- Shopping Bag ( 0 items )
• In-depth coverage of official exam objective groups
• Practical information on managing
• Hundreds of challenging review questions, in the book and on the CD
• Leading-edge exam preparation software, including a testing engine and electronic flashcards
Authoritative coverage of all exam topics, including:
• Creating password policies and permissions
• Implementing the Domain Name System (DNS)
• Selecting and implementing popular web servers
• Performing Secure Sockets Layer (SSL) transactions
• Analyzing server and service logs
• Evaluating system performance
• Configuring and managing news servers and e-mail servers
Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.
THE CIW EXAM OBJECTIVE GROUPS COVERED IN THIS CHAPTER:
In this chapter you will gain an understanding of the duties that systems administrators perform in an Information Technology (IT) department. We will look at the tasks that systems administrators perform to maintain and enhance backbone and mission-critical services on local area networks (LANs) and wide area networks (WANs). You will see that these tasks include installing systems, configuring systems, and maintaining systems in order to optimize performance, availability, and responsiveness to users. You will also see that efficiently managing users and groups will allow you to share resources securely in order to maximize the usefulness of your network. This chapter serves as an overview of all these topics, each of which will be developed in later chapters in much greater detail.
The IT department is responsible for administering servers and supporting end users in an organization. As a systems administrator, you may work in an IT department in which each employee is responsible for one specific area, such as installing servers, supporting end users, configuring web servers, configuring e-mail, or maintaining the system. However, it is more likely that you will be required to work in several areas. In a single day, you might install Windows 2000 Server to facilitate file transfer between departments, help an end user check e-mail for the first time, and configure a Linux web server.
The purpose of this chapter is to discuss some of the common systems with which a server administrator will work.
Common IT Tasks and Services
As businesses adopt Internet-based services such as websites and e-mail, IT departments must expand their capabilities to support services and enable businesses to fulfill goals. Therefore, the IT professional's role is to provide the following services:
* Install and configure systems and services
* Support users, which includes troubleshooting applications and managing systems
Table 1.1 lists and describes some of the tasks that an IT department performs. It also lists and describes some of the services you will administer throughout your career as an IT professional.
The primary difference between a service (that is, a daemon) and an application is that a service runs more or less full-time on the "back end" (for example, on a Windows 2000 server or a Unix box). Applications are deployed for specific user tasks, such as checking e-mail, editing a file, or configuring an IP address.
As you can see from Table 1.1, IT departments offer a multitude of services. These services are categorized as either backbone or mission-critical and can be more appropriate for a LAN or a WAN.
Backbone services provide the foundation for a working LAN or WAN. Because these services generally operate in the background, they are often invisible to users and may be taken for granted until and unless there is a malfunction. That problem may have critical network-wide consequences that must be quickly remedied. Backbone services help organize users by allowing them to work with machines by name rather than by IP address.
Problems with these services can include a failure of client computers to obtain an IP address, the inability to resolve IP addresses to friendly host names, or the inability to locate resources on the network through a central logon to a directory service.
The following is a list of the most essential services:
Naming services These services include the Domain Name System (DNS), the Windows Internet Naming Service (WINS), and Samba (Samba enables Unix systems to participate in Windows networking). Naming services also include Dynamic DNS (DDNS), which allows DNS automatic name-to-IP address mapping changes. Companies such as TZO (tzo.com) offer this service. With the advent of Windows 2000, dynamic DNS has become popular in LANs, as well.
Address management You can coordinate DHCP servers with naming servers to ensure that all systems have the most current addressing information.
Directory services These services centralize system resources such as servers, printers, and Internet access. Examples of directory services include Novell Directory Services (NDS), the Windows NT Directory Services (NTDS) found in Windows NT 4, and the Windows NT Active Directory found in Windows 2000.
Central logon This single logon point allows access to additional resources (such as servers, printers, and the Internet). A service of this type lets users maintain a single username and password and yet have access to multiple resources. Examples of central logon services include Windows NT and NIS domains, as well as the Kerberos implementations found in Windows 2000 and various Unix flavors (including Linux). Kerberos is a secure method of providing a central logon. Kerberos authentication does not allow passwords to travel across the network and provides granular access to resources on a timed basis.
Routing Whenever you connect one LAN to another, you can use a bridge, a router, or a switch. A router is the popular connection. You might be asked to configure routers or handle other routing issues.
Now that we've looked at backbone services, we need to understand mission-critical services. Any service provided by IT is potentially mission critical. Generally, the more visible a system is and the more users depend on it, the more mission-critical the system is. Mission-critical services can include the following:
* World Wide Web servers such as Microsoft Internet Information Server (IIS), Apache Server, and so forth
* Database, application, and e-commerce servers (any service designed to collect, gather, and present information across a network)
* FTP servers such as Wu-FTPD and IIS
The best way to identify a mission-critical service is to identify the nature of the business. E-commerce sites focus on web servers and accompanying support servers, including databases and other middleware. Middleware is software that extends the capabilities of a web server. Middleware can include Java servlets, application servers, and other servers that let you organize and direct information between an end user and a web server.
For example, when a business wants to provide real-time audio and video, a streaming video server, such as RealServer (real.com), becomes mission-critical to that business. You must prioritize the various services your company offers.
For many companies, the e-mail server is the ultimate mission-critical service. Mail servers can store, send, and receive e-mail messages using several protocols, including Simple Mail Transfer Protocol (SMTP), Post Office Protocol (POP), and the Internet Mail Access Protocol (IMAP). These three protocols reside at the application layer of the OSI (Open Standards Interconnect) Reference Model. Sometimes, the SMTP and POP3 servers are located on separate machines. Popular mail servers include Netscape Messaging Server and Microsoft Exchange Server. Let's take a look at the e-mail protocols:
SMTP Is responsible solely for sending e-mail messages. In Unix, for example, the sendmail program activates in response to a command and sends the requested message.
POP Is the simplest protocol for storing and receiving e-mail messages. It is currently called POP3 because it is in its third iteration. POP responds to a request, asks for the appropriate password, and then downloads the message from the server to the intended recipient, who can then read, delete, or otherwise manage it.
IMAP Handles messages in a more sophisticated manner than POP by allowing a user to browse and manage files remotely.
End-User Support: Troubleshooting
An often overlooked role filled by IT professionals is that of troubleshooter. An efficient IT professional can assess a problem quickly and has the proper tools to resolve it. Although the IT professional's job is mostly technical in nature, good interpersonal skills are critical for successful interactions with users. Often, in order to isolate the source of a problem, an IT professional must interview a user to find out what changed just before a problem occurred.
User issues can include resetting lost passwords, removing viruses, granting users permissions to resources, and installing, fixing and upgrading software and hardware. We will see that you can use group policy in Windows 2000 to reduce the Total Cost of Ownership (TCO) by standardizing user desktops and automatically installing and upgrading software.
A network administrator must also prioritize tasks based on the number of users affected. Is one user's e-mail down or is the e-mail server down so that all users are affected? If a large number of users are having problems with a certain application, you must isolate, document, and remedy the cause to prevent further incidents.
LAN vs. WAN Services
Many of the services discussed thus far offer a variety of applications depending on the situation. For example, because of security issues, it is not wise to extend NFS or Microsoft shares over Internet connections. Therefore, offer these services from your machine only in a LAN or controlled WAN environment.
In contrast, e-mail, Web, and FTP services apply to almost any environment. You can offer these services within a LAN environment to create an intranet, or you can offer them across the Internet or an extranet. An intranet is a network that provides Internet-based services to end users within a specific organization or division within an organization. An extranet is a private network shared by organizations or company divisions over a public connection, such as the Internet. An extranet employs a virtual private network (VPN) connection to encrypt transmissions.
As a systems administrator, you must be able to configure both enduser and back-end systems. This configuration includes binding protocols such as TCP/IP to the network interface card (NIC) and checking the status of the communication protocol being used (for example, TCP/IP, NetBEUI, or IPX/SPX). Additional issues include the following:
* Configuring gateways
* Configuring name resolution
* Installing and managing services and applications
* Configuring automated and manual IP addressing
You can configure clients so that they automatically receive information about addressing, name resolution, and gateways.
These issues permeate the remaining chapters of this book. Chapter 3 is especially helpful to our understanding of IP addressing, and Chapters 7 and 8 focus on how to configure DNS, WINS, and Samba name resolution.
User management includes adding and removing users from the system and utilizing the applications specific to that operating system. For example, the Computer Management snap-in performs this function in Windows 2000. The Useradd program performs the same tasks in Unix systems. Additional user management issues include the following:
Permissions Can be granted to users over resources that belong to an individual server or over resources that are controlled by a centralized logon server such as a Windows Primary Domain Controller (PDC) or a Kerberos server.
Group membership The most efficient way to manage user permissions
Password aging Making a password expire after a certain period of time
Account lockout Locking out an account permanently or for a certain period of time if a user logon repeatedly fails
Password history Requiring users not to reuse passwords
Password complexity Requiring users to use strong passwords
Controlled access Providing user-level access to directories and files
Another IT department function is performance monitoring-determining exactly how a particular system is performing. Performance monitoring involves checking system components, including keeping watch on the following:
* Bandwidth and access rate issues
* System I/O performance, including traffic on the NIC
* Hard drive access statistics, including capacity and access rate
* CPU usage
* Usage of random access memory (RAM)
In Chapter 2, you will learn how to monitor performance in both Windows 2000 and Unix as you implement various internetworking services.
Maintenance and Backup
System maintenance and backup issues are related to performance. Your tasks will include the following:
* Upgrading operating systems
* Installing service packs and hot fixes
* Upgrading services, including web and e-mail servers
* Scanning hard drives for errors
* Upgrading hard drives to provide more storage capacity
A service pack is a self-contained, all-inclusive patch designed to bring the Windows 2000 operating system up to the latest vendor-mandated specifications. Most vendors issue service packs regularly (for example, approximately every six months). A hot fix is generally a vendor solution for a specific problem. Most vendors issue hot fixes as problems are discovered and solved. Although delivery times vary, hot fixes have been issued within days or weeks of each other. Most of the time, a service pack contains all the relevant hot fixes issued in previous months.
Backup tasks include the following:
* Archiving user-created files, such as Microsoft Word and Excel documents
* Keeping copies of entire operating systems, complete with customized configurations
* Storing changes to databases, as well as other volatile data stores such as human resources and e-commerce databases
* Storing backups offsite to protect data against fires and natural disasters
In this chapter you learned about the services an IT department performs in fulfilling its primary mission of administering servers and supporting end users in an organization. These services include installing and configuring systems and services and supporting users, which includes troubleshooting applications and managing systems.
Among those services, you learned to distinguish backbone and missioncritical services. You learned that backbone services provide the foundation for a working LAN or WAN and that these services include naming services, address management, and directory services. You also learned that mission- critical services are those whose disruption would have an immediate and critical negative impact on the ability of an organization to perform its primary mission. Mission-critical services typically include World Wide Web, database, application, e-commerce, and FTP servers. For many companies, e-mail servers are the ultimate mission-critical server.
Finally, we discussed the IT concepts of system maintenance, including fault tolerance, server optimization, and backup.
Be able to identify backbone services, which provide the ability to share, find, and connect to resources. Backbone naming services such as Dynamic DNS, WINS, and Samba provide the ability to find resources by using a host name or a NetBIOS name that is friendlier and easier to remember than an IP address. A central logon to a directory service allows universal access to resources based on permissions. In Windows 2000 and Unix, Kerberos implements security for a central logon.
Specify mission-critical services, the loss of which would immediately disrupt a company's ability to perform key operational tasks. World Wide Web, FTP, database and application services, and e-mail are often key and interdepe elements of a company's business operations. (Continues...)
Excerpted from CIW: Server Administration Study Guide by James Stanger Excerpted by permission.
All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.
|Pt. I||Internet System Management||1|
|Ch. 1||IT Systems and Services Overview||3|
|Ch. 2||Internet System Installation and Configuration Issues||25|
|Ch. 3||Configuring TCP/IP on Internet Servers||75|
|Ch. 4||User Management Essentials||105|
|Ch. 5||Managing Users in Windows 2000 Server||157|
|Ch. 6||Managing Users in Linux||231|
|Ch. 7||Name Resolution in LANs with DNS||273|
|Ch. 8||Name Resolution with WINS and Samba||329|
|Ch. 9||Implementing Internet Services||379|
|Pt. II||Advanced Internet System Management||431|
|Ch. 10||Mission-Critical Services||433|
|Ch. 11||Installing, Configuring, and Integrating a Web Server||463|
|Ch. 12||Enabling Secure Sockets Layer||519|
|Ch. 13||Configuring and Connecting to News and E-mail Servers||551|
|Ch. 14||Logging Activity||587|
|Ch. 15||Monitoring and Optimizing Internet Servers||609|
|Ch. 16||Fault Tolerance and System Backup||635|
|Ch. 17||Proxy Servers and Security Overview||675|
Posted December 2, 2002
I read this book over 8 to 10 days. It covered all of the topic sections that I saw on the actual test. I think my success on the test was due to careful reading of this book. This book doesn't read like one of those "exam tips" books; it has sufficient detail and practice exercises to support the text.Was this review helpful? Yes NoThank you for your feedback. Report this reviewThank you, this review has been flagged.