Ralph_SAMReviewer.pdf
Document Details
Uploaded by TruthfulPanda
Tags
Full Transcript
System Administration and Maintenance 13.Configure and maintain business applications – web agents System administration – e-mail - refers to the management of one or more...
System Administration and Maintenance 13.Configure and maintain business applications – web agents System administration – e-mail - refers to the management of one or more – calendar software hardware and software systems. – order/problem tracking software System administrator 14.Install/configure/manage e-mail software - monitors system health, monitors – mail transfer agents. - and allocates system resources like disk – mail readers. space, performs backups, provides user access, 15.Configure and manage system security - manages user accounts, monitors system – security for business applications, security – read security mailing lists and CERT notifications, – install/configure "firewall" software to limit intruder What does system administrator do? access, 1. Plan and manage the machine room – collect evidence in case of successful intrusion and environment clean up after intrusion – design machine room; specify cooling, cabling, power 16.Configure and maintain connectivity between connections, and hosts environmental controls (fire – monitor connectivity alarm, security) – troubleshoot connectivity problems – investigate complaints of poor response 2. Install and maintain operating system software, application software, and 17.Configure and maintain system backups, patches. – determine backup strategy and policies, and – configure backup software 3. Determine hardware and software pre- – perform backups requisites, which patches to install, which services to – monitor backup logs provide, and which services to disable. – check backup integrity – determine disaster survival plans 4. Schedule downtime to perform upgrades/patches, – perform restores and test devices and schedule downtime to manage devices. 18.Troubleshoot and repair system problems; and determine, locate, and 5. Install and maintain user accounts; develop repair/replace problem components acceptable use policy and login-name policy; determine password change policies; 19.Document the system, and develop and maintain install/configure/manage name documentation on local setup services; and manage licenses. and local policies 6. Determine disk quota, police/manage disk space, Lesson 2: Operating System Concepts and monitor log files. Components of Modern OS 7. Train users on software and security. 1. Process Management 8. Ensure that users have access to documentation. - Operating System must ensure that each running application (process) is treated fairly 9. Help users and provide help-desk support and in terms of processor time allocated in a problem tracking system to answer Multi- user questions. Tasking environment - The processor is maximally and e iciently 10.Configure network services: utilized. – printing, file sharing, name service. – determine file sharing needs and printing policies. 2. Storage Management – manage security for shared resources. - Disk storage is only one of the memory types that must be managed by the operating 11.Install/maintain system devices, system, and is the slowest. hardware/drivers; specify supported devices; - The operating system must balance the determine spares practices. needs of the various processes with the availability of the di erent types of memory, 12.Install/configure/manage web servers, configure moving data in blocks (called pages) between web access agents available memory as the schedule of processes dictates. 3. Device Management e. Error Detection - Managing input and output is largely a matter -OS needs to be constantly aware of possible of managing queues and bu ers, special errors storage facilities that take a stream of bits May occur in the CPU and memory from a device especially important when a hardware, in I/O devices, in user program number of processes are running For each type of error, OS should take the and taking up processor time appropriate action to ensure correct and consistent computing 4. Memory Management Debugging facilities can greatly enhance the - When an operating system manages the user’s and programmer’s abilities to computer's memory, there are two broad e iciently use the system tasks to be accomplished: - Each process must have enough memory in f. Accounting- To keep track of which users use which to execute, and it can neither run into how much and what kinds of computer the memory space of another process nor be resources run into by another process. - The di erent types of memory in the system g. Protection and Security must be used properly so that each process can run most e ectively. Protection involves ensuring that all access to system resources is controlled 5. File Management - A method for storing and organizing computer Security of the system from outsiders requires user files and the data they contain to make it easy authentication, extends to defending external I/O to find and access them. devices from invalid access attempts. - File systems uses data storage device such as a hard disk or CD-ROM, flash drives and OS Structures involve maintaining the physical location of the files 1. Monolithic - primitive form of the OS. 6. User Interface - no structure and is being characterized by a - interface is a set of commands or menus collection of procedures that can call any through which a user communicates with a other procedure program. - uses a single binary image to provide the - otherwise regarded as the resource management and hardware interface functions of the core layer. “shell” - used to indirectly issue commands which are the handed on to the kernel 2. Layered - OS as a hierarchy of layers -- one above the - one of the most important parts of any other. program - determines how easily you can make the Micro-Kernel program do what you want. - uses a very small task management - Command-driven or Graphical User component and a suite of modules for all other resource management functions. Operating System Services a. Program Execution- system must be able to 3. Virtual Machine load a program into memory and to run that - takes the layered approach to its logical program, end execution, either normally or conclusion. abnormally - It treats hardware and the operating system kernel b. Resource Allocation- When multiple users or - provides an interface identical to the multiple jobs running concurrently, resources underlying bare hardware must be allocated to each of them c. I/O Manipulation - A running program may require I/O, which may involve a file or an I/O device. d. Communication- Processes may exchange information, on the same computer or between computers over a network Linux 10. Linspire, a commercial desktop distribution - a Unix-like computer operating system. based on Debian, and once the defendant in the - one of the most prominent examples of free Microsoft vs. Lindows lawsuit over its former name. software and open source development; - Linux kernel was first released to the public 11. Fedora is an RPM-based, general purpose on 17 September 1991, collection of software, including an operating system based on the Linux Open source software kernel - computer software whose source code is available under a license (or arrangement A typical general purpose distribution includes the such as the public domain) that permits users following: to use, change, and improve the software, a. boot loader: piece of software that can be MINIX - a Unix-like system intended for academic loaded by the system's firmware (bios in the use, was released by Andrew S. case of a PC) Tanenbaum in 1987. b. Linux kernel: core or heart of the operating Linux Distribution system. - a member of the Linux family of Unix-like operating systems comprising the Linux c. Boot scripts: administration tools, usually kernel considered part of the operating system. 1. Debian, a non-commercial distribution d. GNU C Library: development tools, used to maintained by a volunteer developer community with assist or develop applications. a strong commitment to free software Principles e. GNU bash shell: The shells and graphic systems, used for interacting with the user. 2. Slackware, one of the first Linux distributions, founded in 1993, and since then actively maintained Five Reasons Linux Beats Windows for Servers by Patrick J. Volkerding 1. Stability 3. Ubuntu, a newly popular desktop distribution 2. Security maintained by Canonical that is derived from Debian 3. Hardware 4. TCO – Total Cost of Ownership 4. Red Hat, maintained by the American company of 5. Freedom the same name, which also provides a community version in the form of Fedora Commands for traversal of the file tree: cd / chdir Change Directory 5. CentOS, a distribution derived from the same pwd Show current location sources used by Red Hat, maintained by a dedicated ls / dir List the files and directories volunteer community of developers with both 100% Red Hat - compatible versions and an Power Tools upgraded version that is not always 100% upstream compatible. (a) pipes - allow you to “pipe” the output of one command into another command as 6. Mandriva, a Red Hat derivative popular in France input. and Brazil, today (b) ps (task manager) – allows you to view the system maintained by the French company of the same process table. The ps command di ers a bit among name UNIX variants. The two major divisions are the BSD-style and the System V-style. 7. openSUSE, originally derived from Slackware with (c) more/less – pagination commands that allow you the system management software borrowed from to view files one page at a time. Red Hat, maintained by the (d) grep – Get Regular Expression – find a pattern in company Novell a file. (e) tar – create a tape archive of files. 8. Gentoo, a distribution targeted at power users, (f) find – locate files by name, or file characteristics, known for its FreeBSD Ports-like automated system or locate strings in files. for compiling applications from source (g) perl – a very powerful interpreted scripting code language. (h) cygwin – a UNIX shell and utilities for use on 9. Knoppix, a LiveCD distribution that runs Windows systems. completely from removable media and without installation to a hard disk General-purpose GUI Tools e. List Servers- manage mailing lists, whether 1. Email they be interactive discussions open to the 2. Web Browsers public or one-way lists that deliver 3. Virtual Terminal announcements 4. O ice Tools f. Mail Servers- move and store mail over corporate networks (via LANs and WANs) g. Proxy Servers- sit between a client program Overview of Servers (typically a Web browser) and an external server (typically another server on the Web) to - Server: a powerful computer that provides filter requests, various shared resources to workstations and h. Real-Time Communication Servers- other servers on a network. known as chat servers or IRC Servers, and still sometimes referred to as instant - Workstation: any computer used by an messaging (IM) servers individual person to perform his or her job duties i. Server Platforms- a platform is the underlying hardware or software for a system Types of server hardware and is thus the engine that drives the server. a. Tower servers j. Telnet Servers- enables users to log on to a - resides in an upright, standalone cabinet, host computer and perform tasks as if they’re resembling a tower-style PC. working on the remote computer - easier cooling k. Web Servers- loading a file from a - comparatively inexpensive disk and serving it across the network to a user’s Web browser. b. Rack servers l. Exchange Server- deliver the enterprise- - designed to be mounted on a server rack in a grade security and reliability that businesses data center. require, - take up less space than a tower server. m. Lync Server- an enterprise real-time communications server software, providing c. Blade servers the infrastructure for enterprise instant - compact device that houses multiple thin, messaging, modular circuit boards called server blades. n. SQL Server- a relational database - segregates processors, memory, I/O, disk, management system (RDBMS) from Microsoft power that’s designed for the enterprise - greater processing density than other server environment. types, d. Hyper-converged infrastructure (HCI) Redundant Array of Independent Disks - provide a simpler alternative to traditional IT (RAID) infrastructure, pulling together compute - a collection of hard drives, one or more power, storage and hypervisor technology controller cards, and embedded - comes in multiple flavours o ering improved performance and/or improved data reliability. Common Server Services General RAID Related Definitions a. Application Servers- a type of middleware, application servers occupy a large chunk of Hot Swapping refers to the ability to remove computing territory between database a drive from an array while the system is servers powered-up. b. Client Servers- a server is a program that awaits and fulfills requests from client Warm swapping can be used to stop drive programs in the same or other computers. A access while a drive is removed from the given application in a computer may function array. as a client with requests for services c. Collaboration Servers- once called Hot spare provides a back-up drive in the ‘groupware,’ demonstrates the original array that will automatically come on-line in power of the Web. the event of a failure of one of the other - enable users to collaborate, regardless of drives. location, via the Internet d. FTP Servers- oldest of the Internet services, SMART (Self-Monitoring, Analysis, and possible tomove one or more files securely Reporting Technology) is a predictive failure between computers analysis system where the drive performs self analysis and can communicate predicted fail Dynamic Sector Repair allows a RAID system to 5. DHCP Server Role can be used to provide IP locate faulty sectors on drives, transparently repair Address and other settings to the clients the data and flag the sectors as bad to prevent future on the network. access. 6. Web Server Role is designed to host the sites What is Network Operating System? in HTTP, HTTPS, and FTP Network Operating System 7. File and Storage services role provides - a computer operating system that facilitates services that allow users to store and share to connect and communicate various files on a given network. autonomous computers over a network. 8. Print and Document Services is a Windows Autonomous computer Server role that provides centralized - an independent computer that has its own management of and access to networked local memory, hardware, and O.S. It is self printers capable to perform operations and processing for a single user. 9. Terminal Services Role is meant for gaining access to remote servers, services, and UNIX is an operating system which was first Application developed in the 1960s, and has been under constant development ever since. 10. Server Backup Server Role will install the Microsoft Management Console. NetWare is a discontinued computer network operating system developed by 11. Remote Access role supports Seamless Novell, Inc. It initially used cooperative connectivity and always on or manager multitasking to run various services on a experience with DirectAccess, VPN and Web personal computer, using the IPX network application proxy protocol. The primary server features supported on Routers are network device use to select the best Windows Server routes when your network will be a. Group Policy Management feature allows connected to the Internet. Intelligent routers create a administration of Group Policy objects routing table through routing through the Group Policy Management algorithms (best path algorithms) Console. Server roles refer to the roles that your server can b..NET Framework 3.5.1 feature installs play on your network — roles such support for.NET 2.0 and.NET 3.0 as a file server, a web server, or a DHCP or DNS applications through the.NET Framework. server. c. Remote Assistance feature supports Features refer to additional capabilities of the requesting and o ering GUI-based remote Windows operating system itself, such as assistance. the.NET Framework or Windows Backup. d. Remote Server Administration Tools feature The primary server roles supported on Windows supports remote administration of Server Windows servers from another server such as 1. Active Directory Domain Server role managing the Domain enables controlling and centrally managing the users, groups and other computers on the e. Telnet Client feature installs a Telnet client, network. useful for both connecting to Telnet servers (including routers and switches), and 2. Application Server Role Lets you run high- testing text-based network services such as performance business applications and web HTTP and SMTP. services. You will need a.NET framework. f. Windows PowerShell Integrated Scripting 3. DNS Server is used to provide the internet Environment feature installs a GUI for names or hostnames to the IP addresses developing, testing, and running PowerShell scripts. 4. Hyper-V role in Windows Server provides a virtualization platform that allows g. Windows Server Backup feature installs a organizations to run many virtual machines Microsoft Management Console snap-in, on a single physical computer comnand-line tools, and PowerShell cmdlets to support backup and recovery of Windows servers. h. Windows Admin Center allows you to The Benefits of Group Policy for Data Security manage the server with a comprehensive set of tools including Certificates, Devices, a. Password Policy Events, Processes, Roles and Features, b. Systems Management Updates,Virtual Machines and more. c. Health Checking Group Policy settings can be linked to the following: Creating Active Directory for Users Computers Sites Active Directory (AD) is a database and set of Domains services that connect users with the Organizational Units (OUs) network resources they need to get their work done. Database (or directory) contains critical information about your environment, including Computer configuration settings: These settings what users and computers are used to configure policies which a ect computers. Domain is a group of related users, computers and other AD objects, such as all the AD User configuration settings: These settings are objects used to configure policies which a ect users. LDAP (Lightweight Directory Access Protocol) AD DS (Active Directory Domain Services ) Default Domain GPO, includes security settings MMC (Microsoft Management Console) which a ect each computer belonging to the domain. The Default Domain GPO is linked to the Domain object Group Policy Overview in Active Directory. Group Policy is a feature of Windows that facilitates Default Domain Controller GPO, includes both a wide variety of advanced settings security settings and configuration settings which that network administrators can use to control the impact domain controllers, and is linked to the working environment of users and Domain Controller OU in Active Directory. computer accounts in Active Directory. 1. Local GPO Group Policy Object (GPO) is a group of settings that - applied first and therefore has the least are created using the Microsoft precedence Management Console (MMC) Group Policy Editor. GPOs can be associated with a single 2. Site GPOs or numerous Active Directory containers, including - is applied after the local GPO is applied. sites, domains, or organizational units Because multiple GPOs can be linked to a (OUs). particular site Types of GPOs 3. Domain GPO - applied next, and therefore have higher 1. Local Group Policy Objects precedence than site GPOs and the local - the collection of group policy settings that GPO. only apply to the local computer and to the users who log on to that computer. 4. OU GPOs - the highest precedence. 2. Non-local Group Policy Objects - OU containing the user object or computer - is used when policy settings have to apply to object. one or more Windows computers or users. 3. Starter Group Policy Objects - are templates for Group Policy settings. These objects enable an administrator to create and have a pre-configured group of settings Data Security and Group Policy Object a. Limiting access to Control Panel b. Disabling Command Prompt c. Prevent software installations Group Policy settings User configuration settings User logon and logo scripts 1. Single setting GPO type: Smart card authentication (if relevant) - a GPO contains only one type of Security settings for both software and file Group Policy settings. restrictions - works best if your organization’s Administrative template restrictions administrative tasks are task orientated Folder redirection Software distribution for designated users 2. Multiple setting GPO type: - a GPO contains more than one type of Group Policy setting. Computer configuration settings - works best if your organization’s Computer startup and shutdown scripts administrative tasks are centralized. Local security settings Administrative template restrictions 3. Dedicated setting GPO type: Windows settings which control the manner - one GPO contains user configuration in which the OS will operate settings, and another GPO contains Software distribution for designated computer configuration settings. computers 4. Decentralized design (layered): - The objective in this approach is to have a particular Group Policy setting in as little a number of GPOs. 5. Centralized design: - the objective is to utilize as few as possible GPOs. What this means is that all the Group Policy settings for a particular site Di erent design approaches can be used to delegate administrative control of GPOs: a. Centralized administrative control: - only the administrators of the top level OUs in the tree have administrative Group Policy rights. These administrators are the only ones that have the Full Control permission. b. Decentralized administrative control: - both the administrators of the top level OUs and second level OUs in the tree have administrative Group Policy rights. Administrators of the top level OUs have the Full Control permission to manage GPOs within the top level OUs, and the administrators of the second level OUs have the Full Control permission to manage GPOs within the second level OUs. c. Task specific administrative control: - administrators perform administrative tasks for Group Policy according to which tasks need to be performed. For instance, one administrator would perform security orientated tasks, while another would perform administrative tasks for a di erent type of Group Policy setting.