Common DHCP Server Log Event Codes

DHCP server audit log files use reserved event ID codes to provide information about the type of server event or activity logged. Table 5.2 describes these event ID codes in more detail. TABLE 5.2 Common DHCP Log File Event IDs Chapter 5 Managing the Dynamic Host Configuration Protocol (DHCP) 5 . 2 Common DHCP Log File Event IDs (continued) The log was temporarily paused due to low disk space. A new IP address was leased to a client. An IP address was found in use on the network. A lease...

Review Questions

You administer a network that consists of several Windows XP workstations and two Windows Server 2003 machines. You are having a hard time diagnosing network problems for a particular XP user, so you decide to use Network Monitor to sniff the packets that the computer is sending and receiving. From your Windows Server 2003 machine, you open Network Monitor, but you discover that you cannot see any packets transmitted to or from the target machine. What is most likely the problem A. The packets...

Using Account Policies

Account policies are used to specify the user account properties that relate to the logon process. They allow you to configure computer security settings for passwords, account lockout specifications, and Kerberos authentication within a domain. After you have loaded the MMC snap-in for Group Policy, you will see an option for Local Computer Policy. To access the Account Policies subfolders, expand Local Computer Policy, Computer Configuration, Windows Settings, Security Settings, and Account...

Reconciling DHCP Scopes

As time passes, you may experience what we call DHCP drift, which means the contents of your DHCP database no longer reflect accurately what's on your network. Although Microsoft doesn't make any prominent mention of this fact in the DHCP documentation, the DHCP server actually records lease information in two places the DHCP database and the server's Registry. When you reconcile a scope, the DHCP server will cross-check the database contents with the contents of the Registry, reporting (and...

Using RRAS to Create a Static Route

To create a new static route using the RRAS console, right-click the Static Routes node in the RRAS console and select New Static Route. This will bring up the Static Route dialog box (Figure 9.24). FIGURE 9.24 Use the Static Route dialog box to create new static routes. W Use this route to initiate demand-dial connections You have to provide the same parameters as with the route add command the interface you want to use to connect, the destination and network mask, the gateway for the outbound...

When to Use Stub Zones

Looking at the explanation above of stub zones, you might be wondering to yourself why you would ever use them in the first place. In fact, stub zones become particularly useful in a couple of different scenarios. Consider what happens when two large companies merge big.com and bigger.com. In most cases, the DNS zone information from both companies must be available to every employee. You could set up a new zone on each side that acts as a secondary for the other side's primary zone, but...

Microsofts Network Components and the OSI Model

Because the OSI model is so abstract, it can be hard to tell how its concepts relate to the actual network software and hardware you use in the real world. The following sections will make the link clearer. We will introduce you to the specific protocols that are included with Windows Server 2003 and see how they apply to the various layers of the OSI model. Every hardware device in a computer requires a software-based device driver to make it work. Some drivers for instance, the driver for an...

Answers to Review Questions

A DNS server installed at each regional location will provide name and service resolution even if the WAN links go down. The local location will also have better performance because the requests will not have to travel through the WAN links. A single domain name for all the locations is needed because your requirement is to have one Active Directory tree with a contiguous name space. The client machine places its request with its preferred DNS server. If the DNS server doesn't have an entry...

Subnetting a Network

If an organization is large and has lots of computers, or if its computers are geographically dispersed, it makes good sense to divide its colossal network into smaller ones connected by routers. These smaller nets are called subnets. The benefits to using subnets include the following Reduced network traffic We all appreciate less traffic of any kind, and so do networks. Without routers, packet traffic could choke the entire network. Most traffic will stay on the local network only packets...

Configuring Network Bindings

A network binding links a protocol to an adapter so that the adapter can carry traffic using that protocol. For example, if we say, TCP IP is bound to the onboard Ethernet port on our laptop, we're telling you a few things TCP IP is installed, our onboard Ethernet port has a driver that supports TCP IP, and the adapter is configured to send and receive TCP IP traffic. In Chapter 1, Understanding Windows Server 2003 Networking, you read about the NDIS driver specification and its benefits. One...

Creating a Security Template

By default, Windows Server 2003 ships with a variety of predefined security templates, which are stored in systemroot Security Temp1ates. Each of the templates defines a standard set of security values based on the requirements of your environment. The template groups that are included by default are defined in Table 3.14. TABLE 3.14 Default Security Templates Default security (Setup security.inf) Created during installation for each computer. Used to set security back to the default values as...

Installing the Routing and Remote Access Services

Open the RRAS MMC console by selecting Start > Administrative Tools > Routing And Remote Access. 2. Select the server you want to configure in the left pane of the MMC. Right-click the server and choose Configure And Enable Routing And Remote Access. The RRAS Setup Wizard appears. Click the Next button. 3. On the Common Configuration page of the wizard, select the Remote Access (Dial-Up Or VPN) radio button and then click the Next button. Routing and Remote Access Server Setup Wizard You...

Configuring Tcpip Packet Filters

One of the most useful features in RRAS is its ability to selectively filter TCP IP packets in both directions. You can construct filters that allow or deny traffic into or out of your network based on rules that specify source and destination addresses and ports. The basic idea behind packet filtering is simple You specify filter rules and incoming packets are measured against those rules. You have two choices Accept all packets except those prohibited by a rule or drop all packets except...

Moving the DHCP Database Files

You may find that you need to dismantle or change the role of your DHCP server and offload the DHCP functions to another computer. Rather than spend the time re-creating the DHCP database on the new machine by hand, you can literally copy the database files and use them directly. This is especially helpful if you have a complicated DHCP database with lots of reservations and option assignments. You also minimize the amount of human error that could be introduced by reentering the information by...

Using Local Policies

As you learned in the previous section, account policies are used to control logon procedures. When you want to control what a user can do after logging on, you use local policies. With local policies, you can implement auditing, specify user rights, and set security options. To use local policies, first add the Local Computer Policy snap-in to the MMC (see Exercise 3.1). Then, from the MMC, follow this path of folders to access the Local Policies folders Local Computer Policy, Computer...

Configuring the SUS Clients

There are two methods for configuring SUS clients. The method you use depends on whether you use Active Directory in your network. In a nonenterprise network (not running Active Directory), you would configure Automatic Updates through Control Panel using the same process that was defined in the section Windows Automatic Updates earlier in this chapter. Each client's Registry would then be edited to reflect the location of the server that will provide the automatic updates. Within an enterprise...

Study Guide

James Chellis Paul Robichaux and Matthew Sheltz San Francisco London Copyright 2003 SYBEXInc., 1151 Marina Village Parkway, Alameda, CA 94501. Associate Publisher Neil Edde Acquisitions Developmental Editor Jeff Kellum Production Editor Erica Yee Technical Editor Dale Liu, Donald Fuller Copyeditor Judy Flynn Compositor Interactive Composition Corporation Graphic Illustrator Interactive Composition Corporation CD Coordinator Dan Mummert CD Technician Kevin Ly Proofreaders Emily Husan, Laurie...