Local Area Networks (LAN’s) Local area networks are computers connected together in a single location. They vary in size from two computers connected together to share a printer, to hundreds of computers connected over several floors of a building. With LANs, the computers will usually be connected using some form of cable (or wireless) and all the components of the LAN will be owned locally. Any device connected to the network is called a Node. (computer, printer etc.) There are two LAN models in common use in both business and schools. These are:

• Peer networks are organised as workgroups. Workgroup members simply share their resources with their peers. Share level access applies in that the user who shares a resource can apply a password to it and any other member of the workgroup must supply the password to access the resource. There is no central log in or central security.

• Client-server networks use dedicated servers to control log in and access to resources. User level access applies here. Every user has a user account and must supply a username and password to access the network. Permissions are applied to user accounts and these control access to resources.

Peer Networks To peer network two computers, the computers must have network adaptors (cards) fitted. These are responsible for sending and receiving the data over the network. They are fitted as standard to newer computers but may need to be fitted to older computers. Once the hardware is in place, the software must be configured to allow networking. Windows XP has built in network capability for peer networking and client server networking.

In order for communication to take place between computers, a set of rules must be set up to control the process. These rules include:

• What voltages will represent the binary zeros and ones used to transmit data • How much data can be sent at a time • How will communication errors be handled • How will data be routed between networks etc.

The software used to control these criteria is called a protocol suite. The protocol suite used almost universally for network and Internet communication is called TCP/IP (transmission control protocol/Interned protocol). To use this protocol, a number of settings must be configured at each computer.

Peer Task 1 - Peer Network Two Windows XP Professional Computers Setting Protocol Information:

• Open the control panel by clicking Start and then Control Panel

• Choose Network and Internet Connections from the categories.

• Click Network Connections

• Double-click Local Area Connection

• Click the Properties button in the Local Area Connection Status window

• Double-click the Internet Protocol entry The Internet Protocol Properties window opens. Click the use the following IP address button There are five fields in the dialog box. They are:

• IP address - this is the computer address and should be different for each computer. Use 192.168.1.1 as the first address. Advance the final number for subsequent computers - 192.168.1.2, 192.168.1.3, 192.168.1.4 etc

• Subnet mask - This is the network address and should be the same for all the computers on the network. Use 255.255.255.0 as the subnet mask.

• Default gateway - this is the IP address of the router used for Internet access. In the example above, it is set to 192.168.1.254. this is the standard IP address for Eircom. Other ISP’s have their own.

• DNS servers - these are computers on the network or the Internet that operate as directories for web addresses. The IP addresses are above are for Eircom’s DNS servers. Other ISP’s have their own.

Note: If no Internet access were required, only the IP address and the Subnet mask would be required.

All computers on a peer network must have a unique computer name and the same workgroup name.

Setting Computer Identification:

• Click Start and All Programs • Right-click My Computer and choose Properties

The System Properties window opens:

• Choose the Computer Name tab and click the Change button. The Computer Name Changes dialog box opens

• Enter a unique and descriptive name into the Computer Name field • Name the workgroup by entering a mane in the Workgroup field. Click OK

• The welcome to the workgroup box appears. Click OK

• The computer must be restarted to complete the process. Click OK

• Click Yes to restart the computer The identification information for the first computer is now set. The procedure must be repeated for the second computer ensuring the computer name is unique and the workgroup is the same.

Checking the Network Log on to both computers.

• Click Start and My Network Places

• Click View workgroup computers The two computers are shown in the School workgroup The two computers are networked.

Peer Task 2 - Create User Accounts In a peer network, account management must take place at individual computers as there is no server to control accounts. This can be achieved by:

• Using generic accounts - one account per class or a single account to cover all students using the network

• Individual accounts - one account for each student. This would be almost impossible to administer on a peer network as you would have to designate particular computers to students or have all accounts on all computers.

The control panel has a category called user accounts. This is intended for home users and does not offer enough control over account creation. The account creation applet is accessed by:

• Click Start and Control Panel • Click the Performance and Maintenance category • Click Administrative Tools

• Double-click Computer Management

• Click the + sign to the left of Local Users and Groups and click Users

To create an account

• From the Action menu, choose New User. The new user dialog box opens

• Enter the account details as below and click Create. Continue until the required accounts are created and click Close to finish

Note: the password options available are:

• User must change password at next login - if you are creating individual accounts, a generic password such as school is entered here and the student is forced to change the password at first login

• User cannot change password - user cannot change the password • Password never expires - passwords usually have a duration in days • Account is disabled - user has no access to the network

The account is created

Peer Task 3 - Create a Group A group is an administrative unit made up of users who use similar network resources such as folders, printers etc . Resources shared with a group are available equally to all the members of the group. In Windows XP, there are a number of built in group types which are used to determine the amount of access a user has to system resources:

• Users - all user accounts created are automatically members of the users group. This is the lowest level of access and members of this group can use installed software but cannot install software themselves.

• Administrators - administrators have full control over the computer system. They can install software and hardware, create users and groups, change passwords etc. and access all the files and folders on the computer.

There are other group types built in but these are for special functions such as backing up the computer. One group called Guests should be disabled as they would allow access to people with no other account. To Create a Group Using the procedures outlined in Task 2, create five user accounts: michaelmurphy, jeanobrien, helenmccabe, tonywhite and hughmoran. Set the password on each account to school and to never expire.

• Open the Computer Management window by clicking Start, Control Panel, Performance and Maintenance, Administrative Tools and Computer Management

• Click the + sign to the left of Local Users and Groups and click Groups The built in groups are displayed in the right pane.

• From the Action menu, choose New Group. The new group window opens

• Type in the Group name (F1 Project) and click the Add button to select the users

• Click the Advanced button in the Select Users window

• Click the Find Now button in the next window. With the Ctrl button pressed, select the users with the exception of Tony White. Click OK

• The select users window shows the users selected. Click OK

• The group is now complete. Click Create and then Close to finish The new group appears in the groups Computer Management window

Peer Task 4 - Sharing a Folder In order to have control of who can access a folder in Windows XP, a once off change must be made to the system settings:

• Open My Computer. From the Tools menu, choose Folder Options • Click the View tab and scroll down in the Advanced Settings area • Un-tick the Use simple file sharing box • Click OK. Full sharing options are now available

Create and Share a Folder

• Open My Computer and the C: Drive • Create a New Folder called F1 Project • Right-click the folder and choose Sharing and Security

• Click the Sharing tab and tick the Share this folder radio button. The folder name is automatically entered

• Click the Security tab and the Advanced button. The current sharing must be changed

• Un-tick the inherit from parent box

• Click the Remove button to remove the current users from the share

• Click the Add button • Click the Advanced button followed by the Find Now button in the next window • Select the F1 Project Group and click OK

• Click OK in the select Users or Group window

• Tick Full Control to give the group full control over the folder

• Add the Administrator with Full Control in the same manner • Click Apply and OK to complete the share

To test the share:

• Log on using a group member account and access the folder. Access is allowed

• Log on using the tonywhite account and access the folder. Access is denied

Client-server Task 1 - Connect a Client Computer In a client-server network, the server is responsible for the network security and for the sharing of folders etc. In peer networking, the computers became part of a Workgroup, while in client-server networking, they become part of a Domain. A domain uses a system called DHCP (Domain Host Control Protocol) to issue IP Addresses to client computers. This means that no IP configuration is necessary when connecting client computers to a domain. Domain and server name

• Log onto the Windows 2003 Server and click the Start button • Right-click My Computer and choose Properties • Choose the Computer Name tab to see the domain and server names

This information is required to connect a client computer to the domain

• Log on to a Windows XP Professional computer as Administrator • Click the Start button and choose Run • Type command into the box and click OK

• Type ipconfig/all into the box and press the return key on the keyboard. The IP Address information is shown as supplied by the server

• Close the window and click the Start button • Right-click My Computer and choose Properties • Select the Computer Name tab and click the Change button

• Enter the computer name and set the domain to t4.local. Click OK

• Enter the Administrator User Name and the Administrator Password (school) • Click OK

• The domain is joined. The computer must be restarted to complete the process

• Click OK in each of the resulting window and the computer restarts • Log on to the computer as shown below. It may be necessary to click the Options

button to reveal the Log on to field

• On the Server, open Active Directory (shortcut on the desktop). • Click Computers in the left pane and the client can be seen in the right pane

The client is connected to the domain

Client-server Task 2 - Creating an Organisational Unit Active directory is used to create Organisational Units, User Accounts, Groups and Shared Folders in a Windows server domain. To start active directory:

• Click Start, All Programs, Administrative Tools and Active Directory users and Computers

The Active Directory window operates in the same way as Windows Explorer. A folder clicked in the left pane shows it’s contents in the right pane. Organisational Units Organisational units are containers. They can be used to hold users, groups or computers. In the active directory shown above, the folders in the left pane are OU’s. The Computers OH holds the computers connected to the domain while the Users OU holds the users with accounts on the domain.

New OU’s can be added to suit the needs of the domain administration. To create an OU:

• Right-click the root domain (t4.local) in the left pane and choose New and Organisational Unit

• Type the name of the OU (T4 Students) in the field provided and click OK The OU is created and appears in the left pane. Organisational Units can be created inside each other to create a structure for holding user accounts etc.

Client-server Task 3 - Creating User Accounts User accounts are created in organisational Units:

• Open Active Directory • Right-click the T4 Students OU and choose New and User

• Type in the details as shown below and click Next

• Enter the Password (school) and click Next. The generic password would be changed at first log on to a password of the users choosing

• Click Next and Finish. The account is created in the T4Students OU The procedure is repeated for any other accounts required Account Properties The account properties allow changes to be made in the way the account operates. To open account properties:

• Select the User and click the Properties Icon as shown above

• A number of tabs are available. The one required here is the Account tab. Two buttons are available on the tab

• Click the Logon Hours button. The hours in which the account will operate can be controlled here.

• Select the hours to be denied and click the Logon Denied radio button. Repeat until the required hours are denied and click OK to complete

• Click the Log On To button and type in the Client PC names as shown below. Click Add after entering each name. Click OK when finished

The user account is only valid on these computers and an attempt to log onto any other computer will be denied. Note: Create further user accounts in the T4 Students OU for jeanobrien, helenmccabe, tonywhite and hughmoran

Client-server Task 4 - Creating a Group

• Open Active Directory • Right-click the T4 Students OU and choose New and Group

• Add the Group name (F1 Project) and click OK The group appears in the T4 Students OU Adding Members

• Right-click the group and choose Properties • Click the Members tab • Click the Add button

The Select Users window appears

• Click the Advanced button to expand the window

• Click the Find Now button

Select the users by holding down the Ctrl key and clicking the users in turn

• Click the OK button Click OK to return to the F1 Students Properties box. Click OK. The group is now complete. Members can be added or removed from the group at any stage.

Client-server Task 5 - Creating Home Folders It’s a good idea for users to have their own home folder to store their data files. These folders are created on the server for central administration and provide a secure location for their files. Only the particular user and the administrator should have access rights to the user’s folder. Home folders should be held in a folder called Homefolders on a dedicated partition of their own on the server. Create the Homefolders Folder

• On the chosen partition, create a new folder and call it Homefolders • Right-click the folder and choose Sharing and Security

Note: When sharing a folder on server, two entities are created, the share and the folder.

Share permissions - These effect only people who are trying to access something over a network. Share permissions control access to the share as shown below left.

Security (NTFS) permissions affect access from over the network and from the local machine. Security permissions control access to the actual folder as shown above right.

When accessing folders over a network, both types of permissions are in effect, and the most restrictive gets applied. The most common way to manage permissions is to always leave the sharing permissions set to Everyone with Full Control, and restrict permissions to the actual folders using the NTFS (the security tab) security. This was the default security arrangement in Windows 2000 Server and was changed in Windows 2003 Server.

• Click the Share this folder radio button • Click the Sharing tab and click the Permissions button. • Tick the Full Control box and click OK.

The Share Permission is now set. The Security Permissions must now be set to restrict access to the folder. This folder must be accessed by everyone as there own personal folders will be inside.

• Click the Security tab and click the Add button

• Click the Advanced button in the Select Computer, User window. The window expands.

• Click the Remove button

• Click the Add button • Click the Advanced button in the next window • Click the Find Now button in the expanded window • Select the Everyone group

• Click OK • Click OK in the next window • Tick the Full Control box and click OK

• Click OK in the next box • Click Apply and OK to complete the process • The folder is now shared

Create a Home folder for a User

• Open Active Directory Users and Computers • Choose the required user account • Right-click the account name and choose Properties. • Click the Profile tab. • Choose H: (for home folder) from the drop down list in the connect field. • Type the UNC in the To: field to point to the users home folder. Click OK.

• The Homefolder for the account is automatically created. Note: UNC (universal naming convention) is used to point to the folder. In UNC, \\ implies a server. If our server is called 2003Server, the UNC would be:

\\2003server\homefolders\murphy_michael Broken down, this means:

• \\server The double backslash implies a server and 2003server is the name of the server.

• \homefolders The name of the folder containing the home folders • \michaelmurphy The name of the folder to be automatically created

Share the Folder

• Right-click the folder and choose Sharing • Click the Share this folder radio button. The share name in entered automatically.

• Click the Security tab at the top of the Properties window. • Click the Advanced button

• Remove the tick from the inheritable permissions box.

• Click the Remove button, and click OK in the resulting window. The folder is automatically shared with the account holder and the administrator.

When the user logs on to a client computer, he will have a Home Folder in the My Computer window. Files and folders saved to this folder are actually saved top the server and once the user logs off, they are safe from other users. The administrator can also view and collect any data required from the home folders for the Exam Commission etc.