Contents Bi 1 : Cu hnh Active Directory Domain Server ...............................................3 1. 2. 3. 1. 2. 3. 4. 1. 2. 3. 4. 5. 1. 2. 3. Ci t & cu hnh : .......................................................................................3 Kt ni 1 client vo Domain: ......................................................................

14 Qun l Users,Group, OU : .........................................................................19 Mc ch : ....................................................................................................29 Giao thc DHCP : .......................................................................................29 Thc hnh : ..................................................................................................30 Cu hnh DHCP server : ..............................................................................41 Cu hnh chc nng Forward DNS server : ..............................................53 Cu hnh chc nng Reverse DNS: .............................................................57 Cu hnh DNS server d phng (DNS secondary): ....................................62 ng b d liu gia DNS server primary v DNS server secondary : ....66 B sung cc bn ghi DNS vo DNS server : ...............................................70 Ci t IIS :..................................................................................................72 Cu hnh thm mt Website : ......................................................................80 Ci t dch v qun tr t xa ca IIS :........................................................87

Bi 2 . Cu hnh DHCP..........................................................................................29

Bi 3. Cu hnh DNS Server.................................................................................53

Bi 5. CU HNH WEB SERVER .......................................................................72

Bi 6. Routing and Remote Access .......................................................................94 Phn 1 : NAT ..........................................................................................................94 Phn 2 : Cu hnh VPN .......................................................................................115 1. 1. 2. Ci t :......................................................................................................115 L thuyt :..................................................................................................135 Ci t v cu hnh : ..................................................................................135 Bi 7. Terminal Services ......................................................................................135

Qun tr mng-2012
3. Trin khai cc ng dng RemoteApp thng qua TS Web Access: ...........153

Ti liu tham kho ...............................................................................................161

Nguyn Hng Minh

Page 2

Qun tr mng-2012 Bi 1 : Cu hnh Active Directory Domain Server

1. Ci t & cu hnh : Chn ci t add roles

Chn AD DS :

B qua bc m t v AD DS v nhng ch (think to notes). Nguyn Hng Minh Page 3

Qun tr mng-2012
Bc tip theo xc nhn li ln cui trc khi ci t.

Qu trnh ci t bt u :

Qu trnh ci t kt thc :

Nguyn Hng Minh

Page 4

Qun tr mng-2012

T CMD g dcpromo nng cp ln domain: Hp thoi xut hin : Chn next: cho thy tnh tng thch ca WS 2008

Nguyn Hng Minh

Page 5

Qun tr mng-2012
Chn next : n y c 2 la chn : To domain mi trong forest mi. To domain mi trong mt forest c. ( y chng ta to domain mi hon ton nn chn la chn 2)

Bng tip theo yu cu bn nhp vo tn Domain ca bn . y chng ta ly l : quantrimang.com.

Nguyn Hng Minh

Page 6

Qun tr mng-2012

Tip theo chn chc nng l WS 2008. n mc tip theo h thng thng bo cha c DNS v hi chng ta c mun ci t khng . chn Next.

Nguyn Hng Minh

Page 7

Qun tr mng-2012

Bng tip theo l ng dn th mc mc nh cha cc file h thng gm : Database folder: th mc cha database ca h thng. Log files folder : th mc ghi l cc cnh bo cc hnh ng ca h thng SYSVOL folder: th mc cha cc d liu c ng b gia cc Domain Controler trong cng mt Domain.

Nguyn Hng Minh

Page 8

Qun tr mng-2012

Tip theo bn phi np password dnh cho cng on restore h thng ADDS. (ch : password mnh bao gm : Aabdhjsag121232312321.) y chng ta chn : Quantrimang.com

Nguyn Hng Minh

Page 9

Qun tr mng-2012

Hp thoi tip theo a ra cc thng s khi to ban u ca bn check li. chn next:

Nguyn Hng Minh

Page 10

Qun tr mng-2012

Hp thoi ci t xut hin :

Nguyn Hng Minh

Page 11

Qun tr mng-2012

Qu trnh ci t kt thc. Chn finish

Nguyn Hng Minh

Page 12

Qun tr mng-2012

Sau khi ci t hon tt reboot h thng , log on kim tra h thng.

Nguyn Hng Minh

Page 13

Qun tr mng-2012

2. Kt ni 1 client vo Domain: u tin bn cn kim tra cc thng s ca client trc khi join. Bao gm a ch IP, 1 client khi mun join vo 1 domain tn ti sn trc cn p ng 2 iu kin : Th 1: n phi cng mng vi host c vai tr l DC(Domain Controler). (ta phi cu hnh card mng ca my client kt ni n host DC phi cng 1 mng) o Client : IP: 10.0.0.5 Subnet mask: 255.255.255.0 frer DNS : 10.0.0.6 (dia chi IP cua may WS 2008): thuc chat de may client XP co the "see" thay DNS server cua no. o Server (DC) : IP: 10.0.0.6 subnet mask: 255.255.255.0 frer DNS: 10.0.0.1

Nguyn Hng Minh

Page 14

Qun tr mng-2012
th 2 : ta cn cu hnh client c th see thy vng domain m n mun join vo, c th l phn a ch frer DNS : 10.0.0.6 (a ch IP ca host ng vai tr DC) Sau khi m bo 2 yu t trn c p ng, ta ch vic add domain my client , n s t ng kim tra v thng bo kt qu . Ping kim tra gia 2 my client & server DC kim tra kt qu.

Chn Click right vo My Computer Properties

Chn tag Computer name Change

Nguyn Hng Minh

Page 15

Qun tr mng-2012

in vo thng tin cn thit nh tn my trong domain mi: client1, & tn Domain m host s join vo : quantrimang.com

Nguyn Hng Minh

Page 16

Qun tr mng-2012

Nhn OK v my s t ng kim tra , nu thnh cng my s yu cu ng nhp ti khon users c quyn joindomain. y ta chn quyn admin, nhp nh sau : username : Administrator@quantrimang.com password : Minh17890

Nu thnh cng : Nguyn Hng Minh Page 17

Qun tr mng-2012

Sau khi restart li my client ta c th ng nhp vo my vi ti khon domain ca client. Username : client1@quantrimang.com Tip theo ta kim tra thng tin bn my server DC

Kim tra phn ADDS :

Nguyn Hng Minh

Page 18

Qun tr mng-2012

Thng tin v client1:

3. Qun l Users,Group, OU : a. To mi User :

Nguyn Hng Minh

Page 19

Qun tr mng-2012

Password : ttmk53-20081743 Chn chc nng : password tn ti vnh vin.(time live khng tn ti) Nguyn Hng Minh Page 20

Qun tr mng-2012

b. To mi Group :

Nguyn Hng Minh

Page 21

Qun tr mng-2012

Kt qu :

c. Lm vic vi user : Ta kch chut phi vo user va to v xem properties:

Nguyn Hng Minh

Page 22

Qun tr mng-2012

Mc General : cha thng tin c bn nh tn tui, s t, email Mc Address : cha thng tin a ch, ni , vn phng, m vng, quc gia Mc Account : cha thng tin ti khon: bao gm tn ng nhp, tn domain Account options: cha thuc tnh action p dng cho ti khon. Account expires : quy nh ngy ht hn ca ti khon. Mc Logon Hours : quy nh thi gian cho php dng ti khon trong ngy, trong tun.(mu xanh : cho dng, mu trng : cm). Mc Logon to : quy nh my no user c quyn logon s dng.

Nguyn Hng Minh

Page 23

Qun tr mng-2012

Mc Profile: Profile path : cho php thay i th mc cha profile ca user Logon script : on script s kch hot mi khi user logon h thng. Localpath : cho php thay i ng dn th mc home ca user local my hoc trn h thng mng thng qua cch connect. Mc Member Of : qun l group ca user. d. Lm vic vi Group :

Nguyn Hng Minh

Page 24

Qun tr mng-2012

Cc tag chnh : General : cho bit thng tin type(loi) v scope(phm vi) ca group. Members : cho bit user no thuc group ny. Members of: cho bit group ny thuc group no khc. Managed By : y thc cho user no qun l group ny.

Nguyn Hng Minh

Page 25

Qun tr mng-2012

e. Lm vic vi OU (Organizational Unit h thng t chc):

Nguyn Hng Minh

Page 26

Qun tr mng-2012
Chc nng quan trng nht l Delegate Control : chc nng ny cp quyn OU cho user hoc group qun l OU ny. Add user or group qun l OU vo:

Tip theo ta chn cc quyn hn m ngi qun tr c th c s dng trong OU ny:

Nguyn Hng Minh

Page 27

Qun tr mng-2012

Cui cng bn xc nhn li tt c cc thng tin m bn la chn bt u ci t.

Nguyn Hng Minh

Page 28

Qun tr mng-2012 Bi 2 . Cu hnh DHCP

1. Mc ch : Ci t v cu hnh DHCP SERVER cho php my ch cp pht a ch IP ng cho cc my client kt ni vi my ch, qua thc thi nhiu tnh nng hu ch cho qun tr mng 2. Giao thc DHCP : Giao thc DHCP hot ng theo m hnh client/ server vi qu trnh tng tc gia server v cc client din ra nh sau :

Khi my client khi ng my s gi broadcat gi tin DHCPDISCOVER , yu cu 1 server phc v mnh. Gi tin ny cha a ch MAC ca client. Cc my server trn mng nhn c yu cu ny, nu c kh nng cung cp a ch IP , u gi cho client gi tin DHCPOFFER , ngh cho thu a ch IP trong khong time nht nh, km theo mt a ch Subnet mask v a ch server. Trong qu trnh trao i, server s khng cp a ch IP va ngh cho my khc na (a ch IP ngh s c xa ra khi list a ch IP m server c th cp pht.) My client s la chn mt ngh v broadcat gi tin DHCPPREQUEST chp nhn li ngh .iu ny cn nhm mc ch bo cho cc server khc thu hi li a ch IP va ngh c th cp pht cho cc client khc. Nguyn Hng Minh Page 29

Qun tr mng-2012
My server c client chp nhn s gi li cho client 1 gi tin DHCPACK, mc ch bo nhn c thng ip. trong gi tin ny, server s gi thng tin v a ch IP , cng time live ca n. Mc nh thm 1 s thng tin v a ch gateway, v DNS server. 3. Thc hnh : Thc hin add Role . Vo Server Manager Roles add roles.

B qua phn ch (thinks to notes):

Nguyn Hng Minh

Page 30

Qun tr mng-2012

Tip theo chn card mng s dng dch v (ch : DCHP giao thc m ta s s dng trong mng LAN nn ta chn card mng ni vi mng LAN)

Nguyn Hng Minh

Page 31

Qun tr mng-2012

Trong mc Parent Domain in tn domain v in IP DNS server .( nhn Validate kim tra tn ti v tng thch). Chn next:

Nguyn Hng Minh

Page 32

Qun tr mng-2012

B qua phn WIN server :

Nguyn Hng Minh

Page 33

Qun tr mng-2012

Tip theo ta cn add Scopes cho DHCP cho bit min a ch IP s c cp pht theo mc ch qun tr (ti y ta c th to nhiu scopes, mi scopes c hiu nh l 1 vng a ch IP c php cp pht cho host trong mng LAN theo mc ch ca ngi qun tr) ta c th thm sau khi ci t (Admin tool DNS add scopes). Ti y , ta in thm thng tin cn thit cho scope.

Nguyn Hng Minh

Page 34

Qun tr mng-2012

Kt qu sau khi add scopes :

Nguyn Hng Minh

Page 35

Qun tr mng-2012

B qua phn enable IPv6 Tip theo chn user c quyn Author next (quyn ny thng bo user c quyn to ra ty chn DHCP serverthng chn quyn Admin).

Nguyn Hng Minh

Page 36

Qun tr mng-2012

Xc nhn li cc thng s ci t :

Nguyn Hng Minh

Page 37

Qun tr mng-2012

Ci t hon tt :

Nguyn Hng Minh

Page 38

Qun tr mng-2012

Kim tra li h thng :

Nguyn Hng Minh

Page 39

Qun tr mng-2012

Kim tra hot ng ca DHCP server thng qua 1 client kt ni vi my ch. ti client ta cu hnh nhn a ch IP ng.

Ti CMD : g ipconfig /release (xa IP ng hin ti) Nguyn Hng Minh Page 40

Qun tr mng-2012

G ipconfig /renew (yu cu IP ng mi)

Nu a ch IP ng mi thuc di Scopes th DHCP server hot ng thnh cng. 4. Cu hnh DHCP server : a. To Scope: Vo Administrative Tool DHCP win-sv 2k8.quantrimang.com IP v4 new scope:

Nguyn Hng Minh

Page 41

Qun tr mng-2012

Dialog new scope wizard xut hin:

Nguyn Hng Minh

Page 42

Qun tr mng-2012

Tip theo bn s in tn new scope vo mc name ( y ta chn : lopttmk53):

Nguyn Hng Minh

Page 43

Qun tr mng-2012
Hp thoi IP Address Range , in thng s range IP cp pht v subnet mask next.

Ch : a ch IP cn cung cp l IP strart end (c quyn cp pht) tip theo l xc nh s bit cung cp cho phn nh ngha net ID/host ID. Tip theo nhp cc a ch IP c bit khng c quyn cp pht . (thng c 2 a ch IP khng c php cp pht ng l : a ch Broadcat & a ch Gateway. & cc a ch dng vi mc ch qun tr. Ghi nh l di a ch c bit ny phi thuc di a ch ca scope)

Nguyn Hng Minh

Page 44

Qun tr mng-2012

Tip theo la chn time live cho a ch IP cp pht cho client.

Nguyn Hng Minh

Page 45

Qun tr mng-2012
Tip theo l hp thoi yu cu cu hnh thng s dch v ca scope . ta chn cu hnh ngay lp tc.

Hp thoi Router (default gateway): nhp a ch Gateway cho scope:

Nguyn Hng Minh

Page 46

Qun tr mng-2012

in tn domain , phn a ch IP address in IP DNS server.

Nguyn Hng Minh

Page 47

Qun tr mng-2012
B qua phn la chn WIN server: La chn active scope ngay (thc thi scope ngay !)

Kt thc qu trnh :

Nguyn Hng Minh

Page 48

Qun tr mng-2012

Kim tra kt qu :

b. Thay i options ca scope :

Nguyn Hng Minh

Page 49

Qun tr mng-2012
Sau khi to ra cc scope mi , ta c th thay th , cp nht li cc option ca scope va to, hoc to ri. c th vo scope option configure Options v thay i cc thng s theo ty chn.

C 1 s thuc tnh c cung cp nh sau :

c. Backup & Restore DHCP server : Nguyn Hng Minh Page 50

Qun tr mng-2012
Vi backup DHCP server : Chn Administrative Tools DHCP

Tip theo bn s phi la chn thu mc t backup , mc nh trong C:\Windows\system32\dhcp\backup:

Nguyn Hng Minh

Page 51

Qun tr mng-2012

Sau khi hon tt qu trnh backup, bn vo th mc cha backup kim tra , s thy kt qu :

Vi Restore DHCP server cng lm tng t cc thao tc trn, ta khng trnh by y ! Cui cng mun remote DHCP server ta ch vic vo Server Manager Roles Remote Role chn DHCP server. V lm theo hng dn. ch sau khi remote ta cn restart li my hon thnh cng vic.

Nguyn Hng Minh

Page 52

Qun tr mng-2012 Bi 3. Cu hnh DNS Server

Vi DNS server thng thng nn xy dng ng thi hai h thng l DNS server chnh (Primary) v DNS server d phng (Secondary) dng chung mt CSDL , vi phng php ny bn s hn ch kh nng dch v DNS b ngng khi c s c xy ra trn h thng. (v hu ht cc ng dng trn my ch khi hot ng u yu cu dch v phn gii tn min) Khi cu hnh DNS server c 2 chc nng chnh cn quan tm : Chc nng Forward : phn gii tn min a ch IP. Chc nng Reverse : phn gii a ch IP tn min

1. Cu hnh chc nng Forward DNS server (phn gii tn thnh a ch IP): Trc ht ta cn to Zone mi : Server Manager Roles DNS Server WIN-SV2K8 Forward Lookup Zones

Tip tc chn next :

Nguyn Hng Minh

Page 53

Qun tr mng-2012

Ta ang cu hnh DNS server chnh chn Pimary zone

Nguyn Hng Minh

Page 54

Qun tr mng-2012
Sau , chng ta s cung cp cch thc d liu DNS c sao chp (ph bin) trn ton b mng . (tc l ta chn d liu DNS s c qung b trn ton b DNS server ch trong domain hay l trn forest !!)

Tip theo nhp vo tn New Zones : y ta chn quantrimang.com

Nguyn Hng Minh

Page 55

Qun tr mng-2012

Hon thnh , chn finish : Nguyn Hng Minh Page 56

Qun tr mng-2012

Xem kt qu trn mn hnh sau khi cu hnh xong :

2. Cu hnh chc nng Reverse DNS (phn gii a ch IP tn min):

Nguyn Hng Minh

Page 57

Qun tr mng-2012
Chc nng Forward mi ch cho php cc my trong domain c th phn gii a ch tn min a ch IP m cha c chiu ngc li (t a ch IP tn min). Sau y chng ta s trnh by chi tit qu trnh cu hnh phn gii ngc ny .

Hp thoi cu hnh xut hin , chn next :

Nguyn Hng Minh

Page 58

Qun tr mng-2012
Tng t , ta chn cu hnh DNS server chnh (Primary):

Nguyn Hng Minh

Page 59

Qun tr mng-2012
Trong phn tip theo, chng ta chn phn type a ch IP s phn gii trong DNS name.

Tip theo ta cn cung cp a ch mng (network ID cn phi phn gii), y l a ch mng :

Nguyn Hng Minh

Page 60

Qun tr mng-2012

Kt thc qu trnh cu hnh Nguyn Hng Minh Page 61

Qun tr mng-2012

Kim tra kt qu cu hnh :

3. Cu hnh DNS server d phng (DNS secondary):

Nguyn Hng Minh

Page 62

Qun tr mng-2012
Cn ch l phn ny cu hnh DNS secondary phi c cu hnh trn my tnh khc DNS Server Primary v my ny ci t WS 2008 & DNS server. Chi tit ci t c th nh sau :

Chn secondary Zone :

Nguyn Hng Minh

Page 63

Qun tr mng-2012

in tn name DNS Server Primary :

Nguyn Hng Minh

Page 64

Qun tr mng-2012
Tip theo nhp a ch IP ca my DNS server Primary , sau ch my kim tra, nu thnh cng s tip tc.

Hon thnh qu trnh :

Nguyn Hng Minh

Page 65

Qun tr mng-2012

4. ng b d liu gia DNS server primary v DNS server secondary : Cng vic cui cng v DNS server l vic ta phi thit lp ng b d liu gia DNS server chnh v bn d phng, khu ny hon thnh ngha ca vic xy dng DNS server d phng . Khi thit lp chc nng ny xong, mi thay i data DNS server chnh s c cp nht vo DNS server d phng,qua m bo ngha tn ti. Chi tit qu trnh cu hnh : ng b d liu gia DNS server chnh v ci d phng bn s dng chc nng Zone Transfers trn DNS Server chnh .

Nguyn Hng Minh

Page 66

Qun tr mng-2012

Hp thoi Properties ca Domain hin ln : n y bn chuyn qua tab Zone Transfers :

Nguyn Hng Minh

Page 67

Qun tr mng-2012

Sau khi cu hnh cho php n lng nghe t DNS d phng ta chuyn sang tab Name Server thm a ch IP ca DNS d phng:

Nguyn Hng Minh

Page 68

Qun tr mng-2012

Sau khi thnh cng nhn OK Appty cp nht kt qu . qu trnh cu hnh chc nng Zone Transfers kt thc. Cui cng : ta cn cu hnh trn cc my client trong domain n c th tr n c 2 DNS server chnh & d phng. Khi DNS chnh hng n s tr yu cu n DNS d phng.

Nguyn Hng Minh

Page 69

Qun tr mng-2012

5. B sung cc bn ghi DNS vo DNS server : Sau khi hon thnh nhim v ci t v cu hnh DNS server , bn cn to CSDL cho server ny bng cch b sung cc bn ghi DNS . Thng thng bn s tng tc vi ba loi bn ghi DNS ph bin l Host (A), Alias (CNAME). Host (A) : l bn ghi gm domain v a ch IP tng ng. v d quantrimang.com 10.0.0.6 Alias (CNAME) : l bn ghi b danh , cho php nhiu domain cng nh x n mt a ch IP . v d : www.quantrimang.com quantrimang.com 10.0.0.6

Nguyn Hng Minh

Page 70

Qun tr mng-2012

Nguyn Hng Minh

Page 71

Qun tr mng-2012 Bi 5. CU HNH WEB SERVER

Trong phn ny chng ta ci t IIS 7.0 (c cung cp sn trn WS 2008). IIS 7.0 c thit k thnh mt nn tng Web v ng dng linh ng v an ton nht cho Microsoft. Thit k IIS vi 5 lnh vc ln : Bo mt Kh nng m rng Cu hnh v trin khai Qun tr v chun on Hiu sut.

1. Ci t IIS : Trc ht chng ta cn Add Roles Web Server (IIS).

Nguyn Hng Minh

Page 72

Qun tr mng-2012

Trc khi ci t IIS bn cn chc chn rng server ca bn ci t cc features cn thit.

Tip tc chn next qu trnh ci t :

Nguyn Hng Minh

Page 73

Qun tr mng-2012

Tip theo bn s la chn cc Roles services cn ci t cc dch v cn thit cho ng dng ca bn. Cc la chn Web server : Common Content : thuc v ni dung. Application Development : ng dng pht trin. Health and Diagnostics : sc khe & php chun on. Sercurity : bo mt. Performance : hiu nng.

Cc la chn Management Tools : (cng c qun l) IIS Management Console. IIS Management Script & Tools Management service Nguyn Hng Minh Page 74

Qun tr mng-2012
IIS 6 Management Compatibility: La chn FTP Publishing Service : FPT Server : FTP Management Console:

Sau khi la chn xong, bn c th bt u vo qu trnh ci t (bc xc nhn cc la chn trc khi install) :

Nguyn Hng Minh

Page 75

Qun tr mng-2012

Qu trnh install bt u :

Nguyn Hng Minh

Page 76

Qun tr mng-2012

Ci t hon tt :

Nguyn Hng Minh

Page 77

Qun tr mng-2012

Kim tra kt qu :

Nguyn Hng Minh

Page 78

Qun tr mng-2012

Kim tra trn trnh duyt : (bn vo 1 trnh duyt v g vo URL : http://localhost/) kt qu hin nh trn mn hnh

Nguyn Hng Minh

Page 79

Qun tr mng-2012

2. Cu hnh thm mt Website : u tin mun to mt Website mi, bn cn to th mc cha trang web mi : (th mc ny cn nm trong th mc gc ca Web l : C:\inetpub\wwwroot\)

Nguyn Hng Minh

Page 80

Qun tr mng-2012

Tip theo, thm 1 site mi : Server Manager Roles Web Server (IIS) IIS. Pha bng Connections chn Sites Add Web Site

Nguyn Hng Minh

Page 81

Qun tr mng-2012

Tip theo hp thoi Add Web Site hin ln, bn cn in cc thng tin cn thit thit lp Web site mi. Cc thng tin cn thit bao gm nh : Tn site mi. Th mc ni dung : ng dn vt l n thc mc , kiu kt ni Cu hnh lng nghe : giao thc s dng (http), lng nghe trn cng (80), a ch IP. (iu ny l cn thit khi ta c nhiu Website trn server,iu ny gip phn bit cc ng dng)

Nguyn Hng Minh

Page 82

Qun tr mng-2012

Sau khi nhn OK s hin ra thng bo cng *:80 c ng k bi 1 site khc. (iu ny l hp l v Default Web site ng k s dng trc !!!) mun gii quyt, ta cn stopt n.

Kt qu : (lc ny, Web site mi ca bn cha startdo trng cng binding nn ch c web site mc nh c khi ng)

Nguyn Hng Minh

Page 83

Qun tr mng-2012

Bn tin hnh stopt Default Website :

Nguyn Hng Minh

Page 84

Qun tr mng-2012

Sau start web site mi to ca bn.

Nguyn Hng Minh

Page 85

Qun tr mng-2012

Sau khi hon thnh, ta kim tra kt qu trn trnh duyt IE. (g trn URL : http://localhost): Ch l trc bn cn to ni dung hin th trn http://localhost, tc l bn cn xy dng 1 trang html kim tra. Vit 1 trang index.html kim tra, t file index.htm trong th mc gc ca website

Nguyn Hng Minh

Page 86

Qun tr mng-2012
(c:\inetpub\wwwroot\quantrimang\index.htm). C th bn cn cp quyn modife cho ti khon ti dir ny !!! Sau khi hon tt , bn c th thy kt qu trn trnh duyt.

3. Ci t dch v qun tr t xa ca IIS : a) Ci t : Vo Server Manager Roles Role service add roles service

Nguyn Hng Minh

Page 87

Qun tr mng-2012

Tip theo chn Management Service

Nguyn Hng Minh

Page 88

Qun tr mng-2012

Install & ci t hon tt :

Nguyn Hng Minh

Page 89

Qun tr mng-2012

b) Kch hot dch v : Vo Start All Programs Administrative Tools IIS Manager Manageement Service

Nguyn Hng Minh

Page 90

Qun tr mng-2012

Kt qu ;

Nguyn Hng Minh

Page 91

Qun tr mng-2012

Tick Enable remote connections & chn start dch v :

Nguyn Hng Minh

Page 92

Qun tr mng-2012

Chn yes save v chnh thc start dch v :

Lc ny ngi qun tr h thng c th ng nhp vo h thng t xa thng qua dch v trn .

Nguyn Hng Minh

Page 93

Qun tr mng-2012 Bi 6. Routing and Remote Access

S gm 2 phn chnh : Phn 1 : NAT Phn 2 : VPN Phn 1 : NAT M hnh NAT nh sau :

Bc u tin: ta cn cu hnh li a ch IP cho client & server : Ti client :

Nguyn Hng Minh

Page 94

Qun tr mng-2012

Cu hnh trn server :

Nguyn Hng Minh

Page 95

Qun tr mng-2012

Tip theo, bn cn chc chn l tt firewall trn cc my , sao cho chng c th ping c n nhau .

Nguyn Hng Minh

Page 96

Qun tr mng-2012
Bc 2 : ci t dch v Routing and Remote Access trn server Server Manager Roles add roles Network Policy and Access Services

Qu trnh xc nhn li cc thng tin :

Nguyn Hng Minh

Page 97

Qun tr mng-2012

Tip theo la chn dch v ci t cho Network Policy and Access Services :

Nguyn Hng Minh

Page 98

Qun tr mng-2012

Kt thc qu trnh ci t :

Nguyn Hng Minh

Page 99

Qun tr mng-2012

Qu trnh ci t thnh cng :

Nguyn Hng Minh

Page 100

Qun tr mng-2012

Bc tip theo : kim tra kt ni ra internet c client & server. Tai server c kt ni thnh cng ra internet, cn client th khng th kt ni ra net. Bc tip theo : trn server , trong routing and remote access , cu hnh NAT cho client a internet. Vo Administrator Tools Routing and Remote Access

Nguyn Hng Minh

Page 101

Qun tr mng-2012

Trong Routing and Remote Access WIN-SV2K8(local) chut phi Configure and Enable Routing and Remote Access.

Nguyn Hng Minh

Page 102

Qun tr mng-2012

Hp thoi cu hnh xut hin :

Nguyn Hng Minh

Page 103

Qun tr mng-2012

Tip theo , cn la chn .. c 5 la chn : Remote access (dial-up or VPN): Network address translation (NAT): Virtual private network (VPN) access and NAT : Secure connection between two private network : Custom configuration :

y ta la chn Custom configuration.

Nguyn Hng Minh

Page 104

Qun tr mng-2012

Tip theo phi la chn dch v m bn mun bt trn server . y ta chn NAT:

Nguyn Hng Minh

Page 105

Qun tr mng-2012

Nguyn Hng Minh

Page 106

Qun tr mng-2012

Tip theo , start services

Qu trnh hon tt . n y, chng ta to giao din mi :

Nguyn Hng Minh

Page 107

Qun tr mng-2012

Tip theo chn card mng s chy giao thc routing trn .

Nguyn Hng Minh

Page 108

Qun tr mng-2012

Tip theo chn ch connect NAT cho tng card mng ca server (1 card mng ni vi client, 1 card mng ni ra ngoi Internet ) , c 2 la chn : Private interface connect to private network : la chn cho card mng ni vi client. Public interface connect to the Internet: la chn cho card mng ni ra internet. Ta ln lt la chn theo yu cu. Vi card ni client:

Nguyn Hng Minh

Page 109

Qun tr mng-2012

Vi card mng ni ra internet :

Nguyn Hng Minh

Page 110

Qun tr mng-2012

Nguyn Hng Minh

Page 111

Qun tr mng-2012

Kt qu :

Nguyn Hng Minh

Page 112

Qun tr mng-2012

Ti y , ta kim tra kt qu , bng cch truy cp mng internet t Client, v trn card mng server show Mappings, thy c qu trnh NAT.

Nguyn Hng Minh

Page 113

Qun tr mng-2012

Nguyn Hng Minh

Page 114

Qun tr mng-2012 Phn 2 : Cu hnh VPN

M hnh VPN

1. Ci t : Bc 1 : Cu hnh IP cho cc card mng trn cc my My Local client:

Nguyn Hng Minh

Page 115

Qun tr mng-2012
My VPN server : Card mng ni vi Local client :

Card mng ni vi VPN client :

Nguyn Hng Minh

Page 116

Qun tr mng-2012

Bc 2 : cn chc chn rng firewall trn cc my c tt, vic ping gia cc my l thnh cng.

Nguyn Hng Minh

Page 117

Qun tr mng-2012
Bc 3 : ci VPN , chng ta cn ci t Roting and Remote Access trn server, bc ny chng ta ci t trn ri nn khng nhc li chi tit na. Bc 4 : cu hnh VPN trong Routing and Remote Access : Administrator Tools Routing and Remote Access chut phi Configure and Enable Routing and Remote Access.

Tip theo ta chn mc Remote access (dial-up or VPN)

Nguyn Hng Minh

Page 118

Qun tr mng-2012

Tip theo chn 2 mc cn setup dch v cho nhn c 2 kt ni dial-up and VPN :

Nguyn Hng Minh

Page 119

Qun tr mng-2012

La chn card mng :

Nguyn Hng Minh

Page 120

Qun tr mng-2012

Tip theo , cn la chn cch thc phn b a ch IP cho VPN client . ta chn From a specified range of address.

Nguyn Hng Minh

Page 121

Qun tr mng-2012

Tip theo cn thm vo di a ch IP cp cho VPN client

Nguyn Hng Minh

Page 122

Qun tr mng-2012
Kt qu sau khi thm

Tip theo, bn cn la chn c lm vic vi RADIUS server khng.

Nguyn Hng Minh

Page 123

Qun tr mng-2012

Kt thc qu trnh :

Nguyn Hng Minh

Page 124

Qun tr mng-2012

Bc 5 : to user u1 trn server v chnh tab dial-in cho n allow access. Vo Server Manager Configuration Local Users and Groups Users new user.

Nguyn Hng Minh

Page 125

Qun tr mng-2012

Chut phi (u1) Properties tab (Dial-in) cu hnh nh sau :

Nguyn Hng Minh

Page 126

Qun tr mng-2012

Bc 6 : trn VPN client , to 1 kt ni VPN. Vo Network and Sharing center , chn Set up a connection or network

Nguyn Hng Minh

Page 127

Qun tr mng-2012

Chn mc Connect to a workplace Next

Nguyn Hng Minh

Page 128

Qun tr mng-2012
Chn mc User my Internet connection (VPN)

Chn mc Ill set up Internet connection later

in a ch IP ca Server next

Nguyn Hng Minh

Page 129

Qun tr mng-2012

mc nh , nhn Create

Bc 7 : Kim tra kt qu Nguyn Hng Minh Page 130

Qun tr mng-2012
Vo phn Network Connection VPN Connect (va to) chut phi Connect.

Nhp vo username : u1 Passwork: *** Nhn Connect

Nguyn Hng Minh

Page 131

Qun tr mng-2012

Kt qu ta thy client nhn c a ch IP do server cp

Nguyn Hng Minh

Page 132

Qun tr mng-2012
Ping kim tra thy my local client bn trong ni b

Kim tra trng thi ca kt ni VPN Vo phn Network Connection VPN Connect (va to) chut phi Status Ta thy VPN client dng giao thc PPTP kt ni vo mng ni b

Nguyn Hng Minh

Page 133

Qun tr mng-2012

Nguyn Hng Minh

Page 134

Qun tr mng-2012 Bi 7. Terminal Services

1. L thuyt : Terminal Service Remote Application l mt tnh nng mi trn Windows Server 2008. Mc ch l cc my trm khng ci t cc phn mm ng dng , nhng li c th s dng nhng chng trnh c ci t sn trn my ch windows server 2008, thng qua Terminal Service. Cc my trm kt ni n my ch thng qua Terminal Service nn my trm phi c ci t Remote Desktop Connection (RDC) 6.0 tr ln. Bn c th download RDC 6.0 cho Windows 2003 SP1 v Windows XP Professional SP2 ti http://support.microsoft.com/default.aspx/kb/925876. Cc cch thc my trm kt ni n my ch l : S dng trnh duyt web : my ch phi ci t thm Terminal Service Web Access , my trm phi c ci t Remote Desktop Connection (RDC)6.0. S dng Network Access : My ch to sn file .rdp (mi chng trnh ng dng tng ng 1 file .rdp) v c share trn my ch, my trm truy cp vo my ch, chy trc tip file khai thc chng trnh ng dng trn my ch. S dng Network Access : my ch to sn file .msi (mi chng trnh ng dng tng ng 1 file .msi) v c share trn my ch, my trm truy cp vo my ch, chy trc tip file ci t cc shortcut lin kt chng trnh ng dng trn my ch. Cc shortcut ny c ci t trong Start menu ca my trm, c th l mc Remote Appliation. My trm chy cc shortcut khai thc chng trnh ng dng trn my ch. S dng policy (p dng cho mi trng Domain) trin khai hng lot vic ci t shortcut lin kt n chng trnh ng dng trn my ch cho nhiu my trm. 2. Ci t v cu hnh : a) Chun b : H thng gm : Nguyn Hng Minh Page 135

Qun tr mng-2012
Server : Windows Server 2008 o To local user : sv1/123, sv2/123 v add vo group remote desktop users o Bt ch remote desktop trn my server o Change password Administrator : 123 Client : Windows XP b) Ci t Terminal Service : Add new users sv1 & sv2 & add group remote desktop users: Administrator Tools Active Directory Users and Computers Users chut phi New Users. Tip theo, chn name sv1 hon tt. Sv1 chut phi properties tab Member of Add Remote desktop users OK Apply Start Programs Addministrative Tools server manager Roles chut phi Add Roles.

Nguyn Hng Minh

Page 136

Qun tr mng-2012
Chn Terminal Services Next.

Hp thoi Instruction to Terminal Services Next Chn Terminal Server Next.

Nguyn Hng Minh

Page 137

Qun tr mng-2012

Application Compatibility mc nh Next.

Nguyn Hng Minh

Page 138

Qun tr mng-2012

Authentication Method Chn Do Not Require Network Level Authentication Next.

Nguyn Hng Minh

Page 139

Qun tr mng-2012

Licensing Mode Configure later Next

Nguyn Hng Minh

Page 140

Qun tr mng-2012

Add 2 user sv1 & sv2 vo c th access the terminal server

Nguyn Hng Minh

Page 141

Qun tr mng-2012

Confirmation Installation Install. Sauk hi ci t xong th chn Restart OK

Nguyn Hng Minh

Page 142

Qun tr mng-2012

Kim tra Remote Connection c enable . Bm chut phi Computer chn properties Remote Setting tab Remote

Nguyn Hng Minh

Page 143

Qun tr mng-2012

c) Thm cc chng trnh ng dng RemoteApp: Start Program Administrative Tools Terminal Services TS RemoteApp Manager. Menu Action Add RemoteApp Program.

Nguyn Hng Minh

Page 144

Qun tr mng-2012

Mn hnh Welcome Next. Choose Program to add to RemoteApp Program list Chn cc ng dng cho Client Next.

Nguyn Hng Minh

Page 145

Qun tr mng-2012

Review Setting Finish.

Nguyn Hng Minh

Page 146

Qun tr mng-2012

Trong mn hnh TS remoteApp Cun xung cui mn hnh Bm chut phi vo application v chn Create Windows Installer Package

Mn hnh Welcome Next. mc nh cc thng s cu hnh Next Nguyn Hng Minh Page 147

Qun tr mng-2012

Chn Finish

Nguyn Hng Minh

Page 148

Qun tr mng-2012

d) Chia s Folder cha file ng dng : C:\Program File Packaged Program Properties Share Folder Everyone Allow-Read OK

Nguyn Hng Minh

Page 149

Qun tr mng-2012

e) Kim tra trn my Client : Start Run nhp a ch IP Remote Server . Vd: \\192.168.1.38 OK

Hp thoi yu cu khai bo username/ password ng nhp nhp sv1/123 OK.

Nguyn Hng Minh

Page 150

Qun tr mng-2012

Chn ng dng cn dng:

Chn Connect :

Nguyn Hng Minh

Page 151

Qun tr mng-2012

Nhp vo user chng thc OK

Qu trnh kt ni din ra v ng dng cn dng s m ra :

Nguyn Hng Minh

Page 152

Qun tr mng-2012

3. Trin khai cc ng dng RemoteApp thng qua TS Web Access: a) Ci t TS Web Access trn Terminal Server : Server Manager Terminal Services Add Role Services.

Nguyn Hng Minh

Page 153

Qun tr mng-2012

Chn TS Web Access Next

Nguyn Hng Minh

Page 154

Qun tr mng-2012

Chn Add Require Role Services

Nguyn Hng Minh

Page 155

Qun tr mng-2012
cc thng s mc nh Next Chn Install .

Nguyn Hng Minh

Page 156

Qun tr mng-2012

Nguyn Hng Minh

Page 157

Qun tr mng-2012

Start Program Administrative Tools Terminal Services TS RemoteApp Manager. Bm chut phi cc ng dng mun hin th chn Show in TS Web Access.

Nguyn Hng Minh

Page 158

Qun tr mng-2012
b) Kim tra trn Terminal Client : M IE khung Address nhp vo a ch Terminal Server: http://192.168.1.38/ts --> Enter hp thoi khai bo username / passwork xut hin . nhp sv1/Sinhvien1

Sau khi ng nhp thnh cng la chn cc ng dng cn dng :

Nguyn Hng Minh

Page 159

Qun tr mng-2012

Nguyn Hng Minh

Page 160

Qun tr mng-2012 Ti liu tham kho

Slide Qun Tr Mng (trn lp) Gio trnh 32 bi LAB qun tr mng Tham kho Internet o Forum Nhatnghe.com o Forum Quantrimang.com

Nguyn Hng Minh

Page 161