Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Creating A Small Domain

Posted on 2009-03-31
14
Medium Priority
?
222 Views
Last Modified: 2012-05-06
Hi,

I have been assigned a task to create a small network/domain.

The hardware I am entitled to use are as follows;

1 X ADSL combined router and firewall
1x 2003 server
1 x network printer
14 x client machines.
1/2 x network hub or switch

All machines must have access to the internet.

The current setup I have proposed is;

                               |-------> Hub 1 -> 7 machines
Router/firewall -> server -> Hub 2 -> 7 macines
                               |------> Printer

The server will be configured with AD and assigned static ip address and DNS

The x machines will be configured to connect to the domain + use a dynamic ip address.

Will this work? Or is there a better solution?

Thanks in advance.
0
Comment
Question by:mogsey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 2
  • +1
14 Comments
 
LVL 18

Expert Comment

by:Americom
ID: 24034881
Basically you are setting up a small domain with Win2k3 as the AD/DNS/DHCP/PrintServer and may be file server as well. I'm assuming all machine are in the same domains and obtaining IP address and DNS configuration from the Domain Controller. There's really nothing much to it exept that if you can only have one server for everything, just make sure you have good backup. Make backup to a removable media or to a separate RAID other than the OS, just in case it crashs, you don't lose everything and start from scratch. And, just keep in mind that with one server, do expect downtime in the event your server has major problem.
0
 

Author Comment

by:mogsey
ID: 24034886
I should add the server will have been promoted to a domain controller and the xp machines added to the appropriate groups and user accounts created for access.
0
 

Author Comment

by:mogsey
ID: 24034904
Americom that is precisely what I am after!

I am just not to sure on the whole configuration on the server to ensure all of the machines have internet and access to the printer.
0
Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 6

Expert Comment

by:automationstation
ID: 24034937
Your gateway IP address would be the private IP address of your existing firewall/router. I would configure Active Directory on the server, DNS, DHCP, WINS on the server. Name your domain like yourcompany.local. I would also suggest getting a larger network switch (NO hubs) to connect all the computers to one switch.

You could put another NIC card in the server and configure the server to route the traffic to all machines. This would give you another layer of protection. You don't mention if you are running Exchange on the server as that would require more configuration.
0
 
LVL 18

Expert Comment

by:Americom
ID: 24034944
You first create the domain before you can join XP machine to the domain.
As far as internet access is concern, you you may want to talk to your ADSL provider and they usually can provide solution. For the printer, you can configure the local printer to have static IP or client reservation. Then on your DNS, create an entry for the printer name to map with the IP(if static). Then on your domain controller, you can add printer by simply assign the printer name by using the DNS host name you created in the DNS and complete and share the printer. User can find all the printer by UNC path \\domaincontrollername\, or you can use logon script to map printers. Or you can also install internet printer protocol service on your domain controller and the user can connect to the printers by http://domaincontrollername/printers.
0
 

Author Comment

by:mogsey
ID: 24034972
automationstation I like the idea of installing a second NIC, how would you configure that?

I am will not be running exchange on the box.
0
 
LVL 6

Expert Comment

by:automationstation
ID: 24035002
ADSL combined router and firewall ->
        1st NIC on Server (public or private IP address)->
                    [Server] ->
                          2nd NIC on Server (private IP Address like 192.168.16.x)->
                                     Switch to all other machines.

You could do this to hide your network behind the server. If you run the Internet Connection Wizard on the server you can find more information on setting up two NIC's in the server.
0
 

Author Comment

by:mogsey
ID: 24035010
Thankyou with your patience with me.

Lets say I have ran dcpromo and promoted the server to be the DC, during the wizard I have specified that the server will also be the DNS server.

I have a single internet line coming into the server which has to act as DHCP to the other 14 client machines to grant them internet access, what would be the configuration for this? If adding extra hardware is required then so be it.
0
 
LVL 6

Accepted Solution

by:
automationstation earned 2000 total points
ID: 24035028
Does your ADSL router give out private IP addresses now? If so, you could disable the DHCP server on the router and then configure the server to be the DHCP Server with the ADSL router as the gateway device.

As an example:
Server IP Address: 192.168.16.2
Gateway (ADSL Router: 192.168.16.1
Subnet Mask: 255.255.255.0
IP Range for DHCP Server: 192.168.16.0 - 192.168.16.255
Reserve a few for other servers/printers: 192.168.16.1 - 192.168.16.25
Setup DNS on the server and configure DNS forwarders to point to your ISP's DNS Servers.

So then a workstation on the network (via DHCP from your server) would be configured like:

Workstation IP: 192.168.16.25
Subnet Mask: 255.255.255.0
Gateway: 192.168.16.1
DNS Server: 192.168.16.2
0
 
LVL 6

Expert Comment

by:automationstation
ID: 24035034
Correction:

Workstation IP: 192.168.16.26 (the next available IP address via DHCP)
Subnet Mask: 255.255.255.0
Gateway: 192.168.16.1
DNS Server: 192.168.16.2
0
 

Author Comment

by:mogsey
ID: 24035073
automationstation, yes the router does give out private ip addresses and I believe you may have just cracked what I am after!

Is DNS forwarding just statically assigning them in the tcp/ip stack ?

I also take it that what you have described is the internet connection coming into one NIC from the router and out of the second nic?
0
 
LVL 7

Expert Comment

by:tankergoblin
ID: 24035541
..
0
 
LVL 6

Expert Comment

by:automationstation
ID: 24035925
Yes, mogsey, that is correct... cables go from router -> 1st nic (IN) and then (out) 2nd NIC to switch and network.

Think of it this way... Public IP or WAN/Internet | Private IP or LAN

DNS forwarding is configured in the DNS snap-in. Right click on the DNS server and select the forwarders tab. Ideally, all the network machines look to the server for DNS, the server will resolve or forward the request out to the Internet... your ISP's DSN Servers. It is incorrect to configure Public IP addresses as DNS Servers.
0
 

Author Comment

by:mogsey
ID: 24041212
To all thankyou for your help but automationstation gets the points.

Regards

Mogsey
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question