Web Server Administration - Home Page di Andrea Leotardi

Web Server Administration - Home Page di Andrea Leotardi
This is an electronic version of the print textbook. Due to electronic rights restrictions,
some third party content may be suppressed. Editorial review has deemed that any suppressed
content does not materially affect the overall learning experience. The publisher reserves the right
to remove content from this title at any time if subsequent rights restrictions require it. For
valuable information on pricing, previous editions, changes to current editions, and alternate
formats, please visit www.cengage.com/highered to search by ISBN#, author, title, or keyword for
materials in your areas of interest.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Web Server
Administration
Steve Silva
DeVry University, Phoenix
Australia • Brazil • Japan • Korea • Mexico • Singapore • Spain • United Kingdom • United States
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Web Server Administration
Steve Silva
Senior Vice President, Publisher:
Kristen Duerr
Executive Editor: Jennifer Locke
Senior Product Manager: Barrie Tysko
© 2007 Course Technology, Cengage Learning
ALL RIGHTS RESERVED. No part of this work covered by the copyright
hereon may be reproduced, transmitted, stored, or used in any form or by
any means graphic, electronic, or mechanical, including but not limited to
photocopying, recording, scanning, digitizing, taping, Web distribution,
information networks, or information storage and retrieval systems, except
as permitted under Section 107 or 108 of the 1976 United States Copyright
Act, without the prior written permission of the publisher.
Developmental Editor: Lisa Ruffolo
Production Editor: Brooke Booth
Associate Product Manager: Janet Aras
Editorial Assistant: Amanda Piantedosi
Cover Designer: Joseph LeeBlack Fish Design
For product information and technology assistance, contact us at
Cengage Learning Customer & Sales Support, 1-800-354-9706
For permission to use material from this text or product,submit all
requests online at cengage.com/permissions
Further permission questions can be emailed to
[email protected]
Manufacturing Coordinator: Laura Burns
ISBN-13: 978-1-4239-0323-9
Compositor: GEX Publishing Services
ISBN-10: 1-4239-0323-4
Course Technology
25 Thomson Place
Boston, Massachusetts, 02210
USA
Cengage Learning is a leading provider of customized learning solutions
with office locations around the globe, including Singapore, the United
Kingdom, Australia, Mexico, Brazil, and Japan. Locate your local office at:
international.cengage.com/region
Cengage Learning products are represented in Canada by Nelson Education, Ltd.
Microsoft is a registered trademark of Microsoft Corporation in the United
States and/or other countries. Windows, Windows NT, and Windows Server
are either trademarks or registered trademarks of Microsoft Corporation in
the United States and/or other countries. Visual Studio and Visual Basic are
either registered trademarks or trademarks of Microsoft Corporation in the
United States and/or other countries. Course Technology is an independent
entity from the Microsoft Corporation and not affiliated with Microsoft in
any manner.
Red Hat is a trademark or regiestered trademark of Red Hat, Inc. in the
United States and other countries. Linux is a registered trademark of Linus
Torvalds.
Visit our corporate website at cengage.com
Printed in Canada
1 2 3 4 5 6 7 8 9 08
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
BRIEF
Contents
PREFACE
CHAPTER ONE
The Basics of Server and Web Server Administration
xiii
1
CHAPTER TWO
Preparing for Server Installation
41
CHAPTER THREE
Installing the Server
81
CHAPTER FOUR
Name Resolution
139
CHAPTER FIVE
Managing a Server
197
CHAPTER SIX
Configuring a Web Server
247
CHAPTER SEVEN
Installing and Testing a Programming Environment
309
CHAPTER EIGHT
Providing E-mail Services
371
CHAPTER NINE
Extending the Web Environment
441
CHAPTER TEN
Securing the Web Environment
495
CHAPTER ELEVEN
Monitoring and Analyzing the Web Environment
569
GLOSSARY
615
INDEX
625
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
TABLE OF
Contents
PREFACE
CHAPTER ONE
The Basics of Server and Web Server Administration
Reviewing the Internet and the World Wide Web
Understanding Server Administration
Working with Users
Establishing Access Control
Understanding the Server Environment
Understanding Web Server Administration
Understanding the Web Environment
Selecting Programs and Databases
Managing E-mail Servers
Working with Other Web Applications
Managing the Internet Connection
Exploring Administrators’ Common Tasks and Services
Installing and Configuring Systems
Maintaining Security
Monitoring the System
Maintenance and Backup
Examining Network Building Blocks
Understanding the OSI Model and the TCP/IP Model
Identifying Network Components
Understanding Bandwidth and Throughput
Understanding Web Hosting Solutions
Comparing Web Server Platforms
Microsoft Windows Platforms: NT, 2000, and 2003
Chapter Summary
Review Questions
Hands-on Projects
Case Project
CHAPTER TWO
Preparing for Server Installation
Identifying Server Categories
Understanding File Servers
Understanding Application Servers
Evaluating Server Components
Evaluating Processors
Selecting a Hard Drive Interface
Selecting a Hard Drive
Selecting a Network Interface Card
Purchasing and Supporting a Server
xiii
1
2
3
3
3
4
4
5
5
8
8
9
10
10
10
11
12
13
14
18
26
28
29
29
36
36
39
40
41
42
42
43
44
45
50
53
54
56
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
vi
Web Server Administration
Planning for System Disasters and Reducing Their Effects
Disaster Assessment and Recovery
Allowing for System Redundancy
Setting Up Backup Systems
Evaluating Network Components
Switches and Hubs
Routers
Setting Up IP Addressing
Understanding the Addressing Structure
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
CHAPTER THREE
Installing the Server
Preparing the Server for System Installation
Single-Boot and Multi-Boot Systems
Installation Methods
Checking Hardware Compatibility
Preparing System Documentation
Understanding the Installation Process
Partitioning the Hard Disk
Managing Multiple Operating Systems
Naming Computers
Licensing the Software
Identifying Devices
Selecting a File System
Verifying Installation Requirements
Installing Microsoft Windows 2000 Server
Installing Microsoft Windows Server 2003
Installing Red Hat Linux 8
An Introduction to Linux Commands
Configuring TCP/IP in Windows and Linux
Determining the TCP/IP Configuration
Configuring the IP Address in TCP/IP
Testing the TCP/IP Configuration
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
CHAPTER FOUR
Name Resolution
Understanding the Domain Name Service (DNS)
Examining the Structure of the Internet Domains
Identifying Top-Level Domains
Identifying Second-Level Domains
Understanding Host Names
Identifying the Components of DNS
Understanding DNS Servers That Define the Internet
Understanding DNS Servers That Resolve Names
57
58
60
66
69
70
70
71
71
75
76
79
79
81
82
82
83
85
86
87
87
89
91
91
92
92
93
94
99
103
112
117
118
119
120
121
122
125
138
139
140
140
141
142
143
145
145
146
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Table of Contents
Configuring Zone Files
Understanding Zone Files and DNS Records
Configuring the Forward Lookup Zone
Configuring the Reverse Lookup Zone
Installing and Configuring DNS in Linux
Configuring DNS in Linux
Starting DNS in Linux
Configuring a Caching Server
Configuring a Caching Server to Use a Forwarding Server
Configuring Client DNS in Linux
Understanding Name Resolution in Windows
Installing and Configuring DNS in Windows 2000 and 2003
Configuring Client-Side DNS in Windows
Troubleshooting DNS
Using ping to Test Connectivity
Using nslookup to Check DNS
Using dig to Find DNS Information in Linux
Other Troubleshooting Techniques for DNS
Using WINS to Resolve Computer Names in Windows
Understanding Computer Names
Installing WINS
Configuring WINS
Administering WINS
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
CHAPTER FIVE
Managing a Server
Understanding the Web Administrator’s View of Server Management
Examining Networking Models
Microsoft LAN Networking Models
Client/Server Networking Model
Authenticating Users
Identifying Authentication Methods
Implementing an Authentication System
Managing Users and Groups
Identifying Special Accounts
Understanding Users and Groups in Windows
Understanding Linux User and Group Accounts
Managing File System Permissions
Managing File System Permissions in Windows
Managing File System Permissions in Linux
Sharing Resources in a Windows Network
Enforcing Network Policies
Enforcing Network Policies in Linux
Enforcing Network Policies in Windows
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
vii
148
148
150
152
154
154
156
158
158
159
159
161
168
169
170
170
171
173
173
174
174
174
175
176
177
180
196
197
198
199
199
200
202
202
203
204
205
205
215
218
219
224
228
230
230
231
233
234
236
245
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
viii
Web Server Administration
CHAPTER SIX
Configuring a Web Server
Understanding How a Web Server Works
Understanding HTTP
Understanding Features in Apache Web Server
Understanding Features in Internet Information Services
Installing Web Servers
Installing IIS on Microsoft Windows 2000 or Windows Server 2003
Installing Apache on Red Hat Linux
Starting the Apache Web Server
Examining Internet Information Services Properties
Examining Apache Properties
Apache Global Environment Settings
Apache Main Server Configuration
Hosting Multiple Web Sites
Hosting Web Sites by Port Number
Hosting Web Sites by IP Address
Hosting Web Sites Based on Host Name
Configuring New Web Sites in IIS
Configuring a Web Site Using an IP Address
Configuring a Web Site Using a Host Name
Configuring New Web Sites (Virtual Hosts) in Apache
Creating Directories and Web Pages for Virtual Hosts
Configuring a Virtual Host in Apache Using an IP Address
Configuring a Virtual Host in Apache Using a Host Name
Understanding Virtual Directories
Configuring Virtual Directories in IIS
Configuring Virtual Directories in Apache
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
CHAPTER SEVEN
Installing and Testing a Programming Environment
Understanding the Need for Programming Languages
Understanding Programming Languages
Understanding the E-Commerce Environment
Understanding Internal Business Applications
Understanding Database Management Systems
Understanding Structured Query Language, the Language of Databases
Using Microsoft Access Files with IIS
Installing and Testing DBMSs
Installing and Testing Microsoft SQL Server
Installing and Testing MySQL in Red Hat Linux
Understanding the Web-Based Programming Environment
Using the Programming Examples
Programming Languages on IIS
Programming for Apache
247
248
248
250
251
252
253
261
262
264
268
269
270
271
271
272
272
273
273
280
282
283
284
285
288
288
293
295
296
299
307
309
310
310
311
311
311
313
314
315
315
324
327
328
329
340
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Table of Contents
Programming with Databases
Connecting to the Database
Sending SQL Commands to the Database
Processing Data from a Database
Database Programming with ASP
Database Programming with ASP.NET
Database Programming with PHP
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
CHAPTER EIGHT
Providing E-mail Services
Understanding the E-mail Environment
Understanding the Role of DNS in E-mail Systems
Understanding E-mail System Terminology
Understanding E-mail Protocols
Understanding SMTP
Understanding POP3
Understanding IMAP4
Installing and Administering Microsoft Exchange 2000
Microsoft Exchange 2000 Architecture
Understanding the Extra Features of Microsoft Exchange 2000
Installing Microsoft Exchange 2000
Administering Microsoft Exchange 2000
Administering Microsoft Exchange 2000 Users
Installing and Administering Sendmail for Linux
Installing Sendmail
Configuring Sendmail
Installing and Configuring IMAP4 and POP3 for Linux
Configuring E-mail Clients
Configuring an E-mail Client in Linux
Configuring an E-mail Client in Microsoft Windows
Understanding Web-Based E-mail Clients
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
CHAPTER NINE
Extending the Web Environment
Understanding FTP Services
Communicating with FTP
Installing and Configuring an FTP Server in Microsoft Windows
Installing and Configuring FTP in Linux
Configuring the FTP Server
Understanding News Servers
Configuring a News Server in Windows
Installing and Configuring a News Server in Linux
ix
344
344
345
345
346
352
354
355
356
359
369
371
372
373
375
377
377
381
383
384
384
385
386
392
395
400
400
402
404
405
406
412
417
419
421
424
439
441
442
443
446
452
453
458
459
464
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
x
Web Server Administration
Configuring Remote Access to a Server
Configuring Telnet in Linux
Telnet and Terminal Services in Microsoft Windows
Understanding Streaming Media Servers
Understanding E-commerce Servers
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
CHAPTER TEN
Securing the Web Environment
Identifying Threats and Vulnerabilities
Understanding the Major Threats to Your Systems
Examining TCP/IP
Understanding Vulnerabilities in DNS
Understanding Vulnerabilities in the Operating System
Understanding Vulnerabilities in the Web Server
Identifying Vulnerabilities in E-mail Servers
Securing Data Transmission
Using Secure Sockets Layer
Using Secure Shell
Securing the Operating System
Securing Microsoft Windows
Securing Linux
Securing Server Applications
Securing Telnet and FTP
Securing E-mail Applications
Securing the Web Server
Authenticating Web Users
Configuring User Authentication in IIS
Configuring User Authentication in Apache
Using a Firewall
Packet Filtering Using iptables
Understanding the Firewall Capabilities of Windows
Understanding the Firewall Capabilities of Microsoft Internet Security
and Acceleration Server
Using a Proxy Server
Using Apache as a Proxy Server
Using ISA Server as a Proxy Server
Using Intrusion Detection Software
Using Tripwire on Linux
Using the Intrusion Detection Features of ISA Server
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
471
471
472
478
481
482
483
486
492
495
496
496
497
499
500
500
501
502
502
506
506
507
510
511
511
513
520
527
528
530
531
532
536
537
539
541
544
547
547
550
552
553
556
566
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Table of Contents
xi
CHAPTER ELEVEN
Monitoring and Analyzing the Web Environment
569
Monitoring Operating Systems
Monitoring Windows
Monitoring Linux
Monitoring Web Server Applications and Their Usage
Monitoring IIS
Monitoring Apache Web Server
Monitoring Other Web Applications
Monitoring DNS
Monitoring E-mail Applications
Monitoring FTP
Understanding Analysis Tools for Web Servers
Chapter Summary
Review Questions
Hands-on Projects
Case Projects
570
570
580
582
583
587
592
592
594
601
602
603
605
607
613
GLOSSARY
615
INDEX
625
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Preface
W
eb servers have rapidly evolved from being useful additions to an organization’s
network to being essential parts of its information structure. Web servers have
dramatically improved their ability to convey information through the use of databases
and programming languages, which allow a Web site to customize and rapidly change its
content in response to user actions and other events.Web servers can now make organizations of any size more productive, responsive, and dynamic.To realize this potential,Web
server administrators need to know how to install, configure, manage, and troubleshoot
their Web servers.
Web Server Administration discusses the basic structure of a Web server and examines topics
that are important to organizations connected to the Internet, such as providing Web
access, maintaining performance, ensuring security, and integrating e-mail, file transfer,
and media services.The book begins with a thorough explanation of the Internet and a
review of networking building blocks. It also defines the tasks of a Web server administrator, which focus on making sure that Internet services are available to network users.
To offer these services, Web server administrators usually need to evaluate and select a
Web server and related components, such as servers, routers, and firewall products.
Another critical task involves setting up Internet Protocol (IP) addressing in preparation
for integrating the Web server into the Internet using a DNS server.
After explaining how to install a Web server and configure Transmission Control
Protocol/Internet Protocol (TCP/IP), this book discusses other topics involved with Web
server administration, including daily Web server management, customizing a Web server,
and monitoring its performance. It also describes how to extend the power of a Web server
by establishing a programming environment and providing a variety of Web services, such
as e-mail. While discussing every aspect of Web server administration in the context of
security, this book also devotes a chapter to securing the Web server environment.
Special Features
To provide concrete examples, this book establishes a fictional sample business named
TechnoWidgets, Inc., and guides you through the steps of setting up its Web site using the
URL www.technowidgets.com.You will perform typical Web server administration tasks for
TechnoWidgets, such as selecting hardware and software, configuring an IP addressing
scheme for the company, and creating e-mail accounts for its employees.
Both Linux and Microsoft Windows are common operating systems for developing a Web
presence. Web Server Administration presents all topics in the context of both Linux and
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
xiv
Web Server Administration
Windows, including separate, step-by-step instructions for performing Web server administration tasks using Red Hat Linux, Windows 2000 Server, and Windows Server 2003.
Each chapter balances the coverage of topics, instructions, and exercises between Linux and
Windows. Because the topics discuss using both Windows and Linux to manage a Web
server, you can use either operating system and apply all of the topics in this book.
Although Windows Server 2003 is an improvement over Windows 2000 Server, it will take
time for Windows 2003 to replace Windows 2000. To overcome this practical limitation,
this book can be used with Windows 2000 or Windows 2003. Although many procedures
are similar, this book indicates where steps differ to avoid confusion. This book therefore
provides an excellent way to master the transition from one operating system or version to
another.
The Intended Audience
Web Server Administration was developed to help the student with a basic background in
networking to understand how to set up and maintain an Internet presence.Although this
book reviews many networking and operating system topics, you should have completed
course work that includes the basics of operating systems and networking.This knowledge
is especially useful in troubleshooting, understanding how to install and run an application,
and navigating the folder structure of a Web server.
The Approach
This book combines the concepts of Web server administration with plenty of opportunities for hands-on practice to apply the concepts. Each chapter introduces a networking or
Web server topic, discusses it in the context of Windows and Linux, and then provides steps
for each operating system. Chapter by chapter you build a Web environment that becomes
increasingly more sophisticated. However, beyond the basics of installing an operating system (covered in Chapter 3), setting up DNS (Chapter 4), and intalling a Web server
(Chapter 6), the topics discussed in other chapters are independent of each other.
Each chapter concludes with a summary to help you understand the major points and
review questions to test your knowledge. Chapters also include Hands-on Projects and
Case Projects.The Hands-on Projects build on the step-by-step procedures in the chapter
and include variations to enhance independent learning. While the Hands-on Projects
offer details needed to complete the project, the Case Projects require you to apply the
solution on your own.The Case Projects introduce a problem many Web server administrators face, and then ask you to use the skills you developed in the course to solve the
problem.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Preface
xv
Overview of This Book
The concepts, step-by-step procedures, Hands-on Projects, and Case Projects in this book
will help you achieve the following objectives:
■
Understand the basics of server and Web server administration
■
Evaluate server and network components
■
Install Red Hat Linux 8,Windows 2000, and Windows 2003
■
Learn about the domain name service (DNS) and identify the components of DNS
■
Install and configure DNS in Windows and Linux
■
Learn the basics of managing a server
■
Install the Internet Information Services (IIS) and Apache Web servers
■
Configure new Web sites and virtual directories in IIS and Apache
■
Program dynamic Web sites with databases
■
Install and administer the Exchange 2000 e-mail server in Windows and sendmail
in Linux
■
Install and configure FTP in Windows and Linux
■
Install and configure remote access in Windows and Linux
■
Use a variety of techniques to secure a Web environment
■
Learn how to monitor a Web environment
In Chapter 1, you learn about the basics of server and Web server administration, including the common tasks and services of administrators.To prepare for installing a Web server,
you also compare Web server platforms. Chapter 2 explains how to prepare to install the
server by identifying the server categories and evaluating server and network components.
You also learn about setting up IP addressing, and planning for fault tolerance and system
backup. In Chapter 3, you learn how to install Windows 2000,Windows 2003, and Red
Hat Linux 8.You configure TCP/IP in each of the operating systems, and learn the basic
Linux commands that you use throughout the rest of the book.
Chapter 4 discusses name resolution, which allows you to use names such as
www.technowidgets.com instead of an actual IP address such as 0.192.155.3.You install and configure the domain name service (DNS) server in Windows and Linux, and examine WINS,
which provides a way to resolve IP addresses in a Windows LAN. In Chapter 5, you learn
how to manage a server, primarily from the perspective of a Web server administrator.
Besides examining networking models, you review how users are authenticated and how to
share resources on a network.You also explore how to manage file system permissions, users,
and groups.
In Chapter 6, you install and configure the Internet Information Services (IIS) and Apache
Web servers.You learn the various ways to host multiple Web sites and you configure virtual
directories. In Chapter 7, you install and test a programming environment for the Web
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
xvi
Web Server Administration
server.You evaluate the need for programming languages and database management systems
(DBMSs) in an effort to create dynamic Web sites, and then install the SQL Server DBMS
in Windows and MySQL in Linux.You also create programs that interact with the DBMSs.
Chapter 8 discusses e-mail services, including their environment and protocols.You install
e-mail servers in Windows (Exchange 2000) and Linux (sendmail).You also configure e-mail
clients. In Chapter 9, you learn how to extend the Web environment by installing and configuring FTP, news servers, remote access, and streaming media servers. Chapter 10 explains
how to secure the Web environment.You first identify the threats and vulnerabilities of a Web
environment, and then learn how to secure data transmission, the operating system, and the
server applications. You also authenticate Web users to help prevent unwanted users from
accessing your Web server, learn how to use a firewall to filter TCP/IP packets, and how to
use intrusion detection software. In Chapter 11, you monitor and analyze the Web environment, including the operating system, the Web server, and other Web applications.You also
examine the analysis tools that are used to better understand Web traffic.
Each chapter in Web Server Administration includes the following elements to enhance the
learning experience:
■
Chapter Objectives: Each chapter in this book begins with a list of the important
concepts to master within the chapter.This list provides you with a quick reference
to the contents of the chapter, as well as a useful study aid.
■
Step-By-Step Methodology: As new concepts are presented in each chapter,
step-by-step instructions allow you to actively apply the concepts you are learning.
■
Tips: Chapters contain Tips designed to provide you with practical advice and
proven strategies related to the concept being discussed.Tips also provide suggestions
for resolving problems you might encounter while proceeding through the chapters.
■
Chapter Summaries: Each chapter’s text is followed by a summary of chapter
concepts.These summaries provide a helpful way to recap and revisit the ideas covered in each chapter.
■
Review Questions: End-of-chapter assessment begins with a set of approximately
20 review questions that reinforce the main ideas introduced in each chapter.These
questions ensure that you have mastered the concepts and understand the information you have learned.
■
Hands-on Projects: Along with conceptual explanations and tutorials, each chapter provides Hands-on Projects related to each major topic aimed at providing you
with practical experience. Some of these involve enhancing or extending the exercises in the chapter tutorials, and some involve creating new applications. Many
Hands-on Projects provide detailed step-by-step instructions, whereas others
encourage independent thinking and learning by encouraging you to apply the
material presented in the current and previous chapters with less guidance. As a
result, the Hands-on Projects provide you with practice implementing various
aspects of the Web environment.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Preface
■
xvii
Case Projects: Four cases are presented at the end of each chapter. Each case
involves a fictional sample business, and is designed to help you apply what you
have learned in the chapter to real-world situations. You work with the same sample businesses in each chapter, so you can build on what you have learned and
applied from one chapter to the next. The Case Projects give you the opportunity
to independently synthesize and evaluate information, examine potential solutions,
and implement them, much as you would in an actual business situation.
C E R T I F I E D I N T E R N E T WE B M A S T E R P R O G R A M ( C I W )
This textbook covers many of the objectives of the CIW Server Administrator exam, one
of the certification exams offered by CIW. CIW offers certification for the knowledge
economy; their exams are designed to help people enter the IT industry as well as assist
experienced professionals in building on existing IT skills. For those interested in using
this book to help prepare for this exam, this book offers a mapping grid online that lists
each CIW exam objective and identifies where that objective is addressed in the book.
This exam objective mapping grid is available for download at www.course.com, via the
“Student Downloads” link, on the Web page for this book. For more information about
CIW certification, visit their Web site at www.ciwcertified.com.
Teaching Tools
The following supplemental materials are available when this book is used in a classroom
setting. All of the teaching tools available with this book are provided to the instructor on
a single CD-ROM.
Electronic Instructor’s Manual The Instructor’s Manual that accompanies this textbook includes additional instructional material to assist in class preparation, including
suggestions for lecture topics, sample syllabi, and ideas for small projects for students to be
assigned either in class or as homework.
ExamView ExamView® is the ultimate tool for your objective-based testing needs. It is a
powerful objective-based test generator that enables you to create paper, LAN, or Webbased tests from testbanks designed specifically for your Course Technology text. Use the
ultra-efficient QuickTest Wizard to create tests in less than five minutes by taking advantage of Course Technology’s question banks, or customize your own exams from scratch.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
xviii
Web Server Administration
PowerPoint Presentations This book comes with Microsoft PowerPoint slides for each
chapter.These are included as a teaching aid for classroom presentation, to make available
to students on the network for chapter review, or to be printed for classroom distribution.
Instructors can add their own slides for additional topics they introduce to the class.
Data Files Data files, containing all of the data necessary for steps within the chapters
and the Hands-on Projects, are provided through the Course Technology Web site at
www.course.com, and are also available on the Instructor’s Resources CD-ROM.
Solution Files Solutions to the end-of-chapter review questions are provided on the
Instructor’s Resources CD-ROM and can also be found on the Course Technology Web
site at www.course.com.The solutions are password protected.
ACKNOWLEDGMENTS
First, I would like to acknowledge the hard-working students at DeVry University who
have given me the incentive to write this book, and my wife, who painstakingly read every
chapter and offered suggestions. Special thanks to my editor Lisa Ruffolo, who is not only
a great editor, but very technically savvy too. I would also like to thank Barrie Tysko from
Course Technology for making the process of writing this book as pleasurable as possible.
The reviewers were very forthcoming and helpful in every chapter.They include: Anthony
Austin, Seneca College; Albert DiCanzio, Webster University; Daniel Gompert, Central
Community College; Malcolm JW Gibson, DeVry Institute of Technology-Georgia/
Decatur Campus; Kenneth Kleiner, Fayetteville Technical Community College; Jim
Martinez, GoCertify.com; Robert McCloud, Sacred Heart University; Margaret Moony,
Peralta Community College District; and Cindi A. Nadelman, New England College.
Steve Silva
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Read This Before You Begin
TO THE USER
Data Files
In Chapters 4 and 7, you use data files, which your instructor will provide for you. You also
can obtain the files electronically from the Course Technology Web site by connecting to
course.cengage.com, and then searching for this book title. In the book, you are asked to copy
files from the floppy disk drive in both Linux and Windows. While you are usually
reminded that your drive letter (and path) may be different, keep in mind that you might
be copying data files from a drive other than the floppy disk drive.
Using Your Own Computer
To use your own computer to complete the chapters, Hands-on Projects, and Case Projects
in this book, you will need the following:
■
550 MHz Pentium III or faster computer is strongly recommended. This
computer should have at least 256 MB of RAM, at least a 6 GB blank hard drive, and
a floppy disk drive. The faster the computer, the faster it starts, which is a significant
advantage when using this book. By the later chapters, your computer will contain a lot
of software, and can take a few minutes to start.
■
Microsoft Windows Server 2003 or Windows 2000 Server. You can use either
version of the Windows operating system—the instructions for using either are very
similar. Any differences are noted in the steps and descriptions. Note: Chapter 3 explains
how to install Windows and Linux on a single hard drive.
■
Red Hat Linux 8. Official Red Hat® Linux®, which you may purchase from Red
Hat, includes the complete Red Hat® Linux® distribution, Red Hat’s documentation,
and may include technical support for Red Hat® Linux®. You also may purchase
technical support from Red Hat. You may purchase Red Hat® Linux® and technical
support from Red Hat through the company’s Web site (www.redhat.com) or its toll-free
number 1-888-REDHAT1.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
xx
■
Data files. You will not be able to complete the projects in Chapters 4 and 7 using your
own computer(s) unless you have the data files. You can get the data files from your
instructor, or you can obtain the data files electronically from the Course Technology Web
site by connecting to www.course.com and then searching for this book title.
■
Additional software. Some of the steps and projects refer to SQL Server 2000 and
Exchange 2000. If you do not have access to SQL Server 2000 to work with database files,
a Microsoft Access database file is included. If you do not have access to Exchange 2000,
you can install the basic e-mail server that comes withWindows Server 2003.You also need
.NET Framework, which is available for download on the Microsoft Web site.
The book is organized so the concepts are applied in Windows 2000, Windows Server
2003, and Red Hat 8, so even if you only use one of the operating systems, you will still be
applying all the concepts. Your instructor may have you use just a single operating system.
As you work through the chapters, you can use all of the default names and IP addresses
that are given in the book. For example, you can name the computer web1, use the domain
of technowidgets.com, and use an IP address of 192.168.0.100. However, in a computer
lab, the default names and IP addresses might conflict with other computer names and IP
addresses. Consult with your instructor or technical support staff to make sure each
computer has a unique name and IP address.
Although you complete most of the steps and projects with a single computer, some of
them suggest or require more than one computer. However, the other computers are used
for testing so you can still perform the main part of the project on a single computer. For
example, in Hands-on Project 4-4, you acquire the IP addresses of two other DNS servers
in your student lab. However, the project uses two sample IP addresses that you can use to
complete the project. In Hands-on Project 4-8, you configure a DNS client for multiple
servers. You can still complete the project, though you configure it to use your own server.
Hands-on Project 10-8 shows you how to set up a proxy server. As the project explains,
you only need the other computers for testing.
You should also have access to a computer connected to the Internet so you can download
some small freeware programs, which fit on a floppy disk.
TO THE INSTRUCTOR
The steps, Hands-on Projects, and Case Projects in this book were written and tested using
Windows Server 2003,Windows 2000 Server, and Red Hat Linux 8 along with the default
browser included with each operating system.
If the computers in your lab are not networked, you can follow the guidelines as described
in “Using Your Own Computer.” Because the Web server is part of a client/server
technology, some projects use two, and occasionally three computers. However, these
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Read This Before You Begin
xxi
projects are designed to show how Web servers work in a client/server environment.
With few changes, most of these projects can work on a single computer.
If the computers in your lab are networked, students must use unique computer names,
IP addresses, and domains. If the computers are also used to connect to the Internet, the
students should use domain names that are not real to reduce DNS resolution
problems. You could also require that students use alternate top-level domain names.
For example, instead of using .com, students could use .cxm.
Because the book discusses the sameWeb server concepts in each operating system,you can
use any supported operating system to cover virtually all the concepts. Some projects
suggest using a browser in one operating system to connect to a Web server in another
operating system. These projects work even if you only use one operating system.
Course Technology Data Files
You are granted a license to copy the data files to any computer or computer network
used by individuals who have purchased this book.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
CHAPTER
1
THE BASICS OF SERVER AND
WEB SERVER ADMINISTRATION
In this chapter, you will:
♦
♦
♦
♦
♦
♦
Review the Internet and the World Wide Web
Learn about server administration
Learn about Web server administration
Explore the common tasks and services performed by administrators
Examine networking building blocks
Compare Web server platforms
T
his chapter introduces the basics of server administration and Web server
administration for anyone interested in being a Web server administrator. Whereas a server administrator focuses on the computing needs inside
the business, a Web server administrator focuses on making sure that a variety of services are available on the Internet.To offer these services, you may
need to evaluate and select options from among a variety of hardware, such
as servers, routers, and firewall products.You also need to choose a Web server
platform, such as Windows or Linux. The Windows platform offers more
than one operating system, while more than one company produces the
Linux operating system. After you choose the server and operating system,
you should select server software products, such as software needed to run
and maintain the Web server and to offer other services, such as File Transfer
Protocol (FTP), e-mail, database, programming languages, and security software. After you select and install the Web server software, you must maintain
the server daily by monitoring its performance and usage, installing software
updates and security patches, and generally making sure that the Web server
environment continues to meet the needs of the organization.
When you administer a Web server, you need to understand the Web server
environment, which includes the network on which the Web server runs. In
this chapter, you will review the basic components of a network and learn
how the Web server fits into both the local area network (LAN), and the
1
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
Chapter 1
The Basics of Server and Web Server Administration
wide area network (WAN). A LAN is a group of computers along with the devices and
media that connect them, which are all under the direct control of the administrator.
The WAN is primarily a public, shared network that connects regions and countries. For
example, the Internet is a WAN.
REVIEWING
THE INTERNET AND THE
WORLD WIDE WEB
The Internet is a worldwide network of networks. The term “World Wide Web” (or
“Web” for short) refers to the part of the Internet used by the HTTP protocol. Web
browsers and Web servers use the HTTP protocol to communicate with one another.
When you use a Web browser, you are using the Web. For example, in a browser, you
could type www.technowidgets.com to visit the Web site of TechnoWidgets, Inc.When you
do so, you use the Web to access information provided by TechnoWidgets, Inc. When
you send an e-mail message to [email protected], your message may go to an e-mail
server that TechnoWidgets, Inc., runs. Although you use the same connection between
you and the server at TechnoWidgets, Inc., to send the message, in this case you use the
Internet, not the Web. The Web is not separate from the Internet, but rather represents
a way to identify a type of communication on the Internet that relies on HTTP. Web
administrators often manage applications that use the Internet, but not the Web.
The Internet is not centrally controlled. Instead, it depends on the cooperation of many
entities to make sure that the thousands of networks that make up the Internet function
correctly. In some countries, market competition determines how the Internet is configured. In other countries, the national telecommunications monopoly controls the
Internet. The Internet shares part of the WAN that is also used by the international
telecommunications network, but is distinguished by its use of TCP/IP.
Although the Internet had its origins in the 1960s, major changes began in 1995 when a
new backbone was created along with four network access points (NAPs).A backbone
is a high-speed network that connects to other networks—no users connect to a backbone.
The NAPs provide the major Internet connection points and are designed to serve the public. Over time, more NAPs have been created. Just as important, much Internet traffic is
now handled without going directly through NAPs because of peering agreements,
which are agreements between network owners and Internet service providers (ISPs) to
exchange traffic. Historically, peering agreements did not involve payment, but today large
ISPs often charge smaller ISPs for peering.
Peering arrangements are relevant to any business considering connecting to the
Internet using a particular ISP. If the ISP is small, it may have unfavorable peering
arrangements that may slow traffic between your business and the rest of the Internet.
If you are considering a small, local ISP, you need to find out about its peering arrangement with its upstream ISP and about the performance of its network.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Server Administration
Tip
3
The Web comprises the network of Web servers on the Internet. The Internet
is a very large WAN. However, a WAN serves purposes other than supplying
the network for the Internet. Namely, it carries voice data for the telephone system and can be used to connect the main office of a business to a branch office.
UNDERSTANDING SERVER ADMINISTRATION
Server administrators focus on their LAN, provide access to the software and services their
users need, and make sure that the users’ environment is reliable and consistent.Although
users must have enough network access to perform their work, server administrators must
also control that access to minimize the harm that users can do to the network, either
intentionally or unintentionally. Often, the server administrator’s job extends to the whole
network, as all components must work together.
Working with Users
Users are central to server administration because the purpose of the server—and of the
LAN in general—is to make users productive. A LAN can serve hundreds or even thousands of users who need to perform their work as efficiently as possible, and the server
administrator makes sure they can access the resources they need, whether those
resources are on or controlled by the server. For example, many users need access to a
single program on the server or to printers managed by the server.
Users like consistency. If they have to move from one computer to another, they usually want the desktop interface to be as familiar as possible. Roaming profiles provide
this familiarity. A profile is stored on the user’s hard disk and contains information such
as the user’s preferred desktop settings, Windows Explorer folder options, files stored in
My Documents, and Internet Explorer Favorites. A roaming profile resides on the server
and allows a user to access his or her profile from other computers on the LAN. If the
LAN supports users who work from many computers, the server administrator can make
sure that these users have roaming profiles. When the user logs on, the profile is transferred to his or her current hard disk. Because the profile includes all the files in My
Documents, it can become very large and slow the logon step.
Establishing Access Control
Controlling access to the network is the principal job of server administrators.They need
to give users just enough access to do their jobs, but not more. Access control prevents
users from harming the system, and it lets everyone use the system efficiently. To ease
administration, server administrators organize users into logical groups based on their
common needs. For example, one group may consist of the users in accounting and
another group may include everyone in marketing.The users in accounting need access
to the accounting software and the printers in the accounting department, but they do
not need the forecasting software that the marketing personnel use. Accounting users
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
4
Chapter 1
The Basics of Server and Web Server Administration
should not be able to modify marketing forecasts or access the printers in the marketing department, because it is inconvenient for the accounting group and ties up the
printers for the marketing group, frustrating both groups of users.
Users often need to share documents on the server. Server administrators can control
access to these documents by assigning permission to users, thereby allowing some users
to add documents, others to modify documents, and others to only read documents.
Understanding the Server Environment
All but the smallest network includes more than one server, meaning that the server administrator needs to manage many servers. To simplify this task, networks can group servers.
Windows, for example, provides a number of ways to do so. In Windows NT, servers and
the associated user computers are grouped into domains. Users log on to a domain, which
can be completely separate from or related to other domains. In Windows 2000 and 2003,
domains can be part of a larger group called a forest. Server groups, domains, and forests
increase the complexity of a network, which complicates server administration because the
server administrator must then manage thousands of users.
In addition to setting up servers, the server administrator must understand and often
maintain the other devices that surround the server. For example, switches or hubs connect the computers to the network, and routers divide the network into manageable parts.
These devices can be connected by wires, fiber-optic cables, or even wireless connections.
UNDERSTANDING WEB SERVER ADMINISTRATION
Whereas server administrators focus on LANs, Web server administrators focus on the
Internet.The primary purpose of a Web server is to provide information to anyone who
requests it on the Internet. As Web server administrator, this means you allow users outside of your organization to access your server when they visit the Web site that your
organization hosts. Because this situation can be like opening your doors to allow anyone access to your computers, security and control become even more important with
a Web server than when the computers that access your servers are on a LAN. Unlike
server administrators, who have complete control over their environment, Web server
administrators need cooperation from people outside the organization, such as the support personnel from an ISP, to solve problems with the Internet connection.
You need many technical skills to administer a Web server.You may need to control access
to Web pages, create virtual Web sites on a single server, and make sure that the programming environment and e-mail services are functioning correctly.You must also set up and
provide other services. For example, you might provide FTP services to allow users to
transfer files from one computer to another across the Internet.You must also work with
the domain name service (DNS), which translates host names such as www.microsoft.com
into Internet Protocol (IP) addresses so that the server can find the appropriate computer
when exchanging data across the Internet.You should also understand the roles played by
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Web Server Administration
5
firewalls and proxy servers, which protect the organization’s computers from unauthorized
users who try to access them via the Internet.These many Web server management tasks
are often divided among a number of administrators.
Understanding the Web Environment
The connection that a network maintains to the Internet complicates your job as Web
server administrator. Although you may control the Web server and related servers, you
can’t control the Internet.The best that you can do is to control the access that Internet
users have to your servers.You do so by working with the Web environment, which contains all the server software that typically is accessed from outside the organization.
For Web administration, you install and maintain many types of software, such as databases
and programming languages that create and update Web pages.You typically install each
type of software on separate computers for two reasons. First, if you store your Web pages
on the same computer containing the database that supplies data to the Web pages, along
with e-mail, FTP, and firewall software, requests for using this software might slow the
throughput to an unacceptable point. Second, if one software component malfunctions, it
can’t affect the other components.The steps and Hands-on Projects in this book simplify
the lab environment by instructing you to store all components on a single computer, but
you should not follow this practice outside of the lab.
Unlike server administrators, who primarily work with users,Web server administrators
work with developers and other administrators, not users.Web developers need to access
one or more programming languages and databases to create Web pages, then need to
access your Web site to update the pages. Developers might also need to use test sites
that remain separate from the production Web server. Web server administrators work
with other administrators as well, including the database administrator who controls
access to the databases that the Web developers use.The e-mail administrator makes sure
that everyone can send and receive mail. Depending on the size of the organization, this
administrator may not install and configure the software, but merely maintain the users.
As Web server administrator, you need to support these development and administration
activities. In particular, you need to determine how developers can access their Web pages
securely. If any software develops a problem, you might be involved in troubleshooting
to solve the problem.
Selecting Programs and Databases
Although Web server administrators do not necessarily need to know how to program,
you do need to know how to install languages so that programmers can use them. Most
Web sites display Web pages dynamically. For example, a Web page might display advertisements or products based on user preferences. A Web page is considered to be dynamic
when it refers to stored data and then displays information based on that data.To display
dynamic Web pages, a Web developer uses a programming language to access information
in a database and then displays that information on a Web page. For example, suppose you
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
6
Chapter 1
The Basics of Server and Web Server Administration
visit an online bookstore and search for books on Linux. At the Web server, a program
takes your search request and examines a database for books on Linux. It then displays a
list of all the books that the bookstore has on Linux.
Web developers use a variety of programming languages. Perl was one of the first programming languages used to create dynamic Web pages. Web-based programming languages have evolved significantly since Perl was introduced in the mid-1990s, however.
Although Perl was originally designed to process text, it remains popular today.
Microsoft has relied on Active Server Pages (ASP), which uses a scripted environment
that usually relies on VBScript, a subset of Visual Basic, for programming logic. Because it
is scripted and not compiled, ASP does not offer the features or speed of a compiled language. Microsoft has addressed these concerns and more with ASP.NET, which compiles
programs and supports more languages than ASP, including Visual Basic .NET, C# .NET
(similar to C++), J# .NET (similar to Java), and COBOL .NET. ASP.NET increases its
flexibility by using Web services and Extensible Markup Language (XML). A Web
service consists of one or more programming modules that reside on the Web server and
can be accessed from a client computer. XML allows developers to create text files
containing tags that define information. Developers can create their own tags within strict
syntax guidelines, which allow them to send data in text form to be interpreted by otherwise incompatible systems. Web services and XML work together so that data, as
opposed to simple Web pages, can be sent to a computer for processing. Of course, sending
data with a Web page leaves the data vulnerable to hackers, and the Web server administrator must work to keep the data secure.
Programs solve specific problems. For example, an accounting program performs calculations to solve accounting problems, and a server program is software that runs on a
server to solve data transfer problems. (A server program is not identical to the operating system.) A Web server refers to both the program that runs on the server and the
physical server computer.
A service is a program that runs in the background. In the UNIX/Linux environment, a
service is called a daemon.Web servers and e-mail servers are considered services because
they are always running in the background. Because a Web service has come to mean a
programming technique used on the Web, the Web server is not called a Web service.
Tip
Because of their overlapping meaning, you can use the terms “e-mail software,”
“e-mail application,” “e-mail service,” and “e-mail program” interchangeably,
though these terms actually have slightly different meanings.
Besides the Microsoft .NET languages, one of the most popular programming languages
is Java, which is an object-oriented, standards-based language with industry-wide support.
Web server environments often include Java because developers can use it to create
dynamic Web pages. To write Java programs, developers can use Java Server Pages (JSP),
which has a scripting language and a structure similar to Active Server Pages. One difference is that a JSP page is compiled into a servlet, which is then run on a server. A servlet
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Web Server Administration
7
is a program written in Java and designed to produce Web pages.A skilled programmer can
write servlet programs to optimize code and precisely control the behavior of a Web page.
One of the easiest Web development languages to use is PHP, which was originally
designed to allow relatively unsophisticated users to create home pages on a Web site. PHP
originally meant Personal Home Page, but as its popularity grew and it evolved into a
complete programming language, it came to stand for PHP Hypertext Preprocessor. PHP
has a structure similar to that of ASP and JSP, and a syntax similar to that of Perl and Java.
Macromedia ColdFusion is another popular Web development language that was introduced
before ASP. Although ColdFusion is more extensive than the other languages previously
mentioned, it offers many features that make producing sophisticated Web pages relatively
easy. The ColdFusion syntax is also similar to that of ASP and JSP, so programmers who
know those languages can learn ColdFusion quickly.
All Web development programming languages are limited unless they can connect to a
database to extract and save data. A database management system (DBMS) lets you
store and access data on a computer. Relational databases contain data in table form and
share a common language called Structured Query Language (SQL) that you can use
to manipulate the data in the database. Many Web sites employ databases to perform tasks
such as storing customer information, producing reports, and displaying product information. Database management systems range from simple to complex in terms of features
and capabilities, and from free to expensive in terms of price.
At the low end of DBMS capabilities is Microsoft Access. It is an appropriate choice for Web
sites that do not have sophisticated needs, such as a site that looks up employee e-mail names
and phone numbers.
Microsoft SQL Server 2000 is a more complex DBMS than Access, though it is also easy
to use. Combining SQL Server 2000 and ASP.NET provides a capable system because
ASP.NET has code specifically optimized for SQL Server 2000. For example, you can
use ASP.NET to extract data from a database, produce a report in HTML, and then send
the report to another user. Although many organizations hire a database administrator
(DBA) to manage their databases, SQL Server 2000 is often installed without a DBA. In
these cases, the Web server administrator must install SQL Server 2000 and provide security measures while the developers create the databases and tables.
Oracle9i is another sophisticated DBMS that can be installed on a variety of server platforms, including Windows, UNIX, and Linux. Oracle9i products are built on a core database, and they work with a family of related products such as application servers,
e-commerce servers, and e-mail servers. When you install Oracle9i, it also installs an
Apache Web server and associated modules configured to work with the database. Soon
after installing the database, developers can test sample JSP pages and servlets to see how
they connect to Oracle9i. A knowledgeable DBA should maintain Oracle9i.
While Access, SQL Server 2000, and Oracle9i range in price from moderate to expensive, MySQL is a capable DBMS that is freely available. In a test with Oracle9i on a quadprocessor server, MySQL could handle almost as many simultaneous users as Oracle9i.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
8
Chapter 1
The Basics of Server and Web Server Administration
Where Oracle9i is suitable for large organizations with extensive and specific requirements, MySQL should be considered for other environments. The Web server administrator can install MySQL and provide some support; Web developers can then provide
the rest of the support.
Managing E-mail Servers
E-mail servers are common in many businesses. By design, they are open because users
need to send e-mail to anyone and receive e-mail from anyone. The e-mail server generally sends and accepts messages without imposing any security, which can lead to abuse
of the e-mail service. For example, most people are annoyed with the volume of spam
they receive.Viruses and worms sent through e-mail continue to create problems. All of
this unwanted traffic can cause problems for the Web server administrator. In smaller
organizations, the Web administrator may also act as the e-mail administrator. Even in
larger organizations, the two administrators need to work closely together. In some organizations, the Web administrator provides technical support while someone else performs
maintenance tasks such as adding and deleting users to the system.
Microsoft strives to make products that are easy to install and configure, yet are powerful and flexible enough to grow in a complex environment. Microsoft Exchange 2000,
for example, is designed to manage e-mail services. In some environments, the Web
administrator can readily install and easily maintain Exchange 2000, which lets users
exchange e-mail, coordinate meetings on a group calendar, manage contacts and tasks,
and be involved with discussion groups. You can also use Exchange 2000 with other
products such as Exchange 2000 Conferencing Server, which manages data, voice, and
video conferencing.
Besides the Microsoft servers, one of the most popular e-mail server products is sendmail,
an open-source software package that is available in both free and commercial versions.
Sendmail does not provide a full range of e-mail services, however—it only sends and
receives mail, and does not route the e-mail it receives to users. If you are a Web server
administrator supporting sendmail, you must install another product such as imapd to let
users access their e-mail. (You will install sendmail and imapd in Chapter 8.)
Working with Other Web Applications
In addition to programming languages, databases, and e-mail services, your Web server
might support other applications that you need to manage, including firewall, FTP, and
DNS services, depending on the size of your organization. Some organizations choose
to have an ISP provide some of these applications, such as DNS, while large organizations often hire specialists to take charge of these applications.
Firewall is a general term for specialized software designed to control access to your Web
environment. A firewall helps to control access to your Web environment as well as access
from your internal network to the Internet.As Web server administrator, you need detailed
information on what type of access the other Web applications need, such as e-mail and
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Web Server Administration
9
Web server software. The firewall makes sure that only the applications you specify can
be accessed. Good firewall products help to prevent attacks on the Web environment by
malicious hackers, and they can monitor access to and from your Web environment.This
means that you can track how internal users use the Web, which is particularly helpful if
internal users are not using the Web for business purposes and slow your connection to
the Internet.
FTP is a service that allows users to download files from and upload files to a server;
the Web server administrator controls who can download and who can upload files.
Many users employ FTP to download software programs, updates, data files, and software
patches from Web sites. FTP can operate in two standard modes: anonymous and protected. The anonymous mode does not require a password and lets anyone access files.
Protected mode requires a user to enter a user name and password to access files. Because
the user name and password are sent as clear (unencrypted) text, hackers can easily find
out the user name and password to download sensitive information or upload damaging
files that could harm the FTP server. For this reason, it is difficult to make FTP secure.
A DNS server translates host names such as www.technowidgets.com into an IP address such
as 38.246.165.12. DNS can also translate an IP address into a host name. An IP address is
the way each computer is identified on a network. (IP addresses are covered in detail in
Chapter 2.) The DNS server typically controls the hosts in a single domain. For example,
the DNS server in an organization with the domain name technowidgets.com would
control hosts such as www.technowidgets.com, mail.technowidgets.com, and ftp.technowidgets.com.
A DNS server receives an IP address and responds with a host name; security programs
and e-mail programs can take advantage of this feature to determine which host is sending the message. An ISP can readily maintain the DNS server because its information
rarely changes.
Managing the Internet Connection
Naturally, the Web administrator needs to maintain a connection with the Internet.
When a LAN experiences a problem, the LAN administrator is responsible for checking the wiring and connections. The Web administrator, on the other hand, works with
many other administrators or organizations to connect a Web environment to the
Internet and then to maintain that connection.
As a Web server administrator, your responsibility ends at your connection to the
Internet. From that point, you need to contact your ISP to obtain additional support.
Your ISP may have to contact your local phone company to confirm that your connection from your building is working. The local phone company, in turn, might have to
work with a long-distance telephone carrier to complete a connection or to solve a
problem. In the WAN environment, many organizations are responsible for maintaining
connectivity.
You may also need to contact your ISP to change your service. For example, you might
want a faster Internet connection or multiple connections for redundancy. However, not
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
10
Chapter 1
The Basics of Server and Web Server Administration
all ISPs can offer all services. For example, an ISP that specializes in low-speed connections might not provide high-speed connections.
Now that you’ve examined the differences between server administrators and Web server
administrators, you can explore their similarities.
EXPLORING ADMINISTRATORS’ COMMON TASKS
AND
SERVICES
While server administrators and Web server administrators work in different environments
and perform different tasks, they share many types of tasks. In smaller organizations, the
server administrator and the Web server administrator might be the same person.Although
both administrators maintain security, for example, each takes a different approach to that
task—both are interested in security, but security on a LAN can be different from security in a Web server environment.
Installing and Configuring Systems
The Web administrator needs to determine the hardware and software requirements of the
environment. This includes not only the servers, but also everything that connects to
the servers, such as switches that connect servers and other computers together, and routers
that connect the server network with the internal LAN or Internet. Administrators install
the operating system and applications on the servers.
For the Web server administrator, installing the operating system is a simple task because
the Web server is more isolated than a typical server on a LAN. The more challenging
task for the Web server administrator is to determine which other applications the organization needs and then to install them.
Both Web and server administrators need to maintain a correct configuration. Server
administrators focus on configuring users and their environment.Web server administrators seek to maintain a correct configuration on a variety of applications. Unfortunately,
knowing how to configure one application, such as e-mail, does not necessarily help to
configure another application, such as DNS.
Maintaining Security
Everyone is concerned about security. However, an organization should be concerned
about more than simply preventing a hacker from attacking its system. Disgruntled and
inept employees can do damage, too. As a consequence, administrators need to consider
both physical security and software security.
Physical security involves protecting your server environment from others. For example,
you should stop outsiders from engaging in malicious behavior and prevent internal users
from surfing the Internet and potentially downloading viruses. Some users with technical skills might want to change the server and create difficult-to-resolve problems.
External users might try to detect the traffic between your Web server and the Internet.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Exploring Administrators’ Common Tasks and Services
11
Just as Web server administrators use firewalls to restrict access to the Web server, so
should server administrators restrict access to the server environment.To do so, they can
use a Demilitarized Zone (DMZ), a configuration where the servers are isolated from
both outside attacks and inside attacks.
Monitoring the System
Systems can be monitored to track performance, troubleshoot problems, and record
usage, for example. Server performance reflects the server’s ability to perform its duties,
such as transmitting Web pages or e-mail messages to users, with minimal delay.Although
Web and server administrators have different criteria for adequate performance, their
objective is the same. Users should find performance acceptable, while the cost for the
performance must make business sense. For the server administrator, traffic typically travels at 100 Mbps in a LAN. For the Web administrator, traffic is often limited to speeds
of 1.544 Mbps or less. Both administrators want to keep their users happy. Users accessing Web pages, for example, will not accept significant delays while waiting for the pages
to appear in their browsers.What is considered “significant” can vary depending on the
environment. If the user constantly accesses a Web-based application that is critical to
job performance, he or she may require very quick response times. If the user is ordering seat belts for a classic car, response time is less important.
As an administrator, you may use many methods to monitor your system for troubleshooting purposes.The operating system, whether Windows or Linux, monitors itself and communicates information to you using software tools and log files. Windows uses the Event
Viewer to organize log files. Linux also maintains log files and can notify you about them
through e-mail. Figure 1-1 shows an example of the Windows Event Viewer. To find out
more about each message, you could double-click it.
Figure 1-1
Windows Event Viewer
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
12
Chapter 1
The Basics of Server and Web Server Administration
Both Apache and Microsoft Internet Information Server (IIS) Web servers have extensive logging capabilities, as you will see in Chapter 11. Figure 1-2 shows an example of an Apache
log file that you can track to see who is accessing what part of your site and how often.
10.2.5.3ƒ-ƒ-ƒ[25/Sep/2002:10:16:52ƒ-0400]ƒ"GETƒ/ƒHTTP/1.1”ƒ304ƒ-ƒ“-”ƒ“Mozilla/4.0”
10.2.5.3ƒ-ƒ-ƒ[25/Sep/2002:10:16:52ƒ-0400]ƒ"GETƒ/icons/apache_pb.gifƒHTTP/1.1”ƒ304ƒ“http://10.11.22.33/”ƒ“Mozilla/4.0”
10.2.5.3ƒ-ƒ-ƒ[25/Sep/2002:10:16:52ƒ-0400]ƒ“GETƒ/poweredby.pngƒHTTP/1.1”ƒ304ƒ“http://10.11.22.33/”ƒ“Mozilla/4.0”
10.2.5.3ƒ-ƒ-ƒ[25/Sep/2002:10:28:16ƒ-0400]ƒ“GETƒ/test.htmƒHTTP/1.1”ƒ200ƒ31ƒ“-”
“Mozilla/4.0”
10.11.22.33ƒ-ƒ-ƒ[16/Sep/2002:09:06:43ƒ-0400]ƒ“GETƒ/ƒHTTP/1.1”ƒ200ƒ2890ƒ“-”ƒ“Mozilla/4.0”
10.11.22.33ƒ-ƒ-ƒ[16/Sep/2002:09:06:43ƒ-0400]ƒ“GETƒ/poweredby.pngƒHTTP/1.1”ƒ200ƒ1154
“http://localhost:55555”ƒ“Mozilla/4.0”
10.11.22.33ƒ-ƒ-ƒ[16/Sep/2002:09:06:43ƒ-0400]ƒ“GETƒ/icons/apache_pb.gifƒHTTP/1.1”ƒ200ƒ2326
“http://localhost:55555”ƒ“Mozilla/4.0”
Figure 1-2
Apache log file
Because system monitoring takes resources, you must balance the desire to understand
certain aspects of your system against the resources required by that effort. Extensive system monitoring may decrease performance to an unacceptable level and quickly fill your
hard disk with log files.
Windows and Linux also provide software tools that monitor a system by gathering data
about system usage or helping to troubleshoot a performance problem. For example, you
can use the Windows System Monitor to create a graph that tracks processor usage over
time, thereby enabling you to identify programs or resources that consume excessive
processing power.
Maintenance and Backup
After you install and configure a computer system, you need to maintain it. For example,
you should periodically upgrade your operating system and applications.You might also
need to eliminate security holes by installing software patches and enhancements. While
these changes usually improve a system, they can occasionally introduce new problems.
For example, a patch designed to solve one problem might cause another.An upgrade that
has produced no problems in other environments might unexpectedly cause serious problems in your environment. In general, you should plan for the worst and test changes thoroughly in isolation as much as possible before making them on the overall system. For
example, schedule maintenance tasks during a slow time on the system, such as late at
night, to avoid interrupting services. Because it can be difficult to determine which
patches you need, you should monitor the Web sites of the manufacturers of your software to see what they suggest. User groups and e-mail notification can also prove useful.
In addition to performing software maintenance, server administrators typically create and
maintain system backups. Backup software stores data from your server on another device
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Network Building Blocks
13
such as a tape.You can use the tapes to restore data if someone accidentally overwrites Web
pages or realizes that they need files deleted earlier.All the tasks related to backing up data
and restoring it can be complex. For example, normally you cannot back up open files,
although open files can be the most important ones on your server. Microsoft SQL Server
and most other SQL servers keep their data files open so they can’t be backed up. Thus,
when you buy your backup software, you should either make sure that it can back up open
files, such as those associated with SQL Server and Microsoft Exchange Server, or require
the database administrator and mail server administrator to do their own backups.
System problems can be so severe that the only solution is to completely reinstall all the
software and its associated data. As you set up a new server, you should always test your
ability to reinstall software and data, including your operating system, DBMS, mail server,
Web server, and other applications. Enter data in all the applications, and then install your
backup software and do a complete backup. Format your drive to simulate a catastrophic
failure, and then verify that you can restore the system from your backup.Take these steps
to confirm that you can recover from a disaster:
1. Install the operating system.
2. Install applications such as the DBMS, e-mail, and others your organization
uses, including backup software.
3. Create sample transactions and other data for all the applications.
4. Back up the complete system.
5. Format the hard disk and reinstall the operating system.
6. Reinstall the backup software.
7. Restore the system.
8. Test applications to make sure that the data was restored correctly.
EXAMINING NETWORK BUILDING BLOCKS
Many parts of the network need to work together in harmony. Administrators must
understand how these parts fit together so they can determine how to create an efficient
and balanced network. For example, you should not buy an extremely fast server when
your connection to the Internet is very slow. Administrators must also prevent malicious
hackers from penetrating or disrupting the Web environment. Because hackers exploit
the basics of the TCP/IP model to do damage, you must understand these basics so you
can protect your system.
This chapter provides an overview of networking and telecommunications. Chapter 2
focuses on the addressing part of the networking model. When you learn about securing the Web server in Chapter 10, you will examine other parts of the model to see how
you can protect the server against attacks such as a SYN flood, Ping of Death, smurf
attack, fragmentation bomb, and spoofing.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
14
Chapter 1
The Basics of Server and Web Server Administration
As a Web server administrator, you need to look at the network as a logical model to
understand how computers communicate, and as a physical structure to understand how
network components work together. In the following section, you first examine the logical model, and then learn about the components of a LAN and a WAN.
Understanding the OSI Model and the TCP/IP Model
You use the Open Source Interconnection (OSI) model and Transmission
Control Protocol/Internet Protocol (TCP/IP) model to understand network
communication.The OSI model defines the building blocks that divide data communications into discrete parts. TCP/IP comprises a suite of protocols that are used in data
communication. A protocol is a set of communication rules. For example, when you
mail a letter, you follow a protocol to correctly address the envelope. In data communications, protocols define the details of how each task is performed.
The objective of the OSI and TCP/IP models is to show the division of tasks needed to
communicate on a network. For example, suppose the sales manager at TechnoWidgets,
Inc., in Phoenix, Arizona, decides to send a sample of a new widget to an important customer in San Francisco, California.To send the widget from one place to another, many
specialists are involved, as shown in Figure 1-3.The sales manager gives the widget to an
assistant, who packages it and calls the transportation company that will carry the package to the customer.The person who picks up the package doesn’t know where the customer lives, but takes it to a central sorting center.The people at the central sorting center
don’t care about the street address, but send the package to the San Francisco sorting center. The people at the San Francisco sorting center deliver it to the customer’s business.
There, an assistant takes the device out of the package to allow the customer to admire
the new widget.When the sales manager calls to find out whether the customer likes the
widget, he or she does not need to know all the steps taken to convey the device from
one place to another—only that the customer has received it.The sales manager and the
customer communicate at the same level, yet the sales manager needs to understand only
how to transfer the package to the assistant. This process is very similar to the way in
which the networking models function. Each level communicates with its corresponding
level at the other end without needing to understand what happens outside that level
except to communicate to level(s) adjacent to it.
Examining the OSI Model
The OSI model was designed in the 1970s and implemented in the 1980s to show how
networking protocols should function. It consists of seven layers, which separate the
complex task of communication into manageable parts. By dividing the tasks into layers, a protocol needs to be concerned only with specific tasks and the way in which it
communicates with the layer below and above it. The highest layer describes the link
between the computer system and TCP/IP, and the lowest level describes the data as it
is either leaving or entering the computer. See Table 1-1.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Network Building Blocks
15
1
Boss has widget
Client has widget
Boss gives widget to
assistant
Assistant gives widget
to boss
Assistant packages
widget and
addresses it
Assistant takes
widget out of
package
Assistant gives package to
delivery person
At regional sorting
facility, add routing
information
Delivery person gives
package to assistant
Package sent to
regional sorting facility
of client
Figure 1-3
Sending a package divides tasks
Table 1-1
OSI model
At regional sorting
facility, determine
which delivery
truck to use
Layer
Name
Description
7
Application
Responsible for low-level application access to the
network. An example of an application that works at
this level would be FTP, which transfers files from one
computer to another.
6
Presentation
Can convert data into a format that is understandable to
the Application layer. Encryption and decryption occur at
this layer.
5
Session
Can open communication with another computer,
maintain it for a specified period, and then shut down
the communication.
4
Transport
Responsible for transporting the data from one computer
to another. Protocols at this level include TCP (used
for communications between the browser and the
Web server) and UDP (used for communication with
a DNS server).
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
16
Chapter 1
Table 1-1
The Basics of Server and Web Server Administration
OSI model (continued)
Layer
Name
Description
3
Network
Primarily responsible for addressing between two
computers. It is also responsible for fragmentation and
reassembly of packets if the devices through which the
packets flow have different capabilities. The IP protocol
is at this layer. Another protocol, ICMP, provides error
messages.
2
Data Link
Responsible for the interface between the packets coming
down through the upper layers and the physical layer. It
puts the interface in a data frame that is designed for a
specific medium and then sends it on to the Physical layer.
1
Physical
Responsible for transferring the data to the network
medium. Ethernet is a common transfer method.
The OSI model is part of the networking vocabulary. For example, a switch is a device
that takes data from one computer and sends it to another computer to which it is
directly connected. This situation is analogous to sending a package in Phoenix to
another place in Phoenix. Such communication takes place at Layer 2 of the OSI model.
Other switches are Layer 3 switches, which means that they can work at the Network
layer.This situation is analogous to moving the package from Phoenix to San Francisco.
By stating that a product is a Layer 3 switch, you should understand that the term refers
to Layer 3 of the OSI model and recognize what that entails.
Examining the TCP/IP Model
As opposed to the theoretical OSI model, the TCP/IP model is a real-world model based
on how TCP/IP actually works.The TCP/IP model doesn’t correspond exactly with the
more common OSI model, as Table 1-2 shows.Actually,TCP not only performs the tasks
at the Transport level of the OSI model, but also handles some of the tasks at the Session
level of the OSI model. The first three layers constitute the TCP/IP protocol suite.
Table 1-2
TCP/IP model
Layer
Common components
OSI reference layer
Application
HTTP, SMTP, POP3,
FTP, DNS
Application
Presentation
Session
Transport
TCP, UDP
Transport
Network
IP, ICMP
Network
Physical
Ethernet, FDDI
Data Link
Physical
Because the OSI model is a general-purpose model, you can use it to better understand
other protocols such as IPX/SPX, NetBEUI, and Appletalk. These protocols have been
used in LANs for many years but are not common today.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Network Building Blocks
17
Most of the protocols will be explained in depth in the following chapters. For now,
understand that the protocols provide the rules to make sure that all TCP/IP systems
can interoperate. They need to interoperate both the application level and the lowerlevel data communication layers.The following list briefly describes the main protocols:
■
Hypertext Transfer Protocol (HTTP)—Web servers implement this protocol,
which allows you to request a Web page or send a completed form to a
Web server for processing. Examples include IIS and Apache.
■
Simple Mail Transfer Protocol (SMTP)—E-mail servers implement this protocol,
which allows you to send mail to another e-mail server. Examples include
Microsoft Exchange and Sendmail.
■
Post Office Protocol Version 3 (POP3)—E-mail servers implement this protocol,
which allows users to retrieve mail from an e-mail server. Examples include
Microsoft Exchange and Sendmail.
■
File Transfer Protocol (FTP)—FTP servers implement this protocol, which is
used to transfer files to and from a server. Both Windows and Linux have
FTP servers that are included with the operating system.
■
Domain Name Service (DNS)—DNS servers implement this protocol to translate
names into IP addresses and IP addresses into names. For example, when you
type www.technowidgets.com into a browser, a DNS server must first translate
that name into an IP address before the request can be sent to the Web server.
Berkeley Internet Name Domain (BIND) is the most popular program used
to implement DNS. Microsoft also has a DNS server.
■
Transmission Control Protocol (TCP)—This protocol creates a reliable connection
between two computers.TCP is used as a primary means of communication
by HTTP, SMTP, POP3, and FTP.
■
User Datagram Protocol (UDP)—This protocol does not establish a connection
between two computers as TCP does, but simply sends a message. This ability
makes it a good protocol for sending short, discrete messages, such as requesting the IP address for www.microsoft.com from a DNS server. UDP relies on
the application that implements it to make sure that the message gets to its
destination.
■
Internet Protocol (IP)—This protocol provides an addressing scheme so that it
can determine whether the data packet should be sent to a computer that is
physically connected on the same network or to another computer that can
route it to the destination computer. It can also provide fragmentation and
reassembly of data. (See Chapter 2 for more information about IP and
addressing.)
■
Internet Control Message Protocol (ICMP)—This protocol provides error messages.
When you use the ping utility and it returns an error, it is from ICMP.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
18
Chapter 1
The Basics of Server and Web Server Administration
Now that you have learned about the networking building blocks, you need to see how the
components in a network come together to transfer the data from one computer to another.
Identifying Network Components
To design an appropriate Web environment for the needs of your organization, you must
first understand the common network components. The overall design needs to be balanced so that a bottleneck will not cause problems with the rest of the network. In a Web
server environment, data must travel between your Web server and the user’s computer.
This section discusses the common components you need to consider when designing a
Web network environment. After considering the specifics of the network configuration,
you must evaluate the performance of the network and determine its capacity.You also
need to determine how to measure network performance.
Identifying Common LAN Components
Recall that a LAN is a network that spans a relatively small geographic area, such as an
office, a single floor in a building, an entire building, or even multiple buildings in an
office park or campus.The most common network technology in use today is Ethernet,
which connects multiple devices, such as PCs and printers, on a LAN. With Ethernet,
these devices can send information across the cables that connect them, thereby passing
information from one device to another. Figure 1-4 diagrams a simple LAN.
Server
Ethernet switch
Printer
Workstation
Figure 1-4
Workstation
Workstation
Workstation
Simple network diagram
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Network Building Blocks
19
Note the Ethernet switch shown in Figure 1-4. A switch is a central device that allows
PCs to communicate with one another.A data cable connects the NIC of each computer
to the switch. Ethernet switches work at several speeds. Standard Ethernet communicates
at 10 Mbps, but other Ethernet speeds include 100 Mbps and 1 Gbps. Switches operating
at a speed of 100 Mbps are the most common today.
Whatever configuration your network uses, the server should have a higher connection
speed than the workstations that are accessing it, because the server is a central resource.
For example, suppose you have a network of 100 workstations and one server, all connected at 10 Mbps. If all 100 of those workstations wanted to access the server at the same
time, they would overload the connection to the server. Even if the server had enough
processing power to supply the data, its connection speed would allow it to send data only
at 10 Mbps to the network, so the data would take longer to travel to each workstation.
Although that number of workstations could technically overload a server even if it had a
100 Mbps connection, normally traffic is not so sustained that a 100 Mbps connection
could not manage it. For this reason, it is common practice to connect servers at 100 Mbps,
1 Gbps, or even higher rates.
Your connection speed to the Internet is even more critical. The typical connection
speed of 1.544 Mbps is merely a fraction of the speed possible with standard Ethernet.
You want to make sure that your users and your Web server exchange data in an acceptable amount of time, but minimize the cost of your Internet connection by purchasing
only what you need in terms of the speed of your connection.
Connecting Your LAN to the Internet
A WAN is a telecommunications network operating over an area that can span a few
miles or reach another country.Whereas you control the cabling in a LAN, the WAN is
typically a shared, public network.You connect your LAN to a WAN that is connected
to your ISP, and your ISP provides the connection to the Internet. In essence, a WAN
is a network that begins where the connection at your building ends. Although your
focus in using the WAN is to connect to the Internet, you could also use the WAN to
connect your main office in Chicago to your branch office in Walnut Creek.
A common method of connecting to a WAN from a business is through a T1 line, which
is a digital connection that is used only for data and voice transmission. Alternatively,
you could use other types of T-Carrier WAN connections, as listed in Table 1-3.You will
learn about other WAN connection options shortly, but for now note these T-Carriers
are the most common building blocks for WANs. Many other connection types exist as
well, including ISDN, DSL, and cable modems.
When deciding which connection to use, you must consider your organization’s overall
needs for speed and cost. For instance, a small company with a small Web server could
use a 64 Kbps fractional T1, but a larger company with a much busier Web server might
require multiple T1s. In these cases, you can keep increasing the capacity to the point of
matching companies such as Microsoft, which use multiple T3s.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
20
Chapter 1
Table 1-3
The Basics of Server and Web Server Administration
Common T-Carrier connections
Connection type
Speed
Description
Fractional T1
64 Kbps increments
up to T1
Used when you do not need a full T1
connection. A T1 connection is divided into
24 channels, and one channel is 64 Kbps.
T1
1.544 Mbps
T1 is the most common digital leased-line
service. Each channel in a T1 circuit can
carry voice or data transmissions, and
you can combine multiple T1s to provide
additional speed.
T3
44.736 Mbps
T3 is equivalent to 28 T1 circuits. Its
speed is often rounded and referred to as
45 Mbps. Like fractional T1s, fractional T3s
allow customers to lease less than the full
T3 rate.
The appropriate connection speed for your Web server is difficult to gauge accurately.
Ask the following questions to determine the speed you need:
■
How much data will a typical user request?
■
How many users will access your Web server simultaneously?
■
How many pages will the typical user view?
■
What is the typical user’s tolerance for delay?
■
Will the access be spread throughout the day or will it be focused on a few
hours in a day?
■
How long will it take for the estimated number of users to double? A month?
A year?
■
What is the average size of your Web page?
■
How will the average size of your Web page increase over the next year as
you incorporate more graphics? (This factor could easily increase the average
size of your Web pages by five or ten times.)
■
If your Web server shares its connection with users in your organization who
need a connection to the Internet, how will their needs change over time?
Selecting a connection type and determining the optimal connection speed are more of
an art than a science for a company connecting its Web server to the Internet for the
first time.The main thing to consider is the need for future growth.The T-Carrier connections offer the most growth potential.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Network Building Blocks
21
Connecting Your Network to a WAN Using a T-Carrier Line
You use a few standard components when you connect your network to a WAN using
any T-Carrier line, whether fractional T1, full T1, or T3. Even though T1 and Ethernet
networks are digital, they send data in very different ways.You need certain components
to translate the digital format of the data arriving via a T1 line to the digital format that
is acceptable to your LAN. In an organization where users share the connection to the
Internet, your Web server will share the network with users. Although Figure 1-5 shows
one way to connect these devices, technology has advanced to the point that you can
connect a T1 line directly into a WAN interface card in a computer.
Internet
CSU/DSU
Router
(Can be combined
with firewall)
Switch
E-mail server
Figure 1-5
Web server
DBMS server
Network diagram showing T1 WAN components
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
22
Chapter 1
The Basics of Server and Web Server Administration
The following list describes the typical components in a connection to a T-Carrier
WAN line:
■
Channel Service Unit/Data Service Unit (CSU/DSU )—This unit really includes
two devices in one. The CSU portion is on the WAN side and serves two
purposes: It transmits and receives the digital signal, and it provides an electrical buffer from either side of the device. The DSU translates between the
digital signal on the T1 side and the serial connection on the LAN side.
■
Multiplexor —This optional component provides a mechanism to load multiple
voice and data channels into a single digital line.This strategy could be used
in a case where you want to split your T1 line into two parts and then carry
data across one part and phone traffic across the other part. A multiplexor is
not required.
■
Router —Although routers can serve a variety of functions, the router used
to connect a T1 line to a WAN is specialized. A serial connection provides
communication with the CSU/DSU or multiplexor. That connection routes
to one or more Ethernet ports. The Ethernet port, in turn, provides the connection to your LAN. More details about routing are in the “IP Addressing”
section of Chapter 2.
Tip
It is easiest to think of the CSU/DSU as being a kind of digital modem. Just
as a modem provides an interface between the telephone line and your computer, so the CSU/DSU provides the same interface for your LAN. Likewise,
a modem provides a serial connection to your computer just as a CSU/DSU
device provides a serial connection to your LAN.
Using an Integrated Services Digital Network Connection
An integrated services digital network (ISDN) connection offers a digital service capable
of carrying voice, video, or data communications. Although it was defined in 1984, ISDN
connections became popular only in the 1990s as compatibility problems eased. ISDN
remains popular in applications where users need a private connection to a company network to telecommute but speeds higher than those offered by a typical modem. ISDN is
also used as a backup when the main line malfunctions. It is a dial-up service:You must dial
a number to reach the system that accepts the ISDN connection and connect to the local
telephone service, just as you do with a standard telephone call with a modem. However,
because ISDN is a completely digital service, it can provide higher capacity across the phone
system’s wires. ISDN lines connect to the LAN via a terminal adapter (TA), sometimes
referred to as an ISDN modem.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Network Building Blocks
23
ISDN offers two service types:
■
Basic Rate Interface (BRI)—This service provides three channels of data transfer.
Two channels carry up to 64 Kbps of data and are referred to as “B” or “bearer”
channels.The third channel carries data at a speed of 16 Kbps and is referred to
as a “D” or “delta” channel. In a typical BRI connection, the two B channels
transmit the data and the D channel manages the link.
■
Primary Rate Interface (PRI)—This type of service provides a significantly
higher amount of bandwidth and divides the equivalent of a T1 line into
24 channels. PRI uses 23 B channels, each capable of carrying data at
64 Kbps, and one 64 Kbps D channel to manage the link.
The BRI provides data transfers at a speed of 128 Kbps, which may be appropriate for
a user to connect to a private company network, but probably is not adequate for a typical Web server.The PRI channels use a T1 line, so their capacity is 1.544 Mbps, which
is appropriate for a small to medium-size company.
Using a Digital Subscriber Line
As with ISDN, a digital subscriber line (DSL) allows you to transfer data at high speeds
over conventional telephone lines. Many types of DSL connections are available, and they
are characterized by their download and upload speeds. Download speed measures how
fast you can transfer data from a server such as a Web page or a file, while upload speed
indicates how fast you can send data to the server such as a Web page request or an e-mail
message with attachments. Typically, download speeds are more important than upload
speeds for users.The most common include the following:
■
ADSL (Asymmetric DSL)—DSL recognizes that typical home users are more
interested in fast downloads than fast uploads, so ADSL has a faster download
speed than upload speed. The speeds vary depending on the service that you
request. ADSL supports rates ranging from 1.544 Mbps to 6.1 Mbps for
downloads and from 16 Kbps to 640 Kbps for uploads.
■
IDSL (ISDN DSL)—IDSL has only one speed, 128 Kbps. It is typically used
by those who live out of range of the other DSL options.
■
RADSL (Rate Adaptive Digital Subscriber Line)—RADSL is a variation of ADSL.
When the modem starts, it tests the line to adjust its operating speed to the
fastest speed that the line can support. RADSL supports rates ranging from
640 Kbps to 2.2 Mbps for downloads and from 272 Kbps to 1.088 Mbps
for uploads.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
24
Chapter 1
■
The Basics of Server and Web Server Administration
SDSL (Single Digital Subscriber Line)—Although the word “single” means that
it just needs a single line as opposed to earlier DSL standards that required
more lines, the main significance of SDSL is that the upload and download
speeds are the same. SDSL operates at rates up to 1.544 Mbps.
You can use the information in the preceding list to determine which types of DSL are
appropriate for a home user and which are appropriate for a business user with a Web
server. A Web server receives very small packets of data requesting Web pages. The
Web server responds to each request by transmitting a relatively large Web page. The
Web server needs more upload speed than download speed, so SDSL is appropriate. On
the other hand, ADSL provides the opposite of what a typical business with a Web
server needs, because it provides faster download speed than upload speed. ADSL is
therefore more appropriate for a home user, though it can be appropriate for a business in some cases. For example, a business with many users needs fast downloads
because their requests for Web pages are small compared to the size of the Web pages
returned. Perhaps the users have a Web server that just has basic information about their
company, but the Web server is never expected to have many simultaneous users. ADSL
would be appropriate for this type of business. SDSL is the best solution where the
emphasis in the business is the Web server and allowing users to access the Web server
at relatively high speeds.
Note that not all ISPs offer services that reach speeds of up to 1.544 Mbps. Your ISP
should allow you to start with a slow speed and grow to the maximum speed.
Tip
Download is often referred to as “downstream,” and upload is often referred to
as “upstream.” The Web site www.dslreports.com is a good resource for information about DSL service and its providers.
One limitation of all varieties of DSL is signal degradation, although this concept
is not unique to DSL. (ISDN is also particularly susceptible to signal degradation.)
Signal degradation involves the loss of signal strength as the signal moves farther from
the source. To use DSL, you must be located within a certain distance of a telephone
switch to avoid signal degradation. The distances vary, but with some versions of DSL
a client must be located within 3,000 meters of a switch. Some DSL variants allow
distances of up to 8,000 meters. Generally, the DSL provider will conduct a line test
to determine whether a business or home telephone line can handle a DSL connection.Telecommunication technology has advanced to the point that most business and
home users can get DSL. Figure 1-6 shows a typical way to connect to the Internet
using DSL.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Network Building Blocks
25
1
Telco
Telephone line
Splitter
Data
Voice
DSL “modem”
Ethernet
Telephone
Workstation
Figure 1-6
DSL connection
Using Cable Modems
Although cable modems are designed for the home user market, they are used in business as well. Like DSL, cable modems allow a wide range of communication speeds and
often have different upstream and downstream speeds. Unlike DSL, cable modems do
not use standard phone lines, but transmit a signal along the same line as your cable TV.
See Figure 1-7.
Cable modems typically share access, which means that everyone receiving cable service
from the same provider in the same area or neighborhood competes for the amount of
capacity available. (Standard Ethernet operates in the same way.) This shared access won’t
be a problem if your service provider expands its service as it adds new users. Unlike
with T-Carrier, ISDN, and DSL connections, however, the performance of cable modem
connections can degrade significantly over time.You should therefore make sure to work
out a quality-of-service agreement with your cable provider that guarantees a certain
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
26
Chapter 1
The Basics of Server and Web Server Administration
level of performance. Many cable providers offer a dedicated cable connection of up to
1.544 Mbps that costs less than many ISPs offering T1 service using standard T-Carriers.
Coaxial cable
Internet
Cable modem
Cable modem
Cable modem
Ethernet connection
Figure 1-7
Cable modems share a connection to Internet
Much of the previous discussion focused on the speed of connections using a variety of
technologies. Because this consideration is so important, you need a deeper understanding of how speed applies to connecting a Web server to the Internet.
Understanding Bandwidth and Throughput
Although bandwidth technically means the width of a band of frequencies, it is expressed
in bits per second (bps)—that is, the theoretical maximum amount of bits that can be sent
in a second.The speed estimates in the previous section were calculated in terms of their
bandwidth. Another factor that affects the actual speed is throughput, which is the
amount of data you can move from one place to another in a given time period. A pipe
carrying water is a common analogy for bandwidth and throughput. In this case, the bandwidth is the total capacity of the pipe; the throughput is the amount of water flowing
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Network Building Blocks
27
through the pipe in a certain amount of time. Both bandwidth and throughput are typically measured in units of bits per second: kilobits, megabits, or gigabits, as appropriate.
Mbps and Gbps are typically used when specifying the speeds of the network.
Tip
Be sure to distinguish between measurements in bits (e.g., Mbps) and those
in bytes (e.g., MBps). Measures relating to speed are usually expressed in bits
per second when describing data transfer speeds for networks, whereas data
transfer rates within a computer such as hard drive transfers are often
expressed in bytes per second. There are eight bits in one byte, so 1 MBps is
eight times faster than 1 Mbps.
Throughput as a percentage of bandwidth is a useful measure of how much data you can
expect to transfer between your Web server and the user. This “bandwidth utilization”
rate tells you how much of the bandwidth you are actually using. Keeping track of your
utilization patterns allows you to plan for future growth. For instance, the bandwidth of a
typical Internet connection is 1.544 Mbps. If you have an average throughput of 768 Kbps
(meaning that 768 Kbps of a potential 1.544 Mbps of data is passing through the network), then your network has a utilization of approximately 50 percent.This bandwidth
utilization rate is desirable because it shows that you are not overloading your connection. It is important to keep track of the utilization rate during times that your users are
most often connecting to your server. For instance, it is misleading to analyze throughput over a 24-hour period if most of your traffic occurs in a 4-hour time span during the
day. If your bandwidth utilization typically remains under 80 percent, your users should
be able to display pages without too much of a delay. If the demand for Web pages exceeds
these levels, your users will have to wait longer to see each page.
Your ISP can often provide you with software to monitor your throughput so that you
can determine when your network experiences the heaviest traffic.You also need to realize that you can never reach 100 percent utilization. A difficult task when trying to select
the ISP that will provide your Internet connection is finding out what the average
throughput will be. Just because all the companies you are considering offer a 1.544 Mbps
connection, it does not mean that your maximum throughput will be the same in all
cases. Some ISPs sell so many T1 lines that their connections to the Internet cannot adequately support them all.
The puzzle of identifying LAN components and connecting the LAN to the WAN has
many pieces. The most complex piece is learning about the WAN connection. Because
the ISP industry is highly competitive, pricing and services change rapidly. What is the
most popular and cost-effective solution one year may not be as popular the next year.
Although the T-Carrier approach offers virtually unlimited expandability, most businesses will probably never need to expand beyond 1.544 Mbps. At 1.544 Mbps, you can
select between T1, SDSL, and a dedicated cable modem. Which option you choose
depends on the combination of services that is available in your area.
For many organizations, setting up a Web environment on their own premises is not appropriate.These businesses may choose instead to have another business host their Web sites.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
28
Chapter 1
The Basics of Server and Web Server Administration
Understanding Web Hosting Solutions
Web hosting offers an alternative to setting up your own Web server environment.There
are many types of Web hosting services to fit every budget.
Tip
Web hosting can be a viable solution if you do not currently have the inhouse expertise necessary to install, configure, and maintain your own Web
environment.
Having another company host your Web site offers some significant advantages. When
you let another company host your Web site, you do only the Web site development.The
Web hosting company can even help you register your domain name and supply e-mail
for you.You do not have to worry about bandwidth, because the Web hosting company
should have enough bandwidth for your Web site. The Web hosting company is also
responsible for keeping you connected to the Internet and typically has technical support
personnel available 24 hours a day to ensure connectivity. It can offer many services that
you can add as you grow. The following list includes some common types of Web hosting services:
■
Standard hosting—Your site resides on the same computer with many other sites.
This option is the cheapest solution, but your response times may vary depending on the popularity of the other sites.You will probably use FTP to upload
and download pages. Standard hosting is similar to having a Web site like the
one that is typically available when you sign up for a home connection.
■
Dedicated server—You have a server that only you use.There are a variety of sizes
from which to choose, so you get only the type of computer that you need.
■
Co-location—Your own server is physically located at the company that does
your Web hosting. The firm is responsible for maintaining the connection to
the WAN, and you are responsible for configuring the software on the server.
Co-location makes it easier to take the final step of moving the Web server
to your own environment because the hosting company supplies only the
connection.
Although Web hosting seems like an easy and straightforward solution, consider the problems it can present. Always remember that you are putting a system with significant
importance to your organization in the hands of someone else.What happens if the Web
hosting company suddenly goes out of business? Also, if you want to create dynamic
pages, what programming language do you use? Not all Web hosting companies offer the
same languages, and some languages might cost more than others. What kind of DBMS
can you use? Will Microsoft Access be sufficient? Will you need Microsoft SQL Server?
Will you require a server just for your own use, or can you share it with one or more
organizations? How will you get your data and Web pages to and from the server? How
much traffic can you expect on your Web site? The more traffic you get, the more you
will have to pay. Be sure to find answers to these types of questions before contracting
with a Web hosting company.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Comparing Web Server Platforms
29
A Web hosting company can also provide the following services:
■
Help in registering your domain name—it probably has access to the two DNS
servers required when you register the domain name
■
E-mail setup for you and other members of your organization
■
Templates to facilitate Web site development
■
E-commerce services, including shopping carts and credit card processing
Web hosting solutions are an important option to consider for an organization that seeks
to create a Web presence.They can be a cost-effective method to get started on the Web.
COMPARING WEB SERVER PLATFORMS
One of your major decisions as a Web server administrator is to select a computing platform
for your Web server, a decision that usually involves choosing between Microsoft Windows
and a UNIX-related operating system. Each platform has its strengths and weaknesses. In
addition, you need to select which version of the platform you want to run. Within
Windows, you have to consider the Windows NT, Windows 2000, and Windows 2003
operating systems. Each operating system also offers different editions, such as Windows
Server 2003 Web Edition and Windows Server 2003 Standard Edition. Likewise, UNIX
and Linux are provided in different versions and distributions. Some computer manufacturers offer their own versions, such as Sun Solaris and IBM AIX. Linux comes in
several different varieties, such as Red Hat and Mandrake.
With Linux, both the server and the client workstation can use the same operating system. The Windows environment is different. Microsoft client operating systems include
Windows NT Workstation,Windows 2000 Professional, and Windows XP.You cannot run
Microsoft Exchange on any of the client operating systems. Instead, you must purchase the
corresponding server product to run Microsoft Exchange and any of Microsoft’s server
products. Some client products also offer reduced versions of software that is available in
the server products. For example, the client operating system might include a Web server,
but it will be less capable than the Web server offered on the server operating systems.
Microsoft Windows Platforms: NT, 2000, and 2003
All Windows platforms can fulfill the basic requirements of a Web server and all related
tasks. Windows NT Server was released before Microsoft recognized the importance of
the Internet.Windows 2000 Server offers much better integration between the operating system and Web-based applications. Windows 2003 completely integrates and
extends the Web-based application model. It represents a major shift toward putting the
Internet and all the related software at the center of the operating system.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
30
Chapter 1
The Basics of Server and Web Server Administration
Windows NT Server
Windows NT, a product of the early 1990s, remains a reliable platform for a Web server. It
was designed without considering Web servers, but Microsoft has since improved successive
versions to accomodate Web servers.Although Windows NT was originally less reliable than
its successors, service packs and improved drivers have enhanced its reliability over time.
The Web server from Microsoft is called Internet Information Server (IIS), and it was
first released in the mid-1990s to provide Web pages, FTP, and Gopher, a technology to
organize information that predates the Web server. Microsoft later added the ability to
program using Active Server Pages. CGI scripts were available, but they proved less popular than they were on UNIX/Linux systems. Throughout the 1990s and into the new
millennium, Microsoft has continued to improve IIS and its support for languages and
security. Under Windows NT, IIS progressed to version 4.0.
Windows 2000 Server
Although Windows 2000 has been replaced by Windows 2003, it remains a capable operating system that works with many hardware devices and software packages. The
Windows 2000 Server family has three members:Windows 2000 Server,Windows 2000
Advanced Server, and Windows 2000 Datacenter. Windows 2000 Server is the basic
model, and Windows 2000 Advanced Server is the more advanced version. The major
advantages of Windows 2000 Advanced Server are that it doubles RAM support from
4 GB to 8 GB, doubles the maximum number of processors from 4 to 8, and supports
clustering, which enables you to group several servers to act as one server.
Windows 2000 Datacenter offers up to 64 GB of RAM and up to 32 processors.
One significant difference between Windows NT and Windows 2000 is the addition of
Active Directory Services (ADS) in Windows 2000.You can use ADS to support a much
larger network with many more aspects to configure. See Figure 1-8.Whereas Windows
NT allows you to manage relatively small networks,ADS provides a single point of management for Windows resources in very large network environments. This capability
simplifies the management process and allows for a much higher level of scalability than
is possible with Windows NT. Although Windows 2000 uses domains, many more network resources beside users and groups can be tracked. Even within the concept of the
user, much more information about the user can be stored. Domains can be broken
down into organizational units (OUs).
Naming and keeping track of computers are more complicated tasks in a larger network.
To ease these tasks, Windows 2000 introduced Dynamic Domain Name Service
(DDNS), which offers an Internet-oriented method of tracking computers. Similar to
how a browser finds the location of a Web server, DDNS allows individual computers
in a network to find other computers and resources. DDNS also changed computer
naming to fit the Internet model. Instead of calling your computer PC1, for example, it
can be called PC1.technowidgets.com.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Comparing Web Server Platforms
31
1
Figure 1-8
ADS computers and users
Windows 2000 comes with IIS 5.0, which is a more reliable Web server than IIS 4.0
under Windows NT. With IIS 5.0, you can restart Web services without rebooting the
computer, and you can run applications isolated from the Web server program.The isolation means that if the application fails, it won’t cause the Web server to shut down.You
can also create custom error messages and track more detailed information when managing the server, such as the amount of time used by processes. For example, instead of
displaying the standard HTTP 404 error, “This page cannot be found,” you can display
a more helpful page that may include a link to a site map. IIS 5.0 also provides significantly improved remote administration and browser-based administration.
Under IIS 5.0, Active Server Pages has been improved. Although HTML pages are still
simply sent to the user who requests them,ASP pages are processed by another program;
this strategy increases the time it takes to get the page to the user. This delay is acceptable because normally the processing generates HTML code. However, in some cases,
you might send an ASP file that does not need to be processed.This so-called scriptless
ASP processing bypasses the service that processes ASP pages.
The life of Windows 2000 has been extended by the ability to install .NET Framework,
which changes the programming capabilities of the Web server.The .NET Framework is
explained in the next section.
Windows Server 2003
Windows Server 2003 represents a significant departure in the area of the Web server environment. It builds on Windows 2000, providing many improvements to implementing
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
32
Chapter 1
The Basics of Server and Web Server Administration
and maintaining a Windows 2000 network design. The Windows Server 2003 family has
four members. The following list highlights their features that are most important for the
Web server environment:
■
Web Edition—Full use of .NET Framework, IIS 6.0, Network Load
Balancing, maximum RAM of 2 GB, and up to 2 processors.
■
Standard Edition—Same as Web Edition, except that it has Windows
Media Services, Internet Connection Firewall, Terminal Server, Internet
Authentication Service, Internet Connection Sharing, and up to 4 GB
of RAM.
■
Enterprise Edition—Same as Standard Edition, except that it supports the 64-bit
Intel Itanium-based computers, up to 8 processors, up to 64 GB of RAM for
Itanium-based computers, and 32 GB for others.
■
Datacenter Edition—Same as Enterprise Edition, except that it supports up to
64 processors, up to 512 GB for Itanium-based computers, and 64 GB for
others. However, it does not have Windows Media Services, Internet
Connection Firewall, or Internet Connection Sharing.
New to the Windows Server 2003 family is product activation.To use the product beyond
a specified number of days, it must be activated with a special code from Microsoft.This
requirement ensures that each server product purchased will be used on only a single
computer.
The .NET Framework is central to the .NET Web environment. This improved programming model allows sophisticated programs to be developed for use on the Web.
One important aspect of .NET Framework is its use of XML, which basically turns data
into text that can easily be transmitted from computer to computer. Instead of allowing
users to connect to Web servers to view pages, computers can contact other computers
to transfer purchase orders or a variety of other information. Because XML and its associated technologies have industry support, servers with different operating systems can
communicate readily.The underlying programming language is more powerful than the
older ASP.
Other Microsoft Server Products
Server products besides a DBMS can run on a Microsoft server, and perform specialized tasks
that may be useful in some organizations. Many are appropriate in a Web environment.
■
Application Center —Allows you to manage a cluster of servers as if it is one
server. This ability can be important when your Web site is spread across
multiple servers in a cluster. Application Center is also compatible with
other server products such as Biztalk Server.
■
Biztalk Server —Connects to your business partners over the Internet using
XML. XML is data in text form, which allows computers to easily send data
to one another. Biztalk helps you model your business processes so you can
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Comparing Web Server Platforms
33
describe exactly what needs to be sent and received. To make this task easier,
Microsoft offers hundreds of adapters, which are processes that are already
configured for such popular systems as SAP. They allow you to integrate
your custom applications with other products.
■
Commerce Server —Builds an effective e-commerce site in a short amount of
time by using the built-in templates for shopping carts and products. Targeted
marketing is simplified by being able to store customer profile information.
The model used is a pipeline: At various points in the pipeline, the programmer can customize the code to the needs of the business.
■
Content Management Server —Creates large and complex Web sites. The people
throughout your organization may be responsible for managing their own set
of pages, and the Content Management Server is designed to organize this
process. It helps in delivering personalized content to customers, employees,
and other users. It organizes development, staging, and live Web servers and
the flow between them. Sample templates and Web sites can help speed your
development.
■
Internet Security and Acceleration Server —Combines a firewall product with a
Web cache. The firewall allows you to set policies regarding what type of
traffic you will allow into and out of your Web environment, which helps to
prevent someone from doing harm to your system. A Web cache takes Web
pages that are requested frequently and stores them locally. When a user
requests the same page again, the request does not have to go to the Internet,
but can be retrieved locally.
■
Operations Manager —Helps decrease support costs for a server environment. It
comes with a preset series of alerts and rules to get you started. It can even
help you manage an environment with non-Microsoft products, such as
Oracle DBMS and UNIX-based servers.
■
Mobile Information Server —Gives you the capability to organize and send data
to a variety of mobile devices. It can deliver secure wireless communications
to members of your organization. This server contains Outlook Mobile
Access, which allows you to track e-mails, tasks, and calendars on mobile
devices.
■
SharePoint Portal Server —Allows you to set up a site that can be highly personalized. A good example is my.yahoo.com, where you can choose the kind of
news you want to read, the color scheme of your pages, and many other
options.This server product helps you to set up such a site.
UNIX/Linux
UNIX was introduced in 1969 and continues to evolve today. Many variations of the
UNIX operating system have been introduced, and these multiuser operating systems are
employed as network operating systems by most non-PC networks today. Although
UNIX was the first open operating system, meaning that anyone could make their own
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
34
Chapter 1
The Basics of Server and Web Server Administration
version of it, the UNIX name remained an AT&T trademark for many years. It was eventually purchased by such networking companies as Novell and Santa Cruz Operations,
and is now owned by The Open Group.
UNIX consists of a kernel, a file system, and a shell. The kernel is a central high-security
portion of the operating system that contains its core elements. By isolating the kernel from
other applications so that computer processes or users cannot modify the core code and
interrupt services, UNIX provides a stable platform. The file system provides the input
and output mechanisms for the operating system.The shell provides the user interface to
UNIX. Because UNIX uses more than 600 commands, graphical user interfaces (GUIs)
were developed to simplify its operations. Even so, most UNIX administrators still perform
a significant amount of their work at the command line. Popular UNIX versions include
Sun Solaris, Hewlett-Packard HP-UX, IBM AIX, and the increasingly popular Linux.
Although Windows is a tightly integrated system, UNIX versions are different in that
you have more flexibility in combining the components that you need.When you start
a basic version of UNIX, all you see is a command prompt. There is no GUI as in
Windows. However, you can add a variety of GUIs. For example, KDE (K Desktop
Environment) is available on systems such as Linux, Sun Solaris, and FreeBSD.
As mentioned earlier, several companies and organizations have developed separate versions of UNIX since its introduction. By the 1980s, two strands of UNIX development,
AT&T and Berkeley, continued in parallel. The Berkeley strand was adopted by Sun
Microsystems, which used the Berkeley code as the basis for SunOS. IBM and HewlettPackard chose the AT&T version. By the late 1980s, several groups of companies had
formed associations with the goal of producing a single UNIX standard. This effort
failed, although the AT&T and Sun alliance produced UNIX System V, which remains
in use today. Solaris is the most popular example of a System V system. Another standard
developed around the Berkeley Systems Distribution (BSD). Examples of the BSD
implementation include FreeBSD and SunOS.
Tip
OpenBSD has a reputation for security, mainly because its developers made
security a priority during the development process. Although Sun intended
Solaris to replace SunOS, both remain in use today because customer demand
keeps SunOS alive.
Linux was developed separately from these other versions of UNIX. Because of this separate history, technically it is not a true UNIX version; instead, it is an operating system
that was written to appear and act like UNIX. However, most people approach Linux
as a version of UNIX. Linus Torvalds began his work on Linux in 1991, basing it on
Minix, which was included in a textbook on operating systems. Minix was very close to
UNIX but its purpose was to serve as a teaching tool. Because the source code is freely
available, Linux has been successfully enhanced and supported by a number of organizations, including Red Hat, Mandrake, SuSe, and Caldera. Although it is often more
convenient to purchase Linux on a CD, you can also download it for free.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Comparing Web Server Platforms
35
For a more complete listing of organizations that distribute their versions of
Linux, see www.linux.org/dist/index.html.
Tip
While each distribution of Linux has different strengths and weaknesses, all of them share
several elements. Each Linux distribution is built on the same Linux core code and distributed under the GNU General Public License, which states that while companies
can charge a fee for their customized versions of the core Linux code, they need to make
the source code available. As a consequence, you can typically obtain the Linux distribution for a low price, often for free. Companies that distribute the Linux code raise revenues by selling support for their software products. Linux’s popularity has also been
helped by ongoing announcements of support from large companies such as IBM and
Oracle. Even Sun, which has its own version of UNIX called Solaris, offers a SUN server
based on Linux.
Linux has been gaining popularity for a number of other reasons other than its low cost.
For one, it is very stable and is easier to make secure than a Windows server. Stability is
important because you rely on your server to keep functioning correctly. You do not
want it to stop running, nor do you want parts of the system to malfunction. Security
is highly desirable because you want to prevent intruders from harming your system.
Historically, Microsoft Windows has focused on functionality rather than security.
Although Windows is known for its extensive features, it has also been plagued by
numerous security holes.
Linux also runs on many hardware platforms, including those from Intel,AMD, and Sparc.
Processors from Intel and AMD are used in computers that run Windows; Sparc processors are used in computers from Sun.This wide support increases the system’s flexibility.
In the case of Intel processors, Linux runs well on a processor with far less computing
power than a corresponding Windows server requires.
Linux can be used as both a workstation and a server.When used as a workstation, the major
difference is that you add a GUI and its associated applications. As mentioned previously,
KDE is popular as a GUI, as is GNOME (pronounced guh-nome).
So far, Linux has not penetrated the corporate market to any significant extent. This is
partly due to the less sophisticated programs available for this system. However, the applications available are constantly improving and increasing in number.
Support from Oracle and IBM has given Linux the potential to become a platform for capable database servers.
Tip
Tip
Linux server and workstation versions are really the same, except that the
server installation includes server applications such as Apache Web server. For
more information on the Linux versions, see Chapter 3.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
36
Chapter 1
The Basics of Server and Web Server Administration
CHAPTER SUMMARY
❐
Server administration involves managing local users and their access to network
resources. The focus of the server administrator is within the organization.
❐
Web server administration involves managing the many applications that make up
the Web environment. It can encompass managing not only the Web server, but also
an e-mail server, FTP server, and others.
❐
Both server administrators and Web server administrators have to install, configure,
and maintain their servers. They have to make sure that if data is lost on their
servers, they can retrieve it. Security is always important, even though they may
use different techniques to ensure security.
❐
Many pieces make up a network, and they must all work together. A Web server
administrator must understand both the physical aspects of the network and the
underlying logical aspects. Without this knowledge, problems that require a simple
solution could seem baffling.
❐
There are many Web server platforms from which to choose. All have their
strengths and weaknesses, and all are constantly evolving. As a Web server
administrator, you should understand as much as possible about all the platforms.
❐
The Internet is a network of networks that is not controlled by a single organization. The cooperation of many entities, both governmental and private, ensures that
it continues to function. Although it is amazing that the Internet works so well, it
can also prove frustrating to a Web administrator who cannot find exactly who is
to blame when an e-mail message does not reach its destination.
REVIEW QUESTIONS
1. A(n)
is a network that connects computers and printers in a
building.
2. The bandwidth of a T1 line is
.
a. 45 Mbps
b. 1.544 Mbps
c. 10 Mbps
d. 1 Gbps
3. Which of the following is not a component that connects a T1 line to a LAN?
a. CSU/DSU
b. switch
c. multiplexor
d. router
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Review Questions
37
4. An ISDN Basic Rate Interface (BRI) line is composed of 23 D channels and 1 B
channel. True or False?
5.
DSL and
DSL support different downstream and upstream speeds.
6. Which of the following is the measure of how much data is actually transmitted
through a line in a given amount of time?
a. bandwidth
b. throughput
c. speed
d. utilization
7. Which of the following is a measure of the total capacity that a data line
can carry?
a. bandwidth
b. throughput
c. speed
d. utilization
8. The name of the most common programming language on Microsoft Web servers
is
.
9. Which of the following DBMS products is available for free?
a. Access
b. MySQL
c. SQL Server
d. Oracle9i
10. Which of the following is not a Linux distribution?
a. Red Hat
b. Susie
c. Caldera
d. Mandrake
11. Windows Server 2003 is available in four editions. They are
,
,
, and
.
12. Although cable modems are appropriate for home use, they cannot be used for
business. True or False?
13. Windows
Server 2003 has all the capabilities that you would
need on a Web server and can run on computers that use the Intel Itanium
processor.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
38
Chapter 1
The Basics of Server and Web Server Administration
14. An agreement that ISPs make to exchange data is called
.
a. viewing
b. peeking
c. peering
d. seeing
15. Which two devices are usually combined to form a single device?
a. CSU
b. router
c. DSU
d. multiplexor
16. When you send an e-mail message to someone, you are using
the
.
a. Web
b. Internet
c. e-mail network
d. none of the above
17. An example of a GUI environment for Linux is
.
a. Windows
b. NAP
c. KDE
d. BSD
18. Which of the following has the fastest speed?
a. SDSL
b. T3
c. T10
d. ISDN
19. Which version of Linux is considered the most secure?
a. Red Hat
b. Mandrake
c. SuSe
d. OpenBSD
20. A drawback of Linux is that it takes more computing power than a Windows
server. True or False?
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
39
21. Why is FTP not secure for uploading files?
a. The protocol is flawed.
b. The user name and password are sent to the server as clear text.
c. You cannot use user names and passwords.
d. FTP is extremely secure.
22. A firewall is a device that controls access to a network. True or False?
HANDS-ON PROJECTS
Project 1-1
Hands-on
Project
Visit the Linux Web site at www.linux.org and find the list of Linux distributions. How
many distributions are currently available? Choose three and describe in one to two
pages how they differentiate themselves from the other versions. Also explain which of
the three you would choose for a Web server and why.
Project 1-2
Hands-on
Project
Put together a shopping list and search the Web for the components that you would need
to connect a T1 line to your LAN.Write one to two pages describing which components
are on your list.Which brands, models, and prices for these hardware devices did you find
on the Web?
Project 1-3
Hands-on
Project
Go to the DSL site at www.dslreports.com. Research the different types of DSL products
available in your area. Write one to two pages describing the types of DSL lines available and their price range.
Project 1-4
Hands-on
Project
Search the Microsoft Web site for information on the company’s server products that
could be used in a Web environment besides Windows Server 2003 Web Edition,
Standard Edition, Enterprise Edition, and Datacenter Edition. List the primary uses of at
least two of the products.
Project 1-5
Hands-on
Project
This project involves using a command called tracert (pronounced trace route). Its primary
purpose is to display the names of the routers between your computer and another computer.A router connects one network with another. In this chapter, you learned the basics
of how the Internet fits together.This project shows you the actual path your data takes.
Your objective is to compare the paths that your data takes from a school computer to
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
1
40
Chapter 1
The Basics of Server and Web Server Administration
two destinations. What are the similarities in the results? What are the differences in the
results? If possible, try the same commands from home or from some other location. Once
again, compare the results with each other and with the results you got from school.
Each time your data is transferred from one router to another, the step is called a hop.
Which result took the most hops? Can you decipher where www.linux.org is located just
by looking at the result of the tracert?
To answer these above questions, go to the command prompt by clicking Start, pointing to Programs, pointing to Accessories, and clicking Command Prompt, and then
type the following two tracert commands:
tracert www.yahoo.com
tracert www.linux.org
Project 1-6
Hands-on
Project
Interview the server administrator or Web server administrator at your school. What
operating system does the Web server at your school use? How fast is the connection at
school? What other software related to the Web environment does your school have? For
example, does it have e-mail, programming languages, or a DBMS?
CASE PROJECT
In the Case Projects throughout this book, you will set up and work with a simple Web
server. In each Case Project, you will examine and practice various aspects of the Web server
environment. For example, in one chapter you will install and test the programming environment. In another chapter, you will focus on e-mail or firewalls.When you reach the end
of the book, you will have set up the major software components of a Web environment.
The Case Projects can be done in Linux,Windows, or both.
Case Project 1-1
Case
Project
You work for CWA, an accounting firm with five departments in one building and a total
of 600 employees. The firm runs a Windows 2000 LAN, with a UNIX e-mail server.
CWA leases space on a Internet service provider’s computer to host a simple Web site that
lists the services CWA provides. CWA wants to upgrade its Web site to accept and process
online financial forms and to calculate investment information for its clients. The company has asked you to research the kinds of hardware and software it needs to move its
Web site from its ISP to its place of business. Using this chapter and information you find
on the Internet, write two to three pages that identify CWA’s hardware and software
needs. Be sure to include computer specifications, network devices, connection types, and
operating systems.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
CHAPTER
2
PREPARING FOR SERVER
INSTALLATION
In this chapter, you will:
♦
♦
♦
♦
♦
Identify server categories
Evaluate server components
Plan for system disasters and reduce their effects
Evaluate network components
Set up IP addressing
I
n Chapter 1, you learned about network components, with an emphasis on
the Web server and related server products. In this chapter, you will focus
on server hardware and learn that how you use the server influences which
components you select. Because a server malfunction affects more people
than a single workstation malfunction does, you need to minimize server
problems, typically through duplication of hardware. You will learn which
server hardware enables you to optimize performance, and which hardware
components allow you to communicate with the other servers in your Web
environment and the Internet. Finally, you will learn about configuring IP
addressing for the servers.
41
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
42
Chapter 2
Preparing for Server Installation
IDENTIFYING SERVER CATEGORIES
Before examining the detailed components of a server, you need to know the general
categories of servers and understand how each type is used. For example, if you want to
configure an entertainment center, you need to know whether it will be used mostly
for watching television or for listening to music. You also need to know whether the
entertainment center is intended for a large room or a small apartment. The answers to
both questions will help you determine what kind of speakers to buy.
Similarly, determining the primary use of the server helps to determine the types of
components you need. For example, a file server requires high-speed disk drives, whereas
application servers require high-speed processors. Determining the necessary types of
components can be difficult in a Web server environment because you must consider the
need for a Web server, database management servers, and e-mail servers, as well as the
server requirements of programming languages and other systems.
Understanding File Servers
As its name suggests, a file server sends and receives files. For file servers, a fast disk subsystem is more important than the processor type. Nevertheless, you should make sure
that the file server’s processor is powerful enough to run applications efficiently.
The classic LAN typically used a file server. Novell, a manufacturer of LAN operating
systems, dominated the market for many years with its NetWare product, which used
disk systems very efficiently. However, adding applications to a NetWare server was not
as easy as adding applications to UNIX- or Windows-based servers.
In the Web environment, you can use a Web server that primarily contains static HTML
files as a file server. Because the Web server simply sends files from its hard disk to the
network, the processor does not have to do much work. Figure 2-1 illustrates this process.
However, many Web sites mix static HTML files and dynamic files that require processing by a programming language. To offset the processing burden of a programming language, large Web sites use application servers that specialize in creating dynamic pages.
You can also use an FTP server in the Web environment to transfer files, usually from
the server to users. For example, when you download applications, service packs, and
other large files, you are probably transferring them from an FTP server.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Identifying Server Categories
43
Web server with static HTML files
2
Processor
index.html
prod.html
info.html
HTML files
Internet
Powerful
disk subsystem
Figure 2-1
File server
Understanding Application Servers
The tasks performed by an application server are more complex than those carried out
by a file server. An application server runs server applications that wait in the background, ready to process requests, rather than user applications such as Microsoft Word.
Typically, a server application processes requests from many users at the same time. For
example, a server that contains a database management system (DBMS) is an application
server. Although the disk subsystem is important, a DBMS requires extensive processing
power because it often processes complex requests from many users. Figure 2-2 shows a
Web server working as an application server along with a DBMS.
An e-mail server is another example of an application server.While some e-mail servers
simply transfer files that contain e-mail messages, many also process data by verifying
that a user is valid and by testing connections with other e-mail servers to send and
receive files. Microsoft’s e-mail server, Exchange, is considered a groupware server that
performs services such as collaboration, task management, and meeting management,
making it an application server.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
44
Chapter 2
Preparing for Server Installation
DBMS
Web server
Search inventory
for items that have
a value for qty
that is less
than 100
Process programming
statements, and
produce HTML
from data retrieved
from DBMS
Processor
Request
inventory
data for
qty < 100
Processor
Request
inventory
report
Internet
Inventory
report
Disk
subsystem
Figure 2-2
Inventory
data
Disk
subsystem
Application servers
A Web server that sends static HTML files to the network requires no logical operations
or file processing. However, when the Web server adds support for programming languages such as Active Server Pages (ASP) or JavaServer Pages (JSP) technology, the
HTML pages work like applications. For example,ASP might process a text file to search
a database and produce a report on certain products. These operations could require
extensive processing power.
When considering which servers to select, you need to determine how they will be
used, which applications will run on them, and how the applications will be used. To
help select the appropriate mix of features, also consider whether these applications are
more disk intensive or processor intensive.
EVALUATING SERVER COMPONENTS
As you learned in the previous section, the purpose of the server determines which
components you need. Just as you need to balance the parts of a Web server system, so
you also need to balance components within the server computer. For example, if you
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Evaluating Server Components
45
choose a fast disk subsystem for a server and a slow processor for a DBMS, you have
made the following mistakes:
■
The processor is a bottleneck, or a component of the server that generally
slows the system, keeping parts of the system from working optimally.
Creating a bottleneck can be a costly waste of resources.
■
You have wasted money on a disk subsystem that could be put to better use
elsewhere.
■
The bottleneck may not be obvious, so you may end up spending more on a
faster Internet connection or other network component to try to increase
throughput.
Study your needs and try to identify the potential bottlenecks in your environment.
Ideally, all the components in a server should work together to optimize performance.
Evaluating Processors
The processor is the main focus of most server purchases because it makes everything
else work. When the processor is the bottleneck, the solution often involves an expensive upgrade to a new server, although some servers do allow you to add processors.
Additional processors can be used by some server applications, such as a DBMS, to
process complex requests more rapidly.
Examining the Intel Family of Processors
Most Microsoft Windows computers use Intel processors. The most common type of
Intel processor is based on the 386 chip, which includes the Pentium processors. In these
32-bit processors, data is processed 32 bits at a time.
When you install Linux software on a new server with an Intel processor, the name of
the file typically ends in i386.The i386 designation means that the program is designed
to run on any member of the Intel family that is currently available in servers, except
for the Itanium processor.
The Itanium, the latest generation of processors, is a 64-bit processor that requires special versions of operating systems. Figure 2-3 shows that 64-bit processors accept twice
as much data as 32-bit processors. Even so, most of today’s servers still use Pentium
processors.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
46
Chapter 2
Preparing for Server Installation
Processor
RAM
Processor
RAM
Figure 2-3
Tip
32-bit and 64-bit processors
When a processor doubles in speed, it effectively becomes more than twice as
fast, because the amount of work it can do is not solely based on speed. As
processors get faster, they increase the number of instructions they can
process. Comparing the same speeds across different versions of a processor
can be like trying to determine the amounts of freight that an economy car
and a diesel truck can carry by looking at how fast they go.
The current generation of the 386 family has three principal members: the Celeron is
designed for low-end desktop computers; the Pentium 4, the fastest member of the family, is designed for more capable workstations; and the Pentium III Xeon is the workhorse designed for servers. Multiprocessor servers use the Xeon, which can easily handle
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Evaluating Server Components
47
up to eight processors; more Xeon processors can be added by manufacturers. Although
all of these processors are used in servers, they have some important differences, as shown
in Table 2-1.
Table 2-1
Processor differences
Processor
Relative speed
RAM
L2 cache
Bus speed
Pentium 4
Fastest
Dual Channel RDRAM;
PC 133 SDRAM;
DDR 200/266 SDRAM
512 KB
More than
400 MHz
Pentium III
Xeon
Not as fast as
Pentium 4; some
versions not as fast
as Celeron
Dual Channel DDR;
SDRAM
Up to 2 MB
Up to
400 MHz
Celeron
Usually the versions
are about half the
speed of a Pentium 4
SDRAM
128 KB or
256 KB
Up to
100 MHZ
RAM allows the processor to quickly process information without accessing the hard
disk. Generally speaking, increasing RAM is the least expensive way to increase server
performance.When choosing from the many types of RAM available, consider the tradeoff between price and performance. Dual Channel RDRAM is the fastest option on
Intel processors. RDRAM runs at 800 MHz, PC2100 DDR runs at 266 MHz, and
SDRAM runs at 100 MHz or 133 MHz.The effectiveness of the RAM speed depends
on the processor, the bus speed, and the L2 cache.
The L2 cache is extremely high-speed RAM.When the processor needs to process data, it
first looks in this cache. If it finds the data in the cache, throughput is enhanced.Thus, the
more cache you have, the more work the processor can handle at any time. In Table 2-1,
note that the major difference among processors appears in the L2 cache column.
Bus speed measures the rate at which signals are sent between devices such as the hard
drive, network interface card, and memory. The path that the data travels between
devices is called the bus.
Among processors that are compatible with the Intel family members but are manufactured by other companies, the AMD processor is the most popular. This capable chip is
most closely related to the Pentium 4. The AMD processor can be a viable, low-cost
alternative to the more expensive chips from Intel. For example, an AMD-based server
from a second-tier manufacturer can often provide the required processing power at a
significantly reduced price.
Examining the UltraSPARC Family of Processors
Sun produces an operating system, Solaris, and associated hardware based on the
UltraSPARC family of processors. These 64-bit processors have an architecture that is
different from that of the Intel processors. Summarized briefly, Intel uses a Complex
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
48
Chapter 2
Preparing for Server Installation
Instruction Set Computer (CISC) architecture that emphasizes the number of different instructions that the processor can handle. UltraSPARC uses a Reduced
Instruction Set Computer (RISC) architecture, where the focus is on efficiently processing a few types of instructions.
Table 2-2 compares important characteristics of different members of the UltraSPARC
family.You cannot directly compare UltraSPARC processors and Intel processors based
on these characteristics because their architecture is different and they typically work in
computers that use different operating systems. Windows systems commonly use Intel
processors, whereas Sun systems typically use UltraSPARC processors to run the Solaris
operating system. Sun also offers Linux as an operating system option on some of its lowend servers.
Table 2-2
UltraSPARC characteristics
Processor
Relative speed
Maximum
L2 cache
Maximum number
of processors
Bus speed
UltraSPARC III Cu
Fastest
8 MB
More than 1,000
150 MHz
UltraSPARC II
About 50% of III Cu
8 MB
64
66 MHz
UltraSPARC IIi
About 50% of III Cu
2 MB
4
66 MHz
UltraSPARC IIe
About 50% of III Cu
256 KB
4
66 MHz
Using Multiple Processors
One way to prevent the processor from becoming a bottleneck is to use more than one
processor and spread the work among the various processors. Some applications, such as
BEA WebLogic, can assign several servers to a single processor. Figure 2-4 shows a Web
server configuration using more than one processor.
Other applications, such as a DBMS, are designed to work together across processors, as
shown in Figure 2-5. Other applications cannot benefit from multiple processors at all.
A server’s ability to use multiple processors depends on the combined capabilities of the
processor, the motherboard, the operating system, and the design of the application.With
Intel processors, the Pentium Xeon is used in servers with multiple processors. Although
motherboards for two processors are commonly available at computer stores, motherboards with four processors are typically available only as part of a server package. The
Windows Server 2003 Datacenter Edition allows for up to 64 processors, but the hardware manufacturer of the server must provide support for all these processors as an integral part of the server.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Evaluating Server Components
49
Each processor can be a separate server
2
Web server 1
Web server 2
Processor
Processor
Web server 3
Web server 4
Processor
Processor
Figure 2-4
Multiprocessor configuration
Typical multiprocessor implementation:
application manages all processors
Processor
Processor
Processor
Processor
DBMS
Figure 2-5
DBMS multiprocessor configuration
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
50
Chapter 2
Preparing for Server Installation
The most common form of multiple-processor support used in servers is symmetric
multiprocessing (SMP). SMP allows a server to divide processes and assign them to
available processors.The system can then handle more requests. Dual SMP systems are a
popular server platform, and some systems support more than two processors. In such a
case, the processors share RAM and the system bus. SMP can be contrasted with asymmetric multiprocessing, in which each processor is a specialist assigned to handle one
particular task.
SMP is not the only way to implement systems with multiple processors. In clustering,
multiple computers work together as a single computer. Clustering is discussed later in
this chapter in the section on fault tolerance.
Selecting a Hard Drive Interface
Besides the processor, the disk subsystem is the most important server component. It
includes two parts:
■
The hard drive interface, which connects drives to the motherboard
■
The hard drive itself
Tip
Steps for putting together a reliable disk subsystem are discussed in the section on fault tolerance; see “Planning for System Disasters and Reducing Their
Effects” later in this chapter.
The hard drive is another component that can significantly affect overall system performance.When choosing a hard drive interface, balance the desired performance with your
budget. Integrated Drive Electronics (IDE), the least expensive alternative, is the most
commonly used interface for workstations. For servers that need higher performance and
scalability, the interface of choice is Small Computer System Interface (SCSI).
Using Integrated Drive Electronics
As its name suggests, an IDE drive has its controlling electronics directly attached to, or
integrated with, the hard drive. By contrast, the attachment to the system bus goes
through a relatively simple controller.The IDE design contributed to the explosive development of larger hard drives by allowing drive manufacturers to design larger drives and
simultaneously improve data access mechanisms without having to worry about potential
incompatibilities with the systems containing the drives.
However, IDE drives do have some limitations. A server can support only two IDE drives
at a time, which is a limitation for two reasons:
■
Expandability —Server administrators want to be able to increase capacity by
adding drives.
■
Overall speed—Because disk drives are relatively slow compared to bus speeds,
you can reduce the bottleneck by dividing access across many drives. This
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Evaluating Server Components
51
limitation is overcome to some extent with Enhanced Integrated Drive
Electronics (EIDE) drives that support a maximum of four devices—two on
a primary interface and two on a secondary interface. See Figure 2-6.
Otherwise, EIDE is simply an extension of the original IDE standard.
Disk 1
CDR
Disk 2
CD burner
IDE 1
IDE 2
Motherboard
Figure 2-6
EIDE connections
Another limitation of IDE drives is that they require direct action from the processor
when data is read or written. This strategy presents a significant drawback for a server,
as it consumes computing time that could otherwise be used for other processes.While
most modern computer workstations come with built-in support for EIDE, and work
well in that capacity, SCSI is the interface of choice for most servers.
Using the Small Computer System Interface
SCSI, pronounced “skuzzy,” is a parallel interface that allows multiple devices to communicate with the local system at the same time. Unlike the EIDE interface, which supports only hard drives and CDs, the SCSI interface can support several additional
devices, including tape drives and scanners.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
52
Chapter 2
Preparing for Server Installation
SCSI allows you to daisy-chain up to seven devices using one SCSI adapter, and up to
15 devices using two adapters. An adapter is hardware that modifies the capabilities of a
computer. SCSI adapters can be embedded in the motherboard when it is manufactured
or a SCSI adapter can be added to an existing motherboard by purchasing the adapter
and plugging it in to a PCI slot. A PCI slot is a connector on the motherboard that can
accept a variety of hardware adapters. Figure 2-7 shows an example of a SCSI configuration. The devices that are chained together can also communicate independently of
the processor. This strategy can increase the overall performance of the system because
the processor can use its clock cycles to carry out other tasks. SCSI systems are more
costly than IDE drives, and their increased capabilities make them more complex to
install and troubleshoot. Nevertheless, SCSI’s higher expandability and increased performance make up for any drawbacks.
Disk
Disk
CDR
Disk
CD burner
Disk
DVD
PCI slots are
embedded on
motherboard
Motherboard
Figure 2-7
SCSI with multiple adapters
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Evaluating Server Components
53
Selecting compatible hard drives, tape drives, and other hardware devices for a SCSI system can be difficult because a number of SCSI standards exist. Some servers are configured with multiple types of SCSI, which makes installing the operating system more
challenging. Each SCSI interface requires software drivers to function correctly, and the
drivers must be installed in the correct order. Also, a server may have a very fast SCSI
for the disk drives but a slow one for the CD.To make sure that the devices match and
will work together, you should understand the following SCSI standards:
■
SCSI-2—SCSI-2 uses an 8-bit bus and supports data rates of 4 MBps. Also
known generically as Fast SCSI, it incorporates the following distinct standards:
Wide SCSI uses a wider cable (168 cable lines to 68 pins) to support 16-bit
data transfers.
Fast SCSI uses an 8-bit bus, but doubles the clock rate to support data
transfer rates of 10 MBps.
Fast Wide SCSI uses a 16-bit bus and supports data transfer rates of
20 MBps.
■
SCSI-3—SCSI-3 is actually a family of technologies, not one specific standard. Ultra Wide SCSI often referred to as SCSI-3, uses a 16-bit bus and
supports data transfer rates of 40 MBps.
Ultra SCSI uses an 8-bit bus and supports data transfer rates of 20 MBps.
Ultra2 SCSI uses an 8-bit bus and supports data transfer rates of 40 MBps.
Wide Ultra2 SCSI uses a 16-bit bus and supports data transfer rates of
80 MBps.
Ultra3 (Ultra160) SCSI is a fairly new standard that supports data transfer
rates up to 160 MBps. It is the most common interface used in servers.
When choosing an interface for a modern server, you should select an interface from at
least the SCSI-3 family. As with all other server components, it may be tempting to buy
a less expensive card, but purchasing a SCSI interface card from a reputable vendor is
worth the additional expense. You can find more information about SCSI at
www.adaptec.com; Adaptec is the principal manufacturer of SCSI adapters. Some top
server manufacturers embed Adaptec SCSI adapters in their server motherboards.These
manufacturers, such as Compaq and Dell, call the SCSI adapters Ultra3. Adaptec calls
the same adapter the Ultra160.
Selecting a Hard Drive
No matter how fast the hard drive interface can pass along information, the actual speed
of the transmission will be limited by the specifications of the drive itself.When evaluating hard drive performance, consider the following factors:
■
Vendor —You should select products from a reliable vendor. Investigate the
mean time between failure (MTBF), which is the average time interval
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
54
Chapter 2
Preparing for Server Installation
that elapses before a hardware component fails and requires service. Also find
out what kind of support the vendor provides.
■
Capacity—You can choose from a wide range of capacities, typically starting
at about 9 GB for SCSI and increasing significantly for IDE.
■
Data transfer rate—This rate can be represented by two speeds—hard drive to
buffer and buffer to adapter.
■
Buffer size —The buffer consists of RAM storage between the adapter and the
hard drive. Buffer size is measured in megabytes.
■
Average seek time —This measure indicates the time it takes, in milliseconds, to
get to a position on the drive.
■
Rotational speed —This measures how fast the disk drive spins. Typical rotational speeds are 7,200 RPM, 10,000 RPM, and 15,000 RPM.
When configuring a server sold by a major vendor such as Dell, Compaq, or HewlettPackard, the most important factors to consider are the type of SCSI adapter, the capacity, and the rotational speed. All of the vendors use Ultra3 adapters. To obtain more
information about a specific drive, visit the Web site for the drive manufacturer.
Compare servers from different vendors before you make a decision.
A key measure of hard drive performance is the access time, or the amount of time it
takes the drive to retrieve a single piece of data. The access time, which is measured in
milliseconds, includes the seek time, or time needed for the drive’s read/write head to
find a particular cylinder on the disk. The seek time is typically higher for a larger disk
because it has more space to search. Another factor that affects access time is the spindle rotation speed of the drive, also referred to as the drive speed. A higher rotation
speed lowers the access time.Typical IDE drive speeds are 5,400 RPM and 7,200 RPM;
SCSI drives can operate at 7,200 RPM, 10,000 RPM, 15,000 RPM, and higher.
You can configure multiple drives in a system in many ways.With IDE, you can use two
drives to increase your storage capacity. SCSI adapters can have many more drives to
expand the system’s storage capacity. This approach can also improve the system’s overall speed if you divide the drives to isolate the operating system on one drive and the
applications on the rest of the drives. Isolating system components is a relatively inexpensive solution, but each drive introduces another potential point of system failure.That
is, if one drive fails, the whole system fails. To circumvent this problem, you can use a
redundant array of inexpensive/independent disks (RAID), a common drive
configuration on servers. RAID allows multiple drives to operate together as a single
drive, and it uses a SCSI interface. If one drive malfunctions, the system continues to
work.This stability is part of the important concept of fault tolerance, which is discussed
later in this chapter.
Selecting a Network Interface Card
The network interface card (NIC) is another server component that can affect overall performance.The NIC provides the pathway for data to enter and leave the server.Table 2-3
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Evaluating Server Components
55
provides an overview of common NIC types and speeds along with their usage. Note
that the 100 Mbps card is the most popular NIC.The “Use” column in Table 2-3 refers
to current common usage. History has shown that the higher-speed connections currently used for servers will eventually migrate to workstations. Figure 2-8 compares two
Intel NIC configurations.
Table 2-3
Common network interface cards
NIC type
Speed
Media
Use
Standard Ethernet
10 Mbps
Twisted pair
(sometimes fiber)
Workstations
Fast Ethernet
100 Mbps
Twisted pair
(sometimes fiber)
Workstations and small
to medium-sized
servers (most popular)
Gigabit Ethernet
1,000,000 Mbps
Fiber (sometimes
twisted pair)
High-end servers
10-Gigabit Ethernet
10,000,000 Mbps
Fiber
Backbone connections
ATM
25 Mbps–622+ Mbps
Fiber
Workstations and
servers (rare)
100 Mbps
NIC
Default configuration
Switch
100 Mbps
NIC
100 Mbps
NIC
Switch
Two NICs, acting as one;
if one NIC fails, the other maintains the connection
Figure 2-8
NIC configurations
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
56
Chapter 2
Preparing for Server Installation
Because a T1 connection offers a data transfer rate of only 1.544 Mbps, a standard Ethernet
connection at 10 Mbps appears to be more than adequate. However, the Intel Pro 100
offers an excellent option even if you do not need the extra speed.You can connect two
NICs to a switch and configure the NICs so that if one fails, the other will continue to
supply data.This approach provides an inexpensive kind of insurance against NIC failure.
In a server environment, redundancy is used to prevent a single point of failure.
NICs are the least expensive components in a server environment, so it is usually best to
choose NICs from major vendors such as Intel and 3COM. As you have seen with the
Intel Pro 100, NICs have features that can enhance both performance and reliability.
Purchasing and Supporting a Server
It is much easier to make a mistake in the purchase of a server than a workstation. Most
users never exceed the capabilities of their workstations; when they do need higher performance, they can upgrade to a new processor without affecting the rest of the system.
Support is also more important for a server than a workstation because of the larger
number of people affected. Make sure that the server is extremely reliable and that support is available when you need it. The following section on fault tolerance stresses the
need to ensure that the server can continue to function even if a component fails.
When selecting the server on which your organization will depend, work with a wellknown vendor.You can choose a local company with a long track record of producing
high-quality servers or a national vendor such as Dell, Sun, Compaq, or HewlettPackard.These companies sell servers with prices ranging from less than $1,000 to more
than $1,000,000, with widely varying levels of reliability and support.
One important reason for purchasing a complete server from a vendor is to ensure that
the components will work together.Typical workstations do not have SCSI adapters, so
getting them to work within a network can be challenging. Selecting high-performance
motherboards and making sure that everything is compatible with your operating system can be difficult. Some components, such as redundant power supplies, can be difficult to find on your own.You must also know which components do not work together.
On a workstation, for example, any NIC will function properly, but for years, 3COM
NICs would not work in a Dell server.
Having access to reliable support is another reason to purchase a server from a major
vendor. When your server stops running, you might not know whether the problem is
limited to the power supply or the motherboard, and you probably do not have the diagnostic equipment to find out. An experienced support staff can help you troubleshoot
and solve the problem, saving you hours of work.
Vendors provide various levels of support based on your needs and budget. They often
offer 24-hour response time, although 24 hours can be a long time when people depend
on e-mail to do their jobs. Also, this response time does not necessarily mean that the
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Planning for System Disasters and Reducing Their Effects
57
problem will be fixed in 24 hours. The vendor may need to order a motherboard or
other device, and it could take a few days to get your server working again.
A major vendor should also know what works and what doesn’t, and it might know how
to troubleshoot server behavior you haven’t experienced before. For example, a server
at DeVry University in Phoenix, Arizona, developed an apparent software problem.
When the IP configuration was changed, the setting changed when the server was
rebooted.The baffled administrators assumed that software was causing the problem and
reinstalled the operating system, but the problem with the IP configuration persisted.
When contacted, the vendor traced the problem to the motherboard. Once a new motherboard was installed, the problems were solved.
PLANNING
FOR
SYSTEM DISASTERS
AND
REDUCING THEIR EFFECTS
Disaster planning can help you avoid problems with hardware, software, and even business procedures. Planning for system disasters is like buying insurance—you might not
like paying for it, but you are glad to have it when you need it. Also, just as it may be
economically infeasible to insure your company against every conceivable problem, it
may not make good business sense to make sure that systems will never fail. Always balance the cost of disaster planning against the benefit to the organization and others. For
example, a disaster plan for computer systems in a nuclear power plant is more critical
than one for a small retail business.
Servers can be critical to a business. For example, on an e-commerce site, a server failure could cost a business thousands of dollars for each minute of lost revenue.Virtually
anything you can do to keep servers running represents time and money well spent, but
spending money on fault tolerance must provide a distinct business benefit. Fault tolerance is the ability of a system to keep running even when a component fails.
Not every server needs to be 99.999 percent reliable (the coveted “five nines”), which
would mean about five minutes of downtime per year. This level of reliability can be
expensive to achieve, and only critical servers need such high reliability. For example,
DNS servers have built-in fault tolerance. (Recall that a DNS server converts host names
to IP addresses for your domain.) You might have a local DNS server and your ISP might
have another DNS server. If your DNS server malfunctions, the DNS server at your ISP
can take over and resolve names. This fact means that your local DNS server is not a
critical server. Indeed, some companies use recycled workstations running Linux as a
DNS server.They keep all the DNS scripts on a floppy disk and set up an old workstation to use as a DNS server when necessary.
In creating a reliable system, you need to justify the cost involved. Top-level managers
usually make the initial decisions to address the cost of business downtime, though they
often do not realize its full impact.You can help them in this effort by doing a disaster
assessment.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
58
Chapter 2
Preparing for Server Installation
Disaster Assessment and Recovery
To understand how disasters would affect your system and business, start by identifying
which disasters could strike your server and pinpointing how long they could last.
Determine which disasters could result from computer malfunction, simple human error,
or the actions of disgruntled employees. For example, important documents can be accidentally deleted, accounts receivable can be closed at the wrong time in an accounting
program, or data can be accidentally deleted from a database.
Focus on the disasters you can prevent. For example, a server that uses a single disk drive
might take advantage of RAID technology to prevent problems in case the drive fails.
Lost data from an accounting program could be restored by a tape backup, by the program itself (which might offer an option to restore the data), or by a database administrator (who might restore the data from detailed logs kept by the DBMS).
Think creatively about disasters that can cause monetary loss and ways to prevent them.
If a disaster does occur, have a recovery plan that minimizes the cost to the organization.
Be sure to maintain adequate documentation of your systems. Because you are responsible for the Web server environment, you could be the first person blamed for its failure. Document the hardware, software, and configuration decisions made by you and
your managers.
Preventing Hardware Disasters
The hardware problems on which Web server administrators focus are those involving
the server. Because these computers are complex, you need high-quality technical support for them. However, servers aren’t the only devices that can fail—all the components
in a Web server environment must work together. For example, a working server won’t
help you if the router that connects it to the Web fails.
For this reason, you need a plan of action to address hardware failures in a Web environment. If a component fails and you have support for it, for example, you need to know
the support phone number and the location of the support contract. The support person may in turn need the contract number and the serial number of the failed component. Make sure that these numbers are written down and that more than one person
knows about them, because components can fail when you are on vacation.
If you do not have support on a device, a disaster recovery plan is even more important.
If the router fails and you need to purchase a new one, you might need preapproval to
buy it. Management needs to know in advance the cost of the component, the cost of
support for the component, its role in the Web environment, and the importance of
expediting an order in case the component fails.
Preventing Software Disasters
Software disasters are more complex than hardware disasters because so many types of
software exist. No administrator can be expected to understand the intricacies of every
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Planning for System Disasters and Reducing Their Effects
59
application in a company. However, the administrator is often the person responsible for
knowing who to call to get a problem solved. When the problem involves a computer,
you are likely to be the first person whom users call for help. Software companies often
have support lines that you can recommend as a resource. For a complex DBMS, your
company may not need or be able to afford a full-time database administrator, so it might
contract with a local firm to fix problems.
As with hardware components, you need to document every software component and
devise a plan for dealing with problems. The plan could be as simple as providing a list
of phone numbers for internal software experts. In other cases, you might need to call
the software support number. As with hardware, a software application may offer only
30 days of free support. If a software maintenance contract is needed, you need to make
management aware of the annual or per-incident cost. If you need to pay a per-incident
cost in an emergency, make sure you can have the payment expedited so you can get
support. Typically, your company should have a general budget for emergency support.
Web server administrators occasionally encounter software that does not work properly
from the day it is installed. It may not work correctly, it may stop unexpectedly, or it
may lose data.Also, it may not have features that were promised. If the software is important to the company, however, it is your job to make it work successfully.
In such situations, be sure to document your problems with the software and the actions
you take to solve them. Document your conversations with support personnel, any
patches you apply to the software, and any other procedures you perform to fix the problems. Beware of relying too much on workarounds. For example, a support technician
may tell you that when the application stops, you can simply go to the Web server and
restart the service that controls the application.This workaround may suffice when you
are available, but it won’t help on a weekend, when no one is near the Web server.
Maintain a good working relationship with support personnel; you may need a favor
some day.
Solving Electrical Problems
The old saying that “the memory of a computer is only as long as its power cord” highlights the importance of a constant electrical supply. Even if the original server room
was expertly planned and the electrical needs of each component were carefully
researched, with dedicated circuits provided for all components that required them, electrical problems can arise later. For example, servers might be added and other components might be upgraded without the addition of any new circuits. If components are
not attached to an uninterruptible power supply (UPS), an overloaded circuit could
cause a component to restart itself. If you overload the UPS, the battery within it will
become too drained to keep components running. Make sure you have an adequate supply of electricity and enough UPSs for your server room, and make sure each UPS has
enough capacity.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
60
Chapter 2
Preparing for Server Installation
In a large, complex environment you need an expert to tell you how many circuits and
UPSs you need. Nevertheless, you can typically make a reasonably good estimate yourself. Start by calculating watts, a unit of power. Wattage is equal to volts multiplied by
amperes (amps); each circuit is usually 15 or 20 amps and 110 to 120 volts, so the number of watts for a 15-amp circuit is about 1,725 (115 15).
Your next challenge is to find out from building maintenance which wall sockets are
part of which circuit. In some cases, you could have a dedicated 20-amp circuit for a
single device; often, however, a number of wall sockets will be part of the same circuit.
Offices adjoining the server room might also share a circuit. Once you map the sockets
to the circuits and find out how many amps are on the circuit, you need to know which
components will use that circuit. The components’ power supplies usually indicate the
number of watts they use. Typically, a power supply on a server may be 300 watts, but
the environment might include three power supplies.Total the wattage and find out how
many circuits will be needed.
A 300-watt power supply is not like a 300-watt bulb. The power supply does not consume a constant 300 watts, but only the power that it actually needs at a given time.
However, make sure that your electrical supply can give you maximum power so that you
have room to expand. Remember to gather information on future needs so your server
room has enough circuits. Also, keep in mind that some devices, such as large Cisco
switches, need significantly more watts when they start up than when they are running.
Make sure that your supply of electricity can handle this kind of fluctuating demand.
In a server room, you should always place a UPS between the wall socket and the
devices. A UPS is rated in watts, so you can calculate how much power you need. Also,
consider how long the server should run on the battery when the electricity goes out.
In most cases, you want just enough electricity to shut down the servers properly.
Software/hardware combinations from the UPS manufacturer can handle this task automatically, so if an electrical outage occurs when no one is near the server room, the
servers will shut down without any human intervention. When servers are shut down
properly, data in RAM that could be critical to the operating system and applications is
stored on the disk where it belongs. For example, files that are open are closed properly.
If systems lose power and cannot shut down correctly, data can be lost and hard disks
can suffer serious problems.
Although disaster assessment and recovery are complex tasks, Web server administrators
are not solely responsible for preventing and recovering from disasters. In larger organizations, for example, the help desk is charged with resolving many application software
problems.The IT director should have an adequate budget to make sure that any monetary issues related to support get resolved quickly.
Allowing for System Redundancy
After acknowledging that hardware occasionally fails, you need to assess which components are most prone to failure and then determine how to avoid failure, how much it
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Planning for System Disasters and Reducing Their Effects
61
costs to avoid it, and whether the cost justifies the benefits to the organization.This section will help you determine which components are most likely to fail and learn how
you can avoid failure through redundancy.
Power supplies on larger devices such as servers and switches are not only critical components, but also relatively inexpensive. Often, servers have two or three power supplies;
switches may have two such supplies. If some of your servers have only one power supply, you should purchase spares.
Achieving Disk Redundancy Through RAID
A RAID system can prevent data loss when a single drive malfunctions.The six original
RAID levels were designed by a research group at the University of California in
Berkeley, but a number of RAID levels have been added since then. Each level represents
a different way to make multiple disk drives act as a single drive.Although RAID 0 is not
fault tolerant, the other levels are.
The RAID levels are described in the following list:
■
RAID 0—In this technique, called disk striping, data is split into small pieces
and spread over a number of drives. Disk striping in RAID 0 is the fastest of
all the RAID levels because it does not have to store the data necessary to
allow a single disk to fail.
■
RAID 1—Data is duplicated across two drives, which can make writing data
slower. This method, called mirroring, is ideal for IDE drives because you can
have only two high-speed drives. If you are using SCSI, you can have two
SCSI adapters; each goes to a drive, so even if one of the adapters fails, the
system will keep running. This technique is called disk duplexing. Figure 2-9
compares these approaches.
■
RAID 2—This technique uses special error-correcting codes for drives that
do not have built-in error detection. SCSI drives come with error correction,
so this RAID level is not important for them.
■
RAID 3—This technique stripes data across the disk drives at the byte level.
Information needed to rebuild data is stored on one drive. RAID 3 is not
commonly used.
■
RAID 4—This technique is similar to RAID 3, in that information needed
to rebuild the data is stored on one drive. Reads are as fast as with RAID 0,
but writes are slow because extra information must be stored for rebuilding
purposes. RAID 4 is not commonly used.
■
RAID 5—This technique is by far the most common disk redundancy
method found in servers. RAID 5 distributes data across the drives and stores
the redundancy, or parity, information needed to rebuild the drives; thus, if
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
62
Chapter 2
Preparing for Server Installation
any drive fails, it can be replaced with no loss of data. Figure 2-10 shows an
example of a RAID 5 implementation. Although all Windows versions from
NT to 2003 can implement RAID 5 in software, it requires too much extra
memory and processing power to be generally feasible. It is much less of a
burden on the operating system to have RAID 5 implemented in hardware
via special SCSI RAID controllers. All major server vendors configure their
servers in this manner.
■
RAID 10—Instead of using an array of single drives, RAID 10 is an array of
RAID 1 mirrored drives. It is much more expensive than the other RAID
levels because you have twice as many drives. Nevertheless, RAID 10 is better
than RAID 5 because it eliminates the immediate need to replace a drive;
each disk in the array is mirrored. Also, it is more fault tolerant than RAID 5;
if two disks in a RAID 5 array fail before one is replaced and the array is
rebuilt, then you will lose your data.With RAID 10, two pairs of disks would
have to stop functioning before you had to replace any drives.
Disk controller
Data
Data
Disk mirroring:
both disks have same data;
if one disk fails, the other is used
Disk controller
Data
Disk controller
Data
Disk duplexing:
both disks have same data;
if one disk or one controller fails, the other is used
Figure 2-9
RAID 1 disk mirroring and duplexing
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Planning for System Disasters and Reducing Their Effects
63
2
RAID 5 controller
Redundant
information
Redundant
information
If one disk fails, redundant
information from the
other disks is used to
re-create the data
Redundant
information
Figure 2-10
RAID 5
Disk mirroring and disk duplexing (RAID 1) are very common in the low-priced segment
of the server market. Setting up disk mirroring in a Windows server with IDE drives is very
easy. If your computer has two 20 GB drives, you can install a Windows server on one
of the drives and make it a dynamic disk (as opposed to a basic disk). In the Disk
Management utility, you can mark the other disk and create a mirror. If one of the disks
fails, you can then use the Disk Management utility to break the mirror, which makes
the disks independent again. At that point, you can simply replace the broken drive and
re-create the mirror.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
64
Chapter 2
Preparing for Server Installation
Outside of the low-end market, RAID 5 is the most popular method of disk redundancy. In mirroring, you can have only two drives; in RAID 5, however, you can have
dozens of drives. The equivalent of one drive is used for redundancy, and you need a
minimum of three drives. For example, if a RAID 5 array includes three 20 GB drives,
the storage capacity would be 40 GB. With ten 20 GB drives, you would have 180 GB
of storage. If you have n number of drives, with n being at least 3, and y is the capacity
of each drive, the available storage capacity is (n - 1) y. If one of the drives then malfunctions, the other drives have the data from the malfunctioning drive, so the only difference is a slight slowdown because data must be re-created from the other drives. Once
you put a new drive back into the system, it is automatically rebuilt.
Some RAID 5 installations allow for a hot swap, meaning that you can replace the drive
while the server continues running.You can even have multiple RAID 5 systems in a
single computer, or a mix of RAID 5 and other RAID technologies. For example, a
Microsoft Exchange benchmark test uses a server with four 18.35 GB disks for the operating system, sixteen 18.37 GB disks for log files, and forty-eight 18.35 GB disks for
information storage files.
All major server vendors support hardware-based RAID 5 systems. Most RAID 5 technology is implemented in hardware through a special utility in the RAID 5 controller;
upgrading from a simple SCSI adapter to a RAID 5 controller is relatively inexpensive.
In the utility, you set up the size of the C: drive partition and other partitions as required.
When you install Windows or Linux, the operating system does not know or care that
you have RAID 5; it appears to the operating system as just another disk drive.Although
Windows server products allow you to set up RAID 5 in software, you should avoid
using software-based RAID 5 because of the processing and memory burden it imposes
on the operating system.
Achieving High Availability with Multiple Servers
Clustering is a technology in which many computers act as one.You can also use a simpler technique called load balancing to distribute the work among many computers.
Clustering has three major purposes:
■
Computing power —You may need so much computing power that no single
computer can handle the demand. A cluster of relatively inexpensive computers can offer more computing power than one large supercomputer. For
example, a company called Accelerated Servers has put together clusters of up
to 60,000 connections. Clustering software from NASA Goddard’s Beowulf
project is freely available but rather complex to install; the Beowulf products
are available primarily for Linux servers. A variety of vendors, including
PSSC Labs and Accelerated Servers, have implemented Beowulf in their
products. These types of servers are often used in the scientific community to
handle advanced mathematics applications.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Planning for System Disasters and Reducing Their Effects
■
■
65
Fault tolerance —At the other end of the spectrum from computing power is
fault tolerance. Pure fault tolerance is very difficult to achieve, because clusters are very complex and include many components. For example, a PCI slot
can fail, as can a single processor on a multiprocessor server or a component
in the switch that connects them together. The cluster that comes closest to
true fault tolerance is produced by Compaq’s NonStop Himalaya servers. In
this cluster, each server is extremely fault tolerant—if any component fails,
the cluster will keep running. According to Compaq, 95 percent of all security transactions and 80 percent of all ATM transactions go through NonStop
Himalaya servers.
High availability —Between the two extremes lies what IBM, Microsoft, and
others call high availability through clustering. This approach provides redundancy and failover for fault tolerance, but its definition is not quite as strict as
that of pure fault tolerance. (Failover is the ability to have a server fail and yet
have the other servers continue to function.)
IBM’s approach to clustering is more complex than Microsoft’s approach. IBM uses
computers it calls nodes to serve different purposes. Most servers are used as compute
nodes, which is where the real work occurs. For each group of 32 to 64 compute nodes,
a head node controls the compute nodes. Each system requires a management node, and
external disk subsystems may require other nodes.
An IBM cluster must have three functional networks:
■
One network facilitates interprocess communication. It allows the processors
to work together.
■
A second network supports the disk subsystem. In a cluster, the computers
share a single disk subsystem. The first two networks typically rely on specialized high-speed networks.
■
The third network provides system management, which is usually implemented
via 10/100 Mbps Ethernet. IBM uses Red Hat Linux for the operating system.
IBM’s solution to clustering is hardware-based; it makes all the computers in a cluster
truly act as one.
In contrast, Microsoft’s approach to clustering is to distribute the computing load (load
balancing) among distinct servers. This approach to high availability must be able to
accommodate any computer that uses Microsoft Windows server products. The
Microsoft solution uses a software product that ties together multiple servers into a single system, and it focuses on Web server availability.
Before Windows Application Center 2000 became available, the simplest form of load
balancing was a DNS round-robin. In a DNS round-robin, one host is associated with
10 IP addresses that correspond to 10 Web servers, instead of one host being associated
with one IP address.As requests for Web pages arrive, they are sent to the next IP address
on the list. To add new Web servers, you simply add IP addresses to the list. Although
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
66
Chapter 2
Preparing for Server Installation
this round-robin approach provided basic functionality, it required too much maintenance and software development was too complex. For example, you had to make sure
that each server was exactly the same, and that all Web links accessed by users existed on
all servers. Also, it was difficult to keep track of user information as users explored a site,
a common scenario in a shopping-cart application in e-commerce.
Microsoft has solved these problems with the Microsoft Application Center. Figure 2-11
shows an example of a Microsoft cluster created with this approach.You can synchronize applications and data on all the servers, and you can load-balance based on IP
addresses and the needs of certain software components.You can readily add and remove
servers from the cluster, and you can add an application and have it distributed to all
servers in the cluster. Because all servers in the cluster are configured in the same way,
if one server fails, the other servers can perform its work.
Internet
Server
Server
Server
Server
Server
Server
All servers managed as one
All servers have same data
Figure 2-11
Microsoft cluster
No system can achieve fault tolerance without having a good backup system in place.
Imagine a cluster of 20 servers in which each server uses RAID 5 technology. If an
administrator accidentally overwrote a major part of the Web site with old pages, many
valuable Web pages would be destroyed. The only solution at that point would be to
restore the pages from tape backups.
Setting Up Backup Systems
As you know, a backup of your data files protects against user error, and it can prove
invaluable if a data error goes unnoticed for days. Not only should you keep data backups, but you should also maintain a number of backups made over a period of time so
that data can be restored from a specific date.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Planning for System Disasters and Reducing Their Effects
67
When setting up a backup system, consider the following issues:
■
Your backup procedures—How many backup procedures do you need? How
often do you need to make the backups?
■
The backup technologies you can use—How many tape drives do you need in a
multiserver environment? How do you make sure everything is backed up,
including specialized applications such as DBMS and e-mail servers?
Backup Procedures
The number of tape backups you make and the frequency of backups depend on the
needs of the organization. Typically, you will need daily backups for the previous week
and weekly backups for the previous month. Many organizations also may have special
backup needs based on certain occurrences. For example, a company may need a backup
immediately before month-end closings in the accounting system and another backup
immediately after the month-end closing.You may want to back up the system before
installing any new software, in case the software causes serious system problems that you
cannot solve by simply uninstalling it.
Once you have decided on your schedule of backups, you have to decide on the backup
method. Each type entails certain trade-offs:
■
Full backup —All backup schedules begin with a full backup of everything on
the drive. The advantage is that all the data is in one place; if data must be
restored, you need to access only one storage location. The disadvantage is
that a full backup takes more time than other techniques.
■
Differential backup —This method backs up all files that are new or changed
since the last full backup. The advantage is that if data must be restored, it can
be found in only two possible places: on the tape with the full backup or on
the tape with the differential backup. The disadvantage is that you keep backing up the same old information since the full backup, because you back up
new data every day.
■
Incremental backup —This method backs up only the data that has changed
since the last incremental backup. The advantage is that data is backed up
only once, which doesn’t take as many system resources as the previous two
methods. The disadvantage is that to restore data, you might have to search
through the full backup or any one of the incremental backups. Most backup
software deals with this problem by quickly going through all the backups for
you. Often, the full backup and the incremental backups are found on the
same tape.
Figure 2-12 compares the incremental and differential backup approaches.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
68
Chapter 2
Preparing for Server Installation
Differential backup:
backup data changed since last full backup
Sunday
Monday
Tuesday
Wednesday
Full
backup
Since Sun.
Since Sun.
Since Sun.
Thursday
Since Sun.
Friday
Since Sun.
Saturday
Since Sun.
Incremental backup:
backup data changed since last incremental backup
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Since Sun.
Since Mon.
Since Tues.
Since Wed.
Since Thurs.
Since Fri.
Full
backup
Figure 2-12
Tape backup approaches
You can use a combination of these backup types if desired. For example, on Sunday
you might make a full backup. On Monday, suppose you add a new file called filea.doc
and change a file called fileb.doc, so you need only a differential backup of filea.doc and
fileb.doc. On Tuesday, you add filec.doc and change filed.doc, so your differential backup
will include filea.doc, fileb.doc, filec.doc, and filed.doc. Now assume that you start over
on Sunday and use incremental backups. On Monday, you add filea.doc and change
fileb.doc; if you do an incremental backup, only filea.doc and fileb.doc will be backed
up. On Tuesday, you add filec.doc and change filed.doc, so your incremental backup will
include only filec.doc and filed.doc.
Often, full backups are scheduled to take place once per week during a slow time, such
as 1 A.M. on Sunday. During the week, incremental or differential backups might be done
at 1:00 every morning. Place the weekly full backups on a new tape and be sure to store
the old tape off site, in case the computer room becomes damaged by fire or fire sprinklers. Some companies use a fire-proof safe for tape storage.
Choosing Backup Technologies
You can back up data in more than one way and should consider whether you need more
than the basic procedures. For example, these procedures may prove inadequate for a server
environment containing eight servers. Likewise, your system might include multiple LAN
servers, multiple specialized Web servers, a database server, a print server, and an e-mail server.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Evaluating Network Components
69
You should consider three issues when performing backups:
■
Backing up the operating system. In a Windows server, the Registry is
always open, and open files are not backed up by default.You need to make
sure that your backup software explicitly backs up the Registry.
■
Backing up special application files. DBMSs keep files open, as do
Microsoft Exchange and other applications. These critical files will not be
backed up unless your backup software has special modules for each of these
applications. These software modules usually cost extra money and are available only for popular software. Also, you may have a custom application that
keeps files open. Open files are not included in a backup, even though some
of them could be important files used by your applications. For a solution to
this problem, contact the company that supplied the custom application. The
only way to close the application files may be to manually stop the application before you make a backup. Some applications, such as Oracle DBMSs,
require part of the backup procedures to take place through utilities that are
part of the software before the files will be backed up.
■
Backing up simple data files such as text files, spreadsheet files, or
executable files. These files are easy to back up, assuming that the user does
not have them open. Make sure you can back up every file in case the disk
subsystem is completely destroyed, thereby ensuring that you can rebuild the
system after a disaster. This is not a trivial task.Verify that your software can
restore the system by practicing on every new server you get and documenting the procedures.
Although it is best to have a tape drive on every server, budget constraints may not allow
it. Good digital tape drives can cost thousands of dollars.To add to the complexity, configuring one tape drive to back up multiple servers makes it more difficult to back up
the Windows Registry, DBMSs, Microsoft Exchange, and other special applications.
Typically, you need to buy software modules from the manufacturer of your backup software and install them on the servers without tape drives. If you implement such a system, note that when you back up data on another server on the network, you place a
severe burden on the network. Some backup systems can easily clog a 100 Mbps network.To prevent this problem, backups should always be done when no one is using the
network. In addition, put an extra NIC in each server and implement a second network
just for backups.
EVALUATING NETWORK COMPONENTS
There is more to a Web server environment than a few servers. The servers need to be
connected together and the connections need to communicate with the Internet. This
section examines these components and explains how to put together a complete system.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
70
Chapter 2
Preparing for Server Installation
Switches and Hubs
You use switches and hubs to connect computers. A twisted-pair wire usually connects
the NIC in the computer to the hub or switch. A switch is a device that controls the
routing and operation of data signals. Standard switches communicate at Layer 2 of the
OSI model. However, as explained in Chapter 1, Layer 3 switches can also act as routers.
Hubs are shared devices found at Layer 1 of the OSI model; computers share the connections in the hub much like old-fashioned telephone party lines. With a party line,
you picked up the phone to find out whether anyone else was using it. If no one was
on the line, then you could talk. Imagine that so many conversations took place on the
party line that you spent more time checking the line than actually talking. In the computer world, this situation is called contention. The more traffic, the slower it travels.
Using a hub between a workstation and a server is fine with light data traffic, but
switches are a much more common solution to heavier traffic management.
A switch is analogous to a modern telephone system.You dial a specific number and then
communicate, even though others may be using the same telephone system at the time. A
switch simulates a direct connection between two computers.Although these devices should
be really called switching hubs, they are commonly called switches. Because servers handle a
lot of traffic, this section focuses on switches; hubs are not an option when connecting servers.
Not all switches are the same. Some cost $100, while others cost 10 times as much. As
with most components, you need to balance your needs with your budget. For example,
assume that you have a 12-port switch. (A port is where you connect the network cable.)
When only two computers are connected to a 12-port switch, traffic flows without interruption. As traffic increases, however, you need to consider the following characteristics:
■
Packets per second—The number of packets that can go from one port to
another port. More expensive switches promise wire speed, which is the
same speed two computers could achieve if they were physically connected.
■
Data switching backplane—The total speed the switch can handle. It should be
measured in gigabits per second.
■
Connection types—Can you use full-duplex NICs that allow 100 Mbps data
transfers in both directions at once? As you add more switch capacity, can the
switches function as if they were one switch?
Once you have a switch to connect the servers in a network, you must connect the server
network to your ISP’s network.Your ISP then connects your system to the Internet.
Routers
Routers connect one network to another network and can serve many purposes, including connecting an internal network to an external network. Chapter 1 discussed connecting your network to the Internet. Recall that the digital signal coming from the Internet
differs from the digital signal in your network.The router not only moves packets from one
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Setting Up IP Addressing
71
network to another, but can also transform the packet into another type. For example, when
a router links to your internal network and your CSU/DSU, its Ethernet port connects to
your internal network and its serial port connects to your CSU/DSU.
Not all routers are separate devices, and any server can become a router. All you need
are two or more NICs. The connection into one NIC comes from one network, and
the other connection goes to the second network. As you will see in Chapter 10, a firewall computer can take packets from the Internet on one NIC and then send them to
an internal network with a special network address that cannot be detected from the
Internet on the other NIC. A firewall computer can also act as a router.
Maintaining Internet Connections
There are many pieces to the puzzle of identifying LAN components and connecting
them to the WAN, as you discovered in Chapter 1. The most complex piece involves
learning about the WAN connection. Due to the competitive nature of the ISP industry, both pricing and services change rapidly. As a consequence, the most popular and
cost-effective solution one year may not be the best solution the next year.Although the
T-Carrier approach offers virtually unlimited expandability, most businesses will probably never need to expand beyond a capacity of 1.544 Mbps. At this level, you can select
between T1, SDSL, and a dedicated cable modem.Your choice will depend on the combination of services that are available in your area, the cost of the service, the reputation
of the ISP, and the expandability you need.
Organizations that are just getting started in Internet connectivity should consider the
Web hosting solutions outlined in Chapter 1. They involve much less risk and you do
not need on-site technical expertise.
SETTING UP IP ADDRESSING
As you learned in Chapter 1, IP is one of the protocols in the TCP/IP protocol suite. Its
purpose is to provide addressing, which is how information gets from one computer to
another on the Internet. Every Web server has a unique address that is valid on the Internet.
However, workstations on an organization’s LAN often use private IP addresses that are not
accessible on the Internet, but rather have meaning only on the company network.
Understanding the Addressing Structure
The addressing structure determines how addresses are created and how you can determine the difference between the network portion of the address and the host (or individual computer) portion. This structure is like a world where every house has a Zip
code that identifies both the local post office and the house. A computer’s “Zip code”
also supplies information about the country from which it came; large countries with
many houses get certain types of codes, whereas countries with few houses get special
codes that can handle fewer residences. IP addresses are organized in much the same way.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
72
Chapter 2
Preparing for Server Installation
IP addresses are divided into four numbers separated by periods, such as 192.168.0.100.
Each number, with certain restrictions, can range from 0 to 255. An IP address has two
parts: a host portion and a network portion. All computers that are directly connected
to each other form a network with regard to IP addressing. In such a case, the network
portion of the IP address must be the same for all computers, and the host portion of
each machine’s address must be different to distinguish one computer from the rest of
the computers on the same network.
Subnet Mask
The subnet mask tells you what part of the IP address represents a network number and
what part of the address represents the number for the host.
IP addresses are classified into three principal classes, as shown in Table 2-4. The
addresses are grouped according to how many hosts each class can accommodate. A class
A address can have over 16 million hosts, whereas a class C address can have only 254 hosts.
Figure 2-13 gives an example that shows the differences among the classes with regard to
network and host portions of the address.
Table 2-4
Class
Common TCP/IP classes
First number
Subnet mask
Number of networks
Number of hosts
Class A
1–127
255.0.0.0
126
> 16,000,000
Class B
128–191
255.255.0.0
> 16,000
> 65,000
Class C
192–223
255.255.255.0
> 2,000,000
254
Network
Class A
Class B
Class C
Figure 2-13
Host
10.202.124.33
255.0.0.0
135.87 .34.65
255.255.0.0
192.168.0 .100
255.255.255.0
Subnet mask used to separate network from host
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Setting Up IP Addressing
73
Determining the network portion and the host portion is critical for the following reason: when your computer needs to send a packet based on an IP address, it must determine whether the packet should stay on the local network or be sent through the
gateway to another network. To do so, your computer compares the IP address of the
destination to the subnet mask. If the network portions of both your computer’s address
and the destination address match, the packet stays on the local network. If the network
portions are different, the packet is sent to the gateway (router) address. When you set
up an IP address in your computer, the third value—usually called the gateway—is the
IP address of the computer that will take the packet out of the local network so that it
can ultimately be routed to the correct network.
Private Networks
Private networks are special network addresses reserved exclusively for use on networks
that do not communicate across the Internet.These networks offer two advantages. First,
you don’t have to worry about packets from the private network getting to the Internet,
because Internet routers cannot route packets that use these addresses. Second, hackers
cannot easily access computers in your local network that use such IP addresses.
The private addresses have the following designations:
■
10.0.0.0 –10.255.255.254
(a single class A network address)
■
172.16.0.0 –172.31.0.0
(16 class B network addresses)
■
192.168.0.0 –192.168.255.254
(256 class C network addresses)
Your objective, whether for your Web server or for users in your organization, is to
achieve interaction with the Internet. Private network addresses become very powerful
in this effort when they are combined with network address translation (NAT).
Network Address Translation
NAT allows an IP address from one network to be translated into another address on an
internal network.You need to use NAT if your ISP gave you only one address for your organization instead of 254 addresses for your servers and users. Some routers and firewalls allow
you to take single (or multiple) IP addresses that are destined for your network from the
Internet and translate them into your local set of addresses.This approach allows you to have
a single IP address of 38.246.165.10, for example, which is then translated to the address of
your Web server at 192.168.0.100.Although this technique does a good job of isolating your
Web server, NAT can do even more. It can take a single IP address that is valid on the Internet
and translate it into a pool of local addresses. For example, 38.246.165.10 may be translated
into a pool of addresses ranging from 192.168.3.1 to 192.168.3.254. Now as many as 254
users can share a single Internet connection. Figure 2-14 shows an example of this type of
network. Proxy servers can keep track of which packet belongs to which internal user. (Proxy
servers will be discussed in detail in Chapter 10.)
This technique has been very useful in allowing a dwindling pool of valid Internet IP
addresses to serve an ever-increasing number of Internet users. Also, by ensuring that
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
74
Chapter 2
Preparing for Server Installation
your internal IP address pool is a private network address, you make it more difficult for
a hacker to penetrate your system.
Internet
CSU/DSU
Router
38.246.165.1
38.246.165.10
Firewall
with
NAT
172.16.1.1
Public (Internet)
addresses from ISP
Private (LAN) addresses you create
based on any private IP address
Switch
172.16.1.10
172.16.1.30
172.16.1.20
Figure 2-14
Network diagram
NAT is very flexible. For example, you could receive three IP addresses from your ISP:
one destined for your Web server, one destined for your e-mail server, and one destined
for your FTP server. All three will be translated to different internal IP addresses to help
protect your servers.
An important aspect of NAT is that it allows multiple internal users to use a single IP
address on the Internet. This type of single-address NAT is called port address translation (PAT). When a browser connects to a Web site, it typically links to port 80 on the
Web server. However, for the Web server to send the Web page back to the browser, it
needs to access a specific port on the browser.This port information is sent to the Web
server when the user initially requests the Web page. Then a device that uses PAT, such
as a router, associates each internal user with a different port. When a Web page comes
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Chapter Summary
75
back to the assigned port on the router, the port is translated into the user’s port and the
Web page is sent to the user. See Figure 2-15.
2
Steps for computer at 192.168.1.100
to get page from www.ibm.com:
Internet
1. Request page from www.ibm.com
to be sent to port 45000 at 192.168.1.100
2. Router translates 192.168.1.100 to
38.246.165.200 and port 45000 to port 55000
and makes page request
Source IP
Source port
External port
3. Web server at www.ibm.com sends page to
192.168.1.100
45000
55000
38.246.165.200 at port 55000
192.168.1.101
45000
55001
4. Router sends page to 192.168.1.100 at
192.168.1.102
45000
55002
port 45000
IP: 38.246.165.200
This translation table can
Router
accommodate hundreds
or even thousands of
internal users sharing a
single IP address
IP: 192.168.1.100
Browser port: 45000
Figure 2-15
IP: 192.168.1.101
Browser port: 45000
IP: 192.168.1.102
Browser port: 45000
Using port address translation
CHAPTER SUMMARY
❒
The two basic types of servers are the file server and the application server. Often,
it is not easy to distinguish between them. For example, a Web server could be considered a file server or an application server, depending on how you use it. How
you categorize a server affects the capabilities of the server components you choose.
❒
Many components make up a server, but all of them work together to produce the
appropriate throughput. If one of the components is not sufficient for the task, a
bottleneck occurs and the server as a whole is affected.Various families of processors are available from Intel, Sun, and other companies. Not all servers use Windows
operating systems; some use Solaris or Linux instead.
❒
Computer components can fail and data can be lost.You must anticipate as many
problems as possible and then determine how to avoid them, or at least lessen their
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
76
Chapter 2
Preparing for Server Installation
repercussions.You can prevent many problems by providing fault tolerance or at
least high availability of components in the Web environment.
❒
RAID technology is an excellent method of preventing a single disk failure from
causing a loss of data.You need a minimum of three hard disks to implement
RAID 5. The storage equivalent of one disk is used to provide redundancy.
❒
Clustering can achieve fault tolerance by configuring multiple servers to act as one.
There are two basic types of clustering. In one approach, the cluster appears as a
single computer. In the other approach, multiple servers work together.
❒
Be careful when you back up data to make sure that you include all of it; by
default, open files are not copied in a backup. Many important applications, such as
e-mail and DBMSs, keep files open and so have special backup needs.
❒
A complete Web server environment includes switches and hubs to connect the
computers, routers to connect the networks, and Internet connections.
❒
Correct IP addressing is essential to network communication. IP addresses include
both a network portion and a host portion and are classified into three categories
based on the numbers of networks and hosts they can support. Network address
translation (NAT) can translate a single IP address into multiple addresses that exist
in the internal network.
REVIEW QUESTIONS
1. In a file server, which component is most important?
a. processor
b. NIC
c. disk subsystem
d. bus
2. In an application server, which component is most important?
a. processor
b. NIC
c. disk subsystem
d. bus
3. A Web server can be used as
.
a. a file server only
b. an application server only
c. a combination of file server and application server, depending on how it is used
d. neither a file server nor an application server
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Review Questions
77
4. A DBMS server is used as
.
a. a file server only
b. an application server only
c. a combination of file server and application server, depending on how it is used
d. neither a file server nor an application server
5.
is a term that refers to any cause of performance degradation
in a system.
6. Which one of the following processors is not compatible with the others? That is,
in which is the underlying architecture significantly different?
a. Intel
b. UltraSPARC
c. AMD
d. All of the above are compatible.
7. The Itanium processor is manufactured by
.
a. IBM
b. AMD
c. Intel
d. Sun
8. The Itanium is a
-bit processor.
a. 16
b. 32
c. 64
d. 128
9. When a processor doubles in speed, it often becomes more than twice as fast as its
predecessor. True or False?
10. The UltraSPARC is manufactured by
.
a. IBM
b. AMD
c. Intel
d. Sun
11. The UltraSPARC architecture is
.
a. CISC
b. DISC
c. RISC
d. MISC
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
78
Chapter 2
Preparing for Server Installation
12. The Windows Server 2003 Datacenter Edition allows up to how many processors?
a. 16
b. 32
c. 64
d. 128
13. Which disk interface allows for the most drives?
a. IDE
b. PCI
c. ISA
d. SCSI
14. Which interface is popular for RAID 5?
a. IDE
b. PCI
c. ISA
d. SCSI
15. RAID 1 is also known as
.
a. redundant copying
b. mirroring
c. duplicating
16. The device that allows servers to continue running when the electricity stops is
a(n)
.
17. A 20-amp circuit can handle about
watts.
18. It is better to use the Microsoft RAID 5 technology that is part of the operating
system than to use the hardware-based RAID 5 technology. True or False?
19. The simplest form of load balancing is
.
20. Which backup method backs up all files that are new or changed since the last
full backup?
a. full
b. differential
c. secondary
d. incremental
21.
connect one network to another network.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Case Projects
79
HANDS-ON PROJECTS
Project 2-1
Hands-on
Project
Create a table with one column titled “Most Economical” and a second column titled “The
Best.” In each row of the table, list a component such as processor, disk, RAM, or NIC.
Given a configuration for Windows 2000, fill in the cells in the table. Write a paragraph
describing the trade-offs required between choosing the most economical and the best.
Project 2-2
Hands-on
Project
You are configuring backup procedures in a Web server environment where the Web
server is used constantly. You want an approach that minimizes the amount of time it
takes to back up the Web server.What approach would you take and why? Write one to
two pages explaining and defending your decision.
Project 2-3
Hands-on
Project
Your supervisor has heard that there is more than one way to implement a fault-tolerant
disk subsystem. He wants to know what the methods are and under which circumstances
each should be used.Write one to two pages identifying ways that you can create a faulttolerant disk subsystem and recommend when each strategy should be used.
Project 2-4
Hands-on
Project
The information in Tables 2-1 and 2-2 is constantly changing. Use the Internet to
research Intel and UltraSPARC processors, including information on their relative speed,
RAM, L2 cache, and bus speed.Write one to two pages detailing the changes that have
occurred since this book was published. Mention the sources of your information.
CASE PROJECTS
Case Project 2-1
Case
Project
A local real estate agency has asked you for help in setting up a presence on the Internet.
The agency has started to create a budget and needs to determine how much the server
hardware will cost. Its plan is to start with a fairly small Web site, but in the near future
the agency wants to have listings of all local homes for sale, including pictures and virtual tours.The agency averages about 1,000 listings at a time. Unfortunately, the agency
can’t give you many details on how many simultaneous users the site will have; the site’s
reliability is the most important consideration at the moment.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
2
80
Chapter 2
Preparing for Server Installation
Because the agency hasn’t yet decided on which operating system and applications to use,
you’ll need to provide some choices. Put together a two- to three-page proposal listing
two hardware configurations—one that would run a Windows 2003 system and one that
would run a Red Hat Linux system.Your objective is to find servers that come preconfigured with the operating systems.The servers need to have tape backups.The agency is
on a tight budget so it wants as cheap a solution as possible but with on-site support.
Case Project 2-2
Case
Project
The real estate agency is happy with your proposal (see Case Project 2-1), but needs
some time to make a decision. In the meantime, your boss has suggested that you prepare for any decision that the agency makes.This means that you need to develop some
documentation.
Prepare a diagram like the one in Figure 2-15 that shows the real estate agency’s network. It has six machines in the office and a router with a fractional T1 connection to
the Internet. Assume that the router’s IP address is 24.16.5.200 and that the port on the
Internet side of the firewall is 24.16.5.201. For the computers on the private side of the
network, you get to choose the addresses; base them on the class C private address
192.168.0.0.
Case Project 2-3
Case
Project
The real estate agency (see Case Project 2-1) has also been selected to support regional
home listings. As a result, its new Web site will require a Web server environment that is
not only many times larger, but also able to grow rapidly without requiring a new, bigger server. How would you build this environment? Write two to three pages to justify
your conclusions.
Case Project 2-4
Case
Project
Identify appropriate servers for an organization that requires an FTP server, a DBMS
server, and a Web server that is in between a file server and an application server. Basically,
the company has a lot of static HTML files but also supports Active Server Pages files.
You have a budget of $15,000 for each server. Go to Web sites for major vendors such
as Dell, Compaq, Hewlett-Packard, Sun, and IBM. Describe in detail at least two servers
in each category from at least two vendors; show the range of possibilities for each server,
including information on processors and disk capacity.Write two to three pages explaining and defending your choices.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
CHAPTER
3
INSTALLING THE SERVER
In this chapter, you will:
♦ Prepare the server for system installation
♦ Understand the installation process
♦ Install Windows 2000 Server, Windows Server 2003, and
Red Hat Linux 8
♦ Examine basic Linux commands
♦ Configure TCP/IP
W
hether you are installing a Windows server or a Linux server, you typically perform the same tasks when preparing for installation. First, you
determine how to organize the disk into partitions. Then, you examine the
licensing requirements, which vary from one operating system to another.
Although you can download Linux for free, licensed versions from Red Hat
and others come with support and extra software. For the Microsoft operating
systems, licenses are based on client access.You must also make sure that the
NIC, video adapter, and disk subsystem on the server are compatible with the
operating system that you install. After you complete these preparation tasks,
you are ready to install an operating system on your server.
This chapter includes instructions for installing Microsoft Windows 2000
Server, Windows Server 2003, and Red Hat Linux 8. With few exceptions,
you will install the default components for each server. If you are new to
Linux, you can take an introductory tour of the KDE windowing environment and learn the basic commands of the shell interface. Finally, you will
learn how to configure TCP/IP properties, which is necessary for communicating with other computers.
81
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
82
Chapter 3
PREPARING
THE
Installing the Server
SERVER
FOR
SYSTEM INSTALLATION
Before you install the operating system on your server, you need to perform a variety
of tasks to prepare for the installation. If you are installing multiple operating systems on
a single disk, your preparation steps are more complicated than when you are installing
one operating system per computer.
Although you will probably install the operating system using a CD, this chapter covers
other methods as well, including installing from a bootable CD, installing from a floppy
disk with a nonbootable CD, and performing a network installation. Whichever installation method you use, make sure all of your hardware components are compatible with
the operating system before you start installing the operating system. You should also
document your findings for future reference.
Single-Boot and Multi-Boot Systems
Single-boot systems have one operating system, whereas multi-boot systems have
more than one operating system on a single disk.Virtually all servers used in production
environments are single-boot systems. (Production environments are those where servers
work in a business or organization other than a computer lab, which runs the server only
for educational purposes.) Multi-boot systems are often used in development or training.
It is easier to set up a multi-boot system with operating systems from a single manufacturer such as Microsoft, because the software is designed to coexist with different versions.
However, even if you use only Microsoft operating systems on a single hard disk, you must
still install current service packs after you install Windows. Service packs are operating
system improvements and corrections issued by Microsoft after the company releases an
operating system.You can download Windows service packs from the Microsoft Web site
at http://www.microsoft.com/downloads. Red Hat Linux calls its improvements and corrections errata and divides them into three categories: security alerts, bug fixes, and enhancements.The errata are available at http://www.redhat.com/apps/support/errata.
If you want to install two operating systems on one hard disk, you need to plan the
installations carefully. Most operating systems are designed to control the master boot
record (MBR), a sector on the hard disk that contains a boot loader program intended
to start the boot process. When you turn on a multi-boot computer, a menu appears,
listing the operating systems available on the computer; you then select which one you
want to use. When Microsoft operating systems use the MBR, the menu of operating
systems lists only the Microsoft software.You cannot easily add a Linux menu item to
the Microsoft boot menu.Therefore, if you install Windows first and Linux second, you
must rely on a Linux boot method to allow both operating systems to coexist on the
same hard disk. Linux can recognize a Windows installation even though Windows cannot recognize the Linux installation.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Preparing the Server for System Installation
83
Red Hat Linux can boot your computer in a number of ways. Like Windows, Linux uses
a boot loader at startup. Older versions of Linux used LILO, which is an excellent boot
loader. However, LILO typically needs to be reconfigured when it is combined on the
same hard disk with a Windows operating system.To boot your computer with Red Hat
Linux, you use a boot loader called GRUB. When GRUB is installed in the MBR and
you boot the system, a menu appears with two entries: Linux and DOS.You select DOS
to open a menu that lists Microsoft operating systems, such as Windows 2000 Server. In
rare cases, GRUB may not work on a system. In this situation, you can use a boot floppy
disk. When you install Linux, the Setup program asks for a floppy disk to configure as
a boot floppy disk. Save that floppy disk in a safe place in case you cannot boot your
system from the hard disk.
Installation Methods
You can install operating systems using one of several methods. For Windows servers,
you can use a bootable CD, a floppy disk with a nonbootable CD, or a network installation. For Linux, depending on the distribution, you can use a bootable CD, a floppy
disk with a nonbootable CD, or FTP, which allows you to transfer the operating system
files from a server on the Internet.
The most common—and fastest—method for installing a server operating system is to
use a bootable CD. Although the option to boot from a CD should be available on all
newer PCs, sometimes the BIOS is set up so that the boot order starts with the hard
disk instead of the CD. Because different BIOSs are available, check with your network
supervisor to confirm that your computer is configured so that the CD drive is the first
device in the booting sequence.
If you are using a computer that cannot boot from a CD, such as an older PC or one with
a nonstandard SCSI configuration, you can start installing a server operating system with
a boot floppy disk. For Linux, if you do not have a bootable CD and need to start the installation process from a floppy disk, format a floppy disk and then insert the Linux CD 1
in the CD drive of any Windows PC. From a command prompt, type the information
shown in Figure 3-1. The figure assumes that the CD is the D: drive.
To create a boot floppy disk in Windows 2000, use the command d:\bootdisk\
makeboot.exe where D: is the CD drive. Windows 2003 does not support boot
floppy disks.
Both Linux and Windows allow you to install them from a network. To install Linux,
you first connect to the network, then transfer the files using FTP or HTTP. You can
create a network boot disk to connect to the network before you install an operating
system. For a network boot disk, follow the same steps as shown in Figure 3-1, with one
exception: instead of using boot.img as the filename, use bootnet.img. See Figure 3-2.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
84
Chapter 3
Installing the Server
Step 1: Change
to the CD drive
Step 2: Change
to the dosutils
directory on
the CD
Steps 3 and 4:
Type this text
and press Enter
Step 5: Insert a
floppy disk and
press Enter
Figure 3-1
Creating a Linux install floppy disk
Use bootnet.img
as the filename
Figure 3-2
Creating a network boot disk
To install any Microsoft Windows server product over a network to a hard disk without
an operating system, you must first create an MS-DOS boot disk that contains drivers you
can use to connect to the network. This task poses a challenge in two ways. First, you
can create a DOS boot disk only if you can access a computer running a Windows operating system. Second, you need to access DOS drivers for your NIC. Some NICs do not
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Preparing the Server for System Installation
85
provide DOS drivers, and others are difficult to find. Also, because operating systems are
so large, installing over a network is very slow, especially for multiple installations.
Checking Hardware Compatibility
If you are using computer hardware that is designed for a server, you should not have
any problems when you install a server operating system. However, if you are installing
the operating system in a lab environment, as you will in this chapter, the video adapter,
NIC, or hard disk might not be compatible with the new software.
If you are using an IDE drive, then you should not have a compatibility problem with
the hard disk. However, SCSI and RAID controllers can pose problems. Although the
manufacturers usually include drivers for these types of controllers, you often have to
make sure that they are the latest version. Always check the manufacturer’s Web site for
the latest drivers.You may need different drivers for the different controllers, and they
must be loaded in the correct order. For example, there may be a SCSI RAID controller
for the hard drives, and another SCSI controller for the CD-ROM. Reliable server vendors often provide Setup programs that automate driver installation. For this reason, it is
usually wise to purchase a server from a top vendor. For example, Dell now provides special startup CDs that guide you through an installation and make sure that all the drivers
are installed correctly.
In the past, video adapters have posed some problems for Linux installations. Older versions of Linux sometimes requested the name of the manufacturer of the chip set on
your video adapter, which is not a commonly known piece of information.Today’s Linux
distributions, particularly Red Hat, include virtually all the current video drivers.
NIC compatibility is not a problem if you use NICs from a major vendor, such as Intel
or 3COM. If you use discounted NICs, however, they might not be compatible with
Windows or Linux. In that case, you would have to make sure that the NICs include
appropriate drivers for the operating system you are installing.
Windows 2003 provides the best support for existing hardware. Since the release of
Windows 2000, Microsoft has provided signed drivers, which means that the drivers
are certified to work as described.
However, dozens of companies manufacture hardware components. Although the video
adapter, NIC, and hard disk are the components that are most often incompatible with
server operating systems, you could experience problems with a component as basic as
a motherboard. Upgrading a computer can also result in hardware problems. For example, you might have an excellent, high-quality server running the Windows NT server
software, but the specialized RAID controller on the server might not be compatible
with Windows 2000 or Windows 2003. If you are upgrading an old server, make sure
you have a detailed list of components. Many video adapters, RAID controllers, and
SCSI adapters are compatible with Windows NT but not with Windows 2000 or
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
86
Chapter 3
Installing the Server
Windows 2003.To a lesser extent, an older Windows 2000 server might have devices that
are not compatible with Windows 2003.
To check whether a device is compatible with a particular Windows operating system, visit
www.microsoft.com/hwdq/hcl. At the Microsoft site, you can select a device to see whether it
is compatible with a particular version of Windows, ranging from Windows 98
to Windows 2003. If you want to check whether a device is compatible with Linux 8,
start at hardware.redhat.com/hcl.
Preparing System Documentation
System documentation should be detailed enough so that even an inexperienced network administrator could reinstall and configure the server. This documentation should
include information about the operating system and all applications, including the Web
server or e-mail server.
System documentation is an ongoing process, not something you create only once. Begin
by listing the basic hardware characteristics of your system to document how it is configured when you purchased your server. Next, list the configuration information for the
operating system—primarily the partition information and the drivers that may be
needed beyond the ones that come with the operating system, such as SCSI drivers.
Then, describe the partitions in the next section of the documentation by identifying
the number of partitions, the size of the partitions, and the rationale for the configuration. Also describe the procedures for the steps in the installation where you do not
accept the defaults. Next, describe the software you have added and deleted, along with
any patches that have been applied; this section can change over time. In a prominent
place on the document, include all support information, such as the support Web site,
phone number, contract number, support type, and expiration date of the support agreement. Some support contracts allow you to call 24 hours a day, seven days a week. Others
are available only during business hours.
Keep the system documentation in a notebook with all associated CDs. In addition, store
the system documentation with any software documentation for backup software and
other applications on the server. If you build the system yourself, document every component you purchase, including the following components and related information:
■
Server—Include the manufacturer and complete model number.
■
Processor—List the type, speed, and number of processors.
■
RAM—Indicate the amount of installed RAM.
■
Drive interface—If the drive is a SCSI or RAID, list the manufacturer, model,
and drivers needed.
■
Hard disk—Include the manufacturer and complete model number.
■
NIC—Include the manufacturer and complete model number.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Installation Process
87
■
Partition information—List the number of partitions and the size of each; for
Windows, also list the size of each drive.
■
Operating system version installed—Indicate the version of the operating system,
which is especially important for Linux as there are many distributions and
the versions change more often than in Windows.
■
Latest software patches—List the patches you installed and when you installed them.
■
Support information for hardware and software—Include any Web site addresses
and phone numbers. If you have a contract, include the contract number,
type of support, and date of its expiration.
UNDERSTANDING
THE INSTALLATION
PROCESS
During the installation process, the Setup program will ask about your system and its
configuration.You should know the answers to these questions before you start the installation. Because many of these questions are common to all operating systems, understanding these similarities will help you to install any operating system.
Partitioning the Hard Disk
You need to understand how you will partition the hard disk. A partition is a logical
division of the hard disk. Because you might be installing three operating systems, you
must create a number of partitions. Although the concept of partitioning is the same
across all operating systems, Windows and Linux use partitions in different ways.
Windows Partitioning
On a Windows computer, you can create a primary partition, which is a drive or
part of a drive where the system starts its boot process, and an extended partition,
where more drives can be added as needed. Usually, the operating system boots from the
C: drive. When configuring a server, you should isolate the system software from other
software and data files on this drive by keeping the files in separate partitions; doing so
improves security and system performance. If hackers access a partition through your
Web site, they can likely access data, which is stored on the Web partition that doesn’t
contain the operating system. They may find it difficult to move from that drive to the
one with the operating system, where they could cause more damage. If you install system, software, and data files on the same drive, and then hackers or users store so many
files on the system that they fill the drive, the operating system will stop functioning. If
you store programs and data on a separate partition and fill up that partition, however,
only the programs are affected; the operating system keeps running so that you can clean
up the disk.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
88
Chapter 3
Installing the Server
On a Windows production server, it is a good idea to make the C: drive partition at least
2 GB. Typically, the rest of the drive is given to the next drive letter available. On most
systems, the D: drive is the CD-ROM drive, so the E: drive would be the disk partition.
Allow plenty of space for the E: drive because you will often add temporary files, log
files, and other files over time.
If you install Windows on a new hard disk that is not a preconfigured RAID 5 drive, the
Setup program will ask you to first create a partition into which it will install Windows.
If you are setting up a multi-boot computer, you could store all of the operating systems
in the same partition. In this chapter, however, you will install the first Windows operating system on the C: drive; if you install a second Windows operating system, it will be
on the next drive letter available.
Linux Partitioning
The concept of dividing the hard disk into more than one partition in Linux is the same
as it is for Windows. You should also keep the Linux operating system separate from
applications. However, unlike Windows, Linux does not assign drive letters to disks or
partitions. Instead, the drive begins at the root, which is designated with a forward slash
(/). Two partitions are required for Linux—the root partition and the swap partition.
Linux uses the swap partition to swap instructions and data in and out of RAM when a
program requires more space than is available in RAM. Note that the swap partition
requires a special file format called swap.
Red Hat Linux can create a number of default partitions for you. Table 3-1 identifies
these default partitions and indicates the amount of space Linux allocates for each partition on a 6.4 GB drive and an 80 GB drive.
Table 3-1
Linux default partitions
Name
Description
6.4 GB drive
80 GB drive
/ (root)
The root partition is the top of the directory
structure. It does not contain many files when you
first install Linux. If you create directories at the
root, it will use up this space.
510 MB
510 MB
swap
Linux stores virtual memory in the swap partition.
The processor uses virtual memory when it does
not have enough RAM. A rule of thumb is that
the swap partition should be at least the size of
your physical memory. By default, Red Hat makes
the swap partition double the size of your physical
memory. Unlike the other partitions, swap is not
part of the directory structure, which means that
you cannot explicitly store files on this partition.
Rather, the operating system uses it behind
the scenes.
1,020 MB
1,020 MB
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Installation Process
Table 3-1
89
Linux default partitions (continued)
Name
Description
6.4 GB drive
80 GB drive
/boot
Linux stores the basic files for starting your system
in the boot partition. These files include the
operating system kernel, along with the few
support files needed to boot the system. This is
the smallest partition, usually 47 MB in size.
102 MB
102 MB
/usr
Linux stores the files and programs that are shared
among all users in the usr partition. Because this
partition can contain the most files, it should be the
largest. By default, it takes up about 70 percent of
the disk after Linux allocates space for the other
partitions.
2,761 MB
54,627 MB
/home
Users create their directories in the home partition.
Depending on how many users are on the system,
this partition can be quite large. By default, it
takes up about 30 percent of the disk after Linux
allocates space for the other partitions. On a Web
server, however, the home partition can be smaller
because users should not store files in the home
directory, unless the user is an ISP with user Web
sites associated with the home directories.
1,012 MB
19,979 MB
/var
The var partition contains your Web site, FTP site,
log files, and e-mail spool files. Log files and
e-mail files can take up a lot of room on a server,
so you should increase this partition to at least a
few gigabytes. You can take some space away
from either /home or /usr to do so.
753 MB
753 MB
3
Notice that the only partitions that differ depending on the size of the hard disk are the
/usr partition and the /home partition. Red Hat assumes that you want to use the additional space for applications (/usr) and user home directories (/home). For a Web server
installation, however, you need more space in the var partition and less space in the home
and user directories. As you go through the installation, text boxes will offer you the
default partition sizes.You can easily change the sizes to whatever is appropriate for your
environment.
Managing Multiple Operating Systems
For production servers where you install one operating system on a hard disk, create partitions as suggested in the previous sections. When you install more than one operating
system on the same hard disk, however, you should start with an unpartitioned hard disk
and then add partitions for each operating system. Create one partition for each
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
90
Chapter 3
Installing the Server
Windows operating system, and allow Linux to create its default partitions.Table 3-2 lists
suggested partition sizes for each operating system.
Table 3-2
Suggested partition sizes
Operating system
Partition size
Windows 2000
6,000 MB
Windows 2003
6,000 MB
Linux partitions
Remaining space on drive, but at least 3 GB
Making Space for Multiple Operating Systems
To partition a hard disk, you can use low-level commands such as fdisk for DOS and
some versions of Windows, and fips for Linux. However, it is much easier to partition
the hard disk as you install each operating system. The Setup program for each operating system will allow you to delete partitions and create partitions of any size.
Booting Multiple Operating Systems
You must install the Windows operating systems first and then Linux.You already have
learned that because Windows does not recognize Linux, it is the responsibility of Linux
to recognize Windows. In Linux, you can use a specially configured floppy disk to avoid
the Windows boot menu or take advantage of Red Hat’s GRUB boot menu to select
between Linux and Windows.
When you install a new Windows operating system, it detects the previous installation
and adds the new installation to the boot menu automatically.After you add Windows 2003,
the menu includes choices for Windows 2003 and any other Windows operating systems
that you installed, as shown in Figure 3-3.
Pleaseƒselectƒtheƒoperatingƒsystemƒtoƒstart:
ƒƒƒƒƒWindows Server 2003, Enterprise
ƒƒƒƒƒMicrosoftƒWindowsƒ2000ƒServer
Useƒtheƒupƒandƒdownƒarrowƒkeysƒtoƒmoveƒtheƒhighlightƒtoƒyourƒchoice.
PressƒENTERƒtoƒchoose.
Figure 3-3
Windows boot menu
The information in this section applies to installing operating systems in a lab environment.
If you are installing a single operating system on a computer in a production environment,
you do not need to perform the installation steps in this section to boot multiple operating systems.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Installation Process
91
Naming Computers
The primary purpose of naming a computer in either Windows or Linux is to distinguish it from other computers on your LAN.You can name a computer as you install it.
Recognize also that you can share that name and its aliases with the rest of the network,
even the Internet.
You must give your Windows computer a name that is unique throughout your network.
To make it easy to recognize and remember, keep the name simple and descriptive, such
as web1 or web2.The name you assign is used on the LAN for communication; it is not
related to how the computer is recognized on the Internet. For example, you might name
the computer web1, but to the Internet it may be www.technowidgets.com. To an e-mail
user, it may be technowidgets.com as in [email protected]technowidgets.com.
In Linux, computer names are usually referred to as host names.You can create a network with Linux computers that share the same host name with no problems, because
in Linux you communicate with other computers by IP address. Of course, it is helpful
in general to have unique names associated with each IP address, so it is still a good idea
to have unique names that are also descriptive. (The method used to associate names and
IP addresses is a separate issue discussed later.)
Licensing the Software
A software license describes how you can use the software. Software licenses differ among
the operating systems. Microsoft assumes that the users of Windows 2000 have purchased
a legal copy. In contrast, Windows 2003 users must verify that they are compliant with
licensing by activating the software once it is installed. To activate Windows 2003, you
must contact Microsoft either by the Internet or phone. Licensing is not a concern for
Linux, because copies of the operating system are free, although packaging, support, and
special additions may cost extra.
When you purchase a Windows server operating system, it probably comes with a few
client licenses. Simply purchasing a server and client operating systems does not mean
that you can legally connect computers together in a LAN. Each computer that connects to a LAN must have a client access license (CAL). Two types of licenses for
Windows servers exist: per server and per seat.You use a per server license when you
have a single server and not all client computers need to connect to it at the same time.
You use per seat licenses in network environments with multiple servers. Per seat
licensing means that each client computer has its own license and can connect to as
many servers as you have. Because most networked environments have multiple servers,
per seat licensing is the most common type. Connecting to a Web-based application,
whether it is on a LAN or WAN, does not require a CAL, but it may require another
type of license such as a per processor license.Typically, however, all computers in a LAN
have a CAL.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
92
Chapter 3
Installing the Server
Linux takes a different licensing approach. Linux is produced under the GNU general
public license. GNU, pronounced “guh-NEW,” is a recursive acronym for “GNU’s Not
UNIX.” According to the GNU general public license, “the GNU general public license
is intended to guarantee your freedom to share and change free software—to make sure
the software is free for all its users.” Some companies, including Red Hat, bundle Linux
with extra software for specific purposes and charge more for that. For many environments, the personal version of Red Hat Linux is satisfactory for basic Web connectivity
and networking. The personal version is used in all the examples in this book.You can
also obtain Red Hat Professional, which has more installation options and better support. For mission-critical systems, you can license Red Hat Linux Advanced Server.
Identifying Devices
The most significant improvement in the installation procedures in servers over the past
few years has been the increased ability of the operating system to correctly identify
devices. When installing Windows NT and early versions of Linux, it was difficult to
have the operating system perform this task. PCI slots introduced the possibility of
using Plug and Play devices, which means that the operating system automatically configures a device such as a NIC as it is being installed. Windows 2000, Windows 2003,
and Linux support Plug and Play devices. Windows 2000 and Windows 2003 recognize
a wide variety of devices, but recall that you need to verify that your devices are
included on the appropriate Hardware Compatibility List. Problems can arise when you
try to use old specialized devices, such as RAID controllers designed for Windows NT,
in a Windows 2003 server.
Until a few years ago, Linux had a reputation as being difficult to install because it often
supported only older NICs and video adapters. Also, when it did support a video
adapter, you had to know the details of the chip set and other information.At that time,
because Linux was not yet popular and was primarily managed by volunteers, it did not
support as many devices as Windows. Although it is still a good idea to check whether
a device is compatible with Linux by visiting hardware.redhat.com/support/hcl, Linux will
probably work on today’s typical PC. Special-purpose servers, such as high-capacity,
high-performance Web servers that support multiple processors or RAID controllers,
might not be supported by Linux. In this case, be sure to purchase both the server and
the operating system from a top vendor. Doing so increases the probability that they
will work together.
Selecting a File System
A file system determines the way in which files are organized on a computer disk; in
Windows, the file system also determines the characteristics of a file. With Windows 2000,
Windows 2003, and Linux, you can choose from more than one type of file system. In
the Windows operating systems, you use either the File Allocation Table (FAT) or New
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Installation Process
93
Technology file system (NTFS). With Linux, ext3 is the current choice, although you
can use others, such as ext2.
The FAT file system for Windows is based on the original DOS operating system from
1981. For server installations, FAT is obsolete because it does not provide adequate file
system security. In the past, one advantage of using the FAT file system was that if the
server did not boot correctly, you could boot from a DOS disk in the floppy disk drive,
access a FAT volume on the hard disk, and correct the problem by copying or editing
files. Today, a number of utilities allow you to boot from the floppy disk drive, so you
no longer need to use the FAT file system to enjoy this advantage.
The NTFS was first introduced with Windows NT. It offers better performance with
large hard disks than does FAT, better error correction, and, most important, built-in file
system security. The security in NTFS controls file access for all users. In a Web server,
everyone who receives a Web page is associated with a user name. The user associated
with the Web server can access only those files that are part of the Web site, not the
whole hard disk. This restriction greatly improves security.
In Red Hat Linux, all file systems have the same security capabilities.The latest file system
from Red Hat is ext3.According to Red Hat, this file system offers many improvements,
especially in terms of access speed.
Verifying Installation Requirements
The final preparation step before installing an operating system on your server is to verify
both the minimum and the recommended installation requirements.The software manufacturer typically sets the minimum requirements needed to allow the software to function. However, most Web server administrators require more than the minimum hardware
resources to handle Web traffic efficiently.
For Windows 2000 and Windows 2003, the minimum processor required is a Pentium
running at 133 MHz with 128 MB of RAM. For Windows 2000, you need about 1 GB
of space for the operating system; Windows 2003 requires about 1.5 GB. For adequate
performance, the processor should be at least four times faster and you should have double the amount of RAM. Fortunately, even an entry-level server is many times faster
than the minimum required, which is appropriate for most Web servers. From 1996 to
1998, DeVry University in Phoenix had a Web server running Windows NT that it also
used as an e-mail server. For part of this time, Microsoft SQL Server, DBMS, was used
by Active Server Pages, which is a programming environment for the Web server. The
server ran on a 166 MHz Pentium III server with 64 MB of RAM.
Linux is less stringent in its minimum requirements. In fact, a special-purpose version of
Linux can be embedded on a chip with very little RAM. However, for a Web server, even
a computer with a Pentium III processor would be appropriate for most environments.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
94
Chapter 3
Installing the Server
Because Web pages do not take up much space, the size of the disk needed for a typical
Web server is not much larger than the requirements for the operating system itself.
Much of the space is needed for other software that you may put on the Web server,
such as e-mail software or a DBMS. For example, to install the Oracle9i DBMS, which
includes the Apache Web server, you need nearly 3 GB of space.
In a student lab environment, to install all of the software and operating systems, the
minimum requirements are a 15 GB drive and a Pentium computer with 128 MB of
RAM. If you plan to install one Windows operating system, such as Windows 2000 or
Windows 2003, plus Linux, you need a 10 GB drive.
INSTALLING MICROSOFT WINDOWS 2000 SERVER
In a production environment, you will often install the operating system on the C: partition and put all other software, such as the Web server, e-mail, and DBMSs, on the
E: partition. Recall that you install the operating system on a separate partition to make
sure that it can continue to run even if the applications partition runs low on disk space.
For most environments, a C: partition with 2 to 3 GB is sufficient.
A student lab requires a different configuration than does a production environment. For
ease of configuration, you will install all the software on a single drive in this chapter.
You will also need to create a computer name and IP address that are unique on your
network. If the network includes more than one computer, ask your instructor for the
computer name and IP address.
Throughout the text, the name of the computer is web1 and the IP address is 192.168.0.100,
with a subnet mask of 255.255.255.0.
In the following steps, you will install Windows 2000 Server with the default components,
including the Web server.You will configure the Web server and other related components in later chapters.
Before you start the installation, write down the 25-character product key from the
program CD.You will need it to complete the installation.
To begin installing Windows 2000 Server and create a partition:
1. Turn on the computer and insert the Windows 2000 Server CD in the CD
drive. If a message appears instructing you to press any key to boot from the
CD, press a key. The Setup program inspects your computer’s hardware configuration and then loads files for the installation. When the Welcome to
Setup window opens, press Enter to begin the installation.
If any other messages appear during this step, consult with your instructor or
technical support staff for assistance.
2. In the Licensing Agreement window, press F8 to accept the licensing agreement. The Disk Partitions window opens, shown in Figure 3-4.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Microsoft Windows 2000 Server
95
3
Figure 3-4
Disk Partitions window
You use this window to create a disk partition. In a production environment,
you might create a partition of 2 to 3 GB; in a student lab, create a partition
of at least 6 GB for Windows 2000 Server. The partition size is given in
megabytes, so for a 3 GB partition, you would enter 3,000, and for a 6 GB
partition, you would enter 6,000.
3. Press C to create a partition. The “C” stands for Create, not the drive letter. A
text box appears with the maximum size for the partition. Change the size to
one that is appropriate for your environment, typically 3,000 for a production
environment or 6,000 for a student environment. Press Enter to create the
disk partition.
4. The next window states: “The following list shows the existing partitions and
the unpartitioned space on this computer.” This is where you select the partition on which you will install the operating system. There should be a single
new partition that begins “C: New (Unformatted).” Select the partition you
just created and press Enter to install the operating system.
5. In the Disk Formatting window, accept the default selection of “Format the
partition using the NTFS file system” by pressing Enter. Recall that NTFS is
an appropriate file system for Web servers because of its security features.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
96
Chapter 3
Installing the Server
The Setup program formats the partition, examines the disk, copies the
installation files to the hard disk, and reboots the computer.
The screens in the first part of the installation were text-based because Windows was not
installed on the hard disk yet. In the second part of the installation, a minimal version
of Windows is installed to support and test the configuration options.
To continue installing Windows 2000 Server and specify settings:
1. After the computer reboots, a welcome window appears. Wait until the
Detect and Install Devices dialog box appears. Pay close attention to the dialog boxes and answer the questions as they appear. If you do not, Windows
will accept the default after a few moments and continue to the next screen.
This choice will cause problems when you do not want to accept the default.
Click Next to detect and install devices on your computer. The Setup program automatically detects your NIC and video adapter. This step could take
a few minutes.
2. In the Regional Settings dialog box, you can change the user locale and keyboard settings from the standard U.S. selections, if necessary. For example,
changing the locale can alter the date format and allow you to type foreign
characters. Click Next to accept the default U.S. settings.
3. In the Personalize Your Software dialog box, type your name and the name of
your organization, and then click Next.
4. In the Your Product Key dialog box, type your 25-character product key, and
then click Next.
5. In the Licensing Modes dialog box, you select the type of licensing agreement
you are using, either Per Seat or Per Server. If you are working in a student
lab environment, accept the default licensing mode of Per Server with five
licenses by clicking Next.
You would use the Per Seat option button in an environment with multiple
servers that user workstations need to access, where each workstation has its
own CAL.
6. In the Computer Name and Administrator Password dialog box, change the
default computer name to web1 or a name provided by your instructor.
Recall that names must be unique on the network. For the password, type
password in both text boxes, and then click Next.
Tip
In a production environment, you should use a more secure password than
“password.” More secure passwords have at least eight characters and
include both uppercase and lowercase letters, digits, and special characters
such as # or %.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Microsoft Windows 2000 Server
97
7. The Windows 2000 Components dialog box opens, listing the operating system
components you can install on the server. See Figure 3-5. Internet Information
Services (IIS), which is the Web server, is installed by default. However, some
components within IIS, such as the FTP server, are not installed by default.
You will install FTP and other software associated with the Web environment
in later chapters. Accept the default selections by clicking Next.
Figure 3-5
Tip
Windows 2000 Components dialog box
In a production environment, you may want to install a variety of services as you
install the operating system. If you selected Internet Information Services (IIS)
and clicked Details, you would be able to add the FTP server or the NNTP service. At the same time, you could unselect the SMTP service, which allows e-mail
to be sent from a Web page. Within the Networking Services component, you
could choose to install DNS.
8. The Date and Time Settings dialog box opens, listing the time zone, date, and
time for your system. If these settings are not correct, use the list boxes to
change them, and then click Next.
9. As Setup installs the networking components, the Network Settings dialog
box appears. After it installs the components, it prompts you to choose
between typical settings and custom settings. Click the Custom settings
option button, and then click Next.You select the Custom settings option so
that you can later enter an IP address.You have to pay close attention to this
dialog box because if you do not choose options appropriately, the installation
program will accept the default—typical settings—and continue with the
installation.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
98
Chapter 3
Installing the Server
10. The Networking Components dialog box displays the networking components
that you can customize. Click Internet Protocol (TCP/IP), and then click
the Properties button.
11. The Internet Protocol (TCP/IP) Properties dialog box opens. To enter an IP
address, click the Use the following IP address option button.
12. In the IP address text box, type your IP address, such as 192.168.0.100. In
the Subnet mask dialog box, type your subnet mask, such as 255.255.255.0.
If your network uses a default gateway, type the IP address of your router in
the Default gateway text box. (In a student lab, you probably do not have a
default gateway.)
In the Preferred DNS server text box, type the IP address of your DNS server.
In the student lab, you will be installing a DNS server on this computer, so
enter the same IP address as you used for this computer—192.168.0.100. In a
production environment, your ISP usually gives this IP address to you. See
Figure 3-6. Click OK to save the changes and return to the Networking
Components dialog box. Click Next to continue.
Figure 3-6
Windows 2000 Internet Protocol (TCP/IP) Properties dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Microsoft Windows Server 2003
99
13. The Workgroup or Computer Domain dialog box opens. If this computer
is part of a domain, you could click the option button to make it part of a
domain and enter the name of the domain. In a student lab, you accept the
default of no domain with a workgroup name of WORKGROUP by clicking Next.
14. The Installing Components and Performing Final Tasks dialog boxes appear
in succession to inform you about the tasks that Setup is performing during
the install process. This might take a few minutes. When the installation is
complete, click Finish and then remove the CD. The computer restarts
automatically.
Now you can test the installation to make sure that it works correctly by logging on and
then shutting down the computer.
To test the installation:
1. After your computer restarts, the logon window appears. Log on using the
password you created earlier, password, and then click OK.
2. In the Windows 2000 Configure Your Server dialog box, you can choose to
configure the server now or later. Click the I will configure this server
later option button, and then click Next.
3. To prevent this dialog box from appearing every time you start the computer,
click the Show this screen at startup check box to remove the check
mark. Then close the Windows 2000 Configure Your Server dialog box.
4. Click Start on the taskbar, click Shutdown, and then click OK to shut down
the server.
INSTALLING MICROSOFT WINDOWS SERVER 2003
The Windows 2003 Web Server is Microsoft’s entry-level server, which is useful for companies that need only basic Web services. If you need to add more advanced features such
as Internet Authentication Service, Internet Connection Sharing, Windows Media
Services, and Internet Connection Firewall, you must use Microsoft 2003 Standard
Server. In the following procedure, you will install 2003 Standard Server; it includes an
option called Active Directory that you will need if you plan to install Microsoft
Exchange. Active Directory is not available with 2003 Web Server.
The 2003 servers provide excellent Internet features because they were designed to work
in a complex Internet environment and offer dramatically improved security.Their programming environment, including Web Services,ASP.NET, and other components of the
.NET Framework, is built into the operating system.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
100
Chapter 3
Installing the Server
To install Windows 2003:
1. Turn on your computer and insert the Windows 2003 Standard Server CD.
When prompted, press any key to boot from the CD.
2. The installation program displays “Windows Setup” as it loads files. When
the Windows 2003 Standard Server Setup screen appears, press Enter to
begin the Setup program.
3. In the next window, press F8 to accept the licensing agreement.
4. In the next window, create a partition of 6 GB for the operating system.
Select Unpartitioned space in the menu, and then press C to create the
partition. Refer back to Figure 3-4, which shows the same dialog box. (Note
that the Windows 2003 dialog box uses a different title.) A text box appears
with the maximum size for the partition. Change the size to 6000, and then
press Enter.
5. Select the partition you just created, which is labeled as [New (Raw)]. Press
Enter to set up Windows in the partition.
6. To format the disk, click Format the partition using the NTFS file
system (Quick).
When the Setup program successfully completes the first part of the installation, it
reboots the computer. Do not press a key to have the computer boot from the CD, as
you did in a previous procedure. Instead, let the computer continue when it reboots so
that it will not start the Setup program again. After the computer reboots, a screen
appears with the following option buttons:
■
Collecting information
■
Dynamic Update
■
Preparing installation
■
Installing Windows
■
Finalizing Installation
The Setup program displays the option buttons as it completes the tasks, and it displays
the approximate time remaining until the installation is finished. As with Windows 2000
Server, you need the 25-character product key from the program CD to complete the
installation.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Microsoft Windows Server 2003
101
To finish the Windows 2003 installation:
1. After the computer restarts and the Setup program finishes installing devices,
the Regional and Language Options dialog box opens. Unless you have changes
to make, click Next to accept the default regional and language options.
2. The Personalize Your Software dialog box opens. To personalize your system,
enter your name and organization, and then click Next.
3. The Your Product Key dialog box opens. Enter the 25-letter product key
from the program CD. In a production environment, you must also register
your software—the software will stop functioning in 14 days unless you
register it. Click Next to continue.
4. The Licensing Modes dialog box opens. Select the licensing mode. In a student
lab environment, accept the default of Per server by clicking Next.You would
use the Per Seat option button in an environment with multiple servers that
user workstations need to access, where each workstation has its own CAL.
5. In the Computer Name and Administration Password dialog box, change the
default computer name to web1 if you are on an isolated network. In a student environment, a good way to make the computer name unique is to use
WEB as the first part of the name, followed by the last octet of your IP address.
For the administrator password, enter password in both text boxes. If a
message appears, click Yes to use this password. In a production environment,
you would enter a more secure password. Click Next to continue.
6. The Date and Time Settings dialog box opens. Modify the date, time, and
time zone settings if necessary, and then click Next.
7. In the Network Settings dialog box, click the Custom settings option
button so that you can define your own network settings. If you accept the
default of Typical Settings, the server would use DHCP to automatically
receive an IP address from a DHCP server. This choice is not appropriate for
a Web server. Click Next.
8. In the Networking Components dialog box, click Internet Protocol
(TCP/IP), and then click the Properties button.
9. Click the Use the following IP address option button, and then enter your
IP address.You can use 192.168.0.100 as the IP address and 255.255.255.0 as
the subnet mask, unless the instructor tells you otherwise. For DNS, enter
192.168.0.100. See Figure 3-7. When you finish, click OK to return to the
Networking Components dialog box, and then click Next.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
102
Chapter 3
Figure 3-7
Installing the Server
Windows 2003 Internet Protocol (TCP/IP) Properties dialog box
10. In the Workgroup or Computer Domain dialog box, accept the default selection of No, this computer is not on a network or is on a network
without a domain and the default workgroup name, WORKGROUP, by
clicking Next. In a production environment where this computer is part of a
domain, you could enter that information after clicking the Yes, make this
a member of the following domain option button. The installation finishes after a few minutes, and Setup then restarts the computer.
11. When the computer restarts, press Ctrl+Alt+Del and enter your administrator password, which is password. The Manage Your Server dialog box opens.
See Figure 3-8.You have access to wizards that help set up server roles such
as Web application, DNS server, and others.You will learn about these roles in
subsequent chapters. To prevent this dialog box from opening the next time
you log on, select the Don’t display this page at logon check box. Close
the window.
12. Click Start, and then click Shut Down.The Shut Down Windows dialog
box opens. Make sure that “Shut down” appears in the list box. Enter a comment in the text box, if necessary, and then click OK.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Red Hat Linux 8
103
3
Figure 3-8
Manage Your Server window
INSTALLING RED HAT LINUX 8
Installing Red Hat Linux 8 is easier than installing earlier versions of Linux. The current version recognizes most devices automatically and offers a wide range of optional
software components you can install.You will install some of the software you will need
in later chapters, such as the Apache Web server and FTP.
To begin installing Red Hat Linux 8:
1. Make sure that you have the first two Linux installation CDs. Turn on the
computer and insert Linux Red Hat CD 1.
2. A screen appears and describes the various boot modes. Press Enter to accept
the default graphic installation. Note that each screen includes online help in
the left panel.
3. The Welcome window opens. Click Next.
4. The Language Selection window opens. Click Next to accept English as the
default language.
5. The Keyboard window opens. Click Next to accept the default U.S. English
keyboard configuration.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
104
Chapter 3
Installing the Server
6. The Mouse Configuration window opens. If you know what type of mouse
you have, select it from the list in the Mouse Configuration window and
then click Next. Otherwise, accept the default selection. The Installation Type
window opens, shown in Figure 3-9.
Figure 3-9
Installation Type window
7. Click Server in the Installation Type window, and then click Next. The
installation type you select determines which components are installed and
which packages you can select later in the installation.
8. The Disk Partitioning Setup window opens. Leave the default to automatically partition the drive, and then click Next.
9. The Automatic Partitioning window opens. See Figure 3-10. If you installed
any of the Windows operating systems, do not accept the default of Remove
all partitions on this system. If you do, the Windows installation(s) will be
removed. However, this option would be appropriate for a production Web
server with a single operating system. The “Remove all Linux Partitions on
this system” option button is appropriate if you are reinstalling Linux. If this
is the first time you are installing Linux in a student lab environment, select
the Keep all partitions and use existing free space option button, and
then click Next.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Red Hat Linux 8
105
The Warning During Automatic Partitioning dialog box opens, suggesting
that you create a boot disk. Click OK to continue.
3
Figure 3-10
Automatic Partitioning window
10. The Partitioning window opens. See Figure 3-11. In a production environment, you would probably want to use space from the /home partition by
highlighting /home and clicking Edit.You could then add space to the /usr
partition for software such as DBMSs. Normally, however, you can just accept
the default disk setup of five partitions and click Next.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
106
Chapter 3
Installing the Server
Figure 3-11 Disk Setup window
11. The Boot Loader Configuration window automatically detects the Windows
installation, if you have one, and lists it under the DOS label. See Figure 3-12.
The selected Red Hat Linux check box indicates that it will be the default
operating system when you reboot. Accept the defaults, and then click Next.
Now you are ready to select the network configuration settings and a Red Hat Linux
windowing environment.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Red Hat Linux 8
107
3
Figure 3-12
Boot Loader Configuration window
To select network configuration settings and a Red Hat Linux windowing environment:
1. In the Network Configuration window, the top section is entitled Network
Devices. See Figure 3-13. This section shows the NIC that the Setup program
detected. Click the Edit button to change the IP configuration.
2. The Edit Interface eth0 dialog opens. See Figure 3-14. Click the Configure
using DHCP check box to remove the check mark. When you do, the text
boxes for the IP Address and Netmask become enabled. Enter your IP address
and netmask in these text boxes. The examples use 192.168.0.100 as the
IP address, and 255.255.255.0 as the netmask. Click OK to return to the
Network Configuration window.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
108
Chapter 3
Installing the Server
Figure 3-13
Network Configuration window
Figure 3-14
Edit Interface eth0 dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Red Hat Linux 8
109
3. Enter a host name such as web1, which corresponds to the computer name
you used for Windows. If appropriate for your environment, you can enter
the gateway address, which is the address of your router. For a Web server,
the router would be connected to the Internet.You should also enter the
primary DNS address, which you would get from your ISP unless you are
installing DNS yourself.You will install DNS in the next chapter so for the
primary DNS, enter the same IP address that you used in Step 2, and then
click Next.
4. The Error With Data dialog box opens if you did not specify a gateway
address, which you do not need in a student environment. Click Continue.
5. You will set up network security later, so click No firewall in the Firewall
Configuration window, and then click Next. In a production environment,
you could select the medium security level and allow selected services such
as FTP.
6. Click Next in the Additional Language Support window, unless you have
specific language requirements.
7. The Time Zone Selection window opens. Use the list boxes if you want to
make changes to the time zones, and then click Next.
8. In the Account Configuration window, enter password as the root password,
and then confirm it by typing password again in the second field for the
student environment. (You will add users in Chapter 5.) In a production
environment, you would enter a more secure password as described under the
section on Windows 2000. Click Next.
9. The Package Group Selection window opens. See Figure 3-15. Under
Desktops, you can select either GNOME or KDE. Because KDE is more
common in most Linux distributions, click the KDE Desktop
Environment check box.
Production environments often have each computer specialize in a single
server software package. In a computer lab, make sure that the following are
checked under servers: Web Server, Windows File Server, DNS Name
Server, FTP Server, and News Server.You will configure these servers and
manually install other servers later. Click the Text-based Internet and
Printing Support check boxes to remove the check marks, because they are
not typically used in a Web environment. Click Next when you finish.
10. Click Next in the About to Install window to start the installation.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
110
Chapter 3
Figure 3-15
Installing the Server
Package Group Selection window
The Setup program formats the Linux partitions and then installs the operating system
while the Installing Packages window is active. Have Red Hat Linux CD 2 available.
To finish installing Red Hat Linux 8:
1. When the computer ejects CD 1, insert CD 2 and then click OK.
2. After the packages are installed, the Boot Disk Creation window opens.
Because you may need a boot disk to start Linux, accept the default of Yes,
I would like to create a boot disk by clicking Next. The Insert a floppy
disk dialog box opens. Insert a floppy disk and click Make boot disk.
3. Your video adapter should be highlighted in the Graphical Interface (X)
Configuration window. Click Next. If you do not have a supported video
adapter, select Unsupported VGA compatible before clicking Next.
4. The Monitor Configuration window opens. If your monitor is highlighted,
click Next. Otherwise, select the configuration closest to your monitor in the
Generic section.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Red Hat Linux 8
111
5. The Customize Graphical Configuration window opens.You can change the
color depth and screen resolution, if necessary. Click Next to continue.
6. The Congratulations window opens. Remove the floppy disk and click Exit.
The computer reboots.
To start Linux for the first time:
1. After your computer restarts, the GRUB window opens. If you installed
Windows, that option appears under the selection for DOS. Accept the
default of Red Hat Linux by pressing Enter.
2. Because this is the first time you have started Linux, the Red Hat Setup
Agent is started to guide you through some basic configuration steps. Click
Forward.
3. The Date and Time Configuration window opens. Make any necessary
changes, and then click Forward.
4. If Setup detected a sound card, you can click Play test sound to test it.
Click Forward to continue.
5. The Red Hat Update Agent window opens. If the product was purchased
and you are connected to the Internet, you can register the product. In a
student environment, you click the No, I do not want to register my
system option button. Click Forward to continue.
6. The Install Additional Software window opens. This window allows you to
install the Red Hat Linux Documentation CD, the Red Hat Installation
CDs, and any additional CDs. Because you have already installed the software
you need for now, click Forward.
7. Click Forward in the Finished Setup! window.
8. The login window prompts you for a user name. Type root, and then press
Enter. Enter your password, such as password, and then press Enter. If a
message appears regarding a missing sound driver, click OK.
9. Click the Red Hat icon in the lower-left corner of the desktop, and then
click Logout.
10. The End session for root dialog box opens. Click Logout.
11. You are prompted again for your user name. On the bottom of the screen,
click System.
12. A dialog box opens, giving you the default option of shutting down the computer.You can also click the Reboot the computer option button. Once
you have selected the appropriate option, click OK.When the Are you sure
you want to shut down the machine? dialog box opens, click Yes to continue.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
112
Chapter 3
Installing the Server
AN INTRODUCTION
TO
LINUX COMMANDS
If this occasion marks your first exposure to Linux, you need to know enough commands to perform basic functions such as editing files and finding directories. When you
use Linux as a Web server, you edit only a few files. In Linux, the two common windowing environments are GNOME and KDE; both environments are similar to
Windows and easy to use.
Figure 3-16 shows the typical desktop for Linux using KDE. Because you might work
in a different windowing environment in Linux or none at all, the following examples
use the command-line interface, also called the shell interface. To open the shell interface in KDE, you click the Red Hat icon in the panel at the bottom of the screen, point
to System Tools, and click Terminal.
Figure 3-16
KDE desktop
If you have used the command-line interface in any Windows product, you will find the
shell interface very similar. However, some notable differences exist:
■
Linux has no drive letters; in Windows, different partitions have different
drive letters, such as C: and D:.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
An Introduction to Linux Commands
113
■
In Linux, the root of the disk is /. Even though you may create different partitions for /home and /usr, all of them still start at /.
■
In Linux, you use the forward slash (/) instead of the backward slash (\) that
you use in Windows.
The Linux file system is organized in a hierarchy that is similar to the Windows file
hiearchy. Shell commands typically require a reference to the file system, so it is a good
idea to understand how you refer to files and directories. For example, suppose you need
to edit, move, or copy a file called products.html, which is found in /var/www/research.
The exact location of this file is called the path.The complete path to the previous file,
including the file itself, is /var/www/research/products.html.
You can use this path with any command that requires a reference to the file. The “/”
at the beginning of the path means to start at the root of the drive. If you do not have
a “/” at the beginning, the path begins at the current position in the directory structure. For example, if you are working in the /var/www directory and you want to reference the products.html file, you would type research/products.html.
You can also use two dots in your command (..) to move up one directory in the structure. For example, if you were working in the /var/www/html directory and you
wanted to reference the products.html file, you could type ../research/products.html.
Before you can use a floppy disk, you must perform a special step:You must mount the
drive. Mounting the drive makes the system recognize the floppy disk in the drive. For
example, if you insert a floppy disk in the drive and then type mount /mnt/floppy, the
path to the floppy disk becomes /mnt/floppy.
Armed with this introduction to paths, you are ready to learn some useful commands:
■
ls—List the contents of a directory.You can type ls -a to list hidden files
and ls -l to see all the characteristics of a file, including the file permissions.
You can use the asterisk (*) wildcard character to represent one or more
characters. For example, to display all.conf files, you would type ls *.conf.
You can also combine options, as in ls -a -1*.conf. If you have mounted a
floppy disk, you can type ls /mnt/floppy to see the disk contents.
■
cd—Change the directory. If you need to perform a number of operations in
a single directory, such as editing multiple files, it might be easier to move to
that directory and then start the editor. For example, to reach the www
directory, which is below /var, you would type cd /var/www. To move to
the html directory, which is below /var/www, you could type cd /var/
www/html or cd html.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
114
Chapter 3
Installing the Server
■
mkdir—Make (create) a directory. For example, you may need to create a
directory in your Web site for HTML files. To create a directory called secure
in the /var/www/html directory, you could type mkdir /var/www/
html/secure. If you were already in the /var/www/html directory, you
could simply type mkdir secure to create the directory.
■
rmdir—Remove a directory. If you created a directory called secure with the
previous command and then decided to remove it, you could type rmdir
secure, assuming that you were already in /var/www/html.
■
mv —Move and/or rename a file. To move a file called ftpaccess from /etc to
/var/ftp, you could type mv /etc/ftpaccess /var/ftp/ftpaccess.
If you were in the /var/www/html directory and just finished editing a file
called info.tml, you could rename it by typing mv info.tml info.html.
■
cp—Copy a file. This command is like the mv command, except that it does
not delete the original copy. For example, to copy a file called ftpaccess
from /etc to /var/ftp, you could type cp /etc/ftpaccess /var/
ftp/ftpaccess. The cp command is useful when you want to make a
backup file before you start editing a configuration file. Assuming that you
were in the /etc directory, you could make a backup copy of ftpaccess before
editing it by typing cp ftpaccess ftpaccess.backup. To copy
/etc/ftpaccess to the floppy disk, you would type cp /etc/ftpaccess
/mnt/floppy/ftpaccess.
■
locate—Find a file if you forget where it is located. For example, to find a file
called httpd.conf, you would type locate httpd.conf.
■
kedit—Edit a file. This command is unique to the KDE windowing environment and assumes that KDE has been installed. It allows you to edit an existing file or create a file to edit. To edit /etc/ftpaccess, for example, you would
type kedit /etc/ftpaccess. If the ftpaccess file did not exist, this command would create it.
Many other shell commands exist, but the preceding list covers the most important ones.
Other commands with special purposes, such as monitoring programs that are running,
are covered in a later chapter.
All Web administrators need to know the commands described in this section, but students without a background in command-line interfaces can perform the same tasks
more easily in the KDE windowing environment using a program called Konqueror.
You can open this program by double-clicking the Home icon on the KDE desktop.
The screen that appears is similar to Figure 3-17.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
An Introduction to Linux Commands
115
3
Figure 3-17
Home directory
Notice that the location is identified as file:/root.You can use the panel on the left to
move to a new directory.
To move to the etc directory in Linux using the KDE desktop:
1. Start the Linux server, and log on with your user name and password.
Double-click the Home icon on the desktop. The Konqueror window
shown in Figure 3-17 opens.
2. Click the Root Directory tab icon in the vertical tab bar (the second tab
from the bottom), and then click the etc folder in the left panel. The right
panel displays a list of the directories and files within etc. Directories are
indicated by folder icons, and text files are indicated by page icons, as shown
in Figure 3-18.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
116
Chapter 3
Installing the Server
Figure 3-18
Contents of etc directory
Directory and text file manipulation are similar in Windows and Linux.You should practice working with directories and files in Linux, but you should not delete or rename
any existing directory or file unless your instructor requests it.
To create directories and files in Linux:
1. In the Konqueror window, click the Home Directory tab in the vertical tab
bar, and then click Home Directory in the left panel. Right-click a blank
part of the right panel, point to Create New, and then click Directory.
2. Type the name of the new directory, and then press Enter.
3. Find the name of the directory in the list and double-click it.You are now in
your new directory.
4. Create a file called test.txt by right-clicking the right panel, pointing to
Create New, and clicking Text File.
5. Type the filename, and then press Enter.
6. To edit the file, right-click it, point to Open With, and then click Text
Editor. The icons in the text editor should be familiar to anyone who has
used Windows Notepad, as you can see in Figure 3-19.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring TCP/IP in Windows and Linux
117
3
Figure 3-19
Kedit text editor
7. Type some sample text, and then click the floppy disk icon to save the file.
8. To close the file, click File on the menu bar, and then click Quit.
When you return to the file listing, it includes another file with the same name as the
one you created, except that it ends with a tilde (~). This file is a backup of the original file.
If you have a floppy disk in the drive and the drive is mounted, you can view its contents by clicking the Root Directory tab and using the left panel to find /mnt/floppy.
As in Windows, you can drag a file from the right panel to any directory in the left panel,
including /mnt/floppy, to copy the file.
CONFIGURING TCP/IP
IN
WINDOWS
AND
LINUX
Understanding TCP/IP configuration is important, because you might need to change
it if you type your IP address incorrectly, if another computer on the network has the
same IP address, or if you move the computer to a different network. You might also
need to add or change DNS information. Before you make any changes, you should
determine your TCP/IP configuration.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
118
Chapter 3
Installing the Server
Determining the TCP/IP Configuration
You can see the basic TCP/IP configuration from the command prompt in both Windows
and Linux.
To see the basic TCP/IP configuration in Windows:
1. Click Start, point to Programs (All Programs in Windows 2003), point to
Accessories, and then click Command Prompt.
2. At the command prompt, type ipconfig and then press Enter. Figure 3-20
shows a Command Prompt window similar to the one that you see.
Figure 3-20
Basic Windows TCP/IP configuration using ipconfig
Figure 3-20 shows the TCP/IP information based on the installation example in this
chapter. If a network is connected to the Internet, a value appears for the default gateway, which is the IP address of a computer with a connection to another network. For
a typical Web server, the default gateway would be the IP address of your router connected to the CSU/DSU.
To see the basic TCP/IP configuration in Linux, type the command ifconfig in the
shell interface. The window that appears looks like Figure 3-21.
The Linux response is more detailed, but you can still determine the IP address and the
subnet mask.The name eth0 refers to the NIC in your computer. If your computer had
second NIC, it would be named eth1. The name lo refers to the loopback address; if
TCP/IP is installed, the loopback IP address of 127.0.0.1 is available, even if the NIC is
not configured. If you need to make changes to the TCP/IP configuration, use the GUI
in Windows and KDE in Linux.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring TCP/IP in Windows and Linux
119
3
Figure 3-21 Basic Linux TCP/IP configuration using ifconfig
Configuring the IP Address in TCP/IP
This section focuses on setting up the IP address in TCP/IP.
To change the TCP/IP configuration in Windows 2000 or Windows 2003:
1. In Windows 2003: Click Start, point to Control Panel, point to Network
Connections, and then click Local Area Connection.
In Windows 2000: Click Start, point to Settings, point to Network and
Dial-up Connections, and then click Local Area Connection.
2. In the Local Area Connection Status dialog box, click the Properties button.
3. In the next dialog box, select Internet Protocol (TCP/IP), and then click
the Properties button.
4. If necessary, change the IP address and the subnet mask.
5. To exit, click OK twice, and then click Close twice.
In Linux, you perform the following steps to change the IP address and subnet mask.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
120
Chapter 3
Installing the Server
To change the TCP/IP configuration in Linux:
1. Click the Red Hat icon in the lower-left corner of the desktop, point to
System Settings, and then click Network.
2. The Network Configuration dialog box opens, as shown in Figure 3-22.
Figure 3-22
Network Configuration dialog box
3. Click the Edit button to change the properties of the NIC. The Ethernet
Device dialog box opens. See Figure 3-23.
4. Now you are ready to change the IP configuration. Click OK to exit the
Ethernet Device dialog box.
5. Click Apply, and then click Close in the Network Configuration dialog box.
Now that you have confirmed that your IP configuration is correct, you need to test it.
Testing the TCP/IP Configuration
You can test whether the TCP/IP protocol has been installed correctly by pinging the
loopback IP address, which is 127.0.0.1.This IP address tests basic TCP/IP connectivity. In Windows, pinging will stop after four attempts; in Linux, it stops when you press
Ctrl+C. At a command line, you type ping followed by an IP address or host name. In
both Windows and Linux, you can use the name localhost in place of 127.0.0.1. Once
you have made sure that TCP/IP has been installed correctly, you can ping the actual IP
address that you configured: ping 192.168.0.100.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Chapter Summary
121
3
Figure 3-23
Ethernet Device dialog box
If you were connected to a router, the next step would be to ping its IP address. If the
router was connected to the Internet, then you would ping an IP address on the
Internet. Finally, assuming that you had DNS installed, you could ping www.redhat.com
and see the replies from that site. In some cases, a site such as www.microsoft.com will not
respond to ping requests, even though you can use the URL www.microsoft.com in a
browser. Pinging is a commonly used technique when you are configuring a firewall.
CHAPTER SUMMARY
❐
Windows and Linux installations share many common tasks, such as disk partitioning. It is a good idea to keep the operating system and the application programs on
separate partitions.
❐
The same computer can have multiple operating systems.You can group the
Windows operating systems in a single boot menu and then use a boot floppy disk
to boot to Linux.
❐
Naming computers is similar in both Windows and Linux. It is a good idea to keep
the names simple and descriptive. Although Linux allows two computers to have
the same name, it is nevertheless a good practice to use unique names.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
122
Chapter 3
Installing the Server
❐
Windows and Linux are licensed in different ways, and different versions of Windows
vary in their licensing procedures. In Windows products before Windows 2003,
Microsoft trusted the customer to fulfill the licensing requirements. In Windows 2003,
the product must be activated by Microsoft after installation to avoid piracy constraints. Linux is based on the GNU general public license, so the product is free.
❐
Microsoft and Red Hat Linux products have improved in their ability to recognize
NICs and video adapters. In Windows NT, the recognition process is manual; in
Windows 2000 and Windows 2003, the process is automatic.
❐
Installing Microsoft operating systems has become easier with each new product.
Windows NT required some detailed information, including the exact path to the
network drivers for your NIC. With Windows 2003, the selections focus on overall
configuration information, such as internationalization data, date, time, and time
zone. Red Hat Linux has also streamlined its installation process, supplementing it
with online help.
❐
In Linux, you use basic commands such as ls to list the contents of a directory,
mkdir to create a directory, rmdir to remove a directory, mv to move or rename a
file, cp to copy a file, cd to change directories, and locate to find files.
❐
When you install an operating system, TCP/IP is one configuration you typically
do not need to change. However, you do need to correct mistakes, and you must
add TCP/IP entries, such as for DNS servers.
REVIEW QUESTIONS
1. Multi-boot systems offer multiple options for booting a single operating system.
True or False?
2. The
is used by the hard disk to start the boot process.
a. GRUB
b. MBR
c. LILO
d. CDR
3. Which of the following are boot loaders?
a. GRUB
b. MBR
c. LILO
d. CDR
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Review Questions
4. MBR stands for
.
a. multi-booter
b. master break record
c. master boot record
d. multiple boot recorder
5. Which of the following is not a Windows installation method?
a. FTP installation
b. network installation
c. bootable CD installation
d. floppy disk with nonbootable CD
6. What is an NFS drive?
a. a Windows partition with security
b. a high-speed CD-ROM
c. a network drive to which Linux can connect
d. a Linux drive with security
7. Which of the following operating systems use signed drivers?
a. Windows NT
b. Windows 2000
c. Windows 2003
d. Linux
8. The URL for the Microsoft Hardware Compatibility List is
9. Which of the following items does not need documenting?
a. processor type
b. PCI version
c. amount of RAM
d. drive interface
10. A(n)
is a logical division of the hard disk.
a. drive letter
b. root
c. MBR
d. partition
123
3
.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
124
Chapter 3
Installing the Server
11. The boot partition contains
.
a. the specific files needed to boot Windows
b. the Windows operating system files
c. the MBR
d. none of the above
12. In Linux, which partition is not needed?
a. swap
b. /
c. /usr
13. Which Linux partition would contain HTML files?
a. /usr
b. /web
c. /var
d. /boot
14. If you let Linux automatically partition the hard disk, which partition does not
increase as the size of the hard disk increases?
a. /var
b. /usr
c. /home
d. /web
15. In Windows, a(n)
contains improvements and corrections to
an operating system after it has been installed.
a. service pack
b. service update
c. patch
d. update pack
16. In a Windows network with multiple servers, the per server method of licensing is
typically the best. True or False?
17. Red Hat Linux is licensed under the
.
a. Red Hat proprietary license
b. Linux standard licensing
c. GNU general public license
d. any of the above, depending on the version
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
125
18. For Windows, which file system gives you the most security?
a. FAT
b. NTFS
c. NFS
d. HiSec
19. Which of the following has the least demanding hardware requirements?
a. Windows 2000
b. Windows 2003
c. Linux
20. What is the Linux command to move to a new directory?
a. mv
b. cd
c. md
d. cv
HANDS-ON PROJECTS
To complete most of the Hands-on Projects in this book, you need to install Linux and
then install either Windows 2000 or Windows 2003. If you decide to install Windows or
Linux, but not both, you can still complete some Hands-on Projects in each chapter.
Project 3-1
Hands-on
Project
Check with your instructor to find another IP address that you can use for your Web
server.You will return to your Windows 2000 or Windows 2003 server installation and
change the IP address. The following steps assume an IP address of 10.1.2.3, a subnet
mask of 255.0.0.0, and a default gateway of 10.1.1.1.
To change the IP address in Windows 2000 or Windows 2003:
1. In Windows 2003: Click Start, point to Control Panel, point to Network
Connections, and then click Local Area Connection.
In Windows 2000: Click Start, point to Settings, point to Network and Dial-up
Connections, and click Local Area Connection.
2. The Local Area Connection Status dialog box opens. Click the Properties button. The Local Area Connection Properties dialog box opens. See Figure 3-24 for
the version for Windows 2003. The dialog box for Windows 2000 is very similar.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
126
Chapter 3
Figure 3-24
Installing the Server
Local Area Connection Properties dialog box
3. Click Internet Protocol (TCP/IP) (just the text, not the check box next to it).
The text in the Description box changes to describe TCP/IP.
4. Click Properties. The Internet Protocol (TCP/IP) Properties dialog box opens.
5. Enter an IP address of 10.1.2.3. The IP address uniquely defines this computer.
6. Enter a subnet mask of 255.0.0.0. The subnet mask defines which part of the
address refers to the network and which part of the address refers to the specific
computer (host). The 255 in the first octet defines the first octet in the IP address
as the network portion of the address, which is 10. The other octets define the
host portion of the address, which is 1.2.3.
7. Enter a default gateway of 10.1.1.1. The computer uses this IP address to send
packets if the destination IP address is outside the local network.
8. Click OK to return to the Local Area Connection Properties dialog box.
9. Click OK to return to the Local Area Connection Status window.
10. Close the window.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
127
Project 3-2
Hands-on
Project
In this project you test the configuration change that you made in Project 3-1.You use
the ping utility to make sure that the IP address responds.
To use the ping utility to test the IP address:
1. In Windows 2000: Click Start, point to Programs, point to Accessories, and
then click Command Prompt.
In Windows 2003: Click Start, and then click Command Prompt.
2. Type ping 10.1.2.3 and press Enter. If you do not receive an error message, the
IP address is correct.
Project 3-3
Hands-on
Project
In Windows, you might need to change the computer name, especially if you accept the
default during installation.
To change the computer name from web1 to web1a in Windows 2003:
1. Click Start, point to Control Panel, and then click System.
2. The System Properties dialog box opens. See Figure 3-25. This dialog box shows
the basic system configuration, including registration information and the type of
computer on which it is running.
Figure 3-25
Windows 2003 System Properties dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
3
128
Chapter 3
Installing the Server
3. Click the Computer Name tab. See Figure 3-26. Now you can enter a
description for the server.
Figure 3-26
Computer Name tab
4. Click Change. The Computer Name Changes dialog box opens. See Figure 3-27.
5. Enter web1a for the computer name.
6. Click OK to accept the change.The Computer Name Changes message box opens,
explaining that you must restart this computer for the changes to take effect.
7. Click OK to acknowledge the message and return to the System Properties
dialog box.
8. Click OK to exit the System Properties dialog box. The System Settings Change
message box opens.
9. Click Yes to restart the computer.
Now repeat the steps and change the computer back to its original name, such as web1.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
129
3
Figure 3-27
Computer Name Changes dialog box
Project 3-4
Hands-on
Project
Although changing the computer name in Windows 2000 is similar to changing it in
Windows 2003, there are some differences, which you examine in this project.
To change the computer name in Windows 2000:
1. Click Start, point to Settings, and then click Control Panel.
2. Double-click System. The System Properties dialog box opens. See Figure 3-28.
You see the basic system configuration, including registration information and the
type of computer on which it is running.
3. Click the Network Identification tab. The computer name and workgroup are
displayed. See Figure 3-29.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
130
Chapter 3
Installing the Server
Figure 3-28
Windows 2000 System Properties dialog box
Figure 3-29
Network Identification tab
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
131
4. Click Properties. The Identification Changes dialog box opens. See Figure 3-30.
Change the computer name to web1a.
3
Figure 3-30
Identification Changes dialog box
5. Click OK. The Network Identification message box opens, reminding you to
reboot the computer for the changes to take effect.
6. Click OK to acknowledge the reminder.You return to the System Properties
dialog box.
7. Click OK. The System Settings Change message box appears, asking whether you
want to restart the computer.
8. Click Yes to restart the computer.
Now repeat the steps and change the computer back to its original name, such as web1.
Project 3-5
Hands-on
Project
The Windows installation wizard installed the Windows components for a typical server.
Sometimes, however, you need to check which components you have installed. In this
project you will discover which components are installed and add a component.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
132
Chapter 3
Installing the Server
To display Windows components:
1. In Windows 2003: Click Start, point to Control Panel, and then click Add or
Remove Programs.
In Windows 2000: Click Start, point to Settings, and then click Control Panel.
The Control Panel window opens. Double-click Add or Remove Programs.
2. The Add or Remove Programs window opens. The right panel of this window is
for programs you have installed, so it is blank. Click Add/Remove Windows
Components. The Windows Components Wizard opens. See Figure 3-31. Notice
that the Accessories and Utilities component is highlighted. The list will be
slightly different for Windows 2000.
Figure 3-31
Windows Components Wizard
3. Click Details to find out the names of the subcomponents of Accessories and
Utilities. The Accessories and Utilities dialog box opens. See Figure 3-32. The
Accessories and Communications subcomponents have subcomponents of
their own.
4. Click OK to close the window and return to the Windows Components Wizard
dialog box.You can scroll down the window to find the Windows components
that have been installed.
5. Click Cancel to exit the Windows Component Wizard dialog box.
6. Close the Add or Remove Programs window.
7. Close the Control Panel window, if necessary.
Project 3-6
Hands-on
Project
When you install a Windows server, the screen resolution is often set to the maximum
allowable by the hardware.This level may not be comfortable for you, so it is a good idea
to know how to change the resolution.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
133
3
Figure 3-32
Accessories and Utilities dialog box
To change the screen resolution:
1. Right-click the desktop, and then click Properties. The Display Properties dialog
box opens.
2. Click the Settings tab.You can change the screen resolution and the color quality.
3. Adjust the slider bar for screen resolution (screen area in Windows 2000) to lessen
the resolution.
4. Click OK. The Monitor Settings dialog box opens, stating that you have 15 seconds to accept the changes.
5. Click OK to accept the changes.
6. Repeat Steps 1 through 5 to reset the screen resolution.
Project 3-7
Hands-on
Project
You will use the Linux terminal program to get to the shell and the text editor called
kedit often as you go through the rest of the chapters. It is much easier to copy shortcuts to these programs to the KDE panel, which is also known as the kicker.This bar is
found along the bottom of the desktop. Another useful button to put on the KDE panel
is one used to find files. To copy this button to the panel, you will drag and drop it.
To add the terminal program to the panel:
1. Right-click the panel (the bar at the bottom of the desktop), point to Add, point
to Button, point to System Tools, and then click Terminal. Note the terminal
icon on the panel.
To add the kedit icon to the panel:
1. Right-click the panel, point to Add, point to Button, point to Extras, point to
Accessories, and then click Text Editor.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
134
Chapter 3
Installing the Server
To add the locate icon to the panel:
1. Double-click the Start Here icon on the desktop. The Konqueror window opens
in the Start Here directory. See Figure 3-33.
Figure 3-33
Start Here directory window
2. Double-click Applications. Konqueror displays the contents of the Application
directory in the right panel. Note the icon labeled Find Files. See Figure 3-34.
3. Drag the Find Files icon to the panel.
To find the rc.local file:
1. Click the Find Files icon on the panel.
2. In the Named text box, type rc.local, which contains a list of programs to run
when Linux is started.
3. Click Find. Nothing was found because it started looking in your home directory
of /root.
4. Click the Look in list arrow and then click file:/, which represents the root of
the server.
5. Click Find.You will notice what appears to be two copies of rc.local. Right-click
each copy of rc.local, and then click Properties. What is the difference between
the properties?
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
135
3
Figure 3-34
Konqueror window with Application icons
Project 3-8
Hands-on
Project
Linux uses text files for configuration. It is a good idea to keep backup copies of these
files. Because you use the shell so much, you need to know how to copy files between
a floppy disk and your hard drive using the cp command-line copy utility.
To copy files to a floppy disk:
1. Click the terminal icon on the panel to open a shell.
2. Put a floppy disk in the drive.
3. Type mount /mnt/floppy to mount the floppy disk so that Linux will recognize it. (Be sure to press the spacebar after typing “mount”.) Now the directory
called floppy corresponds to the floppy disk. Notice that when you type the commands in steps 4 and 5, the light on the floppy disk does not become illuminated
because the files are actually being stored in memory. It is only in Step 6 that the
files are actually put on the floppy disk. If you took out the floppy disk before
Step 6, there would be no files on it.
4. Type cp /etc/named.conf /mnt/floppy and press Enter to copy named.conf
to the floppy disk. This file will be used in the next chapter.
5. Type cp /etc/httpd/conf/httpd.conf /mnt/floppy and press Enter to copy
httpd.conf to the floppy disk.You will use this file to configure the Web server.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
136
Chapter 3
Installing the Server
6. Type umount /mnt/floppy and press Enter to unmount the floppy disk. (Be
sure to press the spacebar after typing “umount”.) Linux will take whichever files
in memory are destined for the floppy disk and write them to the disk.
Project 3-9
Hands-on
Project
Because you are probably more accustomed to working with a GUI, it is also useful to
know how to use KDE to copy files.
Use KDE to copy /etc/rc.d/rc.local to a floppy disk:
1. Put a floppy disk in the drive.
2. Double-click the floppy icon on the desktop. For a brief moment, a window
opens, stating that it is mounting the floppy drive. The file:/mnt/floppy Konqueror window opens. See Figure 3-35. The default starting point is your
home directory, as you can see in the left panel.
3. Click the Root Directory tab on the vertical tab bar, which is the second tab
from the bottom. Now you see the list of directories in the left panel.
4. In the left panel, expand the etc directory by clicking the + next to it.
5. In the left panel, click rc.d to display the contents of the directory.You now see
the file named rc.local in the right panel; you want to copy this file. However,
before you copy it, you have to be able to drop it on the /mnt/floppy directory
in the left panel.
6. In the left panel, scroll down until you see the mnt directory. Click the + next to
mnt. The window should be similar to Figure 3-36.
7. Drag rc.local from the right panel to the floppy directory in the left panel. A
small dialog box opens asking whether you want to copy, move, or link the file.
8. Click Copy Here to copy the file to the floppy disk.
9. Close the window.
Project 3-10
Hands-on
Project
In this project, you change the IP address of your Linux installation. Check with your
instructor to find another IP address that you can use in this project. The following
steps assume an IP address of 10.1.2.3, a subnet mask of 255.0.0.0, and a default gateway of 10.1.1.1.
To change the IP address in Linux:
1. Click the Red Hat icon, point to System Settings, and then click Network.
By default, the Network Configuration dialog box opens to the Devices tab,
which you use to change the IP address.
2. Click Edit to change the properties of the NIC. The Ethernet Device dialog
box opens.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
137
3
Figure 3-35
file:/mnt/floppy - Konqueror window
Figure 3-36
Window with files ready to copy
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
138
Chapter 3
3.
4.
5.
6.
7.
Enter
Enter
Enter
Click
Click
Installing the Server
10.1.2.3 for the address.
255.0.0.0 for the subnet mask.
10.1.1.1 for the default gateway address.
OK to exit the Ethernet Device dialog box.
Apply, and then click Close on the Network Configuration dialog box.
Project 3-11
Hands-on
Project
Locate and install the latest service pack for Windows. Some Windows 2000 software in
future chapters will not function without a service pack.
Check whether there are any bug fixes for Red Hat Linux and, if so, install them.
CASE PROJECTS
Case Project 3-1
Case
Project
Your boss at TechnoWidgets, Inc., does not want to use Linux; she used it once before,
when only the shell interface was available. Create a table of the shell interface commands and the corresponding way of achieving the same result in Konqueror.Your boss
also referred to a shell command called chown; find out what it means and whether
Konqueror can perform the same function.
Case Project 3-2
Case
Project
Your company is considering implementing a new Linux Web server. Until now, all of your
servers have been Windows-based.Your boss is unfamiliar with Linux and has asked you
to provide some information—specifically, data on how Linux compares with Windows
with respect to support. Write a memo that compares the support needs of a Windows 2000
or Windows 2003 system versus a Linux system.Your boss wants a balanced comparison
that draws on multiple sources. Include the cost of contacting Microsoft and Red Hat with
a support question.
Case Project 3-3
Case
Project
Based on your memo, your boss is considering integrating Linux into the company. She
has provided you with a test machine with which to become familiar with Linux.You
want your initial configuration of the test machine to work as long as possible, and
you’ve heard that proper partitioning can ease long-term growth on a system. Research
some of the possible UNIX/Linux partitioning schemes and provide a document that
can be used to configure the drive partitions on your new server. Provide an explanation
of the partition setup you want to use.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
CHAPTER
4
NAME RESOLUTION
In this chapter, you will:
♦
♦
♦
♦
♦
♦
♦
♦
Understand the domain name service (DNS)
Identify the components of DNS
Configure zone files
Install and configure DNS in Linux
Understand name resolution in Windows
Install and configure DNS in Windows 2000 and 2003
Troubleshoot DNS
Use WINS to resolve computer names in Windows
T
o allow users to access a Web site, Web server administrators need to
know how to resolve names. In general, name resolution involves taking
a common name of a network resource—a Web server, for instance—and
converting it into a corresponding IP address.This scheme is convenient for
computer users, because they remember names more easily than complex
numbers.The Web server administrator is usually the person who makes sure
that all servers connected to the Internet have appropriate names and reference valid IP addresses so that users can access them.
You can use the domain name service (DNS) and Windows Internet naming service (WINS) for name resolution.The primary purpose of DNS is to
resolve an Internet name such as www.redhat.com to its corresponding IP
address. A Microsoft Windows 2000 or Windows 2003 network uses DNS
to resolve computer names on a local area network (LAN). Networks that
still use Windows 9x and Windows NT Workstation require WINS to translate computer names to IP addresses. In the computer lab, you need to set up
DNS servers for the operating systems you installed in Chapter 3 so you can
simulate connecting to the servers using names such as www.technowidgets.com
instead of IP addresses. Although browsers do not require that you use DNS
names, e-mail servers do, as explained in Chapter 8. That is, you can type
http://192.168.0.100 in a browser, but you cannot use [email protected]
in an e-mail client.
139
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
140
Chapter 4
UNDERSTANDING
Name Resolution
THE
DOMAIN NAME SERVICE (DNS)
You use DNS every time you surf the Internet, although you might not be aware of it.
If you type www.redhat.com in your browser, for example, the DNS server translates that
text into 66.187.232.56 because your request for the page must be sent to that IP
address. In the following sections, you will learn about DNS components and their operation. First, examine the structure of the system.
DNS works like a telephone directory service.That is, just as a phone book correlates a
person’s name and phone number, DNS resolves common names for network resources
to corresponding IP addresses. This process of converting a name to a numeric IP
address, called address resolution, is convenient for Internet users—it is much easier
to remember www.linux.org than 198.182.196.56. Address resolution also makes it easy
for an administrator to move a server from one IP address to another. Without a naming service, the administrator would need to inform everyone using the server that the
address had changed. With DNS, the administrator simply changes a record in a DNS
configuration file and does not need to inform users.
While the best-known function of DNS is an Internet-wide service that converts host
names into their corresponding IP addresses in browsers, DNS serves other important
Internet functions. For example, it finds the IP addresses of e-mail servers for e-mail
client software.
DNS is needed for more than the Internet. In a LAN, for example, computers must communicate with each other; therefore, the network requires a central directory of all its computers and their associated IP addresses.Windows 2000,Windows XP, and Windows 2003
Server support Dynamic DNS (DDNS), which updates DNS automatically when the IP
address of a workstation changes or a new workstation is added to the network. In contrast, earlier Windows operating systems must use WINS for name resolution, as
described later in this chapter.
Examining the Structure of the Internet Domains
DNS is organized into a hierarchical structure that defines domains. Likewise, the file
system on your computer is arranged in a hierarchy. For example, the C: drive may have
a folder called Program Files; within that folder could be a folder called Microsoft Office;
and so on.Thus, each folder may contain one or more files. Linux uses a similar hierarchical structure. Just as you create folders to organize files, DNS arranges host names in
a hierarchy to make them easier to manage and find. With tens of millions of hosts to
organize, it faces a challenging task. The DNS hierarchical naming system consists of
three levels:
■
Root level—This level is the top of the hierarchy. The root is expressed by a
period (“dot”). In common use, the trailing period is removed from domain
names, but when you configure DNS services you must include it.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Domain Name Service (DNS)
141
■
Top-level domain (TLD)—This level identifies the most general portion of the
domain name. It is the last part of the domain name—for example, com, edu,
or org.
■
Second-level domain (SLD)—This level identifies an entity within a top-level
domain. The second-level domain name includes the top-level domain.
Second-level domains can also be divided into further domain levels, called
subdomains, as in the URL www.arda.jones.name. In this case, jones.name is
the second-level domain controlled by the .name TLD, and arda.jones.name
represents the subdomain that a person can register.
Identifying Top-Level Domains
Recall that a top-level domain identifies the most general part of the domain name, which
is the highest category used to distinguish domain names.Table 4-1 lists some of the toplevel Internet domains. The first seven listed are the original domains that were available
on the Internet. The Internet Corporation for Assigned Names and Numbers (ICANN)
approved the last seven in November 2000, so they are just coming into common use.
Table 4-1
Top-level Internet domains
Top-level domain
Description
com
Commercial organizations
edu
Educational institutions
gov
Government institutions
mil
Military
net
Network support centers (ISPs)
org
Other organizations (originally nonprofit)
in-addr.arpa
Used for reverse lookups; that is, given an IP address, it finds the name
biz
Businesses
info
Open to anyone
name
Personal registrations
pro
Licensed professionals, such as lawyers, doctors, and accountants
aero
Anything related to air transport
museum
Museums
coop
Cooperative businesses, such as credit unions
Originally, the .net TLD was intended for networking organizations and the .org TLD
was geared toward nonprofit organizations. In recent years, these definitions have
expanded and no longer meet these requirements. Some new TLDs, such as .pro, .aero,
.museum, and .coop, have specific requirements.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
142
Chapter 4
Name Resolution
Table 4-2 shows a partial list of the codes used to categorize top-level domains by country. (For a complete list, see www.iana.org/cctld/cctld-whois.htm.)
Table 4-2
Top-level domain country codes
Country code
Country
br
Brazil
ca
Canada
ch
Switzerland
de
Germany
ie
Ireland
mx
Mexico
pt
Portugal
uk
United Kingdom
us
United States
Identifying Second-Level Domains
Second-level domains include businesses and institutions that register their domain names
with top-level domains through their respective registrars.They include registered names
such as iso.ch and amazon.com. They can also be subcategories of top-level domains. For
example, the United States domain (us) is categorized into second-level domains for each
state, such as ca.us for California. Companies and academic institutions in the United
Kingdom and most other countries are also categorized using second-level domains such
as co.uk and ac.uk.Thus, in the United Kingdom, companies and academic institutions can
register names under their respective second-level domain.
A subdomain is a further division of a second-level domain. In other words, a company
that registers a domain can divide it into subdomains. For example, a subdomain of
technowidgets.com may be support.technowidgets.com, and a host computer of this subdomain
may be identified as www.support.technowidgets.com. However, on the Internet, subdomains
created by owners of domain names are not common. An organization might create subdomains when it has autonomous divisions that run their own Web servers and e-mail,
yet want to be recognized as part of the domain. For example, the people at
TechnoWidgets, Inc., could create a host called www.support within technowidgets.com to
use as a subdomain for TechnoWidgets, Inc. Figure 4-1 shows a sample DNS namespace
structure.
While many second-level domains, such as the ones under .com, need to be registered
through a designated Internet authority such as www.register.com, you can create as many
subdomains as you like within your own domain. The subdomain information is then
propagated through the DNS system.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Domain Name Service (DNS)
Root domain
Root
com
technowidgets
microsoft
org
name
Top-level domains
linux
jones
Second-level domains
Register names at
these levels
Figure 4-1
143
arda
hazel
Subdomains
Structure of the DNS namespace
Understanding Host Names
The first portion of a URL is typically a host name. For example, in www.
technowidgets.com, the www represents the Web server. Likewise, an FTP server could be
called ftp.technowidgets.com. Although the Web server and the FTP server could reside on
different computers, they could also be on the same computer with different IP addresses
or even on the same computer with the same IP address, depending on how the DNS
administrator configured the system.
Note
Do not confuse the host name in DNS with the computer name that you used
when you installed the operating system. Typically, the name you used when
installing the operating system (web1) is not a name commonly associated
with the Internet.
When you access a host by using its DNS name, note that information moves from specific
to general as you read from left to right. For example, to access a domain of technowidgets.com
in a browser, you would enter www.technowidgets.com. The name “www” is most specific,
because it refers to a particular host acting as a Web server.The name “technowidgets” refers
to an entire domain, and “com” means it is one of many commercial entities. Figure 4-2
shows the components of www.technowidgets.com.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
144
Chapter 4
Name Resolution
Host
name
Top-level
domain name
The dot (.) is used only in
DNS configuration files
www.technowidgets.com.
Second-level
domain name
Figure 4-2
Components of a URL
Figure 4-3 shows what happens when a user types www.technowidgets.com into a Web
browser. DNS is a distributed database of IP addresses; the root servers know only the
addresses for all of the top-level domain servers. Each TLD server (such as for com) knows
only the addresses for the second-level domain servers, such as the one for technowidgets.com.
Finally, the DNS server for technowidgets.com returns the IP address for www. Every domain
name such as technowidgets.com must have associated DNS servers. If you worked at
TechnoWidgets, it could be your job to configure the technowidgets.com DNS server.
1.
2.
3.
4.
5.
6.
User types www.technowidgets.com in browser
Browser queries DNS server to get IP address
DNS server queries root server to find IP address of COM server
DNS server queries COM server to find IP address of technowidgets.com server
DNS queries technowidgets.com server to find IP address of www
IP address for www.technowidgets.com is sent back to browser
Step 3
Step 2
Root DNS server
Step 4
Step 6
Step 1
www.technowidgets.com
typed in browser
DNS caching
or forwarding
server
COM DNS server
Step 5
DNS primary or
secondary server for
technowidgets.com
Figure 4-3
Finding the IP address for www.technowidgets.com
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Identifying the Components of DNS
IDENTIFYING
THE
COMPONENTS
OF
145
DNS
Now that you have explored the structure of the domain system, you are ready to
explore the parts of the DNS system. It consists of two key components:
■
■
Name server—Also known as a DNS server, the name server is an application
that supports name-to-address and address-to-name translation.You will learn
about the various types of name servers later in this chapter. When you configure DNS files, the term “name server” will be used within the files.
Name resolver—Commonly called a DNS client, a name resolver is technically
the client software component that uses the services of one or more name
servers. Each client must know how to contact at least one name server so
that the name resolver software can exchange query packets with the DNS
server. When the client software needs to send a DNS query to look up an
IP address for a given name, the resolver sends the query to the name server.
The address of the name server is part of the TCP/IP configuration.
Windows clients use the term “DNS server address” to describe this information, while Linux clients use the term “nameserver address.” Notice that
nameserver is a single word when used in a Linux configuration.
DNS follows the standard client/server model—the client makes a request and the server
fulfills it. DNS servers can fill several different roles, depending on the needs of an organization. No matter which role the server undertakes, however, the client must specify
the IP address of the DNS server.
Two categories of DNS servers exist.The first category includes primary and secondary
DNS servers, which are necessary for the Internet to function.These servers contain the
host names for an individual domain on the Internet.The second category of DNS servers
includes caching and forwarding servers, which search the Internet for the host names.
A special type of server called the root server identifies all top-level domains on the
Internet. If a client requests information about a host in another domain, a caching or
forwarding DNS server can communicate the request to the root server. The InterNIC
determines which systems are root servers.You can obtain the list of Internet servers at
ftp.rs.internic.net/domain/named.cache.
Understanding DNS Servers That Define the Internet
Primary and secondary servers define the hosts for a particular domain such as
technowidgets.com. The primary server defines the domain and contains the host names
and associated IP addresses for each host.The secondary server retrieves the domain data
from the primary server at regular intervals.
Working with Primary Servers
The primary server stores files for a domain. Configuration files refer to the primary
server as a master server because a primary server is the authority for the current domain,
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
146
Chapter 4
Name Resolution
meaning that it controls host names and updates to the secondary server. The primary
server maintains the DNS databases for its DNS zone, the set of records contained within
a domain. For example, if the domain name for your company is technowidgets.com, then
you need to create a forward lookup zone for the technowidgets.com domain on the primary server. In the zone files, you create records that have the host names and corresponding IP addresses for all hosts in the zone. If your organization decided to create
subdomains, they would be maintained in separate zones.
Working with Secondary Servers
A secondary server receives its authority and database from the primary server. It provides fault tolerance, load distribution, and remote name resolution for the primary DNS
server. When the secondary server first starts, it requests from the primary server all the
data for a zone. The secondary server then periodically checks with the primary name
server to determine whether it needs to update its data. Configuration files refer to the
secondary server as a slave server. Each primary server can have multiple secondary
servers.
Tip
Even when you configure your own primary server, your ISP will probably
maintain your secondary server because the ISP has a more reliable connection to the Internet.
Understanding DNS Servers That Resolve Names
Primary and secondary servers rely on other servers to search the data they store. The
caching and forwarding servers search primary and secondary servers. When you install
a DNS server, it is a caching server by default, so no extra configuration is needed.You
can configure a caching server to use a forwarding server for resolving names instead of
using the root servers on the Internet. In addition, you can combine the caching server
that is configured by default with a primary server, secondary server, or forwarding
server. However, caching and forwarding DNS servers can be used in organizations that
do not have domain names. Remember, they are used only to resolve names.
Working with Caching Servers
A caching server is not authoritative for any zone. Instead, it handles queries by asking other servers for information.All servers cache the information they receive until the
time specified in the Time to Live (TTL) field expires. That is, a caching server stores
name resolution information until the data expires. Caching servers can be used in organizations in which many users connect to the Internet and access many common sites.
Using a local caching server can significantly reduce response time for URL resolution.
If you install a DNS server in Linux, it remains only a caching server until you modify
it to become a primary or secondary server.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Identifying the Components of DNS
147
Working with Forwarding Servers
Forwarding servers, or forwarders, process requests that DNS servers cannot resolve
locally.A forwarding server is not a separate type of server, but rather a caching server used
in a particular way. A forwarding server accesses the Internet, as shown in Figure 4-4. To
make a DNS server become a forwarding server, you add a record to reference the DNS
server on the Internet that will resolve names.You then add records in the caching servers
that reference the forwarding server.
The value of a forwarding server
Workstations in
organization
Caching
servers
1
1
2
1. Workstation 1 enters www.technowidgets.com into a browser
2. Caching server 1 asks forwarding server to resolve it
3. Forwarding server resolves it and caches (saves) it
4. Caching server 1 caches it as well
5. The IP address is returned to workstation 1 and the page
is requested
6. Workstation 2 enters www.technowidgets.com into a browser
7. It is resolved at caching server 1
8. Workstation 3 enters www.technowidgets.com into a browser
9. Caching server 2 cannot resolve it but the forwarding server can
Without a forwarding server, each caching server would
have to access the Internet
The Internet
3
2
Forwarding
server
4
3
5
Figure 4-4
Caching servers using a forwarding server
Forwarding servers work in combination with caching servers. They are useful in organizations that have many caching servers but want to reduce traffic on their connection
to the Internet. If all the caching servers cached names and IP addresses independently,
then information would be duplicated because each caching server would access the
Internet to resolve names. A forwarding server acts as the single point of contact for the
Internet, so it caches often-used names requested by the other servers. For example, if
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
148
Chapter 4
Name Resolution
the users of five caching servers wanted to access www.redhat.com, then each caching
server would have to contact the Internet to resolve the address. If the caching servers
used a forwarding server, then the forwarding server would get the IP address for
www.redhat.com and cache it. When the other caching servers needed the IP address for
www.redhat.com, they could get it from the cache at the forwarder.
Tip
The primary and secondary servers are accessed by users throughout the
Internet to determine the IP addresses of your hosts, such as www.
technowidgets.com. The caching and forwarding servers are accessed by
users in your organization to determine the IP addresses of hosts on the
Internet.
CONFIGURING ZONE FILES
Recall that a zone file contains records that specify the host names and corresponding
IP addresses for all hosts in the zone. Once you configure the zone, you can use the information in these files for name resolution, regardless of whether you use DNS in Linux
or Windows.
Often, your ISP configures the zone files; in some cases, the ISP may have a Web interface to make it easy for you to change these files. If your organization operates its own
primary DNS server, then you will configure the zone files directly. When you register
a domain name, you must provide the addresses of a primary DNS server and a secondary
DNS server. Smaller organizations often use only the DNS servers at their ISP. This is
an easy but inflexible approach; for example, you would need to contact your ISP every
time you changed your domain. If you determine that you want more control over
changes to your domain, you can set up a primary DNS server in your organization and
have your ISP maintain the secondary server. Controlling your own DNS server also
makes it easier to move to a new ISP because you control all the records that you need
to change.
A primary server is the authoritative server for managing information on IP addresses
and associated host names in your domain. All other systems on your network should be
configured so that the DNS server entry in the TCP/IP configuration has the IP address
of your DNS server.You can also enter an IP address for a second DNS server, which
will be used if the first server cannot be contacted or cannot resolve the name.Typically,
this entry applies to the DNS server at your ISP.
Understanding Zone Files and DNS Records
A zone file helps define a branch of the DNS namespace under the administrative control of a primary DNS name server. A namespace is a common grouping of related
names—for example, hosts within a LAN.Although many IT professionals use the terms
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring Zone Files
149
“domain” and “zone” interchangeably, they are not identical. A zone refers to a specific
file that resides on a server. For instance, a company that registers the domain name
technowidgets.com gains administrative control of the domain technowidgets.com. To exert
control over that domain, the company must create zones. When you create a DNS
server, you generally populate it with two types of zones:
■
Forward lookup—These zones contain entries that map names to IP addresses.
■
Reverse lookup—These zones contain entries that map IP addresses to names.
Every domain zone file consists of DNS records. A DNS record is an entry in a DNS
database on a primary server that provides additional routing and resolution information.You can configure many different types of records, but only a few are essential for
full address resolution routing. Common DNS records are listed in Table 4-3.
Tip
Do not confuse forward and reverse zone files with primary or secondary
servers. A primary or secondary server usually contains a forward or reverse
zone. Zone files make it possible to populate a DNS server, either primary or
secondary, with individual host information.
Table 4-3
Common DNS records
DNS record
Function
Address (A)
The most commonly used record; associates a host to an IP
address. For example, you can establish an association between
an IP address and a Web server by creating an address record.
Canonical name (CNAME)
Creates an alias for a specified host. As an example, suppose the
name of a WWW server is server1.company.com. (Web servers
are commonly named WWW.) A CNAME record creates an alias
for the server1.company.com host.
Internet (IN)
Identifies Internet records; precedes most DNS record entries.
Mail Exchanger (MX)
Identifies a server used for processing and delivering e-mail for
the domain.
Name server (NS)
Identifies DNS servers for the DNS domain. It can also refer to a
DNS server that will resolve names for clients, making the DNS
server act as a forwarding server.
Pointer (PTR)
Performs reverse DNS lookups. The PTR record allows DNS to
resolve an IP address to a host name.
Start of Authority (SOA)
Identifies the DNS server with the most current information for
the DNS domain. Because several secondary DNS servers may
exist, this record identifies the primary server for the specified
DNS domain. Although RFC 1035, the document that defines
DNS, specifies SOA as the “start of the zone of authority,” many
authors define SOA as the “statement of authority.”
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
150
Chapter 4
Name Resolution
Configuring the Forward Lookup Zone
The forward lookup zone maps host names to IP addresses. Although Windows uses a
GUI and Linux uses text files, both must supply the same information so that any other
DNS server can read the forward lookup zone. Figure 4-5 shows a sample forward
lookup zone file for technowidgets.com. For the purposes of this example, IP addresses that
are invalid on the Internet are used. Spacing is not important in the files. However, each
name, such as @, web1, or www, must appear in the first column of the line.
$TTLƒƒ86400
@ƒƒƒƒƒINƒƒƒƒSOAƒƒƒweb1.technowidgets.com.ƒadmn.technowidgets.com.ƒ(
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ2002072100ƒ;ƒSerial
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ28800ƒƒƒƒƒƒ;ƒRefresh
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ14400ƒƒƒƒƒƒ;ƒRetry
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ3600000ƒƒƒƒ;ƒExpire
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ86400ƒ)ƒƒƒƒ;ƒMinimum
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒNSƒƒƒƒƒƒweb1
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒAƒƒƒƒƒƒƒ192.168.0.100
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒMXƒƒ10ƒƒmail.technowidgets.com.
web1ƒƒƒƒƒƒƒƒINƒƒƒƒAƒƒƒƒƒ192.168.0.100
wwwƒƒƒƒƒƒƒƒƒINƒƒƒƒCNAMEƒweb1
www.supportƒINƒƒƒƒCNAMEƒweb1
researchƒƒƒƒINƒƒƒƒAƒƒƒƒƒ192.168.0.150
ƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒMXƒ10ƒmail
mailƒƒƒƒƒƒƒƒINƒƒƒƒAƒƒƒƒƒ192.168.0.200
Figure 4-5
Forward lookup zone for technowidgets.com
Each statement except for the first line contains IN, which stands for the Internet class;
historically, there were other classes but the Internet class is the only one used today.The
$TTL 86400 tells caching software how long to cache the resource records such as
www. The time is measured in seconds.
Starting with the first character on the next line, the @ signifies the name of the zone,
which is technowidgets.com. This line defines the Start Of Authority (SOA) record; it
states that the primary DNS server resides on web1.technowidgets.com.The e-mail address
of the contact person for this domain is [email protected]
Make sure that you replace the @ in the e-mail name with a period when you
type the e-mail address for the domain’s contact name.
Tip
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring Zone Files
151
The next five items define the relationship between the primary server and the secondary server. Other than the first item, the numbers are represented in seconds.
■
The serial number can be any valid 32-bit number. When you change the
DNS configuration, changing the serial number informs the secondary server
that it should update its database. The standard format for the serial number
is YYYYMMDDnn, where YYYYMMDD is the date of the configuration
change and nn represents a sequential number allowing up to 100 changes
per day.
■
The refresh interval tells the secondary server how often to check for
updates from the primary server.
■
The retry interval describes how often the secondary server should try to
contact the primary server if it fails to make contact after the refresh interval.
■
The secondary server also needs to know how long to keep trying to contact
the primary server before giving up and stopping all requests for name resolution. This information is provided by the value for expire.
■
The last item, minimum, refers to the length of time that a negative
response to a query should remain cached.
Tip
Although older versions of DNS software could describe time only in seconds,
current versions can use m, h, and d to describe minutes, hours, and days,
respectively. For example, you could translate the previous SOA record into
the following record:
2002072100ƒ;ƒSerial
8hƒƒƒƒƒƒ;ƒRefresh
4hƒƒƒƒƒƒ;ƒRetry
1000hƒƒƒ;ƒExpire
1dƒ)ƒƒƒƒ;ƒMinimum
The SOA record is followed by the line IN NS web1. Because nothing precedes IN in
the line, it takes the value of the previous IN statement, which was the @, meaning
technowidgets.com.The NS stands for name server, which is shorthand for DNS server, and
web1 is the name of the host that has the DNS server. In other words, the line means
that web1 has the DNS server for technowidgets.com. Notice that web1 does not end in
a period, yet web1.technowidgets.com. does. When a name ends in a period, it is called a
fully qualified domain name (FQDN), which is the complete name of the host.
When no period appears at the end, the host name is given relative to the zone name.
In this case, using web1 is the same as using web1.technowidgets.com. for the name. Again,
notice the period after “com.”; if the first line does not end with a period, the server
appends the zone name. In this case, the server would interpret the host name as
web1.technowidgets.com.technowidgets.com. The most common error in configuring DNS
servers is forgetting the period at the end of the FQDN.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
152
Chapter 4
Name Resolution
The next line, IN A 192.168.0.100, means that the name technowidgets.com resolves
to the IP address 192.168.0.100.To refer mail for technowidgets.com to a mail server, you
need a mail exchange record of IN MX 10 mail.technowidgets.com. Because
the system could include multiple mail servers, the value of 10 helps determine which
mail server is the primary one. If there were multiple MX records, they would have
different numeric values. The one with the lowest value would be the first e-mail
server contacted; if it did not respond, the next e-mail server in numeric order would
be contacted.
Tip
Instead of the FQDN of mail.technowidgets.com., you could have used
“mail” without a period at the end. The FQDN you decide to use depends on
personal preference.
So far, the record refers to web1 twice without describing the IP address of the host. It is
finally described in the line web1 IN A 192.168.0.100, which tells you that web1 is
located at 192.168.0.100. However, because it is not standard practice to have a URL of
web1.technowidgets.com, you must create a canonical name, also known as an alias, which
states that www is equivalent to web1.This alias is shown in the next line, www IN CNAME
web1, which means that www.technowidgets.com is the same as web1.technowidgets.com.
The next line includes a host for research at 192.168.0.150. Because the line following
research does not have a name to the left of IN, it takes the value of the previous line,
which is “research.”That is, mail sent to research.technowidgets.com should go to the same
mail server. Finally, the last line describes the IP address of the mail server.
The previous example incorporates all the elements of a typical forward lookup zone
file.You use many of the same elements to configure the reverse lookup zone file, so the
next section covers only the unique parts of this file.
Configuring the Reverse Lookup Zone
Along with converting domain names into IP addresses, the DNS system can do the
reverse: it can convert IP addresses into names. For example, suppose that an e-mail system receives an e-mail from [email protected] The IP address of the sender is
38.246.165.21.The e-mail system may want to know whether 38.246.165.21 is actually
associated with microsoft.com. A reverse lookup can tell the system the domain of the IP
address. A reverse lookup is also useful when using DNS-based troubleshooting utilities
such as nslookup and dig.
Although a forward lookup zone is required when setting up DNS, a reverse
lookup zone is not required.
Tip
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring Zone Files
153
DNS converts IP addresses to names by associating a domain name with a network
address and placing the domain name in the top-level in-addr.arpa domain. To implement reverse lookups, you create reverse zone files and populate them with PTR records
in the proper format.
For example, suppose that your company has the class C network address 192.168.0.0.
The associated in-addr.arpa zone name is 0.168.192.in-addr.arpa.You create this name
by reversing the order of the bytes in the network address and adding in-addr.arpa at
the end. By placing this information in a PTR record, you create the proper reverse
DNS entry for the host. Figure 4-6 shows an example.
$TTLƒƒ86400
@ƒƒƒƒƒINƒƒƒƒSOAƒƒƒweb1.technowidgets.com.ƒadmn.technowidgets.com.ƒ(
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ2002072100ƒ;ƒSerial
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ28800ƒƒƒƒƒƒ;ƒRefresh
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ14400ƒƒƒƒƒƒ;ƒRetry
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ3600000ƒƒƒƒ;ƒExpire
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ86400ƒ)ƒƒƒƒ;ƒMinimum
ƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒƒNSƒƒƒƒƒƒweb1
100ƒƒƒƒƒƒƒƒƒINƒƒƒƒƒPTRƒƒƒƒƒweb1.technowidgets.com.
150ƒƒƒƒƒƒƒƒƒINƒƒƒƒƒPTRƒƒƒƒƒresearch.technowidgets.com.
200ƒƒƒƒƒƒƒƒƒINƒƒƒƒƒPTRƒƒƒƒƒmail.technowidgets.com.
Figure 4-6
Reverse lookup zone
Conventionally, the bytes in IP addresses move from general to more specific networks
as you proceed from left to right. However, URLs are opposite—the most specific is on
the left. For example, in the URL www.technowidgets.com, “www” represents the specific
host.With the corresponding IP address, 192.168.0.100, the host portion of the address
is 100, and is on the right.To have the most specific portion on the left, you must reverse
the address. You already know that the @ represents the name of the zone, which is
0.168.192.in-addr.arpa.You also know that a name without a period at the end means
that the zone name is appended to it. Thus the text 100 IN PTR web1.
technowidgets.com. is the same as 100.0.168.192.in-addr.arpa. IN PTR
web1.technowidgets.com. These addresses now match; web1 is on the left in both
cases. Matching is necessary because the search is similar; just as searches always start at
the top-level domain of com for forward lookups, so searches start at in-addr.arpa for
reverse lookups.
Now that you have learned about the forward and reverse lookup zones in a DNS server,
you are ready to learn how to set them up in Linux and Windows.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
154
Chapter 4
INSTALLING
Name Resolution
AND
CONFIGURING DNS
IN
LINUX
The software used for DNS in Linux and other non-Windows servers is called BIND
(Berkeley Internet Name Domain). Even organizations that have only Windows servers
for the Web environment typically use BIND on a UNIX/Linux computer for their
Internet DNS.
At the time of this book’s publication, Red Hat Linux shipped with version 9 of BIND;
a newer version might now be available on the Red Hat Web site. One advantage of
using the Linux distribution from Red Hat is that it employs the rpm method of
installing software, which not only installs software but also maintains a record of files
used for the application. The record can later help you update or delete an application
without affecting other applications.
You probably installed the DNS name server when you installed Linux in the
previous chapter. If you did not, use Hands-on Project 4-1 to install the DNS
server software directly from the CD. This procedure could prove helpful if
you need to upgrade the software in the future.
Tip
When you installed Linux, it added a number of files and directories to your system.
Table 4-4 describes the most important files.
Table 4-4
Common DNS configuration files and directories in Linux
File
Description
/etc/rc.d/init.d/named
The name server daemon is the file that starts DNS.
/etc/named.conf
This file describes the location of your zone files.
/var/named
This directory contains your zone files.
Configuring DNS in Linux
After you configure the forward and reverse lookup zone files for the DNS server in Linux,
you store the files in the correct location and make sure that DNS knows about the files.
Refer to the sample zone files in Figures 4-5 and 4-6 to better understand how to complete the following tasks.The specific steps are covered in Hands-on Project 4-2.
To configure DNS in Linux:
1. Use a consistent standard to name the zone files.
Begin the name of the forward lookup zone file with “named” followed by a
dot and then the name of the zone. Because the name of the forward lookup
zone is technowidgets.com, you would name the file “named.technowidgets.com”.
For the reverse zone, start the filename with “named” followed by a dot and
then add the network address of the zone with the octets reversed; the name of
the reverse lookup zone file in Figure 4-6 would then be “named.0.168.192”.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Configuring DNS in Linux
155
2. Store these files in the /var/named directory.
3. Tell DNS about the zone files.
Modify the file in /etc called named.conf, which is shown in Figure 4-7.
This file starts as a caching DNS server, because it is not acting as a primary
DNS server for a domain yet. Once you add the zone information (explained
later), the server will be a primary DNS server.
//ƒgeneratedƒbyƒnamed-bootconf.pl
optionsƒ{
ƒƒƒƒƒƒdirectoryƒ"/var/named";
ƒƒƒƒƒƒ/*
ƒƒƒƒƒƒƒ*ƒIfƒthereƒisƒaƒfirewallƒbetweenƒyouƒandƒnameserversƒyouƒwant
ƒƒƒƒƒƒƒ*ƒtoƒtalkƒto,ƒyouƒmightƒneedƒtoƒuncommentƒtheƒquery-source
ƒƒƒƒƒƒƒ*ƒdirectiveƒbelow.ƒPreviousƒversionsƒofƒBINDƒalwaysƒasked
ƒƒƒƒƒƒƒ*ƒquestionsƒusingƒportƒ53,ƒbutƒBINDƒ8.1ƒusesƒanƒunprivileged
ƒƒƒƒƒƒƒ*ƒportƒbyƒdefault.
ƒƒƒƒƒƒƒ*/
ƒƒƒƒƒƒ//ƒquery-sourceƒaddressƒ*ƒportƒ53;
};
//ƒ
//ƒaƒcaching-onlyƒnameserverƒconfig
//ƒ
controlsƒ{
ƒƒƒƒƒƒinetƒ127.0.0.1ƒallowƒ{ƒlocalhost;ƒ}ƒkeysƒ{ƒrndckey;ƒ};
};
zoneƒ"."ƒINƒ{
ƒƒƒƒƒƒtypeƒhint;
ƒƒƒƒƒƒfileƒ"named.ca";
};
zoneƒ"localhost"ƒINƒ{
ƒƒƒƒƒƒtypeƒmaster;
ƒƒƒƒƒƒfileƒ"localhost.zone";
ƒƒƒƒƒƒallow-updateƒ{ƒnone;ƒ};
};
zoneƒ"0.0.127.in-addr.arpa"ƒINƒ{
ƒƒƒƒƒƒtypeƒmaster;
ƒƒƒƒƒƒfileƒ"named.local";
ƒƒƒƒƒƒallow-updateƒ{ƒnone;ƒ};
};
includeƒ"/etc/rndc.key";
Figure 4-7
Contents of named.conf
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
156
Chapter 4
Name Resolution
In Figure 4-7, the entry for the “localhost” zone provides a model for adding your forward and reverse lookup zones to named.conf.
■
zone “localhost” IN {—The name of the zone is in quotation marks. Be sure to
type the name of your zone correctly, because the @ uses this name in the zone
file. Recall from Figures 4-5 and 4-6 that the @ represents the zone name.
■
type master;—The configuration file uses this term to denote a primary server.
The term for a secondary server is slave.
■
file “localhost.zone”;—This is the name of the zone file. At the beginning of
Figure 4-7 is directory “/var/named”;, which is the name of the directory that must contain the zone files.
■
allow-update { none; };—No secondary server needs this information. When a
secondary server requests an update of the zone files, this file will be skipped.
Because you want your zone files to be updated, do not add this line to the
forward and reverse zone entries in named.conf.
Given this information, add the forward and reverse zones for Technowidgets, Inc., so
named.conf resembles Figure 4-8.
Starting DNS in Linux
Once you have added the forward and reverse zone entries to named.conf, you can start
DNS in Linux by typing the following command:
/etc/rc.d/init.d/namedƒstart
If you find a mistake in a zone file and want to restart the server, type the following
command:
/etc/rc.d/init.d/namedƒrestart
To stop the DNS server, type the following command:
/etc/rc.d/init.d/namedƒstop
Because it is easy to overlook starting DNS, set it to start every time you start the server.
To have DNS start automatically in Linux:
1. Type the following command to open the rc.local file and then press Enter:
kedit /etc/rc.d/rc.local
The rc.local file runs the files contained in it when Linux starts.
2. Add the following line to the file:
/etc/rc.d/init.d/named start
3. Save the file and then exit.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Configuring DNS in Linux
157
//ƒgeneratedƒbyƒnamed-bootconf.pl
optionsƒ{
ƒƒƒƒƒƒdirectoryƒ"/var/named";
ƒƒƒƒƒƒ/*
ƒƒƒƒƒƒƒ*ƒIfƒthereƒisƒaƒfirewallƒbetweenƒyouƒandƒnameserversƒyouƒwant
ƒƒƒƒƒƒƒ*ƒtoƒtalkƒto,ƒyouƒmightƒneedƒtoƒuncommentƒtheƒquery-source
ƒƒƒƒƒƒƒ*ƒdirectiveƒbelow.ƒPreviousƒversionsƒofƒBINDƒalwaysƒasked
ƒƒƒƒƒƒƒ*ƒquestionsƒusingƒportƒ53,ƒbutƒBINDƒ8.1ƒusesƒanƒunprivileged
ƒƒƒƒƒƒƒ*ƒportƒbyƒdefault.
ƒƒƒƒƒƒƒ*/
ƒƒƒƒƒƒ//ƒquery-sourceƒaddressƒ*ƒportƒ53;
};
//ƒ
//ƒaƒcaching-onlyƒnameserverƒconfig
//ƒ
controlsƒ{
ƒƒƒƒƒƒinetƒ127.0.0.1ƒallowƒ{ƒlocalhost;ƒ}ƒkeysƒ{ƒrndckey;ƒ};
};
zoneƒ"."ƒINƒ{
ƒƒƒƒƒƒtypeƒhint;
ƒƒƒƒƒƒfileƒ"named.ca";
};
zoneƒ"localhost"ƒINƒ{
ƒƒƒƒƒƒtypeƒmaster;
ƒƒƒƒƒƒfileƒ"localhost.zone";
ƒƒƒƒƒƒallow-updateƒ{ƒnone;ƒ};
};
zoneƒ"0.0.127.in-addr.arpa"ƒINƒ{
ƒƒƒƒƒƒtypeƒmaster;
ƒƒƒƒƒƒfileƒ"named.local";
ƒƒƒƒƒƒallow-updateƒ{ƒnone;ƒ};
};
zoneƒ"technowidgets.com"ƒINƒ{
ƒƒƒƒƒƒtypeƒmaster;
ƒƒƒƒƒƒfileƒ"named.technowidgets.com";
};
zoneƒ"0.168.192.in-addr.arpa"ƒINƒ{
ƒƒƒƒƒƒtypeƒmaster;
ƒƒƒƒƒƒfileƒ"named.0.168.192";
};
includeƒ"/etc/rndc.key";
Figure 4-8
named.conf with zone information for TechnoWidgets, Inc.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
158
Chapter 4
Name Resolution
To review the steps for setting up DNS in Linux, suppose that your company developed
an idea for a domain called ProductsWithPizazz.com. First, you would register the domain
name. To add the domain to your existing DNS server, you would do the following:
■
Add a forward lookup entry in named.conf.
■
Add the associated zone file in /var/named.
■
Modify the reverse lookup zone.
For example, you could add the following code to named.conf:
zoneƒ"ProductsWithPizazz.com"ƒINƒ{
ƒƒƒƒƒƒtypeƒmaster;
ƒƒƒƒƒƒfileƒ"named.productswithpizazz.com";
};ƒ
Configuring a Caching Server
After you install the DNS server in Linux, you can set it up as a caching server by adding
a reverse lookup zone for your host address.
When you configure the client software to resolve names through a caching server, it refers
to the following section of the configuration in named.conf (refer back to Figure 4-7):
zoneƒ"."ƒINƒ{
ƒƒƒƒƒƒtypeƒhint;
ƒƒƒƒƒƒfileƒ"named.ca";
};
This code refers the client to the root zone. The file named.ca contains the names and
IP addresses of the root servers, which can be accessed to resolve names. The resolved
names are then cached locally.
Configuring a Caching Server to Use a Forwarding Server
To configure a caching server to use a forwarding server, open the file named.conf in
the caching server, and then add the IP address of the forwarding server to the options.
If your organization has more than one forwarding server, you can add the servers’ IP
addresses in the same line, separated by semicolons. In named.conf, the only option specified at first is the directory of the zone files. For example, the following code is from
named.conf, minus the comments:
optionsƒ{
ƒƒƒƒƒƒdirectoryƒ"/var/named";
};
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Name Resolution in Windows
159
To refer name resolution to a forwarding server, add the forwarders option. If the IP
address of the forwarding server is 192.168.0.250, change the options code as follows:
optionsƒ{
ƒƒƒƒƒƒdirectoryƒ"/var/named";
ƒƒƒƒƒƒforwardersƒ{192.168.0.250;};
};
Remember to add a semicolon after the IP address and again after the closing bracket
(}). Although you have only one forwarder, the option is still called “forwarders.”
Configuring Client DNS in Linux
After configuring the DNS server, you need to configure the client portion of DNS.
Recall that when the client software needs to resolve a name, it looks in the TCP/IP
configuration for a DNS server. In the case of Linux, the server is called a nameserver.
Assuming that your Linux computer has an IP address of 192.168.0.100, you need to
tell the client software that the address belongs to your DNS server.
To configure client-side DNS in Linux:
1. In a terminal window, type kedit /etc/resolv.conf and then press Enter.
2. The file might already reference the nameserver. If it does not, add the following line to the end of the file, assuming that the IP address of your DNS
server is 192.168.0.100: nameserver 192.168.0.100
3. Because this computer is part of a domain, you should add the name of the
domain. For example, if the name is technowidgets.com, type domain
technowidgets.com on a new line in the file.
4. Save the file by clicking the floppy disk icon on the kedit toolbar at the top
of the window.
5. Close the window to exit the file. Now the Linux computer will resolve
names.
Tip
Even though you are configuring this computer to use just one DNS server,
you could add two more nameserver lines. It is a good idea to reference multiple DNS servers in case one cannot be contacted.
Now that the DNS server is running and the client configuration is using the DNS
server for name resolution, you need to perform the same procedures in Windows.
UNDERSTANDING NAME RESOLUTION
IN
WINDOWS
Name resolution can mean more than just DNS. Although basic DNS is perfect for the
Internet, name resolution also needs to take place within LANs.This chapter focuses on
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
160
Chapter 4
Name Resolution
the Web server environment, but it is important to compare the DNS of the Internet
with other methods of name resolution. For example, DNS assumes that each computer will have a static IP address—an address that is allocated to a computer once
and doesn’t change. In a LAN environment, by contrast, it is common for computers
to have dynamic IP addresses, which can change over time.
The dynamic IP address is assigned through Dynamic Host Configuration Protocol
(DHCP). DHCP holds a pool of addresses that are given to a computer for a specific
amount of time.Typically, a computer continues to renew the IP address indefinitely, but
it can change at any time. As you can imagine, if the IP address of a computer changed
often, the zone file described earlier in this chapter would not be very useful. Someone
would have to constantly update the zone file as computers changed addresses.
Because such a solution obviously is not feasible, Microsoft developed Dynamic DNS
(DDNS). In this system, computers and their associated IP addresses are automatically
added, changed, and deleted from the DDNS as computers are turned on and shut down.
Both Windows 2000 and Windows 2003 allow you to use DDNS for the LAN and simple DNS for connections to the Internet.The other possibility is to have a single DDNS
configuration for both internal LAN use and the Internet. Before LANs could use
DDNS, Microsoft had to incorporate a hierarchical namespace into this service, similar
to the Internet, as you will learn in the next chapter.
Microsoft operating systems before Windows 2000 cannot use DDNS, so they need an
older technology to support name resolution. Servers used with Windows NT
Workstation, Windows 95, and Windows 98 get this support from WINS (Windows
Internet name service). In the case of WINS, the term “Internet” simply means name
resolution between networks; this term was created before Microsoft became involved
with the Internet as we know it. Just as the IP address of the DNS server is part of the
TCP/IP configuration in Windows, so there is a place to enter the address for the WINS
server. Although Windows 2000, Windows XP, and Windows 2003 support a hierarchical naming scheme similar to that of the Internet, the older systems understood a computer name only within a domain. A domain in Windows is simply a logical grouping
of computers.The only way older computers can be recognized on a LAN is to ensure
they are registered in a WINS database.
DNS is not required with Windows NT, but it is required in Windows 2000 and
Windows 2003 if you want to take advantage of Active Directory Service (ADS).
ADS keeps track of all users throughout the network and all resources they can use, such
as printers and files. It works from a single point of administration, which eases maintenance. You will set up ADS in the next chapter, then use it to install a Microsoft
Exchange server in Chapter 8.
Although DNS is required for ADS, you do not have to use Microsoft DNS.When you
install ADS, you could use the IP address of a Linux server that has DNS.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Configuring DNS in Windows 2000 and 2003
INSTALLING
AND
CONFIGURING DNS
IN
WINDOWS 2000
AND
161
2003
In Chapter 3, the Windows Setup program allowed you to install DNS when you
installed Windows 2000. However, you did not install DNS, so you can do so now.
Windows 2003 does not allow you to install components with the operating system.
To install DNS in Windows :
1. Insert the Windows installation CD. When the installation window opens,
click Exit.
2. From the Control Panel, click Add or Remove Programs (double-click
Add/Remove Programs in Windows 2000).
3. Click Add/Remove Windows Components in the left panel. The
Windows Components Wizard opens.
4. Scroll down to click and select Networking Services, and then click the
Details button.
5. Select the Domain Name System (DNS) check box and click OK.
6. Click Next to install the DNS server.
7. Click Finish, and then close the window.
After installing DNS, you need to configure it. Configuring DNS is the same in both
Windows 2000 and Windows 2003. Figure 4-9 shows the DNS configuration window
in Windows 2003, but you would see a similar window in Windows 2000.
To begin configuring DNS in Windows:
1. Open the DNS configuration window.
In Windows 2003: Click Start, point to Administrative Tools, and then
click DNS.
In Windows 2000: Click Start, point to Programs, point to Administrative
Tools, and then click DNS.
2. Click the + icon next to the name of the server to open the window shown
in Figure 4-9.You see two standard folders: one for Forward Lookup Zones
and one for Reverse Lookup Zones.You will not use the Event Viewer system folder.
Your objective is to set up the DNS for technowidgets.com.You will skip the wizard, which
is more focused on LAN-based use of DDNS; your focus is the Internet.The first procedure sets up a file for the technowidgets.com zone.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
162
Chapter 4
Figure 4-9
Name Resolution
DNS configuration window
To set up a forward lookup zone file in DNS in Windows:
1. In the left pane of the DNS configuration window, click Forward Lookup
Zones, right-click Forward Lookup Zones, and then click New Zone on
the shortcut menu.
2. The New Zone Wizard starts to guide you through the process of creating a
zone. Click Next.
3. In the Zone Type window, accept the default zone type of Primary zone, and
then click Next.
4. The Zone Name dialog box appears. For the zone name, type
technowidgets.com, and then click Next.
5. The Zone File dialog box appears.You use this dialog box to define the name
of the file in which to store the zone information. Accept the default filename of technowidgets.com.dns, and then click Next.
6. Windows 2003 only: The Dynamic Update dialog box opens.You are creating
a DNS for the Internet only, so you do not want other computers automatically adding records to your DNS. Accept the default option of Do not
allow dynamic updates by clicking Next.
7. Click Finish to create the forward lookup zone file.This is just a blank file. In
subsequent steps, you will fill it with zone information for technowidgets.com.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Configuring DNS in Windows 2000 and 2003
163
Although you do not have to set up the reverse lookup zone yet, it is easier to do it now.
Later, when you add a new host record, it can automatically add the PTR record in the
reverse lookup zone, if the zone already exists.
To set up a reverse lookup zone file in DNS in Windows:
1. In the left pane of the DNS configuration window, click Reverse Lookup
Zones, right-click Reverse Lookup Zones, and then click New Zone on
the shortcut menu.
2. The New Zone Wizard starts and the welcome screen appears. Click Next.
3. In the Zone Type dialog box, accept the Primary zone (Standard primary in
Windows 2000) as the default. Click Next.
4. The Reverse Lookup Zone Name dialog box appears. It asks for the network
ID or the name of the zone.You need to enter the network portion of the IP
address; for example, if your IP address was 192.168.0.0, you would type
192.168.0. Notice that “0.168.192.in-addr.arpa” appears in the dimmed box;
this is exactly what you created under Linux.
5. Click Next. In the Zone File dialog box, accept the default filename of
0.168.192.in-addr.arpa.dns by clicking Next.
6. Windows 2003 only: The Dynamic Update dialog box opens. Accept the
default option of Do not allow dynamic updates.You want to specify
hosts yourself, and you do not want workstations on the LAN adding their
host names to the DNS. Click Next.
7. Click Finish to exit the New Zone Wizard and create the reverse lookup
zone file.
Notice that the window shown in Figure 4-9 has now changed. In the left pane of the
DNS configuration window, you see a folder for technowidgets.com, which indicates you
have created the zone file. (Expand the Lookup Zones folder, if necessary.) Now you
need to configure it.You want this zone file to contain the same information as the one
you created in Linux. Instead of editing a text file, you will use dialog boxes in Windows
to add and modify information.
The first task in configuring DNS is to add the host records. In the Linux configuration, you added the Mail Exchanger (MX) record, but the Windows GUI does not let
you refer to a host name that does not exist yet.The following code shows a list of host
names and related information from the Linux configuration:
web1ƒƒƒƒƒƒINƒƒAƒƒƒƒƒ192.168.0.100
wwwƒƒƒƒƒƒƒINƒƒCNAMEƒweb1
researchƒƒINƒƒAƒƒƒƒƒ192.168.0.150
mailƒƒƒƒƒƒINƒƒAƒƒƒƒƒ192.168.0.200
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
164
Chapter 4
Name Resolution
To add hosts to the DNS configuration in Windows:
1. In the left pane of the DNS configuration window, click
technowidgets.com, and then right-click technowidgets.com. The window that appears is similar to Figure 4-10.
Figure 4-10
Shortcut menu for technowidgets.com
2. Click New Host (A). The New Host dialog box appears.
3. In the Name text box, type web1.
4. In the IP address text box, type 192.168.0.100.
5. Make sure that the check box next to Create associated pointer (PTR)
record is selected. This option will save you time in creating a reverse lookup
zone. Click Add Host and then click OK. Step 5 completes the steps for
adding a host record.
6. Repeat Steps 3 through 5 to add research at 192.168.0.150 and mail at
192.168.0.200. Remember to click Add Host and then OK after entering
each name and IP address.
7. Click Done to exit the New Host dialog box.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Configuring DNS in Windows 2000 and 2003
165
8. To add the canonical name www, which is an alias for web1, right-click
technowidgets.com and then click New Alias (CNAME) or New Alias
in Windows 2000. The New Resource Record dialog box appears.
9. In the Alias name text box, type www.
10. In the Fully qualified domain name text box, type
web1.technowidgets.com.
11. Click OK to finish adding the new alias.
In Chapter 8 you will install a mail server, so you need to add an MX record.
To add an MX record in Windows:
1. In the left pane of the DNS configuration window, right-click
technowidgets.com.
2. Click New Mail Exchanger (MX).
3. The New Resource Record dialog box states that the default mail exchanger
is for the domain, so you do not enter anything in the Host or child domain
text box. In the Fully qualified domain name (FQDN) of mail server text
box, type mail.technowidgets.com.
4. Click OK to finish adding the new MX record.
Your next task is to configure the Start of Authority (SOA) and name server sections of
the zone file. Recall from Figure 4-5 that you have the following Start of Authority:
@ƒƒƒƒƒINƒƒƒƒSOAƒƒƒweb1.technowidgets.com.ƒadmn.technowidgets.com.ƒ(
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ2002072100ƒ;ƒSerial
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ28800ƒƒƒƒƒƒ;ƒRefresh
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ14400ƒƒƒƒƒƒ;ƒRetry
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ3600000ƒƒƒƒ;ƒExpire
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ86400ƒ)ƒƒƒƒ;ƒMinimum
To configure the Start of Authority and name server of a zone in Windows:
1. In the left pane, make sure that the Forward Lookup Zones folder is open
so you can see the name of the zone. Right-click technowidgets.com, and
then click Properties.You see the information you entered when you created the zone.
2. Click the Start of Authority (SOA) tab.
3. Make the Windows DNS the same as the one in Linux by changing the following settings. Windows DNS configuration is forgiving. If you forget to
add a dot after “com,” it will add it for you in the configuration file.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
166
Chapter 4
Name Resolution
■
Change the serial number to 2003072100.
■
Change the primary server to web1.technowidgets.com.
■
Change the responsible person to admn.technowidgets.com. The dialog
box should look like Figure 4-11.
Figure 4-11
Start of Authority (SOA) tab
4. To configure the name servers, click the Name Servers tab. Click Edit, and
then click Browse. In the Records box, expand WEB1 until you see the host
record for web1. Highlight web1, and then click OK to return to the Name
Servers tab. This is like adding an NS record to DNS. The dialog box should
look like Figure 4-12.
5. Click OK to return to the main DNS screen.
You have now duplicated the steps necessary to create the same DNS configuration that
you had in Linux, except for the extra alias and MX record.When you click the forward
lookup zone of technowidgets.com, you should see the window shown in Figure 4-13.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Configuring DNS in Windows 2000 and 2003
167
4
Figure 4-12
Name Servers tab of the DNS properties dialog box
Figure 4-13
Finished DNS configuration for technowidgets.com
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
168
Chapter 4
Name Resolution
Configuring Client-Side DNS in Windows
Just as with Linux, you need to configure Windows computers to use the DNS server you
just created to resolve names. Because DNS works the same way on any computer, you
can have a Linux client computer using a DNS server on a Windows computer, and vice
versa. The steps for configuring DNS on the client side are the same for Windows 2000
and Windows 2003. You can skip this procedure if you added a DNS server when you
installed Windows.
To add client-side DNS in Windows:
1. Open the Local Area Connection window.
In Windows 2003: Click Start, point to Control Panel, point to Network
Connections, and then click Local Area Connection.
In Windows 2000: Click Start, point to Settings, and then click Network
and Dial-up Connections. In the Network and Dial-up Connections window, click Local Area Connection.
2. The Local Area Connection Status dialog box opens. Click Properties.
3. In the Local Area Connection Properties dialog box, click Internet
Protocol (TCP/IP), and then click Properties.
4. In the Internet Protocol (TCP/IP) Properties dialog box, click Advanced.
5. In the Advanced TCP/IP Settings dialog box, click the DNS tab, as shown in
Figure 4-14.
6. To add a DNS address, click Add.
7. The TCP/IP DNS Server dialog box appears. Type 192.168.0.100, and then
click Add.
8. Although the DNS configuration is complete, note the references to DNS
suffixes. They simply mean that if you enter a suffix of technowidgets.com, you
can just use the host names of “www” and “mail” instead of the full names of
www.technowidgets.com and mail.technowidgets.com. Click OK.
9. Close the remaining windows.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Troubleshooting DNS
169
4
Figure 4-14
TCP/IP configuration window for DNS
You have set up both the DNS server and the TCP/IP property in the client software
to have your server resolve names. Windows offered you more guidance than the same
process in Linux, but it was still easy to forget to add the period at the end of an FQDN.
TROUBLESHOOTING DNS
There is more than one way to make sure that DNS is working, and many of these techniques are similar in Windows and Linux. The most common technique is to use the
ping utility, which you learned about in Chapter 3.Another helpful utility is nslookup,
which is available on both Linux and Windows.The nslookup utility can give you more
information about a host name because it actually reads DNS information; for example,
it can tell you that www.technowidgets.com is a canonical name for web1.technowidgets.com.
In Linux, an even better utility for getting DNS information is dig. The dig utility can
extract more DNS information, such as the SOA record, from the DNS.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
170
Chapter 4
Name Resolution
Using ping to Test Connectivity
In Chapter 3, you used ping with an IP address to test connectivity.You can also use this
utility to determine whether the DNS server can translate a host name into an IP
address. It is not important that the addresses for mail and research do not exist yet; you
just want to make sure that the names are resolved. In Figure 4-15, you can see the result
of typing “ping mail.technowidgets.com”.The second line of the ping statement shows
you that the name was translated to 192.168.0.200, so you know that DNS is working.
Even though it was translated correctly by DNS, there is no IP address of 192.168.0.200,
so the reply timed out.
The DNS server
resolved mail.
technowidgets.com
Figure 4-15
Pinging to test connectivity
Using nslookup to Check DNS
Another utility specifically designed to test DNS functionality is nslookup. The first
two letters in the name of the utility’s name stand for “name server,” indicating that
nslookup is designed to look up information in a name (DNS) server.The utility works
in two modes: command-line mode and interactive mode.
In command-line mode, you type the command plus an address or name; nslookup responds
with the answer and comes back to the command prompt. For an example, look at the top
of Figure 4-16.When the user entered the command “nslookup www.technowidgets.com”,
nslookup responded that the actual host name is web1.technowidgets.com at 192.168.0.100
and noted that www.technowidgets.com is an alias.The utility works the same way in both
Windows and Linux, but in Linux it displays a message stating that the command is
deprecated. A deprecated command is considered obsolete and may be dropped from
future versions of the software.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Troubleshooting DNS
171
Type these items
4
Figure 4-16
Example of nslookup
You can use nslookup in interactive mode when you want to look up more than one
piece of information. Interactive mode means that you type commands from within the
nslookup program.As shown in Figure 4-16, you simply type nslookup and press Enter
to get into interactive mode. You are then ready to request information for the local
DNS server. If you type research.technowidgets.com, nslookup responds with
the IP address that corresponds to research.technowidgets.com. If you type an IP address that
exists in DNS, nslookup responds with the host name. For example, if you type
192.168.0.200, nslookup responds with mail.technowidgets.com. To exit interactive
mode, type exit.
Using dig to Find DNS Information in Linux
The dig (domain information groper) utility can find more information about DNS
records than nslookup does. It is not included in Windows, but it is available with Linux.
As with nslookup, you can use dig in either command-line mode or interactive mode.
By default, dig looks at the local DNS server. You need to specify two items in your
command. The first item is the name or IP address, such as www.technowidgets.com or
192.168.0.200. The second item describes the information you want, such as “a” for IP
address, “ns” for information on the name server itself, “mx” for the mail exchanger for
the domain, or “soa” for the SOA record for the domain. Table 4-5 lists some sample
commands using dig.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
172
Chapter 4
Table 4-5
Name Resolution
Sample commands using dig
Command
Description
digƒtechnowidgets.comƒsoa
Display the soa record for the technowidgets.com
domain. Display the host name that corresponds to the
domain name and its IP address.
digƒwww.technowidgets.comƒa
Display the IP address for www.technowidgets.com. If it
is a canonical name (alias), display the actual host name.
digƒtechnowidgets.comƒns
Display the name of the DNS server (name server) and
its IP address.
The actual output of the dig command includes more than a corresponding command
using nslookup.The lines preceded by semicolons (;) are comments inserted by the dig
command. The other lines, which are the actual output you are seeking, appear in the
Answer section. Figure 4-17 shows an example of the dig technowidgets.com ns
command. The name server is web1.technowidgets.com and the IP address for
web1.technowidgets.com is 192.168.0.100.
Figure 4-17
Example of a dig command
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Using WINS to Resolve Computer Names in Windows
173
Other Troubleshooting Techniques for DNS
If ping, nslookup, and dig do not give you the correct results, you need to track down
the errors and fix them yourself. In Linux, for example, you have to make sure that you
started the DNS server by typing the following command:
/etc/rc.d/init.d/namedƒstart
If it still does not work, make sure you set the DNS client configuration to the address
of the DNS server. In Linux, this information is in /etc/resolv.conf; in Windows, check
the steps in the “Configuring Client-Side DNS in Windows” section earlier in this chapter.Another common problem is mistakenly entered combinations of IP addresses. If you
used different IP addresses, make sure that you entered them consistently throughout the
configurations.
In Linux, the /etc/rc.d/init.d/namedƒstart
Command Fails
You probably have a syntax error in one or more of the following files: named.conf,
named.technowidgets.com, or named.192.168.0. Check the files for errors.
In Linux, DNS Starts, But the ping and nslookup Commands
Do Not Work
The filenames in named.conf probably do not match the actual files in /var/named. For
example, the named.conf file contains the following line:
fileƒ"named.technowidgets.com";
Do you have a file with that name in var/named? To check, type the following command:
lsƒ/var/named/named.technowidgets.com
I Receive a Response from Some Hosts, But Not All
You probably have a typographical error in one of your host names.The most common
error is an FQDN without a period at the end of the name. Conversely, if you just have
a host name, make sure no period appears at the end.
USING WINS
TO
RESOLVE COMPUTER NAMES
IN
WINDOWS
WINS is another method for resolving names besides DNS. It is used by Windows NT
Workstation, Windows 95, and Windows 98 to resolve computer names in a LAN,
although these clients still use DNS to resolve host names for the Internet. WINS and
DNS serve different purposes in these older systems.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
174
Chapter 4
Name Resolution
Understanding Computer Names
Technically, computer names for Windows computers are called NetBIOS names. A
NetBIOS name is based on the NetBIOS interface, which was developed in the 1980s
to link software with network services and thereby allow computers to communicate
with one another. Each NetBIOS name was broadcast to every computer physically connected to other computers on the network, and the names could not be routed to other
networks. This scheme prevented computers on one network from accessing resources
on another network. WINS was created to act as a centralized database of computer
names and their associated IP addresses. For example, if you wanted to access a printer
on a computer named corp1, the printer software on your computer could look up the
IP address for the corp1 computer in WINS so it could communicate with the printer.
Installing WINS
Installing WINS is as easy as installing DNS. Both are components of networking services. The following procedures explain how to install WINS on Windows 2000 and
Windows 2003.
To install WINS on Windows 2000 or Windows 2003:
1. Insert the Windows CD in the drive. When the installation begins, click Exit.
2. In the Control Panel, double-click Add or Remove Programs.
3. Click Add/Remove Windows Components.
4. Scroll down and click the words Networking Services, but not the check
box next to it.
5. Click Details to display the available networking services.
6. Click the Windows Internet Name Service (WINS) check box.
7. Click OK to return to the Windows Components Wizard.
8. Click Next, and then click Finish to complete the installation of WINS.
Close the window.
Configuring WINS
From the client perspective, setting up WINS is as easy as setting up DNS.You enter the
IP address for the WINS server, and the WINS database is updated automatically every
time you turn on the computer.
To configure a WINS client for a Windows NT Workstation or server:
1. Right-click the Network Neighborhood icon on the desktop.
2. Click Properties. The Network dialog box opens.
3. Click the Protocols tab.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Using WINS to Resolve Computer Names in Windows
175
4. Click TCP/IP Protocol.
5. Click Properties.
6. Click the WINS Address tab.
7. Enter the IP address of the WINS server in the Primary WINS Server text box.
8. Click OK, and then click Close to finish configuring the WINS client.
The most common error in setting up WINS is forgetting to configure it on the server.
You might think that installing WINS on the server would automatically change the
server’s TCP/IP settings to include the server name in the WINS database, but it does
not.You have to configure WINS on the server just as you did on the workstation.
Administering WINS
Typically,WINS does not require much administration. Because it is a dynamic database,
it should add and delete names automatically. However, sometimes problems arise. For
example, a record might be stuck in the database and have to be deleted. Figure 4-18
shows an example of a WINS database with just the server on the network.
Figure 4-18
WINS database
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
176
Chapter 4
Name Resolution
Note that a single computer can have a number of entries. Not only are NetBIOS names
associated with the computer, but they are also associated with the group and the login
name. Even the server name web1 has two entries, which Windows uses to differentiate
between a computer used as a workstation and a computer used as a server.
CHAPTER SUMMARY
❒
DNS is an application that translates names to IP addresses and IP addresses to
names. These names exist in a hierarchical structure. At the top of the structure is
the root-level domain, which is where searches begin. The next level is the toplevel domain, which has names such as .com, .org, .uk, and .name that are controlled by ICANN. Second-level domain names include microsoft.com and redhat.com.
Often these domain names can be registered. Thus, if one is not already being used,
you can pay a fee and use it yourself.
❒
Servers come in many forms. Root servers know the location of the DNS servers
that take care of the top-level domains. Servers in the top-level domains know the
location of the servers in the second level, which are typically DNS servers controlled by an organization. At the level of these DNS servers are primary servers,
secondary servers, caching servers, and forwarding servers. The primary server
defines the hosts for a domain. The secondary server provides backup for the primary server. The caching server caches IP addresses of hosts requested by users. The
forwarding server passes requests to another DNS server when it cannot answer the
request itself.
❒
To configure DNS, you must configure a forward lookup zone and a reverse
lookup zone. The forward lookup zone translates host names to IP addresses. The
reverse lookup zone translates IP addresses to host names.
❒
To configure DNS files in Linux, you modify three text files. The /etc/named.conf
file contains the names of the zones and the names of the zone files. The other two
files are the zone files for forward and reverse lookups.
❒
You configure DNS files in Windows using a GUI. Windows provides more guidance during DNS configuration than Linux does, but the concepts underlying both
processes are exactly the same.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Review Questions
177
❒
Troubleshooting DNS problems involves using utilities such as ping, nslookup, and
dig. Ping tests basic connectivity. Nslookup can provide more detail about specific
DNS records. Dig offers detailed information about the DNS configuration. If you
find a problem, work through it step by step. The most common error is an FQDN
that does not end with a period.
❒
Although DNS is used on the Internet and DDNS is used for some Windows
operating systems such as Windows 2000, Windows XP, and Windows 2003, older
Microsoft operating systems need WINS to resolve names in a LAN.
REVIEW QUESTIONS
1. Name resolution means
.
a. translating names to IP addresses
b. translating IP addresses to names
c. both a and b
d. neither a nor b
2. DNS can be used for name resolution on the Internet and LANs. True or False?
3. The IP address 10.1.2.3 could be associated with
.
a. www.mycompany.com
b. mycompany.com
c. com
d. both a and b
4. At the top of the DNS hierarchy are the top-level domain names. True or False?
5. Linux.org is an example of a(n)
.
a. root server
b. TLD
c. SLD
d. XLD
6. Which of the following TLDs was added in 2000?
a. org
b. in-addr.arpa
c. pt
d. info
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
178
Chapter 4
Name Resolution
7. In which of the following TLDs can the general public register names?
a. pro
b. org
c. aero
d. coop
8. Second-level domains can be further subdivided into
.
a. subdomains
b. third-level domains
c. host-level domains
d. other-level domains
9. When you register a domain, how many DNS servers are required?
a. 0
b. 1
c. 2
d. 3
10. Which of the following is not a type of DNS server?
a. primary
b. secondary
c. forwarding
d. reversing
11. Which server type would be configured by the administrator to contain host names?
a. primary
b. secondary
c. forwarding
d. reversing
12. By having a local
server, response time for URL resolution
can be reduced significantly.
13. Which type of zone maps names to IP addresses?
a. forward
b. reverse
c. primary
d. secondary
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Review Questions
179
14. Which type of record is used in a reverse lookup zone file?
a. CNAME
b. A
c. MX
d. PTR
15. What does the @ mean?
a. the name of the server
b. the name of the zone
c. “at this time”
d. nothing; it is just a placeholder
16. In the line “@ IN SOA web1.xyz.com. admn.xyz.com. (”, admn refers to
.
a. an e-mail name
b. a host name
c. an alternative name of the DNS server
d. the secondary server
17. In an SOA record, the number for the refresh interval of 28800 is in
.
a. milliseconds
b. seconds
c. minutes
d. hours
18. In Linux, the name of the file that contains the names of the zone files is
.
a. zone.conf
b. conf.zone
c. named.conf
d. dns.conf
19. Which of the following would be correct for configuring a DNS client in Linux?
a. nameserver 10.1.1.1
b. name server 10.1.1.1
c. dnsserver 10.1.1.1
d. dns server 10.1.1.1
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
180
Chapter 4
Name Resolution
20. Which of the following utilities is not installed with Windows?
a. ping
b. nslookup
c. dig
d. All of the above are installed.
HANDS-ON PROJECTS
In the following projects, you will work with DNS. DNS should be installed and running before you perform the Hands-on Projects, except for Project 4-1, which guides
you through installing DNS on a Linux computer.
Projects 4-1 through 4-4 and Project 4-9 assume that you are logged on to Linux as the
root and that you are starting at a shell prompt in a terminal window. To open the terminal window, click the red hat icon, point to System tools, then click Terminal.
Project 4-1
Hands-on
Project
Complete this project only if you did not install DNS when you installed Linux in
Chapter 3.Although you can use the Konqueror file system manager to double-click the
package to install, you should learn how to install it from a shell prompt because that
procedure is the same on all Linux distributions that support rpm files.
To install DNS on your Red Hat system:
1. Open a terminal window.
2. Insert your Red Hat installation CD1 in the drive.
3. Make the CD available by mounting it. Type mount /mnt/cdrom, and press
Enter. Be sure to press the spacebar after typing “mount.”
4. Install the BIND software by entering the following command:
rpm –ivh /mnt/cdrom/RedHat/RPMS/bind-9*.
5. Be sure to type a space after “rpm”. Install the bind utilities by entering the following command:
rpm –ivh /mnt/cdrom/RedHat/RPMS/bind-util*
Be sure to type a space after “rpm”.
Your system is ready to be configured.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
181
Project 4-2
Hands-on
Project
The purpose of this project is to create a DNS server in Linux. The first step is to create a domain name and host addresses. Use the IP addresses shown in parentheses only
if your computer is not part of a network. If it is part of a network, your instructor will
have to assign IP addresses.
To create a domain name and host addresses:
1. Choose your own domain name and enter it below.You can be creative because
no organization is telling you what TLDs you can use.
Domain name:
2. Use the domain name and the IP address of your computer to create entries for
the IP address of the domain and web1.
IP address of your domain:
(192.168.0.100)
The host, web1, will have the same address as the domain. The hosts mail and
www will have the same addresses as web1. Earlier in the chapter, mail had a different IP address because typically a mail server is not on the same computer.
However, for the projects in Chapter 8, you will install the e-mail server on the
same computer.
3. Ask your instructor for the IP addresses for intranet and research and write them
in the following spaces.
IP address of intranet:
(192.168.0.150)
IP address of research:
(192.168.0.200)
To copy DNS configuration files to Linux directories:
1. Open a terminal window and insert the floppy disk with the DNS files from the
Chapter 4 folder of your data disk.
You will use the configuration files for technowidgets.com as a guide.
2. To make the floppy disk available for copying, type the following command:
mount /mnt/floppy
3. To copy the named.conf file to the /etc directory, type the following command:
cp /mnt/floppy/Chapter4/named.conf /etc/named.conf
4. Note the spaces after “cp” and “named.conf ”. In the following command, replace
x.com with your domain name. To copy named.technowidgets.com to
/var/named and rename it named.x.com, type the following command:
cp /mnt/floppy/Chapter4/named.technowidgets.com /var/named/
named.x.com
Make sure that the filename in /var/named matches the filename you configure
in named.conf for your domain name.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
182
Chapter 4
Name Resolution
5. In the following command, change the second occurrence of 0.168.192 with the
reversed network portion of your IP address. To copy named.0.168.192 to
/var/named, type the following command:
cp /mnt/floppy/Chapter4/named.0.168.192 /var/named/
named.0.168.192
6. Open the rc.local file in the rc.d directory, add the command that starts the DNS
server to the rc.local file (/etc/rc.d/init.d/named start) on a new line at the
end of the file.
Now you can modify the existing files or type them in from the beginning.
To create a DNS server in Linux for your domain:
1. At the shell prompt, type kedit /etc/named.conf.
A file opens, similar to the one shown earlier in Figure 4-8.Your objective is to
add references for a forward lookup zone and a reverse lookup zone. Replace
technowidgets.com with your domain. Be careful to create a reverse lookup zone
name that is the reverse of the network portion of your IP address. It should be
placed just before the last line:
zone "technowidgets.com" IN {
type master;
file "named.technowidgets.com";
};
zone "0.168.192.in-addr.arpa" IN {
type master;
file "named.0.168.192";
};
2. Create a forward lookup zone file.The name of your file is the reference you just
created in named.conf. For technowidgets.com, it was called named.technowidgets.com.
Type kedit /var/named followed by the name of your file. Press Enter. Create a
file that looks like the following code. Again, remember to replace the domain name
and IP addresses with your own.
$TTL 86400
@
IN
SOA web1.technowidgets.com. admn.technowidgets.com. (
2002072100 ; Serial
28800
; Refresh
14400
; Retry
3600000
; Expire
86400 )
; Minimum
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
IN
NS
IN
IN
183
web1
A
192.168.0.100
MX 10 mail.technowidgets.com.
web1
IN A
192.168.0.100
www
IN CNAME
web1
mail
IN CNAME
web1
intranet
IN A
192.168.0.150
research
IN A
192.168.0.200
3. Click the floppy disk icon to save the file and close the window.
4. Create a reverse lookup zone file. The name of your file is the reference you just
created in named.conf. For the network 192.168.0.0, it was named.0.168.192.
Type kedit /var/named/, followed by the name of your file, and press Enter.
Create a file that looks like the following code. Again, remember to replace the
domain name and IP addresses with your own.
$TTL 86400
@
IN
SOA web1.technowidgets.com. admn.technowidgets.com. (
2002072100 ; Serial
28800
; Refresh
14400
; Retry
3600000
; Expire
86400 )
; Minimum
IN
NS
web1
100 IN PTR
150
IN
200
IN
5. Click the floppy disk
Tip
web1.technowidgets.com.
PTR
intranet.technowidgets.com.
PTR
research.technowidgets.com.
icon and close the window.
Check the two zone files and make sure that each FQDN, such as
research.technowidgets.com., ends with a period. Missing periods are by far
the most common reason that the DNS server does not work.
6. Start the DNS server by typing the following command:
/etc/rc.d/init.d/named start
You cannot test the server until you configure the DNS client in Project 4-4.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
184
Chapter 4
Name Resolution
Project 4-3
Hands-on
Project
Add a second domain to an existing DNS server. Create only the forward lookup zone.
Notice how similar this project is to Project 4-2.You can use this technique to add as
many domains as you want.
To add a new domain to an existing DNS server.
1. In a terminal window, type kedit /etc/named.conf and then press Enter.
2. Type the following code starting on the next-to-last line of the file:
zone "dnstest.com" IN {
type master;
file "named.dnstest.com";
};
3. Click File on the menu bar, and then click Save to save the file.
4. Click File on the menu bar, and then click New to create a configuration file for
dnstest.com.
5. Type the following information. Although the information is almost the same as
that in Project 4-2, you enter the data in a different but equivalent format:
$TTL 86400
@
IN
SOA web1 admn.dnstest.com. (
2002072100 ; Serial
28800
; Refresh
14400
; Retry
3600000
; Expire
86400 )
; Minimum
dnstest.com. IN
NS
web1
dnstest.com. IN
A
192.168.0.100
dnstest.com. IN
MX
10 mail
web1.dnstest.com.
IN
A
192.168.0.100
www.dnstest.com.
IN
CNAME
web1
mail.dnstest.com.
IN
A
192.168.0.200
6. Click File on the menu bar, and then click Save As. The Save File As dialog
box opens.
7. In the Location text box, type /var/named/named.dnstest.com and then
click OK. This saves the file as named.dnstest.com in the /var/named directory—
the file name designated in Step 2.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
185
8. Close the kedit window.
9. Type /etc/rc.d/init.d/named restart, which will restart the DNS server so
you can test the new domain after completing Project 4-4.
Project 4-4
Hands-on
Project
Configure a DNS client in Linux to recognize multiple DNS servers. Get IP addresses
from two other student DNS servers on the network.The steps assume that other DNS
servers are located at 192.168.0.110 and 192.168.0.120. Configuring references for multiple servers is common practice—in case one DNS server is not available, you can then
use the next DNS server in the list.
To configure multiple DNS servers in Linux:
1. In a terminal window, type kedit /etc/resolv.conf and then press Enter.
2. The first line of the file should have the reference to the DNS server on your
computer. For example, if your IP address was 192.168.0.100, you would enter
nameserver 192.168.0.100 and press Enter.
3. Type the following lines, remembering to substitute the IP addresses given with
the IP addresses of the other student DNS servers:
nameserver 192.168.0.110
nameserver 192.168.0.120
4. Type the following line but replace the domain name with your own:
domain technowidgets.com
5. Click File on the menu bar, and then click Save.
6. You should be able to ping your Web server now. If your domain name was
technowidgets.com, you would type ping www.technowidgets.com. If you completed Project 4-3, you could ping the hosts you created.
7. Get the host names of the other student Web servers and use the ping utility to
make sure that the servers are resolving the names.
Project 4-5
Hands-on
Project
Install the DNS server. This project is required for Windows 2003 because you are not
given the option of installing DNS during the OS installation.With Windows 2000, you
could have installed the DNS server as you installed the operating system.
To install the DNS server in Windows 2003:
1. Insert the Windows installation CD. When the installation window opens, close it.
2. From the Control Panel, click Add or Remove Programs.
3. Click Add/Remove Windows Components in the left panel. The Windows
Components Wizard opens.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
186
Chapter 4
Name Resolution
4. Scroll down and click Networking Services, and then click Details.
5. Select the Domain Name System (DNS) check box, and then click OK.
6. Click Next to install the DNS server.
Project 4-6
Hands-on
Project
Create a DNS server in Windows 2003 based on your own domain name. First, gather
the information as you did in the first three steps in Project 4-2 for your own domain
name and IP addresses. Remember to replace technowidgets.com with your domain name
and the sample IP addresses with your addresses. To allow the other IP addresses for
intranet and research to work, you should add these IP addresses to your computer.You
will use them in subsequent chapters.
To add IP addresses in Windows 2003:
1. From the Windows 2003 Control Panel, point to Network Connections, and
then click Local Area Connection.
2. The Local Area Connection Status window opens. Click Properties. The Local
Area Connection Properties window opens. Click Internet Protocol
(TCP/IP).
3. Click Properties. The Internet Protocol (TCP/IP) Properties window opens.
4. Click Advanced. The Advanced TCP/IP Settings dialog box opens.
5. Under IP address, click Add. The TCP/IP Address dialog box opens.
6. Type the IP address and subnet mask for the intranet host. Click Add.
7. Add the IP address for the research host.
8. Click OK twice and close the windows.
To add a new zone using the wizard:
1. In Administrative Tools, click DNS. The dnsmgmt window opens. See Figure 4-9.
2. Right-click WEB1 (the name of your computer) in the left pane, and then click
Configure a DNS Server. The Configure a DNS Server Wizard opens. See
Figure 4-19. The first time you open this window, you may find the selections
disabled. If so, click the name of the computer.
3. Click Next. The Select Configuration Action dialog box opens. Click the Create
forward and reverse lookup zones option button to create a DNS server similar to the one described for Linux. See Figure 4-20.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
187
4
Figure 4-19
Configure a DNS Server Wizard
Figure 4-20
Select Configuration Action dialog box
4. Click Next. The Forward Lookup Zone dialog box opens. Keep the default of
creating a forward lookup zone now. Click Next.
5. The Zone Type dialog box opens. See Figure 4-21. Keep the default of Primary
zone. Note that you could also create a secondary zone, which gets its information from another server, or a stub zone, which just creates basic information.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
188
Chapter 4
Name Resolution
Figure 4-21
Zone Type dialog box
6. Click Next.
7. The Zone Name dialog box opens. See Figure 4-22. Enter your own domain
name for the zone, such as technowidgets.com.
Figure 4-22
Zone Name dialog box
8. Click Next. The Zone File dialog box opens. See Figure 4-23. Accept the default
filename based on your domain name.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
189
4
Figure 4-23
Zone File dialog box
9. Click Next. The Dynamic Update dialog box opens. See Figure 4-24. The two
choices determine whether you will accept dynamic DNS update from your network. Keep the default option button of Do not allow dynamic updates.
Figure 4-24
Dynamic Update dialog box
10. Click Next. The Reverse Lookup Zone dialog box opens. See Figure 4-25. Note
that it states that “Reverse lookup zones are usually necessary only if programs
require this information.”You are creating a reverse lookup zone in case programs
do require one.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
190
Chapter 4
Figure 4-25
Name Resolution
Reverse Lookup Zone dialog box
11. Accept the default of “Yes, create a reverse lookup zone now”. Click Next. The
Zone Type dialog box opens. It is the same as Figure 4-21 but now refers to the
reverse lookup zone. Keep the default of Primary zone.
12. Click Next. The Reverse Lookup Zone Name dialog box opens. Enter the network portion of your IP address. For a class C address, you would enter the first
three octets, such as 192.168.0. As you enter the address, the appropriate filename
is created in the other text box.
13. Click Next. The Zone File dialog box opens. Leave the default filename for your
reverse lookup zone file.
14. Click Next. The Dynamic Update dialog box opens. It looks like Figure 4-24
except that it is for the reverse lookup zone. Keep the default option button of
Do not allow dynamic updates.
15. Click Next. The Forwarders dialog box opens. Typically, the IP address of the forwarder belongs to your ISP. For this project, click No, it should not forward
queries.
16. Click Next. The Searching for Root Hints message box might open, followed by
the Completing the Configure a DNS Server Wizard dialog box opens. See
Figure 4-26. Note that settings are summarized.
17. Click Finish to exit the wizard.You may receive a message that the wizard could
not find root hints. That will not create a problem for these projects. Click OK.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
191
4
Figure 4-26
Completing the Configure a DNS Server Wizard
Now you have created the correct file structure. The next procedure is to fill the files
with information about the hosts in your Web environment such as www, intranet,
research, and mail.
To set up hosts for your domain:
1. In the dnsmgmt window, expand the left pane until you see the name of your
domain name under Forward Lookup Zones.
2. Right-click the name of your domain and then click New Host (A). In the
Name text box, type the name of your computer. In the IP address text box, type
the IP address of your server. Select Create associated pointer (PTR) record,
if necessary.
3. Click Add Host. The DNS message box opens stating that the record was added.
Click OK.
4. You return to the New Host dialog box so you can add more hosts. Add the hosts
research and intranet with different IP addresses. When you are finished adding
the extra hosts, click Done.
5. Next, you need to add a host for www. Because www is on the same computer and
you have already created a host name for the computer in Step 2, you will create an
alias for the name of the computer called www. Right-click the name of your
domain, and then click New Alias.The New Resource Record dialog box opens.
6. In the Alias Name text box type, www. For the Fully qualified name for target
host, type the name of the computer followed by a dot, followed by the name of
your domain. For example, if the computer name is web1 and the domain name is
technowidgets.com, type web1.technowidgets.com. However, do not add a dot
at the end. Click OK.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
192
Chapter 4
Name Resolution
7. Create an alias for the mail host as you did for www in the previous step, using
mail as the alias name. In this case, the mail server is at the same IP address as the
Web server. The “To add hosts to the DNS configuration in Windows” steps earlier in the chapter show how to create a mail server at a different IP address.
8. Although you have a host called mail, you have not set it up as a mail exchanger
so that e-mail server names can be resolved. Right-click your domain name, and
then click New Mail Exchanger.
9. Because you want to send mail to a host that corresponds to your domain name,
you need to leave the Host or domain text box blank. In the Mail server text box,
type the fully qualified host name for the mail server. For technowidgets.com, it
would be mail.technowidgets.com. Leave the priority at 10. Click OK.
To test your DNS server, complete Project 4-8.
Project 4-7
Hands-on
Project
Create a DNS server in Windows 2000 based on your own domain name. First, gather
the information as you did in the first three steps in Project 4-2 for your own domain
name and IP addresses. Remember to replace technowidgets.com with your domain
name and the sample IP addresses with your addresses. To allow the other IP addresses
for intranet and research to work, you should add these IP addresses to your computer.
You will use them in subsequent chapters.
To add IP addresses in Windows 2000:
1. In Windows 2000, right-click My Network Places, and then click Properties.
The Network and Dial-up Connections window opens. Double-click Local
Area Connection.
2. The Local Area Connection Status window opens. Click Properties. The Local
Area Connection Properties window opens. Highlight Internet Protocol
(TCP/IP).
3. Click Properties. The Internet Protocol (TCP/IP) Properties window opens.
4. Click Advanced. The Advanced TCP/IP Settings dialog box opens.
5. Under IP address, click Add. The TCP/IP Address dialog box opens.
6. Type the IP address and subnet mask for the intranet host. Click Add.
7. Click Add again and add the IP address for the research host. Click Add and
close the window.
8. Click OK twice and then close the windows.
To configure a DNS server in Windows 2000 with the wizard:
1. From the Control Panel, open the Administrative Tools window. Double-click
DNS to open the DNS window.
2. Right-click the name of your computer, and then click Configure the server.
The Configure DNS Server Wizard opens.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
193
3. Click Next. The Root Server dialog box opens. This is the first DNS server so
you should keep the default.
4. Click Next. The Forward Lookup Zone dialog box opens.You want to create a
forward lookup zone so you will keep the default.
5. Click Next. The Zone Type dialog box opens.You want to create a primary
server so you will keep the default of Standard primary.
6. Click Next. The Zone Name dialog box opens. Type the name of your domain
name (for example, technowidgets.com).
7. Click Next. The Zone File dialog box opens. It suggests a name based on your
zone (domain) name. Keep the default name.
8. Click Next. The Reverse Lookup Zone dialog box opens. Accept the default of
Yes, create a reverse lookup zone.
9. Click Next. The Zone Type dialog box opens. It is the same dialog box previously
displayed, except that this time it is for the reverse lookup zone. As in Step 5, keep
the default of Standard primary.
10. Click Next. The Reverse Lookup Zone dialog box opens. Remember that you
have to enter the network portion of your IP address. For example, the network
192.168.0.0 is entered as 192.168.0.
11. Click Next. The Zone File dialog box opens. Accept the default filename.
12. Click Next. The Completing the Configure DNS Server Wizard dialog box opens
with a summary of your actions.
13. Click Finish to exit the wizard.
Now you have created the correct file structure. The next step is to fill the files with
information about the hosts in your Web environment such as www, research, and mail.
To set up hosts for your domain:
1. In the DNS window, expand the Forward Lookup Zones folder in the left
pane.Your domain name appears in the window.
2. Right-click the name of your domain, and then click New Host. In the Name
text box, type the name of your computer. In the IP address text box, type the IP
address of your server. Select Create associated pointer (PTR) record.
3. Click Add Host. The DNS message box opens stating that the record was added.
Click OK.
4. You return to the New Host dialog box so you can add more hosts. Add the hosts
research and intranet with different IP addresses. When you are finished adding
the extra hosts, click Done.
5. Next, you can add a host for www. Because www is on the same computer and
you have already created a host name for the computer in Step 2, you will create
an alias for the name of the computer called www. Right-click the name of your
domain, and then click New Alias. The New Resource Record dialog box opens.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
194
Chapter 4
Name Resolution
6. In the Alias Name text box, type www. For the Fully qualified name for target
host, type the name of the computer followed by a dot, and then type the name
of your domain. For example, if the computer name is web1 and the domain
name is technowidgets.com, type web1.technowidgets.com (with no dot at the
end). Click OK.
7. Create an alias for the mail host as you did for www.
8. Although you have a host called mail, you have not set it up as a mail exchanger
so e-mail server names can be resolved. Right-click your domain name, and then
click New Mail Exchanger.
9. Because you want to send mail to a host that corresponds to your domain name,
you need to leave the Host or domain text box blank. In the Mail server text box,
type the fully qualified host name for the mail server. For technowidgets.com, it
would be mail.technowidgets.com. Leave the priority at 10. Click OK.
Project 4-8
Hands-on
Project
Configure a DNS client in Windows to recognize multiple DNS servers. Get IP addresses
from two other student DNS servers on the network.The steps assume that other DNS
servers are located at 192.168.0.110 and 192.168.0.120. Configuring references for multiple servers is common practice—in case one DNS server is not available, you can then
use the next DNS server in the list.
To add DNS servers to Windows:
1. In Windows 2003 from the Control Panel, point to Network Connections, and
then click Local Area Connection. In Windows 2000, right-click My Network
Places, and then click Properties. The Network Connections window opens.
Double-click Local Area Connection.
2. The Local Area Connection Status window opens. Click Properties. The Local
Area Connection Properties window opens. Highlight Internet Protocol
(TCP/IP).
3. Click Properties. The Internet Protocol (TCP/IP) Properties window opens. For
the Preferred DNS server, enter the IP address of your computer. For the
Alternate DNS server, enter the address of a second student’s computer that has
a DNS server.You need to add a text box for the third address you want to add.
4. Click Advanced. The Advanced TCP/IP Settings dialog box opens. Click the
DNS tab.
5. Click Add to add another DNS server.The TCP/IP DNS Server dialog box opens.
6. Enter the DNS server address of another student’s computer.
7. Click Add to add the IP address to the list of DNS servers and return to the
Advanced TCP/IP Settings dialog box. Notice the third address.
8. Click OK to return to the Internet Protocol (TCP/IP) Properties dialog box.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
9.
10.
11.
12.
13.
195
Click OK to return to the Local Area Connection Properties dialog box.
Click OK to return to the Local Area Connection Status window.
Click Close to return to the Network Connections window.
Close the Network Connections window.
Using the host names of the other student Web servers, use the ping utility to
make sure that the servers are resolving the names.
Project 4-9
Hands-on
Project
Set up a forwarding server to see the effects of a caching server.You need to work with
another student on this project. Before you start, make sure that /etc/resolv.conf has only
one entry for nameserver, and that the IP address is for your server.
To set up a caching server to use a forwarding server:
1. Get the IP address of the Linux server of another student who is running DNS.
2. In a terminal window, type kedit /etc/named.conf and then press Enter.
Immediately after the line “directory “/var/named” ” add the following line. It
assumes that the IP address of the other DNS server is 192.168.0.10:
forwarders {192.168.0.10; };
3. Click File on the menu bar, and then click Save to save the file.
4. Close the kedit window.
5. Restart your DNS server at a shell prompt by typing the following command and
then pressing Enter:
/etc/rc.d/init.d/named restart
6. To test the functionality of the forwarding server, ask the other student for a host
on the student’s DNS server. For example, if it is www.ecopolice.org, you would type
the following command in a terminal window and then press Enter:
ping www.ecopolice.org
Because your DNS server cannot resolve www.ecopolice.org, the server will forward
it to the other student’s DNS server for resolution.
7. Have the other student stop the DNS server by typing the following command
and then pressing Enter:
/etc/rc.d/init.d/named stop
8. From your computer, ping the host on the other student’s computer as you did in
Step 6. The command still works, even though the other student’s DNS server is
stopped, because you have a caching server. The name resolution was cached on
your DNS server, so it does not have to go to the forwarder to resolve the name.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
4
196
Chapter 4
Name Resolution
CASE PROJECTS
Case Project 4-1
Case
Project
You are starting a company on a tight budget.You can get a DSL line to your office with
a static IP address, but the ISP does not offer any DNS services. At this point you do not
want to set up your own DNS, so you want to find out if any companies offer such a
service. Somebody told you about UltraDNS.What exactly does this firm offer? Find at
least two other companies that will provide DNS servers for you.
Case Project 4-2
Case
Project
Think of a domain name for your new business.Where can you register the name? How
much does it cost? What information do you have to provide before you can register a
domain name?
Case Project 4-3
Case
Project
Congratulations—you just passed the bar exam.You now want to register a domain name
in the .pro TLD, which is reserved for professionals. What are the rules for registering
domain names in the .pro domain? Can your friend, who is a professional wrestler, register a domain, too?
Case Project 4-4
Case
Project
Find at least four Web sites that have information on BIND, the DNS software you used
with Linux.What is the current version of BIND? Which site is most helpful for someone who wants to configure DNS?
Case Project 4-5
Case
Project
Write a two- to five-page paper on the issue of security and DNS.What are some of the
problems? What are some of the solutions?
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
CHAPTER
5
MANAGING A SERVER
In this chapter, you will:
♦ Understand the Web server administrator’s view of server
management
♦ Examine networking models
♦ Learn how users are authenticated
♦ Manage users and groups
♦ Manage file system permissions
♦ Share resources in a network
♦ Enforce network policies
B
ecause Web server administration is a part of network administration, you
should understand the basics of server administration in a LAN environment and network issues in a typical organization. To help you plan the
structure and functioning of a network, you use networking models that
guide you in determining how users and computers work together.
Managing a server primarily involves controlling access to resources such as
files and printers.You can control two areas: users’ access to the server, and
what users can do once they access the server. You can control these areas
for users originating from the Internet as well as users on the LAN. One way
to manage user access is through user authentication, which makes sure that
only valid users gain access to the server. Although both Linux and Windows
share the same objective of controlling access, they implement security features
differently. The Windows operating systems are rich in LAN management
capabilities, whereas Linux focuses on the advantages of a multiuser server.
Although this chapter mainly focuses on the LAN user, most of the concepts
discussed here apply to controlling Web access, too.
197
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
198
Chapter 5
UNDERSTANDING
MANAGEMENT
Managing a Server
THE
WEB ADMINISTRATOR’S VIEW
OF
SERVER
When you learned about servers in Chapter 2, the focus was on the hardware—the computer and its capabilities. In this chapter, the focus is on the server software that allows
you to manage server resources. When sharing files on a Windows network, this kind of
software is an integral part of the operating system. When providing a Web page, the
Web server software is a separate product that works with the operating system. The
server computer can run more than one server software product. As a consequence, you
can use the same computer as a Web server and as your e-mail server and FTP server.
Before you as the Web administrator can allow access to the Web server, e-mail server,
and other Web applications, access controls need to be in place. In many organizations,
the Web server is not isolated from the LAN. Users on the LAN might be responsible
for updating Web pages for their departments.You might therefore need to handle a variety of LAN administrator tasks such as sharing folders that reside on your Web site and
setting permissions to control access to the folders.
The principles involved in controlling access from a LAN and from the Internet are similar. You need to make sure that the users who gain access to your server are valid. The
LAN operating system, in fact, is designed to ensure that users are valid. It is your job
to match the users with the resources they need. When controlling access from the
Internet, you have other options, however. Applications such as e-mail typically are based
on user accounts that are part of the operating system. Other applications, such as ones
requiring membership to a Web site, often rely on a database of user names and passwords
that might also contain other information about the user. If your Web site depends on
a database of user information, user names cannot be used to penetrate the operating
system, although storing user names and passwords in a database is not as secure as storing
them in the operating system. You need to explore the capabilities of the LAN environment to decide which approach is best in your case.
Although there are more UNIX/Linux Web servers than Microsoft Windows Web
servers, virtually all LAN workstations are Windows-based.The dominance of Windows
in LANs means that Microsoft alone can determine how computers communicate in the
LAN environment. As you will learn, the way computers communicate with a Windows
server in a LAN environment is very different from the way they communicate with an
Internet-based server such as a Web server. In contrast, all computers communicate with
a Linux server in a similar way, whether they are part of a LAN or connected only by
the Internet. Because of the Microsoft-based LAN environment, managing a Windows
server requires more planning and knowledge than managing a Linux server. You must
know the basics of being a LAN administrator because your Web server environment
might be integrated into the LAN.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Networking Models
199
EXAMINING NETWORKING MODELS
Because a server is part of a network, you should understand how a server fits into the
network before you can consider such issues as users, resources, and control. In this section, you examine two approaches to networking models.The first is the Microsoft LAN
approach to networking.The second is the client/server approach to networking, which
is the basic model used for Web and e-mail servers. Whereas Microsoft does employ the
client/server model for some network tasks, Linux primarily uses this model for all
functions.
Microsoft LAN Networking Models
You configure a Microsoft Windows LAN using one of two networking models: the
workgroup or the domain. The model determines how users are organized. The workgroup networking model, also known as the peer-to-peer model, considers each computer as an independent entity. Any access to resources on a computer depends on local
user accounts. The domain model, on the other hand, centralizes users and the control
of resources. Note that Microsoft’s definition of a domain in a LAN is not related to an
Internet domain.
Workgroup Networking Model
The workgroup networking model treats each computer in the network as an equal, or
peer. This model does not use a centralized server. Instead, each computer acts as both
a server and a client. When you allow other users to access resources on your computer,
your computer is acting as a server. When you access resources on another computer,
your computer is acting as a client. Because each user’s computer acts as a server, each
user must therefore be an administrator.
This decentralized approach has several disadvantages. First, most users are not interested
in learning about administration. Second, because each computer must have a complete
list of user names and passwords of other users wanting to access resources on the computer, security is compromised. It is also difficult to keep track of changing passwords.
When a user changes his or her password, the password must be changed on the other
computers that the user accesses. Because of these limitations, the workgroup networking model is best suited to small networks consisting of up to ten computers for which
security is not a major concern.
Figure 5-1 shows an example of a workgroup and its limitations. The user Mary Noia
(mnoia) can access the printer attached to Bob Cabral’s (bcabral) computer only if
bcabral does certain things. First, bcabral has to add mnoia’s user name and password to
the list of users. Second, bcabral must share the printer. Third, bcabral must specifically
allow mnoia to use the shared printer.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
200
Chapter 5
Managing a Server
User mnoia
Separate account
databases on each
computer
The workstation connected to the
printer needs the user names and
passwords of ajones and mnoia so
the printer can be shared with them
Printer
Figure 5-1
User ajones
The user mnoia can only
use a computer with her
account and password
User bcabral
Workgroup networking model
Domain Networking Model
The domain networking model uses one or more servers to centralize control. Instead of
each computer and user being independent, they are all part of a domain. This centralization allows an administrator to use a single point of control. With a single logon, the
user can be given access to any resource in the domain, as shown in Figure 5-2. Because
the user name and password are stored only once, changing the password does not have
the same negative effects that it would have in a workgroup network. In a workgroup
network, if you changed your password on your computer, you could not access resources
on other computers until your user name on the other computers was changed. Microsoft
suggests that you use the domain networking model for networks with more than ten
computers, which makes it the dominant networking model for LANs.
Client/Server Networking Model
In the client/server networking model, the client represents a program such as a browser
that accesses resources. The server is a program such as a Web server that provides
resources. The client and the server communicate using a protocol. You already know
that TCP/IP is a protocol suite, and that one of the protocols in this suite is HTTP.
Browsers and Web servers use HTTP to communicate.
Networking in Linux uses the client/server model. Each computer has its own database
of users and passwords. If you want to use a resource on another computer, you must
supply a user name and password on that computer.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Networking Models
Server
Common Active Directory database
is shared among servers and contains
information about all users and resources
Now mnoia can log on to network from
any workstation and access printer
201
Server
5
Printer
Figure 5-2
Domain network
You can designate one computer to act as a server and store hundreds or even thousands
of user accounts on it. On the client computer, you can use a program such as Telnet to
log on to the server. Using this configuration, everyone can share the applications and
resources on that centralized computer. A big difference between the client/server
approach and Microsoft’s domain model is that Linux typically lets you access only a single
computer at a time. In Microsoft, your identity can be carried throughout the network
to allow you to access any resources. Furthermore, when you use Telnet, for example, to
connect to a server, processing occurs on the server, not the client. With Windows, processing usually occurs at the client, not the server.
Even when you use a Web browser to connect to a Web page on another computer, you
first have to log on to that computer.Typically, the Web server provides a guest account
that it uses automatically when someone wants to access a Web page. A guest account is
a very restricted user account that can access only resources related to the Web site. A Web
server requires an account to be associated with anyone who accesses the computer.
Access to a server is controlled by a program that runs in the background, called a service
in Windows and a daemon (pronounced “demon” or “daymon”) in Linux. Multiple services can run simultaneously, such as a Web server and an e-mail server. Client programs
are designed to access the service. For example, a Web browser connects to a Web server,
an e-mail client connects to an e-mail server, and a Telnet client connects to a Telnet
server, even if both reside on the same computer.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
202
Chapter 5
Managing a Server
To allow all these server services to run on a single computer, the server uses port numbers to distinguish them. You can imagine ships sailing to specific ports in a certain city,
where each port has a specific purpose and can handle only certain types of cargo.
Likewise, a packet of data from a Web browser goes to a specific port on the Web server,
while a packet of data from an e-mail client goes to a different port. For example, the
default port for a Web server is 80, the port used to send e-mail is 25, and the port used
for DNS is 53. Each server application listens at a port, waiting for packets of data destined for it.The server sends data back to a client in a similar manner, with client programs
using ports to accept data from various servers. A detailed understanding of these concepts is critical in designing a secure environment for your Web server, e-mail server, and
other related applications.You will learn these details in Chapter 10 on securing the Web
environment.
AUTHENTICATING USERS
Authentication is the process of determining a user’s true identity. That is, when you
log on to a network or supply user information to a Web site, authentication is how the
system verifies whether you are who you say you are. Authentication involves two
processes. First, you need a mechanism such as user names and passwords to identify
users. Second, you need to know how secure the process is to get the identification information to the server. A complex password may not ensure security if it is sent to the
server in such a way that it is easy to intercept.
Identifying Authentication Methods
Networks can employ three methods to authenticate users. These methods can be used
alone or in combination with other security-related methods. You can prove your identity by using the following methods:
■
What you know
■
What you have
■
Who you are
The following sections examine these authentication methods in more detail.
What You Know
This method is the most common form of authentication, and it typically uses passwords.
That is, when you log on to a computer network, you are prompted to type a password
that you have chosen or that a network administrator has given to you.The password is
what you know. The computer bases its authentication on this password by checking it
against a list. If the password you typed matches a password on the list, you are allowed
access to the system. If it does not, you are locked out.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Authenticating Users
203
If you give your password to someone else, the computer grants this other person access
because the authentication scheme is based on knowing the password. In this case, the
security measure has not failed—the other person gained access by a legitimate authentication method.
What You Have
This method requires that you use a physical item, such as a key, for authentication. An
example would be an entry card that you insert into a card reader to gain access to a
room or building. Anyone who runs the card through the reader is granted access to the
building. In this case, the authentication is based on what you have.
Of course, if someone takes the card from you, he or she can enter the building even
though the card was originally given to you. Therefore, to create a more sophisticated
authentication system for entering the building, an administrator may require not only
a card, but also a password. Taking both a card and a password from someone is more
difficult. ATM cards, which use personal identification numbers (PINs), are based on this
combination of what you have and what you know.
Smart card logon became available with Windows 2000.The smart card contains information that provides the most secure logon procedure—namely, encrypted codes that
uniquely identify the user. Putting this information on a card is much more secure than
putting the information on a computer, because a computer is more readily accessible.
Who You Are
Biometrics is the science of connecting authentication schemes to unique physical
attributes. Examples of this method include using fingerprints, visual and photographic
identification, and voice recognition. Each method attempts to validate an individual’s
claim concerning his or her identity by verifying a specific physical characteristic.These
who you are methods of authentication are becoming increasingly common as the hardware verification tools become less expensive and the recognition tools are built into
operating systems.
Each of the three authentication methods is used in systems today, either individually or
in combination with the others. How they are implemented varies from system to system.
Implementing an Authentication System
If a network has older computers such as those running Windows NT,Windows 95, and
Windows 98, a server must use the NTLM (NT LanManager) protocol for authentication. It is not as secure as Kerberos, which is the default authentication protocol in
Windows 2000, Microsoft Windows Server 2003, and Windows XP. Both NTLM and
Kerberos are designed specifically for authenticating users who have accounts in the operating system. Windows has another mechanism, called certificates, for authenticating
users over the Internet. Certificates guarantee the identity of an organization or user.
Certificates will be fully discussed in Chapter 10.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
204
Chapter 5
Managing a Server
Using the NTLM Protocol
The NTLM protocol was first used with Windows NT. Service Pack 4 included version 2
of the protocol, which added a better security mechanism. Unfortunately, you can now
use many programs to crack these passwords. If users create passwords based on common
words, they can be found in a short time. Even complex passwords can be cracked given
enough time.
NTLM is used when anyone on a Windows NT workstation logs on to any Windows
server, even Windows 2003. This is one important reason to upgrade your workstations
to Windows 2000 or XP. NTLM is also used when a Windows 2000 user logs on locally
to a computer instead of a domain and then uses a network resource.The user name and
the password used to log on locally are sent to the server with the resource, such as a
shared folder.This technique to gain access to network resources should be discouraged
because it is not as secure as Kerberos.
Using Kerberos
Kerberos is an authentication system developed at the Massachusetts Institute of
Technology (MIT). It is designed to enable two parties to exchange private information
across an otherwise open network. Kerberos works by having an authentication server
assign a unique key, called a ticket, to each user who logs on to the network.The ticket
is then embedded in messages to identify the sender of the message and is used to grant
access to other resources. Many implementations of Kerberos are available, including a
free implementation available from MIT at web.mit.edu/kerberos/www. This site also provides more detailed information about Kerberos.
MANAGING USERS
AND
GROUPS
Users need accounts to access resources on a server. Even when the resource is a Web
page, the Web server has a default user account that it uses on your behalf. This default
account has restricted access, but at least allows you to view the Web page. In a LAN
environment, access to resources such as printers and files are controlled based on user
accounts. If a number of user accounts have common resource needs, the administrator
can organize them into groups. For example, suppose everyone in the accounting department needs access to the accounting software and the printers in the accounting department. All of these users could be organized into a single group. The users are members
of the group, and the administrator gives the group access to the resources. As resource
needs change, the administrator simply modifies the group’s access instead of setting new
access limits for each member of the group. This section discusses adding users and
groups; the next section focuses on giving the users and groups access to resources (that
is, managing file system permissions).
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing Users and Groups
205
Identifying Special Accounts
Applications that operate as a service need to use accounts to perform work tasks. For
example, assume that you have a DBMS such as MySQL on Linux or SQL Server on
Windows. Even though your personal user account does not have the access necessary to
modify the physical DBMS files that exist on the computer, when you use the DBMS, the
DBMS has the ability to modify its own files.The DBMS is associated with an account.
Windows has a special system account. The system account represents the operating
system and has many of the same privileges as the administrator. This powerful account
is a favorite target of hackers. If the hacker’s program becomes associated with a system
account or the hacker can manipulate a program associated with a system account, the
hacker has almost complete access to the computer. When you install SQL Server, for
example, you have the choice of using the system account or a user account that is created especially for operating under it. Normally, you would use the system account.
However, you should use a special user account if you have multiple computers with
SQL Server and they merge data.
Services such as the Web server use special, highly restricted accounts. When you install the
IIS Web server in Windows, for example, a guest user account is created to permit anonymous logon to the Web server. Basically, this user has only permission to read Web pages.
Tip
Be careful about deleting user accounts that you do not recognize. They could
be special accounts that are used by applications such as the Web server or
DBMS. By default, these special accounts are not displayed.
Linux implements daemons in a different way. Although Linux does not have a system
account, it does have the root account, which is similar.The root account has full access
to everything in Linux. Even though programs could run as if they were root, the standard in Linux is that each daemon is associated with an individual account that restricts
the daemon to specific directories and files. For instance, when you use the Red Hat
User Manager for the first time after installing Linux, you will find more than 30 users
already defined. (Your actual number may vary depending on the applications that you
chose when you installed Linux.) Figure 5-3 shows some of these users. Typically, these
user accounts are restricted so that they cannot be used to log on to a system.
Understanding Users and Groups in Windows
You need to create user accounts for individuals, and in some cases for applications, that
need access to your resources. Windows has two types of user accounts: local accounts
and domain accounts. When you create a local account on a computer, it exists only on
that computer and can be used to control access to resources on only that computer. When
you create a domain account, it is recognized throughout the whole domain. Recall that
a domain is a logical grouping of computers that administrators use to organize common
resource needs. A domain user can access resources on any computer in the domain.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
206
Chapter 5
Figure 5-3
Managing a Server
Default user accounts in Linux
Understanding Local User Accounts
Web servers typically have local user accounts. When you view a Web page or use FTP
to upload or download files, you are doing so while logged on as a local user.You would
add a local user if you wanted to give individuals the ability to use FTP to upload files
to their Web directory. Although some user accounts are necessary, you should add only
the ones that are absolutely essential to a server that is connected to the Internet. After
all, the more users you have, the more opportunities hackers have to gain access to
your system.
The user name is the account name that users need to log on to the computer. When
you set up your user accounts, establish a consistent naming convention. For example,
you could use the first letter of the user’s first name plus the last name. A user named
Cristina Salinas would then have the user name CSalinas. Although the steps to add a
user appear later in this section, Figure 5-4 shows the principal dialog box involved.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing Users and Groups
207
5
Figure 5-4
New User dialog box in Windows 2003
In the New User dialog box, the Full name and Description text boxes are optional,
but are useful to help you remember the details of the account.The password can be up
to 128 characters, and you can use all the symbols on a keyboard. Make sure that passwords are difficult to discover because hackers (and even coworkers) can easily obtain
programs that can find passwords.The more complex the password, the more difficult it
is to discover. Here are some rules to follow when creating passwords:
■
Include at least eight characters.
■
Use a mix of uppercase and lowercase letters and numerals.
■
Use non-alphanumeric symbols.
■
Do not use a recognizable word as part of the password.
Tip
To create a complex password that is easy to remember, start by thinking of
an easily remembered sentence such as, “I really want to go to San Diego.”
Replace any occurrence of “I” with a 1. Replace a “to” with 2. Alternate
uppercase and lowercase letters. Add one or more symbols. Now you have:
1Rw2G2sD:). This password would be extremely difficult to crack.
The four check boxes in the New User dialog box let you control account properties.
By default, Windows selects the “User must change the password at next logon” check
box. This option forces the user to change the password the next time he or she logs on
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
208
Chapter 5
Managing a Server
to one that the administrator does not know. If you uncheck “User must change password
at next logon,” two check boxes become available. One is “User cannot change password.”
Select this check box for a common account that is used by more than one person. An
administrator is then responsible for changing the password and notifying the users.
Select the “Password never expires” check box if you are creating a user that is associated
with a service. In this case, you want the service to run without having to change a password every 42 days, which is otherwise the default. Select the “Account is disabled” check
box if you want to suspend the use of the account but do not want to delete it. For
example, if a user were taking a six-month family leave, you could disable her account.
In the following steps, you add a user called ajones with a password of pass in Windows 2000
or Windows 2003.
To add a user account:
1. From the Control Panel, open the Administrative Tools window, and then
open Computer Management.
2. In the left pane of the Computer Management window, click the plus sign
(+) next to Local Users and Groups.
3. Click the Users folder. The current users for this computer appear in the
right pane of the Computer Management window.
4. To add a user, click Action on the menu bar, and then click New User. The
New User dialog box opens. (Refer back to Figure 5-4.)
5. In the User name text box, type ajones.
6. For the Full name, type Arda Jones. For the description, type Director of
Accounting.
7. In the Password text box, type pass.
8. Type the same password (pass) in the Confirm Password text box. Because
you entered a password that is not secure, make sure the “User must change
password at next logon” check box is selected.
9. Click the Create button. Windows creates a new user account for the user
named ajones.
10. Close all open windows.
Understanding Domain Accounts and Active Directory Services
Although Web servers often use only local accounts, there are typically other servers in
the Web environment that have more complex requirements. For example, you can set
up an e-mail server with Microsoft Exchange 2000. Microsoft Exchange 2000 requires
the capabilities of the Active Directory (AD) service. AD allows users to use only a
single logon for the whole network. All resources throughout the network are then
available to them, including those outside their own domains. AD organizes the domains
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing Users and Groups
209
in your network so you can administer them as a whole. It requires DNS, which you set
up in Chapter 4.
AD is designed for large networks. Any server that has AD is called a domain controller.
Domain controllers share information about the network. If one domain controller cannot be contacted, the other domain controllers can take over its duties.
Windows has two modes for AD servers. Mixed mode allows Windows NT domain
controllers to communicate with Windows 2000 and Windows 2003 domain controllers.
Native mode allows only Windows 2000 and Windows 2003 domain controllers to
communicate. The main advantage of native mode is its more efficient use of server
resources, because this mode does not have to support two different ways of keeping
track of users and computers. Another advantage of using native mode is that you have
an additional group type, Universal, which is described in the following section. When
AD is installed, the default is mixed mode. If you change it to native mode, you cannot
go back to mixed mode.
Computers and other resources in AD follow the same naming format as the naming
scheme that the Internet uses.That is why AD requires DNS. A major planning decision
is whether the internal naming scheme, or namespace, should match the external namespace. If both are the same, your logon name (internal namespace) would be the same as
your e-mail name (external namespace). For example, if your domain is technowidgets.com,
your user with the account ajones could use [email protected] for both a logon
name and an e-mail name. If you keep the namespaces separate, configuration would be
more flexible because for the external namespace, you need to focus on only those computers that will be accessed from the Internet.You could then use a DNS like the one you
created in Chapter 4, and it could reside either within your organization or at your ISP.
Once AD is installed, you add users with a special administrative tool called Active
Directory Users and Computers.The process is similar to the one you used to add a new
user in the previous steps, except that there are two possibilities for logon names. For
Windows 2000 and Windows 2003, the logon name looks like an e-mail address, such as
[email protected], although you can still enter the user name alone, such as ajones.
Installing the Active Directory Service in Windows
To configure Microsoft Exchange in Chapter 8, you need to install the Active Directory
service. Doing so significantly changes the setup of your operating system, so this step
is not like adding DNS or another Windows component. To install AD on a Windows
computer, you run the dcpromo.exe program from a command prompt. If you decide
later that you do not want AD, you can uninstall it by running dcpromo.exe again.
To install the Active Directory service for technowidgets.com using Windows:
1. Click Start, click Run, type dcpromo.exe, and then press Enter to start the
Active Directory Installation Wizard.
2. In the Welcome to the Active Directory Installation Wizard dialog box,
click Next.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
210
Chapter 5
Managing a Server
3. Windows 2003 only: The Operating System Compatibility dialog box opens,
explaining that Windows 95 and Windows NT 4.0 SP3 and earlier cannot log
on to a Windows 2003 domain. Click Next.
The Domain Controller Type dialog box opens, allowing you to specify the
type of domain controller you want to set up. See Figure 5-5. If there was an
existing domain, you could add this computer to it. For this procedure, you
want to create a new domain controller.
Figure 5-5
Domain Controller Type dialog box
4. Accept the default of Domain controller for a new domain by
clicking Next.
5. Now you have to determine how the new domain fits into your network.
Windows 2003 uses one dialog box to gather this information and
Windows 2000 uses two dialog boxes.
In Windows 2003: In the Create New Domain dialog box, you need to specify
how the new domain will fit into your network. See Figure 5-6. This domain
could be a child domain within an existing domain, a domain in a new forest,
or a domain tree in an existing forest. In this chapter, assume that it is the first
domain controller in the organization, so accept the default of Domain in a
new forest by clicking Next. Note that if you were creating an independent
domain within an existing network, you would most likely create a domain
tree in an existing forest.
In Windows 2000: In the Create Tree or Child Domain dialog box, accept the
default of Create a new domain tree by clicking Next. Accept the default
of Create a new forest of domain trees by clicking Next.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing Users and Groups
211
The other option permits you to create a domain within a domain, which is
called a child domain. In the Create or Join Forest dialog box, you determine
whether the new domain is the first domain in the organization, which is the
default, or you decide to place it in an existing forest.
5
Figure 5-6
Create New Domain dialog box
6. In the New Domain Name dialog box, type the fully qualified domain name
that the DNS uses. In the text box, type the name of your domain, such as
technowidgets.com. See Figure 5-7. Click Next.
Figure 5-7
New Domain Name dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
212
Chapter 5
Managing a Server
7. In the NetBIOS Domain Name dialog box, the first 15 characters of the
domain name up to the dot appear in the Domain NetBIOS name text box.
In the case of technowidgets.com, TECHNOWIDGETS appears as the default.
The NetBIOS domain name is used in Windows operating systems created
before Windows 2000. See Figure 5-8. Click Next.
Figure 5-8
NetBIOS Domain Name dialog box
8. In the Database and Log Folders dialog box (called the Database and Log
Locations dialog box in Windows 2000), accept the default locations for
storing the Active Directory database and log. See Figure 5-9. The default is
to store them in the WINDOWS folder in Windows 2003, and the WINNT
folder in Windows 2000. Your drive may differ from the one shown in the
figure. Click Next.
Figure 5-9
Default locations in the Database and Log Folders dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing Users and Groups
213
9. In the Shared System Volume dialog box, accept the default location for the
shared system volume. As with the Database and Log folders, the default
location is the SYSVOL folder in the Windows folder in Windows 2003 and
the WINNT folder in Windows 2000. Windows uses the information in this
folder to send to other domain controllers. Click Next.
10. In Windows 2003: The DNS Registration Diagnostics dialog box opens if you
installed DNS as described in Chapter 4. See Figure 5-10. In Chapter 4, you
installed a DNS that would be used only for the Internet. Now that you are
creating a domain controller, you need to allow dynamic updates. Click the
Install and configure the DNS server on this computer, and set this
computer to use this DNS server as its preferred DNS server option
button. This will use your existing configuration files and add only dynamic
updates. Click Next.
In Windows 2000: The Configure DNS dialog box opens, stating that DNS is
not available, which means that dynamic updates are not available. Accept
the default of Yes, install and configure DNS on this computer
(recommended) to keep your existing configuration files by clicking Next.
Figure 5-10
DNS Registration Diagnostics dialog box
11. In the Permissions dialog box, click the Permissions compatible only
with Windows 2000 or Windows Server 2003 operating systems
option button. In Windows 2000, this is the Permissions compatible only
with Windows 2000 servers option button. Selecting this option indicates
that you do not have any Windows NT domain controllers on this network.
Click Next.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
214
Chapter 5
Managing a Server
12. In the Directory Services Restore Mode Administrator Password dialog box,
type password in the Password and Confirm Password text boxes, and then
click Next. This password would be used to enter the restore mode of AD,
which should be restricted to only those administrators who know how to
use this advanced mode (which is why a separate password is required for this
mode). On a production server, you would use a more complex password.
13. The Summary dialog box lists the choices that you have made. Review them
and then click Next.
Windows installs and configures AD. A window notifies you of the steps that
are occurring, which can take a few minutes. After Windows creates and configures the databases necessary for AD, the Completing the Active Directory
Installation dialog box opens. Click Finish to exit the wizard.
14. Windows 2000 only: You might receive a message stating that your zone already
exists. If this happens, click OK. DNS will still be configured correctly.
15. A message box appears, asking whether to restart the server. Click the
Restart Now button. It will take longer than normal to restart as Windows
finishes the configuration.
Configuring Groups in Windows
You use groups to organize common needs among users.Typically, these needs are related
to accessing resources such as printers and files. For example, only certain people may
require access to a high-speed color printer. You would put the user accounts of those
people needing to use this printer into a group, and then you would give the group access
to the color printer. You could use the same technique to restrict the actions of a specific group of users while using a Web site.
If you do not install AD,Windows has only one local group, which you use for your local
users. With AD, you can assign users to two types of groups. One type is called a security group; you use the groups in this category to assign permissions to users and thereby
control access. You use the other type, called a distribution group, for combining users
for other purposes, such as e-mailing groups of users. This chapter discusses only the
security groups and assumes that AD is running in native mode.
Three types of security groups exist. Domain local groups have members from the
same domain. You can use such groups to assign permissions to resources in the same
domain. Global groups have members from the same domain, but you can use them
to assign permissions to resources in any domain. Universal groups can have members
from any domain, and you can use them to assign permissions to resources in any
domain. What a group can have as members varies by group. Besides user accounts,
members of domain local groups can include local groups from the same domain, global
groups, and universal groups. Global groups can have other global groups as members,
and universal groups can have other universal groups and global groups as members.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing Users and Groups
215
When you create a user account, the account becomes a member of a group called
Users if the network has no domain, and a member of the Domain Users group if it
does have a domain. Both of these groups are built-in groups. That is, when you install
Windows, they are created automatically to help with managing users.
Tip
Windows has a number of other built-in groups. The most commonly used
are Domain Admins and Administrators, for administrators; Account
Operators, who can administer user accounts; and Server Operators, who can
shut down the server, back up data, and restore data.
Understanding Linux User and Group Accounts
Setting up user accounts in Linux is simpler than the equivalent process in Windows. Like
Windows local users, Linux users have permissions only on the computer where the user
account is created. Linux offers two ways to create users. You can use the command-line
utility useradd, which is found in all Linux distributions. Alternatively, you can use a GUI
tool. Remember that you can use either the GNOME or the KDE windowing environment, and that a number of Linux distributions are available, so the GUI tools vary.
Historically, the most popular GUI tool was linuxconf. Red Hat has deprecated linuxconf
in favor of the company’s own tool, called the Red Hat User Manager.This chapter uses
the Red Hat tool, but the others work in a similar fashion.
When you add a user in Linux, you specify the properties of the user account.Table 5-1
lists these properties.
Table 5-1
Properties of user accounts in Linux
Item
Description
User name
Logon name of the user
Full name
The full name of the user or any comment
Password
The password must be at least six characters
Home directory
The default is /home/username
Group
The default is to create a group with the same name as the user
Login shell
The default is /bin/bash, which determines the characteristic of the shell
environment
In the following steps, you will set up a new user account in Linux for a user named
Mary Noia. You will use mnoia as her user name and Azore$ as her password.
To add a user with the Linux Red Hat GUI:
1. Click the Red Hat icon on the Panel, point to System Settings, and click
Users and Groups. See Figure 5-11.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
216
Chapter 5
Figure 5-11
Managing a Server
Red Hat User Manager
2. In the Red Hat User Manager window, click Add User. The Create New
User dialog box opens, as shown in Figure 5-12.
3. In the User Name text box, type mnoia for the user name and then press
Tab. The Home Directory text box shows /home/mnoia, which is the
default location for user directories.
4. Press the Tab key to move the insertion point to the Full Name text box.Type
Mary Noia, and then press the Tab key to move to the Password text box.
5. Type Azore$ in both the Password and the Confirm Password text boxes.
6. Click OK to create the user. You return to the Red Hat User Manager window, where you can now see an entry for mnoia.
The window now displays a single entry for mnoia. To view all the system users, click
Preferences on the menu bar, and then click Filter system users and groups.
Now that you know how to add a user with the GUI tool, you should also know how
to add a user using the command-line version because it is available on all Linux distributions. To add the user ajones with a password, you must complete two steps. You use
useradd to add the user and then use passwd to create a password. You cannot use the
ajones account until you create a password.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing Users and Groups
217
5
Figure 5-12
Create New User dialog box
To add a user using useradd and passwd in Linux:
1. From a shell prompt, type useradd ajones and then press Enter. This creates
the user and the user’s home directory, which is /home/ajones.
2. Type passwd ajones and then press Enter to start the utility to change the
password for ajones.
3. Type NorthDakota as the password, press Enter, and then type the password
again to confirm it. Now ajones can log on to the server.
4. To display the user you just added, click the Red Hat icon, point to System
Settings, and then click Users and Groups.
5. Close the Red Hat User Manager window.
When you create a user, Linux enters information in three files.The first file is /etc/passwd,
shown in Figure 5-13, which is a text file that contains user names and information
related to user names.You can edit this file directly to change the full name of the user
or other attributes. However, this file does not contain passwords. Instead, Red Hat
Linux stores the encrypted passwords in the second file, /etc/shadow. The information
is kept separated so that only the person who logs on as root (the superuser) and the
authentication application can read /etc/shadow. Some distributions of Linux leave the
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
218
Chapter 5
Managing a Server
encrypted passwords in /etc/passwd, which can be more easily cracked by hackers. By
default, a group is created with the same name as the user account and then stored in
/etc/group.
Full name
Home directory
Login shell
Group ID
User ID
Password stored in
/etc/shadow
User name
Figure 5-13
The /etc/passwd file
Figure 5-13 shows a partial listing of users in /etc/passwd. Items in the /etc/passwd file
are separated by a colon (:). The “x” in the second position represents the password,
which is actually stored in /etc/shadow.The next-to-last line is for Mary Noia, who was
the first user added.The number 500 appears in two places.The first 500 represents the
user ID (uid).The second 500 represents the group ID (gid). By convention, uids less
than 100 are reserved for special system users and programs. Red Hat starts numbering
users at 500 instead of 100.The root user has a uid of zero and a gid of zero—the defining factor for the root account is the zeros for uid and gid. You could change the account
name from root to whatever you want, however. In Chapter 10, you will use these uid
and gid number ranges to secure your Web server.
MANAGING FILE SYSTEM PERMISSIONS
Permissions allow you to control access to the resources on a computer. A resource may be
a Web page, a document, a program, or a printer. You give permissions to users and groups.
File system permissions exist in Windows only if you format a hard disk using NTFS.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing File System Permissions
219
Managing File System Permissions in Windows
File system permissions in Windows offer more detailed control than their counterparts
in Linux. Windows 2000 has 13 individual file system permissions organized into six standard permissions; only one is geared toward folders. Windows 2003 adds a new standard
file permission called Special Permissions, plus a new individual file system permission
called Full Control.This section focuses on the standard permissions, which are listed in
Table 5-2. All the permissions are the same for folders and files except the List Folder
Contents permission, which is for folders only. When a permission is set at a folder level, the
permission applies, by default, to the files in the folder and is inherited by all subfolders.
Table 5-2
Windows permissions
Permission
Description
Full Control
Full Control includes all other permissions, such as Modify and Read,
and allows you to take ownership of the file or folder and change the
attributes of a file.
Modify
To modify a file, you need to be able to read it and write it. Because
the modification could be to delete the contents, this permission lets
you delete a file. When you have this permission, you have Read,
Write, Read & Execute, and List Folder Contents permissions.
Read
With this permission, you can read files but cannot execute them. For
example, you can view a text file or your local program can read a
configuration file. You must have at least Read permissions in all folders
above the folder containing the file. For example, if you have permission
to read a file called test.cfg in C:\config\app, but you do not have
Read permission in config and app, you cannot read test.cfg.
Write
When set on a file, this permission allows you to write to files. When
set on a folder, you can write to the folder, meaning that you can
create and delete files in the folder.
Read & Execute
In addition to the Read permission, this permission allows you to run
programs. It also includes the List Folder Contents permission.
List Folder Contents
This permission allows you to view the contents of a folder. It can only
be set at the folder level. It allows you to see the files and folders inside
the folder.
Special Permissions
(Windows 2003 only)
This is not a specific permission. Under the list of permissions for users,
when this permission is checked, it means that this user has one or
more of the 14 individual permissions set. These individual permissions
are combined to form the other permissions in this table, which are
appropriate in the vast majority of circumstances.
If a user is a member of multiple groups that have certain permissions on a folder or file,
the permissions are typically added together. For example, if the Users group has Read
permission and the Managers group has Write permission, and you are a member of both
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
220
Chapter 5
Managing a Server
groups, then you have both Read and Write permissions. When a particular permission
is denied, that denial takes priority over when it is allowed. For example, if you were a
member of Users and Managers, and also a member of a group that was denied the Read
permission, you would have only the Write permission.
Configuring File System Permissions in Windows
Assume that you just created a folder called config, a subfolder called app, and a file in
app called test.txt. In Windows 2003, the default settings for users are Read & Execute.
But what if you wanted to allow users to write to the file? You have to configure the
properties of the file and click the check box next to the Write permission in the Allow
column. Figure 5-14 shows the default settings for the test.txt file.
Figure 5-14
Setting Write permissions on a file
In the dialog box shown in Figure 5-14, the Read & Execute (and the related Read)
permission is gray, meaning that it inherited its permissions from the permissions listed
above it. The Special Permissions check box is grayed because the special permissions
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing File System Permissions
221
are actually set on another screen, shown by the Advanced button. In the following steps,
you will set the Write permission on the test.txt file.
To create a sample file called test.txt in Windows 2003 or 2000:
1. Right-click Start, and then click Explore.
2. In the left pane, click the drive that corresponds to the root of the Windows
installation. Typically, it is labeled Local Disk (C:) if you just installed one
version of Windows. The contents are displayed in the right pane.
3. Click File on the menu bar, point to New, and then click Folder. A text
box and a folder icon opens.
4. Type config, which is the name of the folder, and then press Enter.
5. Double-click config to display the contents in the right pane.
6. Click File on the menu bar, point to New, and then click Text Document.
A text box and a text icon opens.
7. Type test.txt, and then press Enter.
To set a file permission in Windows 2003:
1. In Windows Explorer, right-click test.txt, and then click Properties on the
shortcut menu. The test.txt Properties dialog box opens.
2. Click the Security tab. You use this property sheet to assign permissions to
the test.txt file.
3. In the Group or user names window, click Users to allow changes for user
accounts in the Users group.
4. Click the Write check box in the allow column to allow the users who have
accounts in the Users group to have Write permission on the test.txt file.
5. Click OK to close the dialog box.
It is more difficult to do the same thing in Windows 2000, because when you installed
it, the default permission gave full control to Everyone, a special group that includes anyone logged on to the computer.The Users group, by default, includes all Users, although
users can be deleted from the Users group. In the following steps, you will give the Users
group the Write permission along with the default Read & Execute permissions and
allow only the Administrators group to have the Full Control permission.
To add the Write permission to Users and the Full Control permission to Administrators
using Windows 2000:
1. Make sure that you have created a file called test.txt.
2. In Windows Explorer, right-click test.txt, and then click Properties on the
shortcut menu. The test.txt Properties dialog box opens.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
222
Chapter 5
Managing a Server
3. Click the Security tab. You use this property sheet to assign permissions to
the test.txt file. See Figure 5-15.
Figure 5-15
Default settings in the Security tab of the test.txt Properties dialog box in
Windows 2000
4. Click the Add button to select the Administrators group and define the permissions for administrators with regard to this file.
5. In the Select Users, Computers, or Groups dialog box, click Administrators,
and then click Add. Notice that the Administrators group appears in the
lower dialog box. See Figure 5-16.
6. Click OK to set permissions for Administrators. The test.txt Properties dialog
box now shows that the Administrators group has only Read & Execute permission, which is the default.
7. Click the Full Control check box in the Allow column, which also selects
the other check boxes in the Allow column.
8. Click Add to start the process of setting permissions for the Users group.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing File System Permissions
223
5
Figure 5-16
Select Users, Computers, or Groups dialog box
9. In the Select Users, Computers, or Groups dialog box, click Users and then
click Add. Now the Users group appears in the lower dialog box instead of
the Administrators group that you saw in Figure 5-16.
10. Click OK to set permissions for Users.
11. In the test.txt Properties dialog box, click the Write check box in the
Allow column.
12. Next, you should remove the group Everyone because you want to control
users through the Users group instead of the Everyone group. The Users
group can be controlled by adding and deleting users, but you have no control over the Everyone group. Any nonguest user logged on is automatically
part of the Everyone group. Click Everyone to see the permissions set for
this group. The check boxes in the Allow column are grayed, meaning that
these permissions are inherited. To remove Everyone, click the Allow
inheritable permissions from parent to propagate to this object
check box to uncheck it.
13. In the security warning dialog box, click Remove to remove the inherited
permissions for the Everyone group and keep Administrators and Users in
their current folder.
14. Click Users to review the permissions you set. See Figure 5-17.
15. Click OK to save the changes.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
224
Chapter 5
Figure 5-17
Managing a Server
Setting Write permission for members of the Users group
Managing File System Permissions in Linux
To better understand file system permissions in Linux, you have to understand the file
system itself. Linux does not have a file system equivalent to the Windows FAT file system, which does not have any security. (All Linux file systems have security.) In Linux,
a directory is nothing more than a file that contains other files. This structure helps in
determining what the permissions allow you to do. Linux directories correspond to folders in Windows.
Linux has three permissions that you can apply to directories and files: read, write, and
execute. Table 5-3 describes these permissions.
Table 5-3
File and directory permissions in Linux
Permission type
When used with files
When used with directories
Read
Read a file or copy a file
List the contents of a directory
Write
Write to the file, including deleting the file
Create files
Execute
Execute programs and shell scripts, which
are text files containing Linux commands
Modify the file permissions
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing File System Permissions
225
The read, write, and execute permissions can be applied to three categories of users.
First, they can be set for the owner of the file. When a file is created, ownership is given
to the user who created it. Second, the permissions can be set for a group that is assigned
to the directory or file.Third, you can set permissions for accounts that are not members
of the group. This approach is different from Windows. In Windows, the file or folder
remains separate from the permissions assigned to it.Thus, in Windows, you could have
dozens of groups and users with differing permissions assigned to a single file. In contrast, in Linux, the permissions are part of the file. Groups exist only in the context of
the file. As a consequence, there can be only one group assigned to a file and only one
user assigned to the file. In Windows, zero or more users and groups can be assigned
permissions in a file. In Linux, the three categories are the only assigned permissions,
and they are assigned to every file.
Because three sets of permissions are assigned to every directory and file, the designers
of Linux had to come up with an efficient method of designating permissions. Their
approach was to have three bits represent each set of permissions.The first bit corresponds
to the read permission and has a value of 4. The second bit corresponds to the write
permission and has a value of 2.The third bit corresponds to the execute permission and
has a value of 1. The permission can either be described as a single digit ranging from
0 to 7 or a combination of r, w, and x. Table 5-4 lists the various combinations of permissions, which are always represented as rwx, meaning read, write, and execute permissions, respectively.The dash (-) indicates that no permissions are set for that item. For
example, r-x means that the write permission is not given, only the read and execute. For
a directory, the execute permission allows you to use the directory name when accessing
files in it. The numeric equivalent can be used to change permissions.
Table 5-4
Linux permissions
Permissions r = 4, w = 2, x = 1
Numeric equivalent
---
0
--x
1
-w-
2
-wx
3
r--
4
r-x
5
Rw-
6
rwx
7
The primary utility for changing permissions is chmod.The format of the chmod utility is chmod nnn name, where nnn represents the three digits for each of the three
permissions and name represents the name of the directory or file. Each digit corresponds to one of the numeric values in Table 5-4.The first digit represents the permission for the owner.The second digit is for the group, and the third digit is for everyone
else. Table 5-5 shows several examples of using the chmod utility.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
226
Chapter 5
Table 5-5
Managing a Server
Using chmod to set permissions
Command
Permissions
Owner
Group
Other
chmodƒ755ƒmyfile
rwx
r-x
r-x
chmodƒ540ƒmyfile
r-x
r--
---
chmodƒ744ƒmyfile
rwx
r--
r--
Linux provides another way to use chmod. Instead of setting all the permissions at once,
you can change existing permissions.To do so, use the following syntax: chmod x +|p filename. The x represents which set of permissions is being changed. The values
can be u for user, g for group, o for others, s for user and group, and a for all sets of
permissions.The a is the default.The + or the - designates whether the permission will
be added or deleted.The p represents the permissions. Instead of digits, you use a combination of r, w, and x. Table 5-6 lists some examples.
Table 5-6
Use of the chmod command
Command
Description
chmodƒg+rxƒmyfile
For members of the group for myfile, add the read and execute
permissions.
chmodƒo-wx+rƒmyfile
For anyone outside of the group for myfile, delete the write and
execute permissions and add the read permission.
chmodƒ+rwxƒmyfile
Change all the permissions for myfile to rwx. Because there was
no designator, the a, for all sets, is assumed.
To display the permissions for a file or directory, you use the -l modifier of the ls command that is used to list the contents of a directory. The -l contains the letter “l,” not
the digit one. It stands for long listing. For example, the command ls -l may produce
the following output:
drwxr-xr-xƒ2ƒajonesƒƒƒajonesƒƒƒ1024ƒƒOctƒ17ƒ11:38ƒƒapps
-rw-r—r—ƒ1ƒajonesƒƒƒajonesƒƒƒƒ349ƒƒDecƒƒ3ƒ10:44ƒƒmyfile
-rwxrwxrwxƒ1ƒrootƒƒƒƒƒrootƒƒƒƒƒ3245ƒƒOctƒ18ƒ12:12ƒƒmfile
The first line states that it is a directory because the character in the first position is a d.
The permissions for the owner are rwx, the permissions for the group are r-x, and the
permissions for others are r-x.The owner is ajones.The group is also ajones.The size of
the file is 1,024 bytes.The file was last modified on October 17 at 11:38 A.M.The name
of the directory is apps.
Figure 5-18 shows how to create file permissions to allow others to edit a file.Then you
change the permissions to allow others to create files in a directory. In Figure 5-18, the
text after the “#” prompt is what you type.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Managing File System Permissions
227
5
Figure 5-18
Exploring file permissions in Linux
To explore file permissions in Linux:
1. In a terminal window, create the /test directory by typing mkdir /test and
pressing Enter.
2. Change to the /test directory by typing cd /test and pressing Enter.
3. Type cp /etc/named.conf . and press Enter to copy the named.conf file
from /etc to your current directory (the /test directory). Be sure to include the
ending dot, which indicates the current directory. You will change the permissions of the named.conf file.
4. Type ls -l and press Enter. A file listing appears, similar to the one shown
earlier in Figure 5-18. The permissions allow the owner (root) with read and
write permissions.
5. To allow others write permission, type chmod 646 named.conf and
press Enter.
6. Type ls -l and press Enter to see the changes to the named.conf file. Now
you could log on as any user and edit the file. However, when you save the
file after editing it, Linux would warn you that it could not make a backup of
the file. Although you can change the file, you need write permissions in the
/test directory to make a backup of the file. By default, the permissions for
the /test directory are rwsr-xr-x.
7. To allow others to create files in the directory using the alternate form of
chmod, type chmod o+w /test and press Enter.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
228
Chapter 5
Managing a Server
SHARING RESOURCES
IN A
WINDOWS NETWORK
Sometimes a user needs files on other computers. If you have the needed files, you can
share the folder with the rest of the Windows network. When you create a shared folder,
you need to set permissions on it. Although you will learn how to share folders in this
section, note that the steps for sharing a printer are similar. You need to determine who
can access the shared folder and what they can do. For example, you may just want the
user to read files from your folder but not store new files there. You have already learned
about file system permissions. Shares have their own permissions, though they are not as
complex as those for files. Linux has only three permissions, which are listed in Table 5-7.
Table 5-7
Permission
Share permissions
Description
Full Control
Allow files to be added, deleted, changed, and read
Change
Allow existing files to be written to
Read
Can only read files
When you compare the permissions on a shared folder to the file system (NTFS) permissions that were described earlier, note that the most restrictive permissions always
take priority. For example, if the shared folder has given a user Full Control, but the
underlying NTFS permissions are Read & Execute, the effective permissions are Read
& Execute. If the shared folder permission is Read and the NTFS permission is Full
Control, the effective permission is Read. It can be confusing to keep track of the differences between shared folder permissions and NTFS permissions. Microsoft suggests
that you set shared folder permissions at Full Control and then implement the restrictive permissions using NTFS permissions.
To create a shared folder named config using Windows 2000 or Windows 2003:
1. In a previous section, you created a folder called config that you will modify.
In Windows Explorer, right-click the folder config, and then click Sharing
and Security (on Windows 2000, Sharing) on the shortcut menu. The config Properties dialog box opens to the Sharing tab.
2. To share the config folder with other users, click the Share this folder
option button.
3. The name of the shared folder appears in the Share name text box. By default,
the name of the share is the same as the folder name. See Figure 5-19.
Click the Permissions button to open the permissions for the config
folder, which indicates that, by default, everyone gets Read permission for
Windows 2003 but Full Control for Windows 2000. Click OK to return to
the config Properties dialog box.
4. Click OK. The icon for the config folder changes, indicating that it is shared.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Sharing Resources in a Windows Network
229
5
Figure 5-19
config Properties dialog box showing the shared folder
If you want to access a folder that is stored on another computer, that folder must first
be set up as a shared folder.Then the shared folder on the other computer can become
a virtual drive on your computer. A virtual drive is a drive that does not physically
exist on your computer. For example, when you install Windows, it creates a partition
to which it assigns the identifier C:.Your CD-ROM drive may be drive D. Both C: and D:
are physical drives. In contrast, a virtual drive assigns a drive letter to a shared folder on
another computer. Microsoft uses the term map a drive, meaning that the folder corresponds (maps) to a drive letter. Actually, you can even map a drive using a shared folder
on the same computer for practice.
To map a drive to a shared folder in Windows:
1. In Windows Explorer, click Tools on the menu bar, and then click Map
Network Drive.
2. The Map Network Drive dialog box appears. In the Folder text box, assuming
that the name of the server with the share is web1, type: \\web1\config.
See Figure 5-20. Your drive letter may be different.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
230
Chapter 5
Figure 5-20
Managing a Server
Map Network Drive dialog box
3. Click Finish to create the mapping. You can now access the config folder
from your computer. It appears on the left panel of Windows Explorer.
Note that the icon for the config mapped drive now represents a network
connection.
ENFORCING NETWORK POLICIES
You may want to exert even more control over users who have an account on your network. You can set network policies in both Windows and Linux, although Windows has
significantly more policies. Both Windows and Linux, however, have policies concerning passwords. For example, you can set policies such as the number of days before the
user’s password must be changed.
Enforcing Network Policies in Linux
In Linux, network policies are part of the entries in the /etc/shadow file. As you
learned earlier, the /etc/shadow file contains the encrypted password for each user. It
also contains network policies. The items are separated by a colon (:) and appear in a
specific order.
The following is an example from /etc/shadow:
mnoia:$3498jhhd8:11816:20:40:10:15:12379:-1
Table 5-8 explains each of the fields in the record.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Enforcing Network Policies
Table 5-8
231
Fields in the /etc/shadow record
Field
Description
mnoia
User account name
$3498jhhd8
Encrypted password
11816
Starting at January 1, 1970, the number of days since the password was
changed
20
The number of days before a change is allowed
40
The number of days before a change is required
10
The number of days of warning before a change is required
15
The number of days before the account becomes inactive after the password
has expired
12379
The number of days since January 1, 1970, that the account is set to expire
-1
Reserved field
Although you can manually change the file, doing so is prone to error. The Red Hat
User Manager—the GUI that you used when you added a user account—is a better
choice.To change the user information, select a user account and then click Properties.
The expiration of the user account appears under the Account Info tab. Figure 5-21
shows the information under the Password Info tab with the Enable password expiration check box selected.
Figure 5-21
Password Info tab of User Properties dialog box for mnoia
Enforcing Network Policies in Windows
The number of network polices in Windows changed drastically from Windows NT to
Windows 2000 and Windows 2003. Windows NT has a fraction of the policies available
in Windows 2000 and Windows 2003. Windows 2000 and Windows 2003 call network
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
232
Chapter 5
Managing a Server
policies group policies. You can set up a hierarchy of group policies, with one group
policy overriding the policies in another group. Group policies exist only under Active
Directory. Windows 2000 and Windows 2003 have similar policies.
To display the default domain group policy in Windows 2000 and Windows 2003:
1. In Windows 2003: In the Control Panel, point to Administrative Tools, and
then click Active Directory Users and Computers.
In Windows 2000: In the Control Panel, double-click the Administrative Tools
icon, and then click Active Directory Users and Computers.
2. Right-click the name of your domain, such as technowidgets.com, and
then click Properties on the shortcut menu.
3. In the technowidgets.com Properties dialog box, click the Group Policy tab.
The default Domain Policy is selected.
4. Click Edit to open the Group Policy window.
5. In the left pane of the Group Policy window, under Computer
Configuration, expand Windows Settings, expand Security Settings,
expand Local Policies, and then click User Rights Assignment. The user
rights you can assign appear in the right pane. See Figure 5-22.
Figure 5-22
Group Policy window in Windows 2003
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Chapter Summary
233
As you can see in Figure 5-22, the left pane of the Group Policy window also displays
categories. Windows has two major groups of policies: computer configuration policies
and user configuration policies. Each category has three subcategories: software settings,
windows settings, and administrative templates. You can explore this area to find hundreds of settings. The default settings allow you to configure what the settings will be
when you add a new computer or user to the network.This is very different from Linux,
in which settings are specified after the user is created.
The right pane displays the policies related to User Rights Assignment, which you
selected in Step 5. In the left pane, under the Policy Setting column, you can define
which users or groups apply to this setting.
CHAPTER SUMMARY
❐
The Web Administrator’s view of server management focuses on controlling access
to resources but from a different perspective. Typically, the Web server has a guest
user account that allows people to contact the Web server without having a user
account and password. However, the Web server can also be connected to the LAN,
so LAN techniques for controlling access are important as well.
❐
Networking models are split between the methods typically used in a LAN and the
client/server networking model. The Microsoft LAN models are divided between
the workgroup networking model, in which each computer stores user accounts for
that computer, and the domain networking model, in which user accounts are
stored in a central location. The workgroup networking model is designed for
groups of 10 or fewer computers. The domain model is designed for larger groups.
The client/server networking model uses programs running on the server and
client programs that access them. Examples include a Web server and Telnet, the
technique that people use to log on to a Linux server.
❐
Authenticating users is based on a combination of three things: (1) what you know,
such as a user name and password; (2) what you have, such as a smart card; and (3)
who you are, or biometrics. Kerberos is the most secure method introduced to date
in the Microsoft environment to authenticate. Under some circumstances, however,
NTLM is still used. NTLM is used with Windows NT, for example, but hackers
have many tools available to crack passwords with this system.
❐
At the core of the security system are the user accounts and the groups created to
organize users. You should put users into global groups, assign global groups to
local groups, and then assign permissions to local groups. Microsoft servers can
operate in two modes. First, they can be standalone servers that just have local
user accounts; this is the typical mode for Web servers. Second, they can be
domain controllers. In Windows 2000 and Windows 2003, this means adding the
Active Directory service. AD is a comprehensive repository of information related
to users, computers, and other resources on a network.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
234
Chapter 5
Managing a Server
❐
File system permissions in Windows are more detailed than those in Linux.
Windows 2000 has 13 primary permissions and Windows 2003 has 14. By default,
permissions are inherited, meaning that when you set permissions in a folder, the
same permissions will be applied in subfolders and files. You can assign many groups
and users permissions to a single folder or file in Windows. Linux has three permissions: read, write, and execute. The file system assigns permissions in each directory
and file for the owner of the file, the group associated with the file, and all others.
❐
You can share folders and printers in a Windows network. The permissions available
on a shared folder are Full Control, Modify, and Read.These permissions are used in
conjunction with the underlying NTFS permissions. Once a resource is shared, you can
map a drive to it, thereby creating a virtual drive that is associated with the folder.
REVIEW QUESTIONS
1. The LAN networking model that involves a centralized user accounts database is
.
a. workgroup
b. domain
c. client/server
d. both b and c
2. The LAN networking model that involves user accounts on each computer is
.
a. workgroup
b. domain
c. client/server
d. both b and c
3. Which LAN networking model is also known as peer-to-peer?
a. workgroup
b. domain
c. client/server
d. AD
4. Which networking model is related to the way Web servers work?
a. workgroup
b. domain
c. client/server
d. AD
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Review Questions
235
5. The default authentication method in Windows 2000 and Windows 2003 is
.
6. Which of the following Windows operating systems first used the NTLM protocol?
a. Windows 2003
b. Windows 2000
c. Windows NT
d. Windows 98
7. The
is a special account in Windows that represents the operating system.
8. One of the first things you should do when you install Windows or Linux is to
delete all the user accounts that you do not recognize so as to increase security.
True or False?
9. Linux has an account that corresponds to the Windows system account that is
typically used when installing programs that use daemons. True or False?
10. A domain is
.
a. a group of up to 10 computers
b. a group of up to 10 users
c. a logical grouping of computers, users, and resources
d. another word for permissions
11. By default, passwords in Windows expire in
days.
12. AD stands for
.
13. Mixed mode and native mode are related to
.
a. PDC
b. AD
c. BDC
d. NTLM
14. Once you convert from mixed mode to native mode, you cannot go back to
mixed mode. True or False?
15. Once you install Active Directory, you cannot uninstall it. True or False?
16. In Linux, which file typically has passwords?
a. /etc/shadow
b. /etc/passwd
c. /etc/userpasswords
d. passwords are not in a file
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
236
Chapter 5
Managing a Server
17. In Windows, the Modify permission does not include which of the following
permissions?
a. Read
b. Write
c. Read & Execute
d. List Folder Contents
18. The shell command to change a password in Linux is
.
19. The shell command to add a user in Linux is
.
20. Network policies in Windows 2003 are called
.
HANDS-ON PROJECTS
Project 5-1
Hands-on
Project
The following project assumes that Active Directory has already been installed on your
computer. In this project, you add a user in Windows by creating your own user name
and password.
To add a user in AD:
1. In Administrative Tools, open the Active Directory Users and
Computers window.
2. Right-click Users, point to New, and then click User. The New Object - User
dialog box opens.
3. Enter the first and last name of the user. Notice how the system fills in the full
name for you.
4. In the first User logon name text box, enter the first letter of the first name, followed by the last name. The system fills in the logon name for pre-Windows 2000
computers.
5. Click Next. Enter the password in both text boxes. Leave the default check boxes.
6. Click Next. The dialog box displays a summary of what you entered. Click
Finish to create the user.
To determine the properties of an AD user and change one in Windows:
1. Double-click the user you created in the previous set of steps to display the properties for that user. Click the Account tab to configure the user account options.
2. Scroll the Account options and then click Smart card is required for
interactive logon. Click OK.
3. Log out of the administrator account and log on as the user you just modified.
Can you log on? What message do you receive?
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
237
Project 5-2
Hands-on
Project
Although Active Directory is common in LANs because it offers more control over users,
you do not usually make the Web server an Active Directory domain controller on a LAN
because doing so requires extra processing. In this project, you uninstall Active Directory.
You only need to reinstall AD if you want to install the Microsoft Exchange 2000
e-mail server in Chapter 8. After you uninstall AD, you will add a local user account
in Windows 2000 or Windows 2003 and modify its properties.
To uninstall Active Directory in Windows:
1. Open a Command Prompt window, type dcpromo.exe, and then press Enter.
The Welcome to the Active Directory Installation Wizard opens.
2. Click Next. A message box opens stating that “This domain controller is a Global
Catalog server. Global Catalogs are used to process user logons. You should make
sure other Global Catalogs are accessible to users of this domain before removing
Active Directory from this computer.” Because you are not using a real domain,
you do not need to accommodate other domain controllers. Click OK.
3. The Remove Active Directory dialog box opens. A warning states that if this is the
last domain controller in your domain, you will lose your user accounts. Click the
This server is the last domain controller in the domain check box and then
click Next.
4. In Windows 2003: The Application Directory Partitions dialog box opens. Click
Next to delete the application directory partition. In the Confirm Deletion dialog
box, select the Delete all application directory partitions on this domain
controller check box, and then click Next. The Administrator Password dialog
box opens. You must observe complexity rules for the password that you enter in
this dialog box so you cannot type “password.” Type Lisboa& and then click Next.
In Windows 2000: The Network Credentials dialog box opens, requesting the user
name and password of the Enterprise Administrator. Note that in a large network
this could be different from the administrator in a single domain. In the User name
text box, type Administrator and in the Password text box, type password.
Click Next.
The Administrator Password dialog box opens. In effect, you are being demoted
from an Enterprise Administrator of the domain to an administrator for this single
server. In the Password text box, type password, and type password again in the
Confirm Password text box. Click Next.
5. The Summary dialog box opens, stating that you are going to remove Active
Directory. Click Next.
6. A message box opens and describes the progress of configuration, which can take
several minutes. The Completing the Active Directory Installation Wizard opens.
Click Finish.
7. A dialog box opens explaining that you must restart Windows, click Restart
Now to have the changes you made take effect.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
238
Chapter 5
Managing a Server
In Windows 2003, you must create a secure password. To make it easier to remember
your password, you can change the administrator password back to “password.”
To change the administrator password:
1. After you log on as administrator, press Ctrl+Alt+Del. The Windows Security
dialog box opens.
2. Click the Change Password button. The Change Password dialog box opens.
3. Type your old password in the Old Password text box. If you are using
Windows 2003, your old password is Lisboa&. In the New Password and
Confirm New Password text boxes, type password. Click OK.
4. The Change Password message states that your password has been changed.
Click OK.
5. The Windows Security dialog box opens. Click the Cancel button.
To add a user and determine the capabilities of a user:
1. Create a user called lcamoes with a full name of Luis de Camoes and a
description of Writer with a password of pass.
2. Log on as lcamoes and change the password.
3. Try to add a user. (Recall that you add a user in the Administrative Tools window,
which you can open from the Control Panel.) Were you successful?
4. Try to add a group. Were you successful?
5. Try to change the description of lcamoes from Writer to Poet. Were you successful?
6. In the left pane of the Computer Management window under System Tools,
Event Viewer has four categories of events. Double-click each category. Which
ones can you see? Which ones are blocked from viewing?
7. Log off as lcamoes.
As an administrator, you can modify the properties of the users. In the following steps,
you will modify lcamoes so he can become a member of the built-in group called Power
Users. Being a member of the Power Users group increases a user’s permissions on the
system. In this project, you explore some of these new capabilities.
To modify the properties of lcamoes and test them:
1. Log on as an administrator.
2. Open the Properties dialog box for lcamoes.
3. Click the Member Of tab.
4. Click Add to start adding lcamoes to a group.The Select Groups dialog box opens.
5. In Windows 2003: Type Power Users in the Enter the object names to select
text box.
In Windows 2000: Select Power Users and then click Add.
Click OK to return to the lcamoes Properties dialog box. Power Users is now listed
on the Member Of tab.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
239
6. Click OK to close the lcamoes Properties dialog box.
7. Log off as administrator and log on as lcamoes.
8. Repeat Steps 3-7 in “To add a user and determine the capabilities of a user.”
What has changed now that lcamoes is a Power User?
Project 5-3
Hands-on
Project
Create a group called tech in Windows and add the user you created in Project 5-2 to
the group. Give this group full control over the \inetpub directory.
To create a group called tech:
1. In Administrative Tools, open Computer Management.
2. Click the plus sign (+) next to Local Users and Groups.
3. Click Groups.
4. To add a group, click Action on the menu bar and then click New Group.
5. For the group name, type tech.
6. Click Create to create the group.
7. Click Close to close the New Group dialog box.
You now have a group called tech that appears in the right pane of the Computer
Management window. Now you want to add a user.
To add a user to a group in Windows 2000:
1. Double-click tech in the right pane of the Computer Management window.
2. Click Add to add a user. The Select Users or Groups dialog box opens.
3. In the top text box, scroll down to the user that you created and select it.
4. Click Add to add the user to the bottom text box.
5. Click OK in the Select Users or Groups dialog box, which adds the user to the
Members area of the properties for the tech group.
6. Click OK to accept the changes to the tech group.
To add a user to a group in Windows 2003:
1. Double-click tech in the right pane of the Computer Management window.
2. Click Add to add a user.
3. When you are asked for the user name, suppose that you are not sure of the name
you used. Click Advanced in the Select Users dialog box to search for the user.
4. Click Find Now in the Select Users dialog box. All the users and groups are listed.
5. Click the user you created, and then click OK in the Advanced option of the
Select Users dialog box to add the user to the object names text box.
6. Click OK in the Select Users dialog box, which adds the user to the Members
area of the properties for the tech group.
7. Click OK to accept the changes to the tech group.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
240
Chapter 5
Managing a Server
To give the tech group Full Control in the \inetpub folder:
1. In Windows Explorer, display the \inetpub folder.
2. Right-click inetpub, and then click Sharing and Security (Sharing in
Windows 2000).
3. Click the Security tab.
4. In Windows 2003: Click Add to add a group to the directory. The Select Users or
Groups dialog box opens. In the text box, type tech.
In Windows 2000: In the top text box, select the tech group and then click Add.
5. Click OK to add the tech group to the list of groups for \inetpub. Notice that
the tech group is highlighted. What are the default permissions?
6. Click the Full Control check box.
7. Click OK to close the inetpub Properties dialog box.
Project 5-4
Hands-on
Project
In Windows, create a folder called apps in the root of your drive and allow the user you
created in Project 5-1 or 5-3 to have the Read permission, and administrators to have
the Full Control permission. You can work in either Windows 2000 or Windows 2003
but, as you learned from the text, the steps are different.
To create the folder apps in Windows:
1. Right-click Start, and then click Explore.
2. Click the drive letter that is the default for your operating system. Because there
could be more than one operating system, the drive letter may not be C. In the
Windows Explorer window, it will be the drive with a dash (-) next to it.
3. Now the right pane shows the folders in the root of the drive. Right-click in the
right pane, point to New, and then click Folder.
4. Type apps, and then press Enter to create the apps folder.
To share the apps folder with Read & Execute permissions in Windows:
1. Share the folder as apps.
2. Click Permissions. What are the default share permissions?
3. Select the Security tab. What are the default folder permissions for Users?
Notice that the share permissions and the file permissions are different.
To test the share from another computer in Windows:
1. From another computer, open Windows Explorer.
2. Click Tools on the menu bar, and then click Map Network Drive. The Map
Network Drive dialog box opens. Leave the drive letter as the default.
3. Click the link to Connect using a different user name.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
241
4. Type the user name and password of the user that you created earlier, and then
click OK.
5. The easiest way to map a drive to a folder is to use the IP address. For example, if
the IP address is 192.168.0.100, you would type \\192.168.0.100\apps.
6. Click Finish. A window opens with the contents of the apps folder. It should be
empty. Drag a file to the apps window. Did it succeed?
Project 5-5
Hands-on
Project
The Red Hat Linux User and Groups utility makes it easier to manage users than do
the command-line utilities. Once you add a user, it is beneficial to understand the capabilities of the new user.
To add a user and determine the capabilities of a user in Linux:
1. Use the Red Hat User and Groups utility to create a user called lcamoes with a
full name of Luis de Camoes and a password of password. What is the name of
the login shell? Where is the home directory?
2. Log on as lcamoes and change the password.
3. Try to add a user. Were you successful?
4. Change your password to password1 by using the command passwd. Were you
successful?
5. Find your current directory by typing pwd at a command prompt. What is it?
6. Create a directory in your current directory. Type mkdir test, and then press
Enter. Were you successful?
7. Create a directory in the usr directory. Type mkdir /usr/test, and then press
Enter. Were you successful?
8. Create a directory in the tmp directory. Type mkdir /tmp/test, and then press
Enter. Were you successful?
9. Display a long listing of the root directory. Type ls -l, and then press Enter. What
is the difference between the permissions for /usr and the permissions for /tmp?
10. Log out as lcamoes.
Project 5-6
Hands-on
Project
Once you create a user, you need to understand which file permissions the user has and
how to modify them.
To check permissions and set permissions for lcamoes in Linux:
1. Log on as root.
2. Create a directory in the home directory of lcamoes. In a terminal window, type
mkdir /home/lcamoes/test2, and then press Enter. Were you successful?
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
5
242
Chapter 5
Managing a Server
3. Look at the permissions for /home/lcamoes. What do they tell you about who
can create directories and files in the directory? The root user is not constrained
by permissions.
4. Create a directory called /usr/lcamoesapp.
5. Display a long listing of the /usr directory. What are the permissions for
/usr/lcamoes? What does the rest of the entry display for this directory?
6. Change the owner of the directory to lcamoes. Type chown lcamoes
/usr/lcamoesapp, and then press Enter. (Be sure to insert a space after
“lcamoes”.)
7. Display a long listing of the /usr directory. What is different about the entry for
/usr/lcamoesapp? Can lcamoes create directories and files in this directory now?
8. Change the permissions for /usr/lcamoesapp so others cannot read or execute
files in this directory.
9. Create a file and store it in /usr/lcamoesapp.
10. Create a user called cbranco.
11. Log on as cbranco and try to edit the file you created in /usr/lcamoesapp. What
error message do you receive?
Project 5-7
Hands-on
Project
Although the text described sharing folders in Windows networks, you can share directories in Linux using NFS (Network File System). Once you select the directory to
share, any computer with NFS client software can access the information. NFS allows
you to set up security in a variety of ways, including determining who has access, what
the permissions are once the user accesses the directory (read/write), and what IP
addresses are allowed.
On the client side, you use the mount command to associate a local directory with the
remote shared directory. This technique is similar to mounting a CD.
To share the /var directory in Linux:
1. Click the Red Hat icon, point to Server Settings, and then click NFS Server.
The NFS Server Configuration dialog box opens. See Figure 5-23.
2. Click Add to add a shared directory. The Add NFS Share dialog box opens. See
Figure 5-24. Besides filling in the text box with the name of the directory, you
can specify which hosts can access it. The hosts can be specific computers or network address ranges.
3. In the Directory text box, type /var to share the /var directory. You can leave the
permission at Read-only but, as the option button states, you could change it to
Read/Write to give you the ability to change the contents.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
243
5
Figure 5-23
NFS Server Configuration dialog box
Figure 5-24
Add NFS Share dialog box
4. In the Host(s) text box, type the network portion of your IP address to allow only
computers on your network to access the directory. For example, if your IP
address was 192.168.0.100, you would type 192.168.0.0/24. The “24” means that
there are 24 bits in the subnet mask of this network, which is equivalent to
255.255.255.0.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
244
Chapter 5
Managing a Server
5. Click OK to add the NFS share. Now the NFS Server Configuration window has
an entry for the directory that you just shared.
6. Click Apply to save the changes. A warning message box opens stating, “The
NFS service is not currently running. Do you wish to start it?” Click Yes to start
the NFS service.
Now that you have the NFS server running, you can mount the directory from any other
Linux computer on the same network. If another Linux computer is not available, you
can use the same computer to configure an NFS client.
To connect to an NFS share in Linux:
1. Create a directory that you will use to mount the NFS share. Because the directory called mnt already exists, you will use it to add a reference to the var directory. Open a terminal window and, at the shell prompt, type mkdir /mnt/var
(be sure to insert a space after “mkdir”).
2. Now that you have a new directory, you want to associate it with the NFS share.
In the following, replace the IP address with the address of your NFS server. Type
mount 192.168.0.100:/var /mnt/var, and then press Enter. (Note that there is
a space after mount and another space before /mnt/var.)
3. Now the contents of the /mnt/var directory are actually /var on the NFS server.
Type ls /mnt/var, and then press Enter. You now see the contents of the /var
directory on the NFS server. Type ls /mnt/var/www, and you will see the
contents of the /var/www directory on the NFS server.
4. To stop using the NFS share, type umount /mnt/var, and then press Enter.
Project 5-8
Hands-on
Project
Change the properties for lcamoes that you created in Project 5-5. You can modify a
number of settings for users, such as setting expiration dates for accounts and forcing
users to change passwords. If you set expiration dates or lock an account, it is a good
idea to know what the user will see when he or she tries to log on and fails. The user
does not always get a descriptive message explaining what happened to the account.
To modify user properties for lcamoes and test their effects in Linux:
1. In the User and Groups utility, highlight lcamoes and click Properties.
2. Click the Account Info tab. See Figure 5-25.
3. Select the Enable account expiration check box. Enter a date before today’s
date to force an expiration.
4. Click OK to save the change to the properties for lcamoes.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Case Projects
245
5
Figure 5-25
Account Info tab of the User Properties dialog box
5. Log out and log back on as lcamoes. Were you successful? What was the message?
6. Log on as root. In the Account Info tab of the properties for lcamoes, clear the
Enable account expiration check box and select the User account is locked
check box.
7. Log out and log back on as lcamoes. Were you successful? What was the message?
8. Log on as root. In the Account Info tab of the properties for lcamoes, disable the
User account is locked check box.
CASE PROJECTS
Case Project 5-1
Case
Project
You have just hired an assistant administrator for your Linux server. For now, you will
not allow him to log on as root. Create a user account for him.
A newly installed application will need a text file called netapp.conf in the /usr directory. Create the text file. Give ownership of the file to the new user. Linux has a utility
called chown that you can use for this purpose. At a shell prompt, type man chown to
display the manual pages for the chown utility. Allow the assistant (owner) full access,
the group full access, and other users just read access. Test the system by logging on as
the assistant administrator. As assistant administrator, can you create a file in /usr?
Describe why you can or cannot do so.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
246
Chapter 5
Managing a Server
Case Project 5-2
Case
Project
You have decided that it might be a good idea to provide some Windows technical support. Your new boss asks whether you have ever heard of group policies in Active
Directory. You have, but are a bit weak on the details. Your boss wants you to write
detailed, step-by-step instructions to implement the following plan. It will be e-mailed
to a branch office to be handled by the support person there. You are to describe how
to set up security for the computer configuration for the default domain policy.
❐
Set the maximum password age to 90 and the minimum password age to 10.
❐
Make the user account lock after three unsuccessful attempts.
❐
Make both the account lockout duration and the number of minutes before resetting the lockout counter 30 minutes.
❐
When users log on, the following message should appear: “Welcome to
TechnoWidgets.”
Case Project 5-3
Case
Project
Your objective is to create a secure area on the Windows server for a group called acctg.
Create two users, ajones and mnoia. Put them in the acctg group. From the root of your
Windows drive, create a folder called reports. In the reports folder, give the acctg group
Full Control over the contents of the folder and remove the Users group from the folder.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
CHAPTER
6
CONFIGURING A WEB SERVER
In this chapter, you will:
♦
♦
♦
♦
♦
♦
Understand how a Web server works
Install the Internet Information Services (IIS) and Apache Web servers
Examine the IIS and Apache properties
Host multiple Web sites
Configure new Web sites in IIS and Apache
Understand virtual directories
A
ll Web servers are based on the Hypertext Transfer Protocol (HTTP), which
governs the way Web servers communicate with browsers and other client
software.When you install a Web server, it is configured to perform most common tasks by default, such as display simple Web pages.Although you can configure Microsoft’s Internet Information Services (IIS) Web server and the
Apache Web server in a similar manner, IIS and Apache use different approaches
to configuration. For IIS, you use a GUI, often with wizards, to configure the
Web server. For Apache, you typically use a text file called httpd.conf.
Often a Web server is not what it appears to be.A Web site such as Microsoft.com
uses URLs that appear to have a structure of folders similar to those on a hard
disk. In reality, that structure doesn’t always reflect the organization of the
folders on the Web server’s hard disk.You can create virtual directories that are
part of the Web site yet physically located outside of the Web site. Conversely, you may think that sites such as www.MyFavoriteWidgets.com and
www.WidgetSupplies.com must represent different servers, or at least different IP
addresses. However, you can use virtual servers to configure a Web server to
host multiple sites. An extreme example is www.freeserve.net, which hosts about
150,000 sites using only four IP addresses.
247
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
248
Chapter 6
Configuring a Web Server
UNDERSTANDING HOW
A
WEB SERVER WORKS
Although Web servers have evolved substantially since their introduction, the main purpose of a Web server is to send HTML documents to a browser. HTML is the formatting
language that browsers use to display text and graphics. All Web servers support the
Hypertext Transfer Protocol (HTTP), which defines how information is passed
between the browser and the Web server.Web servers and browsers must follow the same
rules defined by HTTP.This consistency allows someone using a Netscape browser or an
Internet Explorer browser, for example, to see the same pages on any server. Netscape,
Internet Explorer, Konqueror, and other browsers may differ in terms of the HTML that
the Web designers use to create Web pages, but the Web server always provides the same
HTML to the browser.
The two most popular Web servers are Apache from the Apache Software Foundation and
Internet Information Services (IIS) from Microsoft. Prior to the introduction of IIS 5.0,
IIS stood for Internet Information Server.According to Netcraft (www.netcraft.com), nearly
two-thirds of all Web servers use Apache and less than one-third use IIS. Both servers publish HTML pages and perform other tasks necessary for producing interactive Web pages.
Chapter 7 explores the use of programming languages and databases on Web servers to
produce interactive Web pages.
After you install a Web server, you can configure it to change the port number on which
it listens for Web requests, the location to which the Web server retrieves HTML files
(called the root of the server), and the settings that determine the performance of the
computer depending on levels of traffic.You can expand the Web server to accept requests
from multiple domains, thereby creating virtual servers.You can also store HTML documents that are not part of the root file structure by using virtual directories.This chapter
explores these configurations in detail.
Like DNS servers, Web servers are services (often called daemons in Linux) that listen
for requests at ports. Most listen at port 80 for incoming requests, though they can use
any port beyond 1023. Ports up to and including 1023 are reserved for other uses. Often,
if a Web server is not running on port 80, it runs on port 8080 or 8000, but using these
ports is simply convention. Web server administrators sometimes take advantage of this
technique when two Web servers are running on the same computer.
Each Web server has a root, which is where you store the HTML documents and subfolders for your site. If you install IIS on the C: drive, the root is c:\inetpub\wwwroot.
For example, if you used this root for the www.technowidgets.com Web site, and you stored
a file named hello.htm in d:\inetpub\wwwroot, you could display it from a browser by
entering http://www.technowidgets.com/hello.htm as the URL.
Understanding HTTP
The current version of HTTP, version 1.1, describes how to format messages that are sent
from the browser to the Web server and back.The messages contain specific commands that
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding How a Web Server Works
249
instruct the server to retrieve certain Web pages. Because all popular Web servers and browsers
have been supporting HTTP version 1.1 for years, this section focuses on this version.When
the GoCertify.comWeb site analyzed which protocol approximately 43,000 visitors use, it found
that only about 0.01 percent of the browsers that accessed the site used HTTP/1.0. Of these
visitors, 78 used Netscape 3, 4 used Internet Explorer 2, and 77 used Internet Explorer 3.
HTTP is a stateless protocol, meaning that each Web page sent to the user is independent
of every other Web page the server sends. As a consequence, you cannot use the protocol
to keep track of users who are viewing Web pages on your site. For example, if you have
an e-commerce site where people buy books, you need to use programming techniques
instead of HTTP features to track visitors and the books they buy.
One of the most important characteristics of HTTP 1.1 is its support for persistent
connections. This capability allows the browser to receive multiple files in one TCP
connection. Without a persistent connection, each file sent would require an independent TCP connection, which takes extra processing on the Web server to set up and
release. Such extra processing can decrease performance.This potential problem becomes
even more significant when you realize that most Web pages contain multiple files.
Besides the main file that contains text, the Web page may contain graphic images. Each
image must be sent to your browser separately.
The following procedure shows the communication between a browser and a Web server
that displays a simple page containing the text “Hello, World.” The procedure assumes
that a host called www.technowidgets.com resolves to an IP address of 192.168.0.100.
1. You type http://www.technowidgets.com/hello.htm in the Web browser.
2. The Web browser contacts the DNS server to find the IP address for
www.technowidgets.com. The DNS server returns 192.168.0.100.
3. The browser composes the following message and sends it to port 80 on
192.168.0.100:
GETƒ/hello.htmƒHTTP/1.1
Host:ƒwww.technowidgets.com
4. In this example, the Web server is a Microsoft Web server and responds to the
browser with the following message:
HTTP/1.1ƒ200ƒOK
Server:ƒMicrosoft-IIS/5.0
Date:ƒFri,ƒ17ƒMayƒ2005ƒ18:47:30ƒGMT
Content-Type:ƒtext/html
Accept-Ranges:ƒbytes
Last-Modified:ƒFri,ƒ17ƒMayƒ2005ƒ18:21:25ƒGMT
ETag:ƒ“90cbb2a7cffdc11:b50”
Content-Length:ƒ43
<html><body>
Hello,ƒWorld
</body></html>
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
250
Chapter 6
Configuring a Web Server
5. The browser retrieves the message and reads its header, which contains information about the page. Each header starts with the header name, followed by a
colon.The data associated with the header follow the colon. At the bottom of
the message, you see that the page displays the text “Hello,World.”
Step 3 is an important one for configuring servers. Notice that when the message is sent to
IP address 192.168.0.100, the host name is www.technowidgets.com.The host name is separate
from the IP address, meaning that the Web server at 192.168.0.100 can look at the host
name and then display pages on a different Web site.You will see how to apply this technique later in the chapter.
In Step 5, the headers contain the following information for the browser: the Web server’s
use of IIS version 5.0 (Microsoft Windows 2000), the current date and time on the server,
and the last time the file was updated.The other important information in one header is
that the content type is text/html, which defines it as a typical Web page.
Understanding Features in Apache Web Server
Apache Web server was available only in version 1.3 for many years. In 2001, the Apache
Software Foundation released version 2.0. Linux 8 comes with version 2, so that is the
focus of this chapter.
Apache’s philosophy is to start with minimal features and then expand the server as necessary. For example, Apache doesn’t support programming languages besides the default
languages supported by CGI scripts (described in Chapter 7). However, you can easily
add languages to the Apache setup, sometimes with a single line in a configuration file.
When you install Apache, a directory is set up for an online manual and icons used on
Web pages.The only sample HTML document is a single sample test page.This modularity allows you to optimize Apache for the required tasks without wasting processing
time and memory on unneeded tasks.You can even use Apache to help secure your Web
environment by configuring it as a proxy server, which isolates your real Web server
from the Internet. A proxy server takes requests for pages from the Internet and transfers them to the real Web server inside your network.
Following are some of the major improvements in Apache 2.0:
■
Better support for Windows—Running Apache 1.3 under Windows often produced
malfunctions, but version 2.0 provides improved reliability.
■
Support for IPv6, the future version of IP addressing—The current method of IP
addressing uses 32 bits, which does not provide enough addresses to meet
demand as the Internet grows. Internet protocol version 6 (IPv6) uses 128 bits,
which greatly expands the number of available addresses.
■
Simplified configuration—Apache 1.3 provides multiple ways to set the port number and IP address that the server would use for listening.Version 2.0 provides
only a single way, which simplifies the setup.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding How a Web Server Works
251
■
Unicode support in Windows NT, 2000, and 2003—Apache 2.0 supports Unicode
in Windows, which allows you to use foreign-language character sets in
Web pages.
■
Multilanguage error responses—Apache 2.0 provides error messages in a number
of languages.
Understanding Features in Internet Information Services
For many Web sites, any version of IIS provides the needed functionality of publishing
Web pages. Windows 2000 comes with IIS 5.0, and Windows Server 2003 uses IIS 6.0.
All versions of IIS support HTML and Active Server Pages (ASP), which you use to
create dynamic pages. ASP.NET is available on both Windows 2000 and Windows 2003.
You will learn about ASP and ASP.NET in Chapter 7.
IIS 5.0 is installed with many options and samples to make it easy to get started. For
example, an administrative interface allows you to use a browser to manage IIS. Sample
applications show you how to create ASP pages. The SMTP protocol is also installed,
enabling you to send e-mail from your Web pages. Unfortunately, this user-friendly
approach gives malicious users more ways to attack your site. For example, in late 2002,
Microsoft announced a patch to update the Microsoft Data Access Component
(MDAC). According to security bulletin MS02-065, an attacker could compromise any
Windows NT or Windows 2000 Web server and not only change Web pages, but even
format the disk.
IIS 6.0 does not install as many default features, although they can be added later. This
version even provides an IIS Lockdown Wizard to restrict the functionality to only those
capabilities that you really need. This approach helps prevent Web administrators from
accidentally including features that attackers can exploit.
Following are key features in IIS 5.0:
■
Web Distributed Authoring and Versioning (WebDAV)—WebDAV allows the server
to share Web-based files.
■
Web folders—Web folders use the WebDAV technology, allowing the user to
drag files between the local system and the Web server.
■
Named virtual hosting—If you are running more than one physical Web server,
virtual hosting lets them all use single IP address.
■
Multiple user domains—IIS lets you set up more than one domain for a user,
which in turn supports multiple user databases through the use of Active
Directory.
■
Per Web site bandwidth throttling—This feature allows you to control the amount
of bandwidth that each site on your server consumes.
■
Kerberos—The Kerberos authentication protocol is integrated with the Web
server, which allows you to implement more secure authentication.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
252
Chapter 6
■
Configuring a Web Server
Secure Sockets Layer 3.0—This technology supports encrypted communication
between a Web server and a browser, increasing the security of a Web site.
Some of the features new to IIS 6.0 include the following:
■
Increased security—The default installation for IIS 6.0 is the “locked down”
mode, which permits only HTML files to be used. IIS 5.0, by default, supports
ASP and other methods of creating dynamic pages. Allowing only HTML files
significantly reduces attackers’ ability to extract important data.
■
Expanded language support—XML and SOAP are important components used
in application development.You will learn about both in Chapter 7.
■
Support for IPv6, the future version of IP addressing—As mentioned in the
“Understanding Features in Apache Web Server” section, the current method
of IP addressing uses 32 bits, which does not provide enough addresses to
meet demand as the Internet grows. Internet protocol version 6 (IPv6) uses
128 bits, which greatly expands the number of available addresses.
■
Increased dependability—IIS 6.0 increases dependability through kernel-mode
HTTP service and a self-healing mechanism. A kernel-mode service is protected
from being corrupted by another program.
INSTALLING WEB SERVERS
Each version of Windows or Linux provides a Web server that is easy to install and runs
without any extra configuration. However, you use a different procedure to install each Web
server. In Windows 2000, you can install the Web server while you install the operating system. In Windows 2003, you can install it only after you have installed the operating system.
In Linux, it is easiest to install Apache Web server when you install the operating system.
Recall that when you installed Linux and selected the server installation type, Apache was
one of the packages available.Although Apache is by far the most popular Web server available for Linux, you can also install Apache on Windows 2000 or Windows 2003.
Windows 2003 provides a Configure Your Server Wizard that allows you to more easily
install a Web server and associated components. For example, you can install IIS and the
following components using this wizard:
■
FrontPage Server Extensions—Allows applications such as FrontPage and Visual
Studio to upload files to the Web server and is needed for Web folders.
■
Microsoft Data Engine (MSDE)—A scaled-down version of SQL Server 2000
that supports as many as five simultaneous connections.
■
ASP.NET—A programming environment that allows programmers to develop
dynamic Web pages.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Web Servers
253
Installing IIS on Microsoft Windows 2000 or Windows Server 2003
This section shows you how to install IIS on Windows 2003 using the Configure Your
Server Wizard. Note that you can also install IIS on Windows 2003 without its components
in the same way you install IIS in Windows 2000. Before you perform the following steps,
insert the main Windows Setup CD in the CD drive and log on as an administrator.
To install IIS 6.0 in Windows 2003:
1. Click Start and then click Manage Your Server. The Manage Your Server
window opens. See Figure 6-1.Your window might not list the WINS server,
which was installed in Chapter 5. WINS is not needed for any of the tutorials
or projects.
Your window might
not reference the
WINS Server
Figure 6-1
Manage Your Server window
2. Click Add or remove a role to select a role for your server. For example,
your server can perform the roles of file server and Web server. The
Preliminary Steps dialog box opens, reminding you to make sure that you
have installed a NIC and have the Setup CD.
3. Click Next. The Server Role dialog box opens. See Figure 6-2. Notice that
the role of DNS server is already configured. If you already installed Active
Directory, that service would appear in the Server Role list as well.
4. Click Application server (IIS, ASP.NET) and then click Next. The
Application Server Options dialog box opens. See Figure 6-3. Select the
Enable ASP.NET check box to install this popular programming environment.
FrontPage Server Extensions allow you to remotely manipulate files on your
Web server through software products such as FrontPage and Visual Studio.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
254
Chapter 6
Configuring a Web Server
Figure 6-2
Server Role dialog box
Figure 6-3
Application Server Options dialog box
5. Click Next. The Summary of Selections dialog box opens, listing those items
that will be installed. Besides IIS and ASP.NET, this wizard automatically
installs the Microsoft Distributed Transaction Coordinator and COM+.
6. Click Next to begin installing IIS 6.0. When a dialog box opens requesting
the Setup CD, insert the CD, and then click OK. When the Server Setup
Window opens, click Exit. A few windows describe the installation, and then
a dialog box notifies you that the procedure is complete. See Figure 6-4.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Web Servers
255
6
Figure 6-4
This Server is Now an Application server dialog box
7. To view help screens related to IIS, you could click View the next steps for
this role.To make sure that IIS was installed correctly, you could click
Configure Your Server log. Click Finish to exit the wizard.
After installing IIS in Windows 2003, an extra menu item appears in Administrative Tools
called Internet Information Services (IIS).Also stored in the root of your drive is a folder
called Inetpub, which contains two subfolders.The AdminScripts folder contains scripts
to allow you to manage your Web server remotely. The wwwroot folder is where you
store your Web pages.
Although you can use the Windows 2000 Configure Your Server Wizard to install IIS 5.0
in Windows 2000, when you select the Web server option, it opens the Windows
Component dialog box so you can select appropriate options. It is just as easy to use the
Control Panel to add IIS.
To install IIS 5.0 in Windows 2000:
1. In the Control Panel, double-click Add/Remove Programs to open the
Add/Remove Programs window. See Figure 6-5. (Your window might contain different programs.)
2. In the left pane of the Add/Remove Programs window, click Add/Remove
Windows Components to start the Windows Components Wizard. See
Figure 6-6.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
256
Chapter 6
Configuring a Web Server
Your list of currently installed
programs will differ
Click to start the Windows
Components Wizard
Figure 6-5
Add/Remove Programs window
Click the Internet Information Services
(IIS) option (not the check box)
Figure 6-6
Windows Components dialog box
3. Click Internet Information Services (IIS) to highlight that option. Be sure
to click the text, not the check box, so that you select only the Web server, not
all of the components of IIS. See Figure 6-7.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Web Servers
257
Click the Details button to
select IIS components
Figure 6-7
Selecting Internet Information Services (IIS)
4. With Internet Information Services (IIS) highlighted, click the Details button.
The Internet Information Services (IIS) dialog box opens, listing available IIS
components. See Figure 6-8.
Figure 6-8
IIS components
The major components available include the following:
■ File Transfer Protocol (FTP) Server—Used to transfer files. FTP is discussed in
Chapter 9.
■ FrontPage 2000 Server Extensions—Used by programs such as FrontPage to
transfer files to the Web server for Web development.
■ NNTP Service—Used to create user forums.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
258
Chapter 6
■
■
Configuring a Web Server
SMTP Service—Used to send e-mail messages directly from Web pages.
World Wide Web Server—Used as the service for the Web server.
5. Scroll and then click World Wide Web Server to select it. Notice that selecting this check box automatically checks the boxes for Internet Information
Services Snap-In, which allows you to configure the server, and Common
Files, which are used by more than one of the services.
6. Click the Documentation check box to install the online Help for IIS.You
have now selected all of the IIS components you need for this chapter.You
will install other components as you need them.
7. Click OK to return to the Windows Components dialog box.
8. Click Next to have Windows copy files and install them on your server.
9. When Windows is finished installing IIS, the Completing the Windows
Components Wizard dialog box opens. Click Finish, and then close the Add
or Remove Programs window and the Control Panel window.
After installing IIS in Windows 2000, you have an extra menu item in Administrative
Tools called Internet Services Manager. The root of your drive contains a folder called
Inetpub, which contains a number of subfolders. The AdminScripts folder contains
scripts to allow you to manage your Web server remotely.The iissamples folder contains
many sample Web applications to show you the variety of tasks that can be accomplished
through the Web server.The scripts folder can hold special files, called CGI scripts, that
can add functionality to your Web server. Unfortunately, these folders (especially the
iissamples folder) create an insecure Web server because attackers can readily exploit
the files they contain.You will see how to restrict access to these folders when you configure the server. The last folder, wwwroot, is where you put your Web pages.
To test the installation, you can use Notepad to create an HTML document called
default.htm and store it in the \inetpub\wwwroot folder. You can use the name
default.htm because when the URL does not contain a specific filename, it automatically
looks for and then displays the contents of default.htm.You can use the default.htm file
in \inetpub\wwwroot to create the home page for your Web site.
To create a default Web page for IIS:
1. Start Notepad.
In Windows 2003: Click Start, and then click Notepad.
In Windows 2000: Click Start, point to Programs, point to Accessories, and
then click Notepad.
2. Type the following HTML code:
<html><body>
ThisƒisƒtheƒdefaultƒWebƒpageƒinƒWindows
</body></html>
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Web Servers
259
3. Click File on the menu bar, and then click Save.The Save As dialog box opens.
4. Click the Save as type list arrow, and then click All Files. If you accept the
default text format, Notepad automatically adds .txt to your filename.Thus,
although you type default.htm as a filename, it would be saved as default.htm.txt.
5. Click the Save in list arrow, and then navigate to the \inetpub\wwwroot folder
on the drive where you installed Windows.
6. In the File name text box, type default.htm and then click Save. See
Figure 6-9.Your file list is different in Windows 2000.
Make sure you save the file in the
\inetpub\wwwroot folder on the drive
where you installed Windows
Files in Windows 2003; they are
different in Windows 2000
Figure 6-9
Saving default.htm
7. Close the Notepad window.
Now you should confirm that your browser will display the Web page that you just created.You can use Internet Explorer to display the default page for your Web site. If the
default.htm page does not appear when you start Internet Explorer, make sure that the
file you created has an .htm extension, and that you stored it in the \inetpub\wwwroot
folder on the same drive where you installed Windows.
To display the default Web page in Windows 2003:
1. Click the Internet Explorer icon on the Quick Launch toolbar on the desktop.
2. Because this is the first time that you have used Internet Explorer, a dialog box
opens stating that enhanced security is enabled on the server. Select the In the
future, do not show this message check box, and click OK.
3. In the Address text box, type http://localhost/ and then press Enter.The
name “localhost” represents the IP address of 127.0.0.1, which always refers to
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
260
Chapter 6
Configuring a Web Server
the computer you are currently using.The browser displays the default.htm
Web page you created. See Figure 6-10.
Figure 6-10
default.htm in Internet Explorer in Windows 2003
4. Close Internet Explorer.
You can also display the default Web page in Windows 2000.
To display the default Web page in Windows 2000:
1. Click the Internet Explorer icon on the Quick Launch toolbar on the desktop.
Because this is the first time that you have used Internet Explorer, the Internet
Connection Wizard opens.The first time you use Internet Explorer, the
Internet Connection Wizard guides you through setting up Internet Explorer.
2. Click the I want to set up my Internet connections manually, or I
want to connect through a local area network (LAN) option button,
and then click Next.
3. The Setting up your Internet connection dialog box opens. Click the I connect
through a local area network (LAN) option button, and then click Next.
4. The Local area network Internet configuration dialog box opens.You have the
opportunity to configure it to connect through a proxy server. Proxy servers
isolate the internal network from the Internet. Click Next to accept the default
of no proxy settings.
5. The Set Up Your Internet Mail Account dialog box opens. Click the No option
button, and then click Next.
6. The Completing the Internet Connection Wizard dialog box opens. Click
Finish to exit the wizard and start the Internet Explorer. If the Work offline
message box opens, click Try Again. Internet Explorer tries to access
www.msn.com.
7. In the Address text box, type http://localhost and then press Enter. The
name “localhost” represents the IP address of 127.0.0.1, which always refers to
the computer you are currently using.
The browser displays the default.htm Web page you created. See Figure 6-11.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Web Servers
Figure 6-11
261
default.htm in Internet Explorer in Windows 2000
If you installed the DNS server in Chapter 4, you should be able to use DNS to resolve
IP addresses. For example, if your domain is technowidgets.com, you should be able to
type http://www.technowidgets.com in your browser to access the Web site.
Installing Apache on Red Hat Linux
If you have installed Linux on your Web server, you can install Apache in one of three ways.
First, you can have Linux automatically install Apache when you install Linux. Second, you
can install the version of Apache provided on the Red Hat CD 2. Using this method is easy
because you use the rpm method that you used to install DNS in Chapter 4.Third, you can
download a program from the Web that is designed to work with any Linux distribution.
When you use this method, you download the source code for Apache and then compile
it yourself.This chapter guides you through installing Apache from the Red Hat CD.You
need to log on as root to install and configure Apache.
You installed Apache in Chapter 3 when you installed Linux and selected Web Server as
a package to install.The following steps are for reference only—you should not perform
them now.
To install Apache from the Red Hat CD:
1. Insert your Red Hat installation CD 2 in the CD drive.
2. On the desktop, double-click CD/DVD-ROM to mount the CD and open
the Konqueror Web browser.
3. Double-click the RedHat directory icon in the right pane. The contents of
the RedHat directory appear in the Konqueror window.
4. Double-click the RPMS directory icon to display the packages that you can
install.
5. Scroll down until you see a package that begins with “httpd-2.0.” As enhancements are added, the rest of the filename will vary. Double-click the package
icon associated with this name to install the Apache Web server.
6. Close the Konqueror window.
7. Right-click the CD/DVD-ROM icon on the desktop, and then click Eject
to eject the CD.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
262
Chapter 6
Configuring a Web Server
Starting the Apache Web Server
By default, Linux does not start the Apache Web server after you install it. Once you
learn how to start Apache, however, make sure it starts every time you reboot the computer.You will use the same technique to start the Web server as you used to start DNS.
Table 6-1 shows you how to start, stop, and restart the Apache Web server. No one can see
your Web pages until you start the Web server. If you change the Web server configuration, you need to restart the Web server so that it will recognize the changes.You stop the
server when you do not want anyone to view your Web site.The root of the Web server
is in the /var/www/html directory. Remember that the root of the Web server is where
you store your Web pages.
Table 6-1
Starting, stopping, and restarting Apache
Procedure
Command
Start Apache
apachectlƒstart
Stop Apache
apachectlƒstop
Restart Apache
apachectlƒrestart
To start the server, open a terminal window and type apachectl start (with a lowercase
letter “l” at the end). After you press Enter, you see the following warning: “Could not
determine the server’s fully qualified domain name, using 127.0.0.1 for ServerName.”
This message means that you have not configured the name of the server yet, but the Web
server will run anyway.
To configure the name of the server in Apache:
1. In a terminal window, type kedit /etc/httpd/conf/httpd.conf and
press Enter.
2. Type Ctrl+F to open the Find dialog box. Type ServerName and then click
Find to move the insertion point to the beginning of the ServerName explanation. Click Find again to move the insertion point to a sample of the
ServerName configuration.
3. Create a blank line after the ServerName configuration sample and then type
ServerName web1.technowidgets.com:80. The :80 at the end indicates
that the Web server listens at the default of port 80.
4. Save the file and exit kedit.
5. Type apachectl restart and press Enter. Notice that no warning appears
about the name of the server.
To make sure that the Apache Web server starts every time you start the computer, you
need to include the command to start the Web server in the /etc/rc.d/rc.local directory,
as you did with the daemon to start DNS.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing Web Servers
263
To start Apache automatically when the computer is started:
1. In a Linux terminal window, type kedit /etc/rc.d/rc.local and then
press Enter.
2. At the bottom of the file, type apachectl start.
3. Click the Save icon on the kedit toolbar, and then close the terminal window.
To test the installation, you can use kedit to create an HTML document called index.html
and then store this document in the /var/www/html directory. You use the name
index.html because when the URL does not contain a specific filename, it automatically
looks for and then displays the contents of index.html.You can use the index.html file in
/var/www/html to create the home page for your Web site.
To create a default Web page for Apache:
1. In a terminal window, type kedit /var/www/html/index.html and then
press Enter.
2. Type the following HTML code:
<html><body>
ThisƒisƒtheƒdefaultƒWebƒpageƒinƒApache
</body></html>
3. Click the Save icon on the kedit toolbar, and then close the terminal window.
To display the default Web page in Linux:
1. Make sure that Apache is started by opening a terminal window and typing
apachectl start.
2. On the desktop, click the Konqueror icon, the icon next to the red hat on
the bottom toolbar. The Konqueror Web browser opens. See Figure 6-12.You
use Konqueror as both a file manager and a Web browser.
3. In the Location text box, type http://localhost and then press Enter. Linux
uses the name “localhost” for the computer you are using. Konqueror displays
the default index.html Web page. See Figure 6-13.
If the index.html Web page appears in Konqueror, it means that Apache is correctly installed on your computer.
If you installed Apache and DNS properly, you should be able to use DNS to resolve IP
addresses. In Step 3, if your domain is technowidgets.com, for example, you should be able
to type http://www.technowidgets.com instead of http://localhost in the browser to access
the Web site.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
264
Chapter 6
Configuring a Web Server
Figure 6-12
Konqueror Web browser
Figure 6-13
Default index.html in Konqueror
EXAMINING INTERNET INFORMATION SERVICES PROPERTIES
The Windows Setup program configures settings in IIS that meet the demands of most Web
sites. In many cases, you do not need to make any changes.As installed, IIS supports HTML
and ASP in Windows 2000. In Windows 2003, IIS supports HTML and ASP.NET. However,
as your Web site grows and changes, you will probably need to adjust the settings and other
properties of IIS.This section defines those properties.You will find out why and how you
change these properties later in this chapter and in subsequent chapters.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Internet Information Services Properties
265
To display the properties of the default Web site on IIS:
1. In Windows 2003: In Administrative Tools, click Internet Information
Services (IIS) Manager. The Internet Information Services (IIS) Manager
window opens. See Figure 6-14.
In Windows 2000: In Administrative Tools, double-click Internet Services
Manager.
6
Click to expand
the Web sites on
this computer
Figure 6-14
Internet Information Services (IIS) Manager window
2. In Windows 2003: Expand your Web Sites folder.
In Windows 2000: Double-click the name of your computer in the left pane.
3. Right-click Default Web Site to open its shortcut menu.The shortcut menu
includes commands that let you stop the server or pause it, which prevents
new connections.The selection to start the server is disabled because the Web
server is already started.
4. Click Properties on the shortcut menu to open the Default Web Site
Properties dialog box. Figure 6-15 shows this dialog box in Windows 2003.
The Properties dialog box for Windows 2000 is almost identical.
The default Web site properties show you the main settings for IIS. The Web site identification area in this dialog box includes a description of the Web site, which you can
use to enter a more meaningful name for your server. The IP address text box defaults
to all the IP addresses on the computer that are not assigned to other IIS services, and
the TCP port indicates which port the Web server is using. In the section on virtual
hosting later in this chapter, you will examine the Web site identification settings in detail
and configure multiple Web sites, which will have different Web site identifications.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
266
Chapter 6
Figure 6-15
Configuring a Web Server
Default Web Site Properties dialog box in Windows 2003
The Connection timeout text box in the Connections area shows that any Web site user is
disconnected from your Web server after 120 seconds (900 seconds in Windows 2000) of
inactivity.This is done to conserve resources. If you check the Enable HTTP Keep-Alives
box, a browser can request that a connection stay open while multiple items on a page such
as graphics are transferred, instead of closing the TCP connection after transferring each
image on the page.
If you check the Enable logging box, IIS creates and stores log files, which are text files
of information that you can use to monitor performance and events, such as shutting
down the Web server, and even information about who has visited your site. It is a good
idea to enable logging—but only if you actually read the logs. By default, the logs are
stored in the \windows\system32\LogFiles directory on the drive where you installed
Windows. If you partitioned your drive, the files are stored on the smaller partition along
with the operating system files. Over time, the partition can fill up with log files and
cause the server to shut down. Logs will be fully explored in Chapter 11.
Next, you can explore the IIS security settings that allow you to control access to your
Web server. The Directory Security tab in the Default Web Site Properties dialog box
contains these security settings. In the Default Web Site Properties dialog box, click the
Directory Security tab to open this property sheet. See Figure 6-16.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Internet Information Services Properties
267
6
Figure 6-16
Directory Security Properties for IIS in Windows 2003
The first section of this property sheet dialog box controls anonymous access.When you
installed IIS, a user was created based on the name of your computer. For example, if the
name of your computer is WEB1, this user is called IUSR_WEB1. This guest account
only has access to your Web site. When people request a Web page, they are logged on
to the server using this account. If you delete this user or change its password, then
anonymous users cannot view Web pages on your Web site. For a private site, you can
disable anonymous access and have users log on using their own accounts.
You can also control access to the Web site based on IP address.You can either start by
denying all connections except the ones you allow or allow all connections except the
ones you deny.
To set up secure communications, a server certificate is required that verifies the name of
the organization that is hosting the Web site.You can also enable client certificates to verify the identity of the person connecting to your site. With certificates, communication
is encrypted.
Click each of the other tabs in the Default Web Site Properties dialog box. Each tab is
explained in the following list.
■
Operators (Windows 2000 only)—This property sheet lists users who can administer the site. It can be useful if you want to permit specific users to help you
administer the Web site.
■
Performance—Use the Performance property sheet to limit the total amount of
network bandwidth available to this Web site as measured in kilobytes (KB)
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
268
Chapter 6
Configuring a Web Server
per second. It is useful when a single computer supports multiple Web sites.
You can also limit the number of simultaneous connections that the server
allows in Windows 2003.
■
ISAPI Filters—Use this property sheet to specify applications that process
HTTP requests, known as ISAPI filters. For example, Microsoft Exchange
installs an ISAPI filter to process Web e-mail.
■
Home Directory—This property sheet specifies the location and properties of
the home directory.You can determine whether to log information about
anyone who accesses this site, and whether execute permissions cover only
scripts (the default) or cover executable programs as well.
■
Documents—When a URL does not reference the name of a page, you can
use the Documents property sheet to configure the name of the page that the
Web site displays. By default, the Web server looks for the following pages:
default.htm, default.asp, index.htm (Windows 2003 only), iisstart.htm, and
default.aspx (Windows 2003 only).You can add and remove pages, and alter
the order in which the Web server checks for pages.
■
HTTP Headers—Recall that the Web server sends headers along with the Web
page to the user.You can use the HTTP Headers property sheet to add your
own custom header for a special browser-based application, enable content
expiration on a particular date, and even set a content rating such as violence,
sex, nudity, and language for your site.
■
Custom Errors—Use this property sheet to specify the HTML files that display
HTTP errors to the Web site user. For example, by default, error 404 is “File
not found.” Instead of displaying this standard message, you could display a
different HTML document, such as one containing a site map that would
help the user find the correct page.
EXAMINING APACHE PROPERTIES
Apache uses a configuration file called httpd.conf, which does the same work as the GUI
interface does for IIS.The httpd.conf configuration file, located in /etc/httpd/conf, contains more than 1,000 lines of code, which may seem overwhelming. In reality, more
than 60 percent of the lines in the file are comments that help explain changes or provide examples of changes. Also, the typical Web site administrator would use only a few
sections of this configuration file. Just as with IIS, the default configuration is acceptable
for most Web sites.
A number of organizations have created GUI interfaces for Apache. However, once you
select a GUI interface and use it to modify the Apache configuration, you cannot modify the configuration file manually and then go back to the GUI. Another advantage to
using httpd.conf instead of the GUI is that it is consistent across all distributions and there
are very few differences between the configuration file for Apache 2.0 and Apache 1.3.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Examining Apache Properties
269
To examine the properties in the httpd.conf file, you can open it in a text editor. In a terminal window, you type keditƒ/etc/httpd/conf/httpd.conf. See Figure 6-17.
6
Figure 6-17
The httpd.conf file
The Apache configuration file is divided into three sections: Global Environment, Main
server configuration, and Virtual Hosts. The Global Environment section controls the
server’s overall operation.The Main server configuration section has configuration information for the default server.The Virtual Hosts section contains settings for virtual hosts,
also known as virtual servers in IIS.You will learn about virtual hosts in a later section.
Apache Global Environment Settings
You will rarely modify the global settings in the Apache configuration file. Some of these
settings focus on physical locations of directories during setup or standard settings common to most servers, such as the port number.The major change you will make in this
section is changing the default of “KeepAlive Off ” to “KeepAlive On.” Recall that the
KeepAlive property gives users to your site a persistent connection over a given number of seconds. It allows browsers to download a Web page with images without having
to create a new connection for each image.You should change other settings only after
your Web site has been in operation for a substantial time and you want to fine-tune the
site. For example, you could triple the KeepAlive timeout if you find that users often
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
270
Chapter 6
Configuring a Web Server
click links within your site, but not within the default of 15 seconds, assuming that
KeepAlive has been turned on.
Following is a list of the major global settings for configuring Apache:
■
ServerRoot—Shows the directory location of the server files.
■
KeepAlive—Indicates whether Apache should maintain a persistent connection
for multiple files. Always leave it set to On unless your Web site has only text
files and users rarely move from one page to another.
■
MaxKeepAliveRequests—Determines how many files can be transferred in a
single connection. The default is 100, which is acceptable for most sites.
■
KeepAliveTimeout—Indicates the number of seconds that Apache maintains
the connection. By default, it is set to 15 seconds, which provides enough
time to maintain a connection for a single page.
■
Listen—Determines the port number for the server. The default is 80.
Apache Main Server Configuration
The main server configuration in the Apache configuration file describes the default
server. Approximately 70 percent of the Apache configuration information appears in
this section. Again, you will rarely need to change these settings—only if your Web site
changes significantly.
The settings in the main section determine the basic security configuration, default document description, error logging, and support for foreign languages.You might need to
change one or more of the following main settings from time to time.
■
User—Shows the user name that Apache employs when someone requests a
Web page.This user cannot log on to the server and has very restricted access.
By default, when Apache is installed, it creates a user called apache.This
restricted user only has access to the Web site.The guest user name cannot be
used to log on to the server.
■
ServerAdmin—Lists the e-mail address of the administrator. Apache server error
messages can be sent to this e-mail address. By default, it is [email protected]
■
ServerName—Shows either the DNS host name or the IP address. If you do
not have an entry here, Apache displays a warning when you start the server.
■
DocumentRoot—Identifies the directory where the Web pages are stored.
For a minimal Apache configuration:
1. In a terminal window, type kedit /etc/httpd/conf/httpd.conf and then
press Enter.
2. Click the magnifying glass icon on the toolbar. The Find-KEdit dialog box
opens. Type ServerName, and then click Find.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hosting Multiple Web Sites
271
3. You see the beginning of some comments concerning ServerName. Click
Find again.
4. You see the beginning of an example of how to use ServerName. On the next
line, which is blank, type
ServerName www.technowidgets.com:80
5. Click the floppy disk icon on the KEdit toolbar to save the changes and close
the kedit window.
6. To restart the Web server, type apachectl restart and then press Enter.
HOSTING MULTIPLE WEB SITES
You can create multiple Web sites on a single server for a variety of purposes. These are
known as virtual servers and virtual hosts. For example, you might work for an organization that sells products under different company names that require different Web sites.
Each site might not be large enough to require its own Web server, so all the Web sites
could share a single Web server. In a related manner, your boss might have an idea for a
new domain name with a corresponding Web site and want to explore some marketing
opportunities without the unneeded investment of a new server. In addition, your company might want to support some nonprofit organizations by hosting their Web sites on
your server.Virtual servers are also used by Web hosting companies to host basic Web sites.
For multiple Web sites to exist on the same computer, you have to make each site distinct, which you can do by hosting Web sites by port number, by IP address, or based
on host name. The following sections describe each method.
Hosting Web Sites by Port Number
One way to host multiple Web sites is to have each Web site listen at a different port.The
first Web server you install listens at port 80, so any additional Web site must listen at a different port. In Chapter 5, you learned that the well-known ports are numbered from 1 to
1023. Because they are reserved, you should not use these port numbers for your additional
Web sites. Recall that common choices are 8000 and 8080, because they are unreserved and
easy to remember, but you could pick any port above 1023.When you configure a Web site
to use a port other than 80, you must reference the alternate port number in the URL associated with the site because the browser otherwise assumes that a Web site uses port 80. For
example, if the host www.technowidgets.com is listening at port 8080, and you want to display
the document prod.htm, you would type http://www.technowidgets.com:8080/prod.htm.
Because entering a URL that specifies a port number is awkward and difficult to remember, creating Web sites by using an alternate port number is the least popular method.
When you are creating your Web pages, your links have to reference the alternate port
number, too.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
272
Chapter 6
Configuring a Web Server
The other two methods do not force the person requesting a Web page to alter the format of the URL. For example, users would not know whether www.technowidgets.com
resides on its own high-performance server or is just one of many supported by a Web
hosting company.
Hosting Web Sites by IP Address
You access a service such as a Web server by using a combination of an IP address and
a port number. For example, when someone types www.technowidgets.com in a browser,
the host name is translated into an IP address.The user does not know or care whether
that IP address is one of many on the server or is the only IP address on the server.
As a Web server administrator, you configure two types of IP addresses on a computer.
The first type of IP address corresponds to a physical NIC in the computer.The second
type is a virtual IP address, which is added to the IP address for a NIC.
You use multiple NICs when you are connected to multiple networks. For example, one
NIC may be connected through a router to the Internet. Another NIC may be connected to an internal LAN. In this case, you could set up a Web site that corresponds to
the IP address connected to the Internet for potential customers of your products.You
could also set up a Web site that corresponds to the IP address connected to your LAN
for employee information such as department memos and information on benefits. From
the Web server’s perspective, the Web site for internal use by your organization exists on
the intranet, which is a private network.
Virtual IP addresses are often used when you have multiple domain names. For example,
when you set up the NIC on your Web server, you gave it an address of 192.168.0.100.
You could then add virtual IP addresses to the same NIC of 192.168.0.150 and
192.168.0.200. When you configure DNS for the new domain, the host IP address for
each Web server would be unique, based on each of the virtual IP addresses. However, to
support this scheme, you need multiple IP addresses from your ISP. In the past, it was fairly
easy to get a block of 254 addresses, but now it is more difficult because the Internet is
more popular and fewer IP addresses are available.Virtual IP addresses can be used to reference e-mail servers and FTP servers that exist on the same server with your Web site
when your Internet presence is minimal.When the site becomes so popular that you want
to split it across three separate physical servers, the IP addresses are already set up and the
ensuing conversion is relatively easy.
Hosting Web Sites Based on Host Name
The easiest and most common way to host Web sites is by host name. Early in the chapter, you learned that when the browser sends a request for a Web page to a server at a
particular IP address, it also sends the host name, such as www.technowidgets.com, to the
Web server. What if you also wanted another Web site at the same IP address called
www.widgetsofthefuture.com? Given the way the browser requests a Web page, the Web
server can read the host name and redirect the request to the appropriate Web site.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring New Web Sites in IIS
273
If you configure Web sites by host name, you need only one IP address from your ISP,
making it the most economical method. When you configure the DNS, you have to
remember just a single address. As opposed to changing the port number, which also
requires only a single IP address, you do not have to change the URL for the Web site.
One slight drawback to this method is that it requires a browser that supports HTTP 1.1,
the most recent version. However, only browsers predating Internet Explorer 3.0 or
Netscape 2.0 do not support HTTP 1.1.
CONFIGURING NEW WEB SITES
IN
IIS
In this section, you will learn how to configure the Web server so that you will have one
Web site based on an IP address and a different site based on a host name.You will use
the DNS configuration from Chapter 4 to test it. In Chapter 4, you created a DNS
configuration based on a domain name such as technowidgets.com. In the example,
www.technowidgets.com referred to 192.168.0.100 and research.technowidgets.com referred to
192.168.0.150. One of the new Web sites you will create here is for research.The DNS
configuration also has web1.technowidgets.com at 192.168.0.100, which is the same as
www.technowidgets.com. The site for web1.technowidgets.com will be distinguished by the
host name. Refer to the actual IP addresses that you used in Chapter 4 along with your
actual domain name.
Configuring a Web Site Using an IP Address
You need to complete two procedures to create a Web site using an IP address. First, you
must add another IP address to your configuration. Second, you must add the new Web
site based on the IP address. The figures shown here are for Windows 2003, and some
differ slightly from the screens seen in Windows 2000; however, the steps are the same
in either version.
To add an IP address to your NIC in Windows:
1. In Windows 2003: Click Start, point to Control Panel, point to Network
Connections, and then click Local Area Connection.
In Windows 2000: Click Start, point to Settings, click Network and Dialup Connections, and then double-click Local Area Connection.
The Local Area Connection Status dialog box opens.
2. Click Properties to open the Local Area Connection Properties dialog box
shown in Figure 6-18.Your dialog box might not include the Network Load
Balancing option.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
274
Chapter 6
Configuring a Web Server
Click the Internet Protocol (TPC/IP)
option (not the check box)
Figure 6-18
Local Area Connection Properties dialog box
3. In the list of connections, click Internet Protocol (TCP/IP) to select it, and
then click the Properties button to open the Internet Protocol (TCP/IP)
Properties dialog box shown in Figure 6-19.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring New Web Sites in IIS
275
6
Figure 6-19
Internet Protocol (TCP/IP) Properties dialog box
4. Click the Advanced button to open the Advanced TCP/IP Settings dialog box.
See Figure 6-20.
5. On the IP Settings tab, click the top Add button to add a new IP address.
6. In the TCP/IP address text box, type the IP address that corresponds to
research.technowidgets.com. The example in Chapter 4 uses 192.168.0.150.
7. Press Tab to have Windows provide the appropriate subnet mask.
8. Click Add to add the IP address you just entered. Notice that two IP
addresses are now listed on the Advanced TCP/IP Settings dialog box.
9. Click OK twice to close the Advanced TCP/IP settings dialog box and the
Internet Protocol (TCP/IP) Properties dialog box. To close the Local Area
Connection Properties dialog box, click Close in Windows Server 2003 or
click OK in Windows 2000. Click Close to close the Local Area Connection
Status dialog box.
Before you create the new Web site based on the new IP address for research.technowidgets.com,
it would be a good idea to test your configuration by pinging the host name at your domain.
Open a command prompt, type ping research.technowidgets.com, and then press Enter. You
should receive four messages that begin “Reply from 192.168.0.150:”. If you do not receive
these messages, check your DNS for the exact name and corresponding IP address for
research.Then return to the Internet Protocol (TCP/IP) Properties dialog box to make sure
that the IP address matches the one you configured in DNS.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
276
Chapter 6
Configuring a Web Server
Click to add a new IP address
Figure 6-20
Advanced TCP/IP Settings dialog box
Now you can create a Web site based on the new IP address. Although the steps to get
to the Web Site Creation Wizard are different in Windows 2000 and Windows 2003, the
wizard is the same except for creating the folder for the new Web site.
To start the Web Site Creation Wizard in Windows 2003:
1. In Administrative Tools, click Internet Information Services (IIS) Manager.
2. Click the plus icon (+) next to the computer name.
3. Right-click Web Sites, point to New, and then click Web Site. The Web
Site Creation Wizard Welcome dialog box opens.
If you are using Windows 2003, skip to the following “To start the Web site Creation
Wizard” steps. In Windows 2000, the wizard does not allow you to create a folder for
your new Web site, so it is easiest to create this folder before you start the wizard. Because
the folder for the default Web site is in the Inetpub folder, it is a good idea to create your
new Web site in that folder, too.
To create the research folder for the Web site in Windows 2000:
1. Right-click Start, and then click Explore.
2. In the left pane, click Inetpub.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring New Web Sites in IIS
277
3. In the right pane, right-click a blank area of the window, point to New, and
then click Folder. A folder is created with the default name of New Folder.
4. Type research and then press Enter.
To start the Web Site Creation Wizard in Windows 2000:
1. In Administrative Tools, double-click Internet Services Manager.
2. Right-click the name of the computer, point to New, and then click Web Site.
The Web Site Creation Wizard Welcome dialog box opens.
To create a Web site using the Web Site Creation Wizard:
1. In the Welcome to the Web Site Creation Wizard dialog box, click Next to
continue.
The Web Site Description dialog box opens, as shown in Figure 6-21. Type
research in the text box, and then click Next.
Type “research” in this text box
Figure 6-21
Web Site Description dialog box
2. The IP Address and Port Settings dialog box opens, as shown in Figure 6-22.
This is the key dialog box that you use to distinguish Web sites.
Click the Enter the IP address to use for this Web site list arrow, and
then click the IP address for research.technowidgets.com. The default is
192.168.0.150. Click Next.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
278
Chapter 6
Figure 6-22
Configuring a Web Server
IP Address and Port Settings dialog box
3. The Web Site Home Directory dialog box opens.You use this dialog box to
specify your home directory. Because the default Web site is in the Inetpub
folder, it is a good idea to put your new site in Inetpub, too. Click the Browse
button. Expand the drive letter that contains IIS, expand Inetpub, and then
select it.
In Windows 2003: Click the Make New Folder button. Type research as the
folder name.
In Windows 2000: You should already have created the folder, so click research.
Click OK.The path to your new Web site now appears in the Path text box.
See Figure 6-23. Click Next.
Figure 6-23
Web Site Home Directory dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring New Web Sites in IIS
279
4. The Web Site Access Permissions dialog box opens. See Figure 6-24.This dialog
box lists the default permissions for the home directory, which should match
the properties for the default Web site.The Read permission allows visitors to
your site to view HTML files.The Run scripts permission allows visitors to see
dynamic pages created through programming languages such as Active Server
Pages.The Execute permission would be used for actual applications that pose
more of a security risk.The Write permission allows users to upload files to the
Web site.The Browse permission allows visitors to see a list of all files in a
directory if no default page exists. Click Next to accept the defaults.
6
Figure 6-24
Web Site Access Permissions dialog box
5. A dialog box indicating successful completion of the wizard appears. Click
Finish to exit the wizard.
Now you need to create a Web page to test the new Web site. Earlier in the chapter, you
completed steps to create a file called default.htm. Now you can follow the same steps
to create a default Web page that contains the statement: “This is the research site.”
To create a default Web page for the new Web site:
1. In Notepad, type the following HTML code:
<html><body>
Thisƒisƒtheƒresearchƒsite
</body></html>
2. Save the document as default.htm in the folder you created in the wizard
called \Inetpub\research on the drive where you installed Windows. Be sure
to save the file with an .htm extension. For the Save as type, select All Files.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
280
Chapter 6
Configuring a Web Server
3. Open Internet Explorer, and type research.technowidgets.com in the
Address text box. The default Web page with the “This is the research site”
text should appear.You could also type the IP address of the new Web site in
the browser and open the same page.
Configuring a Web Site Using a Host Name
Now that you have configured a Web site using an IP address, configuring one with a different host name is even easier.To test the functionality of the new Web site, DNS must
be running on your Web server.You need to be able to ping web1.technowidgets.com (the
Web site you set up in Chapter 4) to make sure it is working properly.The important difference between using a host name and using an IP address is that in the IP Address and
Port Settings dialog box of the Web Site Creation Wizard, you enter a host name instead
of an IP address.
To start the Web Site Creation Wizard in Windows 2003:
1. In Administrative Tools, click Internet Information Services (IIS) Manager.
2. Click the plus icon (+) next to the computer name.
3. Right-click Web Sites, point to New, and then click Web Site.
The Web Site Creation Wizard Welcome dialog box appears.
In Windows 2000, the wizard does not allow you to create a folder for your new Web
site, so it is easiest to create this folder before you start the wizard. Because the folder
for the default Web site is in the Inetpub folder, it is a good idea to create your new Web
site in that folder, too. If you are using Windows 2003, skip to the “To create a Web site
using the Web Site Creation Wizard” section.
To create the research folder for the Web site in Windows 2000:
1. Right-click Start, and then click Explore to open Windows Explorer.
2. In the left pane, click Inetpub.
3. In the right pane, right-click a blank area of the window, point to New, and
then click Folder. A folder is created with the default name of New Folder.
4. Type web1 as the name of the new folder, and then press Enter.
To start the Web Site Creation Wizard in Windows 2000:
1. In Administrative Tools, double-click Internet Services Manager.
2. Right-click the name of the computer, point to New, and then click Web Site.
The Web Site Creation Wizard Welcome dialog box appears.
To create a Web Site using the Web Site Creation Wizard:
1. At the Welcome to the Web Site Creation Wizard dialog box, click Next to
continue.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring New Web Sites in IIS
281
2. Type web1 in the text box, and then click Next.
3. The IP Address and Port Settings dialog box opens. It is the key dialog
box that you use to distinguish Web sites. Click the Enter the IP
address to use for this Web site list arrow, and then click the IP address
for web1.technowidgets.com. The default is 192.168.0.100. This IP address is
also associated with www.technowidgets.com. In the Host Header for this site
text box, type web1.technowidgets.com. See Figure 6-25. Click Next.
6
Figure 6-25
IP Address and Port Settings dialog box
4. The Web Site Home Directory dialog box opens.You use this dialog box to
specify your home directory. Because the default Web site is in the Inetpub
folder, it is a good idea to put your new site in Inetpub, too. Click the Browse
button. Expand the drive letter that contains IIS, expand Inetpub, and then
select it.
5. In Windows 2003: Click the Make New Folder button. Type web1 as the
folder name.
In Windows 2000: You should have already created the folder, so click web1.
Click OK. The path to your new Web site now appears in the Path text box.
See Figure 6-26. Click Next.
6. The Web Site Access Permissions dialog box opens. It lists the default permissions
for the home directory, which should match the properties for the default Web
site. Click Next to accept the defaults.
7. A dialog box indicating successful completion of the wizard appears. Click
Finish to exit the wizard.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
282
Chapter 6
Figure 6-26
Configuring a Web Server
Web Site Home Directory dialog box
As in the previous section, create a Web page that now refers to web1 and says “Welcome
to the web1 site.” Save the document as default.htm in the \Inetpub\web1 folder. Open
your browser and type web1.technowidgets.com to see the Web page for your new site.
CONFIGURING NEW WEB SITES (VIRTUAL HOSTS)
IN
APACHE
When you create a new Web site in Apache, you are creating a virtual host. In this case,
you need to create a directory for each new Web site. To make sure that each Web site
works correctly, you will create and save a Web page in each Apache directory for testing.
Based on information from the DNS server you created in Chapter 4, you will create
virtual hosts based on IP addresses and host names.
The Apache configuration file uses tags, which are related to the tags in HTML. For
example, in the sample Web page created for the new Web sites in IIS, a tag called <body>
tells the browser that what follows is the body of the page. The </body> tag tells the
browser that the end of the body has been reached.
In this section, you will create virtual hosts with a tag that looks something like
<VirtualHost 192.168.0.150> and end the description of the virtual host with
</VirtualHost>. One important concept to remember is that nearly all text is casesensitive in Apache configuration files. If you accidentally type </Virtualhost>, Apache
will not recognize the new Web site because the “H” in the <VirtualHost> tag is not
capitalized. Apache does not display a message for capitalization errors when you restart
the Web server, so you must enter tags in the configuration file carefully.
Between the opening and closing tags, you can specify many configuration options. In
fact, most of the configuration options for the default server can be put between the
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring New Web Sites (Virtual Hosts) in Apache
283
opening and closing tags.The items you will enter in this section have already been specified for the default site elsewhere in the configuration file.You will begin with the minimum needed to make the Web sites functional. In later chapters, you will add and refine
these options.
The first item Apache needs to know is the host name of the server.You need to add the
key word ServerName, followed by a space, and then the host name of the Web site. In
the case of the host name of research.technowidgets.com, you would add the following line:
ServerNameƒresearch.technowidgets.com
The other configuration line that you need names the directory where you will store
the Web pages.You need to add the key word DocumentRoot, followed by a space, and
then the location of the Web site. For example, if this directory is /var/www/research,
you would add the following line:
DocumentRootƒ/var/www/research
Creating Directories and Web Pages for Virtual Hosts
Before you can create a virtual host, you must create a directory where you will store
the site.You can place Web pages for virtual hosts anywhere in the Linux system. If you
have multiple disk drives, you can put the Web pages for each virtual host on separate
disk drives. In the following steps, you will create directories next to the existing Web
site for ease of maintenance. In Red Hat Linux, the default Web site is found in the
/var/www/html directory. A logical place to create the new Web sites is beneath
the /var/www directory, but you could put them on other places on the server as well.The
following steps show how to create a directory called research for the IP address-based
virtual host, and a directory called web1 for the name-based virtual host. Recall that the
name of the file used for the default Web page in Apache is index.html, which is different from the name used in IIS.
To create the directories for the virtual hosts in Linux:
1. In a terminal window, change to the directory where you are creating the
new subdirectories by typing cd /var/www and then pressing Enter.
Remember to insert a space after cd.
2. Type mkdir research and then press Enter to create the directory for the
research Web site.
3. Type mkdir web1 and then press Enter to create the directory for the web1
Web site.
To create Web pages for the new Web sites:
1. Assuming that you just created the directories in the previous steps and are
still in the /var/www directory, type kedit research/index.html and press
Enter to create the default page for the research Web site.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
284
Chapter 6
Configuring a Web Server
2. Type the following to identify the research site:
<html><body>
This is the research site
</body></html>
3. Click the floppy disk icon to save the file.
4. Change the word “research” to web1.
5. Click File and then click Save As to open the Save File As dialog box.
6. In the Location text box, type /var/www/web1/index.html, click OK,
and then click the floppy disk icon to save the new Web page as the default
Web page for the web1 Web site. Close KEdit.
Configuring a Virtual Host in Apache Using an IP Address
Before you can create a virtual host based on a different IP address, you must associate
a new IP address with the existing NIC. Next, you must modify the configuration file,
httpd.conf, to create the new virtual host. Finally, you must restart the Web server so that
Apache will recognize the changes.
To associate a new IP address with the NIC:
1. In a terminal window, type kedit /etc/rc.d/rc.local.
This is the same file you edited to make sure that Apache starts automatically
when you start Linux.
2. At the bottom of the file, add a line that contains the IP address for the research
host in the DNS file you created in Chapter 4.The example in Chapter 4 uses
192.168.0.150, so you type /sbin/ifconfig eth0:0 192.168.0.150.
The utility to create the IP address is ifconfig, which is located in the /sbin
directory. The first Ethernet NIC is referred to as eth0:0.
3. Click the floppy disk icon to save the file, and then close the window.
4. Because the command in Step 2 will not be recognized until you restart the
computer, type /sbin/ifconfig eth0:0 192.168.0.150 to create the new IP
address.
Tip
Before you modify the httpd.conf file, it is a good idea to make a backup copy
of it. A common technique is to have the file extension match today’s date.
For example, if today was July 21, you would type cpƒ/etc/httpd/
conf/httpd.confƒ/etc/httpd/conf/httpd.721 in a terminal window. Note the space before “/etc” in both commands.
To create a virtual host using an IP address:
1. Open the httpd.conf file using kedit in a terminal window.
Type kedit /etc/httpd/conf/httpd.conf and then press Enter.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring New Web Sites (Virtual Hosts) in Apache
285
2. The section for adding virtual hosts is at the end of the file, so move the cursor to the beginning of the last line in the file. This line is blank.
3. Type the following, remembering to replace the IP address with the one you
created in the previous steps and the given domain with your domain:
<VirtualHost 192.168.0.150>
ServerName research.technowidgets.com
DocumentRoot /var/www/research
</VirtualHost>
4. Save the changes and exit KEdit by clicking the Save icon and then closing
the window.
5. Restart Apache by typing apachectl restart and then pressing Enter.
6. Open the Konqueror Web browser, type research.technowidgets.com for
the URL, and then press Enter.You should see the Web page you created.
Configuring a Virtual Host in Apache Using a Host Name
To configure a single IP address to host multiple Web sites, you first have to declare the
IP address that you will use for the virtual host names.You then configure each Web site,
being careful to use the same IP address, but a different host name.
For example, you could configure the two hosts that you set up in Chapter 4,
www.technowidgets.com and web1.technowidgets.com, to share a single IP address,
192.168.0.100.You first have to configure the IP address so that Apache will recognize it
as one used for host names. For example, you could add “NameVirtualHost
192.168.0.100” to the configuration in the Virtual Host section at the bottom of the file.
The actual configuration of the two Web sites would be exactly like the one for a virtual
host using an IP address, except that you use the same IP address for both configurations.
To create a virtual host using host names:
1. Open a terminal window, type kedit etc/httpd/conf/httpd.conf, and then
press Enter.
2. Create a blank line at the end of the file. Type NameVirtualHost
192.168.0.100 and then press Enter to create a line that states that this
IP address will contain multiple virtual hosts.
3. Create the configuration for www.technowidgets.com and web1.technowidgets.com.
Type the following text:
<VirtualHost 192.168.0.100>
ServerName www.technowidgets.com
DocumentRoot /var/www/html
</VirtualHost>
<VirtualHost 192.168.0.100>
ServerName web1.technowidgets.com
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
286
Chapter 6
Configuring a Web Server
DocumentRoot /var/www/web1
</VirtualHost>
The bottom of the httpd.conf file should look like the one in Figure 6-27.
Save your changes and exit KEdit by clicking the Save icon and then closing
the window.
Figure 6-27
Creating a virtual host using a host name
4. Type apachectl restart, and then press Enter.
5. Open the Konqueror Web browser, type www.technowidgets.com for
the URL, and then press Enter.You should see the default Web page. See
Figure 6-28.
6. Type web1.technowidgets.com for the URL, and then press Enter.You
should see the Web page you created. See Figure 6-29.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring New Web Sites (Virtual Hosts) in Apache
287
6
Figure 6-28
Default Web page for www.technowidgets.com
Figure 6-29
Default Web page for web1.technowidgets.com
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
288
Chapter 6
Configuring a Web Server
UNDERSTANDING VIRTUAL DIRECTORIES
A virtual directory is a Web directory that is not physically located beneath the Web root.
For example, a URL of www.technowidgets.com/prod does not necessarily mean that a directory called prod is below either \inetpub\wwwroot or the corresponding root directory.
Instead, the directory prod could be one of the following locations:
■
Another directory on the computer such as \categories\products
■
A directory located on another computer
■
A URL on another Web server
Allowing the Web directory to refer to another physical directory on the computer could
make it easier to organize the Web site based on directory permissions. For example, the
marketing manager could be in charge of updating product information. In Linux, that
manager could log on and have the directory that corresponds to the prod virtual directory
be her default home directory, which would facilitate updating the pages. The physical
directory for the root of the Web server would also be less cluttered with directories. On
the other hand, creating a virtual directory in this case would make it more difficult to keep
track of where the Web pages for the site actually reside.
When you use a directory that is physically stored on another computer, you are typically
connected by a LAN. The marketing manager updating the product Web pages may
have access to another computer on the LAN.The Web server can use the directory on
the other computer through a share in the Windows environment or NFS in a Linux
environment.
The ability to have a directory actually be a URL on another Web server is a very powerful option. It allows you to balance the load of the Web server by letting other Web
servers process certain Web pages. Suppose you used the prod directory to hold pages
containing thousands of images. By having the pages reside on another Web server, you
could dedicate a whole Web server to retrieving large image files.Virtual directories can
also be used to organize corporate Web sites. For example, your company may have Web
sites in various regions around the world.You can make them appear to exist on a single server by creating directories that correspond to your regional Web servers.
Configuring Virtual Directories in IIS
To create a virtual directory in IIS, you use a wizard in both Windows 2000 and
Windows 2003.You start the wizard for the virtual directory in the same place that you
started the wizard for the new Web site.
To create a virtual directory in IIS:
1. In Windows 2003: Open Internet Information Services (IIS) Manager.
In Windows 2000: Open Internet Services Manager.
2. Expand the items in the left pane until you see Default Web Site.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Virtual Directories
289
3. Right-click Default Web Site, point to New, and then click Virtual
Directory.
4. The Virtual Directory Creation Wizard Welcome dialog box opens. Click Next.
5. The Virtual Directory Alias dialog box opens. See in Figure 6-30. Here is
where you enter the name of the directory as it will appear in a URL.
6
Figure 6-30
Virtual Directory Alias dialog box
In the Alias text box, type prod and then click Next.
6. The Web Site Content Directory dialog box opens.You use this dialog box to
specify the location of your virtual directory. See Figure 6-31.
Figure 6-31
Web Site Content Directory dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
290
Chapter 6
Configuring a Web Server
Click Browse, click the drive that corresponds to your installation of Windows,
and then click Inetpub. Click the Make New Folder icon, and then type
VirtProd as the name of the new folder.
7. In Windows 2003: Click OK to create the folder \Inetpub\VirtProd as the
physical location of your virtual directory.
In Windows 2000: The folder has already been created, so you can select
VirtProd in the list. Click Next.
8. The Virtual Directory Access Permissions dialog box opens. See Figure 6-32.
This dialog box lists the default permissions for reading Web pages and running
scripts such as Active Server Pages.The permissions are the same as the ones for
creating new Web sites.
Figure 6-32
Virtual Directory Access Permissions dialog box
9. Click Next to accept the defaults, and then click Finish to complete the wizard.
Note that the wizard did not provide an option to create a virtual directory that referenced
a share on another computer or a URL.To do that, you have to modify the properties of
the virtual directory.
To display the properties of the virtual directory:
1. In Windows 2003: If necessary, open Internet Information Services (IIS)
Manager.
In Windows 2000: If necessary, open Internet Services Manager.
2. If necessary, expand the items in the left pane until you see the contents of
the Default Web Site. See Figure 6-33.
3. Right-click prod, and then click Properties to open the Properties dialog
box for this directory. See Figure 6-34.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Virtual Directories
291
prod virtual directory
6
Figure 6-33
IIS window showing prod virtual directory
Figure 6-34
Properties dialog box for the prod virtual directory
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
292
Chapter 6
Configuring a Web Server
As you can see in Figure 6-34, the option button at the top of the Virtual Directory tab is
set to “A directory located on this computer.” If you click the “A share located on another
computer” option button, the dialog box changes to the one shown in Figure 6-35. Notice
that the text box for Local path changed to Network directory. The default shows the
structure of inserting the name of the server and the name of the share. If you click the
“A redirection to a URL” option button, the dialog box changes to the one shown in
Figure 6-36. If you check the “The exact URL entered above” box, all requests for any
files in the virtual directory are directed to a single file that you entered in the text box,
such as /msgs/notavail.htm. If you check the “A directory below URL entered” box, the
virtual directory is associated with a URL that contains a directory such as /newprods. If
you check the “A permanent redirection for this resource” box, a message is sent to the
client so that some browsers will update bookmarks.
Network share
Figure 6-35
Share located on another computer
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Virtual Directories
293
6
Figure 6-36
A redirection to a URL
Configuring Virtual Directories in Apache
As you have already seen, you need to modify the httpd.conf file to configure a Web site
that you are administering on an Apache Web server.As in IIS, a virtual directory in Apache
has two components. First, you need to associate the physical location where the Web pages
will reside with the name of the directory as the browser would reference it. Second, you
need to configure the properties for the virtual directory. For example,Apache has an icons
directory where small images are stored.These images are used on Web pages. In a browser
on the Apache server, if you type http://localhost/icons/world1.gif, a small image of the world
appears. Based on the URL, the directory icons is located beneath the root of the Web
server. If it were physically part of the Web server directory structure, it would be located
at /var/www/html/icons because /var/www/html is the root of the Web server. However,
the developers of Apache decided to put the icons directory in another location—namely,
/var/www/icons.To associate the name of the virtual directory with its physical location,
you use the Alias command. In httpd.conf, you can see the following line:
Aliasƒ/icons/ƒƒ“/var/www/icons/”
This code states that when /icons/ is detected in a URL, the request should be sent to
the /var/www/icons directory.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
294
Chapter 6
Configuring a Web Server
In the second step, you define the virtual directory’s properties. The properties for a
directory are similar to the properties for a virtual host. For the icons virtual directory,
httpd.conf contains the following information:
ƒƒ<Directoryƒ“/var/www/icons”>
ƒƒƒƒƒƒƒƒƒOptionsƒIndexesƒMultiViews
ƒƒƒƒƒƒƒƒƒAllowOverrideƒNone
ƒƒƒƒƒƒƒƒƒOrderƒallow,ƒdeny
ƒƒƒƒƒƒƒƒƒAllowƒfromƒall
</Directory>
The preceding example shows two option properties. The Indexes option states that if
there is no index.html default file in the directory, then Apache will display a list of files
in the directory.This feature corresponds to the browsing option in IIS.The second option,
MultiViews, allows for a language-specific response to a request.That is, if the browser has
been configured to prefer Italian, and there is an associated Italian page, it is sent to the
browser.The rest of the properties are related to security.The following list describes the
default security properties of the icons directory:
■
AllowOverride None—Directories beneath this directory cannot alter the access
permissions.
■
Order allow, deny—First apply the “allow” permissions, and then apply the “deny”
permissions.
■
Allow from all—Set no restrictions.
Virtual directories in IIS are different from virtual directories in Apache. In IIS, a virtual
directory is always associated with an individual Web site. For example, earlier in this
chapter, you created a virtual directory called prod that you associated with the
www.technowidgets.com Web site. That virtual directory can be used only with
www.technowidgets.com, but no other Web site. In Apache, the icons virtual directory can
be used by all of the virtual hosts, because it was defined in the main server configuration area and not within any of the virtual hosts. As a contrast, you will create the prod
virtual directory so it can be used only from the web1.technowidgets.com Web site in
Apache. The physical location of the prod virtual directory will be /var/www/prod.
To create a virtual directory called prod on the Apache Web server:
1. Open a terminal window and change to the directory where you are creating
new subdirectories. Type cd /var/www and then press Enter.
2. Type mkdir prod and then press Enter to create the directory for the prod
virtual directory.
To create Web pages for the new Web sites:
1. Type kedit prod/index.html and then press Enter to create the default
page for the research Web site.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Chapter Summary
295
2. Type the following HTML code to identify the research site:
<html><body>
Thisƒisƒtheƒprodƒvirtualƒdirectory
</body></html>
3. Click the floppy disk icon on the toolbar of kedit to save the file.
4. Close the window.
To configure httpd.conf to add a virtual directory for the web1.technowidgets.com Web site:
1. In a terminal window, open the httpd.conf file by typing kedit /etc/httpd/
conf/httpd.conf and then pressing Enter.
Recall that the virtual hosts are found at the bottom of the file.
2. Add the virtual directory information, which is shown in bold in the following text:
<VirtualHost 192.168.0.100>
ServerName web1.technowidgets.com
DocumentRoot /var/www/web1
Alias /prod/ “/var/www/prod/”
<Directory “/var/www/prod”>
AllowOverride None
Order allow, deny
Allow from all
</Directory>
</VirtualHost>
Now you can test your virtual directory by opening the Konqueror browser and typing
the URL web1.technowidgets.com/prod. Because you did not type the name of the Web page,
Apache sends the default Web page of index.html, which you created earlier with the text
of “This is the prod virtual directory.”
CHAPTER SUMMARY
❐
The primary purpose of a Web server is to produce pages of HTML. The protocol
used to communicate between the Web server and the browser is HTTP. The two
most popular Web servers are Apache from the Apache Software Foundation and
Internet Information Services (IIS) from Microsoft. Web servers typically listen at
port 80, but you can modify this setting to have them listen at any port higher
than 1024.
❐
You install the IIS Web server software as a Windows component in both
Windows 2000 and Windows 2003.You install Apache 2.0, which is part of the
Red Hat Linux installation, as you would any other software.
❐
IIS properties can be configured globally so that all new sites will share the new
configuration.You can also change the properties for individual sites. Most IIS
properties are related to the location of files, characteristics of files, and security settings.You can view and change them using a GUI.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
296
Chapter 6
Configuring a Web Server
❐
To configure an Apache Web server, you modify a text file called httpd.conf. The
properties are separated among the global configuration, main configuration, and
virtual hosts. Although the httpd.conf file has more than 1,000 lines of codes, most
of them consist of comments and properties that are rarely changed.
❐
You can create more than one Web site on a single server. For multiple Web sites to
exist on the same computer, you have to make each one distinct.You can create a distinct Web site by configuring it with a different port number, a different IP address, or
a different host name.
❐
In IIS, you use a wizard to create a Web site.You need to configure the folder
where you will create the root of the Web site. One wizard dialog box allows you
to make the Web site distinct from the other Web sites that you have configured
previously.You also have to determine the basic access permissions and file types
that you will allow on the site.
❐
New Web sites in Apache are called virtual hosts.You configure the virtual hosts in
httpd.conf by using tags similar to those found in HTML.To define a virtual host,
you configure the IP address, the location of the root, and the host name of the site.
❐
Virtual directories are directories that appear to be located beneath the root of the
Web server, yet are physically located elsewhere. A virtual directory can correspond
to another directory on the same computer as the Web server, a directory located
on another computer, or a URL on another Web server.
REVIEW QUESTIONS
1. The primary purpose of a Web server is to produce files using the following formatting language:
a. HTTP
b. HTML
c. PORT 80
d. FTP
2. Which protocol is used to communicate between the Web server and the browser?
a. HTTP
b. HTML
c. PORT 80
d. FTP
3. What does IIS stand for?
a. Internal Internet Server
b. Internet Informal Server
c. Internet Information Service
d. Internet Information Services
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Review Questions
297
4. Web servers typically listen at port
.
5. Which of the following ports is the worst choice for a Web server?
a. 88
b. 8080
c. 8000
d. 8888
6. More Web servers use Apache than IIS. True or False?
7. What is the current version of HTTP?
a. 1.0
b. 1.1
c. 2.0
d. 2.1
8. One of the most important characteristics of the current version of HTTP is
.
9. The Internet Explorer browser can view pages on an Apache Web server, and the
Konqueror browser can see pages on an IIS Web server. True or False?
10. Which of the following describes WebDAV?
a. It is an Apache configuration for virtual hosts.
b. It allows you to share Web-based files in IIS.
c. It allows high-speed Digital Audio/Video.
d. It is an IIS virtual directory setting.
11. Which of the following is not one of the components available when installing IIS?
a. SMTP Service
b. FTP Service
c. NNTP Service
d. DNS Service
12. What is the current version of the Apache Web server?
a. 1.3
b. 2.0
c. 3.x
d. 4.x
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
298
Chapter 6
Configuring a Web Server
13. What is the name of the file used to start and stop Apache?
a. apachectl
b. httpd.conf
c. HTML
d. http
14. Apache has a configuration for ISAPI filters. True or False?
15. Which of the following describes the KeepAlive setting?
a. It shuts down the server after a certain number of seconds.
b. It prevents the server from shutting down.
c. It determines whether to maintain a persistent connection for multiple files.
d. It determines how long someone can view a Web page.
16. What is the syntax for displaying a Web site at port 8080?
a. www.technowidgets.com/8080
b. www.technowidgets.com:8080
c. www.technowidgts.com8080
d. You cannot display a Web site at port 8080.
17. In Apache, if you want the root of your virtual host to be in /var/www/intranet,
you would type the following:
a. DocumentRoot /var/www/intranet
b. Root / var/www /intranet
c. WebRoot / var/www /intranet
d. SiteRoot / var/www /intranet
18. To name the virtual host intranet.technowidgets.com in Apache, you would type the
following:
a. VirtualHost intranet.technowidgets.com
b. ServerName intranet.technowidgets.com
c. HostName intranet.technowidgets.com
d. WebName intranet.technowidgets.com
19. A virtual directory in IIS can refer to a URL on another Web server.True or False?
20. In Apache, when associating a virtual directory with the physical location, what is
the first word on the line?
a. Cname
b. Map
c. Alias
d. Associate
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
299
HANDS-ON PROJECTS
Project 6-1
Hands-on
Project
In this project, you will explore the effects of setting connection properties in IIS.You
will use a Telnet session to simulate a browser connecting to a Web server. A block of
text that you paste into the Telnet session requests a Web page from the Web server.The
response after the page is sent depends on the properties that are set.
To determine the effect of requesting a Web page using Telnet:
1. Create a Web page called hello.htm that displays “Hello, World” and store it in
\inetpub\wwwroot.
2. In Notepad, type the following lines and then press Enter twice. Make sure that
you do not insert a blank line between the two lines and that you add two blank
lines at the end. The blank lines mean that the request is sent to the Web server.
You should replace www.technowidgets.com with the name of one of your hosts:
GET /hello.htm HTTP/1.1
HOST: www.technowidgets.com
3. Press Ctrl+A, and then press Ctrl+C to copy all of the text to the Clipboard.
4. At a command prompt, type telnet localhost 80 and then press Enter to connect to the Web server at port 80. If you tried to type text now, you could not see
it so it is much easier to paste text from the Clipboard. However, because this is a
command prompt, a special technique is needed to paste text.
5. In the upper-left corner, click C:\, point to Edit, and then click Paste.You see
the response from the Web server. If nothing happens, you probably forgot to add
the blank lines to the end of the text in Step 2, so press Enter a couple of times.
What response did you get?
6. Wait about one minute and repeat Step 5. Were you successful?
7. Press Ctrl+C to end the Telnet session.
To modify the connection timeout property and try connecting again:
1. Open the Internet Information Services window.
2. Expand the items in the left pane until you see Default Web Site.
3. Right-click Default Web Site, and then click Properties.
4. Change the Connection Timeout to 9 seconds.
5. Click Apply to change the connection timeout.
6. Repeat Steps 4 and 5 in the previous set of steps to use Telnet to display a page.
How many seconds does it take until you lose the connection?
To disable Keep-Alives and test the configuration again:
1. If necessary, open the Internet Information Services window.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
300
Chapter 6
2.
3.
4.
5.
6.
7.
Configuring a Web Server
If necessary, expand the items in the left pane until you see Default Web Site.
Right-click Default Web Site, and then click Properties.
Change the Connection Timeout to 120 seconds.
Clear the Enable HTTP Keep-Alives check box to disable Keep-Alives.
Click Apply to accept the changes.
Repeat Steps 4 and 5 in the first set of steps to use Telnet to display a page. How
many seconds does it take until you lose the connection?
Project 6-2
Hands-on
Project
In Project 6-1, you noticed that when you request a page, much more data is actually
received. This extra information takes the form of headers, such as Content-Type:
text/html. A header has two parts: the name, which is followed by a “:”, and the value.
Sometimes a Web site wants to send a custom header to each browser that connects.
Programmers could use this information to build custom responses based on header
information.
To add a custom header and determine the effect on a Web page response:
1. Open the Internet Information Services window.
2. Expand the items in the left pane until you see Default Web Site.
3. Right-click Default Web Site, and then click Properties.
4. Select the HTTP Headers tab.
5. Click Add to add a custom HTTP header. The Add/Edit Custom HTTP Header
dialog box opens.
6. For the Custom header name, type Technowidgets.
7. For the Custom Header Value, type Version 5.
8. Click OK to accept the header.
9. Click Apply to change the configuration. Then click OK.
10. Repeat the steps in Project 6-1 to determine the effect of requesting a Web page
using Telnet. Do you see the header that you created? Where is it?
Project 6-3
Hands-on
Project
In Windows, each HTTP error corresponds to a file that is sent to the browser in response
to the error.You can customize these files. For example, you can change a “Not Found”
error page to display a more descriptive message. However, by default, Internet Explorer
overrides the error file on the server, which reduces the usefulness of custom error pages.
In this project, you will create a custom page for error 404 (Not Found) and test it.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
301
To create a custom page for error 404:
1. In Notepad, type the following HTML code:
<html><body>
<H1>Theƒfileƒyouƒrequestedƒwasƒnotƒfound</H1>
</body></html>
2. Save the file as 404.htm. Remember to set the Save as type to All Files.
In Windows 2003: Save the file in \WINDOWS\Help\iisHelp\common.
In Windows 2000: Save the file in \WINNT\help\iisHelp\common.
3. Open the Internet Information Services window.
4. Expand the items in the left pane until you see Default Web Site.
5. Right-click Default Web Site, and then click Properties.
6. Select the Custom Errors tab.
7. Click 404 under the HTTP Error heading.
8. Click Edit (Edit Properties in Windows 2000) to edit the filename for error 404.
The Edit Custom Error Properties (Error Mapping Properties in Windows 2000)
dialog box opens.
9. Change the file to point to the one you created in Step 2. Click OK.
10. Windows 2000 only: Click OK to change the file designation. The Inheritance
Overrides dialog box opens. Click Select All, and then click OK to allow property inheritance.
11. Click OK to make the change permanent.
To test the configuration:
1. Open your browser, type localhost/xyz.htm, and then press Enter.What was the
response? If the browser did not use the new page you created, the problem is not
with the server. Internet Explorer has a default setting to “show friendly HTTP
error messages.” Each type of Web server may have a different error page format, so
to keep messages consistent, the browser pays no attention to what you did on the
server.To see the file you created, you need to adjust the properties of the browser.
2. In Internet Explorer, click Tools on the menu bar, and then click Internet Options.
3. Select the Advanced tab.
4. Scroll down and click the Show friendly HTTP error messages check box to
unselect it.
5. Click OK to save the setting.
6. Enter the URL of localhost/xyz.htm again or click Refresh. Now you should
see the page you created.
You can also create custom HTTP error messages in Apache. The details are in
httpd.conf.You can create an error message based on plain text, create an HTML file, or
process a script. In this project, you will create a text message.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
302
Chapter 6
Configuring a Web Server
To add an error message for “file not found” and test it:
1. Open httpd.conf in kedit.
2. Search for HTTP_NOT_FOUND.
The resulting line should be “ErrorDocument 404 /error/HTTP_NOT_FOUND.
html.var.” Insert a pound sign (#) at the beginning of the line to make a comment
out of it, thereby disabling the line.
3. Create a blank line, and then type ErrorDocument 404 “The page was
not found”.
4. Save the file, and then close the kedit window.
5. Restart the Web server.
6. Open the browser.
7. For the URL, type localhost/h.htm or any other request for a nonexistent page.
Did the server respond with your custom error document? The Konqueror
browser works differently from Internet Explorer in that it allows error messages
from Web servers to be displayed by default.
Project 6-4
Hands-on
Project
In this project, you will explore the effects of setting connection properties in Apache.
You will use a Telnet session to simulate a browser connecting to a Web server. The
response after the page is sent depends on the properties that are set.
To determine the effect of requesting a Web page using Telnet:
1. Create a Web page called hello.htm that displays “Hello, World.” Store the page
in the root of your Apache Web server.
2. Open a terminal window, type telnet localhost 80, and then press Enter.
3. Type the following:
GET /hello.htm HTTP/1.1
HOST: www.technowidgets.com
4. Press Enter to create a blank line. It tells the server that there are no more headers and that it should respond. What is the response? At the end of the response,
the server states “Connection closed by foreign host.” This is the opposite of IIS,
which has KeepAlive enabled.
To determine the effect of enabling KeepAlive:
1. Open httpd.conf in kedit.
2. Press Ctrl+F to find KeepAlive. Notice that KeepAlive is set to Off.
3. Change KeepAlive Off to KeepAlive On.
4. Save the file and then exit.
5. Restart the Web server.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
303
6. Repeat Steps 1 through 4 in the first section of this project. Did the server
respond in the same way?
7. Immediately request the page again. What happened?
8. Wait about 30 seconds and then request the page again. What happened?
9. In httpd.conf, search for KeepAliveTimeout. What is the current setting?
The previous steps show the effect of not only KeepAlive but also KeepAliveTimeout.
Even with KeepAlive turned on, the connection will stay open only the number of seconds determined by KeepAliveTimeout.
Project 6-5
Hands-on
Project
Imagine a very large site where pages are split among servers maintained by separate personnel, but where you want the appearance of a single, seamless site. In this case, you can
have a virtual directory point to a URL instead of a folder on the Web server. In this
project, you will create a virtual directory called products and redirect it to another student’s Web site.
To create a virtual site that corresponds to a URL in Windows:
1. Create a virtual directory called products that corresponds to any folder on your
computer. It doesn’t matter which folder it is because you will change it. When
you create a virtual directory, you cannot have it point to a URL.
2. Open Internet Information Services.
3. View the properties of the products virtual directory.
4. Click the A redirection to a URL option button.
5. For the URL, type the IP address of another student’s Web server, followed by a
slash. For example, type 192.168.0.200/. The Web server could be either Apache
or IIS.
6. Select The exact URL entered above check box.
7. Click Apply.
8. On the other student’s Web server, create two Web pages. Name the first page
default.htm if it is a Windows server or index.html if it is an Apache server.
Name the second page hello.htm. Store the pages in the root of the Web server.
Create simple content for the pages to distinguish them.
9. In your browser, type localhost/products as the URL. Which page is displayed?
10. In your browser, type localhost/products/hello.htm as the URL.Which page is
displayed? You probably didn’t get the result you expected.The setting you gave
the virtual directory told it to go to a single page, no matter what URL you typed.
You could even type a nonexistent page, and the server would still display the
default page.This capability is useful when a portion of a site is down and you
want to display a single page for all requests.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
304
Chapter 6
Configuring a Web Server
11. View the properties for the products virtual directory again. Unselect the check
box for The exact URL entered above, and then select A directory below
this one.
12. Click OK to save the changes.
13. Stop the Web server, and then restart it.
14. In your browser, type localhost/products/hello.htm as the URL.Which page is
displayed? You probably got the result you expected. Now type localhost/products.
You should see the default page.
Project 6-6
Hands-on
Project
Sometimes you want to allow users to have their own Web pages. For example, if you had
a user account of cbranco at www.technowidgets.com, you could type www.technowidgets.com/
~cbranco/ and get the home page. For a large site, you would probably have a script to
automate this process, but it is easy to set up a sample site.
To set up Apache to allow user Web sites:
1. Open httpd.conf in kedit.
2. Search for UserDir: (be sure to include the colon ( : ) at the end.)
You see the lines shown in Figure 6-37.
3. Insert # before “UserDir disable” to enable it.
4. Delete the # before “UserDir public_html” to allow each user’s public_html
directory to be used to store Web pages.
5. Starting with the line that states “#<Directory /home/*/public_html>,” delete
the # at the beginning of the line and the rest of the lines starting with # down
to “</Directory>”. This configures the directory structure.
6. Save the file and then exit.
7. Restart the Web server.
To create a user who can create Web pages:
1. Open a terminal window.
2. Type adduser cbranco and then press Enter.
3. Type passwd cbranco and then press Enter. When the system prompts you for a
new password, type password.You will get a warning that your choice is a bad
password but the system will still accept it. The user has a home directory but
Apache needs execute permissions. Retype the new password when prompted.
4. Type chmod 711 /home/cbranco and then press Enter.
5. To create the public_html directory for cbranco, type
mkdir /home/cbranco/public_html and then press Enter.
6. To give cbranco ownership of public_html, type
chown cbranco /home/cbranco/public_html and then press Enter.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
305
#ƒUserDir:ƒTheƒnameƒofƒtheƒdirectoryƒthatƒisƒappendedƒontoƒaƒuser'sƒhome
#ƒdirectoryƒifƒaƒ~userƒrequestƒisƒreceived.
#
#ƒTheƒpathƒtoƒtheƒendƒuserƒaccountƒ'public_html'ƒdirectoryƒmustƒbe
#ƒaccessibleƒtoƒtheƒwebserverƒuserid.ƒThisƒusuallyƒmeansƒthatƒ~userid
#ƒmustƒhaveƒpermissionsƒofƒ711,ƒ~userid/public_htmlƒmustƒhaveƒpermissions
#ƒofƒ755,ƒandƒdocumentsƒcontainedƒthereinƒmustƒbeƒworld-readable.
#ƒOtherwise,ƒtheƒclientƒwillƒonlyƒreceiveƒaƒ“403ƒForbidden”ƒmessage.
#
#ƒSeeƒalso:ƒhttp://httpd.apache.org/docs/misc/FAQ.html#forbidden
#
<IfModuleƒmod_userdir.c>
ƒƒƒƒ#
ƒƒƒƒ#ƒUserDirƒisƒdisabledƒbyƒdefaultƒsinceƒitƒcanƒconfirmƒtheƒpresence
ƒƒƒƒ#ƒofƒaƒusernameƒonƒtheƒsystemƒ(dependingƒonƒhomeƒdirectory
ƒƒƒƒ#ƒpermissions).
ƒƒƒƒ#
ƒƒƒƒUserDirƒdisable
ƒƒƒƒ#
ƒƒƒƒ#ƒToƒenableƒrequestsƒtoƒ/~user/ƒtoƒserveƒtheƒuser'sƒpublic_html
ƒƒƒƒ#ƒdirectory,ƒremoveƒtheƒ“UserDirƒdisable”ƒlineƒabove,ƒandƒuncomment
ƒƒƒƒ#ƒtheƒfollowingƒlineƒinstead:
ƒƒƒƒ#ƒ
ƒƒƒƒ#UserDirƒpublic_html
</IfModule>
#
#ƒControlƒaccessƒtoƒUserDirƒdirectories.ƒTheƒfollowingƒisƒanƒexample
#ƒforƒaƒsiteƒwhereƒtheseƒdirectoriesƒareƒrestrictedƒtoƒread-only.
#
#<Directoryƒ/home/*/public_html>
#ƒƒƒƒAllowOverrideƒFileInfoƒAuthConfigƒLimit
#ƒƒƒƒOptionsƒMultiViewsƒIndexesƒSymLinksIfOwnerMatchƒIncludesNoExec
#ƒƒƒƒ<LimitƒGETƒPOSTƒOPTIONS>
#ƒƒƒƒƒƒƒƒOrderƒallow,deny
#ƒƒƒƒƒƒƒƒAllowƒfromƒall
#ƒƒƒƒ</Limit>
#ƒƒƒƒ<LimitExceptƒGETƒPOSTƒOPTIONS>
#ƒƒƒƒƒƒƒƒOrderƒdeny,allow
#ƒƒƒƒƒƒƒƒDenyƒfromƒall
#ƒƒƒƒ</LimitExcept>
#</Directory>
Figure 6-37
7. Apache needs to read from this directory, so type
chmod 755 /home/cbranco/public_html and then press Enter.
To create a Web page and test the configuration:
1. Log off as root, and then log on as cbranco.
2. Open a terminal window.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
306
Chapter 6
Configuring a Web Server
3. Type kedit public_html/index.html and then press Enter.The file index.html is
the default page for a directory.That is, if you do not reference a page, the system
will display the contents of index.html.
4. Create a simple Web page of your choice.
5. Save the file and then exit.
6. Open the browser.
7. For the URL, type http://localhost/~cbranco/. The browser displays your
Web page.
Project 6-7
Hands-on
Project
In this project, you test virtual directories and note the difference between Apache
and IIS.
To test a virtual directory in Windows:
1. Make sure that you have completed the “To create a virtual directory in IIS” steps
in the chapter.
2. Use a text editor to create a Web page with the text “This is a virtual directory”
and store the page in \Inetpub\VirtProd.
3. Start Internet Explorer, type localhost/prod as the URL, and then press Enter.
Did the Web page you created in Step 2 appear?
4. Delete the text in the Address text box, type localhost/prod/ as the URL, and
then press Enter. Did the Web page appear? Explain why or why not.
To test a virtual directory in Apache:
1. Make sure that you have completed the “To create a virtual directory called prod
on the Apache Web server,” “To create Web pages for the new Web sites,” and “To
configure httpd.conf to add a virtual directory for the web1.technowidgets.com
Web site” steps in the chapter.
2. Start Konqueror, type localhost/prod for the URL, and then press Enter. Does
a Web page appear?
3. Delete the text in the Address text box, type localhost/prod/ as the URL, and
then press Enter. Did the Web page appear? Explain why or why not. Compare
this to the results you found when you performed these steps with IIS and
Internet Explorer.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Case Projects
307
CASE PROJECTS
Project 6-1
Case
Project
Create another site on your IIS Web server based on a new host name. If you did not
create the intranet host in Chapter 4, do so now and add the associated IP address. Create
a Web site based on the intranet host. Create a folder beneath Inetpub for the Web site.
Create a Web page to test the functionality of your new Web site.
Project 6-2
Case
Project
Create a new Web site in IIS based on a new IP address. Create a new host address that
is compatible with your existing IP address. Create a Web site based on that address.
Create a Web page to test the Web site.You do not have to create an entry in the DNS
server. If the IP address you created was 192.168.0.200, for example, in Internet Explorer
you could type a URL of http://192.168.0.200.
Project 6-3
Case
Project
Create a Web site in Apache based on a new host name. If you did not create the intranet
host in Chapter 4, do so now and add the associated IP address. Create a Web site based
on the intranet host. Create a Web page to test the functionality of your new Web site.
Project 6-4
Case
Project
Create a new Web site in Apache based on a new IP address. Create a new host address
that is compatible with your existing IP address. Create a Web site based on that address.
Create a Web page to test the Web site.You do not have to create an entry in the DNS
server. If the IP address you created was 192.168.0.200, for example, in Konqueror you
could type a URL of http://192.168.0.200.
Project 6-5
Case
Project
Create a virtual directory for one of the IIS Web sites you created in Project 6-1 or 6-2.
Create a page to test the directory.
Project 6-6
Case
Project
Create a virtual directory for one of the Apache Web sites you created in Project 6-3 or
6-4. Create a page to test the directory.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
6
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
CHAPTER
7
INSTALLING AND TESTING A
PROGRAMMING ENVIRONMENT
In this chapter, you will:
♦
♦
♦
♦
♦
Understand the need for programming languages
Understand database management systems (DBMSs)
Install and test DBMSs
Understand the Web-based programming environment
Program with databases
A
s you learned in Chapter 6, all Web servers are based on the HTTP protocol and primarily use pages built with HTML. These pages are often
created with a text editor. To produce an e-commerce Web site where the
user enters information and the Web site produces individualized Web pages,
however, you need both a programming language and a database. A programming language processes information from the user and from data
stored in a database. The result of the processing can consist of a report sent
to the user or data returned to the database.
You can use many programming languages for creating interactive Web
pages. For IIS, the most common languages are Active Server Pages (ASP),
which has been available for all versions of IIS, and ASP.NET, which first
became available with IIS 5.0 as an add-on. For Apache, PHP is a popular
choice; it has a structure similar to that of ASP. Older, but still popular programming languages such as Perl are used with both IIS and Apache.
Central to most Web sites that use programming languages are database management systems (DBMSs) that allow you to store data gathered from users and
then produce a variety of reports. For IIS, the most common DBMS is
Microsoft SQL Server. For Apache, the preferred option is MySQL, a powerful, open-source DBMS. Another DBMS, Oracle, is used in both environments.
309
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
310
Chapter 7
UNDERSTANDING
Installing and Testing a Programming Environment
THE
NEED
FOR
PROGRAMMING LANGUAGES
When you view a Web page, it may correspond to an HTML file that someone created
and published, or it may contain text, graphics, and other elements that were generated
by a programming language. Web pages that contain only HTML statements, such as the
ones you created in Chapter 6, are called static pages. Pages that contain programming
statements allow the content to change, so they are called dynamic pages. You
encounter dynamic pages whenever you use a search engine on the Web or purchase
something online.You can also use dynamic pages to create personalized pages such as
those available at my.yahoo.com.
You can use programming languages to create not only dynamic Web pages, but those
specifically designed to run on Web servers and update databases. For example, when
you order a book online, much of the programming creates the order information in a
database. The Web site has to store your name, address, books that you want to purchase,
credit card information, and other related data. Programming languages can also be used
to communicate with other systems. For example, when you fill out a form on a Web
page and then submit it, the contents are e-mailed to the recipient.
Understanding Programming Languages
A programming language processes data. The data can come from a variety of sources,
including a user who typed information on a Web page or a database on a computer.
The programming language can then extract user information from the data and store
it in a database or use the information to search a database and produce a report.
The program performs three basic steps: input, processing, and output. For example, suppose you want to search a book seller’s Web site for books on Portugal.You enter the
information on the Web page and click a button to submit the form to the Web server
(input). Based on your input, the program on the Web server searches a database for
books (processing). Based on the results, a Web page is produced and sent to your
browser (output).
In the same way that a human language can be used to give instructions, a programming
language processes data in three ways. First, one instruction after another is processed;
this is simply called sequence. Second, based on data, more than one option is possible;
this is called logic. For example, if someone purchases more than $500 in merchandise,
shipping might be free; otherwise, it might cost $20. A program uses logic to check
whether the purchase exceeds $500 and to determine what to do based on the results.
The third way a program processes data is iteration, or processing the same instructions
multiple times. For example, when you produce an employee report with 100 employees, you process the instructions to display a single employee 100 times.
You use a programming language to create something as simple as a counter on a Web
page to display how many times someone has viewed your site. An e-commerce site such
as Amazon.com uses programming to display a list of books based on search criteria,
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Database Management Systems
311
maintain your purchase history, and display personalized advertisements. Behind the
scenes, an e-commerce site uses programming to update the inventory system and
process credit card information.
Understanding the E-Commerce Environment
The primary purpose of an e-commerce site is to allow visitors to find a product and
purchase it—the public side of an e-commerce site. A Web server administrator, however, must also consider the administrative side of the site. You need to add, update,
delete, and report on the products you have available for sale. Likewise, you need to track
customers, payments, shipping, and returned products and to perform other tasks, such
as maintaining security.
As an e-commerce site expands, so does its complexity. A Web site might offer a hierarchy of products with sale prices on some categories for a certain number of days or for
a certain category of customer.You may need to produce targeted advertisements based
on customer preferences and then track how often the advertisements work so as to finetune the system. Many products, such as Microsoft Commerce Server, can be used to
build the foundation for a Web site, allowing companies to create an e-commerce site
more quickly than by doing all the programming themselves. Products such as Microsoft
Commerce Server are not separate server programs, but rather programming environments that are added to an existing Web server. These environments include tools that
help automate the creation and maintenance of an e-commerce site.
Understanding Internal Business Applications
Another area of program development involves applications that automate business
processes such as order processing. In this area, companies typically control their internal networks and can specifically define the entire computing environment. A company
can base its Web-based applications on a clear understanding of the speed of the connections, the number of connections, and the brand and version of a browser. For these
reasons,Web-based applications on an intranet can be much more focused than those on
the Internet.
UNDERSTANDING DATABASE MANAGEMENT SYSTEMS
Databases are an integral part of most Web environments because Web environments
have evolved significantly from just offering simple, static pages. A Web site without any
database connectivity is probably so simplistic that it would have little need for a fulltime Web administrator.
The purpose of a DBMS is to store data in an organized manner for further processing.
Web server administrators can learn one method of organizing data and one language
(SQL) to define and manipulate the data. From the free DBMSs such as MySQL to the
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
312
Chapter 7
Installing and Testing a Programming Environment
more costly DBMSs such as Oracle, the basic functionality remains the same–a DBMS
stores data in an organized structure so that it can be easily retrieved.
While some hierarchical DBMSs organize data into a structure similar to an organization chart, most DBMSs are relational databases that organize data into tables. These
tables are then grouped into a database according to common characteristics. For example, employee information is stored in one table, while product information is stored in
another table. Each table contains columns and rows similar to a spreadsheet. Each column describes a characteristic of a table. For example, an employee table would include
characteristics such as Social Security number (SSN), first name, last name, department
number, and salary. Each of these characteristics would be a column in the employee
table. Each row contains data for an employee corresponding to one or more of the
columns. As an example, Table 7-1 shows a table with three employees. Each row has
one employee, and each column lists a characteristic of the employee.
Table 7-1
Employee table with three employees
SSN
First name
Last name
Department number
Salary
553879098
623827368
Lynn
Gweeny
10
55000
Elark
Kaboom
10
60000
756838998
John
Doh
20
45000
Furthermore, each table has one or more columns that represent a primary key. A value
of a primary key uniquely defines a row of data. For example, in Table 7-1, the SSN
would be the primary key because each number is unique and therefore corresponds to
a single row. In Table 7-2, the primary key would be the department number.
Table 7-2
Department table with two departments
Department number
Department name
Manager
10
Accounting
553879098
20
Manufacturing
756838998
The tables in a relational database are related in such a way that the data remains reliable. For example, you could have stored the department name and the SSN of the manager in the employee table. This would make processing data faster. But what if the
department name changed? You would have to remember that the department name is
found in more than one place and make sure that you change it everywhere it appears.
This problem may seem like a minor point but as your database gets larger and more
complex, you need specific rules governing how to design your tables.You relate data in
tables through a foreign key, or a column in one table that is related to a primary key
in another table. For example, in Table 7-1, the department number is a foreign key that
is related to the department number in the Department table. This relationship is useful
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding Database Management Systems
313
when you want to find the name of the department of a given employee.You use the
department number of the employee to look up the department name in the
Department table. The benefit of organizing data in a relational structure is obvious: If
you need to change the department name, you simply change it in just one place. The
same department will then have the same name in another table, making the data reliable. Table 7-2 also has a foreign key—the Manager column in the department table. The
Manager column is related to the SSN column in the Employee table.
The series of rules for organizing data into tables is called normalization. Basically,
tables are normalized when all columns that are not part of the primary key are related
solely to the primary key, and not to each other.
Related tables are organized into individual databases. For example, the Employee and
Department tables could be organized into a Human Resources database. Tables related
to inventory could be organized into a Manufacturing database. Both the Human
Resources and Manufacturing databases could exist within the same DBMS.
Understanding Structured Query Language, the Language of
Databases
Structured Query Language (SQL, pronounced “sequel”) is the language used by virtually all DBMSs. It uses English-like statements to interact with the database. Three categories of SQL statements exist: the Data Manipulation Language (DML), the Data
Definition Language (DDL), and the Data Control Language (DCL).
Only the DML is commonly used in programming. This language controls the inserting, updating, deleting, and retrieval of data. For example, if you wanted to retrieve the
last names and first names from the Employee table, the SQL statement would be “select
lastname, firstname from employee” in any relational DBMS. Likewise, to insert a row of
data into the Employee table, any DBMS would recognize the SQL statement “insert
into employee values (‘667589898’,’Elark’, ‘Kaboom’,10,60000).”
The DDL assists you in defining tables and other related structures in a database. For
example, to create the Employee table shown earlier in Table 7-1, you could use the following SQL statement:
Createƒtableƒemployeeƒ(
ssnƒchar(9)ƒprimaryƒkey,
firstnameƒvarchar(20),
lastnameƒvarchar(30),
depnoƒchar(2),
salaryƒnumeric(6));
The column names (ssn, firstname, lastname, depno, salary) are followed by the type of
data that will be stored in the table for the particular column. The char data type defines
the number of characters that will be stored for this column value as stated in parentheses. For example, the ssn column can contain nine characters. The varchar data type
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
314
Chapter 7
Installing and Testing a Programming Environment
is similar, but with one important exception: It takes up only the space needed for data,
whereas the char data type always takes up the maximum allowed by the definition. For
example, if you used the char data type for the first name and defined it as containing up
to 20 characters, even if the first name had only 5 characters, it would still use 20 characters in the column. When you define the column using the varchar data type, a fivecharacter name takes up only 5 characters. The char data type is typically used for data
that is of a consistent length, such as state postal codes, phone numbers, and ZIP codes.
In the preceding code, the salary is defined as a number that can be up to six digits. It is
accepted practice to use numeric data types only for numbers that can be manipulated
in calculations. Numeric data such as Social Security numbers, phone numbers, and zip
codes cannot be used in calculations, so they are often assigned to the char data type.
The last data type, numeric, is not common to all databases. With Microsoft SQL Server,
you would use the money data type. In Access, you would use the currency data type
instead. Other DBMSs, such as Oracle, use the number data type.
The DML is often simplified through use of a GUI. For example, in Microsoft database
products, you typically create a table by filling in a form and selecting the data types from
a list box. You can also create reports in Microsoft Access by selecting the columns you
want on the report and many other criteria from an easy-to-use GUI or one of the many
wizards available. In fact, you can create sophisticated applications in Access without working directly with SQL.
The DCL allows you to control access to your tables and determine which operations
users can perform on your tables, but it is not included in all DBMSs. For example,
Microsoft Access does not have a DCL. The grant command, for example, allows you to
give access to your tables while the revoke command stops users from accessing your
tables. The DCL is an administrative language that is not used in programming.
Using Microsoft Access Files with IIS
Microsoft Access, a DBMS that is part of the Microsoft Office suite of products, is known
for its ease of use. Although Microsoft Access is not included with Microsoft Windows 2000
or Windows Server 2003, the software needed to manipulate Access files is included.
Microsoft Access is a file-based DBMS, meaning that each database is stored in a file that
can be copied from computer to computer. While Access is an appropriate choice for
Web sites with minimal data requirements, it is not designed to handle large databases.
Furthermore, Access does not provide the security, disaster recovery, or undo capability
(called a rollback in SQL) that more sophisticated database software offers.
You will explore using Access with IIS in Hands-on Project 7-1.You will also have the
option of using Access in Hands-on Projects 7-3 and 7-4. As you will see, the difference between using Access and using Microsoft SQL Server is a single line of code in
these programs.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Testing DBMSs
INSTALLING
AND
315
TESTING DBMSS
In this section, you will learn how to install Microsoft SQL Server on Windows 2003
and Windows 2000. On your Linux server, you will install MySQL, which Red Hat
includes on CD 3.
Installing and Testing Microsoft SQL Server
The following steps explain how to install SQL Server 2000 on a Windows computer,
create a database of employee information, create a table named employee, add data to
the employee table, and retrieve data from the employee table.
To install SQL Server 2000 from the MSDN CD in Windows:
1. In Windows 2003: Log on as the administrator, and then insert the SQL
Server 2000 CD in the CD drive. If a dialog box appears asking what
should be done with the CD, click Open folder to view files using
Windows Explorer, and then click OK. If a dialog box does not appear, open
Windows Explorer. If the Setup program starts automatically, skip to Step 5.
In Windows 2000: Log on as the administrator, and then insert the SQL
Server 2000 CD in the CD drive. Open Windows Explorer.
2. Navigate to the \ENGLISH\ENT folder on the developer’s CD, or \Standard
on the full version of the CD.
3. Double-click SETUP.BAT to start the installation wizard. In Windows 2003,
if a dialog box opens stating that SQL Server 2000 SP2 is not supported,
click the Continue button.
When the Welcome screen appears, click Next. The Computer Name dialog
box opens. See Figure 7-1.
Figure 7-1
Computer Name dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
316
Chapter 7
Installing and Testing a Programming Environment
4. Click Next to accept the default of installing SQL Server 2000 on the Local
Computer.
Note that you could also install SQL on a remote computer. In this case, the
text box would become active so that you could enter the name of the
remote computer. The Installation Selection dialog box opens, allowing you
to choose whether to install a new instance of SQL Server or work with
advanced options. Microsoft uses the term “instance” to mean the SQL Server
programs necessary to create the DBMS. See Figure 7-2.
Figure 7-2
Installation Selection dialog box
5. Click Next to accept the default of creating a new instance of SQL Server.
The User Information dialog box opens. See Figure 7-3. This dialog box contains the name and company information that you supplied when you
installed the operating system.
6. Click Next. The Software License Agreement dialog box opens. In an educational environment, the licensing has been taken handled previously, but in a
production environment, you must make sure that you have paid for the correct license(s).
7. Click Yes to accept the license agreement. The Installation Definition dialog
box opens. See Figure 7-4. Make sure that the Server and Client Tools
option button is selected.
If you were working on a workstation and wanted the software to connect to
an existing server, you would select Client Tools Only. If you wanted to install
the software that allows the programming languages to interact with SQL
Server, you would select Connectivity Only.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Testing DBMSs
317
7
Figure 7-3
User Information dialog box
Figure 7-4
Installation Definition dialog box
8. Click Next. The Instance Name dialog box opens. See Figure 7-5. Because
you are installing a new instance of SQL Server, make sure that the Default
check box is selected.
If you wanted to maintain an instance of SQL Server or add another instance,
you could clear the check box and enter the instance name.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
318
Chapter 7
Figure 7-5
Installing and Testing a Programming Environment
Instance Name dialog box
9. Click Next. The Setup Type dialog box opens. See Figure 7-6. Make sure that
the Typical option button is selected. The drive letters that appear in your
dialog box will probably differ from the ones shown in Figure 7-6, depending
on the operating systems you installed.
You would choose the Custom option button to include items more appropriate for developers.
Figure 7-6
Setup Type dialog box
10. Click Next. The Services Accounts dialog box opens. See Figure 7-7.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Testing DBMSs
319
7
Figure 7-7
Services Accounts dialog box
11. Click the Use the Local System account option button.
If you accept the default as the administrator account and change the password on the administrator account, SQL Server will not run. A domain user
account is necessary when SQL Server needs to communicate with an
instance of SQL server on another computer. In such a case, you typically
would have created a special user account just for SQL Server.
12. Click Next. The Authentication Mode dialog box opens. See Figure 7-8.
Figure 7-8
Authentication Mode dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
320
Chapter 7
Installing and Testing a Programming Environment
13. Click the Mixed Mode option button. When you click this button, the text
boxes under “Add password for the sa login” are enabled. The sa (system
administrator) login allows full access to SQL Server. Click the Blank
Password check box because the sample files assume a blank sa password. In
a production environment, however, you should not use a blank password
because it would allow anyone full access to your database.
Note that if you select the Windows Authentication Mode option button, the
sample files for this chapter will not work.
14. Click Next. The Start Copying Files dialog box opens. Click Next to begin
copying files from the CD to your hard disk. The Choose Licensing Mode
dialog box opens. See Figure 7-9.
Figure 7-9
Choose Licensing Mode dialog box
Because you are simulating an installation for use on the Internet, click the
Processor License for option button and enter 1 for the number of processors.
15. Click Continue to install SQL Server. When the Setup Complete dialog box
opens, click Finish to exit the wizard. Close the Windows Explorer window.
Once you have installed SQL Server, your first task is to create a database.
To create a database in SQL Server for Windows:
1. Open Enterprise Manager.
In Windows 2003: Click Start, and then click Enterprise Manager. The
SQL Server Enterprise Manager window opens.
In Windows 2000: Click Start, point to Programs, point to Microsoft SQL
Server, and then click Enterprise Manager.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Testing DBMSs
321
2. In the left pane, click the plus sign (+) next to Microsoft SQL Servers, next
to the SQL Server Group, and then next to (local) (Windows NT) on
Windows 2003. In Windows 2000, instead of (local), you see the name of
your computer.
A series of folders opens, as shown in Figure 7-10. Notice that the left pane
displays Windows NT in the name of the local computer, which is the version of Windows that came before Windows 2000. The properties for SQL
Server define Windows 2000 as Windows NT 5.0, and Windows 2003 as
Windows NT 5.2.
7
Figure 7-10
SQL Server Enterprise Manager window
3. In the left pane of the SQL Server Enterprise Manager window, right-click
Databases and then click New Database to create a SQL Server database.
You are creating the human resources database. To make it easier to type, you
will abbreviate the name of the database to simply hr.
4. In the Name text box, type hr and then click OK to create the human
resources database.
5. Keep the SQL Server Enterprise Manager window open for the next series
of steps.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
322
Chapter 7
Installing and Testing a Programming Environment
Now that you have created the hr database, your next step is to create the tables and
then enter data into them.You can create tables in SQL Server by using either a wizard
or the SQL createƒtable statement. To load data into the table, you can also use a
GUI or SQL insert statement. In the following steps, you fill in GUI forms to create
the employee table and add data.
To create the employee table and load three rows of data in SQL Server for Windows:
1. In the left pane of the SQL Server Enterprise Manager window, expand the
Databases folder.
2. Right-click hr, point to New, and then click Table. The New Table window opens.
3. Your objective is to create the employee table as described in Table 7-1.
Complete the form so that it matches Figure 7-11. (You might need to
expand the top pane.)
Figure 7-11
Create the employee table
4. To make the ssn column become the primary key, click the unnamed button
to the left of ssn and then click the Set primary key icon on the toolbar.
(Point to the toolbar buttons to display their names.) The key icon appears to
the left of ssn.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Testing DBMSs
323
5. Click the Save icon on the toolbar to save the table. The Choose Name dialog box opens.
6. Enter employee in the text box, and then click OK to save the table.
7. Close the New Table window, but leave the SQL Server Enterprise Manager
open for the next series of steps.
Now that you have created the employee table, you need to add data to it. The easiest
way is to open the table and type the data.
To add data to the employee table in SQL Server for Windows:
1. In the left pane of the SQL Server Enterprise Manager window, expand
Databases, if necessary, and within Databases, expand hr. Click Tables. The
list of tables in the hr database is displayed in the right pane. See Figure 7-12.
employee table is a
user table
Figure 7-12
List of tables in the hr database
Note that all the tables that appear are system tables except the employee
table, which is a user table.
2. Right-click employee, point to Open Table, and click Return all rows. The
Data in Table window opens. Complete the table so it matches Figure 7-13.
3. Close the SQL Server Enterprise Manger window.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
324
Chapter 7
Figure 7-13
Installing and Testing a Programming Environment
Adding data to the table
You have installed SQL Server, created the human resources database, created the
employee table, and added data to it. Now you are ready to write programs to access the
data. In a later section, you will learn how to write an ASP program and an ASP.NET
program to display employee data and add new data to the table.
Installing and Testing MySQL in Red Hat Linux
On a Linux Web server, you can use MySQL instead of SQL Server to perform database operations. MySQL is a high-performance database similar to SQL Server. Although
you will use the default text-based interface for MySQL, many GUI-based interfaces are
available to make MySQL administration easier.
To install MySQL on Linux:
1. Insert Red Hat CD 3 in the CD drive.
2. Double-click the CD/DVD-ROM icon on the desktop. Konqueror opens,
with the directories of the CD shown in the right panel.
3. Double-click the RedHat directory icon in the right panel. This displays the
contents of the RedHat directory.
4. Double-click the RPMS directory icon in the right panel. This displays the
contents of the RPMS directory.
5. Scroll down to the mysql-3.23.52-3.i386.rpm package and double-click it.
A dialog box opens and, after a short while, states that it has completed system preparation. Click Continue to install MySQL.
6. The installation program installs two associated Perl packages. A dialog box
opens requesting Red Hat CD 2. Insert the CD and then click OK.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Testing DBMSs
325
7. A dialog box opens requesting Red Hat CD 3. Insert the CD and then
click OK.
8. The Completed System Preparation dialog box opens. Click OK to finish the
installation.
9. Repeat Steps 2, 3, and 4.
10. In the right panel of the Konqueror window, double-click mysql-server3.23.52-3.i386.rpm. The Completed System Preparation dialog box opens.
Click Continue. The package is installed. Close the Konqueror window.
Although MySQL is installed, it is not running, so you cannot use it. As with DNS and
Apache, you need to learn how to start the server and edit rc.local to make MySQL start
whenever the computer starts.
To start MySQL:
1. To start MySQL manually, type /etc/rc.d/init.d/mysqld start in a
terminal window.
2. To have MySQL start when Linux starts, you must change the rc.local file. Open
a terminal window, type kedit /etc/rc.d/rc.local, and then press Enter.
3. At the bottom of the file, add the following line:
/etc/rc.d/init.d/mysqld start
4. Click the floppy disk icon to save the changes, and then close the
kedit window.
Now MySQL is installed and running in the background.You can use a program called
MySQL monitor to run SQL statements and other utilities. Because MySQL is installed
without a password, the first time you run the MySQL monitor, you do not have to log
on to it. After you set the password for the root account of MySQL, however, you must
log on to the MySQL monitor. Remember the password for MySQL because you will
need it for the MySQL monitor and when you test Web programs that you will write.
To set the password for the root account for MySQL in Linux:
1. In a Linux terminal window, type mysql and then press Enter to start the
MySQL monitor.
2. Type SET PASSWORD FOR root = PASSWORD(‘password’); and
then press Enter to create a password of “password.” Be sure to type the text
exactly as shown, including the semicolon at the end.You should receive a
response that states “Query OK.”
3. Type exit and then press Enter to exit the MySQL monitor.
Much as with Microsoft SQL Server, you have to create the human resources database,
create the employee table, and then add data to the table in MySQL. With MySQL, you
will run a script that contains the SQL commands necessary to create the table and add
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
326
Chapter 7
Installing and Testing a Programming Environment
the data instead of typing the information into a form. Running a script is also common
practice in SQL Server. To run the script, you must know the path to the Chapter7 directory on your Data Disk, which is assumed to be /mnt/floppy/chapter7. The following
procedure should look like Figure 7-14.
Type these lines after
the mysql prompt
Figure 7-14
Create MySQL database, add data, and display contents
To create the employee database and run the script to create the employee table and add
data with MySQL in Linux:
1. In a terminal window, type mount /mnt/floppy and then press Enter to
make the floppy disk accessible. (Be sure to insert a space after you type
“mount.”)
2. Type mysql -uroot -ppassword and then press Enter. The -u stands for
“user name,” and it is followed by “root.” The -p stands for “password,” and it
is followed by the actual password, which is “password.”
3. Type create database hr; and then press Enter to create a database named hr.
4. Type use hr; and then press Enter to make the hr database become the
default database.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Web-Based Programming Environment
327
5. Type source /mnt/floppy/chapter7/hr.sql and then press Enter to run
the following script:
createƒtableƒemployeeƒ(
ssnƒchar(9)ƒprimaryƒkey,
firstnameƒvarchar(20),
lastnameƒvarchar(30),
depnoƒchar(2),
salaryƒnumeric(6));
insertƒintoƒemployeeƒvalues('553879098','Lynn','Gweeny','10',55000);
insertƒintoƒemployeeƒvalues('623827368','Elark','Kaboom','10',60000);
insertƒintoƒemployeeƒvalues('756838998','John','Doh','20',45000);
6. Type select * from employee; and then press Enter to display the contents of the employee table. The “*” (asterisk) tells the utility to display all
the columns.
7. Type exit and then press Enter to exit MySQL monitor.
UNDERSTANDING
THE
WEB-BASED PROGRAMMING ENVIRONMENT
Web programming is often based on an input-process-output model as described in a
previous section. When a Web server receives a request for a dynamic Web page, it
receives input from the user’s browser, processes the information, and then produces output. For example, when you click a link on a Web page to display a category of products, the browser sends a request for category information to the page that contains the
list of products. This request provides the input. The page that receives the category contains a program, which directs the Web server to look up the product data in a database
(process) and shows the product list (output). The input for the program in the Web page
can come from the URL link that the user clicks, information that the user supplies in
a form in the browser, a cookie stored on your disk, or information contained within
the program in the Web page. A cookie is text that a Web site stores on your disk that
can be retrieved by the Web server when you visit the site. Often a cookie provides personalization information to the Web site. For example, sites such as my.yahoo.com allow
you to personalize the type of news and other information that your browser displays
by default.You can log on to the site when you visit it, or you can allow the site to store
a cookie containing logon information on your disk.
The original environment for Web programming is the Common Gateway Interface
(CGI), a protocol that allows the operating system to interact with the Web server. CGI
is powerful and flexible, but it also creates a favorite entry point for hackers. Using
CGI can leave your system vulnerable to attack because programs written to the CGI
specification can access system utilities that can, in turn, be used to compromise the
server. Among the most common languages used for CGI are Practical extraction and
reporting language (Perl), C, and shell scripts. Because these languages were created
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
328
Chapter 7
Installing and Testing a Programming Environment
before the Web environment existed, they were not designed for Web security. Instead,
they depend on the skills of the programmer to make sure that the applications are secure.
Programmers often create Web programs with a text editor. Alternatively, they can use
many sophisticated products to become more productive. Products such as Microsoft
Visual Studio .NET and Borland JBuilder, for example, help programmers organize,
develop, test, and deploy Web-based programs.
Apache makes adding programming languages relatively easy and provides good support
for databases. It gives you the flexibility to create a Web environment that is tailored to
the specific needs of your organization.
With IIS, the most common programming languages are ASP and ASP.NET, both of
which are Microsoft creations. ASP was the first Web-based programming language from
Microsoft available for IIS. ASP.NET is available for IIS 5.0 (Windows 2000) if you also
install the .NET Framework, which is available for free from Microsoft. ASP.NET is the
primary programming language for IIS 6.0 (Windows 2003), although you can also use
ASP in IIS 6.0.
ASP.NET represents a significant improvement over ASP. To see how, suppose you want
to create a form to enter employee information, including salary information. In ASP,
you must have HTML expertise because you must write all the tags needed to format
the employee form and include all the programming commands for the browser to make
sure that the form was filled in correctly. In ASP.NET, in contrast, you can simply state
that a text box should contain a valid phone number and let ASP.NET actually write the
code. Another difference between ASP and ASP.NET relates to performance. Each time a
browser requests an ASP page on a Web server, the text in the page must be converted
to a format that the server can understand, which takes extra time. With ASP.NET, the
Web page is most likely already converted to the correct format, so the page can be
processed much faster.
Using the Programming Examples
A programming environment includes both the programming languages and the databases that you support. To verify that your programming environment works correctly,
you can create a comparable test across the languages. In this section, you will create an
application to enter employee information in a form and then display the contents of
the form. In a later section, you will test the database connectivity.
The application contains two pages, which belong in the root directory of the Web
server. The first page is written in HTML, a language that allows you to create a form
and format it in a browser. The form records an employee’s Social Security number, first
name, last name, and salary. A second page processes the form so that it produces output such
as “Hello, Lynn Gweeny.Your Social Security Number is 553879098 and you make $55000.”
The contents of the page that produces the form resembles Figure 7-15 with one important exception. After the “action=” statement in the form, you insert the name of the file
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Web-Based Programming Environment
329
that will process the form, such as ProcessForm.asp. The second page must be written in
a programming language supported by your Web server. The extension of the filename
usually identifies the language in which it was written. For example, ProcessForm.asp
would contain ASP programming instructions (code). ProcessForm.aspx would contain
ASP.NET code, and ProcessForm.php would contain PHP code.
Figure 7-15 shows the HTML code for creating the employee form.
<HTML>
<BODY>
PleaseƒenterƒtheƒfollowingƒinformationƒandƒthenƒclickƒSubmit:<BR>
<FORMƒaction=filename>
SSN:ƒ<inputƒtype=textƒname=ssn><BR>
FirstƒName:ƒ<inputƒtype=textƒname=first><BR>
LastƒName:ƒ<inputƒtype=textƒname=last><BR>
Salary:ƒ<inputƒtype=textƒname=salary><BR>
<inputƒtype=submitƒname=submitƒvalue=Submit>
</FORM>
</BODY>
</HTML>
Figure 7-15
form.htm—the form used for processing
In Figure 7-15, the information between the angle brackets < > consists of HTML statements that aid in formatting text within the browser. HTML statements are not casesensitive, which means that they can be written in uppercase or lowercase text. The
<FORM...> statement signals the start of the form, and the </FORM> statement identifies the end of the form. The <BR> tag causes subsequent text to appear at the beginning of the next line. The <inputƒtype=textƒname=first> statement opens a text
box. When the information from the form is processed by Active Server Pages or another
language, each text box is distinguished by its name. Thus what you enter in the text box
for Social Security Number will be associated with ssn, the text box for the first name
will be associated with first, and so on. The <inputƒtype=submitƒname=submit
value=Submit> statement displays a button that, when pressed, sends the form to the
page that processes it.
Programming Languages on IIS
By far, the most popular Web programming languages are the ones produced by
Microsoft. As noted earlier,ASP was the original Web-based programming language for IIS.
Today’s IIS also supports ASP.NET, which represents a new generation of programming
languages for the Web.
Understanding Active Server Pages
ASP is a scripted language that is included with all versions of IIS. With a scripted language, you include commands in a script—a text file—that the Web server processes.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
330
Chapter 7
Installing and Testing a Programming Environment
When you configured new Web sites and virtual directories in Chapter 6, one of the
settings you chose was to allow scripts to be processed by the Web server. If you did not
allow scripts, your ASP files would not work.
By default, ASP is not installed in Windows 2003, but it is installed on Windows 2000.
To install ASP in Windows 2003:
1. In the Control Panel, click Add or Remove Programs. The Add or
Remove Programs window opens.
2. Click Add/Remove Windows Components. The Windows Components
Wizard dialog box opens.
3. Scroll to and click Application Server, and then click Details. The
Application Server dialog box opens.
4. Click Internet Information Services (IIS), and then click Details. The
Internet Information Services (IIS) dialog box opens.
5. Click World Wide Web Service, and then click Details. The World Wide
Web Service dialog box opens.
6. Click the Active Server Pages check box.
7. Click OK three times to return to the Windows Components Wizard dialog
box. Click Next to install ASP. After a few moments the Completing the
Windows Components Wizard dialog box opens. Click Finish to exit the
wizard. Close the Add or Remove Programs window.
To process the form.htm form shown earlier in Figure 7-15, you would change the fourth
line from <form action=> to <form action=ProcessForm.asp>. ProcessForm.asp,
which is a script that you can create in any text editor, is shown in Figure 7-16.
<%@ƒLanguage=VBScriptƒ%>
<HTML><BODY>
Hello,ƒ<%=request("first")%>&nbsp;<%=request("last")%>.<BR>
YourƒSocialƒSecurityƒNumberƒisƒ<%=request("ssn")%>ƒandƒyouƒmakeƒ
$<%=request("salary")%>.
</BODY></HTML>
Figure 7-16
Process form using Active Server Pages
The first line in Figure 7-16 states that the ASP code in the file uses a programming language called VBScript, which is based on Visual Basic, a language that is commonly used in
desktop applications. (The other choice is JScript, which is related to the Java programming
language.) Just as HTML code is enclosed in angle brackets (< >), so ASP code is enclosed
in <% %>. The important part of the code takes information received from the form and
displays it. The <%=request("first")%> code performs this task. Notice how the text
between the quotation marks matches the text box names specified in form.htm.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Web-Based Programming Environment
331
Before you test the application, you should understand all the steps involved in processing the pages from a conceptual point of view. A form is processed as follows:
1. In a browser, the user requests the page that contains the form, such as
form.htm. Because the filename ends in .htm, the Web server sends the file to
the browser without processing it.
2. The user enters data in three text boxes.
3. The user clicks the Submit button, which sends the information in the form,
such as Social Security number, first name, last name, and salary, to a Web
page called ProcessForm.asp.
4. ProcessForm.asp takes the information sent from the form and processes it.
Because the filename ends in .asp, the Web server sends the file to a program
that can process ASP code. In this case, processing involves formatting the
information and sending it back to the user. Other forms are processed by
connecting to a database and updating it or extracting information from it
and then producing a report.
To create the form test application in IIS in Windows:
1. Start Notepad as you usually do. Click File on the menu bar, and then click
Open. In the Open dialog box, click the Files of type list arrow, click All Files,
navigate to the Chapter7 folder on your Data Disk, and then open form.htm.
2. Replace the fourth line with the following statement:
<form action=ProcessForm.asp>
3. Click File on the menu bar, and then click Save As to save the file.
4. Navigate to the root of your Web server, which is \inetpub\wwwroot.
Change the file type to *.* (or All Files), and then click Save.
5. Close Notepad.
6. Use Windows Explorer to copy ProcessForm.asp from the Chapter7 folder
on your Data Disk to \inetpub\wwwroot.
To test the ASP application in Windows:
1. Start Internet Explorer.
2. In the Address text box, type http://localhost/form.htm and then press
Enter. If a dialog box opens containing a Try Again button, click the Try
Again button.
3. The form opens. Fill in the form as shown in Figure 7-17 and then click
Submit. Figure 7-18 shows the resulting Web page.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
332
Chapter 7
Installing and Testing a Programming Environment
Figure 7-17
Employee form
Figure 7-18
Output of form after clicking Submit
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Web-Based Programming Environment
333
The Address text box in Figure 7-18 shows how browsers communicate with Web servers.
When you click the Submit button on the form, the browser pairs the text box names in
form.htm with the data you entered in the form, such as Lynn Gweeny’s name and Social
Security number. In the Address text box, the browser adds the text box name and data
pairs to the file that form.htm indicates should process the form, separating the pairs with
an ampersand (&). Then the browser sends this information to the Web server so it can
process the information and return the results, which the browser displays. No matter how
complex a form, the browser always uses name/value pairs to transmit the form information to the Web server to be processed.You can simulate the use of the form by mimicking how the browser communicates with the Web server. If you typed the following into
the browser, the Web server would return the information shown in Figure 7-19:
http://localhost/ProcessForm.asp?first=Bob&ssn=5&salary=23
7
Figure 7-19
Output based on manual input
Note that the order of the name/value pairs in the Address text box has
changed. The pairs can appear in any order.
Tip
Not all forms process data by sending it to a Web server as part of the URL. In Chapter 6,
you learned how the browser communicates with the Web server. In the default method,
the browser uses a GET command to request an HTML file. If the browser uses GET, it
adds the name/value pairs to the URL. However, a URL can contain no more than
about 2,000 characters, so the GET command is not useful for long or complex forms.
In such cases, a browser can instead use the POST command, which stores the
name/value pairs in a file that is sent back to the Web server instead of being added to
the URL. No limitation applies to the size of the form if you use the POST command.
To cause the form to use the POST command, you would change the fourth line in
form.htm to the following statement:
<formƒmethod=postƒaction=ProcessForm.asp>
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
334
Chapter 7
Installing and Testing a Programming Environment
Note that Web servers can process forms slightly faster using the default GET command.
Also, because the GET command is limited as to the length of input, it avoids one problem associated with the POST command—an attacker cannot send an unusually long
request to the Web server in an effort to penetrate it. Because of the potential problem
with the POST command, many Web hosting companies allow only the GET command
to be used with their systems.
Active Server Pages.NET
In 2001, ASP.NET became available through the release of .NET Framework, a newgeneration programming environment for IIS. .NET Framework can be added to
Windows 2000 and is already integrated into Windows 2003 Server.
ASP.NET generates Web pages much faster than does ASP. Whereas ASP executes a script
that you write, ASP.NET compiles a script before running it. Compiling the script converts it into an executable file, which the computer can process more quickly. ASP.NET
also takes the extra step of caching the output, which improves the response time of the
Web server. As an example, suppose a Web application produces a Web page for company
employees that lists today’s important events. These events are stored in a database. If the
page is accessed 100 times per day, it would be inefficient to search the database and
reproduce the Web page 100 times. Instead, ASP.NET produces the page from the database and saves it. The next time someone requests it, the Web server can send the page
directly from the cache instead of processing the request each time. ASP applications converted to run as ASP.NET applications typically serve three to five times as many pages.
The programming model of ASP.NET is also superior to that of ASP. In ASP, you must
explicitly state every minor detail of programming. In ASP.NET, the language helps you
with the program. As an example, suppose you want to produce a report. As you will
see in the section on database connectivity, ASP.NET lets you produce a detailed report
with a single command. It also helps you avoid the problem of code that runs well in
one browser, but not another. Because Internet Explorer, Netscape, AOL, Opera,
Konqueror, and other browsers are different, it can be difficult to produce pages that act
the same no matter which browser is used. Suppose you want to display a calendar so a
user can select a date. In ASP, you must write a script that will be compatible with all
the browsers. In ASP.NET, you simply state that you want to include a calendar component. ASP.NET determines which browser the user has and generates code that is
compatible with that particular browser. Also, you may want to validate data in a form,
such as by restricting input on a text box to a number between 100 and 5,000. For data
validation in ASP, programmers often had to create complex and detailed JavaScript code
that was tested across multiple browsers. With ASP.NET, you just describe the type of
validation you want and ASP.NET ensures that the form is validated correctly.
The downside to ASP.NET is that with increased capabilities comes increased complexity
in many areas. Although you can specify a report in a single line, the overall program still
takes quite a few lines of code. Learning to program in ASP.NET can also be more difficult than programming in ASP. However, ASP.NET programs can be more easily created
with Visual Studio.NET, a product from Microsoft. Such programs also do not reflect
exactly the communication between the Web server and the browser. This characteristic
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Web-Based Programming Environment
335
can be advantageous in that ASP.NET hides standard operations that must be explicitly
stated in ASP, but it makes it more difficult for programmers to write code that performs
very specific tasks. Indeed, you will see more similarities between ASP, PHP, and Perl
than between ASP and ASP.NET.
ASP.NET supports more than 25 languages, including VB .NET, C# (similar to C++),
and J# (similar to Java). An experienced ASP.NET programmer can easily move from
one language to another because you perform tasks the same way in each language. For
example, the command to validate a text box on a form or to produce a report is the
same whether you are using VB .NET or J# .NET.
Figure 7-20 shows an ASP.NET application that processes employee information in a
form. Although in ASP you describe in detail what is sent to the browser, in ASP.NET
it is more accurate to say that you are describing what you want processed. When a user
requests the page, ASP.NET produces a form that is sent to the browser. Notice that the
form statement in ASP.NET differs from the one in ASP because it does not contain
action=. The text boxes are also different. ASP.NET generates the HTML necessary to
turn the description of the form into something that is understandable by all browsers.
The bottom of the page contains the code <span
id="Message"
runat="server"/>. This statement indicates where the output will be placed. When
a user clicks the Submit button, processing starts with the code at the top of the page.
The line below Sub Submit_Click... begins with Message.InnerHtml. This reference is related to id="Message" in the HTML span statement. This code also displays the same message as produced by ProcessForm.asp (such as “Hello, Lynn Gweeny.
Your Social Security Number is 553879098 and you make $55000”).
<HTML>
<scriptƒlanguage="VB"ƒrunat="server">
ƒƒƒSubƒSubmit_Click(SenderƒAsƒObject,ƒEƒAsƒEventArgs)ƒ
ƒƒƒƒƒƒMessage.InnerHtmlƒ=ƒ"Hello,ƒ"ƒ&ƒfirst.textƒ&ƒ"ƒ"ƒ&ƒlast.textƒ&ƒ_
ƒƒƒƒƒƒ".ƒYourƒSocialƒSecurityƒNumberƒisƒ"ƒ&ƒssn.textƒ&ƒ_
ƒƒƒƒƒƒ"ƒandƒyouƒmakeƒ$"ƒ&ƒsalary.text
ƒƒƒƒEndƒSub
</script>
<BODY>
PleaseƒenterƒtheƒfollowingƒinformationƒandƒthenƒclickƒSubmit:<BR>
ƒƒ<formƒrunat="server">
SSN:ƒ<asp:TextBoxƒid=ssnƒrunat=server/><BR>
FirstƒName:ƒ<asp:TextBoxƒid=firstƒrunat=server/><BR>
LastƒName:ƒ<asp:TextBoxƒid=lastƒrunat=server/><BR>
Salary:ƒ<asp:TextBoxƒid=salaryƒrunat=server/><BR>
<inputƒtype=submitƒOnServerClick="Submit_Click"ƒvalue="Submit"ƒ
runat=server>
</form>
<BR>
<spanƒid="Message"ƒrunat="server"/>
</BODY>
</HTML>
Figure 7-20
Form and output using ASP.NET
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
336
Chapter 7
Installing and Testing a Programming Environment
Figure 7-21 begins to show the true power of ASP.NET. This ASP.NET file includes validation statements so you can verify that users enter something in the text box for the
first name, and it indicates that an acceptable salary value is in the range of 12000 to 85000.
In the validation modules, you describe how you want to validate data and let ASP.NET
determine how it will achieve the results across different browsers. In Figure 7-21,
the validation statements are shaded. The first shaded statement begins with
<asp:RequiredFieldValidator, which indicates that you are describing a text
box that needs to have some text in it. The statement id="rfvfirst" uniquely identifies this validator. The statement runat="server", seen in many areas, basically states
that ASP.NET will control the code. The statement ControlToValidate="first"
notifies ASP.NET that the text box called “first” is to be validated. The statement
Display="Dynamic" states that the error will be displayed where it occurred. The
statement *ƒYou must enter a first name is the actual error message. The statement </asp:RequiredFieldValidator> ends the description of the validation. As
you can see in the second validation, it is a RangeValidator. With such a validator,
you specify a minimum value and a maximum value.
<HTML>
<scriptƒlanguage="VB"ƒrunat="server">
SubƒSubmit_Click(SenderƒAsƒObject,ƒEƒAsƒEventArgs)ƒ
ƒƒƒƒMessage.InnerHtmlƒ=ƒ"Hello,ƒ"ƒ&ƒfirst.textƒ&ƒ"ƒ"ƒ&ƒlast.textƒ&ƒ_
ƒƒƒƒ".ƒYourƒSocialƒSecurityƒNumberƒisƒ"ƒ&ƒssn.textƒ&ƒ_
ƒƒƒƒ"ƒandƒyouƒmakeƒ$"ƒ&ƒsalary.text
ƒƒƒƒEndƒSub
</script>
<BODY>
PleaseƒenterƒtheƒfollowingƒinformationƒandƒthenƒclickƒSubmit:<BR>
ƒƒ<formƒrunat="server">
SSN:ƒ<asp:TextBoxƒid=ssnƒrunat=server/><BR>
FirstƒName:ƒ<asp:TextBoxƒid=firstƒrunat=server/>
<asp:RequiredFieldValidatorƒid="rfvfirst"ƒrunat="server"
ƒƒControlToValidate="first"ƒDisplay="Dynamic">
ƒƒ*ƒYouƒmustƒenterƒaƒfirstƒname</asp:RequiredFieldValidator><BR>
LastƒName:ƒ<asp:TextBoxƒid=lastƒrunat=server/><BR>
Salary:ƒ<asp:TextBoxƒid=salaryƒrunat=server/>
<asp:RangeValidatorƒid="rvsalary"ƒrunat="server"
ƒƒControlToValidate="salary"ƒType="Integer"
ƒƒMinimumValue="12000"ƒƒMaximumValue="85000"ƒDisplay="Dynamic">
ƒƒ*ƒSalaryƒmustƒbeƒbetweenƒ12000ƒandƒ85000</asp:RangeValidator><BR>
<inputƒtype=submitƒOnServerClick="Submit_Click"ƒvalue="Submit"ƒ
runat=server>
</form>
<BR>
<spanƒid="Message"ƒrunat="server"/>
</BODY>
</HTML>
Figure 7-21
Form validation using ASP.NET
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Web-Based Programming Environment
337
Installing .NET Framework in Windows 2000
Although .NET Framework is an integral part of Windows 2003, in Windows 2000 you
must install it by using the .NET Framework SDK. Before you work with an ASP.NET
example in Windows 2000 in this chapter, you will install .NET Framework. To install
.NET Framework, you need to install the latest Service Pack as described in Chapter 3.
To install .NET Framework on Windows 2000:
1. Insert the .NET Framework SDK CD into the CD drive. The Welcome to
the Microsoft .NET Framework SDK HTML page opens in your browser.
See Figure 7-22. This HTML page is read directly from the CD. (If not, open
default.htm on the CD.) A Web server or connection to the Internet is not
required.
7
Figure 7-22
Microsoft .NET Framework SDK Web page
2. Click the install the SDK link to start the installation process. The Installing the
Microsoft .NET Framework SDK HTML page opens, listing the items you need
to install the SDK.You should have already installed IIS.You have not installed
Internet Explorer 6.0, however, so you can start with Step 3. See Figure 7-23.
3. Click \IE60. A folder opens that contains the setup program for Internet
Explorer. See Figure 7-24.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
338
Chapter 7
Installing and Testing a Programming Environment
Click here for Step 3
Click here for Step 8
Click here for Step 12
Figure 7-23
Installing the Microsoft .NET Framework SDK HTML page
Figure 7-24
\IE60 folder in Windows Explorer
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Web-Based Programming Environment
339
4. Double-click ie6setup.exe. The Welcome to Setup for Internet Explorer and
Internet Tools dialog box opens.
5. Click the I accept the agreement option button, and then click Next. The
Windows Update: Internet Explorer and Internet Tools dialog box opens.
6. Click Next. After a few minutes, the Progress dialog box opens, showing you
what is being installed and how much of the installation is complete. The
Restart Computer dialog box opens. Click Finish to exit the wizard and
restart your computer. When the computer restarts and you log on as the
administrator, a message box states that it is updating Windows and completes
three steps: Browsing Services, Internet Tools, and System Services.
7. Resume the installation process by opening Windows Explorer, navigating to
the root of the .NET Framework CD, and double-clicking default.htm. The
HTML page in Figure 7-22 opens again. Click install the SDK.You return
to Step 4 in the installation process shown earlier in Figure 7-23.
8. Click \MDAC27 to install Microsoft Data Access Components. A Windows
Explorer window opens containing a single file. Double-click the mdac_typ
icon to install the components. The Microsoft Data Access Components 2.7
Setup dialog box opens.
9. Click the I accept all of the terms of the preceding license agreement
check box, and then click Next. After a few moments, the Detecting in-use
Files dialog box opens, stating that it needs to shut down the SQL Server
tasks. Click Next to shut down the tasks and let the installation proceed.
10. Click Finish to install the Microsoft Data Access Components software. This
process may take a minute or so. The Restarting the System dialog box opens.
Accept the default of Let setup restart the system now by clicking Finish.
11. When the computer restarts and you log on, open Windows Explorer, navigate
to the root of the .NET Framework CD, double-click default.htm, and then
click install the SDK.
12. Click \dotNETSDK to install the .NET Framework. Windows Explorer
opens to display the contents of the dotNETSDK folder.
13. Double-click the setup file icon to start the .NET Framework SDK installation. When the Microsoft .NET Framework SDK Setup dialog box opens,
click Yes to install the SDK. If a dialog box asks you to allow it to update
the Windows installer components, click Yes to update the components.
The .NET Framework SDK wizard starts.
14. Click Next to continue with the wizard. The License Agreement dialog box
opens. Click the I accept the agreement option button, and then click
Next. The Install Options dialog box opens. See Figure 7-25.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
340
Chapter 7
Figure 7-25
Installing and Testing a Programming Environment
Install Options dialog box
15. Click Next to accept the defaults of installing the SDK and samples. The
Destination Folder dialog box opens.
16. Click Next to accept the default location. The Installing Components dialog
box opens and displays the progress of the installation. This process may take
a few minutes. When the setup is finished and a dialog box opens, click OK
to exit the wizard.
17. Restart the computer.
Now that you have installed .NET Framework, you can use ASP.NET to perform programming tasks on your IIS Web server.
To show the effects of validation in ASP.NET in Windows:
1. Use Windows Explorer to copy ProcessFormVal.aspx from the Chapter7
folder of your Data Disk to \inetpub\wwwroot.
2. In Internet Explorer, type http://localhost/ProcessFormVal.aspx as the
URL, and then press Enter.
3. In the SSN text box, type 553879098. Leave the First Name text box blank.
In The Last Name text box, type Gweeny. In the Salary text box, type
10000. Click Submit.Your browser should resemble Figure 7-26.
Programming for Apache
Two of the most popular programming languages available for Apache are Perl and PHP
Hypertext Protocol (PHP). The original Web programming language, Perl is still used
today. PHP is a relative newcomer but its ease of use has helped it gain market share over
the years. Overall, PHP is easier to learn than Perl, and it lets you quickly create sophisticated applications.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Web-Based Programming Environment
341
7
Figure 7-26
Form validation in ASP.NET
The Java-based programming languages let you work in both a desktop environment
and the Web environment. JavaServer Pages ( JSP), for example, is similar in structure
to ASP. However, with ASP, the same text scripts are processed every time the page is
requested. With JSP, the pages are converted to Java servlets and compiled. When code
is compiled, the resulting file can be processed more quickly by the computer.
CGI and Perl Programming
CGI allows you to use any language compatible with the protocol, such as Perl, shell
scripts, or C. Figure 7-27 shows the contents of a shell script named hello.cgi, which
displays “Hello, World” on a browser.
#!/bin/sh
echoƒ"Content-Type:ƒtext/html"
echo
echoƒ"<html><body>"
echoƒ"Hello,ƒWorld"
echoƒ"</body></html>"
Figure 7-27
Displaying “Hello, World” with a shell script
The first line of the code identifies the program that will process the file. The location
of the shell script program “/bin/sh” follows the “#!” (pronounced “she-bang”). The
next line tells the browser what to expect—in this case, “text/HTML.” The following
blank line is important because it separates the header information from the actual
HTML to be displayed by the browser.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
342
Chapter 7
Installing and Testing a Programming Environment
Now you can learn about the CGI configuration of the Web server. Because CGI scripts
can potentially access the operating system, you want to isolate the directories that can
process scripts. Apache installs a virtual directory called /cgi-bin by default. Figure 7-28
shows the lines in the httpd.conf file that specify the /cgi-bin virtual directory, which is
isolated from other directories and is designed to run scripts, as indicated in the line that
begins ScriptAlias /cgi-bin/ and is followed by the location of the directory.
ScriptAliasƒ/cgi-bin/ƒ"/var/www/cgi-bin/"
<Directoryƒ"/var/www/cgi-bin">
ƒƒƒƒAllowOverrideƒNone
ƒƒƒƒOptionsƒNone
ƒƒƒƒOrderƒallow,deny
ƒƒƒƒAllowƒfromƒall
</Directory>
Figure 7-28
CGI configuration in httpd.conf
In addition to isolating the CGI script directory, you must set the file permissions of the
CGI scripts. Recall that users connect to the Apache Web server by using apache as the
user name. The apache user is allowed to access HTML pages on the Web site. For CGI
scripts, you must manually set the file permissions to allow the apache user to execute
them. Recall from Chapter 5 that you can use the chmod command to alter the file permissions. By default, when you create a file such as hello.cgi, the file permissions are 644
(rw-r—r—). This means that although you can read and write to the file, no one—
including you—can execute the script. To allow Web users to execute the script (but not
write to the file), you can change the permissions to 755 (rwxr-xr-x), which you do in
the following steps.
To display “Hello, World” using a shell script in Apache on Linux:
1. Copy the hello.cgi file from the Chapter7 directory of the Data Disk to the
/var/www/cgi-bin directory using Konqueror.
2. In a terminal window, type cd /var/www/cgi-bin and then press Enter to
access the cgi-bin directory. Type chmod 755 hello.cgi and then press
Enter to allow the script to be executed.
3. To display the contents of the CGI script, open the Konqueror Web browser,
enter http://localhost/cgi-bin/hello.cgi as the URL, and then press
Enter. The browser displays “Hello, World.”
Perl is a useful language because its strength lies in processing files, which is what a Web
server needs to do. For many years, Perl was one of the few languages to run well on
any server, which made it a good choice for creating applications that can be run on
Microsoft, Linux, and UNIX servers. Many large, Web-based applications that support
multiple servers use Perl.
Figure 7-29 shows a Perl script that processes the form.htm shown earlier in Figure 7-15.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the Web-Based Programming Environment
343
#!/usr/bin/perl
useƒCGI;
myƒ$cgi=newƒCGI;
printƒ"Content-Type:ƒtext/html\n\n";
printƒ"<html><body>";
printƒ"Helloƒ",$cgi->param("first"),"ƒ",$cgi->param("last"),".<BR>\n";
printƒ"YourƒSocialƒSecurityƒNumberƒisƒ",$cgi->param("ssn"),"ƒ\n";
printƒ"ƒandƒyouƒmakeƒ\$",$cgi->param("salary");
printƒ"</body></html>";
Figure 7-29
Perl script to display contents of form
The first line, #!/usr/bin/perl, indicates that the Perl program that processes the
script is located in the /usr/bin directory. The first line turns the code into a Perl script,
so that everything after the first line must be based on the Perl language. Perl statements
end in semicolons. Lines 2 and 3—use CGI; and my $cgi=new CGI;—tell Perl to
use the CGI interface to process forms. The fourth line—print "Content-Type:
text/html\n\n";—indicates that the content is HTML text, meaning the information to process is an HTML page. The \n stands for new line and causes the output to
advance to the next line. The two \n codes in line 4 create a blank line that is needed
to separate headers from HTML. Line 6 includes the Perl command $cgi->param,
which corresponds to request in ASP.
To create a Perl script to process form.htm in Apache in Linux:
1. Copy form.htm from the Chapter7 directory of the Data Disk to the root
directory of your Web server, which is /var/www/html.
2. Use KEdit to change the fourth line to <form action=/cgi-bin/
ProcessForm.cgi>, and then save the form.htm file.
3. Use Konqueror to copy ProcessForm.cgi from the Chapter7 directory of
the Data Disk to the /var/www/cgi-bin directory.
4. Change the file permissions to give the file execute permissions. In a terminal
window, type cd /var/www/cgi-bin and then press Enter to change to
the cgi-bin directory. Type chmod 755 ProcessForm.cgi and then press
Enter to allow the script to be executed.
5. Open a browser, type http://localhost/form.htm, and then press Enter.
6. Complete the form with the following text:
SSN: 553879098
First Name: Lynn
Last Name: Gweeny
Salary: 55000
7. Click Submit to see the resulting Web page, shown in Figure 7-30.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
344
Chapter 7
Figure 7-30
PROGRAMMING
Installing and Testing a Programming Environment
Results of Perl script
WITH
DATABASES
When you use a program to work with the data in a database, such as to retrieve the
information and then display it, the first step is to connect to the database. The second step
is to send a command to the database in the form of an SQL statement. If the SQL statement is used to add or change data, you do not need to perform any other database steps.
If the SQL statement retrieves data, then the third step is to process the data. Each step is
described in detail in the following sections.
Connecting to the Database
With so many DBMSs and programming languages, operating systems need a common
way to bring them together. Microsoft uses Open Database Connectivity (ODBC)
and its modern relative OLE DB (Object Linking and Embedding Database).
ODBC acts as an intermediary between the DBMSs and the programming languages.
The producer of each DBMS creates software that adheres to the ODBC standard.
Programming languages can then incorporate commands to connect to ODBC instead
of commands to connect to each individual DBMS. If a programming language is compatible with ODBC, it can use any DBMS that has ODBC drivers. ODBC drivers are
also available for Microsoft Excel and text files. The advantage of ODBC and OLE DB
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Programming with Databases
345
is that, as a programmer, you just have to learn one, simplified way to connect to and
use a database, whether it is based on Microsoft Access, Microsoft SQL Server, or Oracle.
Linux uses Java Database Connectivity ( JDBC) for the Java programming environment (you can also use JDBC on a Windows server). JDBC works in much the same way
as ODBC. When JDBC is used in a Windows environment, you can use a JDBC-ODBC
bridge to allow Java programs to access the DBMSs supported by ODBC.
The main disadvantage of both ODBC and JDBC is that the extra layer of software
between the DBMS and programming language decreases performance. Some major
DBMS producers, such as SQL Server and Oracle, also produce software that is specifically designed for particular programming environments.You will see an example of it
when you install special drivers to allow PHP to access MySQL databases in the
“Database Programming with PHP” section.
Sending SQL Commands to the Database
You typically use two types of SQL commands in programming. The first type receives data
from one or more tables in a database. For example, you can use the select SQL statement
to request a list of all employees or only those employees with a last name of Sampaio; the
latter statement would be select * from employee with lastname='Sampaio'.
You can use the result of such a SQL statement to produce a report, make calculations,
or update another table in the same database or in another database.
The second type of SQL command changes data in a database.You can use such commands to insert, update, and delete data. Often, you will use HTML to create a form to
focus on what needs to be changed. For example, you could create a form to prompt
users for the Social Security number of the employee whom they want to delete. Instead
of displaying the Social Security number as you did in a previous example, however, you
would use this number in a SQL command to delete the employee information from
the employee table. The following statement deletes an employee with a Social Security
number of 345345433: delete from employee where ssn= '345345433'.
Forms are commonly used when you register at a Web site. That is, you fill out a form,
click a button, and send your registration information to the Web server. The Web server
takes this information, embeds it into SQL statements, and then executes the statements
to add the contents of the form to a table.
Processing Data from a Database
Processing data from a database is similar to processing data from a form except that a
form gives you just one set of data. With a database, the SQL statement could retrieve
thousands, or even millions, of sets of data, called records or, more appropriately, rows.
To process each row of data in a similar manner, you use a loop in your program. A loop
performs a sequence of instructions until a particular condition occurs. The sequence of
instructions describes how to process each row. The particular condition is most often
reaching the last of the rows retrieved.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
346
Chapter 7
Installing and Testing a Programming Environment
Database Programming with ASP
Now that you are familiar with how to use SQL statements in programs to process data
from a database, you are ready to write a program in ASP to produce a report. Figure 7-31
shows a report based on the SQL Server table that you created earlier in the chapter.
Figure 7-32 shows the report.asp file, which contains the ASP code necessary to create
the report. Notice that the report does not have information on the department number
of the employee. This example demonstrates that you can easily select the information
that you want to display.
SSNƒƒƒƒƒƒƒƒƒƒƒFirstƒƒƒƒƒLastƒƒƒƒƒƒSalary
553879098ƒƒƒƒƒLynnƒƒƒƒƒƒGweenyƒƒƒƒ55000
623827368ƒƒƒƒƒElarkƒƒƒƒƒKaboomƒƒƒƒ60000
756838998ƒƒƒƒƒJohnƒƒƒƒƒƒDohƒƒƒƒƒƒƒ45000
Figure 7-31
Employee report
<%<\@>ƒLanguage=VBScriptƒ%>
<%
setƒconnƒ=ƒserver.CreateObject("adodb.connection")
Conn.openƒ"database=hr;driver={SQLƒServer};server=(local);uid=sa"
setƒrsƒ=ƒconn.Execute("selectƒssn,firstname,lastname,salaryƒfromƒemployee")
%>
<HTML>
<BODY>
<TABLE>
ƒ<TR>
ƒƒ<TD>SSN</TD><TD>First</TD><TD>Last</TD><TD>Salary</TD>
ƒ</TR>
ƒ<%ƒdoƒwhileƒnotƒrs.eof%>
ƒ<TR>
ƒƒ<TD><%=rs("ssn")%></TD>
ƒƒ<TD><%=rs("firstname")%></TD>
ƒƒ<TD><%=rs("lastname")%></TD>
ƒƒ<TD><%=rs("salary")%></TD>
ƒ</TR>
<%
ƒrs.movenextƒ'Goƒtoƒtheƒnextƒemployeeƒrecord
ƒloopƒ'Goƒbackƒtoƒtheƒ"doƒwhile"ƒstatement
%>
</TABLE>
</BODY>
</HTML>
Figure 7-32
ASP code to produce the employee report
The following statement creates an object variable called conn that allows you to create
a connection:
setƒconnƒ=ƒserver.CreateObject("adodb.connection")ƒ
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Programming with Databases
347
A variable is a storage container for data.You can put data into the variable and then use
the variable to reference the data in it. An object variable can have a large and varied
amount of data associated with it. For example, the variable conn is filled with information related to creating connections. The following statement opens a connection to
the employee database in SQL Server on the same server as the Web server (local) and
gives it a user ID (uid) of “sa”:
Conn.openƒ"database=hr;driver={SQLƒServer};server=(local);uid=sa"
The following statement sends the connection a SQL statement that retrieves all the data
in the table called employee. Its result is stored in an object variable called rs. This type
of variable is also called a collection because it holds a collection of data. The rs object
variable is used to retrieve each row of data.
setƒrsƒ=ƒconn.Execute("selectƒssn,firstname,lastname,salaryƒfromƒ
employee")
The next statement begins the loop and specifies that the next statements will be
processed until the end of the data is reached. Notice that you use the rs object variable. Within rs, eof stands for “end of file.” The statement means that the program
should execute the following statements if you have not reached the end of the file.
<%ƒdoƒwhileƒnotƒrs.eofƒ%>
The rs("ssn") line displays the Social Security number for the current employee
record. Notice its similarity to the ASP command request("ssn") that was used to
display data from the form. The rest of the statements are HTML tags used to format
the report. The <TABLE> statement creates a table. The <TR> statement creates a new
row in the table. The <TD> statement creates a new cell in the row of the table.
The following line tells the program to move to the next employee record:
rs.movenextƒ'Goƒtoƒtheƒnextƒemployeeƒrecord
The next line indicates the end of the loop:
loopƒ'Goƒbackƒtoƒtheƒ"doƒwhile"ƒstatement
To produce the employee report using ASP in Windows:
1. Use Windows Explorer to copy report.asp from the Chapter7 folder of your
Data Disk to \inetpub\wwwroot.
2. In Internet Explorer, type http://localhost/report.asp as the URL, and then
press Enter to display the report. The results should resemble Figure 7-31.
Using Data Source Names
Data source names (DSNs) are connections to databases that an administrator creates on
the server. Many programmers use DSNs in their ASP code. Often, programmers are not
allowed physical access to the Web server. Instead, they work remotely and use a variety
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
348
Chapter 7
Installing and Testing a Programming Environment
of techniques to send the ASP code to the Web server. When they want a connection
to a database, they ask the Web administrator to create a DSN. By defining connections
centrally, the administrator can change the configuration without forcing the programmers to change their ASP code.
DSNs are created in the Windows Control Panel. Their use allows detailed information
about the databases, such as the IP address of the DBMS server and the passwords used,
to remain isolated. However, to keep the examples in this chapter simple, you will not
be using passwords to access the DBMS.
To create a DSN named humanresources in Windows:
1. In Administrative Tools, click Data Sources (ODBC). The ODBC Data
Source Administrator dialog box opens. See Figure 7-33. (In Windows 2000,
this dialog box includes a driver for SQL Server.)
Figure 7-33
ODBC Data Source Administrator dialog box
2. Click the System DSN tab, and then click the Add button to add a System
DSN so that an ASP program can use it. The Create New Data Source dialog
box opens. See Figure 7-34. (The options in your dialog box might be different.)
3. You use the Create New Data Source dialog box to select the name of the
database driver. Scroll down to the bottom of the list, and then click SQL
Server. Click Finish.
4. The Create a New Data Source to SQL Server dialog box opens.You use this
dialog box to create the name that programs accessing the DSN will recognize.
In the Name text box, type humanresources. The Server text box associates
the DSN with an instance of SQL Server. For the server, click the Server list
arrow, and make sure (local) is selected. See Figure 7-35.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Programming with Databases
349
7
Figure 7-34
Create New Data Source dialog box
Change name to
humanresources
Change server to (local)
Figure 7-35
Create a New Data Source to SQL Server dialog box
5. Click Next. The dialog box to verify the authenticity of the login ID
appears. Click the With SQL Server authentication using a login ID
and password entered by the user option button. In the Login ID text
box, type sa. See Figure 7-36.
6. Click Next. In the next Create a New Data Source to SQL Server dialog
box, you specify the name of the default database. Click the Change the
default database to: check box, click the corresponding list arrow, scroll up,
and then click hr to select the hr database. See Figure 7-37.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
350
Chapter 7
Installing and Testing a Programming Environment
Click for SQL Server
authentication
SQL Server login ID is sa
Figure 7-36
Verify authenticity of the login ID
Change the database to hr
Figure 7-37
Specifying the name of the database
7. Click Next.You can change the language of system messages, set log options,
use strong encryption for data, and use regional settings, but you typically
should keep the defaults.
8. Click Finish to save the changes. A summary of the configuration appears, as
shown in Figure 7-38.Your configuration information might be different.
9. Click Test Data Source to test the connection.You should see something
similar to Figure 7-39.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Programming with Databases
351
7
Figure 7-38
Configuration summary
Figure 7-39
Results of testing the DSN
10. Click OK to close the dialog box, click OK to close the ODBC setup, and
then click OK to close the ODBC Data Source Administrator dialog box.
11. Now that you have a DSN, you can change the fourth line in report.asp
(shown earlier in Figure 7-32) to the following:
Conn.openƒ"DSN=humanresources;uid=sa"
12. In Internet Explorer, type http://localhost/report.asp as the URL, and
then press Enter to display the report.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
352
Chapter 7
Installing and Testing a Programming Environment
The report.asp file then creates the same report as before. Now if the hr database changes
to a different server, you do not have to change report.asp, just the DSN configuration.
This simplicity can be a significant advantage because many files could contain a reference to the hr database.
Although DSNs make life easier for the programmer and give more control to the
administrator, they do have two disadvantages. First, opening a connection is slower
when you have a DSN because it introduces another layer of software. Second, DSNs
can cause administrative problems. For example, a programmer may need to create a new
DSN or change a DSN outside your normal working hours.
Database Programming with ASP.NET
As you have learned, ASP.NET makes common tasks, such as producing reports, easier to
perform. Although you complete more steps in ASP.NET when specifying the data for
the report, the report itself can be reduced to a single statement. The code in Figure 7-40
produces a report similar to the one shown in Figure 7-31.
<%@ƒImportƒNamespace=”System.Data”ƒ%>ƒ
<%@ƒImportƒNamespace=”System.Data.SqlClient”ƒ%>ƒ
<html>ƒ
<scriptƒlanguage=”VB”ƒrunat=”server”>ƒ
SubƒPage_Load(SenderƒAsƒObject,ƒEƒAsƒEventArgs)ƒ
DimƒdsƒAsƒDataSetƒ
DimƒconnƒAsƒSqlConnectionƒ
DimƒcmdƒAsƒSqlDataAdapterƒ
dsƒ=ƒnewƒDataSet()ƒ
connƒ=ƒNewƒSqlConnection(“server=(local);database=hr;uid=sa”)ƒ
cmdƒ=ƒNewƒSqlDataAdapter(“selectƒ*ƒfromƒemployee”,ƒconn)ƒ
cmd.Fill(ds,ƒ“Employees”)ƒ
DG1.DataSource=ds.Tables(“Employees”).DefaultViewƒ
DG1.DataBind()ƒ
EndƒSubƒ
</script>ƒ
<body>ƒ
<ASP:DataGridƒid=”DG1”ƒrunat=”server”/>ƒ
</body>ƒ
</html>
Figure 7-40
ASP.NET code to create an employee report
The code following Page_Load is processed when the browser requests the page.
Although the syntax is different from ASP, some similarities are apparent. The line
conn = NewƒSqlConnection("server=(local);database=hr;uid=sa")
defines the connection. The line cmd = New SqlDataAdapter("select * from
employee", conn) defines the data to be retrieved from the database.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Programming with Databases
353
The following two lines fill the report (DataGrid) with data:
cmd.Fill(ds,"Employees")
DG1.DataSource=ds.Tables("Employees").DefaultView
The next line displays the report:
DG1.DataBind()
So far, it is difficult to see the advantage of ASP.NET. The real advantage in this program actually comes in the definition of the report: <ASP:DataGridƒid="DG1"
runat="server"/>. That single line replaces the 16 lines in Figure 7-31 between
<BODY> and </BODY> and eliminates the possibility of making errors in those 16 lines.
Using ASP.NET offers other advantages as well. For example, if you change the select
statement to retrieve everything except the salary, ASP.NET would automatically adjust
the report. The DataGrid control also offers many options to alter headings, fonts, colors, columns, and other attributes. If you were using Visual Studio.NET to create this
report, you could drag components from a toolbox and complete some wizards without
using any coding skills.
A sample file on your Data Disk was created with ASP.NET and contains the employee
report information.You can produce this report by displaying it in your browser.
To produce the employee report with ASP.NET on Windows:
1. Use Windows Explorer to copy report.aspx from the Chapter7 folder of
your Data Disk to the \inetpub\wwwroot folder on your IIS server.
2. In Internet Explorer, type http://localhost/report.aspx and then press
Enter to display the report. See Figure 7-41.
Figure 7-41
Employee report created with ASP.NET
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
354
Chapter 7
Installing and Testing a Programming Environment
Database Programming with PHP
PHP is one of the most useful languages available for Apache and is easy to configure
because it is almost ready to use when you install Apache. Although you cannot see the
PHP configuration in httpd.conf, the configuration files in /etc/httpd/conf.d are included
when httpd.conf is processed. One of the files in the /etc/httpd/conf.d directory is
php.conf, which loads the php module and configures it.There are also configuration files
for PERL and another language called Python.
Although files with a PHP extension will be processed, the tags that PHP uses are not
the ones often associated with PHP. By default, only the <?php tag is allowed, though
programmers frequently prefer to use the <? tag.
To allow the <? tag in PHP in Linux:
1. At the terminal prompt, type kedit /etc/php.ini and then press Enter.
2. Press Ctrl+F to open the Find dialog box. Type short_open_tag, and then
click Find.
3. The setting to the right of the “=” shows “Off ”. Change Off to On.
4. Save the file and then exit.
Now the Apache Web server will recognize PHP files. However, PHP does not recognize
a MySQL database. To force it to do so, you need to install drivers specifically for MySQL.
To add MySQL support to PHP in Linux:
1. Insert Red Hat Linux CD 3 in the CD drive.
2. In Konqueror, navigate to the /mnt/cdrom/RedHat/RPMS directory.
3. Scroll to and then double-click php-mysql-4.2.2-8.0.5.i386.Your filename
may be slightly different, but should include “php-mysql.”
4. A dialog box opens and displays “Completed System Preparation” after a few
moments. Click Continue.
5. In a terminal window, restart MySQL by typing /etc/rc.d/init.d/mysqld
restart and then pressing Enter.
6. Type apachectl restart to restart Apache.
Now you can copy the report.php file from the Chapter7 directory to /var/www/html
and display it in the browser. Figure 7-42 shows the contents of the report.php file.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Chapter Summary
355
<?
$conn=mysql_connect("localhost","root","password");
$dbƒ=ƒmysql_select_db("hr");
$ResultSetƒ=ƒmysql_query("selectƒssn,firstname,lastname,salaryƒfromƒemp");
?>
<html>
<body>
<TABLE>
ƒ<TR>
ƒƒ<TD>SSN</TD><TD>First</TD><TD>Last</TD><TD>Salary</TD>
ƒ</TR>
ƒ<?ƒwhile($rsƒ=ƒmysql_fetch_array($ResultSet,ƒMYSQL_ASSOC)){ƒ?>
ƒ<TR>
ƒƒ<TD><?ƒechoƒ$rs["ssn"]ƒ?></TD>
ƒƒ<TD><?ƒechoƒ$rs["firstname"]ƒ?></TD>
ƒƒ<TD><?ƒechoƒ$rs["lastname"]ƒ?></TD>
ƒƒ<TD><?ƒechoƒ$rs["salary"]ƒ?></TD>
ƒ</TR>
ƒ<?ƒ}ƒ?>
</table>
</body>
</html>
Figure 7-42
report.php tests database connectivity
Notice how similar the report.php file is to the ASP code shown in Figure 7-32. It still
provides the basics of connecting to the database in lines 2 and 3, sending a query to the
database in line 4, and looping through the data in lines 13 through 20.
PHP is case-sensitive, so you must match the case of database names, column names, and
other text. For example, if you created the column name for first name in MySQL as
“First” instead of “first”, then you would have to change the line referencing it to the
following:
<TD><?ƒechoƒ$rs["First"]ƒ?></TD>
CHAPTER SUMMARY
❐
❐
Programming languages process data, allow you to create dynamic Web pages that
allow their content to change, and can produce features as simple as a counter that
displays the number of visitors to a Web page or as complex as a sophisticated
e-commerce site. Many Web sites use programming languages to create internal
business applications such as those that perform order processing.
Database management systems organize data for processing. Relational DBMSs
organize data in tables. Tables have columns that describe the characteristics of the
table, such as Social Security number and salary. A primary key refers to the column
or columns that uniquely define a row of data in a table. A foreign key refers to a
column whose values correspond to the values of a primary key.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
356
Chapter 7
Installing and Testing a Programming Environment
❐
The language used to communicate with DBMSs is SQL.You can use SQL commands to insert, update, and delete rows. The command to retrieve rows from a
table is select.
❐
In Windows, data source names (DSNs) allow you to create an interface between
the programs that access databases and the actual databases. The advantage of this
approach is that you can keep the same DSN but readily change the location of the
actual database.
❐
Although Microsoft SQL Server is a commercial product that is rather costly,
MySQL is an open-source product, which means it is available for free. SQL Server
uses GUIs to create databases and tables, insert data, and display data. MySQL has
an interactive administrative tool that allows you to perform similar tasks.
❐
Web-based programming relies on browsers to display HTML forms. A programming language on the Web server processes these forms. Typical Web-based processing is simpler than the typical event-driven, client-based application.
❐
The original environment for Web programming is CGI. Perl is often used as the
scripting language for CGI. ASP and the newer ASP.NET are designed to run very
efficiently on IIS. The .NET Framework needs to be installed before you can use
ASP.NET on Windows 2000.
❐
When Web-based programming environments access a database, their first step is to
connect to the database. Their second step is to send a command, in the form of a
SQL statement, to the database. If the SQL statement produces data, then the third
step is to process the data. These steps are the same for virtually all DBMSs and
programming languages. For DBMSs and programming languages to work together,
however, you need software drivers. ODBC and JDBC are common technologies
that act as go-betweens for DBMSs and programming languages.
❐
PHP is an easy-to-use language that is somewhat similar in structure to ASP. To
make PHP available on an Apache Web server, a single line must be added to
httpd.conf. To change the default <?php tag to a simpler <? tag, you must change
the php.ini file. To get PHP to work with MySQL, you must install a special module called php-mysql.
REVIEW QUESTIONS
1. A Web page that has an .htm or .html extension is called a
2. Dynamic pages contain
.
a. HTML statements
b. programming statements
c. both a and b
d. neither a nor b
page.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Review Questions
357
3. Which of the following tasks typically does not require programming?
a. update inventory
b. display the number of Web site visitors
c. display a heading for a report
d. retrieve employee information
4. SQL is one of many languages you can use to communicate with DBMSs. True
or False?
5. A relational DBMS organizes data into
.
a. tables
b. trees
c. a mesh
d. networks
6. What is a primary key?
a. a security mechanism to protect tables
b. a security mechanism to protect columns
c. the column or columns that uniquely define a row of data
d. none of the above
7. What is a foreign key?
a. a column in one table that is related to a primary key in another table
b. a security mechanism to protect tables
c. a security mechanism to protect columns
d. the column or columns that uniquely define a row of data
8. The series of rules for organizing data into tables is called
.
9. What does SQL stand for?
a. Standard Query Language
b. Super Query Language
c. Structured Quantifiable Language
d. Structured Query Language
10. The
data type is useful for storing text such as last names,
where the number of characters can vary significantly.
11. An example of a DML statement is
.
12. The only real difference between a database created with SQL Server 2000 and
Access is that SQL Server 2000 can handle larger databases. True or False?
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
358
Chapter 7
Installing and Testing a Programming Environment
13. What is the statement to display just the first name of all employees in the
employee table?
a. selectƒfromƒemployeeƒfirstname
b. selectƒfirstnameƒfromƒemployee
c. selectƒfirstnameƒemployee
d. selectƒcolumnƒfirstnameƒfromƒtableƒemployee
14. An open-source database available for Linux is
.
a. SQL Server 2000/Linux
b. Linux SQL
c. MySQL
d. Red Hat DBMS
15. A disadvantage with the DBMS you installed in Linux is that it has no security.
True or False?
16. Which of the following is not a programming language?
a. CGI
b. ASP
c. JSP
d. PHP
17. Which of the following is compiled into a servlet before it is executed?
a. ASP
b. PHP
c. Perl
d. JSP
18. SQL Server 2000 only runs on Windows 2000. For Windows 2003, you need
SQL Server .NET. True or False?
19. What does DSN stand for?
a. database solution number
b. data source number
c. data source name
d. data system name
20. What is the opening tag in PHP?
a. <%
b. <?
c. <*
d. <$
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
359
HANDS-ON PROJECTS
Project 7-1
Hands-on
Project
Create a report for a database application using a Microsoft Access database.You will use
an Access file from the Data Disk files for Chapter 7 called hr.mdb. This database has the
same format that you used earlier in the chapter, so you can use the same ASP file and
simply change the DSN name.
To create the hrMDB DSN in Windows:
1. In Windows Explorer, copy hr.mdb from the Chapter7\Projects folder of the
Data Disk to the \inetpub folder on your Windows server.
2. In Administrative Tools, click Data Sources (ODBC). The ODBC Data Source
Administrator dialog box opens.
3. Click the System DSN tab, and then click Add to add a system DSN.You need
a system DSN so that an ASP program can use it. The Create New Data Source
dialog box opens.
4. Click Microsoft Access Driver (*.mdb) to select the Microsoft Access driver.
5. Click Finish. The ODBC Microsoft Access Setup dialog box opens.
6. In the Data Source Name text box, type hrMDB, and then click Select. The
Select Database dialog box opens.
7. For the database name, navigate to \inetpub and then click hr.mdb.
8. Click OK to return to the ODBC Microsoft Access Setup dialog box.
9. Click OK twice to exit the Data Sources (ODBC) application.
To change report.asp to display the report from Access:
1. In a text editor, change the line in report.asp
Conn.openƒ"database=hr;driver={SQLƒServer};server=(local);uid=sa"
to
Conn.openƒ"DSN=hrMDB"
2. Open the browser, type http://localhost/report.asp, and then press Enter to
display the same report that you produced when you used SQL Server. Refer
back to Figure 7-31.
Project 7-2
Hands-on
Project
Modify the ASP.NET program called report.aspx (shown in Figure 7-41) to have more
functionality as shown in Figure 7-43. The column headings have a blue background
color with a white text font, and they are not simply the names of the columns in the
table. Instead of ssn, for example, the heading is SocSecNum. Instead of two columns for
first name and last name, they are combined into a single column called Emp Name.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
360
Chapter 7
Installing and Testing a Programming Environment
To modify report.aspx:
1. In a text editor, edit report.aspx by changing the line
<ASP:DataGridƒid="DG1"ƒrunat="server"/>ƒ
to
<ASP:DataGridƒid="DG1"ƒrunat="server"ƒAutoGenerateColumns=false>ƒ
<HeaderStyleƒFont-Bold="True"ƒForeColor="white"ƒBackColor="blue"/>
<ItemStyleƒForeColor="black"ƒBackColor="yellow"/>
<AlternatingItemStyleƒForeColor="yellow"ƒBackColor="black"/>
<Columns>
ƒƒ<asp:BoundColumnƒDataField="ssn"ƒHeaderText="SocSecNum"/>
ƒƒ<asp:TemplateColumnƒHeaderText="EmpƒName">
ƒƒƒƒ<ItemTemplate>
ƒƒƒƒƒƒ<%#ƒContainer.DataItem("firstname")%>
ƒƒƒƒƒƒ<%#ƒContainer.DataItem("lastname")%>
ƒƒƒƒ</ItemTemplate>
ƒƒ</asp:TemplateColumn>
ƒƒ<asp:BoundColumnƒDataField="salary"ƒHeaderText="Salary"/>
</Columns>ƒƒ
</asp:DataGrid>
2. Save report.aspx and display it in the browser.
Figure 7-43
Results of changing report.aspx
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
361
Project 7-3
Hands-on
Project
Create an ASP application to add an employee. Modify form.htm so that when you submit the form, a SQL insert statement is created and sent to the employee table. If you
plan to use the Microsoft Access table, you must change the security on the file to allow
data to be added. If you use SQL Server, no changes are needed.
To change the security on the Access file:
1. In Windows Explorer, navigate to \inetpub, right-click hr.mdb, and then click
Properties. The hr.mdb Properties dialog box opens.
2. Click the Security tab. See Figure 7-44.Your objective is to give the anonymous
guest account, which is IUSR_ followed by the name of your computer, read and
write access to the file.
7
Figure 7-44
Security tab in hr.mdb Properties dialog box
3. Click Add to add a user to the list. The Select Users or Groups dialog box opens.
See Figure 7-45.
4. Click Advanced. In this dialog box, you can list the users so you can select by
name. Click Find Now. A list of users and groups appears in the dialog box. See
Figure 7-46. At the bottom of the figure, you can see IUSR_WEB1. Although
yours will begin with IUSR_, the rest of the user name may be different. Click
this user, and then click OK.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
362
Chapter 7
Figure 7-45
Installing and Testing a Programming Environment
Select Users or Groups dialog box
Select the user that begins
with IUSR_
Figure 7-46
Find the IUSR guest account
5. Click OK again to return to the hr.mdb Properties dialog box.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
363
6. Click the Write check box in the Allow column to allow write permission.
7. Click OK to close the hr.mdb Properties dialog box.
To create an application to insert an employee record:
1. In a text editor, open form.htm from the Chapter7\Projects folder, and then
save it in \inetpub\wwwroot. Click Yes to confirm that you want to replace
form.htm. Change the line
<formƒaction=>ƒ
to
<formƒaction=insertaction.asp>ƒ
2. After the Last Name: <input type=text name=last><BR> line, insert
the following line:
Department:ƒ<inputƒtype=textƒname=depno><BR>
3. Save and close form.htm.
4. In \inetpub\wwwroot, create a file named insertaction.asp and type the following, which uses the Access database:
<%@ƒLanguage=VBScriptƒ%>
<%
Setƒconnƒ=ƒserver.createobject("ADODB.connection")
Conn.openƒ="DSN=hrMDB"
sql="insertƒintoƒemployeeƒvaluesƒ('"ƒ&ƒ_ƒ
ƒƒƒrequest("ssn")ƒƒƒƒ&ƒ"',ƒ'"ƒ&ƒ_
ƒƒƒrequest("first")ƒƒƒ&ƒ"',ƒ'"ƒ&ƒ_
ƒƒƒrequest("last")ƒƒ&ƒ"',ƒ'"ƒ&ƒ_
ƒƒƒrequest("depno")ƒƒ&ƒ"',ƒ"ƒ&ƒ_
ƒƒƒrequest("salary")ƒ&ƒ")"ƒ
Conn.executeƒsql
Conn.close
Setƒconnƒ=ƒnothing
%>
<html><body>
Theƒemployeeƒrecordƒwasƒadded!
</body></html>
5. If you prefer to use the SQL Server database, change the fourth line as follows:
Conn.openƒ"database=hr;driver={SQLƒServer};server=(local);uid=sa"
Be careful with the quotation marks and the apostrophes. For example, the sixth line is
request("ssn")ƒ&ƒquotationƒapostrophe,ƒapostropheƒquotationƒ&ƒ_
However, the line that contains depno does not have the apostrophe after the comma.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
364
Chapter 7
Installing and Testing a Programming Environment
The information coming from the form is combined to create an insert statement in SQL.
For example, suppose you typed the following information for the data on the form:
ssn: 667879898
First name: Mary
Last name: Noia
Depno: 20
Salary: 30000
This data would be combined to create the following string of characters:
Insertƒintoƒemployeeƒvaluesƒ('667879898','Mary','Noia','20',30000)
The text in parentheses would be inserted in the sql variable on line 5. The sql variable
would be sent to the database on line 11.
To test the file:
1. Open a browser, type localhost/form.htm, and then press Enter to display
the form.
2. Fill in the form with Mary Noia’s information, and then click Submit to add the
record to the table.
3. In the browser, type localhost/report.asp and then press Enter to see the report
with the new employee. If a report with the new employee does not appear, check
line 4 of report.asp and make sure that it matches line 4 of insertaction.asp.
Project 7-4
Hands-on
Project
Write a program to update the employee’s salary in ASP. In SQL, to change the salary of
the employee with a ssn of 553879098 to 70000, you would create the following statements:
updateƒemployee
setƒsalary=70000
whereƒssn='553879098'
First, you must create a form that prompts for the employee’s ssn and salary. Next, you
would send the information to an ASP page to create the update statement, and finally
you would send it to the database.
To modify form.htm for the update:
1. In a text editor, open form.htm from the Chapter7\Projects folder, and then
save it in \inetpub\wwwroot. Click Yes to confirm that you want to replace
form.htm. Change the line
<formƒaction=>ƒ
to
<formƒaction=updateaction.asp>ƒ
2. Delete the lines with the first name and last name.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
365
3. Save form.htm, and then close the text editor.
4. Create a file called updateaction.asp and put it in \inetpub\wwwroot. It should
contain the following statements for Access:
<%@ƒLanguage=VBScriptƒ%>
<%
Setƒconnƒ=ƒserver.createobject("ADODB.connection")
Conn.openƒ="DSN=hrMDB"
sql="updateƒemployeeƒsetƒsalary=ƒ"ƒ&ƒ_ƒ
ƒƒƒrequest("salary")ƒƒƒƒ&ƒ"ƒwhereƒssnƒ=ƒ'"ƒ&ƒ_
ƒƒƒrequest("ssn")ƒƒƒ&ƒ"'"ƒ
Conn.executeƒsql
Conn.close
Setƒconnƒ=ƒnothing
%>
<html><body>
Theƒemployeeƒrecordƒwasƒchanged!
</body></html>
5. If you prefer to use SQL Server, change the fourth line as follows:
Conn.openƒ"database=hr;driver={SQLƒServer};server=(local);uid=sa"
6. In the browser, open form.htm and fill in a Social Security number of
553879098 and a salary of 70000. Click Submit to change the salary of Lynn
Gweeny to 70000.
7. In the browser, open report.asp to see the change to Lynn Gweeny’s salary.
Project 7-5
Hands-on
Project
Create a PHP program to process the form.htm form shown in Figure 7-15. The
form.htm Web page prompts the user for a Social Security number, first name, last name,
and salary. The action page is set to ProcessForm.php. In this file, you display the information entered in the form.
To process form.htm using PHP:
1. In a text editor, open form.htm from the Chapter7\Projects folder, and then
save it in the /var/www/HTML folder. Change the line in form.htm
<formƒaction=>ƒ
to
<formƒaction=ProcessForm.php>ƒ
2. Save and close form.htm.
3. In /var/www/HTML, use kedit to create a file named ProcessForm.php, and
then type the following:
<?
$requestƒ=ƒ$HTTP_GET_VARS;
?>
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
366
Chapter 7
Installing and Testing a Programming Environment
<html><body>
<?
echoƒ"Helloƒ$request[first]ƒ$request[last].<BR>";
echoƒ"YourƒSocialƒSecurityƒNumberƒisƒ$request[ssn],ƒ";
echoƒ"andƒyouƒmakeƒ\$$request[salary]";
?>
</body></html>
4. Save and close ProcessForm.php.
5. Open a browser, type localhost/form.htm, and then press Enter to display
the form.
6. Complete the form as shown in Figure 7-17, and then click Submit. The output
should appear as shown in Figure 7-18.
Project 7-6
Hands-on
Project
Create a PHP application to add an employee. Modify form.htm so that when you submit the form, a SQL insert statement is created and sent to the employee table.
To create an application to insert an employee record:
1. In a text editor, open form.htm from the Chapter7\Projects folder, and then
save it in /var/www/html, overwriting the existing form.htm. Change the line
<formƒaction=>ƒ
to
<formƒaction=insertaction.php>ƒ
2. Find the following line:
LastƒName:ƒ<inputƒtype=textƒname=last><BR>
After this line, insert the following line:
Department:ƒ<inputƒtype=textƒname=depno><BR>
3. Save and close form.htm.
4. In /var/www/html, create a file named insertaction.php and type the following
code, which uses the MySQL database. The lines of code to make sure that no errors
in the database connection occur have been deleted for clarity. In Project 7-5,
$request was used for the form variable. In insertaction.php, $r is used to shorten
the line used to create the insert statement.
<?
$rƒ=ƒ$HTTP_GET_VARS;
$conn=mysql_connect("localhost","root","password");
$dbƒ=ƒmysql_select_db("hr");
$sqlƒ=ƒ"insertƒintoƒemployeeƒvaluesƒ
('$r[ssn]','$r[first]','$r[last]','$r[depno]',$r[salary])";
$Retƒ=ƒmysql_query($sql);
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Hands-on Projects
367
?>
<html><body>
Theƒemployeeƒhasƒbeenƒadded!
</body></html>
The information coming from the form is combined to create an insert statement in
SQL. For example, suppose you typed the following information for the data on the
form: SSN: 667879898
First name: Mary
Last name: Noia
Deptno: 20
Salary: 30000
It would be combined to create the following string of characters:
Insertƒintoƒemployeeƒvaluesƒ('667879898','Mary','Noia','20',30000)
The string of characters would be inserted in the sql variable on line 5. The sql variable
would be sent to the database on line 6.
5. Open a browser, type localhost/form.htm, and then press Enter to display
the form.
6. Fill in the form with Mary Noia’s information, and then click Submit to add the
record to the table.
7. In the browser, type localhost/report.php and then press Enter to see the
report with the new employee.
Project 7-7
Hands-on
Project
Write a program to update an employee’s salary in PHP. In SQL, to change the employee
with a ssn of 553879098 to 70000, you would include the following statements:
updateƒemployee
setƒsalary=70000
whereƒssn='553879098'
First, you must create a form that prompts for the employee’s ssn and salary. Next, you
would send the information to a PHP page to create the update statement, and finally
you would send it to the database.
To modify form.htm for the update:
1. In a text editor, open form.htm from the Chapter7\Projects folder, and then
save it in /var/www/html, overwriting the existing file. Change the line
<formƒaction=>ƒ
to
<formƒaction=updateaction.php>ƒ
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
368
Chapter 7
Installing and Testing a Programming Environment
2. Delete the lines with the first name and last name.
3. Save form.htm, and then close the text editor.
4. Create a file called updateaction.php and store it in /var/www/html. Type the
following code in the file:
<?
$rƒ=ƒ$HTTP_GET_VARS;
$conn=mysql_connect("localhost","root","password");
$dbƒ=ƒmysql_select_db("hr");
$sqlƒ=ƒ"updateƒemployeeƒsetƒsalary=$r[salary]ƒwhereƒssn='$r[ssn]'";
$Retƒ=ƒmysql_query($sql);
?>
<html><body>
Theƒemployeeƒsalaryƒhasƒbeenƒupdated!
</body></html>
5. In the browser, open form.htm, and fill in a Social Security number of
553879098 and a salary of 70000. Click Submit to change the salary of Lynn
Gweeny to 70000.
6. In the browser, open report.php to see the change to Lynn Gweeny’s salary.
Project 7-8
Hands-on
Project
The existing report.php page produces a report for all employees. Often it is useful to
create a report for a subset of the employees. In this project, you will create a form that
requests a department number. When it is submitted, it will generate a report for all
employees from that department. In SQL, you modify the select statement to retrieve
rows that meet a certain criterion. For example, to retrieve all employee information for
employees in department 10, you would write the following:
selectƒ*ƒ
fromƒemployee
whereƒdepno='10'
To create a custom report based on department number:
1. Create a Web page called formdepno.htm and store it in /var/www/html. It
should contain the following:
<HTML>
<BODY>
PleaseƒenterƒtheƒdepartmentƒnumberƒandƒclickƒSubmit:<BR>
<FORMƒaction=reportdepno.php>
Department:ƒ<inputƒtype=textƒname=depno><BR>
<inputƒtype=submitƒname=submitƒvalue=Submit>
</FORM>
</BODY>
</HTML>
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Case Projects
369
2. Create a file called reportdepno.php and save it in /var/www/html. It should
contain the following code. Be careful to include the space after “employee” on
line 5. On line 6, there is a “.” before the “=”, which appends the characters on
the previous line to the $sql variable. This report is very similar to report.php.
The tests for database errors have been removed for clarity.
<?
$requestƒ=ƒ$HTTP_GET_VARS;
$conn=mysql_connect("localhost","root","password");
$dbƒ=ƒmysql_select_db("hr");
$sqlƒ=ƒ"selectƒssn,firstname,lastname,salaryƒfromƒemployeeƒ";
$sqlƒ.=ƒ"whereƒdepnoƒ=ƒ'$request[depno]'";
$ResultSetƒ=ƒmysql_query($sql);
?>
<html><body>
<?
echoƒ"<h2>ReportƒforƒDepartmentƒ$request[depno]</h2><BR>";
echoƒ"<TABLE><tr><th>ssn</th><th>First</th><th>Last</th>
<th>Salary</th></tr>";
while($rsƒ=ƒmysql_fetch_array($ResultSet,ƒMYSQL_ASSOC))
{
echoƒ"<tr>";
echoƒ"<td>".$rs["ssn"]."</td>";
echoƒ"<td>".$rs["firstname"]."</td>";
echoƒ"<td>".$rs["lastname"]."</td>";
echoƒ"<td>".$rs["salary"]."</td>";
echoƒ"</tr>";
}
ƒechoƒ"</table>";ƒ?>
</body></html>
3. In the browser, open formdepno.htm, and then enter a department number of 10.
Click Submit to view the report of employees from department 10.
CASE PROJECTS
The following case projects are based on an inventory database that contains a table
called parts with a four-character item ID called itemid, a description of up to 20 characters, cost, and a quantity. The primary key is itemid. The table should contain the data
shown in Table 7-3.
Table 7-3
Itemid
Description
Cost
Quantity
A15
Widget
10
50
A20
SuperWidget
15
20
C53
EconoWidget
5
18
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
7
370
Chapter 7
Installing and Testing a Programming Environment
Case Project 7-1
Case
Project
Create an ASP application for inventory information. Create the inventory database in
SQL Server. Create the parts table and add the information. Create a report to display
the information in the table.
Case Project 7-2
Case
Project
Create an ASP application to add new inventory records and update inventory quantities. For the update form, prompt the user for the itemid and quantity. When you are
done, display the report you created in Case Project 7-1.
Case Project 7-3
Case
Project
Create a form to prompt for an itemid. Create a page to delete the row based on the
itemid entered. For example, the following SQL command would delete item G65:
deleteƒfromƒparts
whereƒitemidƒ=ƒ'G65'
Display the report from Case Project 7-1 to make sure that it worked.
Case Project 7-4
Case
Project
Create an ASP.NET application to display the contents of the table you created in Case
Project 7-1.
Case Project 7-5
Case
Project
Perform the tasks outlined in Case Project 7-1 using MySQL and PHP instead of
SQL Server and ASP.
Case Project 7-6
Case
Project
Perform the tasks outlined in Case Project 7-2 using MySQL and PHP instead of
SQL Server and ASP.
Case Project 7-7
Case
Project
Perform the tasks outlined in Case Project 7-3 using MySQL and PHP instead of
SQL Server and ASP.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
CHAPTER
8
PROVIDING E-MAIL SERVICES
In this chapter, you will:
♦
♦
♦
♦
♦
♦
♦
Understand the e-mail environment
Understand e-mail protocols
Install and administer Microsoft Exchange 2000
Install and administer sendmail for Linux
Install and configure IMAP4 and POP3 servers for Linux
Configure e-mail clients
Understand Web-based e-mail clients
A
lthough most e-mail today works via standard Internet protocols, e-mail
services have historically used many methods with varying levels of popularity. Until the late 1990s, e-mail was based on proprietary systems. As the
popularity of the Internet grew, standards became more widespread, allowing
different e-mail systems to communicate with each other. The standard for
current e-mail services is to use DNS with a special Mail Exchange record
that contains the IP address of the mail server for a domain.The e-mail systems use as many as three standard protocols to communicate: Simple Mail
Transfer Protocol (SMTP), for sending e-mail, and Post Office Protocol
(POP3) or Internet Mail Access Protocol (IMAP4), for retrieving e-mail
from electronic mailboxes.
The two most common e-mail packages are sendmail for Linux and
Microsoft Exchange 2000 for Windows. Sendmail implements SMTP, while
Exchange 2000 implements SMTP, POP3, and IMAP4. In addition,
Exchange 2000 has a Web-based client called Outlook Web Access
(OWA). To add POP3 and IMAP4 capabilities to Linux, you can use the
imap-2001 package.You configure e-mail clients in similar ways, no matter
what the software.To do so, you supply the IP address for the outgoing server
(SMTP) and the incoming server (POP3 or IMAP4), and you supply your
e-mail address and the account information necessary to retrieve e-mail.
371
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
372
Chapter 8
UNDERSTANDING
Providing E-mail Services
THE
E-MAIL ENVIRONMENT
Over the years, e-mail has evolved from a variety of proprietary systems to the current
system, which is based on Internet standards. In the 1980s and 1990s, people who
depended on e-mail may have had three or more e-mail addresses, one for each major
e-mail system. For example, in the 1980s, CompuServe was one of the most popular
online services, and companies such as Microsoft, Borland, and Lotus conducted forums
on CompuServe.You could use CompuServe to send e-mail, but only to other users on
CompuServe. CompuServe eventually offered gateways to other e-mail systems, including Internet-based e-mail.
Even in the 1990s, e-mail was commonly used only within individual companies, without any connections to the Internet. The version of Microsoft’s e-mail server available
in the mid- to late 1990s was designed primarily to exchange mail within a company.
Doing so represented a challenging task because large corporations often had a number
of e-mail systems, including the once-popular Lotus cc:Mail. Also, one site could connect to another site within the company using a variety of methods. That situation
changed with the 1997 release of Microsoft Exchange 5.5, which included add-on software that allowed Exchange to send and receive e-mail across the Internet. Sendmail,
the most common e-mail system available for UNIX and Linux, can still accept and relay
e-mail based on previous addressing standards such as BITNET and DECNET.
Although this chapter focuses on configuring a single e-mail server for use on the
Internet, a large company needs to consider other aspects of administering an e-mail system. Often, a company uses many e-mail servers that need to exchange messages, with
a single server acting as a gateway to the Internet.
For Windows, Microsoft Exchange 2000 represents the standard for e-mail service.
Microsoft Exchange 2000 has capabilities far beyond simple e-mail, including the following features:
■
Instant messaging—Send messages instantly using secure architecture.
■
Unified messaging platform—Use a single inbox for e-mail, voicemail, fax,
and pages.
■
Chat service—Communicate online with others who share similar interests.
The chat service is based on the Internet Relay Chat (IRC) protocol, which
makes it compatible with any chat client. This service requires Active
Directory and the Conferencing server add-on.
■
URL addressing—Use a single URL to access stored data.
■
Audio and video conferencing—Meet with others online by speaking to and
viewing images of one another. This service uses the Telephony 3.0 (TAPI)
protocol, which supports the use of multicast technology. With multicast
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the E-mail Environment
373
technology, a single IP packet can be sent to multiple recipients as opposed
to having to send IP packets to each individual recipient.
■
Collaborative development—Work with others to develop applications.
■
Integration with Outlook—Use Microsoft Outlook features such as scheduling,
contacts, and shared documents.
Although both Microsoft Windows 2000 and Windows Server 2003 include SMTP as a
Windows component, Windows 2003 adds a POP3 Windows component. The POP3
component lets you provide basic e-mail services on your Windows 2003 server without purchasing other software such as Exchange 2000. In Hands-on Project 8-9, you
install and administer POP3.
An e-mail system must balance simplicity and functionality.The basic protocols used for
e-mail systems must be simple enough so that all Internet systems can send and receive
messages. Unfortunately, the original specifications for e-mail did not address some areas
of functionality. For example, only text messages were originally supported. To allow
users to send pictures and sound via e-mail, the Multipurpose Internet Mail
Extensions (MIME) specification was developed. MIME formats allow pictures, sound,
and other binary data to be converted into text formats.When the message is delivered,
the text is converted into the correct binary format. Formats that MIME can handle
include the following:
■
Applications—Data can be formatted as Postscript or octet-stream files. Octetstream is commonly used by Microsoft for sending application data such as
Word documents.
■
Images—Graphics can be sent in a variety of formats, such as .jpg or .gif files.
■
Video—Videos can be sent in formats such as .mpeg.
Understanding the Role of DNS in E-mail Systems
Recall from Chapter 4 that the purpose of DNS is to map host names to IP addresses. For
example, www.technowidgets.com represents a host that corresponds to the IP address
192.168.0.100. Typically, a host corresponds to a single IP address. A domain name often
corresponds to the IP address of its Web site. For example, if you type redhat.com in a
browser, the Red Hat Web site appears. In an e-mail address such as [email protected],
technowidgets.com represents the IP address of the e-mail server, which is probably different
from the IP address of the Web server. Because a domain name such as RedHat.com or
technowidgets.com can represent the IP addresses of both a Web site and an e-mail server,
you need a way to distinguish between the two. In DNS, you configure the IP address of
your domain name to be used for a Web site by using an “A” record, as in IN A
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
374
Chapter 8
Providing E-mail Services
192.168.0.100.You configure DNS to associate the domain name with the IP address
of your e-mail server through a Mail Exchange (MX) record, as in:
ƒINƒƒƒƒƒƒMXƒƒ10ƒƒmail.technowidgets.com.
Figure 8-1 contains a DNS file based on the one in Chapter 4.
@ƒƒƒƒƒINƒƒƒƒSOAƒƒƒWeb1.technowidgets.com.ƒadmn.technowidgets.com.ƒ(
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ2002072100ƒ;ƒSerial
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ28800ƒƒƒƒƒƒ;ƒRefresh
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ14400ƒƒƒƒƒƒ;ƒRetry
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ3600000ƒƒƒƒ;ƒExpire
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ86400ƒ)ƒƒƒ;ƒMinimum
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒNSƒƒƒƒƒƒWeb1
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒAƒƒƒƒƒƒƒ192.168.0.100
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒMXƒƒ10ƒƒmail.technowidgets.com.
Web1ƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒAƒƒƒƒƒƒƒ192.168.0.100
wwwƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒCNAMEƒƒƒWeb1
www.supportƒƒƒINƒƒƒƒƒƒCNAMEƒƒƒWeb1
researchƒƒƒƒƒƒINƒƒƒƒƒƒAƒƒƒƒƒƒƒ192.168.0.150
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒMXƒƒ10ƒƒmail
mailƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒAƒƒƒƒƒƒƒ192.168.0.200
Figure 8-1
DNS file with MX records
Recall from Chapter 4 that the @ (“at” symbol) at the beginning of the figure represents the name of the domain, which is technowidgets.com, and that the first three IN
records refer to the domain name. The third IN record could be rewritten as follows:
technowidgets.com.ƒINƒƒMXƒƒ10ƒƒmail.technowidgets.com.
This record means that if an e-mail system is looking up the domain name, it should
be referred to the address at mail.technowidgets.com. Later in the definition, you see that
the mail host corresponds to 192.168.0.200. One MX record is associated with
research.technowidgets.com and with mail.technowidgets.com.Thus, if someone sent an e-mail
message to [email protected], the e-mail server would look up the MX
record for research.technowidgets.com and find that the IP address for mail.technowidgets.com
is 192.168.0.200. However, you could not successfully send an e-mail message to
[email protected] or [email protected] because no MX record
is associated with them.
In the MX record, a number from 1 to 99 is included to show the priority of the associated mail server. By convention, the default number is set to 10, but you could use any
other number in the range. The lower the number, the higher the priority. If you had
multiple e-mail servers, you could change your DNS configuration to the one shown in
Figure 8-2.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding the E-mail Environment
375
@ƒƒƒƒƒINƒƒƒƒSOAƒƒƒWeb1.technowidgets.com.ƒadmn.technowidgets.com.ƒ(
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ2002072100ƒ;ƒSerial
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ28800ƒƒƒƒƒƒ;ƒRefresh
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ14400ƒƒƒƒƒƒ;ƒRetry
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ3600000ƒƒƒƒ;ƒExpire
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ86400ƒ)ƒƒƒ;ƒMinimum
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒNSƒƒƒƒƒƒWeb1
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒAƒƒƒƒƒƒƒ192.168.0.100
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒMXƒƒ10ƒƒmail.technowidgets.com.
ƒƒƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒƒƒMXƒƒ20ƒƒmail2.technowidgets.com.
Web1ƒƒƒƒƒƒƒƒINƒƒƒƒAƒƒƒƒƒ192.168.0.100
wwwƒƒƒƒƒƒƒƒƒINƒƒƒƒCNAMEƒWeb1
www.supportƒINƒƒƒƒCNAMEƒWeb1
researchƒƒƒƒINƒƒƒƒAƒƒƒƒƒ192.168.0.150
ƒƒƒƒƒƒƒƒƒƒƒƒINƒƒƒƒMXƒ10ƒmail
mailƒƒƒƒƒƒƒƒINƒƒƒƒAƒƒƒƒƒ192.168.0.200
mail2ƒƒƒƒƒƒƒINƒƒƒƒAƒƒƒƒƒ192.168.0.202
Figure 8-2
DNS file with MX records for two e-mail servers
When you send an e-mail message to technowidgets.com, the message first goes to
mail.technowidgets.com because it has the lowest number associated with the MX record.
If that e-mail server is not available, the message goes to mail2.technowidgets.com.
Understanding E-mail System Terminology
E-mail systems have to perform more than one task. First, an e-mail server must accept
e-mail messages from clients and send the messages to other e-mail servers. An e-mail
server must also accept e-mail messages from other e-mail servers. The component
involved in the transfer of the e-mail messages is the Mail Transfer Agent (MTA),
which accepts e-mail from clients and then sends the e-mail to another MTA for storage.The MTA might store the messages in a sophisticated database or in simple text files.
To send e-mail to the MTA, an e-mail user must have a Mail User Agent (MUA),
sometimes simply referred to as a UA. The MUA is client software that correctly formats messages and sends them to the MTA, which in turn sends the e-mail to the MTA
of the recipient.The MUA also retrieves e-mail from a Mail Delivery Agent (MDA),
which is responsible for delivering e-mail from the e-mail system to the MUA. The
MDA is part of the e-mail server. Figure 8-3 illustrates the flow of e-mail.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
376
Chapter 8
Providing E-mail Services
MTA
E-mail
message
E-mail
message
E-mail
message
E-mail server
MUA (e-mail client)
Figure 8-3
MDA
E-mail server
MUA (e-mail client)
Flow of e-mail
When configuring e-mail systems, you need to know the meaning of specialized terms,
such as masquerading. When you are sending mail from mail.technowidgets.com or
mail2.technowidgets.com, you do not want the full host name to appear on the return
address, as in [email protected], because that is not the standard format for
e-mail addresses. Instead, you should mask the actual host name and replace it with
technowidgets.com so that the return address is [email protected] Some e-mail systems, such as Microsoft Exchange 2000, automatically provide masquerading. Others,
such as sendmail, require you to specifically state the domain portion of the return
address when you configure your e-mail server.
Relaying is the process of sending e-mail to an intermediate MTA before the message
is transmitted to its final destination. Organizations use relaying when a number of MTAs
gather e-mail before it is sent to the one MTA in the organization that has a connection to the Internet. However, relaying should not be allowed on single MTAs connected
to the Internet, because spammers can route almost unlimited e-mails through your
MTA. A spammer is someone who sends unsolicited e-mail, typically to try to sell
something. As a benefit to the spammers, the return address is often masqueraded so that
it appears to have come from your organization.As a consequence, a spammer could market a “miracle” weight-loss device via e-mail and make it appear as if the message was
coming from a respected company such as TechnoWidgets.
Sometimes it is appropriate to have an e-mail address that is not related to a specific user.
For example, you may want an e-mail address for [email protected] or
[email protected] To make it easier to retrieve e-mail for these addresses, you can
set up an alias whereby e-mail sent to info or sales is routed to a specific address, such
as [email protected] In actuality, no e-mail account for info or sales exists. Both
simply represent other addresses associated with lcamoes. If lcamoes leaves
TechnoWidgets, then you could reassign the aliases to the new person, such as
[email protected] An alias can also be useful when employees leave a company,
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding E-mail Protocols
377
but their jobs require that someone still read and respond to their e-mail messages. For
example, if an employee with an e-mail address of [email protected] leaves
TechnoWidgets, but the owner of the edequeroz account will handle the jdesena e-mail,
then the jdesena account can be deleted and a jdesena alias created for edequeroz so that
edequeroz will receive e-mail destined for jdesena.
UNDERSTANDING E-MAIL PROTOCOLS
As the previous section explained, MTAs and MDAs perform different jobs. The MTA
transfers e-mail from one server to another, and the MDA delivers mail to the user.These
agents use different protocols to do each job. Just as the Web server depends on the
HTTP protocol to communicate, so the MTA depends on SMTP, and the MDA depends
on POP3 or IMAP4. Some e-mail systems, such as Microsoft Exchange 2000, include
all the protocols in one package. Other e-mail systems supply communication for a single protocol. For example, sendmail is simply an MTA that uses SMTP.To deliver e-mail
messages to client software packages, you would have to install another server program
that supports POP3 or IMAP4.
Each protocol requires its own server software. For example, the SMTP protocol is used
by an SMTP server, the POP3 protocol is used by a POP3 server, and the IMAP4 protocol is used by an IMAP4 server. Just as a Web server listens at port 80, so an SMTP
server listens at port 25, a POP3 server listens at port 110, and an IMAP4 server listens
at port 143. In essence, Exchange 2000 contains multiple servers.
You should recognize how the e-mail protocols operate for two reasons. First, you need
to understand how e-mail servers work and to respect their capabilities and limitations.
Second, as you will see in the Hands-on Projects, you can use your knowledge of protocols along with the Telnet utility to connect to an e-mail server and test the components. These techniques can prove very useful in testing new servers and providing
solutions to user e-mail problems.
Understanding SMTP
SMTP is a text-based protocol that e-mail clients and servers use to send e-mail messages. Both Microsoft Exchange 2000 and sendmail support SMTP. Just as you can simulate accessing a Web page using Telnet instead of a browser, so you can send an e-mail
message using Telnet and your knowledge of the SMTP protocol instead of an e-mail
client. As is true with other TCP/IP text-based protocols, SMTP has commands and
headers. Commands divide communication into distinct parts; headers add descriptive
information. SMTP uses only a few commands to do its work. Table 8-1 describes the
common commands associated the SMTP protocol. Table 8-2 describes the common
SMTP headers.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
378
Chapter 8
Table 8-1
Providing E-mail Services
Common SMTP commands
Command
Purpose
HELO
Identifies the domain sending the message
DATA
Indicates the body of the message
VRFY
Verifies the e-mail user
QUIT
Ends the SMTP session
Table 8-2
Common SMTP headers
Header
Description
MAIL FROM:
Identifies who is sending the message (required)
RCPT TO:
Identifies the recipient of the message (required)
RECEIVED:
Identifies the e-mail server that processed the message;
multiple instances of this header can be provided
DATE:
Indicates the date of the e-mail
FROM:
Shows the e-mail address of sender as it is typically displayed
in an e-mail client
SUBJECT:
Shows the subject of the e-mail message
TO:
Shows the recipient of the e-mail message as it is typically
displayed in an e-mail client
CC:
Sends copies of the message to a list of e-mail addresses
BCC:
Sends copies of the message to a list of e-mail addresses but
does not display the e-mail addresses
Figure 8-4 shows an example of the minimal communication necessary between the
client and the server to produce a simple e-mail message. The first command is HELO,
which is sent by the client (in this case, from the keyboard) and is followed by responses
from the server. These basic commands have many extensions. For example, instead of
the HELO command, e-mail clients and servers can use EHLO, which is the extended
HELO command that allows for more robust communication. This chapter covers only
communication based on the HELO command.
HELO command
MAIL FROM header
RCPT TO header
Figure 8-4
SMTP communication to produce a message
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding E-mail Protocols
379
Note that each response from the server begins with a number that has a specific meaning.An e-mail client would read these numbers to determine how to respond. For example, a response of 254 indicates that the statement you typed was correct, 220 opens a
connection, and 221 closes a connection. Message 354 states that the e-mail server is
ready to accept an e-mail message and to end the message with the equivalent of pressing Enter, typing a dot, and pressing Enter again.
HELO Command
The HELO command signifies the beginning of a message. It sends the name of the host
or domain that is sending the message. For example:
HELOƒWKS1
The SMTP protocol was developed without addressing any concerns related to security.
Generally, the identifying name is not checked for accuracy. However, the receiving
e-mail server can use DNS to do a reverse lookup on the IP address of the sending
e-mail server.That is, the receiving e-mail server can find the host corresponding to the
IP address. Then the e-mail server can match the domain from the lookup with the
domain in the HELO command.
MAIL FROM Header
E-mail clients and servers use the MAIL FROM header to describe who is sending the e-mail
message.You use the MAIL FROM header in the following format from Figure 8-4:
MAILƒFROM:ƒ[email protected]
As with the HELO command, SMTP does not usually verify the validity of the sender.
Because e-mail addresses are readily available, spammers often use valid temporary e-mail
addresses to send their messages to thousands of recipients at a time. Checking whether
an e-mail address is valid would require a significant increase in processing, which is not
worth the amount of spam this validity check would prevent.
RCPT TO Header
You use the RCPT TO header to describe the recipient of the e-mail message.This header
has the following format:
RCPTƒTO:ƒ[email protected]
How the server responds to this header depends on where the message originates. If
the message is coming from within your network (domain), you should be able to send
your message to any user on the Internet. Responding with 250 2.1.5
[email protected], for example, means that this e-mail address is acceptable to the server because it recognizes cbranco. However, if the message is coming from the
Internet and the recipient is not a member of the e-mail server’s domain, the e-mail message
will probably be rejected. For example, if the e-mail server being accessed belonged to
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
380
Chapter 8
Providing E-mail Services
technowidgets.com, and a message from the Internet was being sent to [email protected], the e-mail
server would probably respond with a message such as 550 5.7.1 Unable to relay
for [email protected] If this message were allowed, spammers could use your e-mail server
to send messages to others.
DATA Command
The body of the message follows the DATA command.The e-mail message must be in text
format. Any binary data has to be converted using an accepted MIME format. Although
the SMTP protocol sets no practical limit on the size of the message, in reality e-mail
servers often limit the size of the messages that they accept. The protocol senses the end
of the message by detecting a period at the beginning of a line, followed by a blank line.
Once the blank line is detected, the message is sent.At this point, processing can start over
with another MAIL FROM header, or processing can be stopped with the QUIT command.
Your e-mail client hides the details of how this protocol works.You simply type the message,
and the e-mail client provides the extra dot and a blank line as required by the protocol.
Recall from Figure 8-4 that the response to the DATA command is 354 Start mail
input; end with <CRLF>.<CRLF>, which means that the client is ready to receive
the e-mail message.The reference to <CRLF> means carriage return/line feed, a dated terminology based on devices that looked like typewriters. With these devices, a carriage
return physically brought the printing head to the beginning of the line and the line feed
advanced the paper to the next line. <CRLF> simply means the beginning of the next line.
In Figure 8-4, the e-mail message sent is “This is a simple message.” A line containing
only a dot followed by a blank line allows the e-mail server to detect the end of the message. When the e-mail server detects the blank line, it responds with 250 2.6.0
<[email protected]>
mail for delivery, which means that the message was accepted.
Queued
VRFY Command
The VRFY command was designed to verify a user.The e-mail server can use this command to test whether an e-mail message is coming from a valid user, one who actually
exists on the e-mail server of the sender. For example, suppose you receive a message
that indicates it is from [email protected] VRFY command could find out whether
there really is a jsmith at nogrlam.com.The e-mail server can also use the VRFY command
to verify a user before sending a message.
E-mail administrators do not usually allow this command to respond as it was designed
to do, because unscrupulous people could easily use VRFY to build lists of e-mail
addresses. For example, in Microsoft Exchange 2000, whether you request the verification of a valid e-mail account or an invalid e-mail account, Exchange 2000 responds
with a message similar to the one below:
252ƒ2.1.5ƒCannotƒVRFYƒuser,ƒbutƒwillƒtakeƒmessageƒforƒ
[email protected]
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding E-mail Protocols
381
Other SMTP Headers
As you have seen, headers provide specific information concerning the e-mail message,
such as who sent the message and who should receive it. Other headers describe more
information about the message that can be used by e-mail clients and servers.When you
fill in the subject line in an e-mail client such as Microsoft Outlook and send the message, the client software inserts the text for the subject of the message in the subject
header. For example, if you type “Important Meeting” in the subject line, when the client
software sends the message, it includes “Subject: Important Meeting.” When the client
software of the recipient detects the subject header, it uses this information to format
the message that the recipient reads.
You probably recognize the headers shown earlier in Table 8-2 from working with
e-mail client software. For example, the FROM: header can be used for a more userfriendly name. Even though the MAIL FROM: header must have a specific e-mail
address, such as [email protected], the FROM: header can contain Mary
Noia [email protected] If the client software detects the FROM: header,
it can use that information instead of the information in the MAIL FROM: header.
Some headers are usually not displayed in client software, but can be used by e-mail
administrators to gain more detailed information about the e-mail message.You use the
RECEIVED: header to trace the route of a message as it was passed from server to server
and to discover the date and time on which the message was received. For example, suppose you decide to send a musical birthday e-mail to a friend from a greeting card site
on the Internet. The message that your friend receives probably has two RECEIVED:
headers: one with information about the message accepted by the greeting card site, and
another with information about the message being accepted by your e-mail server from
the greeting card site. This information can be useful in finding out whether an e-mail
message was delayed on its route to one of your users.
Understanding POP3
E-mail client software can use the POP3 protocol to list, read, and delete e-mail messages. Microsoft Exchange 2000, for example, contains a POP3 server. The first step in
retrieving your e-mail is to log on to the POP3 server, typically through an e-mail client.
Although some POP3 servers accept secure logons, your e-mail client software usually
sends the user name and password as unencrypted text. This software can list all e-mail
headers so that you can view the subject of the e-mail message, the size of the message,
and the sender’s identity before deciding whether to download and read the e-mail.This
ability can be useful if you receive large messages but have a slow connection to your
POP3 server. Although you can leave e-mail messages on a POP3 server, the e-mail service is designed so that messages downloaded to the client are deleted from the server
at the same time.
Table 8-3 lists some POP3 commands that are commonly sent by e-mail client software
to the POP3 server.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
382
Chapter 8
Table 8-3
Providing E-mail Services
Common POP3 commands
Command
Description
USER username
Connects to POP3 server based on user name, as in USER mnoia
PASS password
Enters the password for the user, as in PASS: Ax6yy
LIST
Displays the message number followed by the number of characters
in the message; the message number starts at 1 for each session
UIDL
Displays the unique ID for each message, which can be used by the
client software to determine which messages have been read
RETR n
Replaces the n with a message number to retrieve that message
TOP n lines
Instead of retrieving the whole message, retrieves the number of
lines designated by the lines parameter for message number n
DELE n
Deletes message number n from the server
QUIT
Ends the session
Figure 8-5 shows a sample POP3 session.The session begins with the e-mail client sending the user name and password to the e-mail server via the USER and PASS commands.
Then the e-mail client either uses the LIST or UIDL command to retrieve a list of the
e-mail messages available. With UIDL, the client software can track which e-mail messages have been read because it assigns a unique ID to each message and tracks those
that have been read so they are not downloaded again.
USER command
E-mail message
Figure 8-5
Example of a POP3 session
In the simplest situation, the client software retrieves all messages with the RETR command and deletes all retrieved messages with the DELE command. In some cases, the
client software uses the TOP command to retrieve the first few lines of the message that
contain the headers and part of the message.This strategy allows the user to find out information such as the message sender’s identity, the size of the message, and the subject
before determining whether to retrieve it or even to delete the message without reading it. The QUIT command ends the POP3 session.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Understanding E-mail Protocols
383
Understanding IMAP4
IMAP4 is a much more complex protocol than POP3. It allows the user to organize
folders on the server and permanently store messages in those folders. Because messages
stay on the server, the user can access messages from any computer that has an e-mail
client that supports the protocol. The trade-off for the organization with the IMAP4
server is that because all messages remain on the server instead of being downloaded to
the client, messages can consume a lot of storage space on the server. This concern is
especially problematic if users receive large files, such as images, video, and music files.
To keep track of the status of messages, IMAP4 uses flags to determine whether the
message is new to the mailbox, read, answered, urgent, deleted, or a draft. A flag is a simple characteristic that can equate to true or false. The flags are \Recent, \Seen,
\Answered, \Flagged, \Deleted, and \Draft, respectively.
IMAP4 provides many commands for managing multiple mailboxes and for managing
e-mail messages. Of the commands for managing messages, FETCH is the most complex.
Because IMAP4 does not provide a single command to retrieve both the header information and the body of the message, the e-mail client must use FETCH in a series of
commands. To retrieve all header information for the first message, the e-mail client
issues the following command to the IMAP4 server:
FETCHƒ1ƒBODY[HEADER]
To retrieve the body of the message, the e-mail server then issues the following command:
FETCHƒ1ƒBODY[TEXT]
To retrieve the first 60 characters of a message, the e-mail server uses the following
command:
FETCHƒ1ƒBODY[TEXT]<0.60>
The zero in the previous example gives the starting position, and 60 is the number of
characters to be retrieved. If the e-mail client wanted to retrieve the first ten messages
in the previous commands, it would replace the 1 with 1:10.
Although IMAP4 has a DELETE command, it is used for deleting mailboxes, not messages. Fortunately, you cannot delete your default inbox—only the mailboxes that you
have created.To delete a message, you add the \Deleted flag to the message.When you
log out, the message is actually deleted. The e-mail client uses the following command
to delete the first message:
STOREƒ1ƒ+FLAGSƒ(\Deleted)
The command to undo the deletion is the same as in the previous command, except
that you replace +FLAGS with –FLAGS, as in the following example:
STOREƒ1ƒ-FLAGSƒ(\Deleted)
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
384
Chapter 8
Providing E-mail Services
Table 8-4 lists some common IMAP4 commands.
Table 8-4
Common IMAP4 commands
Command
Description
LOGIN username password
Log on to the server with your user name and password,
which are unencrypted.
SELECT mailbox
Select a mailbox before you perform mail tasks. The default
mailbox is called inbox. The response gives a summary of
mailbox information, such as the number of unread messages and the total number of messages.
FETCH message(s)
item(s)
Retrieve messages. The message(s) parameter gives the
message number. Optionally, you can specify a range of
messages, such as 1:8. The item(s) parameter determines
what part of the message is fetched—that is, individual
header items or the body of the text.
STORE message(s) flags
Change the flags associated with a message. Typically, this
command is used to mark messages to be deleted,
undeleted, or identified as unread.
LOGOUT
End the IMAP4 session.
INSTALLING
AND
ADMINISTERING MICROSOFT EXCHANGE 2000
Microsoft Exchange Server 2000 can be much more than a simple e-mail server. As
noted earlier, it supports the SMTP, POP3, and IMAP4 protocols, making Exchange
Server 2000 a complete e-mail messaging solution. It also supports the Lightweight
Directory Access Protocol (LDAP), which is often used in LAN environments for
communications between e-mail clients such as Microsoft Outlook and Exchange. In
addition, Microsoft Exchange Server 2000 supports collaboration in the form of chat
services and instant messaging. Microsoft designed Exchange Server 2000 to be very easy
to install and maintain in a simple environment, yet expandable to support a very large
organization. According to Microsoft, as of 2002, its Exchange infrastructure supported
more than 71,000 mailboxes and 4.5 million messages per day, with 1.5 million messages
going to and coming from the Internet.
Microsoft Exchange 2000 Architecture
Exchange 2000 is tightly integrated with Active Directory services. As a result, administrators can manage all aspects of the network, including Exchange 2000 users, from the
Active Directory Users and Computers console. Once Exchange 2000 is installed, a new
tab called Exchange Features appears in the user properties dialog box available from the
Active Directory Users and Computers console.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Microsoft Exchange 2000
385
Active Directory uses Dynamic DNS for name resolution, which Exchange 2000 needs
to service users. DNS must also be available to resolve domain names on the Internet so
that SMTP will function correctly and can deliver mail. Although the Microsoft DNS
server can supply a domain naming service that handles both functions, you can also use
two DNS servers.
Exchange 2000 can interact with e-mail servers such as Lotus Notes and Novell
Groupwise through the use of connectors, which translate messages from one system to
another. In Exchange 5.5, the version previous to Exchange 2000, the focus of Exchange
was sending e-mail messages within an organization, including between incompatible
systems. Although Exchange 5.5 was released in 1997, it was not closely tied to the
Internet protocols. In fact, to send and receive Internet e-mail, you had to install
Internet Mail Service (IMS), a software add-on that provided the SMTP, POP3, and
IMAP4 protocols.
Because Exchange was designed to handle e-mail within large organizations, Microsoft
created an architecture that included multiple servers.You can configure these servers to
provide specific services. For example, you can install a server dedicated to providing
connector services for Novell Groupwise. A single server connected to the Internet can
accept e-mail from other Exchange servers, including Exchange 5.5 and Exchange 2000
servers, located within your organization.
Because organizations rely on e-mail, they want to make sure that if one part of the system fails, e-mail will continue to function. To meet this need, multiple Exchange 2000
servers can share a single disk subsystem. Along with an active server that processes the
e-mail, you can use a passive server that is ready to start functioning in case the active
server malfunctions or is taken off the network for maintenance. You can separate the
servers that handle the HTTP (Web-based e-mail), SMTP, POP3, and IMAP4 protocols
from the servers that store the e-mail. This isolation can be important if, for example,
hackers attack the server that handles SMTP.The SMTP server may be disabled, but users
can still retrieve their e-mail because it resides on a different server.
Understanding the Extra Features of Microsoft Exchange 2000
Exchange 2000 has extra features that enhance communication, including the Unified
Messaging Platform, Exchange 2000 Conferencing server, chat services, and instant messaging. Some of these features are integrated with client products such as Outlook 2000
(and later) and NetMeeting.
Unified Messaging Platform
The mailbox in Exchange 2000 can be used for more than simple text. It supports Voice
Profile for Internet Mail (VPIM), which allows for interoperability between voicemail
systems.VPIM enables you to listen to voicemail through an e-mail client. The mailbox
can also store faxes and pager messages.These capabilities are not built into Exchange 2000,
but rather are provided by third-party companies that supply modules supporting these
capabilities.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
386
Chapter 8
Providing E-mail Services
Microsoft Exchange 2000 Conferencing Server
The Exchange 2000 Conferencing server is an add-on product to Exchange 2000 that
allows audio and video conferencing. During an audio conference, for example, you can
speak and listen to others. During a video conference, you can speak to, listen to, and
see others. The Conferencing server provides high performance through Telephony
API 3.0, a programming interface that allows efficient multicasting.
Chat Services
A chat service allows two or more users to communicate simultaneously. Microsoft
includes a chat service based on the Internet Relay Chat (IRC) protocol, which is a
common standard.The company’s implementation supports up to 20,000 users on a single server. During a chat, text messages are generally sent among users. When you type
and send a message, it is displayed on the screens of all the other users who are part of
the chat group. Your message is prefaced by your name. Chat services also include an
Auditorium mode whereby only the central speaker and moderator can send messages
to all participants. The participants can send messages only to the moderator, thereby
keeping the central speaker from being inundated with messages.
Instant Messaging
Instant messaging allows users to send messages directly to other users, who are immediately notified of their receipt.This system allows for much quicker collaboration than
e-mail. In recent years, instant messaging has become a significant Internet application.
Microsoft’s version is built on a secure, standards-oriented architecture and is designed
to allow users within an organization to communicate with each other.
Installing Microsoft Exchange 2000
Before you can install Exchange 2000, you must install a number of components, particularly Active Directory services. Exchange 2000 is the only product covered in this
book that requires AD. If you have not installed AD yet, follow the installation instructions in Chapter 5. IIS is also required because one of the IIS components is SMTP,
which is installed by default when you install IIS in Windows 2000, although you need
to add support for SMTP in Windows 2003. Exchange 2000 also requires Network
News Transport Protocol (NNTP), a protocol used for newsgroups. (NNTP is discussed in detail in Chapter 9.) NNTP is not installed by default when you install IIS, so
you must install it separately.
To install NNTP on Windows 2003 and 2000, and SMTP in Windows 2003:
1. Insert the Windows installation CD. Click Exit in the installation dialog box,
if necessary.
2. In Windows 2003: In the Control Panel, click Add or Remove Programs.
The Add or Remove Programs dialog box opens.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Microsoft Exchange 2000
387
In Windows 2000: In the Control Panel, double-click Add/Remove
Programs. The Add/Remove Programs dialog box opens.
3. Click Add/Remove Windows Components. The Windows Components
dialog box opens.
4. In Windows 2003 only: Highlight Application Server and then click Details.
5. Highlight Internet Information Services (IIS) and then click Details.
The Internet Information Services (IIS) dialog box opens, allowing you to
change IIS subcomponents.
6. Click the NNTP Service check box to add the NNTP protocol to IIS,
which is needed for Microsoft Exchange 2000. Click the SMTP Service
check box in Windows 2003 to add the SMTP protocol to IIS.
7. Click OK to accept the list of subcomponents. In Windows 2003 only: Click
OK again to close the Application Server dialog box.
You return to the Windows Components dialog box.
8. Click Next.The Configuring Components dialog box opens.Windows installs
the NNTP protocol, which might take a few minutes.The Completing the
Windows Components Wizard dialog box opens.
9. Click Finish to exit the wizard, and then close the window.
10. Close the Control Panel.
After installing Exchange 2000, you must install Service Pack 3 if you are using
Windows 2003, because Exchange 2000 will not run without it. If you are using
Windows 2000, it is a good idea to install the service pack, even though it is not strictly
necessary for completing the step-by-step procedures.
Although the hardware requirements of Exchange 2000 are the same as those for
Windows 2000 (a Pentium 166 with 128 MB of RAM and up to 700 MB of free disk
space), you often need more power and storage space for Exchange 2000. Microsoft uses
three Exchange 2000 Server configurations. For a server with 250 mailboxes, it recommends a computer with two 900-MHz Xeon processors, 512 MB of RAM, and eight
18-GB disk drives. Most Exchange 2000 servers at Microsoft handle about 3,750 mailboxes stored on servers with eight 700-MHz PIII processors with 4 GB of RAM and a
shared Storage Area Network disk subsystem with 42 18-GB disk drives.
To install Microsoft Exchange Server 2000:
1. Refer to “Installing Active Directory Service in Windows” in Chapter 5 to
install Active Directory, if necessary. Active Directory must be installed before
you install Microsoft Exchange 2000.
2. Insert the Microsoft Exchange 2000 CD.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
388
Chapter 8
Providing E-mail Services
3. If the Setup program does not start automatically and open the Microsoft
Exchange 2000 Enterprise Server dialog box shown in Figure 8-6, do the
following:
In Windows 2003: A dialog box opens with the default option to “Open
folder to view files using Windows Explorer.” Click OK and navigate to the
\ENGLISH\EXCH2000\ENT folder on the CD.
In Windows 2000: Use Windows Explorer to navigate to the \ENGLISH\
EXCH2000\ENT folder on the CD.
Double-click LAUNCH.EXE to begin the installation. The Microsoft
Exchange 2000 Enterprise Server dialog box opens.
Figure 8-6
Microsoft Exchange 2000 Enterprise Server dialog box
4. Click Exchange Server Setup to start the installation wizard. In
Windows 2003, a dialog box opens stating that Exchange Server 2000
is not supported by this version of Windows. Click Continue.
The Welcome to the Microsoft Exchange 2000 Installation Wizard dialog
box opens, warning you to close all open applications.
5. Close any open applications, and then click Next. The End-User License
Agreement dialog box opens.
6. Click the I agree option button to accept the license agreement, and then
click Next. The Product Identification dialog box opens. Enter your 25-digit
identification number, and then click Next. The Component Selection dialog
box opens. See Figure 8-7.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Microsoft Exchange 2000
Figure 8-7
389
Component Selection dialog box
The default action is set to Typical. A typical installation installs both
Microsoft Exchange Messaging and Collaboration Services, which is the
actual server product, and Microsoft Exchange System Management Tools,
which allows you to manage the server.Your install drive may be different
from the one shown in Figure 8-7. Keep the default location that you have.
7. Click Next to perform a typical installation. The Installation Type dialog box
opens. See Figure 8-8. Because this is a new installation, make sure the Create
a new Exchange Organization option button is selected.
Figure 8-8
Installation Type dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
390
Chapter 8
Providing E-mail Services
8. Click Next. The Organization Name dialog box opens. Change the name of
the organization to TechnoWidgets, as shown in Figure 8-9.
Figure 8-9
Organization Name dialog box
9. Click Next. The Licensing Agreement dialog box opens. Click the I agree
that: I have read and agree to be bound by the license agreements
for this product option button to accept the licensing agreement, and then
click Next. The Component Summary dialog box opens, which shows that
you are about to install the server and system management software. See
Figure 8-10. Details such as the drive letter for your installation might vary.
Figure 8-10
Component Summary dialog box
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Microsoft Exchange 2000
391
10. Click Next to install the software. If you receive a warning about an insecure
domain, click OK. The Component Progress dialog box opens and shows the
actions that the installation wizard performs. This process takes a while.
11. Click Finish. If you are using Windows 2003, a message might appear concerning the inability to install the Exchange 2000 IFS driver. This problem
will be fixed when you install Exchange Service Pack 3.
12. Close the Microsoft Exchange 2000 Enterprise Server window.
13. Restart the server. In Windows 2003, a dialog box opens stating that a service
did not start. Click OK. This problem will be solved when you install Service
Pack 3 in the next set of steps.
To install Exchange 2000 Service Pack 3:
1. The Service Pack is usually provided on the Microsoft Web site as a compressed file called EX2KSP3_server.exe.You can download this file from
www.microsoft.com/exchange/downloads/2000/sp3/english.asp.
2. Create a folder on C:\ called SP3.
3. On the Microsoft Web page, right-click EX2KSP3_server.exe and save it in
the SP3 folder.
4. Navigate to the SP3 folder and double-click EX2KSP3_server.exe to
uncompress it. The WinZip Self-Extractor dialog box opens.
5. In the “Unzip to folder” text box, type C:\SP3 or any other drive with at
least 325 MB available.
6. Click Unzip to unzip the more than 9,000 files into a directory called server
on your hard disk. The WinZip program creates the folder called server, as
well as many other folders.
7. After the files finish unzipping, click OK, and close the WinZip dialog box.
8. Use Windows Explorer to navigate to \server\setup\i386. Double-click
update.exe.
In Windows 2003 only: A dialog box opens stating that Exchange 2000 is not
supported. Click Continue.
9. The Welcome to the Microsoft Exchange 2000 Service Pack Installation
Wizard dialog box opens. Click Next.
10. The Component Selection dialog box opens, with Update listed under the
Action heading. Click Next.
11. The Component Summary dialog box opens, describing what will be
updated. Click Next.
12. The Component Progress dialog box opens and shows the progress of the
update. This process takes a few minutes.
13. The Completing the Microsoft Exchange 2000 Wizard dialog box opens.
Click Finish to exit the wizard.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
392
Chapter 8
Providing E-mail Services
Administering Microsoft Exchange 2000
You use two software components to administer Exchange 2000. The first is the
Exchange System Manager, shown in Figure 8-11. You open the Exchange System
Manager by clicking Start, pointing to All Programs (Programs in Windows 2000),
pointing to Microsoft Exchange, and then clicking System Manager. The other is
the Active Directory Users and Computers, which has been modified to integrate user
management and Exchange 2000 management.
Message Delivery
option
Figure 8-11
Exchange System Manager window
The Exchange System Manager allows you to administer many aspects of the server.
Some settings are rarely accessed and are mostly used for reference. However, you need
to understand the settings discussed in the following paragraphs because most organizations configure these settings.
Listed under Global Settings on the Exchange System Manager window, the Internet
Message Formats contain the standard MIME associations, such as associating the
text/HTML format with files that have .htm or .html extensions. Another global setting
specifies the properties for message delivery. When you double-click the Message
Delivery icon in the Exchange System Manager window, the Message Delivery Properties
dialog box opens. Figure 8-12 shows three restrictions you can set for messages in this
dialog box—outgoing message size, incoming message size, and recipient limits.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Microsoft Exchange 2000
393
8
Figure 8-12
Defaults for the Message Delivery Properties dialog box
Setting these restrictions can be useful, especially when you need to find people who
are sending inappropriate e-mail messages. For example, an angry user could send messages with 20 MB attachments that may significantly slow down your server. In such a
case, you may want to limit the size of incoming messages. A limit of 2 MB is adequate
in most circumstances.You could set the outgoing message size if your organization has
a policy of sending only short text messages, yet some users send messages with large
file attachments, such as images and music files, that can also slow down the system.
Determining the default message sizes can be challenging. If your users send only text
messages and very small attachments, then a limit of about 50 K is reasonable. If you
have users who need to send larger messages, the outgoing message size can be increased
on an individual basis. For organizations that send Microsoft Word documents and
PowerPoint presentations with graphics, for example, an outgoing message size of 2 MB
or more may be appropriate. A limit of 50 recipients is enough for most organizations,
although specific users who need to send company announcements to all employees
need a recipient limit equal to the number of employees.
The Filtering tab of the Message Delivery Properties, shown in Figure 8-13, allows you
to filter e-mail that you do not want to deliver. E-mail can be filtered based on a specific e-mail address such as [email protected] or based on everyone at a specific
domain name such as *@superspammers.com.You can select the “Accept messages without notifying sender of filtering” check box to reduce the amount of traffic needed to
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
394
Chapter 8
Providing E-mail Services
return a message to the offending sender. This option is useful if someone is sending
unwanted e-mails with a commercial message to many of your users. By default, all of
the messages that are filtered are deleted, but if you want to archive them, you can select
the “Archive filtered messages” check box. Because an archive can grow rapidly if many
users receive filtered e-mail messages, you should monitor the size of the archive file.
Generally, you should select the “Filter messages with blank sender” check box because
legitimate e-mail messages have a sender.
Figure 8-13
Filtering tab of the Message Delivery Properties dialog box
In the Exchange System Manager window, you use the Recipients folder to set up new
policies for accepting e-mail addresses from other e-mail systems, such as Lotus Notes,
in addition to the Internet.You can create specific address lists such as those for e-mail
users with external e-mail addresses or people in a particular department. An external e-mail address is used when you accept email for [email protected], even if
he has no mailbox in Exchange 2000.The messages are sent to an external e-mail server
such as [email protected] The Recipients folder contains Templates subfolders,
which allow you to modify foreign language templates for users.
You use the Servers folder in the Exchange System Manager window to monitor and
occasionally configure server-related components. For example, you can use the subfolders in the Protocols folder to view current sessions for SMTP, IMAP4, and POP3, which
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Microsoft Exchange 2000
395
permits you to discover whether a significant backlog of messages is related to a particular protocol.You use the First Storage Group subfolder for advanced configuration, such
as adding a storage group to balance the load of mailboxes and public folders.
The Tools folder in the Exchange System Manager window contains the Message
Tracking Center folder, where you track messages.You can track messages in a variety
of ways, including by recipient, by sender, and by date the message is sent. If you know
that the system slows significantly between certain hours, for example, you can track the
messages for those hours. The Message Tracking Center monitors the time of the message, the size of the message, the number of recipients of the message, and the e-mail
addresses of the recipients.
Administering Microsoft Exchange 2000 Users
When you add a user to an Exchange 2000 server, you create a mailbox for that user
from the Active Directory Users and Computers console. By default, you use the New
Object – User dialog box shown in Figure 8-14 to create a mailbox for each new user.
When you create a new user, the third dialog box allows you to create a mailbox.
Figure 8-14
New Object - User dialog box
After you add a new user, you can configure his or her mailbox. To do so, you use the
Properties dialog box for that user, which is available from the Active Directory Users
and Computers console. Exchange 2000 adds three tabs to this Properties dialog box for
users who have mailboxes. You use the Exchange Features tab to enable and disable
instant messaging.The E-mail Addresses tab allows you to add e-mail addresses for a particular user. See Figure 8-15.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
396
Chapter 8
Figure 8-15
Providing E-mail Services
E-mail Addresses tab on the user Properties dialog box
You can use the New button in this dialog box to add a new e-mail address, such as
[email protected], which would allow edequeroz to retrieve all the e-mail messages
directed to [email protected] This also shows you how to create an e-mail address
without creating an associated user. In this case, there is no user called info, yet e-mail
can be sent to info.
You use the Exchange General tab shown in Figure 8-16 to configure a variety of
options for a single user.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Microsoft Exchange 2000
397
8
Figure 8-16
Exchange General tab on the user Properties dialog box
You use the Delivery Restrictions button to open the Delivery Restrictions dialog box
shown in Figure 8-17.There you can limit the size of outgoing messages and incoming
messages, thereby overriding the defaults set in the Exchange System Manager.You can
also restrict e-mail messages based on the e-mail address of the sender.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
398
Chapter 8
Providing E-mail Services
Figure 8-17
Delivery Restrictions dialog box
You use the Delivery Options button to open the Delivery Options dialog box shown
in Figure 8-18. There you can grant permission to another user to send messages on
behalf of the current user. For example, an executive might grant permission to an assistant who typically handles the executive’s e-mail. If Eca de Queroz was an executive,
you could click Add to add a user who could send e-mail with a return address of
[email protected] can also use the Delivery Options dialog box to specify a forwarding address, which can be useful if a person is no longer with the organization, yet you still want to accept his or her e-mail. For example, if a salesperson left
the company, you could transfer her clients to another user. You can also change the
number of recipients for the user. The default for all users was set in the Exchange
System Manager.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Microsoft Exchange 2000
399
8
Figure 8-18
Delivery Options dialog box
Although you also can set default storage limits for all users, you can override these limits in the Storage Limits dialog box, shown in Figure 8-19. Notice that you can set three
different limits.The “Issue warning at (KB)” text box allows you to warn the user that his
or her mailbox is filling up. The “Prohibit send at (KB)” text box prevents the user from
sending e-mail when the limit is reached but still allows that person to receive e-mail.This
option is a good choice because, although you want to manage storage limits, normally
you do not want to refuse potentially important e-mail messages. Setting this option
encourages users to delete old messages so that new messages can be sent. Use the “Prohibit
send and receive at (KB)” option when a user either does not check e-mail or leaves the
organization without deleting the user name. In such a case, messages could be sent to
the mailbox indefinitely and the mailbox could grow very large.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
400
Chapter 8
Figure 8-19
Providing E-mail Services
Storage Limits dialog box
When users delete e-mail messages, the messages are not actually deleted from the system, but rather are stored in a temporary location, which can consume a lot of storage
space.You can limit the space consumed by the deleted messages by entering a value in
the “Keep deleted items for (days)” text box. However, some organizations have a policy to retain all e-mail messages. In this case, you can check the box next to “Do not
permanently delete items until the store has been backed up.”
INSTALLING
AND
ADMINISTERING SENDMAIL
FOR
LINUX
Sendmail only accepts and sends e-mail. It is an MTA, and does not include an MDA as
Exchange 2000 does. Thus the only protocol sendmail understands is SMTP. If you want
to retrieve mail using POP3 or IMAP4, you must install other server software.You can use
sendmail only if your users can log on to the sendmail server. In this case, they are retrieving mail as local clients.The e-mail resides on the same computer to which they logged on,
so no other protocols are needed—just a client package to retrieve e-mail.To avoid using
e-mail software other than sendmail, you can also use Web-based e-mail.When you do so,
the Web server is the client connecting to the sendmail server on the same computer.
Installing Sendmail
As with other Linux applications, to install sendmail, you use the rpm utility. If you
selected the check box for mail server when you installed Linux, sendmail is already
installed. Otherwise, you need Red Hat Linux CDs 1 and 3 to install sendmail. There
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Sendmail for Linux
401
are two parts to the sendmail installation. The sendmail-8.12.5-7.i386.rpm package is
the actual sendmail program. However, because the default method of configuring sendmail is difficult for beginners, you can use sendmail-cf-8.11.6-3.i386.rpm, a software
package designed to help you configure sendmail. This package contains the m4 macro
processor, which you will use to configure sendmail here. A third file, sendmail-doc8.11.6-3.i386.rpm, installs the documentation for sendmail.
To install sendmail and the m4 macro processor in Linux:
1. Insert Red Hat Linux CD 1 in the CD drive.
2. On the desktop, double-click CD/DVD-ROM.
3. Navigate to the \RedHat\RPMS directory.
4. Double-click the file that begins with sendmail-8 to install the sendmail
program. If the program is already installed, a dialog box notifies you that you
do not need to install sendmail. However, you still need to continue with the
following steps. If sendmail is not installed, the Completed System
Preparation dialog box opens. Click Continue.
5. Close the Konqueror window. Open a terminal window, type umount
/mnt/cdrom, and then press Enter. (Be sure to insert a space after typing
“umount”.) Replace Linux CD 1 with CD 3.
6. On the desktop, double-click CD/DVD-ROM.
7. Navigate to the \RedHat\RPMS directory.
8. Double-click the file that begins with sendmail-cf to install the m4 macro
processor.
9. The Completed System Preparation dialog box opens. Click Continue. If
you are using Linux 8.0, the dialog box may stop responding. If it has not
finished after two minutes, open a terminal window, type shutdown –r
now, and then press Enter.You installed sendmail, and can continue with the
configuration.
After installing sendmail, you do not have to start the e-mail service as you did with the
DNS server (using named) or the Apache Web server (using httpd).This is because sendmail uses xinetd to listen at port 25.When xinetd receives a message on port 25, it starts
sendmail, which processes the message. When sendmail finishes processing the message,
the software stops and frees the memory that it was using. This approach is very different from that used with DNS or a Web server, both of which run in the background
waiting for communication so they can respond quickly to client requests. An e-mail
server does not need to run in the background and respond quickly to client requests
when users send e-mail messages that remain on the e-mail server until they are
retrieved. However, some e-mail software for Linux does not use xinetd; these packages
remain running in the background so as to provide improved performance in systems
that exchange a lot of e-mail.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
402
Chapter 8
Providing E-mail Services
Configuring Sendmail
Unless you are an experienced sendmail administrator, you need to know how to configure sendmail using the m4 macro processor. A macro is a command that can represent many lines of code in a configuration file.You first create a text file that defines all
the macros you want to use.Then you use the m4 program to translate the macros into
the configuration file that sendmail uses. Clearly, a file with 12 lines of macros is easier
to understand than a configuration file containing more than 1,000 lines of code.
Some macros are required to configure sendmail. Others make sendmail more secure
and activate the options you need. Both the required macros and some of the optional
macros are stored in /etc/mail/sendmail.mc. Most of the optional macros start with
“dnl,” which tells the macro processor not to process the macro.When you are finished
with the configuration, you must type the following line in a terminal window to
process the macro file and create sendmail.cf:
m4ƒ/etc/mail/sendmail.mcƒ>ƒ/etc/mail/sendmail.cf
When you describe a string of characters in the macro configuration file, be sure to
begin the string with a single opening quote, or back tick character ( ` ), not an apostrophe ( ’ ). (The back tick symbol key is typically located under the Esc key on your
keyboard.) For example, look closely at the following macro:
FEATURE(`smrsh',`/usr/sbin/smrsh')
The symbol before the “s” in smrsh is the back tick and signals the beginning of a string
in the macro, yet the “h” in smrsh is followed by an apostrophe. An exception is a macro
that contains just a single string of characters. In such a case, the back tick and the apostrophe are optional. For example, the following two macros are legal:
FEATURE(`accept_unresolvable_domains')ƒ
FEATURE(accept_unresolvable_domains)ƒ
Figure 8-20 shows a minimal configuration file named sendmail.mc. The first line in the
sendmail.mc file is divert(-1). This command forces sendmail to start the macro processing from the beginning and clears out any entries in the buffer. The
include(`/usr/share/sendmail-cf/m4/cf.m4') line describes where to find the
file necessary to translate the macros into the actual configuration.The OSTYPE(`linux')
line describes the operating system; it is used to generate configuration information specific
to Linux. The references to procmail in define(`PROCMAIL_MAILER_PATH',`/
usr/bin/procmail') and FEATURE(local_procmail,`',`procmail -t -Y -a
$h -d $u') describe the local mail application responsible for putting the e-mail messages in the correct user directories and other related activities. The MAILER macros,
MAILER(smtp) and MAILER(procmail), define the methods used to transfer e-mail
messages.The last command describes the domain that is using sendmail. If technowidgets.com
is the domain, you would add Cwtechnowidgets.com.
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Installing and Administering Sendmail for Linux
403
divert(-1)
include(`/usr/share/sendmail-cf/m4/cf.m4')
OSTYPE(`linux')
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
FEATURE(local_procmail,`',`procmailƒ-tƒ-Yƒ-aƒ$hƒ-dƒ$u')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
Cwtechnowidgets.com
Figure 8-20
Minimal sendmail.mc file
Other macros make sendmail more useful and secure. Some of the most popular ones
include the following macro:
FEATURE(`smrsh',`/usr/sbin/smrsh')
This macro forces sendmail to use a restricted shell called smrsh instead of the default
/bin/sh shell. This choice makes sendmail less vulnerable to hackers who try to access
commands that are not part of sendmail.
The following macro contains e-mail addresses to be sent to other users:
FEATURE(`virtusertable',`hashƒ-oƒ/etc/mail/virtusertable.db')
Because this macro is a hash file, the makemap utility must translate it from a simple text
file to the virtual user table. The text file contains two entries on each line. The first
entry represents the e-mail message that is read by sendmail.The second entry describes
how to process the e-mail message. The most common use of this feature is to send a
generic e-mail message to a specific user. For example, suppose you ask prospective
clients to send inquiries to [email protected], but the person who reads the e-mail
uses the [email protected] account. You can type the following line into
/etc/mail/virtusertable.db to route e-mail sent to info to fpessoa:
[email protected]ƒ[email protected]
You can also use this macro when you have a number of domains but only a single set
of users. All the mail from the other domains can be routed to e-mail addresses in a
single domain. Suppose that besides technowidgets.com, you have other domains such as
bestwidgets.com and a company you purchased, buggywhipstoday.com.To send all the e-mail
to a single set of users, you would add the following lines to /etc/mail/virtusertable.db:
@bestwidgets.comƒ%1technowidgets.com
@buggywhipstoday.comƒ%1technowidgets.com
If you saved the previous two lines plus the line that begins “[email protected]”
in a file called virtusertable.txt, you could convert it to the hash file with the following
command:
makemapƒƒ/etc/mail/virtusertable.dbƒƒ<virtusertable.txt>
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
404
Chapter 8
Providing E-mail Services
A useful feature to control access to sendmail is the access feature, which has the following syntax:
FEATURE(`access_db',`hashƒ-oƒ/etc/mail/access.db')
The file /etc/mail/access.db refers to a hash file, as virtusertable.db does, so you would
have to create a text file first and then process it with the makemap command.The text
file would contain a list of addresses and settings that specify whether to accept or reject
e-mail from these addresses.
You can reject an e-mail message in two ways.The REJECT option prevents the e-mail
from being received, but sends a message to the sender stating that the original message
has been rejected. With the DISCARD option, sendmail does not send a message to the
sender. Another option relays e-mail messages to or from a specific domain. By default,
only e-mail coming from your domain or being sent to your domain is accepted.You
could use this option to allow parts of your organization that have different domain
names to use your sendmail server. Following are two examples of these options:
[email protected]ƒREJECT
bestwidgets.comƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒRELAY
Some configuration options can create security problems, but might be necessary under
some circumstances. The FEATURE(`accept_unresolvable_domains') macro
allows sendmail to accept e-mail from users where the domain cannot be verified
through DNS. The FEATURE(`promiscuous_relay') macro allows sendmail to
accept e-mail from any domain and then send the message to any domain. It enables
spammers to use your e-mail server to send unlimited e-mail messages to other domains.
INSTALLING
AND
CONFIGURING IMAP4
AND
POP3
FOR
LINUX
Although sendmail implements only SMTP, the University of Washington has created
the software necessary to implement both IMAP4 and POP3 in sendmail. Red Hat
Linux has a copy of the software on Red Hat CD 2.You must first install the software,
and then enable it.
To install IMAP4 and POP3 servers in Linux:
1. Insert Red Hat Linux CD 2 in the CD drive.
2. On the desktop, double-click CD/DVD-ROM.
3. Navigate to the \RedHat\RPMS directory.
4. Double-click the file that begins with imap-2001. The Completed System
Preparation dialog box opens. Click Continue. After a few moments, the
next dialog box closes, and both the IMAP4 and POP3 servers are installed.
After installing the software, you must enable it. IMAP4 and POP3 each have a file in
the /etc/xinetd.d directory. For example, if you open the imap file after installing the
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
Configuring E-mail Clients
405
IMAP4 and POP3 software, one line shows that disable = yes, meaning that IMAP4
is disabled. See Figure 8-21.
#ƒdefault:ƒoff
#ƒdescription:ƒTheƒIMAPƒserviceƒallowsƒremoteƒusersƒtoƒaccessƒtheirƒmailƒusingƒ\
#ƒƒƒƒƒƒƒƒƒƒƒƒƒƒanƒIMAPƒclientƒsuchƒasƒMutt,ƒPine,ƒfetchmail,ƒorƒNetscapeƒ\
#ƒƒƒƒƒƒƒƒƒƒƒƒƒƒCommunicator.
serviceƒimap
{
ƒƒƒƒƒƒsocket_typeƒƒƒƒƒƒƒ=ƒstream
ƒƒƒƒƒƒwaitƒƒƒƒƒƒƒƒƒƒƒƒƒƒ=ƒno
ƒƒƒƒƒƒuserƒƒƒƒƒƒƒƒƒƒƒƒƒƒ=ƒroot
ƒƒƒƒƒƒserverƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ=ƒ/usr/sbin/imapd
ƒƒƒƒƒƒlog_on_successƒƒƒƒƒƒƒƒƒƒ+=ƒDURATIONƒUSERID
ƒƒƒƒƒƒlog_on_failureƒƒƒƒƒƒƒƒƒƒ+=ƒUSERID
ƒƒƒƒƒƒdisableƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒƒ=ƒyes
}
Figure 8-21
Contents of /etc/xinetd.d/imapd
To enable IMAP4, you must edit the file to change disable = yes to disable = no.
Then you do the same for the POP3 file.
To enable IMAP4 and POP3 in Linux:
1. Open a terminal window in Linux.
2. Type kedit /etc/xinetd.d/imap, and then press Enter.
3. On the last line, change disable = yes to disable = no.
4. Save the file, and then exit the editor.
5. Although you can repeat the same commands in Steps 2–4 to enable POP3
as you did for IMAP4, it is easier to type the following command and then
press Enter:
chkconfig ipop3 on
6. Restart xinetd to recognize the changes you made by typing the following
command and then pressing Enter:
service xinetd restart
CONFIGURING E-MAIL CLIENTS
Many software developers offer e-mail clients. Microsoft Outlook (2000 or 2002), for
example, is a comprehensive e-mail package that is part of the Microsoft Office suite.
Unlike some other e-mail clients, which are free, you must purchase Outlook. Microsoft
Outlook Express provides e-mail connectivity and support for newsgroups. Netscape
Copyright 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part. Due to electronic rights, some third party content may be suppressed from the eBook and/or eChapter(s).
Editorial review has deemed that any suppressed content does not materially affect the overall learning experience. Cengage Learning reserves the right to remove additional content at any time if subsequent rights restrictions require it.
8
406
Chapter 8
Providing E-mail Services
Communicator combines a browser with Netscape Messenger, an e-mail client. Mozilla,
another browser related to Netscape, also has an e-mail client. The KDE environment
has KMail, a standalone e-mail client.
An alternative to configuring an e-mail client is to use a browser to access e-mail.
Exchange 2000 has Outlook Web Access, which offers many of the capabilities of
Outlook in a Web-based environment.
All e-mail clients have similar configuration options, with the exception of Outlook 2002,
which allows you to connect directly to the Exchange 2000 server over a LAN.
You typically need to provide the following information to configure e-mail clients:
■
SMTP server address—This address is also called the outgoing server address.
■
E-mail address—This is your address for retrieving e-mail from a POP3 or
IMAP4 server.
■
E-mail password—This password allows you to retrieve e-mail from the POP3
or IMAP4 server.
■
Server address—This address is for either a POP3 server or an IMAP4 server.
Remember that servers such as Exchange 2000 and the University of
Washington IMAP4 server implement both protocols.
It is common practice to have both a computer at your workplace and a home computer
configured to receive business e-mail.You have already learned that your SMTP server
should be accessed only by users in your own domain. If you allowed users outside your
domain to access your SMTP server, spammers could use it to send e-mail. For this reason, when you use your home computer, you connect to the domain of your ISP, such
as econoisp.com.You then set your SMTP server to the ISP’s SMTP server at econoisp.com,
not your business’s SMTP server at technowidgets.com.When you configure your computer
at your workplace, you set your SMTP server to the one at technowidgets.com. However,
whether your computer is located at your workplace or your home, the POP3 or IMAP4
server address is