Question
Worldwide Advertising, Inc. (WAI) has hired you as an IT consultant. WAI is a new advertising firm, and they are currently hiring staff, establishing two locations, and have a need to get their internal IT services configured. The firm does not yet have an IT staff, but when they do, the IT staff will take over all aspects of IT administration.
You are required to supply WAI with a solution that describes the implementation and configuration of their core IT services. The cost of the implementation is not expected to exceed the company’s budget and so does not have to be considered in this solution. WAI wishes to implement a solution will meet the company’s needs for the next 2-3 years.
There are several details about WAI which will have an impact on your choices:
- WAI will start with 300 employees, in the following departments:
- Executives (10 employees) – manage and run the company
- Accounts and Sales Department (150 employees) – perform market research and maintain accounts
- Creative, Media and Production Department (100 employees)- advertising
- Human Resources and Finances (30 employees) – perform HR and financial duties
- IT (10 employees) -manage IT for the company
- WAI will have two sites, one in Los Angeles and one in New York. Most staff will be located in Los Angeles with at least 1 person from each of the departments above located in New York City.
- Networking equipment is already in place for both sites. A secure tunnel (using IPSec) will be established between the two sites so that inter-site traffic will be securely tunneled over the Internet. You may make whatever other assumptions you wish about intra-and inter-site connectivity.
- Security mechanisms (e.g., firewalls, intrusion detection) will be handled separately, and there is no need to describe them.
- Some departments will want their data to remain private from other departments (e.g., Finances personnel will not want Production staff to see tl1e company’s financial details). Your team may make assumptions about how data should be shared or kept private.
- Assumptions can be made regarding any information not included here; all assumptions should be identified, however.
Provide technical and justifications reasons for each choice, citing resources as appropriate. Provide rough estimates of scheduling and manpower required for deploying your solution. You may summarize the schedule and manpower at the end of the document or separately for each section.
The Windows Server 2012 operating system should be used for all aspects of the solution.
Your solution should cover the following four numbered areas and associated bulleted items listed under each:
1.Deployment and Server Editions •How many servers total are needed? Which roles will be combined?
- What edition of Windows Server will be used for each server (e.g., Standard, Data)?
- Should servers be virtualized using Hyper-V?
- Where is each of the servers located (which of the two sites)?
- How will the servers be deployed?
2.DNS •DNS namespace design (e.g., domain name[s] chosen split DNS for Internet/intranet, zones)
- How will DNS be handled for the second site?
3.Active Directory •Number of AD domains and names of domains
- Will there be any Read-Only Domain Controllers?
- How will the second site factor into domain controller placement? How will AD sites be configured?
4.File and Printer Sharing •What shares might be needed? (Consider some of the reasoning supplied in the relevant chapter of the textbook.)
- How will quotas/FSRM be configured? (Consider all aspects, such as thresholds, altering, file screens, and reporting.)
- Will a DFS namespace be implemented?
Your submission will:
- Be in a written format, 6-8 pages in length (not counting diagrams).
- Include at least one diagram illustrating the student’s chosen Active Directory design with DNS namespace hierarchy.
- Cite and discuss no fewer than three credible sources other than course readings and media. The CSU-Global Library is a great place to find these sources.
Document formatting and citations should conform to the CSU-Global Guide to Writing and APA Requirements.
Subject | Computer Technology | Pages | 13 | Style | APA |
---|
Answer
Deploy and Administer Windows Server 2012
Introduction
Worldwide Advertising, Inc. (WAI) is an advertising firm with 300 employees located in two locations that is, Loa Angeles and New York. The firm’s IT network will run on the Windows Server 2012 software and will entail the deployment and implementation of servers at the two locations in order to ensure the company’s operations run smoothly. To design and deploy the server system, several factors have to be considered including the server editions, the methods of deploying the system and the number of servers. The DNS settings and the namespace design will also be considered including how the DNS settings will be handled at each site. The number of active directories within the system as well as the domain controllers will also be covered within the report. File and printer sharing shall be discussed in relation to the configuration of quotas and the File System Resource Management in order to ensure that the limited server resources are allocated adequately among all users. The implementation of DFS namespaces shall also be discussed as well as some of the security measures that shall be implemented to limit access to some of the sensitive financial information within WAI. The report’s objective is to submit a fully functional server system that meets and exceeds the company’s requirements as illustrated within the document. The report should act as a comprehensive guide on the deployment and administration of a server system running on the Windows Server 2012 software.
- Deployment and Server Editions
The windows server 2012 program will be deployed on two servers given that Worldwide Advertising, Inc. (WAI) has two locations, one in New York and the other one in Los Angeles. The server in Los Angeles will be the main server because most of WAI’s employees are located in Los Angeles. The two servers shall utilize the Datacenter and standard editions of the software with the Datacenter edition beings the main server located at the Los Angeles location and the standard edition being the salve server controlled by the Datacenter edition. The server located at the Los Angeles location should be virtualized using Hyper-V in order to allow it to be imaged at the New York location. The main server will be located at the Los Angeles office and the slave server will be located at the New York office because of the number of employees at each site. The Los Angeles site ahs more employees than the New York office. The Windows Server 2012 program shall be deployed using windows image files from a bootable DVD-ROM. The two image files used are the Boot.wim file and the Install.wim file. The Boot.wim file will be used to setup the installation environments within the main server after which the Install.wim file shall be used to deploy the main server program.
Configuring the windows image files
In scenarios where the server program is being installed in an Enterprise setting, the Deployment Image Servicing and Management (DISM) tool should be used to modify the images in order to meet the requirements of each enterprise. The DISM tool can be used to make offline modifications of the software without the installation of an operating system, which is a significant advantage that creates a controlled installation environment. One of the most crucial roles of the Dism.exe file is that it can be used to load new updates to the software during installation without having to deploy the full Windows Server 2012 program. Doing this saves time in the post-configuration setup of the software, as the updates applied to the image would be already reflected in the final software configuration.
Servicing the server image files
Servicing the windows server images ensures that the software is up to date before it is deployed to other servers within the enterprise system. The servicing ensures that software drivers are up to date and bug fixes are applied throughout the system in order to ensure the system’s full functionality. This step is especially timesaving as the installation of software updates and drivers after the full deployment of the software usually consumes a lot of valuable time that could be allocated to other activities. Waiting for software updates is quite annoying as the installation process pauses at different points in order to connect with the Microsoft Update Server and download updates before proceeding to the next step. Therefore, it is highly recommended that the servicing be completed before the full deployment of the system.
Servicing the installation images using Dism.exe
The Dism.exe tool is the most appropriate tool for performing an offline update of the installation image as well as the online update of a currently installed system. The installation image should be mounted first before being serviced after which the modified changes are either discarded or committed. Mounting an image allows involves linking it to a folder using a search function like FileExplorer to manipulate the structure of the file.
- DNS
DNS namespace design
The DNS deciphers Internet area and host names to IP addresses. DNS consequently changes in the Web program location bar to the IP locations of Web servers facilitating those destinations. DNS actualizes a circulated database to store this name and location data for every open host on the Internet. DNS expect IP locations do not change (are statically allotted instead of powerfully doled out). The DNS database dwells on a progressive system of uncommon database servers. At the point when customers like Web programs issue solicitations including Internet host names, a bit of programming called the DNS resolver (typically incorporated into the system working framework) first contacts a DNS server to focus the server’s IP address. In the event that the DNS server does not contain the required mapping, it will thus forward the solicitation to an alternate DNS server at the following more elevated amount in the chain of command. After conceivably a few sending and assignment messages are sent inside of the DNS pecking order, the IP address for the given host in the end touches base at the resolver, that finishes the solicitation over Internet Protocol. DNS incorporates support for reserving solicitations and for excess. The system is a working framework bolster design of essential, optional, and tertiary DNS servers, each of which administration is beginning solicitations from customers can. Web access Providers (ISPs) keep up their DNS servers and utilization DHCP to arrange customers, calming most home clients of the weight of DNS design.
DNS handling for the second site
DNS at the second site will be handled through the implementation of a use of a sub domain that handles all internal records. The company shall use the standard WAI.com domains for all external records associated with the second site. The server administrator shall have the task of maintaining the DNS system to ensure that no domain names collide with other domains by allocating the right extensions to each domain name. The administrator shall also monitor all aspects of the network performance at the second site by ensuring that each of the domains administered from the second site has adequate memory allocation for maximum efficiency.
- Active Directory
Number of AD domains and names of domains
A site might need only one domain with two AD domains and names of domains for high fault tolerance and availability. A larger organization such as Worldwide Advertising, Inc. (WAI) with two network locations will require more AD domains and names of domains in each site to provide high availability and fault tolerance. Since the network is divided into two sites, it will be a good practice to put at least one AD domain in each site for enhancing network performance. When users log to the network, an AD domain must be contacted as part of logon process. If the clients connect to a domain located in the second site (New York), the logon process can be a lengthy and more time consuming.
Will there be any Read-Only Domain Controllers
There will be no Read-Only Domain Controller because when the first domain controller is created in Worldwide Advertising, Inc. (WAI) the organization will have created the first domain, the first site, the first forest, as well as installed an Active Directory. Domain controllers based on Windows Server 2012 usually store directory data and manage user interactions with domains including user-logon processes, authentication and directory searches. The stored data can be changed; hence, it cannot be a Read-Only Domain Controller. When using domain controllers any organization that are not Read-Only, the user will want to think about how many domain controllers will be needed, their physical security, a plan for backing up data in the domains as well as upgrading the domain controllers.
How will the second site factor into domain controller placement
To ensure cost efficiency, factoring the second site into domain controller placement will be done with few devices possible. The First, step will be to review the Geographical Location of the second site and the Communication Links. Plans to place the regional domain controllers for the second site will be represented in a hub location after which the need for placing regional domain controllers at satellite location will be evaluated. Eliminating of unnecessary regional domain controller from satellite location reduces support costs that are required to maintain a remote server infrastructure.
Additionally, Worldwide Advertising, Inc. (WAI) will ensure security of domain controllers in hub and satellite locations is enhanced so that unauthorized personnel are denied access to them. Since it is advisable not to write domain controllers in satellite locations and hub in which you cannot guarantee the security of domain controller, (WAI) will be cautious when factoring the second site. Locations with inadequate physical security, deploying a read-only domain controller (RODC) will be the solution to apply. Except for account authentication, an RODC holds the Active Directory objects and features that a writable domain controller holds. Since changes cannot be made to the database that is stored on the RODC, (WAI) will have ready to handle any change. This is together with the knowledge that several changes must be made on a writable domain controller and then replicated to RODC. To validate the client’s logons as well as his access to the local file servers, (WAI) will place regional domain controllers for both sites that are represented in each location. However, variables will be considered when evaluating whether the location of the second site requires its clients with local authentication or if the clients can use authentication and query from the entire network link.
How will AD sites be configured?
The procedure below describes how to configure the Active Directory for the second site. The first step is to open the windows console in the GUI, right-click on the tab referred to as Sites in the left pane of the Windows console, then select and click New Site from the drop down menu that appears. The name of the second site is then entered into the New Object–Site dialog box after which a link for the second site will be chosen. After the AD site has been configured in the second site, it therefore becomes comfortable to move computers from the first to the second site, under the Settings container of NTDS. A site is separate in idea from Windows 2012-based spaces because a site may compass various areas, and a space may compass numerous destinations. Destinations are not the piece of your area namespace. Destinations control replication of your area data and help to focus asset closeness. For instance, a workstation will choose a DC inside of its site with which to validate.
To guarantee that the Active Directory benefit in the Windows 2012 working framework can repeat legitimately, an administration known as the Knowledge Consistency Checker (KCC) keeps running on all DCs and naturally sets up associations between individual PCs in the same site. These are known as Active Directory association objects. A manager can build up extra association questions or evacuate association objects, yet anytime where replication inside of a site gets to be incomprehensible or has a solitary purpose of disappointment, the KCC ventures in and builds up the same number of new association protests as significant to resume Active Directory replication (Shinder, Diogenes, & Shinder, 2013). Replication between locales is expected to happen at either higher expense or slower speed associations. Accordingly, the component for resource allocation between sites (between destinations) replication allows the choice of options transports and is set up by making Site Links and Site Link Bridges.
- File and Printer Sharing
What shares might be needed?
The purpose of creating a network is to ensure resources are accessed to all the users over the same network. Such resources include files, folders, internet and printers. Networking workstations with a purpose of sharing these resources. Typically, folders and files are marked to let remote users access them. They are also called network shares. If Worldwide Advertising, Inc. (WAI) is configured to enable it access network shares, file manager will be used to access and browse them as easily as if they were located on a local machine in a second site. Having read or write access to shared folders is dependent on the permissions granted to each user by the resource administrator.
How will quotas/FSRM be configured?
The quotas/FSRM will be configured according to individual user limits as measured by the size of the folder used by each user in relation to the actual disk space. It is important to keep in mind that, the quota limit applies to the entire folder sub tree. Either a hard quota or a soft quota can be created depending on the choice of the organization. The first is hard quota that prevents users from saving their files after the space limit is attained. It generates a notification whenever the volume of data reaches each configured threshold. For (WAI) we will use soft quota that does not enforce the quota limit. Instead, it generates all of the configured notifications. To determine what will happen when the quota limit approaches, the user will configure notification thresholds. For each of the threshold that will be defined, e-mail notifications will be sent, logon an event, run a script, or even generate storage reports. For instance, the user might want to notify the administrator when a folder she has saved reaches 85 percent of its quota limit. Another notification will be sent when the quota limit is reached. By then you will have noticed that the administrator has already configure the FSRM.
Will a DFS namespace be implemented?
DFS namespace will be implemented in Worldwide Advertising, Inc. (WAI). Since a domain-based DFS namespace will be created, additional domain-based DFS namespace servers need to be implemented. Implementation of the DFS on a server will take place in one basic way. Standalone DFS name spacing, which will allow for DFS root that exists only on the local administrator account in a computer. A Standalone DFS will be accessed on the computer on which it is created.
Conclusion and recommendations
- The company will have to deploy two servers, on at each site in order to maintain and improve overall system efficiency.
- The installation of the windows server program should be done using windows image files, which should be serviced in order to install updates and drivers.
- The DNS namespace design for the entire system should be allowed to carry excess capacity that covers the two sites.
- The system should have a minimum of two active directories, one for each site. The naming of the domains should apply similar structures with minimal differences to represent the two sites.
- The second site shall have a read-only domain controller in order to prevent error naming of domains so that the domains are managed from the main site.
- The system requires network shares for local file management on both sites.
- A DFS namespace will be implemented for the root system.
In conclusion, the company will have a server system that is responsive to the company’s needs at each of its two locations. The allocation of resources between the two sites shall be effectively distributed and the clashing of domains shall not occur given that the domains shall be controlled and created from one site. The system is highly scalable and the above documentation shall be used to ensure that the system meets all the necessary requirements. The system administrators will also be allowed to implement any necessary changes to the system that would improve the system’s performance.
Figure 1. Diagram of the chosen Active Directory design with DNS namespace hierarchy (using the LDAP naming startegy)
References
Goad, E. (2013). Windows Server 2012 Automation with PowerShell Cookbook: Over 110 recipes to automate Windows Server administrative tasks by using PowerShell. Birmingham: Packet Publishing. Morimoto, R., Noel, M., Droubi, O., Abbate, A., Yardeni, G., & Amaris, C. (2012). Windows Server 2012 unleashed. Indianapolis, IN: Sams. Shinder, T. W., Diogenes, Y., & Shinder, D. L. (2013). Windows server 2012 security from end to edge and beyond: Architecting, designing, planning, and deploying Windows server 2012 security solutions. Amsterdam: Elsevier.
|
Related Samples
The Role of Essay Writing Services in Online Education: A Comprehensive Analysis
Introduction The...
Write Like a Pro: Effective Strategies for Top-Notch Explication Essays
Introduction "A poem...
How to Conquer Your Exams: Effective Study Strategies for All Learners
Introduction Imagine...
Overcoming Writer’s Block: Strategies to Get Your Essays Flowing
Introduction The...
Optimizing Your Online Learning Experience: Tips and Tricks for Success
The world of education...