Write My Assignment FREE

PURPOSE

• Plan, organise and provide basic local area network (LAN) systems administration and security functions.
• Provide network service, such as the Web server, FTP service, and file and storage service, as well as the active directory domain controller, DNS server and Samba server (optional, see marking rubric for further information).
• Contribute to the risk analysis and the preparation of a disaster recovery plan for a LAN and set up appropriate backup and recovery procedures.

DESCRIPTION

Amama Dental Central (ADC) is a company located at Sydney, NSW. ADC is to provide dental care and other dental related service to all Sydney CBD customers. With rapid expansion of business, the company needs a computer networking system to use an assortment of software applications for company operation, such as office work, online booking, staff and customer membership management, and files and printers sharing among the company staff.

As IT specialists, students are to provide the ADC with recommendations and solutions in local area network system administration, including server and client system configurations to meet the client’s requirements. The prototype system is to be developed as a LAN for a typical small-medium size enterprise. Through the designed prototype system, the developer is to demonstrate to his/her supervisor and the ADC that he/she can provide the LAN implementation and administration.

The ADC employs twenty-five people and comprises five divisions under the director board (two members). The five divisions are Delivery, Marketing, Financial, Human Resources, and Maintenance. The company structure is illustrated in Figure 1, and the personnel are as given in Table 1.

Board of DirectorsManaging Director General Manager

Division	Position	Name	Duties
Board of Directors	Managing Director	Karen Todd	Delivering the highest level of service in the industry and developing trustworthy relationships with clients based on reliable performance.
General Manager	Roger Small	Managing the business and supervising all staff.
Delivery	Delivery Manager	Mauro Lucca	Managing Delivery Division and supervising all its staff
Dispatcher	Aaliyah Ibrahim	Planning delivery jobs, managing work roster of Chauffeurs and rotations of vehicles.
Store Person	Floriane Martin,	Maintaining store rooms and providing chauffeurs with route directions to specific pick-up and drop-off locations, and recording ending trip information from chauffeurs.
Customer Support	Priya Singh	Taking service request booking, helping Dispatcher assign and cancel trips and follow-up runs as designated to chauffeurs in an effective manner, and securing and verifying client reservations when necessary.

Figure 1 Structure of Amama Dental Central Table 1 Amama Dental Central (ADC)

	Chauffeurs	Jason Chen, Jim Sheerer, David Wilson, Jane Smith, Luis Monk, Bob Zee, Tom Reilly	Transport goods from source locations to redefined destinations.
Marketing	Marketing Manager	Rose Lieu	Managing the Marketing Division and supervising all its staff
Market Investigator	Ian Dean	Conducting market survey and analysis and assisting the Manager to decide types and options of delivery services and a price structure.
Public Relationship	Peter Wright	Developing relationship with clients, seeking cooperation with other delivery companies, and in charge of advertisement.
Finance	Finance Manager	Sarah Jones	Managing finances and purchases of the business and supervising the division clerks
Account	Charles Nguyen	Managing the accounts for the business
Cashier	Tong Williams	Processing all transactions of the company
Human Resources	HR Manager	Gary Jones	Managing the HR Division and staff training, and supervising the division staff
Personnel	Jennifer Bennett	Maintaining all staff work roster, staff and vehicles insurance and leave issues
Office Management	Nancy Johnson, Marilyn Taylor	Answering incoming calls and forwarding to related divisions for further processing if necessary, and providing administrative support to all divisions
Maintenance	Maintenance Manager	Charlie Brown	In charge of equipment maintenance and supervision of the division staff
Webmaster	Henry Lu	Maintaining ADC web pages and managing online booking system
IT Support	Bruce Lee	Providing IT support and operation of company computer network and databases of staff, customers and other resources.
Equipment Maintenance	Alex Tan	Maintenance of company’s all vehicles and other equipment.

NETWORK RESOURCES

Resources of the ADC network include computers (server and clients), printers, user accounts, software and company documents.

Computers & Printers

Each staff has his/her own computer or shares computers with colleagues. To simplify the design, however, you only need to create ONE COMPUTER ACCOUNT for each division, in addition to the virtual machines Windows Server 2012, Windows 10 & Windows 7, and the Linux machine.

All staff must be able to use any Windows client computers within the business and still be able to access the folders they are entitled to. There are only two Windows client machines, i.e., the Windows 10 & 7 in this prototype system for the demonstration. Therefore, each staff should be able to login onto the network via either of the two computers.

Every division is equipped with a printer that can only be used by its own staff. One extra printer is installed in the HR Division for all company staff. The IT staff Bruce Lee should have access to all the printers for maintenance purpose.

User Accounts

The IT Support staff Bruce Lee has an ADMINISTRATOR ACCOUNT, i.e., is a member of Administrators, while all OTHER USERS should be set as NORMAL USER ACCOUNTS.

Each staff requires a home directory where he/she can save data that only he/she can access. You should put the HOME DIRECTORIES of all company staff, including that of Bruce Lee, in the WINDOWS Server 2012. However, this directory must be easily accessible from all Windows client machines (Windows 7 & 10).

The user and computer accounts should be well organized in an appropriate number of ORGANISATION UNITS. While Bruce Lee is responsible for maintaining the whole network, the administrative control (add, disable/delete and unlock an account etc.) to the divisions Director Board, Marketing and HR is delegated to Henry Lu, the Webmaster.

To ease the setting of the access control, you can organize the domain users into groups according to the duties and the permissions set to them for accessing system resources.

File Folders

The folders that the staffs need access to are as follows:

• General Manager should have at least read-only access to all manager- assessable folders
• Policy Folder: read only access for every staff, Managing Director and General Manager have full control
• Manager Folder: read only access for managers, Managing Director and General Manager have full control
• Delivery Folder: Delivery Manager has full control, all staff of Delivery and Marketing Manager have read-only access
• Marketing Folder: Manager Director and Market Manager have full control; all staff of Marketing and the Webmaster have read-only access.
• Finances Folder: read only access for Financial staff, and full control for Finance Manager
• Purchase Folder: read only access for Financial staff and all managers, and full control for managers of Finance and Maintenance
• HR Folder: read only access for HR staff and all managers and full control for General Manager and HR Manager
• Maintenance Folder: read only access for Maintenance staff and all managers and full control for Maintenance Manager and Financial Manager
• Software Folder: a HIDDEN folder to which Bruce Lee and Henry Lu have full control

• While the files folders are placed in Windows Server 2012, they should be easily accessible to authorised users from any client windows machines. Thus, you need to create drive maps at the Windows 7 & 10 for all company staff. All files folders can then be accessed via this network drive.

System Protection

The ADC is concerned that if unexpected incidents happen to the computer network, the company might lose all data, including, transaction records, clients, business partners, and staff information, and other confidential documents. Thus a detailedrisk analysis to the whole network, and a backup and recovery plan for all data in the folders described above should be performed.

TASKS

1. Delete all previous work of practical exercises by removing Domain Controller (DC) and other roles of the server (0 marks, deduct 3 marks for not removing, however). Best and quickest method to have a clear Windows 2012 installed VM to starting a new DC is to copy an un-touched Windows 2012 server VM images from your Lab computers or ask your lecturer for a copy sometime in week 8 or 9 so you have more time to work on your week 12 or 13 demonstration.

2. Configure Windows Server and Clients

1. The domain name created must reflect the company name AmamaDental Central.
2. Provide configured Server and Client operating systems that meets the documentation.
3. Set group policy for network users:
   • Password policy: use strong password with a minimum length of EIGHT; change password FIRST time log in; change password every NINETY days.
   • Account lockout policy: After THREE times of unsuccessful login during a period of TEN minutes, the account should be locked out and only the IT support staff or the authorized delegate can unlock the account.
   • Apart from the original Administrator account and the one that has been created for the IT Support staff Bruce Lee who can log in to the Windows Server 2012 by default (a member of Administrators), Henry Lu should be allowed to logon locally in the server as well for the delegated duties. All other staff can only log in via client computers (the Windows 7 or 10 in this prototype system).

1. Apply a standard mandatory user profile to all the network users.
2. Install the Web Server and FTP Server. In the Exercise students have learnt how to install the servers in Windows Server 2012. For security and performance consideration, the Internet Information Service (IIS) should be installed in a NTFS volume of a standalone member server. Since there is only one server in the prototype system, the IIS should be installed in Window 10 (or Windows 7). Regarding this aspect, in fact, the Windows client machine plays a role of the Web Server.
3. Create a web page for ADC which only needs to contain the Company logo (use the one provided in Appendix I or design it by students themselves) and BRIEF DESCRIPTIONS about the online booking system and the business scope of the company. Students are free to add whatever they want to publish here. Users should be able to view the web pages from all the three Windows computers and the Linux machine.
4. Install all printers in Windows 10.

3. Install Samba in Linux (See marking rubric for detail on thiscomponent)

• Setting up a samba share on the virtual Linux machine. You can then create a file share which should be accessible to all managers.
• While the IT Support staff Bruce Lee has a Linux account (and better to be added into the sudoGROUPfor maintenance of the Samba server), all the managers should have only the access to the Samba share while their attempts to login onto the Linux must be blocked

4. Complete Documentation:

1. Provide technical documentation (in word format) for the system that has be designed based on the information provided above.
2. The documentation should include enough information for a system administrator to create or modify your system. Please refer to Appendix II for reference.
3. The document should contain at least the following:
   • Major steps in creating the local area network and configuring the server and client machines.
   • Usernames and passwords for all users (include the Administrator Username and Password for your system)
   • User and folder access permissions
   • Computer accounts and printers
   • Any policy’s or settings that have been applied to the system
   • A risk analysis table to list all the resources of the network and the potential risks and countermeasures
   • Backup and recovery plan
   • Information on the cover sheet of the documentation:
     • Student name
     • Student ID
     • Practical class day/time

IMPLEMENTATION

• Use all the three virtual Windows machines, i.e., the Windows Server 2012 and the Windows 10 and 7 to demonstrate the design of the LAN.
• Upon setting up the Windows Server 2012 as the domain controller and linking the Windows 10 and 7 to the domain, all the users can logon to the Company intranet via the client machines (it is still required to create a computer account for each division as aforementioned).
• Install Samba share in Linux and map a network drive in Windows 10 and 7.

REFERENCES

1. Windows Server 2012 R2 and Windows Server 2012 https://technet.microsoft.com/en- us/library/hh801901(v=ws.11).aspx
2. Install Domain Controller in Windows Server 2012 http://www.mustbegeek.com/install- domain-controller-in-windows-server-2012/

3. How to Install IIS on Windows 8 or Windows 10

https://www.howtogeek.com/112455/how-to-install-iis-8-on-windows-8/

4. Join computers to the new Windows Server 2012 Essentials network

https://technet.microsoft.com/en-us/library/jj200128(v=ws.11).aspx

5. Remove Active Directory Domain Services

https://technet.microsoft.com/en-us/library/hh472163(v=ws.11).aspx#BKMK_RemoveSM

6. Installing and configuring samba on centos 6 http://www.krizna.com/centos/installing- configuring-samba-centos-6/551914
7. Samba: How do you install and set up Samba in linux? [Redhat Enterprise(RHEL), CentOS, Fedora]

http://crazytoon.com/2007/05/22/samba-how-do-you-install-and-set-up-samba-in-linux-redhat- enterpriserhel-centos-fedora/

8. How To Edit the Sudoers File on Ubuntu and CentOS https://www.digitalocean.com/community/tutorials/how-to-edit-the-sudoers-file-on-ubuntu-and- centos

9. How to Map Network Drives on Windows Clients via Group Policy https://www.howtogeek.com/99403/it-how-to-map-network-drives-on-windows-clients-via-group- policy/

10. Textbook and references of the unit

11. The unit learning guide, lecture notes and practical exercises

Appendix I

ADC Logo

Appendix II

Annotated Exempla

Encrypted File System (EFS) (Sample Assignment Questions)

1. Briefly explain the Encrypted File Systems (EFS) and demonstrate how touse

EFS to encrypt a folder on Windows 7.

The EFS is a file system filter that provides file system (NTFS)-level encryption. The technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.

Suppose that a folder C:EncryptedFiles has been created and all the users of the computer have full control on it. The folder can be encrypted by following the steps given below:

1. Right-click the C:EncryptedFiles folder and click Properties
2. In the Properties dialog box, click Advanced
3. To encrypt the folder, make sure the Encrypt contents to secure data checkbox is selected. Click OK to complete the setting (Fig. 1)

All files created by a user in this folder can then be open by only the owner. Any attempts to access to these files from other users will be denied.

Fig.1 Encrypted File Folder

1. Is it possible in Windows 7 to allow other users the ability to view/edit the contents of an encrypted file, if so how?

It is possible for users to access (view/edit) each other’s encrypted files with the permission of the owner. Suppose that two users have created encrypted files in the folder C:EncryptedFiles (Personal Information Exchange Certificate will be generated for the two users automatically). Then if one user what to give access to another user for one of his/her encrypted files, he/she can just right click that file and select Propertiesand in the Properties dialog box click Advanced/Details. Click Add in the opened dialog box (Fig. 2) and select the user to whom the owner wants to give the access (Fig. 3). The selected user can now view/edit the encrypted file.

Fig. 2 Add user to access the file

Fig. 3 Select a user to access the file

1. Decrypt Encrypted Files on Windows 7

The computer Administrator can be configured as the agent to decrypt encrypted files by following the steps given below:

1. Login as Administrator

2. Go to Start/Run and type in cmd to open the console box.

At the prompt type cipher/r:and press enter. This prompt will then display:

Please type in the password to protect your .PFX file:

Please retype the password to confirm:

After typing in the password and if no mistake occurring, the prompt will then display

Your .CER file was created successfully. Your .PFX file was created successfully.

Fig.4 Generate the certificates

The .CER and .PFX files will be saved in the current directory that is shown at the command prompt. For example, if the command prompt displays C:UsersAdministrator>, the two files are just saved in the Administrator folder (Fig. 4).

3. At the console prompt type in certmgr.msc and this will open a dialog box to launch the Certificates Manager. Navigate to Personal and right click on the folder and select All Tasks/Import (Fig. 5). The Certificate Import Wizard will appear (Fig. 6). Click Next. Browse to the C:UsersAdministratorfolder In the Open dialog box, change the Files of Type (at the bottom) to personalInformationExchange(*.pfx,*.P12). Select the file fileName.pfxand click Open (Fig. 7a). Click Nextto import the certificate (Fig. 7b). Type in your password (leave the first two checkboxes blank and the third checked as shown in) and click Next(Fig. 8). Make sure the Radio button is active for the first option (Automaticallyselectthecertificatestorebased onthetypeofcertificate, Fig. 9a). Click Next. Click Finish. (You’ll receive a message that the import was successful).

Fig. 5 Import the Certificate

Fig. 6 File to import

Fig. 7a Select the certificate file

Fig. 7b Import the certificate file

Fig. 8 Key in the password

(a)

(b)

Fig. 9 Complete the certificate import

4. At the console prompt type in secpol.msc and click OK. This will launch the Local Security Policy (Fig. 10). Expand the PublicKeyPoliciesfolder and then right click on the EncryptedFileSystemsubfolder and select AddDataRecoveryAgent (Fig. 11). The Wizard will then display (Fig. 12). Click Next. Click the Browsebutton. Browse to the C:UsersAdministrator

folder. Select the certificate file and click Open. (Fig. 13), the wizard will display the status User_Unknown. That’s ok. Click

Next. Click Finish (Fig. 14). You will see a new entry in the right side column. Close the Local Security Policy.

You, the Administrator are now configured as the default Recovery Agent for all encrypted files that are afterwards created, saved or just re-opened in the C:EncryptedFile.

Fig. 10 Local Security Policy

Fig. 11 Select Encrypt File System

Fig. 12 Add Recovery Agent Wizard

Fig. 13 Select the certificate file

(a)

(b)

Fig. 14 Select Recovery Agents

The post Plan, organise and provide basic local area network appeared first on My Assignment Online.

Expert Help With This Assignment — On Your Terms