MC LC

LI M U................................................................................................................5
CHNG I...................................................................................................................6
CC VN TRONG QUN TR MNG...................................................................6
CHNG II.................................................................................................................. 9
QUN TR MNG TRN WINDOWS SERVER 2008...................................................9
CHNG III...............................................................................................................23
TRIN KHAI CC DCH V TRN WINDOWS SERVER 2008................................23
3.1Dch v DNS...........................................................................................................23
3.2Dch v DHCP.......................................................................................................27
3.3Dch v Web...........................................................................................................32
3.5M hnh thc nghim..............................................................................................41

Danh mc cc bng:
S hiu
bng

Tn bng

Trang

2.1

Nhng phin bn c h tr nng cp ln

Window Server 2008

2.2

Cc la chn trong chnh sch mt khu

19

2.3

M t cc chnh sch kha ti khon

19

2.4

M t cc la chn bo mt

21

Danh mc cc hnh v:
S hiu
hnh v

Tn hnh v

Trang

2.1

Giao din Server Manager

12

2.2

Chn Active Directory Domain Service

12

2.3

Qu trnh ci t Active Directory Domain Service

13

2.4

Kt thc qu trnh ci t

13

2.5

To mt Domain mi

14

2.6

t tn Domain

14

2.7

Ty chn Forest Functional Level

15

2.8

t Password cho h thng

15

2.9

Qu trnh nng cp

16

2.10

Cu hnh IP v DNS

16

2.11

Join my trm vo Domain

17

2.12

To ti khon ngi dng

18

2.13

To ti khon nhm cc b

19

2.14

To ti khon ngi dng trn min

19

2.15

To ti khon nhm trn min

20

2.16

Cng c User Rights Assignment

22

3.1

DNS Server Role

24

3.2

Hp thoi Zone Type

25

3.3

Hp thoi Zone name

25
2

3.4

Hp thoi Dynamic Update

26

3.5

Kt thc qu trnh ci t

26

3.6

Reverse Lookup Zones

27

3.7

DHCP Server Role

28

3.8

Chn a ch IP

28

3.9

Thm cc Scopes

29

3.10

Xc nhn cc thng tin trc khi ci t DHCP

29

3.11

Cu hnh IP ng cho my trm

30

3.12

Hp thoi IP Address Range

30

3.13

Hp thoi Add Exclusions

31

3.14

Nhp ia chi default gateway cua scope

31

3.15

t tn min v a ch IP

32

3.16

Web server Role

32

3.17

Xc nhn thng tin trc khi ci t

33

3.18

Kim tra sau khi ci t IIS service

33

3.19

Add Web Site

34

3.20

FTP Publishing Service

34

3.21

To FTP site

35

3.22

t IP v Port mc nh cho FTP site

35

3.23

Cc mc bo v file v ngn chn truy cp

36

3.24

Nhp ng dn th mc cn publish

36

3.25

Thit lp quyn hn cho ngi truy cp i vi file

37

3.26

Ci t Mail Exchange

37

3.27

Mn hnh Readiness Checks

38

3.28

Qu trnh ci t Exchange 2007

38

3.29

New Connector

39

3.30

Hp thoi Introduction

39

3.31

Hp thoi Address space

40

3.32

Hp thoi Source Server

40
3

3.33

Kt thc qu trnh ci t

41

3.34

Kim tra to thnh cng Send Connector

41

3.35

M hnh trin khai h thng mng

42

LI M U
Nh chng ta bit khoa hc my vi tnh ngy nay v cng pht trin , do nhu
cu trao i thng tin tng ln khng ngng. Ngy nay, my vi tnh l mt vt bt kh
li thn ca nhiu ngi, n i su vo i sng v gip lu tr, x l thng tin ht sc
n gin. Nhng do yu cu cng vic mun trao i thng tin vi nhau th ngi ta
cn n mt giao thc ht sc quan trng l giao thc mng my tnh. Mng my
tnh gip rt ngn khong cch v a l cho d bn ni u. iu ko theo s
pht trin chng mt ca cc mng vi tnh nh mng LAN, WAN, p ng yu
cu thi hin i, Microsoft - nh cung cp phn mm hng u trn th gii tung
ra nhiu h iu hnh nh : Windows Server 2000, Windows Server 2003, Windows
Server 2008, iu hnh , qun l mng my vi tnh. Cng vi nhu cu trao i
thng tin th yu cu kh nng bo mt thng tin cng ngy cng tt hn. Nh
chng ta cng bit qun tr mng my tnh l cng vic kho st nhu cu, t vn, phn
tch, thit k, xy dng v qun tr h thng cp truyn dn, thit b mng, my ch,
cc ng dng mng cng nh h thng an ton thng tin theo yu cu doanh nghip.
Do vy Windows Server 2008 l mt s la chn ng n.
Windows Server 2008 xy dng trn s thnh cng v sc mnh ca h iu
hnh c trc l Windows Server 2003 v nhng cch tn c trong bn Service
Pack 1 v Windows Server 2003 R2. Mc d vy Windows Server 2008 hon ton hn
hn cc h iu hnh tin nhim. Windows Server 2008 c thit k cung cp cho
cc t chc c c nn tng sn xut tt nht cho ng dng, mng v cc dch v web
t nhm lm vic ti nhng trung tm d liu vi tnh nng ng, tnh nng mi c gi
tr v nhng ci thin mnh m cho h iu hnh c bn.
Trong ti Tm hiu qun tr mng trong Windows Server 2008 nhm
chng em xin trnh by gm nhng phn chnh sau :
Chng I: Cc vn trong qun tr mng. Trnh by nhng vn c bn nht
trong qun tr mng m chng ta cn bit.
Chng II: Qun tr mng trn Windows Server 2008. Gii thiu v windows
server 2008, nng cp server, qun l ti khon ngi dng v nhm sau cng l chnh
sch h thng.
Chng III: Trin khai dch v trn Windows Server 2008. Gii thiu mt s
dch v nh DNS, FTP, DHCP, Web v Mail.
Trong qu trnh thc hin chuyn ny, nhm em xin gi li cm n su sc
n c gio L Th Hng Vn, ngi nhit tnh gip v ch bo nhm em trong
sut qu trnh lm chuyn . ng thi, nhm em cng xin gi li cm n n cc
thy c gio trong t ph trch chuyn 2 ng vin v gip nhm em rt
nhiu trong thi gian qua. Do thi gian chun b c hn nn khng th trnh khi
nhng thiu st, nhm em rt mong nhn c s ng gp qy bu ca thy c v
cc bn chuyn c hon thin hn na.

CHNG I

1.1.

CC VN TRONG QUN TR MNG

Khi nim

Qun tr mng my tnh l cng vic kho st nhu cu, t vn, phn tch, thit
k, xy dng v qun tr h thng cp truyn dn, thit b mng, my ch, cc ng
dng mng cng nh h thng an ton thng tin theo yu cu doanh nghip. Bn cnh
, ngi lm cng tc qun tr mng cn phi c kh nng lp h s qun l, chn
on, sa cha, khc phc cc s c v bo tr h thng mng.
1.2.

Nhu cu v mc tiu ca qun tr mng

Hin nay, hu nh cng ty, doanh nghip no cng u c my tnh ni mng

ni b v kt ni internet, cha k rt nhiu cng ty c website ring hoc c tham gia
bn hng qua mng trn cc gian hng trc tuyn. Do , t ra yu cu v bo mt d
liu cng nh yu cu v mt h thng mng an ton, hot ng hiu qu phc
v cho cc hot ng ca cng ty, doanh nghip. V vy nhu cu tuyn dng cc nhn
vin qun tr h thng mng my tnh l kh ln.
Mc tiu ca vic qun tr mng l m bo s n nh ca h thng tng la,
pht hin v sa cc li trn h thng mng, kim tra, gim st h thng nhm pht
hin nhng tn cng tri php t bn ngoi, m bo h thng hot ng thng sut.
1.3.

Nhng ni dung c bn trong qun tr mng

Qun tr mng bao gm cc cng vic:

- Thit lp cu hnh, qun tr ti nguyn: Bao gm vic qun l kim sot cu hnh,
qun l cc ti nguyn cp pht cho cc i tng s dng khc nhau.
- Qun tr ngi dng v cc dch v mng: Bao gm cc cng vic qun l ngi
s dng trn h thng, trn mng li v m bo dch v cung cp c tin cy
cao, cht lng m bo theo ng cc ch tiu ra.
- Qun tr hiu sut h thng mng: Bao gm vic qun l, gim st hot ng
mng li, m bo hot ng cc thnh phn h thng n nh. Cc cng vic
qun l, gim st hot ng ca mng li cho php ngi qun tr tng hp, d
bo s pht trin mng li, dch v, cc im yu, im mnh ca ton mng,
cc h thng v dch v ng thi gip khai thc ton b h thng mng vi hiu
sut cao nht.
- Qun tr bo mt, an ton mng: Bao gm vic gim st, bo mt v khc phc
s c mng gip cc h thng m bo phng trnh cc truy nhp tri php.
1.4.

Cc mi trng h tr

1.4.1. Windows

server
6

D dng cu hnh v qun l v c kh nng n nh tt. Windows Server c

thit k nhm gim thiu thi gian trin khai, qun l vi cc gii php:
- Chun ha cc cng c qun tr c bn.
- Cung cp nhng cng c rt mnh gip nh qun tr c kh nng ty bin p
ng cc yu cu cng vic v s thay i trong tng lai.
Thm vo , Windows Server c th nghim rt nhiu trong cc hng phn cng.
Kh nng tng thch v ti u ho phn cng cng nh c s h tr t cc hng
phn cng tt hn.
1.4.2.

Linux Server

u tin, chng ta c th nhn thy y l mt h thng m ngun m min

ph. Bn cnh , vi Linux chng ta c th tng tc vo m ngun m thay i
hoc xy dng nhng sn phm thch hp vi nhu cu ca mnh. C n hn 70% my
ch Web Server s dng Linux Apache v cc tnh nng mnh m, an ton.
V l m ngun m cho nn c kh nhiu h iu hnh c xy dng da trn
nn tng ca Linux nh Cent OS, Backtrack, Fedora, Ubuntu Mi sn phm s c
nhng mt mnh v yu ring nhng theo thng k v nh gi th Ubuntu l mt
trong nhng la chn tt nht cho End User khi chuyn t Windows sang Linux, cn
i vi phin bn server th chng ta c th chn RedHat, Suse hoc cent OS.
1.4.3

So snh gia hai mi trng Windows Server v Linux

Server
Li th ca my ch Windows
Cc cng ngh .Net nh ASP.Net, VB.Net rt thch hp vi nn tng ny. Nu
trang web ca bn c xy dng da trn cng ngh .Net ca Microsoft th
s phi la chn mt k hoch my ch Windows.
Nu bn cn mt c s d liu lp doanh nghip th c mt s c tnh khc
nhau chy trn nn tng Linux nhng nu cn s dng c s d liu MSSQL,
th my ch Windows l s la chn tt nht.
C s d liu Access ch c th thc hin c trn my ch Windows.
Access ch c th chy trn nn tng Windows ca Microsoft v do n s
khng hin th trn my ch Linux. Nu trang web ca bn c bit cn c
tnh ny th s phi la chn s dng my ch Window.
Bn ang s dng mt s dch v chia s ca Microsoft th my ch Windows
l s la chn ng tin cy.
Nhng k hoch Windows thng tiu tn nhiu chi ph bi bn quyn bt
buc ca Microsoft.
Li th ca my ch Linux
7

 Linux l mt sn phm phn mm ngun m v do n khng cn nhng chi

ph cao cho vic cp giy php so vi cc h iu hnh khc; Bn c th ty
thch ti xung v s dng n min ph.
Mt trang web trn Linux c th d dng c chuyn i sang trang web trn
Window mt cch nhanh chng. ng thi, trang web c th d dng thay i
khi yu cu ca ngi dng tng ln.
My ch web Linux rt kinh t khi m Linux l h iu hnh min ph. Thng
thng ch mt chi ph phn phi pht sinh bi my ch hoc ch s hu.
Khi m cc ngn ng lp trnh nh PHP, MySQL, hay Perl c yu cu
trn trang web ca bn th my ch Linux l gii php hiu qu, ng tin cy
v chi ph thp nht. Tr phi ngn ng lp trnh c np vo nhiu, iu ny
s khng th theo di c. C l din n ny c t trn host LINUX v
ngn ng vit b m ngun ny l PHP.
C nhiu loi c s d liu chy trn my ch Linux, nhng ph bin nht v
c l c a chung nht trong s cc nh cung cp my ch web l
mSQL, MySQL v PostgreSQL. Nhng c s d liu ny c quan h t nhin,
v cho php ti u truyn thng trang web trn din rng khai bo d liu
nhanh chng.
Bi v hu ht cc nhm my ch Linux c h tr bn mt hn Windows
cho nn my ch Linux tr thnh s la chn ph bin hn i vi cc nh
thit k web v lp trnh vin.

CHNG II

2.1.
2.1.1.

QUN TR MNG TRN WINDOWS SERVER 2008

Tng quan v Windows Server 2008
Gii thiu v Windows Server 2008

Microsoft Windows Server 2008 l th h k tip ca h iu hnh Windows

Server, c th gip cc chuyn gia cng ngh thng tin c th kim sot ti a c s h
tng ca h v cung cp kh nng qun l v hiu lc cha tng c, l sn phm hn
hn trong vic m bo an ton, kh nng tin cy v mi trng my ch vng chc
9

hn cc phin bn trc y. Windows Server 2008 cung cp nhng gi tr mi cho

cc t chc bng vic bo m tt c ngi dng u c th c c nhng thnh phn
b sung t cc dch v t mng. Windows Server 2008 cng cung cp nhiu tnh nng
vt tri bn trong h iu hnh v kh nng chun on, cho php cc qun tr vin
tng c thi gian h tr cho cng vic ca doanh nghip.

Nhng thay i v chc nng ca Windows Server 2008

2.1.2.

So vi Windows Server 2003, phin bn Windows Server 2008 c nhng tnh nng
mi sau:

2.1.3

Cng c qun tr Server Manager

Windows Server Core

PowerShell

Windows Deloyment Services

Terminal Services

Netword Access Protection

Read Only Domain Controller

Cng ngh o ha Hyper-V

Windows Firewall with Advance Security

Nng cp ln Windows Server 2008

Bng 2.1 Nhng phin bn c h tr nng cp ln Window Server 2008

Nng cp ln
Windows Server
2008

Nhng phin bn trc

Microsoft Windows Server 2003 R2 Standard, Enterprise H tr y

hoc Datacenter Edition
Microsoft Windows Server 2003 Service Pack 1(SP1)
Standard, Enterprise hoc Datacenter Edition

H tr y

Microsoft Windows Server 2003 Service Pack 2 (SP2)

Standard, Enterprise hoc Datacenter Edition

H tr y

Windows NT 4.0

Khng h tr

Windows 2000 Server

Khng h tr

Windows XP

Khng h tr

Windows Vista

Khng h tr
10

Windows 7

Khng h tr

nng cp ln phin bn Windows Server 2008, cn phi chy cc h iu

hnh cp server. Khng th nng cp cc phin bn Windows dnh cho ngi
dng nh Windows XP hoc Windows Vista ln Windows Server 2008. nng cp
ln Windows Server 2008, h thng ca bn phi chy Windows Server 2003.
Vic nng cp t Windows NT 4.0 v Windows 2000 Server khng c h tr. Vic
nng cp t nhng phin bn Windows Server 2003 ln phin bn Windows Server
2008 Server Core khng c h tr. Vic nng cp ch thc hin c nhng phin
bn ging nhau. Khi nng cp ln phin bn Windows Server 2008, mi cu hnh thit
lp, file v cc chng trnh u c gi li.
2.2
2.2.1

Nng cp server ln Domain Controller

Gii thiu dch v Active Directory (AD)

Active Directory l mt dch v th mc (Directory Service), n l mt phn

khng th thiu trong kin trc Windows. Active Directory l mt h thng chun v
tp trung, dng t ng ha vic qun l mng d liu ngi dng, bo mt v cc
ngun ti nguyn c phn phi, cho php tng tc vi cc th mc khc. Active
Directory cung cp mt tham chiu, c gi l Directory Service, n tt c cc i
tng trong mt mng, gm c user, groups, computer, printer, policy v permission.
Vi ngi dng hoc qun tr vin, Active Directory cung cp mt khung nhn
mang tnh cu trc t d dng truy cp v qun l tt c cc ti nguyn trong
mng.
2.2.2

Nng cp Server thnh Domain Controller (DC)

Ging nh Windows Server 2003 s vn cn chy dcpromo t nhc lnh Run,

tuy nhin cn phi ci t Active Directory Domain Controller role, u tin ci t
role, sau chy dcpromo.
Trc kia trong Windows Server 2003 Add thm cc dch v nh DNS,
DHCP th ta phi vo Add/Remove Windows Components th trong Windows
Server 2008 c thay th bng cng c Server Manager vi cc Roles & Features.
Mc nh khi mi ci Windows Server 2008, cc Roles v Features cha c
thm vo.
ci t Role, vo Server Manager Roles Add Roles.

11

Hnh 2.1 Giao din Server Manager

Xut hin trang Before You Begin, nhn Next tip tc.
Trong mn hnh Select Server Roles, click chn Active Directory Domain Services v
n Next.

Hnh 2.2 Chn Active Directory Domain Service

Mn hnh Confirmation nhc nh chng ta rng sau khi ci t Active Directory

Domain Service hon tt th phi chy dcpromo mi nng cp ln DC Server c.
Nhn Install v qu trnh ci t din ra.

12

Hnh 2.3 Qu trnh ci t Active Directory Domain Service

Mn hnh sau khi ci t Active Directory Domain Services hon tt. n Close kt
thc qu trnh ci t.

Hnh 2.4 Kt thc qu trnh ci t

Tip theo, vo menu Start, nh dcpromo vo hp tm kim v n Enter. Thao tc

ny s khi chy Welcome to the Active Directory Domain Service Installation
Wizard. n Next.
Trong ca s Choose a Deloyment Configuration, chn Create a new domain in a
new forest to mt Forest mi. sau n Next.

13

Hnh 2.5 To mt Domain mi

Trong ca s Name the Forest Root Domain, nhp vo tn ca min trong hp nhp
liu FQDN of the forest room domain. Nhn Next tip tc.

Hnh 2.6 t tn Domain

Ti mn hnh Set Forest Functional Level, chn Level cao nht l Windows Server
2008 tn dng mi u vit t phin bn ny. n Next.

14

Hnh 2.7 Ty chn Forest Functional Level

Trong trang Additional Domain Controller Options, Chn DNS server v n Next.
Trong Directory Service Restore Mode Administrator Password, nhp mt khu h
thng vo cc hp nhp liu Password v Confirm password.

Hnh 2.8 t Password cho h thng

Tip tc n Next v qu trnh nng cp din ra.

15

Hnh 2.9 Qu trnh nng cp

Cui qu trnh Windows s yu cu Restart h thng hon tt qu trnh nng cp.

2.2.3

ng nhp my trm (Clients) vo Domain

Sau khi nng cp Server thnh Domain Controller ta tin hnh ng nhp(Join)
cc my trm vo Domain va to.
Ti cc my trm, trc ht ta cu hnh IP v DNS cho my trm bng cch
Click phi vo My Network places Properties. Chn Manager network connections
Click phi vo biu tng card mng chn Properties. Chn Internet Protocol
Version 4 (TCP/IPv4) Properties.

Hnh 2.10 Cu hnh IP v DNS

Sau khi cu hnh IP v DNS, kch chut phi My Computer Properties Change
Settings Change.
16

Hnh 2.11 Join my trm vo Domain

Nhp tn Domain v n OK, sau h thng s yu cu nhp User name v

Password ca Administrator Domain. Sau khi nhp chnh xc User name v Password
ca Administrator Domain H thng s khi ng li v tin hnh ng nhp vo
Domain.
2.3
2.3.1

Qun l ti khon ngi dng v nhm

nh ngha ti khon ngi dng v ti khon nhm

Ti khon ngi dng (user account) l mt i tng i din cho ngi dng
trn mng, c phn bit vi nhau thng qua Username. Username gip h
thng mng nhn dng ngi dng c th ng nhp vo h thng v truy cp
cc ti nguyn mng m username c php.

Ti khon nhm (group account) l i tng i din cho mt nhm ngi,

dng qun l cc i tng ngi dung. Vic phn b cc ngi dung vo
nhm gip ta d dng phn quyn trn cc ti nguyn mng.

2.3.2
a)

Qun l ti khon ngi dng v nhm

Qun l ti khon ngi dng v nhm cc b

Qun l ti khon ngi dng cc b:

Ti khon ngi dng cc b (local user account) l ti khon ngi dng trn
my tnh cc b v ch c php logon, truy cp cc ti nguyn trn my tnh cc b.
Nu mun truy cp cc ti nguyn trn mng, ngi dng phi chng thc vi my
domain controller hay my tnh cha ti nguyn chia s.
-

To ti khon ngi dng cc b

to c User local bn phi c quyn ngang hng vi Administrator ca h

thng.
17

Nhp phi vo My Computer chn Manage. Chn tip Configuration Local

User and group Users. Nhp phi vo Users chn New User. Hp thoi New User
xut hin.

Hnh 2.12 To ti khon ngi dng

Sau khi in y thng tin, nhp Create to ngi dng mi.

-

Mt s thao tc khc vi ti khon ngi dng cc b

+

Xa ti khon

Kha ti khon

i tn ti khon

Thay i mt khu

Thm vo nhm

Qun l ti khon nhm cc b:

-

To ti khon nhm cc b

Tng t nh to ti khon ngi dng cc b, Trong Local user and group chn
Groups. Nhp phi chn New Group.

18

Hnh 2.13 To ti khon nhm cc b

b)

Mt s thao tc khc vi ti khon nhm cc b

+

Xa ti khon nhm

Thm ngi dng vo nhm

Xo ngi dng ra khi nhm

Qun l ti khon ngi dng v nhm trn min

Qun l ti khon ngi dng trn min:

Ti khon ngi dng min (domain user account) l ti khon ngi dng trn
Active Directory v c ng nhp trn my trm bt k thuc vng. Ti khon ny
c th truy cp cc ti nguyn trn mng.
-

To ti khon ngi dng trn min:

Start Administrator Tool Active Directory Users and Computers. Nhp chut
vo tn Domain chn Users New User.

Hnh 2.14 To ti khon ngi dng trn min

19

Mt s thao tc khc i vi ti khon ngi dng trn min

+

Xa ti khon

Kha ti khon

i tn ti khon

Thay i mt khu

Thm vo nhm

iu chnh thi gian ang nhp

Qun l ti khon nhm trn min:

-

To ti khon nhm trn min:

Nhp chut vo tn Domain chn Users New Group.

Hnh 2.15 To ti khon nhm trn min

2.4
2.4.1

Mt s thao tc khc i vi ti khon nhm trn min

+

Xa ti khon nhm

Thm ngi dng vo nhm

Xo ngi dng ra khi nhm

Gia nhp nhm vo nhm

Chnh sch h thng

Account Policy

Chnh sch ti khon ngi dng (Account Policy) c dng ch nh cc

thng s v ti khon ngi dng m n c s dng khi tin trnh logon xy ra. N
cho php bn cu hnh cc thng s bo mt my tnh cho mt khu, kha ti khon v
chng thc Kerberos trong min.
20

Password Policy (Chnh sch mt khu)

a)

Vo Aministrator Local Sercurity Policy Account Policy

Cc la chn trong chnh sch mt khu
Bng 2.2 Cc la chn trong chnh sch mt khu

Chnh sch

Mc
nh

M t

Enforce Password History

S ln t mt khu khng c trng

nhau.

24

Maximum Password Age

Quy nh s ngy nhiu nht m mt

khu ngi dng c hiu lc.

42

Minimum Password Age

Quy s ngy ti thiu trc khi ngi

dng c th thay i mt khu.

Minimum Password Length Chiu di ngn nht ca mt khu.

b)

Passwords Must Meet

Complexity Requirements

Mt khu phi c phc tp nh: c k

t hoa, thng, c k s.

Cho
php

Store Password Using

Reversible Encryption

Mt khu ngi dng c lu di

dng m ha.

Khng
cho
php

Account Lockout Policy (Chnh sch kha ti khon)

Chnh sch kha ti khon (Account Lockout Policy) quy nh cch thc v
thi im kha ti khon trong vng hay trong h thng cc b. Chnh sch ny gip
hn ch tn cng thng qua hnh thc logon t xa.
Vo Aministrator Local Sercurity Policy Account Lockout Policy.
Cc la chn trong chnh sch kho ti khon
Bng 2.3 M t cc chnh sch kha ti khon

Chnh sch

M t

Gi tr mc nh

Account Lockout
Threshold

Quy nh s ln ng nhp
trc khi ti khon b kha.

0 (ti khon s khng b

kha)

Account Lockout
Duration

Quy nh thi gian kha ti

khon.

L 0, nhng nu
Account Lockout
Threshold c thit
lp th gi tr ny l 30
pht.

Reset Account Lockout Quy nh thi gian m li s L 0, nhng nu

21

Counter After

2.4.2

ln ng nhp tht bi.

Account Lockout
Threshold c thit
lp th gi tr ny l 30
pht.

Local Policy

Chnh sch cc b (Local Policy) cho php bn thit lp cc chnh sch gim st
cc i tng trn mng nh ngi dng v ti nguyn dng chung. ng thi da
vo cng c ny bn c th cp quyn h thng cho cc ngi dng v thit lp cc la
chn bo mt.
a)

Audit Policy

Chnh sch kim ton (Audit Policy) gip bn c th gim st v ghi nhn cc
s kin xy ra trong h thng, trn cc i tng cng nh i vi cc ngi dng.
Bn c th xem cc ghi nhn ny thng qua cng c Event Viewer, trong mc
Security.
b)

User Rights Assignment

Tng t i vi h thng Windows Server 2003, bn c hai cch cp quyn h

thng cho ngi dng l: gia nhp ti khon ngi dng vo cc nhm to sn (builtin) k tha quyn hoc bn dng cng c User Rights Assignment gn tng
quyn ri rc cho ngi dng.

Hnh 2.16 Cng c User Rights Assignment

thm, bt mt quyn hn cho ngi dng hoc nhm, bn nhp i chut

vo quyn hn c chn, n s xut hin mt hp thoi cha danh sch ngi dng
v nhm hin ti ang c quyn ny. Bn c th nhp chut vo nt Add thm
ngi dng, nhm vo danh sch hoc nhp chut vo nt Remove xa ngi dng
khi danh sch.
22

Security Options

c)

Cc la chn bo mt (Security Options) cho php ngi qun tr Server khai

bo thm cc thng s nhm tng tnh bo mt cho h thng nh: khng cho php hin
th ngi dng logon trc hay i tn ti khon ngi dng to sn
(Administrator, Guest).
Bng 2.4 M t cc la chn bo mt

Tn la chn

M t

Shutdown: Allow system to be shut Cho php ngi dng shutdown h thng m
down without having to log on
khng cn logon.
Audit : audit the access of global
system objects

Gim st vic truy cp cc i tng h thng

ton cc.

Network security: force og off

when logon hours expires.

T ng log off khi h thng khi ngi dng

ht thi gian s dng hoc ti khon ht hn.

Interactive logon: do not require

CTRL+ALT+DEL

Khng yu cu n ba phm CTRL+ALT+DEL

khi logon.

Interactive logon: do not display

last user name

Khng hin th tn ngi dng logon trn

hp thoi Logon.

Account: rename administrator

account

Cho php i tn ti khon Administrator

thnh tn mi

Account: rename guest account

Cho php i tn ti khon Guest thnh tn

mi

CHNG III
TRIN KHAI CC DCH V TRN WINDOWS SERVER 2008
3.1
3.1.1

Dch v DNS
Gii thiu dch v DNS
23

DNS (Domain Name System) l mt trong nhng dch v quan trng nht trn
Internet v trong mng ni b ca cc doanh nghip. DNS cho php ton b my tnh
v cc ti nguyn trn mng c lu di dng tn v khi truy cp vo h thng DNS
s chuyn t tn min sang a ch IP v ngc li.
DNS Server l my ch c dng phn gii domain name thnh a ch IP
v ngc li. V cch thc hot ng, DNS Server lu tr mt c s d liu bao gm
cc bn ghi DNS v dch v lng nghe cc yu cu. Khi my client gi yu cu phn
gii n, DNS Server tin hnh tra cu trong c s d liu v gi kt qu tng ng v
my client.
3.1.2

Ci t v cu hnh dch v DNS

Trong Windows Server 2008, ci t dch v DNS trc ht ta phi ci t

Role cho DNS Server.
ci t Role, vo Server Manager Roles Add Roles. Trong mn hnh Select
Server Roles, click chn DNS Server v n Next.

Hnh 3.1 DNS Server Role

Sau khi Add Role thnh cng, ta tin hnh cu hnh DNS. Vo Start
Administrative Tools DNS. Nhp chut phi vo Forward Lookup Zones v chn
New Zone.
Ti bng Zone Type chn Primary zone cu hnh DNS Server chnh. Chn Next.

24

Hnh 3.2 Hp thoi Zone Type

Ti bng Zone Name g vo tn domain.

Hnh 3.3 Hp thoi Zone name

Trong mn hnh Dynamic Update, ta c th cm hoc cho php DNS Server ny chp
nhn cc my trm cp nht thng tin mt cch t ng.

25

Hnh 3.4 Hp thoi Dynamic Update

Chn Finish kt thc.

Hnh 3.5 Kt thc qu trnh ci t

Vi cc bc va thc hin trn, ta cu hnh chc nng forward (chuyn

tn my thnh a ch IP) trn DNS Server chnh. Tip theo, ta s cu hnh chc
nng reverse, chuyn a ch IP thnh tn my.
Nhp chut phi vo Reverse Lookup Zones v chn New Zone.
Ti ca s Reverse Lookup Zone Name, in vo network IP ca mnh v bm nt
Next.
26

Hnh 3.6 Reverse Lookup Zones

Tip theo, n Finish kt thc.

3.2

Dch v DHCP
Gii thiu dch v DHCP

3.2.1

Dch v DHCP cho php chng ta cp ng cc thng s cu hnh mng cho

cc my trm. C ch s dng cc thng s mng c cp pht ng c u im hn
so vi c ch khai bo tnh cc thng s mng nh:

3.2.2

Khc phc c tnh trng xung t a ch IP.

Gim chi ph qun tr cho h thng mng.

Gip cho cc nh cung cp dch v (ISP) tit kim c s lng a ch IP

tht (Public IP).

Ph hp cho cc my tnh thng xuyn di chuyn qua li gia cc mng.

Ci t v cu hnh

u tin ta vn phi add role cho DHCP Server. Vao Server Manger Roles Add
Roles, Nhn Next. Trong muc Roles chon DHCP Server. Nhn Next.

27

Hnh 3.7 DHCP Server Role

Chn a ch IP m DHCP Server s s dng.

Hnh 3.8 Chn a ch IP

Trong muc Parent Domain in tn domain va in IP DNS server muc Preferred

DNS v nhn Validate kim tra va xac nhn tn tai v tip tuc nhn Next.
Ti ca s tip theo ta nhn Add thm cc Scope (l vng cha cc a ch IP trn
my ch, v my ch cp pht a ch IP trong vng ny) hoc nu mun to Scope
sau th nhn Next b qua.

28

Hnh 3.9 Thm cc Scopes

Tip theo, v ta khng s dng IPv6 nn chn Disable DHCPv6 Stateless mode for this
Server. n Next.
Chon user co quyn Author, n Next. Cui cng Xac nhn lai thng tin trc khi cai
t dich vu DHCP. Nhn Install bt u ci t.

Hnh 3.10 Xc nhn cc thng tin trc khi ci t DHCP

Cai t Role hoan tt, n Close kt thc.

Trn my Client, ta cu hinh TCP/IPv4 Client nhn IP ng.

29

Hnh 3.11 Cu hnh IP ng cho my trm

Vo command line g lnh ipconfig /release loi b IP ng hin ti ang s dng.

Nhp tip ipconfig /renew xin a ch IP mi t DHCP Server.
3.2.3

To Scope

Vao Administrative Tools DHCP. Nhn chut phai vo IPv4 v New Scope. n
Next.
in tn cua scope vo mc Name v nhn Next. Hp thoai IP Address Range, in
thng s range IP cp phat va subnet mask. n Next.

Hnh 3.12 Hp thoi IP Address Range

Hp thoai Add Exclusions, nhp range ip c bit khng dung cp phat Add
Next.

30

Hnh 3.13 Hp thoi Add Exclusions

Hp thoai Configuration DHCP Options yu cu chung ta cu hinh thng s dich vu

cua scope ngay by gi hoc sau. y ta chon Yes, I want to config these options
now v nhn Next.
Hp thoai Router (Default gateway), nhp ia chi default gateway cua scope nay ri
nhn Add v Next.

Hnh 3.14 Nhp ia chi default gateway cua scope

Hp thoai Domain Name va DNS server : in tn domain, phn IP Address in IP

DNS server.

31

Hnh 3.15 t tn min v a ch IP

Hp thoi Active Scope chon Yes, I wanto active this scope now v nhn Next.
Sau n Finish kt thc.

3.3
3.3.1

Dch v Web
Gii thiu IIS 7.0

IIS 7.0 l phin bn mi nht cho web server ca Micorosoft. IIS7 c thit k
tr thnh mt nn tng Web v ng dng linh ng v an ton nht cho Microsoft.
Microsoft thit k li IIS t nhng nn tng c trc . Phin bn 7.0 ra i to
nn nn tng linh hot v an ton cho vic cu hnh web v cc ng dng.
3.3.2

Ci t v cu hnh IIS 7.0

Vao Server Manger Roles Add Roles, Nhn Next. Trong muc Roles chon Web
Server (IIS). Nhn Next.

Hnh 3.16 Web server Role

Trong mc Select Role Services, chn cc dch v cn thit cho Server. n Next.
32

n Install bt u ci t.

Hnh 3.17 Xc nhn thng tin trc khi ci t

n Close hon tt ci t.
kim tra qu trnh ci t IIS c thnh cng hay khng, bn m ca s trnh duyt
IE v g vo a ch sau: localhost

Hnh 3.18 Kim tra sau khi ci t IIS service

Cu hnh IIS
Chn Start Administrative Tools Internet Information Service (IIS) Manager.
Ti ca s Internet Information Service (IIS) Manager, chut phi vo Site chn Add
Web Site
33

Trong ca s Add Web Site, in cc thng tin cu hnh ri n OK hon tt.

Hnh 3.19 Add Web Site

3.3.3

Ci t dch v FTP (File Transfer Protocol)

Sau khi ci t IIS, ta vo Server Manager Roles Web Server(IIS)phi chut

chn Add Role Services. chn FTP Publishing Service.

Hnh 3.20 FTP Publishing Service

Click Install ci t.
-

To mt FTP site:
34

Trc tin, ta to th mc cn public. Sau vo StartAdministrator

ToolsInternet Information Services (IIS) 6.0 Manager. Bm phi chut vo FTP
Sites hoc Default FTP Sitechn NewFTP Site.

Hnh 3.21 To FTP site

in tn gi nh, Nhp IP my server v dng port mc nh FTP l 21.

Hnh 3.22 t IP v Port mc nh cho FTP site

Chn cc mc bo v file v ngn chn truy cp:

Do not isolate users: Cho php tt c user ng nhp vo FTP site.
Isolate users: Mi user s t c a vo th mc ch nh
Isolate users using Active Directory: Cho php user ng nhp vo FTP site nhng
phi c account Active Directory.
35

Hnh 3.23 Cc mc bo v file v ngn chn truy cp

Nhp ng dn th mc cn publish

Hnh 3.24 Nhp ng dn th mc cn publish

Thit lp quyn hn cho ngi truy cp i vi file

36

Hnh 3.25 Thit lp quyn hn cho ngi truy cp i vi file

Sau nhn Finish hon tt.

3.4

3.4.1

Dch v Mail
Ci t Mail Exchange Server 2007

Chy file Setup ci t Mail Exchange

Hnh 3.26 Ci t Mail Exchange

Mn hnh ci t chn vo link Step 4 : Install Microsoft Exchange Server 2007

SP1.

Mn hnh License Argeement chn I accept chn Next.

Mn hnh Install Type chn Typical Exchange Server Installation, chn Next.

Mn hnh Readiness Checks chn Install.

37

Hnh 3.27 Mn hnh Readiness Checks

Mn hnh Progress : Qu trnh ci t ang din ra

Hnh 3.28 Qu trnh ci t Exchange 2007

3.4.2

Cui cng, chn Finish hon tt qu trnh ci t.

Cu hnh Exchange Server 2007

Sau khi reboot my vo Console qun l Exchange theo ng dn

Start\Program\Microsoft Exchange\Exchange Management Console.
-

To Receive Connector

ng dn Microsoft Exchange\Hub Transport, khung gia bn di chn

Default Server, chut phi chn Properties. Chn Tab Permission Groups, nh du
chn vo Anonymous Users, chn OK.
-

To Send Connector
38

Quay li Exchange Management Console chn Organization Configuration.Chn vo

Hub Transport, chut phi chn New connector.

Hnh 3.29 New Connector

Hp thoi Introduction t tn To Internet, chn Next

Hnh 3.30 Hp thoi Introduction

Hp thoi Address space chn nt Add. Chn SMTP Address Space.

-

Khai bo khung Address : *

nh du chn Include all subdomains, chn OK, chn Next.

39

Hnh 3.31 Hp thoi Address space

Hp thoi Network Setting chn Next.

Hp thoi Source Server chn Next.

Hnh 3.32 Hp thoi Source Server

Hp thoi New Connector chn New

40

Hnh 3.33 Kt thc qu trnh ci t

Kim tra to thnh cng Send Connector

Hnh 3.34 Kim tra to thnh cng Send Connector

3.5 M hnh thc nghim

Mt cng ty kinh doanh A gm 4 phng ban nh sau:
-

Phng t chc hnh chnh: Xy dng k hoch tuyn dng lao ng; k
hoch tin lng hng nm, Qun l cn b, nhn s lao ng v tin lng
theo cc quy nh ca Nh nc v ca cng ty, Thc hin cng tc vn
th, lu tr h s theo quy nh

Phng k ton ti chnh: T chc v qun l ton b cc hot ng k

ton, ti chnh ca Cng ty. Qun l ton b cc loi qu ca Cng ty theo
ng quy nh, xy dng k hoch ti chnh hng nm

Phng kinh doanh: Ch ng tm kim i tc pht trin, mng li

phn phi, tng bc m rng th trng trong v ngoi nc
41

Phng dch v: Xy dng cc n, cc cng trnh dch v phc v cho

hot ng kinh doanh dch v ca Cng ty

Yu cu t ra: Ci t v trin khai cc dch v cn thit cho h thng

mng ca cng ty A.
Trin khai:
-

Mi phng ban gm 3-5 my tnh ci Windows 7 hoc Windows XP

Mi phng ban coi nh mt VLAN v tt c cc my tnh trong mt phng

ban c ni vo chung mt Switch.

Tt c cc Switch c ni chung vo mt Switch Core(Switch Layer 3)

1 my ch chy Windows Server 2008 Standard ci t cc dch v v

qun l min.

M hnh trin khai:

Hnh 3.35 M hnh trin khai h thng mng

42

KT LUN V PHNG HNG PHT TRIN CA TI

1. Kt qu t c
Trong qu trnh lm bo co, chng em t c nhng kt qu sau:
Hiu c th no l qun tr mng my tnh
Ci t v cu hnh c my ch Window Server 2008
Ci t c my ch qun tr min Domain Controller
Cu hnh c my ch DNS, DHCP, Web v FTP. Ci t c IIS 7.0 v
Mail Exchange Server 2007
S dng cng c qun tr Server Manager trn Windows Server 2008, Qun l
ti khon ngi dng, ti khon nhm
Qun tr mi trng lm vic ca ngi dng, my tnh s dng chnh sch
nhm
Qun l v cp php quyn truy cp ti nguyn

2. Hng pht trin tip theo

Hng pht trin ca ti: M rng ti vi nhng m hnh ln hn, ci t,
cu hnh v qun tr cc dch v mt cch hp l, y v chi tit hn. a ra
k hoch bo mt mng v my ch

43

TI LIU THAM KHO

[1] Dan Holme, Nelson Ruest, Danielle (2008), Configuring Windows Server
2008 Active Directory.
[2] Smith.N Studio, 2013. Ti liu Windows Server 2008 Smith.N Studio. a
ch: http://thegioitinhoc.vn/sach-tin-hoc/179781-tai-lieu-windows-server-2008-smithn-studio.html
[3] Ti liu tng hp v Windows Server. a ch: http://www.vnzoom.com/f58/tai-lieu-tong-hop-ve-windows-server-1394441.html
[4] Mt s ti liu khc.

44