Configuring and Testing a Dial-Up Profile

This section describes how to configure the test lab for dial-up access and phone book distribution, create a Connection Manager profile for dial-up access, and install and test this profile on the client computer.

DC1

To configure the test lab for dial-up access, create an appropriate user account and an appropriate group on DC1.

Create a user account for dial-up connections

1. Open the Active Directory Users And Computers administrative tool.

2. In the console tree under the example.com domain, right-click Users, point to New, and then click User.

3. In the New Object – User dialog box, type DialUser in the First Name text box, type DialUser in the User Logon Name text box, and click Next.

4. In the New Object – User dialog box, type a password of your choice in the Password and Confirm Password text boxes. Clear the User Must Change Password At Next Logon check box, select the Password Never Expires check box, and click Next.

5. In the New Object – User dialog box, click Finish.

Create a group for dial-up connections

1. In the console tree, right-click Users, point to New, and then click Group.

2. In the New Object – Group dialog box, type DialUsers in the Group Name text box and then click OK.

3. In the details pane, double-click DialUsers.

4. In the DialUsers Properties dialog box, click the Members tab, and then click Add.

5. In the Select Users, Contacts, Or Computers dialog box, type DialUser in the Enter The Object Names To Select text box and click OK.

6. In the Multiple Names Found dialog box, click OK.

7. Click OK to save changes to the DialUsers group.

IAS1

To configure the test lab for dial-up access, configure IAS1 with an appropriate remote access policy for dial-up access.

Create a remote access policy for dial-up connections

1. Open the Internet Authentication Service administrative tool.

2. In the console tree, right-click Remote Access Policies, and then click New Remote Access Policy.

3. On the Welcome To The New Remote Access Policy Wizard page, click Next.

4. On the Policy Configuration Method page, type Dial-up remote access to intranet in the Policy Name text box and click Next.

5. On the Access Method page, select Dial-up and click Next.

6. On the User Or Group Access page, click Group and then click Add.

7. In the Select Groups dialog box, type DialUsers in the Enter The Object Names To Select text box. Click Locations to specify the location as example.com, not IAS1. Click OK. The DialUsers group in the example.com domain is added to the list of groups on the User Or Group Access page. Click Next.

8. On the Authentication Methods page, the MS-CHAP v2 authentication protocol is selected by default. Click Next.

9. On the Policy Encryption Level page, clear the Basic Encryption and Strong Encryption check boxes, and click Next.

10. On the Completing The New Remote Access Policy Wizard page, click Finish.

IIS1

To configure the test lab for dial-up access, configure IIS1 as a phone book server.

Install Connection Point Services (CPS)

1. Click Start, point to Control Panel, and click Add Or Remove Programs.

2. Click Add/Remove Windows Components, click Management And Monitoring Tools, and click Details.

3. Select the Connection Point Services check box, and click OK.

4. When asked whether to enable PBS requests, click Yes.

Configure a user account and permissions for posting phone book data

1. In the Computer Management administrative tool, create a local user account, named Post, for posting phone book data, and clear the User Must Change Password At Next Logon check box. Make this account a member of the Guests group. Do not make this a domain user account.

2. Open Windows Explorer, double-click Program Files, right-click Phone Book Service, and click Properties.

3. In the Phone Book Service Properties dialog box, click the Security tab, and click Advanced.

4. Clear the Allow Inheritable Permissions From The Parent To Propagate To This Object And All Child Objects check box. Remove all users from Group Or User Names by clicking Remove. Click OK.

5. Click Add, add the Post user account with Read And Execute and Write permissions. Click OK.

6. Open the Internet Information Services (IIS) Manager administrative tool.

7. In the console tree, double-click IIS1, double-click FTP Sites, right-click Default FTP Site, and then click Properties.

8. In the Default FTP Site Properties dialog box, click the Security Accounts tab, and ensure that the Allow Anonymous Connections check box is cleared. If a warning message appears when you clear the check box, click Yes. Click OK.

9. In the console tree, double-click Default FTP Site, right-click PBSData, and then click Properties.

10. On the Virtual Directory tab, select the Write check box.

    

11. Click OK for the server to register the changes.

VPN1

To configure the test lab for dial-up access, install Connection Manager Administration Kit and Phone Book Administrator on VPN1. Additionally, create a phone book and post it to the phone book server, and create a dial-up Connection Manager profile.

Install Connection Manager Administration Kit (CMAK)

1. Click Start, point to Control Panel, and click Add Or Remove Programs.

2. Click Add/Remove Windows Components, click Management And Monitoring Tools, and click Details.

3. Select the Connection Manager Administration Kit check box, and click OK to install CMAK.

Install Phone Book Administrator (PBA)

1. Open Windows Explorer, and browse the Windows Server 2003, Standard Edition installation CD.

2. Install PBA from the Valueadd\Msft\Mgmt\Pba folder by double-clicking Pbainst.exe.

3. Click Yes.

4. When installation finishes, click OK.

Create a phone book

1. Click Start, point to All Programs, point to Administrative Tools, and then click Phone Book Administrator.

2. On the File menu, click New Phone Book.

3. In the Add New Phone Book dialog box, type DialCorp in the New Phone Book Name text box.

4. Click OK to add the DialCorp phone book.

5. Click Add.

6. In the Add POP - DialCorp dialog box, on the Access Information tab, type Local Dial to CorpNet in the POP Name text box. From the Country/ Dependency drop-down list, choose the country or dependency in which your test lab is located. If the phone number for the modem on VPN1 requires an area code, type it in the Area Code text box; otherwise, type a space in the Area Code box. Type the phone number for the modem that is installed on VPN1 in the Access Number text box. From the Status drop- down list, click In Service.

   

7. Click the Settings tab. In the Dial-Up Networking Entry text box, type Dial- up to CorpNet and then click OK.

   

Post the phone book

1. On the Tools menu, click Options.

2. In the Options - DialCorp dialog box, type iis1.example.com in the Server Address text box, post in the User Name text box, and the password for the Post account in the Password text box. Click OK.

   

3. On the Tools menu, click Publish Phone Book to open the Publish Phone Book - DialCorp dialog box.

4. Click Create.

5. When the phone book has been created, the Post button is activated.

   

6. Click Post to post the phone book, and wait for the phone book to post.

7. Click Close, and then close PBA.

Create the DialCorp profile with Connection Manager Administration Kit

1. Click Start, point to Administrative Tools, and click Connection Manager Administration Kit.

2. On the Welcome To The Connection Manager Administration Kit Wizard page, click Next.

3. On the Service Profile Selection page, ensure that New Profile is selected and then click Next.

4. On the Service And File Names page, type Dial-up to CorpNet in the Service Name text box and DialCorp in the File Name text box, and then click Next.

   

5. On the Realm Name page, click Next.

6. On the Merging Profile Information page, click Next.

7. On the VPN Support page, click Next.

8. On the Phone Book page, click Browse, and browse to DialCorp.pbk. This file will be under Program Files\PBA\DialCorp. Click the file, and click Open. The name of the file will appear in the Phone Book File text box on the Phone Book page. Click Next.

   

9. On the Phone Book Updates page, type iis1.example.com in the Connection Point Services Server text box, and then click Next.

   

10. On the Dial-up Networking Entries page, click Edit.

11. In the Edit Dial-up Networking Entry dialog box, click the Security tab. In the Security Settings drop-down list, click Use Advanced Security Settings, and then click Configure.

12. In the Advanced Security Settings dialog box, in Authentication Methods, clear all check boxes except the one for Microsoft CHAP Version 2 (MS- CHAPv2).

    

13. Click OK twice to return to the Dial-up Networking Entries page, and then click Next.

14. On the Routing Table Update page, click Next.

15. On the Automatic Proxy Configuration page, click Next.

16. On the Custom Actions page, click Next.

17. On the Logon Bitmap page, click Next.

18. On the Phone Book Bitmap page, click Next.

19. On the Icons page, click Next.

20. On the Notification Area Shortcut Menu page, click Next.

21. On the Help File page, click Next.

22. On the Support Information page, type For help connecting, contact the Support Desk in the Support Information text box and then click Next.

    

23. On the Connection Manager Software page, click Next.

24. On the License Agreement page, click Next.

25. On the Additional Files page, click Next.

26. On the Ready To Build The Service Profile page, select the Advanced Customization check box, and then click Next.

27. On the Advanced Customization page, click Connection Manager in the Section Name drop-down list, type HideDomain in the Key Name text box, and type 0 in the Value text box.

    

28. Click Apply, and then click Next. A command prompt window will open and close as the profile is created. When the Completing The Connection Manager Administration Kit Wizard page appears, click Finish.

Prepare to distribute the DialCorp profile

• Copy the DialCorp.exe file in the Program Files\CMAK\Profiles\DialCorp folder to a floppy disk.

Add more POPs for testing phone book updates

1. Open the Phone Book Administrator administrative tool, and add several more POPs to the DialCorp phone book.

2. Post the phone book again.

CLIENT1

To configure the test lab for dial-up access, install the DialCorp profile on CLIENT1.

Install the DialCorp profile

1. Insert the floppy disk on which you saved the DialCorp profile into the floppy disk drive of CLIENT1.

2. Open Windows Explorer, and browse to the floppy drive.

3. Double-click DialCorp.exe. When asked whether you want to install the profile, click Yes.

4. When prompted for whom to make this connection available, ensure that My Use Only is clicked, and then click OK.

Connect to CorpNet using the DialCorp profile

1. On the Dial-up To CorpNet logon page, type DialUser in the User Name text box, type the password for the DialUser account in the Password text box, type EXAMPLE in the Logon Domain text box, and then click Properties.

   

2. On the General tab, next to Phone Number, click Phone Book.

3. In the Phone Book dialog box, in Access numbers, click Local Dial To CorpNet, and then click OK. You will not be able to click OK until after you click Local Dial To CorpNet. Note that you have only one POP to choose from, even though you added several more POPs after you created the profile.

4. On the General tab, under Phone Number, clear the Use Dialing Rules check box, and then click OK.

   

5. Click Connect.

Test connectivity and automatic phone book updates

1. When the connection is complete, open a Web browser.

2. In the Address text box, type http://IIS1.example.com/iisstart.htm. You should see a Web page titled “Under Construction.”

3. Click Start, click Run, type \\IIS1\ROOT, and then click OK. You should see the files in the root folder on IIS1.

4. Right-click the connection icon in the notification area, and then click Disconnect.

5. Open Dial-up To CorpNet, and click Properties.

6. In the Dial-up To Corpnet Properties dialog box, click Phone Book. In Access Numbers, you should see the POPs that you added to the phone book after you created the profile.