Saturday, July 16, 2011

July15- the last day's blog- VOIP

July 15

thanks Lyle and Morris for a fantastic 2 tech courses !!!

theory and hands on practice .

Log into switch via telnet run the 5 telnet commands from a networked computer into our switch.




We ran the 5 commands with the command prompt
1)Qos enable, 2)qos trust ports, 3)qos apply, 4)write memory, 5) copy working certified.This established QOS the QOS on our switch.
We went to our machines on the S was the xlite software . We installed this software onto our desktop.
We made these setting s changes on the xlite software .
Softphone/account settings /user details
User id 6010
Domain 192.168.181.251
Password 112233
We unselected the domain proxy


In the second softphone menu we went to preferences/Network and selected L


For QOS use softphone /preferences/QOS/select Audio QOS/use dscp/Tos value and the default is 46.


Look for DSCP should be 46 across the supernet .It is highlighted in the areathat equals 46.. which is what we are looking for .
We were able to make and receive call to members of our cohort by dailing the 4 code number . 60 was the first 2 digits for everyone and we put the last 2 digits of everyones network.
6024 was rock and GAils network and we were able to connect to it , and analyse our qos.

































































Thursday, July 14, 2011

Thursday July 14 -virtual machine







Blog July 14 Day 9
Maurice discussed security. This is a vital topic and was well connected to our visit to Blackbridge yesterday. The need for backups and redundancy is a very important as we need access to our data in a timely fashion. I was surprised to hear about the lack of redundancy of the supernet in all areas of the province, rather than the core. I liked the idea of different levels of saving daily/weekly/monthly that Morris had shown, as it would be an idea I will implement on our SIS.
Lyle did a further discussion on virtual servers. These are a more robust machine than a regular server, but can run more than one server. It usually has multiple processors and higher levels of RAM. The virtual server takes advantage of the downtime in the processor to run a different application. One benefit of a virtual machine is that you don’t use a lot of power for a variety of servers.
He also ran a program packet sniffer to allow visualizing traffic from the internet across a server. We were able to see traffic coming across the core switch as he had programmed port 8 to be read. We could not log on one of the other networks servers and see the traffic. We did shut down all our switches for Morris presentation due to noise, just before Lyles presentation, so that may have caused default settings to revert.

We had the opportunity to run a virtual red hat linux machine on one of our Windows 7 enterprise workstation.
We had to log onto the s drive on the server .Our instructor installed the requirements on the server. as they are free I will run this virtual machine on my computer at home.

We had to run the setup_magic disc . We opened it up and it ran on our computer. There was a icon on the bottom right with a disc. We clicked on this and it allowed us to enable the virtual DVD, in this case the E drive.
Install the operating system on your virtual machine. We had to run the CentOS-6.0-i386-bin-DVD via the virtual DVD. This went through it’s processes. There was a few times that we would loose mouse control. We would select the CTRL on the right side of the keyboard. This was something I have never done before.
Once this program was done we were able to run the VirtualBox-4.0.10-72479-Win program from the s drive. This program was very simple to run . Just follow the prompts. The password we chose was admin5769. The only error was the first time I ran the default setting instead of the desktop version, and I gor a line command instead of the GUI for this OS. Once I reran it with this selection of Desktop, it worked fine and we got the GUI This setup also put the Oracle VM virtual box Manager, where we could see the preview of what the redhat os was running,
The login required a password which was admin5769 for the user js
The last install was the Oracle_VM_VirtualBox_Extension_Pack-4. This gave us full features such as the full screen. We initially could not get the Firefox browser to open on the virtual machine. We had to go to the Virtualbox manager/machine/settings/network/adapter 1 and check the enable box.

This allowed the network card to operate, as initially it had not, and thus we were able to open the Internet using Firefox. as the picture at the top of this blog proves.


A virtual machine setup and operational, who would have thought.

Now I canclaim to be a real geek as I can say I know how to play in Linux.

Bring on the Voip Phone Lyle !!!!!!!!

Wednesday, July 13, 2011

day 8 july 13 -printers and field trip

Blog day 8 july 13
Installing a printer group policy on AD, as well as the driver for a Xerox phaser 4510 printer, and be able to push the drivers to workstations on our OU .
The printer we installed was a Xerox Phaser 4510. It was decided beforehand that we would all install the postscript driver. Lyle explained that if we each chose to install a different driver, we could eventually run into difficulties. We had to use this static IP in the TCP/Ip port on the server 192.168.24.51, as the printer was physically attached on Rock and Gails switch on network 24

We found a wonderful Powerpoint resource that ran us through the steps in record time. Skip the Print Pool part and everything is there!
installed the print manager on our server when we had set it up last week.
Start/Adminisrative tools/Server manager
Scroll down to print servers/ Right click/add drivers
A printer driver wizard comes up, select next/
We selected the x86 operating system
We selected the have disc as we had downloaded the software for the Xerox phaser4510 ps driver .
We had to add a local printer and select the TCP/Ip port . This is when it asked for an address and we put in 192.168.24.51.
It went through an install and test page came to the printer

To install print services on the workstations
We went to the OU Sandie-John
Right click/add roles to gpo. Went through the start up and called the printer Xerox Sandie John.
To deploy printers to users or computers by using Group Policy
Open the Administrative Tools folder, and then double-click Print Management.
In the Print Management tree, under the appropriate print server, click Printers.
In the Results pane, right-click the printer that you want to deploy, and then click Deploy with Group Policy.
In the Deploy with Group Policy dialog box, click Browse, and then choose or create a new GPO for storing the printer connections.
Click OK.
Specify whether to deploy the printer connections to users, or to computers:
To deploy to groups of computers so that all users of the computers can access the printers, select the The computers that this GPO applies to (per machine) check box.
To deploy to groups of users so that the users can access the printers from any computer they log onto, select the The users that this GPO applies to (per user) check box.
Click Add.
Click OK.
http://technet.problem.microsoft.com/en-us/library/cc753109(WS.10).aspx
We logged on to the workstations and printed a notepad document to the printer Xerox SandieJohn without any problems The printer was there automatically

This was an additional step we ran on File redirection from the previous day.
We also realized that we had missed a step yesterday and had not included a policy to ensure that the menu start items were retrieved from the server - aah file redirection. To do this:
1. Create a shared folder on the server. We called our StartMenu. Check security settings. Ensure that users have read rights only.
2. Copy start menu items from one of your workstations to this shared folder. (Note: User the \\JSServer10\home$ command) You can find these items on the c:\drive, in the windows folder. However, you need to ensure that you look at the file options and choose show hidden files and folders.
3. The next step is then to create a GPO similar to the file redirection policy created yesterday. When setting the configuration for this policy navigate to the User Configuration -->Policies/Windows Settings -->folder redirection -->Start Menu. We chose the same settings as yesterday - Basic - redirect everyone's folders to the same local and entered JSServer10\Start Menu as our target (We have learned to use the browse feature versus typing to avoid time lost trying to figure our where the typo is). Close the policy. Enforce the policy. gpupdate /force. Login to a workstation and success is ours

Activity 2 Blackbridge Data services
At 11:00 a.m. the Blackbridge Data Center,newly set up in Lethbridge, was a very informative excursion. The infrastructure for the backup cooling and power was very interesting. We have just gone through the process of building with a new division office and NOC. Our backup data, heating and power systems pale in comaparison to the systems of Blackbridge, but at least we have backup systems designed. I would be interested to see the potential of a school division using this type of organization, especially as we develop more virtualized systems in order to support virtual desktops for devices.

Tuesday, July 12, 2011

July 12 Day 7 Blog

Day 7 blog July 12

We did 4 items today from the day 6 and day 7 list of activities
We were successful in all 4 of these items, however there were a few items that were very finicky but we were able to work through these items. Most of these setups were to follow a sequence of steps through the references we found on the web. We had to make very sure of out typing, especially spaces in our login script.

Mini exercise: Group Policy- hide desktop

Group Policy Management was installed
The second part is to create a group policy inside our John Sandie OU.

right clicking on the John Sandie container and adding the policy.

Create the group policy called NO Desktop John Sandie
right click on the group policy /choose "edit" which will open a list of options that you can assign to the group policy that you've just created.
Find and enable "Hide items on desktop".
Right click and ENFORCE the change.
Reboot the Windows 7 workstations and log in using the Student name and password and all icons have disappeared from the desktop.


Mini exercise: A third part application specopsgpupdate and remote shutdown feature
One of these free applications that is used widely is specopsgpudate.
Download the file and install the program specopsgpudate on the Windows Server 2008 machine from link Lyle gave us. This was a simple process of following the prompts.
This program is a shell extension that only shows up in the "Users and Computers" program when you right click on an object.
Find the name of one of the windows 7 computers that are in your OU in the "Users and Computers" program.
Right click on the computer and choose the "Specops gpupdate" option.
This will start another program where you have a variety of choices and one option is to choose the shutdown option.
Once you click on shutdown and confirm the selection, the workstation will shut down. We were able to shutdown one of our Workstations using this feature.

Disabling IE explorer securities in Server 2008
You have to click on the root folder in Server Manager.
Then you scroll down to the Security Information Section and click “Configure IE ESC”.
You can turn off IE ESC for Administrators and/or for users.






Mini exercise: Login scripts using group policy
login scripts and in particular how to map drive letters for an S drives . You will use this documentation to create a windows login script and place it in the "Netlogon" directory in Active Directory

http://www.petri.co.il/setting-up-logon-script-through-gpo-windows-server-2008.htm

start/AdministrativeTools/Group Policy Management
right click on Sandie-John / Create a GPO in this domain, and link it here/ select
Call the new gpo LOGIN SCRIPT Sandie John
Right-click the new GPO and select Edit.
In the Group Policy Object Editor window, expand User Configuration > Windows Settings > Scripts.
Double-click Logon in the right-hand pane.
In the Logon Properties window, click Show Files.
A window will open. The path will be a folder similar to the following:
Net use s: \\JSserver10\shared
Close the window.
Back in the Logon Properties window, click Add
In the Add a Script window, click Browse and you will see the logon script step #11. Whatever you do, DO NOT manually browse for the file, it should be in front of your eyes. If it's not there, check the previous steps for a mistake. Click Ok
Back in the Logon Properties window, see if the logon script is listed, and if it is, click Ok
Close the Group Policy Object Editor window.
Close the GPMC window.
Gpupdate
In active directory users / select John-Sandie
Users and Computers" program when you right click on an object.
Right click on the computer and choose the "Specops gpupdate" option
Testing the logon script
On one of the computers that is part of the domain, logoff the specific user account. Logon and test. When we log in as a teacher or student under computer we see the S drive for the js server as a shared drive.

Mini exercise: Folder redirection

Find the documentation online on how to implement folder redirection.
The first task is to set up each user that logs in to your server with a home directory that resides on the server.
You will then adjust the group policy so that all users will automatically be redirected to that home directory when they open up "My Documents" or "Documents".
The second task is to implement a shared start menu so that when a user clicks on the start button and goes to programs, the menu shortcut icons are retrieved from the file server.
The menu icons will be located in a separate share on the file server so you'll need to create a new share called, "StartMenu" where you will past the menu shortcut items.
Make sure you adjust the permissions correctly so all users are able to only read the items in the start menu and not write to the start menu.

Monday, July 11, 2011

July 11- day 6 Blog

Blog Day 6 July 11 Active Directory is setup and configured correctly.
To do this required setups on the Server as well as setups on the workstation.
The setup on the server was much more complex, and something that I had newer done.
These were the steps:
1)configure your server to be a part of Active Directory and specifically to be a domain controller.
a)First step is to run DCPROMO from the command line which will launch the Active Directory Domain Services installation screen
we were able to launch from the start/server manager /add roles and selected the 3 AD roles . Installation was successful and we got to the graphic user interface Active Directory Domain Services Installation.
b)Next we were prompted by a screen which warns you that Windows NT4 clients may not be able to authenticate against a Windows Server 2008 domain controller. This is because Windows Server 2008 policy called “Allow cryptography algorithms compatible with Windows NT 4.0″ Click Next
c)Next screen is to select whether we want to add an additional Active Directory server into an existing domain
We added it to the network5769.local domain. This was a tree on the existing forest that Lyle has set up .on the 198.168.181.50 server.
d) the server goes through a checking up for the domain on the forest .
e) Next screen is to select the location of the Database Folder, Log Files folder and the SYSVOL folder
We clicked Next without any changes to the setup
f) Next is to enter the Directory Services Restore Mode password.We put in a new password as it did not like our admin5769 password. It was changed to Admin5769* but then Lyle change it by policy.
g) There was a review screen: summary of all the options that have been selected, we selected next through a variety of setups through 5 screens
The installation was completed and a restart of the server commenced.

2 join a windows 7 client to Active Directory and join both of the windows 7 workstations to the domain.
a)Log into the Windows computer you want to join to the domain. You must be logged into an account with Administrator access.
b)In the Start Menu or Desktop, right-click Computer and select Properties. This will open the System control panel menu.
c)Under Computer name, domain, and workgroup settings, click Change Settings
d) we entered change settings and entered the domain network5769.local

f)You will be prompted for a user name and password. Enter the credentials provided to you by the Campus Active Directory administrators and click OK.
g) a welcome message. Click OK to continue.
h)You will be prompted to restart your computer which we did . We restarted both workstation computers and checked that the domain network5769.local was held.




C) on the windows 2008 server Active directory users and groups
Start/ administrative tools/ Active directory users and computers
to set up the containers and OU's in Active Directory.
create 4 containers in Active Directory that will be located inside our Sandie –John container
right click on the container, new Organizational unit called Computers
repeat this 3 more times with names teachers Student groups
After the containers are created we added pour workstations found in network 5769.local computers folder and dragged them into our Sandie-John Computers folder.
Inside the "Groups" container we create two groups Teachers JS and Students JS

In the students container we created a
user Student J. Lobo un student.lobo pw Admin5769
user student S. Lefebvre un student.lefebvre pw Admin5769

In the teachers container we created a
user teacher J. Lobo un teacher.lobo pw Admin5769
user teacher S. Lefebvre un teacher.lefebvre pw Admin5769

We were not able to log into the accounts from the workstation initially. We were able to login to the network5769\administrator account.
So we went back to the server and deleted the teacher and student users, re-entered them then we were able to log into active directory from a workstation as teacher.lobo and student.lobo and share a file with the shared folder on the JSserver 50.

The last item to do was to research hidden desktop policy settings on server2008, to hide the desktop icons for workstations. We will run these on the win 2008 server on Tuesday July 12

Saturday, July 9, 2011

ed 5769- day 5 July 7

Day 5 Blog July 7
We had a couple housekeeping items to work on before we got to Windows 7 installation on the 2 workstations.
On the windows server 2008 device
1)Server 2008 activation using the MAK protocols ,
MAK - multiple activation key authenticates to the internet once.

Start /right click on computer/properties/windows activation change product key
We then entered the server 2008 product key Lyle gave us, and this registered our machine and we would not loose the installation of server 2008

2) Enable remote desktop services
Start/system properties/remote/select allow connect
On server, command prompt oobe was run.
3) Pointing server 2008 to the correct server in the room for integration with active directory need to have it pointing 192.168.181.50
DHCP services /server options/ general add this dns 192.168.181.50.
This becomes the second DNS address in our protocol ( the first dns address is our local server 192.168.10.50, the second is the Lyles server 192.168.181.50) as well as 142.66.33.100and 142.66.33.101

Installing Windows 7 on the workstation.
This process was fairly straight forward using the Install DVD Lyle had given us. Using the F12 function on the bootup sequence, we booted off the DVD.
The windows DVD ran through its install. We selected English language
When asked what type of install, we choose custom
Installed it in the disc 0 partition, as there was enough room for the 15 GB install , then clicked apply
Then the installation started through the 5 processes 1) copying files, 2) Expanding files 3)Installing features 4) Installing updates 5) completing Installation. These 5 steps only took approximately 15 minutes and went through one restart.
After starting Windows for the first time a screen with user name came up we called it JS-blh00000 , JS stands for john sandie and blh 00000 was a label on the computer
The password screen came up and we gave the password admin5769. This was done for consistency , and benefits later on with active directory install. All the desktops in the class had this password.
I selected use recommended settings in the set up windows for updates
I set up the Mountain standard time, to correlate with the server, and the correct local time
For the computer current location –I selected work.
The computer went through a start up and the home screen came up again
I ran the command prompt- and Ip config . I got an address of 192.168.10.102, which is correct for a dhcp address from our server for a workstation
I opened a browser and the internet was connected.
Start/control panel/system and security/system. We saw the basic information on the computer. At the bottom of this screen was the Windows activation /change product key. This allowed us to put in the windows 7 MAK product key Lyle had provided us. Activation was successful after we put in the code.
We ran the start/all programs /windows update to run any updates. We had to do this 3 times as the computer needed to reboot after downloading and installing the updates. The final update check came with no updates, so we were good to go.
We checked start/control panel/system and security/system/device manager
There were2 items that needed drivers, which were 1) PCI Serial Port and 2) PCI Simple Communications Controller . These were the same drivers as the previous server 2008 install on the Dell Optiplex 755 machines. We went to the Dell support site and selected the Optiplex 755 unit and installed 3 drivers for the chipset even though they were for Vista 32 bit. There were no drivers for Windows 7 for this model of computer. These were executed on the workstations, and then on device manager the errors went away.
We were able to go to start/network and see the 2 workstations and the laptop .We were not able to see the server50 on the network. We were only able to share a file with the server by typing 192.168.10.50 in the dialogue box above the start menu. We had to use the admin 5769 pw and we had access to the shared file from the workstation to the server
We followed some instructions from Lyle to correct DHCP corrections on the server, but still have to find where the problem is on our server services settings with the file sharing.

Thursday, July 7, 2011

ed 5769 summer day 4

Day 4 was the Server 2008 services setup.
Our Windows server 2008 machine was running on the network. It had retained the IP address 192.168.10.50 and today it was connected to the Internet. We used the telnet service, another item needed to be activated on my laptop. This was done by going to Start/Control Panel/programs and features/r side turn on windows features/find telnet and click on it. Once that step was done we were able to log into the alcatel switch.
We were able to confirm the 4 routes for our network by using telnet command show ip route

The first activity was to do the Updates on the server. This took about 30 min and required a restart.
There were 3 updates for drivers on this machine from the device manager. After and searching, the solution was to search the Dell website for the Optiplex 755 machine. Our instructor threw us a bone in the form of” Server 2008 was built on Vista” so if we searched for these drivers, we would be fine. Server 2008 R2 is built on win 7 architecture so we would need different drivers if we would have used server 2008 R2. The 3 drivers for the chipset were what were needed to solve the device manager conflicts: PCI Serial Port, PCI Simple Communications Controller and the SM Bus Controller




The second activity was to set up Server2008 services=roles on the server- File sharing, DNS and DHCP
DNS
Start—>Administrative tools—>Server Manager
Installing the DNS is as simple as checking the DNS Services button.

File sharing 2nd service
My Computer interface. On the c:\ drive we created a new folder and named it shared.
Once this folder was created we right clicked on it and clicked on the Share tab.
Once on this tab, we clicked the Advanced button and then checked off the Full Rights options.
By checking off this option, we have given rights to all network users to read and write to this folder.
The hazard is that they may also delete the contents in this folder. That is a risk we need to take.


DHCP. Dynamic Host Configuration Protocol services was the 3 rd service

We installed the DHCP services on the server 2008 unit by going
Start—>Administrative tools—>Server Manager
Once server manager opens click on Roles from left pane now you need to click on Add Roles from right pane
Here you need to select the DHCP Server and click next
DHCP Server introduction details click next
We used the IPV4 DNS setting
Our parent domain was network5769.local
Our preferred dns was 142.66.33.100
Our DHCP scope staring address is 192.168.10.101
Our DHCP ending address is 192.168.10.253
The subnet is255.255.255.0
The default gateway is 192.168.10.254
We followed the prompts and got the confirmation.
http://www.windowsreference.com/windows-server-2008/how-to-setup-dhcp-server-in-windows-server-2008-step-by-step-guide/ is a good reference with screen shots of this process.
To verify the DHCP from the server we booted the one of the Dell workstations with the Knoppix DVD. This is Linux so once again there was something completely new to me. The machines had to be booted from CD via F12 prompt upon startup. Once it was started up, it picked up an ip address of 192.168.10.101, confirmed by using the ifconfig prompt, so the DHCP was working from the server.
It took a couple tries but the Linux machines were able to log onto the internet by typing in a url. This was done by checking the DNS addresses on the server ,adding 192.168.10.254, the Alcatel switch as the first DNS address, in addition to the 142.66.33.100 and 142.66.33.10. service was working on the We are also able to log into the files on the server as well as other servers in the schools and log on, as we have the correct third octet 192.168.XX.50 for other groups.