Installing and Configuring Network Services

Now that we have seen how to configure some of the client services that are common to all Windows 2000 computers, let's take a brief look at the network services that we configured our network card to use. All of the services we are going to look at can only be installed on a Windows 2000 Server or Advanced Server computer; they cannot be installed on Windows 2000 Professional.

All the network services that we are going to be discussing can be installed using the following procedure:

1. Select Start, Settings, Control Panel, Add/Remove Programs, Add/Remove Windows Components.

2. From the Windows Component Wizard dialog, select Networking Services and click the Details button.

3. This opens the Networking Services dialog as shown in Figure 7.13. From here you can select DNS, DHCP, WINS and several other network services.

   Figure 7.13. The Networking Services installation dialog.

   

The Domain Name Service (DNS)

The Domain Name Service is an Internet standard TCP/IP name service. DNS allows client machines to resolve, or locate, TCP/IP devices (servers, workstations, routers, and so on) within the LAN, and Internet hosts beyond the LAN. Although humans are comfortable with names , computers require numbers , so DNS is necessary to handle this resolution. For example, it is the responsibility of DNS to translate the user -friendly name http://www.quepublishing.com/ into the computer-friendly IP address 165.193.123.44.

Windows 2000 uses DNS as the locator service for Active Directory (AD), and AD cannot be installed without a DNS server present and operational. Windows 2000 computers query DNS at boot time to find the closest domain controller. Servers use DNS to create a replication topology to facilitate directory updates.

DNS replaces Windows Internet Naming Service (WINS) as the default name resolution mechanism in Windows 2000. However, WINS is still required for support of downlevel Windows 9x and NT 4.0 clients , and certain software applications.

The shift to DNS as the primary lookup method provides a Windows 2000 environment with significant added functionality in its ability to locate and share addressing information across an organization and to provide support for an open industry standard. Windows 2000 also supports a number of innovations to the DNS environment, one of which is support for Dynamic DNS (DDNS), as described in RFC 2136, which allows Windows 2000 to dynamically register with DNS servers listed in the TCP/IP properties.

Windows 2000 DNS also supports integrating the DNS database with Active Directory. This integration allows for DNS zone information to be maintained and distributed using the Active Directory replication technology already in place. This feature brings significant benefits to DNS, including

• No single point of failure Windows 2000 Active Directory uses multiple-master replication. Therefore, updates can be submitted to any participating DNS server.

• Efficient replication All Active Directory replication is on a per-property basis. For example, a user object has many properties associated with itfirst name, last name, email address, phone extension, and so on. If one of these properties is changed, Active Directory replicates only that individual property, not the entire user object. This results in significantly smaller replication traffic across the network. Rather than an entire zone file being replicated every time a record changes, as would happen in traditional DNS, the integration of Microsoft DNS with Active Directory means that only the affected record is replicated to other DNS servers.

• Dynamic Registration All computers that receive a leased IP address are automatically entered into the DNS database, and are removed when the lease expires .

ADS replication can be scheduled or compressed to save WAN bandwidth. Also, even without ADS, DNS attempts incremental updates by default, thus replicating only changes rather than the entire zone file. If that fails due to servers that don't support incremental updates, it transfers the entire file.

You install DNS using the procedure that was discussed in the previous section. After installation, open the DNS MMC, as shown in Figure 7.14, and allow the wizard that appears automatically to step you through creating the forward and reverse lookup zones necessary for a proper DNS infrastructure.

The Dynamic Host Control Protocol (DHCP)

Dynamic Host Configuration Protocol (DHCP) is a TCP/IP standard designed to provide client machines with IP addresses dynamically at boot time. The client has use of this IP address for a predetermined amount of time, called a lease-duration . Before the lease expires, the client reconnects to the DHCP server and renews the lease. This process frees administrators from maintaining static IP addresses, and ensures consistency of IP configuration across the LAN.

Once a client receives an IP address from a DHCP server, a renewal process occurs as the lease approaches expiration. After 50 percent of the configured lease duration has elapsed, the client attempts to contact the DHCP server. The client that's requesting to renew its IP address broadcasts a DHCPREQUEST message. The DHCP server, if available, responds with a DHCPACK , granting the client's request to renew the IP address. Also, information about other DHCP options is included in this reply. If any information has changed since the client first obtained its lease, the client updates its configuration accordingly .

If the server from which the client originally leased the IP address does not respond, the client again attempts to renew the IP address when 87.5 percent of the lease duration has elapsed. At this point, the client attempts to renew its current lease with any available DHCP server. If a server responds with a DHCP offer message (DHCPOFFER) to update the current client lease, the client can renew its lease based on the offering and continue operation.

If the lease expires and no server has been contacted, the client must immediately discontinue using its leased IP address. The client then follows the same process used during its initial start up operation to obtain an IP address.

You install DHCP using the procedure that was discussed in the previous section. After installation, open the DHCP MMC, as shown in Figure 7.15, and right-click on the server name and select New Scope. This opens the New Scope Wizard. Scopes determine the pool of IP addresses from which a DHCP server can assign IP addresses. Every DHCP server must be configured with at least one scope.

Follow the wizard's prompts and configure the following:

• Scope Name This should be something descriptive.

• IP Address Range This is the starting and ending IP addresses of the range of IPs that you want to distribute to clients. The subnet mask is also entered here.

• Add Exclusions If you are going to manually assign any static IP addresses that are included in the previously defined range of IP addresses, you should exclude them here. This prevents DHCP from leasing an IP address that is earmarked for use on a specific device. If this specification is not made for the static addresses, an IP address conflict occurs, causing one or more computers to not function.

• Lease Duration This is the length of time that the IP address is be leased to a client. The client has the opportunity to renew the lease before it expires. The default is eight days; it should be suitable for most environments.

At this time, the wizard gives you the opportunity to configure the DHCP options. When a computer receives an IP address from the DHCP service, it can also receive other optional TCP/IP configuration settings, such as

• WINS Server Address

• DNS Server Address

• Gateway Address

• Time Server Address

• WINS/NBT Node Type

These settings can be configured using the wizard, or can be configured later by right-clicking Scope Options and selecting Configure Options.

Before a DHCP server can service client requests , it must be authorized. This is accomplished by right-clicking the scope name and selecting Authorize. This is a step that is very important in the real world, so you could reasonably expect to see some reference to it on the exam.

Additionally, DHCP in Windows 2000 has been extended to provide additional services beyond traditional IP address assignment. First, Windows 2000 DHCP is integrated with DNS, providing dynamic name-to-IP mapping. This allows the DHCP server to automatically register a computer in DNS when it issues it an IP address, and de-register it when the IP address lease expires. Second, Windows 2000 DHCP supports Remote Installation Service (RIS), providing auto configuration of Windows 2000 Professional workstations by pressing F12 during power-on self-test (POST). Using DHCP and RIS, a pristine workstation can receive an IP address and be configured with Windows 2000 Professional and other productivity software without an administrator being present.

The Windows Internet Naming Service

Each computer has an DNS host name and a NetBIOS computer name. Unless specifically configured otherwise , these names are the same. Windows Internet Naming Service (WINS) provides NetBIOS name-to-IP address resolution. The WINS service provides for NetBIOS names what DNS provides for host names.

You install WINS using the procedure that was discussed in the beginning of this section. Compared to some of the other services, there is relatively little configuration involved for WINS. The only recommended task is to configure the WINS database to be backed up periodically.

This is accomplished by right-clicking the server name in the WINS MMC and selecting Properties. From the General tab, as shown in Figure 7.16, enter the path where you want the database to be backed up to. This cannot be a network drive; it must be on the local computer. The database is backed up every three hours. In addition, you can select the Back Up Database During Server Shutdown option, which automatically backs up the database whenever the server is shut down or rebooted, or the WINS service is stopped .

You can also configure replication of the WINS database to other servers through the use of push and pull partners. A push partner reports changes to the database to other servers. A pull partner is a server that requests a replica of the database from the push partner. To configure general replication parameters from the WINS console, perform the following steps on both push and pull partners :

1. Expand the view for the server by clicking the plus sign next to it.

2. Right-click Replication Partners and select Properties from the pop-up menu.

3. From the General tab, select or deselect Replicate Only with Partners. Selecting this option guarantees that WINS information is replicated only with designated replication partners. Deselecting this option allows you to manually replicate WINS information with any WINS server on the network.

4. Static mappings are created for non-WINS clients on the network, which allows their computer names to be registered in WINS. If multiple computers may use the same IP addresses, you may want WINS to overwrite existing entries with information from new registrations. To do this, select Overwrite Unique Static Mappings At This Server.

To configure a push partner, perform the following steps from the WINS console:

1. Expand the view for the server by clicking the plus sign next to it.

2. Right-click Replication Partners and select Properties from the pop-up menu.

3. Select the Push Replication tab.

4. To configure when the push should take place, select At Service Startup or When Address Changes, or both.

5. The Number of Changes in Version ID Before Replication filed specifies the number of registrations and changes that must take place before pull partners are notified, which activates database replication. This counter is for local changes only and doesn't count changes pulled from other partners. If this field is set to zero, no push replication takes place.

6. The default selection for persistent connections is enabled; if you do not want to keep the default setting, clear the Use Persistent Connections for Push Replication Partners check box. Click OK.

To configure a pull partner, perform the following steps from the WINS console:

1. Expand the view for the server by clicking the plus sign next to it.

2. Right-click Replication Partners and select Properties from the pop-up menu.

3. Click the Pull Replication tab.

4. Configure start time for when replication should begin.

5. Next, set the Replication Interval for when scheduled replication should occur, such as every 60 minutes.

6. Set the number of times a pull partner should retry the connection to a push partner in the event of a failed connection in the Number of Retries field.

7. The default setting for pull replication is to start when the WINS server starts. To change this, clear the Start Pull Replication at Service Startup check box. When it's cleared, pull replication starts only at the specified Start Time.

8. The default selection for persistent connections is enabled; if you do not want to keep the default setting, clear the Use Persistent Connections for Pull Replication Partners check box. Click OK.

To configure push and pull replication partners, perform the following steps:

1. Expand the view for the server by clicking the plus sign next to it.

2. Right-click Replication Partners and select New Replication Partner from the pop-up menu.

3. Either type in the IP address or name of the server, or click the Browse button to find the partner on the network.

4. Click OK.

With the exception of Advanced Server clusters, WINS is not required for Windows 2000 Server and Professional. However, it is necessary for coexistence with downlevel clients such as Windows 9x or NT 4, and certain software applications.

Troubleshooting TCP/IP

Even though TCP/IP is a mature technology, and you will rarely have problems, you should be able to perform some basic troubleshooting. For example, if a newly installed computer is unable to communicate with the other computers on the network or access the Internet, you should first verify that the TCP/IP settings are properly configured. This can most easily be accomplished using the ipconfig command line utility.

Just open a command prompt and type ipconfig /all , and you should see something similar to the output shown in Figure 7.17.

Some things to check:

• Make sure that all the configuration settings are correct. It's easy to make a typo that keeps your computer from communicating.

• Make sure that the IP address doesn't start with 169.254: This would be an APIPA address, meaning that the computer was unable to get an IP address from a DHCP server, or that you forgot to configure a static address.

• Confirm that you are using the proper DNS and/or WINS server addresses. There won't be any DNS name resolution if the computer cannot contact a DNS server, or if there isn't a HOST file on the computer. A computer can talk to another computer on the local subnet via NetBIOS broadcasts, but is usually unable to talk to computers on other subnets.

• Confirm that the correct subnet mask has been entered. The subnet mask is used by the computer to determine whether a computer it is trying to communicate with is on the local subnet, or a remote network.

• Make sure that there is a gateway configured, if necessary. There must be a gateway address configured for the computer to access resources on another subnet.

After you have verified that all of the TCP/IP configuration settings are correct, use the ping command line utility to see how much connectivity you have.

Ping in this order:

1. The computer's loopback address, 127.0.0.1. This determines whether TCP/IP and the network card are installed and configured correctly.

2. The actual IP address of the computer you are trying to communicate with. If your IP address is not unique, you should receive an error message.

3. A computer on the same subnet. This proves that your TCP/IP settings are correctly configured. If this fails, you might have the wrong subnet configured.

4. The IP address of the default gateway. If the gateway is not operational, or you have the wrong gateway configured, you cannot communicate with anything that is not on the local subnet.

5. A computer on a subnet past the default gateway. If you can send and receive a ping through a router, the problem is not on your computer.