West Cheshire College

CO5043 – Further Computer Systems

Practical Assignment


Andrew Jones




This document deals with the three tasks of Network Design, Network Construction and Network Configuration.



Table of Contents

Table of Figures. 2

Network Design. 3

Description of the network. 3

The physical topology and the logical topology. 4

The Hardware Required. 7

The Software Required. 7

Limiting Access to Network Resources. 8

Problems Posed and the Solutions Offered. 9

Costs. 9

Support 9

Security. 9

Network Construction. 10

Network Configuration. 10

The server installation. 10

The server configuration. 42

References. 121

Table of Figures

Figure 1: Groups and Users. 4

Figure 2: Logical Network Design Layout 5

Figure 3: Physical Network Design Layout 6

Figure 4: Users being added to a security group. 8

Figure 5: Inappropriate network access. 9

Network Design

Description of the network

We are proposing a switched Microsoft Small Business Client / Server Category 6 cabled Ethernet Local Area Network combined with a Wireless Local Area Network, together with internet access. It will comprise:

·         eight workstations,

·         three laptops,

·         two servers,

·         one switch,

·         one router,

·         one network printer,

·         three wireless access points,

·         one patch panel, and

·         32 shielded CAT 6 sockets

The eight workstations will be fitted with a Gigabit Network Interface Card and physically connected via a patch lead and socket to the cabled infrastructure.

The three Partners laptops will have the option to either connect wirelessly through a Wireless Access Point in their office or connect physically via a patch lead and socket to the cabled infrastructure.

One of the servers will be connected physically via a patch lead to the switch and configured with the Microsoft Small Business Server 2008 operating system to act as:

·         Domain Controller

·         DHCP Server

·         DNS Server

·         Exchange Server

·         Document Repository

·         Windows Updates Service Server

The second server will connect physically via a patch lead to the switch, a second NIC will be used to connect to the router, and the server will be configured with the Microsoft Server 2008 operating system to act as:

·         an additional domain controller,

·         Document Repository backup, and

The switch will act as a central communications focal point managing both the wired and wireless communications with the servers.

The router, which has an integrated firewall, will be connected to one of the two network cards in the second server and provide internet access.

The network printer will be connected physically via a patch lead and socket to the cabled infrastructure.

The three Wireless Access Points will be connected physically via a patch lead and socket to the cabled infrastructure.

The patch panel will provide a central termination point for the cabled infrastructure, and an interface between the switch and the cabled infrastructure, with the switch being connected to the panel via patch leads.

The physical topology and the logical topology

A number of different topologies were considered these included:

·         Bus network,

·         Star network,

·         Ring network,

·         Mesh network,

·         Star-bus network,

·         Tree or hierarchical topology network

We have chosen to implement an Ethernet based shielded twisted pair Category 6 cabled LAN infrastructure combined with a Wireless LAN segment. Ethernet is a logical bus topology which we have implemented in a physical star topological layout. The star topology reduces the probability of a network failure by connecting all of the computers, servers, routers and printers to a central switch. The failure of a transmission line linking any device to the central switch will result in the isolation of that device from all others, but all the remaining devices will be unaffected. However, the disadvantage is that the failure of the central switch will cause transmission failure for all of the devices.

Logically the network will be managed by security groups, shown in figure 1, for access to shared folders and resources, as well as email and internet access. an additional a further logical description is shown in Figure 2.

Figure 1: Groups and Users

Figure 2: Logical Network Design Layout

Figure 3: Physical Network Design Layout

Figure 3 shows the physical layout of the network, taking into account the various rooms and offices described in the scenario. It details the physical position of the computer workstations and the corresponding network sockets together with the servers, router, switch and patch panel.

The Hardware Required

The scenario is not specific, so we are assuming that all the office computers are running the Windows XP professional operating system with 2 Gb of RAM and have a spare PCI slot. The three partners laptops have inbuilt wireless networking and integrated RJ45 LAN connectors and are running the Windows XP Professional operating system.

To meet the principal objective of the scenario: the provision of a network: we would recommend the hardware outlined in Table 1



Gigabit Ethernet Network Interface Cards




36 port Gigabit switch


36 port patch panel


Network Laser Printer


CAT 6 RJ45 Network Points


Router with integrated Firewall and ADSL modem


Wireless Access Points


CAT6 Patch leads


Table 1: Hardware Required for the Solicitors

We feel that this is the minimum amount of additional hardware require to meet the principal objectives. This hardware list ensures that the goals of managed e-mail, internet access and secure access to shared folders will be met. It also provides flexibility for the partners in the way in which they choose to connect to the network.

The Software Required

The choice of software for the solicitors practice has been the most challenging aspect of the design solution, and it boils down to four key aspects:

Looking at these areas in turn: legacy investment: it is most likely that the Microsoft Windows Operating System and applications suit are installed on all of the PC’s and laptops; all of the businesses additional software applications will run on a Windows platform, so the business has considerable investment desire to keep to that platform, as such the costs of software rises from a few hundreds of pounds for all of the software required to several thousands of pounds. The Microsoft and additional software required for the solicitors practice is laid out in Table 2.

The considerably lower cost solution for the practice would be through a Linux operating system and applications suit, this however brings into the equation: reliability and support: whilst the Microsoft applications suit and O/S are by no means perfectly reliable they are considerably better than the Linux based free alternatives. Leaving support, this for a Linux system is limited and would typically tie the practice into an expensive support contract with very few options for other providers. Where on the other hand a Microsoft based solution leaves the practice many more choices for support as these produces are considered as industry standard.



Microsoft Windows Small Business Server Premium Edition 2008


Microsoft Windows Server 2008 R2


Microsoft Forefront Threat Management Gateway 2010


Office Professional Plus 2010


Anti-virus software


Backup software


Table 2: Software Required for the Solicitors

Limiting Access to Network Resources

Text Box: Figure 4: Users being added to a security groupSecurity on the network will be managed through the use of a user name with password to logon to the domain and the membership of security groups. The following security groups will be created: Partners, Staff, Finance, Receptionists, HR and Office Manager with the various members of staff being added to each security group. Shown in Figure 4 are the Partners user accounts being added to the Partners security group.

The use of security groups allows for the simple application of security permissions for shared files and folders. Shown in Figure 5 is the attempt by a non-member of the correct security group attempting to access a protected folder.







Text Box: Figure 5: Inappropriate network access

Problems Posed and the Solutions Offered


The costs debate is closely related to support dilemma and revolves around industry standards, legacy investment and systems availability. There is little use to the business in having a network system that costs very little but is made up of non-industry standard components and software that is only supported by one individual. Better the safer, but considerably more expensive route of the Microsoft solution, which will be more flexible and more than likely less expensive in the longer term.


Support is like insurance, you only need it when you need it! Following on from the costs debate and closely linked is the deliberation about support contracts. The Linux, free and low cost, route severely limits the opportunities to provide a robust and secure support contract. Linux and the associated applications suits is a very small and limited market. The Microsoft based solution is industry standard and as such the opportunities to choose the practice’s support contract provider a significantly greater, an all together safer option.


The solution proposed provides a more than adequate level of security for the practice. Access to the computers is managed by user names and password, which have to meet complexity requirements. Access to the shared resources on the network is managed by the implementation of security groups. The wireless portion of the network will use WPA2, a highly secure connection methodology, to connect to the LAN. The shielded Category 6 cabled infrastructure is again very secure against eavesdropping; and, the servers are physically stored away from other people and if necessary the door could be locked.

Network Construction

We were provided a NIC, a Windows XP PC, a patch lead, switch and a screw driver set. Following electrical safety procedures, all power was cut from the PC. Using the screw driver we removed the four retaining screws at the rear of the PC and took the case off. Again using the screw driver we removed the screw holding the PCI blanking plate in place and removed the blanking plate. With the slot now clear we inserted the NIC in to the PCI slot and secured it with the screw previously removed. We replaced the case, reinserting and securing the four case screws.

Power was now re-applied to the PC and it was booted into Windows, automatically the addition of new hardware prompted the system so search for drivers, which it found and configured for use with the hardware.

The patch lead was inserted into the RJ45 socket on the NIC and the other end of it into the RJ45 socket in the switch. With this connection made, a green light was displayed by both the NIC and the switch to indicate that there was a physical link, we used the ping utility to contact a laptop, acting a server, on the network, with this successfully completed we made a Windows network connection to the server and created and saved a document in a shared folder on the server.

Network Configuration

The server installation


Initial loading screen where the files for the text based portion of the installation are loaded



The first welcome screen where we choose set up windows


The license agreement screen, we choose to accept it and press F8


There is already an installation of Windows on the system so we choose escape


There is already an existing partition which we are going to delete so we choose D


A warning that the partition is a system partition and we choose Enter to continue


A further warning that we are about to delete the partition and we choose L to continue



We know have a blank disk with no partition which we are to setup Windows on so we choose Enter


We are prompted for a file system for use in the formatting of the newly created partition, we choose NTFS and press enter to continue


The formatting progress bar


Setup is now copying the files necessary to complete the text based portion of the setup process and readying the system for the GUI phase of the installation



The setup programme is completing the configuration



The text portion of the installation is complete and the system is to reboot



The Windows loading screen



The installation screen for the GUI portion of the installation

The configuration option to change the language and keyboard setting for the server, we choose customise


The current regional options, we change these to English (United Kingdom) by selecting customise


We change the input language to English (United Kingdom) and remove the existing language options

A warning that the language settings will not change until the next restart or logon


Change the language option to English (United Kingdom)


Confirmation that the regional and language options have been changed


Enter the name and organisation of the software owner


Enter the product key


Select the licensing mode for the server, we choose per device or per user

Create a computer name and set the administrative password



A warning that the computer name contains non-standard characters, we choose yes to continue


Set the date and time settings and select next



Windows configuration screen


Configure the network, we choose custom settings


Custom settings options for the network configuration, we are going to customise the internet protocol (TCP/IP) settings


We set the IP address to with a subnet mask of and the default gateway to and the primary DNS server to


We choose to make the computer a member of a workgroup called WORKGROUP


The Windows configuration screen



The Windows start-up screen


The server is applying settings


The logon screen



Enter a user name and password


The desktop as displayed when logged on


The server configuration

The Windows logon screen

Enter a user name and password

The Windows server desktop

The Windows systems properties dialog box, where we are going to change the computer name

Changing the computer name to Andrew and leaving it in the workgroup WORKGROUP

Confirmation of the name change and that it will be implemented when the computer restarts

The Windows server shut down screen

The windows logon screen

The next stage in the configuration of the server, we click next

We are choosing the custom configuration option and click next

We are selecting the create a domain controller option and then clicking next

We are clicking next to confirm that we are configuring active directory

We are selecting next

A warning that the security requirements do not support older operating systems. We are again selecting next

We are choosing the option to create a new domain controller for a new domain and clicking next

We are creating a domain controller for a domain in a new forest and clicking next

We are choosing just install DNS on this computer and clicking next

We are calling our new domain jones.local a clicking next

Confirmation that the NetBIOS name will be JONES and clicking next

Confirmation that the active directory database and log will be located in c:\windows\ntds and clicking next

Confirmation that the shared SYSVOL folder will be c:\windows\sysvol and clicking next

We are choosing the permissions compatible with windows 2000, windows 2003 operating systems and clicking next

A summary page for our configuration of active directory and clicking next

The configuration of active directory dialog box

A warning that the computer has a dynamically assigned IP address, we click OK

We are selecting the properties of internet protocol TCP/IP

We are entering a static IP address, subnet mask, default gateway and preferred DNS server and clicking ok

The configuring DNS services dialog box

Confirmation that active directory has been installed, we click finish

The computer must restart dialog box, we choose restart now

The windows logon screen

We enter a username and password

Confirmation that the computer is now a domain controller, we click finish

The desktop, we choose add or remove a role

We choose next

We selecting DHCP server and clicking next

We are choosing next

the welcome dialog box, we are clicking next

The naming the scope dialog box, we name the scope and click next

Here we enter the range of the scope and subnet mask and click next

The add an exclusion dialog box, we have no exclusions so click next

set the lease duration and click next

The configure the scope options dialog, we are choosing yes and clicking next

The set a router IP address, we are leaving this blank and clicking next

The domain name and DNS servers dialog box, we are leaving this blank and clicking next

The WINS servers dialog box, we are leaving this blank and clicking next

The activate scope dialog, we are choosing activate now and clicking next

The confirmation dialog box that the server is now a DHCP server, we are clicking finish

The windows command screen

The results of the ipconfig /all command

The Windows XP system properties dialog box

The computer name changes dialog box, we are joining the domain jones

The Windows Server administrative tool explorer, we are selecting DHCP

We are choosing authorize from the DHCP mmc

Confirmation that the DHCP scope is now authorized and active

The Windows command screen with the results of the ipconfig /renew command

We are joining the domain jones and clicking ok

The domain logon on dialog, we have to enter the user name and password of an account with the credentials that will allow us to join the domain


Confirmation that we have successfully joined the domain jones


The computer must restart to implement the changes to the domain, we click ok

Choice of when to restart the computer, we are choosing yes


The windows xp logon screen


Enter a user name and password to logon

The windows xp desktop



Above, the create a new user option of the users and computers mmc.


Below, the new user dialog box

confirmation of the create a new user function, we click finish


The AD users and computers mmc with the staff accounts created


The AD users and computers mmc with all of the users created


The create a new group dialog box, we are creating a global security group

The create a new group dialog box with the name common


The AD users and computers mmc with the security groups created

The addition of user accounts to the security groups, this screen show the partners user accounts being added to the partners security group

Confirmation that all three partner accounts are added to the partners security group


The addition of the hr manager user account to the security group hr


The shared folders for use by the practice

The select users, computers and groups dialog box where we add the security groups that we wish to have access to the shared folder

The security properties of the finance folder showing the users and groups allowed access, we are going to grant the finance group full control


The shared network resources


The effects of the security policy when logged on as a non-finance group member attempting access to the finance folder