Introduction to Win2k server settings

After Windows 2000 is installed and restarted, the system automatically runs the "configure Server" program.

Active Directory Configuration)

The Active Directory is the basis for management. Only after the directory service is configured can the Administrator set and manage accounts and groups.

In the "Windows 2000 Server Configuration" window, click "Active Directory", click "start", start "Active Directory Installation Wizard", and click "Next "; the "Domain Controller type" dialog box appears. Select "New Domain Controller" and click "Next". In the create or add directory forest window, select "create new domain directory Forest ", click "Next"; in the "New Domain's DNS full name" text box, enter the domain name, for example, cqdx.org, and click "Next". Wait for a while, in the "Domain NetBIOS name" text box, enter the recognized domain name, for example, CETC, and click "Next". The "database and log file location" setting box appears. You can set the default path, click "Next", and continue the installation, keep the location of the shared system volume unchanged, and click "Next"; "cannot match 'cqdx. org 'dns server to get in touch with "prompt, click" OK "; select" Yes, install and configure DNS on this computer ", click" Next "; go to DNS "permission" Settings and select "and Win" ", Click" Next ", enter the administrator password for directory service recovery mode, and click" Next ". The summary is displayed. If everything works properly, click "Next". The system will configure Active Directory based on your selection. After several minutes, the installation is complete, and click "restart now" to restart, the active directory is created.

Server downgrade Configuration

After the Active Directory is installed, not only does the Server start and shut down longer, but the system runs slowly, if you have no special requirements for a server or do not use it as a domain controller, you can delete the active directory on the server and downgrade it to an independent server.

The procedure is as follows:

Click Start and run. The run dialog box is displayed. In the open drop-down list box, type dcpromo ", click "OK". The "Active Directory deletion wizard" window is displayed. Click "Next "; in the "delete Active Directory" window, select "this server is the last domain controller in the domain", click "Next"; the "Network creden"" window appears, enter yjq01 in "User Name, enter the password in the "password" text box (the password when creating the Active Directory), enter cqdx.org in the "Domain", and click "Next". The "administrator password" window appears, in the "password" and "Confirm Password" text boxes, enter the password (same as before) and click "Next". The "summary" message appears. If everything works properly, click "Next "; the system will delete the Active Directory based on your selection. After a few minutes, the deletion will end. In the "Complete Active Directory downgrade wizard" window, click "finish ", deletes the Active Directory. restart the computer and delete the Active Directory. Independent server.

Domain Name Server DNS Configuration

Click "start"-> "Administrative Tools"-> "configure Server"-> "networking"-> "DNS"-> "manage" DNS start "DNS" Management Interface

If no active directory is configured, click the extension branch number before "yjq01" and "Forward search area" + ", right-click" Forward search area "and" new area "; in the new region orientation window, click "Next". In the "region type" window, select "Standard main region" and click "Next "; enter "cqdx.org" in "region name" and click "Next". The "region file" window is displayed. Keep the settings unchanged and click "Next "; click "finish" in the "completing new region wizard. Continue with the configuration.

If the Active Directory is configured, click the extension branch number before "yjq01", "Forward search region", and "cqdx.org" + "to expand the sub-directory under" cqdx.org, right-click "cqdx.org" and click the "Create host" command in the pop-up menu. In the displayed "create host" window, enter the host name and IP address, Host Name: www, the IP address is 192.168.0.1 (1 ). Then, click "add host" and add three hosts: FTP, mail, and news. The IP addresses are 192.168.0.1. After the above settings, we have created four hosts with the corresponding domain names:
　
Mail.cqdx.org for internal email systems

News.cqdx.org is used for internal newsgroups.

So far, the DNS "Forward search region" configuration is complete.

Right-click "reverse search region", and then click "new region". In the "welcome to new region wizard" window, click "Next". The "region type" window appears, select "Active Directory Integration Region", click "Next", select "network ID" in the "reverse search region" window, type 192.168.0, and click "Next "; in the "completing the new region wizard" window, click "finish ". At this time, the DNS configuration of the Domain Name Server is complete.

DHCP server configuration(This step can be omitted if the IP address is specified manually on the workstation)

Similar to configuring DNS, open the DHCP server configuration page and click "open" the DHCP Management page appears. Right-click the server name and click "create scope" in the pop-up menu "; in the displayed "New Role wizard", click "Next"; enter a name in "name" of "role domain name", click "Next", and enter the IP address range, for example: 192.168.0.1 -- 192.168.0.254, subnet mask: 255.255.255.0, click "Next"; in "add exclusion", do not enter any information, click "Next"; in "Lease Term, set by default, click "Next", select "yes, I want to configure these options now", click "Next", and on "vro (Default Gateway) "Set the IP address to 192.168.0.1, click" add ", click" Next ", enter" cqdx.org "in" parent domain ", enter" yjq01 "in the server name, and click" resolution ", in "ip address", 192.168.0.1 is displayed. Click "add", and then click "Next". Select "WINS server", enter Server Name: yjq01, click "resolution", in the "ip address" pop-up 192.168.0.1 à "add"-> "Next"; select "yes, I want to activate this scope now "->" Next "->" complete ".

Authorization: Right-click "DHCP" and click "manage authorized servers (M)" in the pop-up menu. The "manage authorized servers" window is displayed, and click "authorize "; in the "DHCP server" window, enter "192.168.0.1" in "name or IP address", and click "OK"-> "close ".

IIS server configuration

IIS is an information service system mainly built on the server side. The server receives and processes the requests sent from the customer, and the client's task is to propose a conversation with the server. Internet/Intranet is only possible for communication and transmission of information between servers and clients. Iis5.0 is integrated in windows, which is the most important web technology in windwos2000 and also makes it a powerful Internet/Intranet web application server.

The specific settings are as follows:

Similar to configuring DNS, open the "configure Server" page, click "Web/Media Server", select "Web server", and click "open" in the right window, the Internet information service window appears. After expanding, you can see the default FTP site and other site information, right-click "Default web site"-> select "properties"-> "main directory" to set the permission to deny permissions, name the internal homepage in defalt.htm, and overwrite it in C:/inetpub/wwwroot/defalt.htm. Select a document card to set the default document order.

Use "Nat" to connect to the Internet

To establish a good connection between the Intranet and the Internet, you can use a variety of solutions. Each method has its own different capabilities and advantages. Therefore, before configuring the connection between the Intranet and the Internet, you must understand the different Internet connection options.

Comparison between NAT and vro

NAT provides great flexibility for the design of internal networks. You can use unregistered IP addresses internally, while a small number of registered IP addresses can be used externally. nat can also provide network security that a router cannot provide. However, compared with vrouters, Nat consumes a lot of CPU time and does not support certain protocols.

Comparison between NAT and proxy servers

Both allow connection to the Internet and restrict access to the internal network. Both allow address conversion to allow clients on the Intranet to use private IP addresses.

The proxy server must be configured as a TCP port. The client must also be configured as a proxy server. The client sends a request to the proxy server, and the Proxy Server delivers the request by providing information from its cache or sending a new information package to retrieve the information.

Nat is transparent to clients and servers.

Comparison between NAT and Internet Connection Sharing

They provide the same capabilities, complex Nat configurations, simple Internet Connection Sharing configurations, and are only used on small networks.

In this example, the Network Address Translation (NAT) soft route provided by Windows is used as a proxy server to allow the entire LAN to share an ISP account to connect to the Internet. This soft route website conversion function is powerful, the configuration process is as follows:

1. Set the network card connected to the Internet

Directly set the real IP address for the network adapter connected to the Internet: for example, 10.150.2.115, The subnet mask is 255.255.255.0, the gateway is 10.150.0.1, and the preferred DNS server is 203.93.111.129.

2. settings of soft routing (NAT)

Click "start", "program", "Administrative Tools", and "Routing and Remote Access"-> the "Routing and Remote Access" window is displayed, right-click "operation ", click "configure and enable Routing and Remote Access" in the pop-up menu"

The "route and Remote Access Server Installation Wizard" window appears. Click "Next". In the "public settings" window, select "Internet connection server ", click "Next" à select "vrouters with Network Address Translation (NAT) routing protocols ", click "Next", select "Use selected Internet connection" in the "Internet connection" window, and select an Internet connection Nic in the window, such as IP address 10.150.2.115, click "Next" to complete ". Now the NAT settings are complete.

Create a shared directory for domain user names

After you have configured an Active Directory and specified a subdomain, you can use the "Active Directory users and computers" management tool provided in "Windows 2000 Server" to manage users and computers on the network. In this example, set a user name for each workstation, such as jsjx (Computer System) and dzj (electronic system), and create a directory on the server, for example, C:/data, share the Directory and set the permission to "read" for each user. Create a shared directory for each user, for example, jsjx (Computer System) the directory is C:/data/jsjx. each user has the "read" permission on it, and the jsjx user has the "full control" permission on it. Some open files (such as teaching plans and courseware) are stored in this directory to facilitate information exchange between offices. For some files to be encrypted (such: exam, internal financial data, trade secrets, etc.), you can create another directory for such users, set the permissions of each user according to the situation. This ensures information security and facilitates file sharing. Other types of management systems can be set as needed.

Workstation installation and Setup

1. Installation of common office software

Install Windows 98 Simplified Chinese version 2 on the workstation, and install Office2000, Foxpro 6.0, and specialized software for each department.

2. Network Settings

Bind the TCP/IP protocol to the NIC and set its properties. Right-click "Network Neighbor" desktop icon-> select "properties"-> the "network" window appears. In this window, set the primary logon mode to "Microsoft network user" on the "configuration" card ", in the network logon option, select "log on and recover network connection", set the IP address of the network adapter TCP/IP to 192.168.0.n, subnet mask: 255.255.255.0, and gateway to 192.168.0.1, the DNS server search sequence is 192.168.0.1 and host: host.

Test network functions

After the above installation settings, all functions must be tested before they can be used. The main test includes the following aspects:

1. Transfer and processing of internal files

Log on to the user-end workstation and check whether the user's permissions on the shared directories are correct and whether the files are transmitted correctly.

2. Test the intranet function

You can log on to the server on any network workstation, open the IE 5 browser, and enter the server domain name in the address bar.

3. Internet connection test

Open the Administrator and connect to the Internet through DDN. log on to a workstation and enter an Internet website to check whether the connection is successful.

Conclusion

The local area network established in this instance can basically implement the above functions. However, the establishment of the network is only the basis of the application, network-based database development, connection to production information, and the organic combination of management software, in order to truly play a huge role in the network.

============================================

Appendix: Win2000 Server Configuration Guide (40 chapters in total) chm format document

[B] ** click to download (chm format) ** [/B]

From: http://www.windsn.com/blog/blogview.asp? Logid = 126