Yes, I want to config these options now v
nhn Next.
- Hp thoi Router (Default gateway): nhp a ch default gateway ca scope ny ri nhn

Add v Next.
53/143
TRN MNH HNG
- Hp thoi Domain Name v DNS server : in tn domain, phn IP Address in IP DNS

server
- Nhn Next tip tc.

- Hp thoi Active Scope chn active scope v nhn Next.
54/143
TRN MNH HNG
- Sau nhn Finish kt thc.

- Xem kt qu scope 192.168.1.0 c to:
4.2. Thay i options ca Scope

- X scope cn thao tc v chut phi scope options Configure Options.
- Hp thoi Scope Options hin ra, trng Available Options l nhng thuc tnh sn sng
m chng ta c th thay i vi nhng thuc tnh stick l nhng thuc tnh c cu
hnh trc .
55/143
TRN MNH HNG
- Chng ta s th cu hnh default gateway li cho scope ny, chn Router. Router Options
hin ta cho chng ta thm xa v edit vi nhng thuc tnh khc cng vy.
4.3. Thay i Server options

- Chut phi Server options Configure Options.
- Cng nh cch thc thay i thuc tnh ca scope options ch khc l nhng thuc tnh thay
i y s p cho tt c cc scope ca server.
56/143
TRN MNH HNG
5. Backup DHCP Server

- Vo Administrative Tools l DHCP. Nhn chut phi tn my v Backup
- Hp thoi Browse For Folder hin ra yu cu chn ni ct file backup, mc nh l trong

C:\Windows\system32\dhcp\backup.
- Chng ta mc nh v OK kt thc qu trnh backup vo th mc ch bakup kim tra.

6. Remove DHCP Server
- Vo Server Manager Roles Chn Remove roles.
57/143
TRN MNH HNG
- Hp thoi Remove Roles Wizard hin ra v nhn Next.
- B du stick dch v DHCP v Next, sau chn Remove xa dch v DHCP
58/143
TRN MNH HNG
- Sau Restart li h thng.

III.DCH VU TH MC (Directory Services)
1. Chun b
Thit lp a ch IP cho card mng ca server hoc bn c th thit lp a ch IP ca cc DNS
Server trong h thng. Nu mun ci t mt Read-Only Domain Controller,bn phi chun b
forest bng lnh adprep /rodcprep.Xy dng cc DNS Server trong h thng mng nu c,
trong qu trnh ci t AD DS s c ci t DNS Server.
2. Cu hnh
2.1 Trn my Server
- Vo Adminstrator Tool chn Server Manager
- Trong mc Roles chn Add roles.
59/143
TRN MNH HNG
- Nhn Next, mc ny m t v AD DS v nhng ch Things to Note.
- Tip tc Next, mc ny xc nhn ln cui trc khi ci t dch v.
60/143
TRN MNH HNG
- Qu trnh ci t thnh cng. Click Close.
- Tin trnh ci t dch v kt thc s hin ra cu thng bo yu cu nng cp ln domain

bng lnh dcpromo nh Windows Server 2003.
61/143
TRN MNH HNG
2.5.
Cho Client vo Domain
Computer Name: nh tn my vo y nu mun i tn y chn l th9a.
- Tip theo stick vo phn Domain nhp tn Domain , y Domain c tn l taiphat.net.

- Nhn OK h thng check DNS server DC ca domain taiphat.net, bng thng bo hin ra
yu Xc nhn hon tt.
- Tip theo chn OK v sau c yu cu Restart li h thng.

IV. DCH V TP TIN (File Services)
1. Trin khai File Sevices
File Server Resource Manager l mt tp hp cc cng c cho php ngi qun tr c th
iu khin v qun l d liu trn cc server chy h iu hnh Windows Server 2008 mt
cch hiu qu.Vi cng c ny, c th cu hnh quota trn c a v th mc,ngn cm sao
chp nhng nh dng m bn ch nh,ng thi xut ra cc bo co gim st hot ng ca
ngi dng trn khng gian lu tr.
- ci t dch v File Services vo Server Manager Roles Add Roles
62/143
TRN MNH HNG
- Ti bng Select Server Roles,chn File Services.
- Chn Next. Ti bng File Services ,xem gii thiu thng tin v dch v File Services
- Chn Next. Ti bng Select Role Services chn File Server Resource Manager.
63/143
TRN MNH HNG
- Chn Next. Ti bng Configure Storage Usage Monitoring ,chn a cn theo di.
- Chn Next. Ti bng Set Report Options, thay i cc ty chn lin quan n bo co s
xut ra nh v tr lu tr bo co,gi bo co qua email.
64/143
TRN MNH HNG
- Chn Next. Ti bng Confirm Installation Selections, xem li cc thit lp, sau chn
Install.
- Sau khi ci t hon tt.Chn Close.
- m File Server Reource Manager vo Start Administrative Tools File Server
Resource Manager.
- Ti y c 3 thnh phn chnh l Quota,File Screening,Storage Report . cu hnh cc

ty chn trn File Server Resource Manager nhp chut phi vo File Server Resource
Manager (Local) v chn Configure Options.
65/143
TRN MNH HNG
Ti tab Email Notification, nhp thng tin v Mail Server v a ch email ca ngi nhn
h thng gi thng tin cnh bo v cc bo co.
tab Notification Limits, bn c th gii hn s lng thng tin cnh bo gi v.
66/143
TRN MNH HNG
Ti tab Storage Reports c th thit lp nhng thng s mc nh trong cc bo co s xut

ra. mi report c th chnh li bng cch chn Edit Parameters.
Ti tab Report Locations cho php thit lp v tr lu tr cc bo co.
67/143
TRN MNH HNG
Ti tab File Screen Audit cho php thit lp bn ghi v file screen trn audit.
Chn OK hon tt cc thit lp.
68/143
TRN MNH HNG
2. Qun l File Screen

File Screen l cng c dng ngn chn ngi s dng lu tr mt s file khng c php
ln a hoc th mc c cp.
Khi to mt file screen,c th chn mt trong 2 hnh thc:
- Active Screening : khng cho php ngi s dng lu tr cc loi file khng c php ln
server
- Passive Screening : cho php ngi s dng lu tr cc loi file khng c php ln
server,ng thi a ra cc cnh bo cn thit phc v cho mc ch kim sot.
Ch : vi cc file tn ti trong a hoc th mc trc khi file screen c to ra,ngi
s dng hon ton c th truy cp c,cho d cc file thuc vo danh sch cc loi file b
cm.
Cc bc ci t File Screen
- to mt file group,vo StartAdministrative ToolsFile Server Resource Manager
Click vo File Screening Management .Nhp chut phi vo File Groups chn Create File
Group.
- Ti bng Create File Group Properties,nhp tn file ca file group vo mc File group name.
- Nhp nh dng file vo v chn Add,hoc b th chn Remove. File to include : bao gm
cc loi file thuc groupFile to exclude : bao gm cc loi file khng thuc group.
69/143
TRN MNH HNG
Chn OK hon tt.Lc ny group xut hin ti bng
- to mt file screen,ti File Server Resource Manager.Nhp chut phi vo File Screens
v chn Create File Screen
- Ti bng Create File Screen,ti mc File screen path,chn ng dn th mc s p dng
file screen. mc How do you want to configure file screen properties,chn Derive
properties from this file screen template s dng cc template sn c trn h thng.
70/143
TRN MNH HNG
- Nu mun thit lp cc thuc tnh ring bit do mnh t nh ngha,chn Define custom file
screen properties,sau click chn Custom Properties.
- Ti bng File Screen Properties ,nu mun copy cc thuc tnh t mt template trn h
thng, chn mt template t danh sch Copy properties from template v chn Copy
- mc Screening type,chn Active screening hoc Passive screening.
- mc File group,chn cc file group tng ng vi file screen.
71/143
TRN MNH HNG
- Sau khi thit lp xong chn OK .

- Sau chn Create .Ti bng Save Custom Properties as a Template,nh du chn Save
the custom properties as a template v nhp tn template vo mc Template nameOK.
- to mt file screen exception ,nhp chut phi vo Files Screen v chn Create File
Screen Exception.
- Ti bng Create File Screen Exception, mc Exception path ,chn ng dn n th

mc s p dng file screen exception. Trong mc File groups chn cc file group tng ng
a vo file screen exception
72/143
TRN MNH HNG
- Chn OK hon tt.

3. Qun l Quota
- to mt Quota vo StartAdministrative ToolsFile Server Resource Manager.
- Click vo Quota ManagementQuota Templates
- khung gia,nhp chut phi vo mt template v chn Create Quota from Template
73/143
TRN MNH HNG
- Ti bng Create Quota, mc Quota path chn ng dn n a hoc th mc cn thit

bng cch click vo Browse.
- nh du chn vo Create quota on path
- mc Derive properties from this quota template,chn mt template ph hp
- mc Summary of quota properties,xem li nhng thuc tnh ca template va chn.
- Chn Create to mt quota mi. thay i template ,nhp chut phi vo mt template
v chn Edit Template Properties...Ti y c th thay i cc ty chn cho ph hp vi yu
cu ca mnh nh dung lng a s cp quota,hnh thc quota l hard quota hay soft quota
74/143
TRN MNH HNG
To mt Quota Template
.- to mt quota template,nhp chut phi vo Quota Templates v chn Create Quota
Template
- Trn bng Create Quota Template,nu mun p dng thuc tnh ca template c vo
template ca mnh chn mt template trong danh sch mc Copy properties from quota
template (optional) v click chn Copy.Nhp tn template vo mc Template Name.Nhp
thng tin miu t vo mc Label(optional). mc Space Limit,bn nhp dung lng cn cp
quota v chn kiu hard quota hoc soft quota.C th b sung cc ngng cnh bo mi cho
template ca mnh bng cch s dng chc nng Add mc Notification thresholds.Nu
mun ty chnh,chn Edit.Sau chn OK hon tt to template.
75/143
TRN MNH HNG
ty chnh cho quota template va to, nhp chut phi vo quota template v chn Edit
Template Properties..Sau thc hin cc thay i cn thit v chn OK.
Ti bng Update Quotas Derived from Template c 3 s la chn :
Apply template only to derived quotas that match the original template : cp nht cho cc
quota cha tng c hiu chnh k t khi c to ra.
Apply template to all derived quotas : cp nht cho tt c cc quota s dng template ny
Do not apply template to derived quotas : khng mun thc hin tao tc cp nht quota
Nhn OK hon tt.

4. Qun l cc bo co
- Vo Start Administrative Tools File Server Resoucre Manager..Righ-click vo File
Server Resource Manager v chn Configure Options. tab Storage Reports, mc
Configure default parameters, click chn loi bo co mun ty chnh v click vo Edit
Parameters.Sau tin hnh thay i v chn OK.
- xem li cc thit lp va ri,click vo Review Reports
76/143
TRN MNH HNG
- Sau chn Close v chn OK hon tt thit lp. lp lch xut ra cc bo co,trong File
Server Resource Manager,right-click vo Storage Reports Management v chn Schedule a
New Report Task.
- Ti tab Settings, mc Scope,click vo Add chn cc a hay th mc cn xut thng tin

bo co. mc Report data,chn cc loi bo co tng ng.Vi mi loi ,bn c th s dng
chc nng Edit Parameters ty chnh cc tham s khi cn. mc Report formats,chn cc
nh dng lu tr bo co,mc nh l Dynamic HTML (DHTML).
77/143
TRN MNH HNG
- gi bo co qua email,m tab Delivery,nh du chn vo Send reports to the following

administrators v nhp a ch email ca ngi nhn.
- tab Schedule,click vo Create Schedule lp lch.Ti bng Schedule ,click vo New.Sau

chn thi gian,nu mun thit lp m rng th click chn Advance.
78/143
TRN MNH HNG
- Chn OK hon tt .
- Sau khi thit lp bo co,gi chng ta s xut ra cc bo co theo nhu cu.Chut phi vo
Storage Reports Management v chn Generate Reports Now . tab Settings,ti mc
Scope,click vo Add v chn cc a hay th mc cn xut thng tin bo co. mc Report
data,chn loi bo co tng ng.Vi mi loi, c th s dng chc nng Edit Parameters
ty chnh cc tham s khi cn. mc Report formats,chn cc nh dng lu tr bo co.
79/143
TRN MNH HNG
- Ti tab Delivery,nh du chn mc Send reports to the following administrator v nhp

a ch email ca ngi nhn
Sau chn OK.Ti bng Generate Storage Reports,chn Generate reports in the background
lu cc bo co v xem ti th mc lu tr chng.
Chn OK hon tt
V. DCH V IN N (Print Services)
1. Ci t
Print Services Tools khng c ci t mc nh, v vy s dng n cn phi ci t
thnh phn ny trc.
- Chut phi My Computer Server Manager Chn Features
80/143
TRN MNH HNG
- Chn Add Features.
- Trong mc Add Features Wizard Chn Print Services ToolsClick Next.
81/143
TRN MNH HNG
- Tip tc nhn Install ci t.V sau c nhn Close hon tt vic ci t.
82/143
TRN MNH HNG
2. Truy cp Print Sevices Tools

Chn Start Administrative Tools Print Management
3. Qun l cc my in trong mng

u tin Windows t cc mc All Printers v All Drivers mt cch t ng trong trng
hp ny. Bn cnh my ch m chng ta ci t giao din Print Management l thnh
vin ca min Active Directory. Mt im na l tn my ch tng ng vi mi my in. Mc
83/143
TRN MNH HNG
d cc my in mng nm mt im no trong mng nhng Windows s t ng to mt

hng i cho mi my in trn my ch. Mt trong cc chc nng chnh ca giao din qun l
Print Management l cho php qun l in n mng tp trung.
VI. DCH V WEB
1. Gii thiu v IIS 7.0
IIS7 c thit k tr thnh mt nn tng Web v ng dng linh ng v an ton nht cho
Microsoft. Microsoft thit k li IIS t nhng nn tng c trc . IIS c cc tnh nng
- Bo mt
- Kh nng m rng
- Cu hnh v trin khai
- Qun tr v chun on
- Hiu sut
2. Ci t IIS 7.0
- ci t IIS7.0 nhp phi chut Computer chn Manage.Chn Roles trong Server
Manager sau click chn Add roles.
- Chn Web Server (IIS) trong mn hnh Select Server Roles.
84/143
TRN MNH HNG
- Windows s bt mn hnh Add Roles Wizard nhp chn Add Required Features.Chn cc
dch v cn thit cho Server .
- Nhn Install bt u ci t.
85/143
TRN MNH HNG
Qu trnh ci t bt u.
- Sau khi ci t hon tt s thy trong Administrative Tools xut hin n 2 dch v IIS
l IIS6 v IIS7.
86/143
TRN MNH HNG
VII. DCH V FTP.

1. Gii thiu v FTP.
- FTP l ch vit tc ca File Transfer Protocol - Giao thc truyn file. FTP l mt giao thc
truyn file trn mng da trn chun TCP nn ng tin cy.Giao thc truyn ti file - FTP l
cng c qun l files gia cc my. FTP cho php truyn v ti files, qun l th mc, v ly
mail. FTP khng c thit k truy nhp v thi hnh files, nhng n l cng c tuyt vi
truyn ti files.Windows Server 2008 h tr 2 version FTP servers l FTP 6.0 v FTP 7.5 .
version FTP 7.5 c h tng cng tnh bo mt v cng c cho nh qun tr d qun l.
Nhng im mi :
FTP Publishing Server mi gm c rt nhiu tnh nng v cc ci thin.
- S tch hp vi IIS 7.0
- H tr cho cc chun Internet mi
- Chia s hosting
- Kh nng m rng
- Logging
- Cc tnh nng khc phc s c
2. Ci t v cu hnh.
2.1. Ci t.
- Vo Server Manager Roles Web Server(IIS)phi chut chn Add Role Services.
- Click chn FTP Publishing Service.
87/143
TRN MNH HNG
- Click Install ci t.
- Qu trnh ci t hon tt. Sau nhn Close.

2.2. Cu hnh : to mt FTP site
- Trc tin, ta to th mc cn public :
88/143
TRN MNH HNG
- Vo StartAdministrator ToolsInternet Information Services (IIS) 6.0 Manager.
Bm phi chut vo FTP Sites hoc Default FTP Sitechn NewFTP Site..
- in tn gi nh.
89/143
TRN MNH HNG
- Nhp IP my server v dng port mc nh FTP l 21
- Chn cc mc bo v file v ngn chn truy cp:

Do not isolate users : cho php tt c user ng nhp vo FTP site.
Isolate users : mi user s t c a vo th mc ch nh
Isolate users using Active Directory : Cho php user ng nhp vo FTP site nhng phi c
account Active Directory.
- Nhp ng dn th mc cn publish
90/143
TRN MNH HNG
- Thit lp quyn hn cho ngi truy cp i vi file.
- Sau nhn Finish hon tt.
91/143
TRN MNH HNG
CHNG 6: USER - GROUP

I. GII THIU V LOCAL USER V LOCAL GROUP
Thng thng mt my tnh khng phi ch c mt ngi no s dng duy nht m trn
thc t ngay c my nh i vn c t nht t 2-3 ngi s dng. Tuy nhin nu tt c mi
ngi u s dng chung mt ti khon th nhng d liu ring t ca mnh khng cho ngi
khc thy. Nhng nu my tnh l my chung ca cng ty v vn t ra l ta khng mun
ti liu ca ngi mnh, ngi khc c th xem ty tin c. Cch tt nht l cp cho mi
nhn vin mt my nht nh v yu cu h t password ln my ca mnh, nhng nh th th
rt tn km v khng c a chung. Chnh v th ngi qun tr mng s s dng cng c
Local Users and Groups to cc ti khon ngi dng trn cng mt my, khi d liu
ca ngi ny ngi kia khng th truy cp c.
II. TO CC LOCAL USER
- to c User local phi c quyn ngang hng vi Administrator ca h thng.
-Vo StartProgramsAdministrative Tools Active Directory Users and Computers.
- Chut phi User New User ti bng New Object User in y cc thng tin vo
First Name, Last Name, Full Name.
- Chn Next tip tc.Xut hin bng thit lp password.y l mt khu ca bn ng vi
tn ti khon to trn,dng ng nhp vo domain.
- Pasword phi tha mn cc chnh sch mc nh ca Windows Server 2008.Password t nht
l 7 k t v phi c cc thnh phn sau :
Cc k t thng : a,b,c,d,e..
Cc k t in hoa : A,B,C,D,E.
Cc ch s : 1,2,3,4,5.
Cc k t c bit : @,!,$,&,#....
92/143
TRN MNH HNG
- y khng thit lp password v trong Group Policy Management Editor v hiu ha

password.
- Lu 4 dng :
User must change password at next logon : bt buc user phi thay i password
ln ng nhp k tip
User cannot change password : user khng c quyn thay i password
Password never expires : password khng c thi hn qui nh
Account is disabled : v hiu ha ti khon.
- y s khng chn mc no ht. Nhn Next.
93/143
TRN MNH HNG
- Chn Next tip tc. bng tip theo l thng tin v user chun b c to.
- Chn Finish kt thc.

- Tip theo,kim tra th user c to .Click p vo User v kim tra.
94/143
TRN MNH HNG
gn cho User c th ng nhp vo domain. Vo Group Policy Management Editor.

Chn Allow log on through Terminal Services.
Add User or Group Browse nh tn user ri Check Names OK.
User tai , phat c chn logon. V nhn OK

Vo Logon as a Service. Cng gn quyn cho user nh trn. User tai , phat c gn
quyn c logon.
95/143
TRN MNH HNG
Xong sau vo Start Run g lnh gpupdate /force cp nht user.

Sau Log off ng nhp user vo Administrator.Nhp tn user c gn quyn v
nhn OK.(khng cn password) v khi ny ta khng nhp password.
Vo Start xem user ng nhp vo.
96/143
TRN MNH HNG
III. TO LOCAL GROUP

to mt group mi.Nhp chut phi vo User v chn New Group.
Ti Group name g tn group.Sau chn OK
Kim tra li group c to bng cch click vo User
97/143
TRN MNH HNG
a user vo group phattai ,nhp chut phi vo group v chn Properties. Ti tab
Member.Chn Add..
Ti Enter the object name to select bn g tn user mun a vo group.
Sau khi g tn user,chn Check Names kim tra.
V kt qu l tn ti user ny trn domain .
Sau khi thm user vo group.Chn OK xc nhn
98/143
TRN MNH HNG
CHNG 7: CHNH SCH BO MT (GROUP POLICY)

I. ACCOUNT POLICY
1. Password policy
Vo Aministrator Local Sercurity Policy Account policies.
Trong ny bao gm cc mc:

Password must meet complexity : khi t password cho wins phi c phc
tp.(hoa, thng, s, k t c bit). Mc nh tnh nng ny s b disable, gia tng ch
bo mt nn chn Enable
Minimum password age: mc nh gi tr ny l 0 nu ta thay n bng con s khc 0
VD l 3 chng hn th user ch c quyn thay i password 3 ngy mt ln m thi.
Minimum password length: di ti thiu ca password
Enforce password history: nh bao nhiu password khng cho t trng.
Store password using reversible : m ho password.
2. Account lockout policy
Account lockout threshold: kho account khi ng nhp sai.
Account lockout duration: kho account trong 30 pht khi ang nhp sai.
Reset account lockout counter after: xo b nh nh pass.
99/143
TRN MNH HNG
II. LOCAL POLICY

1. User rights assignment:
Vo Administrator Local SercurityLocal policies.
Deny logon locally: chn user khng cho ng nhp vo my tnh.

Change the system time: nhng ngi c thay i gi h thng.
Shutdown the system: nhng ngi c quyn tt my.
Allow log on through Terminal Services: cho php ng nhp.
Log on as a Service: ng nhp nh mt dch v.
100/143
TRN MNH HNG
V cn rt nhiu tnh nng khc

2. Sercurity options
Interactive logon: Do not display last user name: Khi user logout my ca s ng
nhp s khng ghi li account user va logon.
Interactive logon: Message text for users attempting to log on: Bn c th nhn gi
mt ni dung no ti cc user trc khi h logon vo my vi ni dung nhn gi y.
Interactive logon: Message title for users attempting to log on: Bn nhp tiu ca
hp ni dung nhn gi vo y.
101/143
TRN MNH HNG
CHNG 8: QUYN TRUY CP NTFS
I. KIM SOT QUYN TRUY CP H THNG TP NTFS

1. Phn quyn n gin
- Windows c mt c ch kim sot truy nhp rt n gin l share ng thi phn quyn.
Mun share, chn lnh Share..., ln lt Add mt folder, hy click nt ph ca con chut vo
folder y, s hin context menu tng nhm ngi dng (hay tng ngi dng), c mi nhm
chn Permission Level phn quyn cho nhm y. Xong n nt Share.
- Theo cch ny, mi nhm c th c mt trong ba quyn truy nhp.
Reader (ngi xem). Xem ton b ni dung folder.
Contributor (ngi ng gp). Xem ton b ni dung folder, c th to thm file v
folder v sa file / folder m bn thn thm.
Co-owner (ng ch s hu). Xem v sa ton b ni dung ca folder, k c cc
file/folder m ngi khc to ra.
- Ba quyn ny khng c lp vi nhau. Co-owner bao hm Contributor, v Contributor li

bao hm Viewer.
- C ch ny rt d dng v tin dng, nhng khng dng c trong nhiu trng hp. Hn
na, c ch ny khng c trn Windows Server 2003 m ch c Windows Server 2008.
2. Phn quyn c bn
2.1. Gii thiu c ch phn quynNTFS
- C ch kim sot truy nhp c bn trn Windows Server l kt hp gia hai c ch phn
quyn: phn quyn trn h thng tp NTFS v phn quyn trn giao thc chia x tp CIFS
(hay cn gi l phn quyn share).
Phn quyn CIFS c ba quyn:
Read (c)
Change (sa)
Full Control (ton quyn).
102/143
TRN MNH HNG
- Ba quyn ny khng c lp vi nhau. Full Control bao hm Change, v Change bao hm

Read.
- Phn quyn NTFS c 6 quyn: Full Control (ton quyn), Modify (sa), Read & Execute
(c tp v chy chng trnh),List folder contents (hin ni dung th mc), Read (c), v
Write (vit).
- Khi truy nhp server t my trm, quyn truy nhp l giao gia hai quyn CIFS v NTFS. Do
, trong thc tin lm vic, gim bt s phc tp, khi to nhiu share trn mt server, c
103/143
TRN MNH HNG
th v nn to cc share y theo cng mt quyn (CIFS) thng nht cho mi share v mi

ngi dng, c th:
Trn mi share t qun, Everyone c quyn Full Control.
Trn mi share qun ch, Everyone c quyn Change.
- S phn bit quyn truy nhp gia cc nhm khc nhau v trn cc share khc nhau khi s
ch th hin phn quyn NTFS.
2.2. Cc cng c phn quyn NTFS
- Tt c quyn truy nhp c s ca NTFS l :
Traverse folder/execute file (i xuyn qua folder / thi hnh file).
List folder/read data (hin th mc, c d liu).
Read attributes (c thuc tnh).
Read extended attributes (c thuc tnh m rng).
Create files/write data (to file, vit d liu).
Create folders/append data (to folder, ni d liu).
Write attributes (vit thuc tnh). Cho php thay i cc thuc tnh ca file v folder.
Write extended attributes (vit thuc tnh m rng).
Delete subfolders and files (xa folder con v file).
Delete (xa).
Read permissions (c quyn).
Change permissions (i quyn).
Take ownership (ot ch quyn).
- Khi phn quyn cho mt folder, quyn phn s c th s p dng ln c cc folder con v
file bn trong, vic ny gi l tha k. Vic tha k thc hin theo mt trong su kiu sau y.
This folder only (ch folder ny thi). Quyn ch p dng cho folder ny, khng tha k.
104/143
TRN MNH HNG
This folder, subfolders and files (folder ny, cc folder con v cc file). Quyn p dng
cho folder ny, cc folder con v cc file. Tha k ton phn.
This folder and subfolders (folder ny v cc folder con). Quyn p dng cho folder ny
v cc folder con. Cc folder con tha k.
This folder and files (folder ny v cc file). Quyn p dng cho folder ny v cc file.
Cc file tha k.
Subfolders and files only (cc folder con v cc file thi). Quyn p dng ch cho cc
folder con v cc file. Tha k ton phn ngoi tr bn thn.
Subfolders only (ch cc folder con thi). Quyn p dng ch cho cc folder con. Cc
folder tha k ngoi tr bn thn.
2.3. Thc hin cc quyn c bn ca d liu doanh nghip trn NTFS

- Trong h thng tp NTFS, nm quyn c bn trn folder d liu doanh nghip c thc
hin theo nhng cng thc sau y:
Quyn s dng = Read & Execute, List Folder Contents v Read this folder, subfolders and
files.
Quyn ng gp = quyn s dng + Create files / Write data v Create folders/Append data
this folder and subfolders.
Quyn bin tp = quyn s dng + Modify v Write this folder, subfolders and files.
Quyn xem th mc = List folder / Read data this folder and subfolders.
Quyn xem quyn = Read Permissions this folder and subfolders.
Quyn xem quyn = Read Permissions this folder, subfolders and files.
105/143
TRN MNH HNG
II. NGUYN TC KHI P DNG QUYN TRUY CP

1. Nguyn tc hoch nh th mc chng trnh
Di y l 1 s nguyn tc chung cn p dng khi ch nh cc cp truy cp NTFS cho
th mc:
- B quyn truy cp NTFS mc nh cp Full Control t nhm Everyone v em cp cho
nhm Administrators.
- Ch nh cp truy cp Full Control hoc Change i vi th mc thch hp cho nhng
nhm chu trch nhim nng cp v x l li phn mm.
- Nu cc chng trnh mng thng tr dung chung, cp quyn truy cp cp Read cho
nhm Users.
2 Nguyn tc hoch inh th mc d liu
B quyn truy cp NTFS cp mc nh Full Control t nhm Everyone v em cp
cho nhm Administrators.
Ch nh cp Add&Read cho nhm Users v cp PC cho nhm CreatorOwner.
Vic ny s cung cp cho ngi dng ng nhp cc b kh nng hy b v sa cha ch
nhng th mc v tp tin h sao chp hoc to ra trn my tnh m h ng nhp.
3. Nguyn tc hoch nh th mc c nhn
Tp trung mi th mc c nhn trn 1 Volume NTFS ring bit vi Volume cha h iu
hnh v cc chng trnh, nhm hp l ha cng tc qun tr v sao lu d liu
Dng bin %UserName% t ng gn tn ti khon ca ngi dung cho th mc v t
ng ch nh quyn truy cp NTFS cp PC cho ngi tng ng.
4. To th mc c nhn (Home Folder) trn Volume NTFS
- Lu tr th mc c nhn trn mt Volume NTFS c thun li rt ln, c th t chc chng
thnh h thng phn tng v gii hn kh nng truy cp nhng ngi dng tng ng m
khng cn chia s tng th mc.
106/143
TRN MNH HNG
III. SHARE PERMISSION

- u tin m trnh Windows Explorer ra chn Organize Folder and Search Options.
- Chn Tab View sau click b chn mc Use Sharing Wizard (Recommended).
Trong Windows server 2008 chia s mt th mc no nhp chut phi vo th mc cn

share chn Share
107/143
TRN MNH HNG
- Nhp chn Advanced Sharing...
- Share Name my s t ly tn default l tn th mc hin hnh bn c th chnh sa tn

ny ty .
108/143
TRN MNH HNG
Vi cc ty chn l Allow: User c quyn truy cp ti nguyn vi quyn hn tng ng.

Vi cc ty chn l Deny: User khng c quyn truy cp ti nguyn vi quyn hn tng ng.
thc hin phn quyn cho cc Group th ta cn Deny tt c cc quyn ca Group User ny.
Sau khi Deny tt c cc quyn ca Group User nhp nt Add th thm Group hoc User vo.
109/143
TRN MNH HNG
Trong ny gi s Add thm User tai v cng Set quyn cho User ny l Deny tt c mi quyn.
Tng t Add thm User phat v Set quyn cho User ny l Allow tt c mi quyn.
110/143
TRN MNH HNG
to mt th mc m khng mun cho ai thy (ch c g lnh mi vo c) th thm du $

vo ngay sau Share Name ca mnh.
VD: My c IP l 192.168.1.10 v th mc Share c tn l New Folder (2)$. Trong ny gi s
ta Add thm User tai v Set quyn cho User ny l Allow tt c mi quyn. Khi truy cp t
my khc vo phi nhp l \\172.16.1.10\New Folder (2)$ th mi vo c.
By gi t mt my Client khc, truy cp th mc New Folder (2) vi User l tai
111/143
TRN MNH HNG
My s bo l khng c li vo l do l Set cho User tai b Deny tt c.

User tai b t chi truy cp New Folder (2) . Tuy nhin vi User phat th c th xem c cc
ti nguyn trong ny.
xem cc th mc Share n trong Windows, vo Administrative ToolsShare and

Storage Management.
112/143
TRN MNH HNG
Trong ny s lit k ton b cc th mc Share trc .
113/143
TRN MNH HNG
trnh phi mt cng nhp dng lnh \\[IP my ti]\[th mc share] chng ta c th nh x
a i vi cc th mc Share thng xuyn truy cp bng cch nhp phi vo th mc
Share cn nh x v chn Map Network Drive
Trong ca s Map Nerwork Drive hin ra bn chn tn a nh x v click Finish.
114/143
TRN MNH HNG
Vo Computer s thy xut hin thm a mi ( a nh x). Nhp vo y s i n ngay

th mc m bn va nh x.
115/143
TRN MNH HNG
CHNG 9 : XY DNG M HNH MNG MT CNG TY

I. CU HNH DA CH IP, DHCP,DNS
1. Cu hnh a ch IP
IP address
Subnet mask
Default gateway
Preferred DNS
Server
192.168.1.10
255.255.255.0
192.168.1.10
192.168.1.10
Client
192.168.1.11 30
255.255.255.0
192.168.1.10
192.168.1.10
2. Cu hnh DHCP
3.Cu hnh DNS
116/143
TRN MNH HNG
II. TO OU,USER V GROUP

Cng ty taiphat gm 4 phng : Phng Gim c , Phng K Ton , Phng K Thut , Phng
Kinh Doanh.
Phng Gim c gm 3 user : gd1, gd2, gd3.
Phng K ton gm 4 user : kt1, kt2, kt3, kt4.
117/143
TRN MNH HNG
Phng K thut gm 3 user : kth1, kth2, kth3.
Kinh Doanh gm 3 user : kd1, kd2 , kd3.
118/143
TRN MNH HNG
III. GROUP POLICY,DICK QUOTA

1. Phng Gim c : cc user ca phng gim c c ton quyn trn domain v dung lng
a khng gii hn, khng qui nh thi gian vo mng.
119/143
TRN MNH HNG
2. Phng K Ton : cc user thuc phng k ton c cc yu cu l mt khu t nht phi 8 k

t, thi gian thay i mt khu l 30 ngy, ngi dng ng nhp sai 3 ln s b kha account,
thi gian kha s l 5 pht, user khng phi n t hp phm Ctrl+Alt+Del khi ng nhp, dung
lng a ti a l 100 MB, thi gian vo mng t 8h sang -> 14h cc ngy th hai, t , su.
Mt khu t nht 8 k t, thi gian thay i mt khu l 30 ngy
120/143
TRN MNH HNG
ngi dng ng nhp sai 3 ln s b kha account, thi gian kha s l 5 pht
user khng phi n t hp phm Ctrl+Alt+Del khi ng nhp
121/143
TRN MNH HNG
dung lng a ti a l 100 MB
thi gian vo mng t 8h sang -> 14h cc ngy th hai, t , su

3. Phng Kinh Doanh : Khng cho php user trn Client truy cp vo cha h iu hnh (
C), khng c ci t chng trnh, khng c truy cp vo registry, khng c truy cp
Control Panel trn my Client, dung lng a ti a l 100 MB, thi gian ng nhp t 8h > 15h th ba, nm , by
122/143
TRN MNH HNG
Khng cho php user trn Client truy cp vo cha h iu hnh ( C)
khng c ci t chng trnh
123/143
TRN MNH HNG
khng c truy cp vo registry
khng c truy cp Control Panel trn my Client
124/143
TRN MNH HNG
dung lng a ti a l 100 MB
thi gian ng nhp t 8h -> 15h th ba, nm , by

4. Phng K Thut : mt khu ngoi vic c 8 k t tr ln th cn phi c mt khu kh, tc
l phi c thm cc k t (- _ ? / ). Khng cho php Auto play tt c cc loi a k c
USB. Dung lng a ti a l 100MB . Thi gian vo mng t 5h -> 10h v t 13h -> 18h
cc ngy th hai, nm , by , ch nht
125/143
TRN MNH HNG
mt khu c 8 k t tr ln, phi c mt khu kh
Khng cho php Auto play tt c cc loi a k c USB
126/143
TRN MNH HNG
Dung lng a ti a l 100MB
Thi gian vo mng t 5h -> 10h v t 13h -> 18h cc ngy th hai, nm , by , ch nht
IV. CHIA S D LIU
- Thit lp permission trn th mc DATA : cho php cc user phng K Ton, phng
Kinh Doanh, phng K Thut, ch c php c d liu, nhng khng c c cc thuc
tnh, v cc thuc tnh m rng, cc user phng Gim c th ton quyn.
127/143
TRN MNH HNG
128/143
TRN MNH HNG
- Thit lp permission trn th mc DATA chung : cho php cc user phng K Ton,
phng Kinh Doanh, phng K Thut, c php c d liu v c cc thuc tnh, c php
to file v vit d liu, nhng khng c php thay i cc thuc tnh ca file v vit cc
thuc tnh m rng, c php xa nhng khng c xa file.
129/143
TRN MNH HNG
- Thit lp permission trn th mc K Ton : cho php cc user phng K Ton c

quyn c, nhng ch c c d liu khng c c cc thuc tnh ca file. c php to
file v vit d liu, v c quyn xa sa. Cn cc user phng Kinh Doanh v K Thut
ch c php c d liu.
cho php cc user phng K Ton c quyn c, ch c c d liu khng c

c cc thuc tnh ca file. c php to file v vit d liu, v c quyn xa sa
130/143
TRN MNH HNG
cc user phng Kinh Doanh v K Thut ch c php c d liu.

- Thit lp permission trn th mc Kinh Doanh : cho php cc user phng Kinh Doanh
c php c d liu v cc thuc tnh. c php vit d liu,to file, folder. c php
thay i cc thuc tnh ca file v folder nhng khng c php xa file v folder. Cn cc
user phng K Ton v phng K Thut ch c quyn c d liu.
131/143
TRN MNH HNG
cc user phng Kinh Doanh c php c d liu v cc thuc tnh. c php vit
d liu,to file, folder. c php thay i cc thuc tnh ca file v folder nhng khng
c php xa file v folder
cc user phng K Ton v phng K Thut ch c quyn c d liu.

- Thit lp permission trn th mc K Thut : cho php cc user phng K Thut c
php to file, c d liu v c cc thuc tnh m rng, nhng khng cho php to folder,
vit cc thuc tnh m rng v khng c xa file. Cc user o phng Kinh Doanh v phng
K Ton ch c php c v ghi d liu
132/143
TRN MNH HNG
cc user phng K Thut c php to file, c d liu v c cc thuc tnh m

rng, nhng khng cho php to folder, vit cc thuc tnh m rng v khng c xa
file
Cc user o phng Kinh Doanh v phng K Ton ch c php c v ghi d liu

V. KIM TON
Thit lp kim ton nhm ghi nhn li nhng trng hp truy cp tri php.
Click phi th mc daata Properties.
Tab Security Chn Advanced.
133/143
TRN MNH HNG
Tab Auditing Chn Edit.
Chn Add.
134/143
TRN MNH HNG
Nhp Everyone Check Names OK.
Chn tt c cc chn la OK.
135/143
TRN MNH HNG
V nhn OK hon tt.

M Group Policy Management.
Click phi ln Default Domain Policy Edit.
Click phi Audit object access Properties.

Chn Define these policy settings Chn Success , Failure.
136/143
TRN MNH HNG
M Run nhp lnh GPUpdate /Force.

Kim tra :
Trn my client log on KT1 truy cp vo th mc daata bo li khng c quyn
truy cp.
Trn my Server M Event Viewer.
137/143
TRN MNH HNG
M Windows Logs Security M cc event Audit Failure (& event id 5140).
Quan st thy trng hp truy cp tri php ca KT1 vo th mc daata c ghi nhn li.
138/143
TRN MNH HNG
VI. QUN L MY IN
To 4 my in c tn l ph giam doc, ph ke toan ,ph kinh doanh, ph ki thuat tng ng cho
mi phng .
139/143
TRN MNH HNG
Gn quyn cho cc user phng Gim c c quyn in trn my in tn ph Gim c.

V cho my in ny lun trng thi sn sng, gn u tin cho my in ny l 2.
Ring user gd1 c quyn thay i cc cu hnh v c quyn xa ti liu c s dng

trn my in ph Gim c.
140/143
TRN MNH HNG
Trn my in ph K Ton cc user phng K Ton c quyn in trn my in ny, thi

gian c in t 7h sng n 18h chiu . Mc u tin 1, cc user phng Gim c c
php in trn my in ny, ring user gd1 c php ton quyn.
141/143
TRN MNH HNG
Trn my in ph Kinh Doanh cc user phng Kinh Doanh c quyn in trn my in ny,
mc u tin cho my in ny l 1, thi gian c in t 9h sng n 14h chiu. User gd1
c ton quyn.
142/143
TRN MNH HNG
Trn my in ph K Thut cc user phng K Thut c quyn in trn my in ny, thi

gian c in t 8h sng n 16h chiu, mc u tin l 1.
143/143

Windows Server 2008 7083

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Windows Server 2008 7083

Uploaded by

Copyright:

Available Formats

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

CHNG 1: GII THIU WINDOWS SERVER

1. H iu hnh mng Windows NT

WINDOWS SERVER 2000

1. Windows 2000 Server

Cc phin bn ca h iu hnh Windows server 2003

IV. WINDOWS SERVER 2008

Tnh nng vt tri

TNG QUAN V WINDOWS SERVER 2008

GII THIU WINDOWS SERVER 2008

CC TNH NNG CA WINDOWS SERVER 2008

Cng c qun tr Server Manager

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

9. Windows Firewall with Advance Security

Cng ngh o ha Hyper-V

IV. CC LI CH CA WINDOWS SERVER 2008

CC PHIN BN CA WINDOWS SERVER 2008

1. Windows Server 2008 Standard Edition

CHNG 4: DNG DOMAIN

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

1. Gii thiu dch v DHCP

Trin khai File Sevices

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

CHNG 7: CHNH SCH BO MT(GROUP POLICY)

CHNG 1: GII THIU WINDOWS SERVER

1. H iu hnh mng Windows NT

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

WINDOWS SERVER 2000

1. Windows Server 2000

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

III. WINDOWS SERVER 2003

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

8 n 32 CPU cho dng

1.5GB cho dng x86, 1.5GB cho dng my

4. Cc h iu hnh cho php nng cp thnh Windows server Enterprise Edition

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

IV. WINDOWS SERVER 2008

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

- Windows Server 2008 Datacenter Edition

4. Bng cc tnh nng trong Windows Server 2008

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

CHNG 2: TNG QUAN V WINDOWS SERVER 2008

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

I. GII THIU V WINDOWS SERVER 2008

- Microsoft Windows Server 2008 l th h k tip ca h iu hnh Windows Server, c th

1. Cng c qun tr Server Manager

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

TRN MNH HNG

QUN TR MNG WINDOWS SERVER 2008

7. Read-Only Domain Controllers