Getting a company to setup and install your network will always be easier than planning and deploying your own network solution, but if you have the time and are willing to learn then you can save your school some money. This guide will attempt to help you to setup a Windows Server 2003 Domain for your school network.
Before we start on the installation, there are some things that we need to do first. It is the all important planning stage which will help considerably with the installation of the new server.
- Server Class hardware such as Dell Power-Edge servers or HP Servers (although you could use a standard desktop computer with a big hard drive – not recommended)
- Network Switch and Cat5 Network Cables
- Internet Connection
- Windows Server 2003 R2 Standard Edition
- Drivers for Server Hardware (Network, Video, SCSI, Raid and Chipset)
- Client Access License for workstations
- Layout of how files will be stored on the Server hard disk
- Network IP Address information (Gateway, Subnet, IP for new server)
- New Domain Name (i.e. schooltech.local)
- Short NetBIOS Domain Name (i.e. SCHOOLTECH)
- Password for your Administrator Account
Whilst the above list is not comprehensive, it gives us a fairly good platform to enable us to build our new server. One of the mistakes that many schools often make is to use the Internet Domain name that is used for the schools website and email. Whilst it is not a generally a problem to use the schools Internet Domain name, it is often easier to have a shortened name for your internal network. For example if your school internet domain name was southpark-community.authority.sch.uk, then you could use southpark.local for your internal network name. You can always add the full domain name to the Active Directory for use with Exchange Mail servers at a later date.
The short NetBIOS name although very much a legacy from the old Windows NT domain days, is still required. There is a restriction of the number of letters that can be used. Where possible try to match the NetBIOS name with the internal domain name. So in the example I have used earlier, you could choose SOUTHPARK as the NetBIOS name.
Another common mistake that people make when installing a new Server is to use the entire disk as one big drive. If you have only one partition on your server, then you will find it a lot harder to implement Disk Quotas. Also securing files will also be harder. You will also not be able to take advantage of Workstation Deployment technologies for building workstations. I would recommend that a minimum of 3 partitions are used on the Server.
If you don’t have any other type of Network in the school, it would make a whole lot of sense to work out what you are going to do with your IP addresses. More small schools will usually have an IP subnet that allows for 253 possible computers on the network. You could divide the network up into chunks to help make the management of IP addresses simplier to manage at a later date. For example;
- 192.168.0.1 to 192.168.0.10 – Servers
- 192.168.0.11 to 192.168.0.29 – Network Printers
- 192.168.0.30 to 192.168.0.49 – Machines that need Manual IP Addresses
- 192.168.0.50 to 192.168.0.200 – Normal Network Workstations (DHCP – covered later)
- 192.168.0.201 to 192.168.0.253 – Reserved for future use
- 192.168.0.254 – Internet Gateway/Router
Before you start building your new network using real hardware, I would recommend that you first practice building your new network in a test environment. You can use the Microsoft Virtual PC 2007 to emulate a Server. You can install the Server environment as many times as you like, so that you build up your confidence.
You can download the Microsoft Virtual PC for Free from the www.microsoft.com/downloads centre.
Off We Go
For the purposes of this Guide, I will be using Virtual PC software and ISO CD images for setting up my Windows Server 2003 Network environment.
I have used a Network Planning sheet to record all of the information that I am going to use for setting up my new Server.
Set your Server to boot from the CD-ROM drive, this will start the Windows Server 2003 installation routine. In most cases Windows Server 2003 is able to detect quite a bit of the hardware that might be in your computer. However if your Server has specialist RAID or other hardware, you might need to use the Press F6 to add additional hardware when prompted on the blue setup screens. You will need to have drivers available on Floppy disk if this is the case.
When the above screen is displayed, press ENTER to continue the setup of Windows Server 2003. The next screen will display the license agreement; you can press F8 if you agree to the license.
If the computer has not been used before, the setup will prompt which hard disk to install Windows Server 2003 on. If there are no hard disks found, then you will require a driver for your hardware.
At this stage, do not allow the setup to use up all of the disk space. Instead use the C option to create a new partition that is somewhere between 20 and 30Gb in size. This will be plenty of space for the installation of the server. If you have a large RAID array, then 20-30% of the available space might be more suitable to use.
For this demonstration system I am going to use 20GB for my first partition (C:). Press Enter to set up Windows on the new partition.
As the partition is new, it will require formatting. It is generally a good idea to format the partition using NTFS. Avoid using the Quick partition, as this will only create headers on the disk and not check the surface condition of the disk – which could result in data loss.
For speed, I have used the Quick format. When you press Enter, Set up will format the drive and then begin the next phase of the installation.
Some setup files are copied to the Server hard drive, once the copying is complete the server will reboot automatically. Leave the CD-ROM in the drive, Windows will need that later on.
Windows will begin the next phase of the installation; this will have a graphical front end, similar to Windows XP setup.
When ready, the Windows Server 2003 setup will prompt for information to continue the setup. You will need to setup your Regional Location and Keyboard layouts. The default will be a US layout, I don’t know why it should be any different from a UK layout, after all the S and Z keys are in the same place on a qwerty keyboard, and not swapped around because of American spellings.
There are 4 locations where you need to set United Kingdom, or to your own country. I would also make sure that you remove the United States where ever you see it. Sometimes you will need to click apply before you can remove the entry.
Enter your Windows Server 2003 product key. Without a product key you will be unable to install Server 2003.
Select the licensing model that you wish to use. Most schools will use the Per Device/Per User model, as each computer that connects to the server will have many users. Read the various documents on the Microsoft Website about licensing before you commit to your choice of licensing.
Give your new server a name. I have chosen SERVER-01, this allows an easy numbering scheme that also allows for additional servers at a later date. Type in a password that is going to be used for your Administrator account. You need to choose a password that has at least one Capital letter, lowercase letters, a number of a special character.
Set the Time zone to your location. Windows will then go on to setup the Networking.
If you already know the network settings, then use the Custom Settings. If you want to just get on and install Windows, then choose Typical. You can set things like the IP address at a later time.
I have chosen to Custom setup the network. This allows me to specify an IP address, or to load additional protocols for the network.
I have setup the TCP/IP stack with basic information. Notice that I have chosen to use a DNS server that is already on my network for the time being. Change this to be the DNS server of your Internet Service Provider.
Later on we shall be setting up DNS on the server itself and updating the TCP/IP settings to reflect that. Using the ISP DNS server will allow Windows Update to update the server before we start configuring it.
You can leave the Workgroup as the default setting. We shall be creating the domain environment later on.
At the end of the Installation, Setup will restart the computer.
Log onto the server using your Administrator username with the password you set earlier.
If you have used the R2 version of Windows Server 2003, then insert CD 2 into the drive and click OK.
Assuming that Windows Server 2003 has recognised your network card, it is advisable to Update the server as soon as possible, this will provide the server with all of the latest hotfixes and security patches.
If your ISP does not provide a direct route to the internet, then you can configure the Internet Explorer Proxy settings by using the Control Panel Applet for Internet Explorer. Configure the Internet Proxy in the same way as you would for a Windows XP machine.
Internet Explorer on Server 2003 is automatically protected by Enhanced Security configuration. I shall cover switching off the Enhanced Security later on.
Install the Windows Update control to allow Windows Update to update the computer successfully. Install all of the available Windows updates. Then configure the Automatic Windows update according to your preferences. I would normally set the automatic updates to Download Only and install the updates at a time of my choosing.
After the Windows Updates have been installed. Allow the server to reboot, to complete the installation of the updates.
Before configuring the server any further, you will need to resolve driver issues. Right click on My Computer in the Start Menu and choose the Manage option.
This will display the Computer Management Console. Expand Device manager to see a list of hardware that has not been recognised by Windows Server 2003. Install the relevant hardware by using the Driver disk that came with your Server Hardware. If you are testing on a Virtual PC, use the Virtual PC additions software to install the missing hardware.
Configuring the Active Directory Domain
Before we start setting up the new Active Directory Domain, we need to make a correction to the Network Card TCP/IP settings.
Click on the Start Menu and Choose Control Panel, Expand the Network Connections and right click on your network card. Choose Properties from the pop-up list.
Set the Preferred DNS Server to the same IP address as the Server has. Close the Network Card Properties.
Close the Manage Your Server screen. We are going to setup the new domain and the relevant roles manually.
Type DCPROMO into the Run command dialog box, which you can find by using Start > Run.
The Active Directory Installation Wizard will now begin. Click Next at the first and Second pages of the Wizard. Ensure that the option for “Domain Controller for a new Domain” is selected, then click Next. The choose Domain in a New Forest, then click Next.
Type in the full DNS for your new Domain. Remember that it is recommend not to use your schools internet domain name. Choose something that is shorter. I have chosen Schooltech.local. Click Next to move onto the next page.
The DCpromo tool will automatically search the network for a NetBIOS name, if one does not already exist, then it will automatically select a NetBIOS name based upon your full DNS name for your network. Click Next to move onto the next Page.
Select folders for the Database and Log folders. Leave these set as the default, as there is not going to be any performance gained by putting them on another disk. Click Next to move on.
Select a SYSVOL folder, again leave this as the default, then click Next to move on.
DCPromo will detect that it has not been able to register the new DNS name against any DNS servers. Choose the option to Install and Configure the DNS server on the new server. This will save you a lot of hassle having to configure things manually. Click Next to move on.
On the permissions page, leave the default and click Next.
At the Active Directory Restore Password, enter a password that might be used, in the event that a low level restoration of the server is required. It is recommended that the password is recorded and put into the school safe in the event of an emergency. NOTE: it is possible to reset the Restore mode password once Active Directory has been installed. There is more information on the Microsoft website about doing this.
Click Next at the Summary button, to begin the creation of Active Directory.
The server will take upto 10 minutes to build and configure a new Active Directory database and configure the server to run as a Domain Controller. During this time, Windows may require the Windows Server 2003 CD-ROM to complete the installation of relevant services.
When the installation is complete, click the Finish button and choose to restart the server.
When the Server has rebooted, you will notice that a new Log on to option is listed on the log on to Windows dialog box.
Final Setup and Configuration
Now that the server has been setup, there are a few configuration changes that we need to make to the server. By default the Manage Your Server screen will appear each time you logon to the server. You can switch this off, by ticking a box at the bottom of the page.
From the Start Menu, choose Administrative Tools, then DNS
DNS is the most important part of your new Windows Server 2003, without it you will not be able to use tools like Group Policy correctly. You will also experience problems with workstations connecting and logging into the Domain.
In order for other workstations to be able to resolve names on the Internet, we need to tell the Local Server DNS about other DNS servers that are located on the Internet. By default Server 2003 will already know about the main Internet Root DNS servers. These servers maintain records about every internet domain name. However access to these servers may be slow, as the whole world might rely on these servers. Configuring to use your ISP DNS servers may offer enhanced name resolution, or may be the only method to resolve external internet addresses.
Right click on the Server listed underneath the DNS branch, choose properties, then click the forwarders tab.
Enter the DNS server IP address of your ISP and click OK to save.
You can test that DNS is correctly resolving internet domains by using NSLOOKUP at the Command Prompt.
You have now successfully configured your new Windows Server 2003 machine with an Active Directory domain. You can now start to add additional services to the Server such as DHCP to allocate IP Addresses to workstations. You can create folders and share them with other computers on the network. You can also create new user accounts and groups.
For more articles about configuring your new Windows Server 2003 Server and Adding additional functionality see http://www.schooltechnician.co.uk/knowledge_base/windows_server/index.html