modul 1 - integration island
DESCRIPTION
copyTRANSCRIPT
-
1/10 LKS Nasional 2015 IT Network Systems Administration Modul 1
MODUL 1 Integration Island IT Network Systems Administration
LKS Nasional Serpong, 7-13 Juni 2015
-
LKS Nasional 2015 IT Network Systems Administration Modul 1 2/4
Overview 1 EXAM ............................................................................................................................................... 3
1.1 CONTENTS ............................................................................................................................... 3
1.2 INTRODUCTION ....................................................................................................................... 3
1.3 DESCRIPTION OF PROJECT AND TASKS .................................................................................... 3
1.4 QUICK SPECIFICATIONS ........................................................................................................... 3
1.5 PART 1 ...................................................................................................................................... 4
Working Tasks Windows Virtual Server ........................................................................................... 4
Working tasks Linux Virtual Server .................................................................................................. 5
1.6 PART 2 ...................................................................................................................................... 6
Working Tasks Network ................................................................................................................... 6
1.7 PART 3 ...................................................................................................................................... 8
Working Tasks Notebook ................................................................................................................. 8
2 APPENDIX ......................................................................................................................................... 9
2.1 Specifications ........................................................................................................................... 9
2.1.1 WINDOWS SERVER SPECIFICATIONS ............................................................................... 9
2.1.2 DOMAIN GROUPLIST ....................................................................................................... 9
2.1.3 LINUX SERVER SPECIFICATIONS ....................................................................................... 9
2.1.4 NETWORK SPECIFICATIONS ............................................................................................. 9
2.1.5 NOTEBOOK SPECIFICATIONS ........................................................................................... 9
2.1.6 NETWORK DIAGRAM ..................................................................................................... 10
-
3/10 LKS Nasional 2015 IT Network Systems Administration Modul 1
1. EXAM
1.1 CONTENTS This Test Project proposal consists of the following document/file:
1. Modul 1 Integration Island.docx
1.2 INTRODUCTION The competition has a fixed start and finish time. You must decide how to best divide your time.
1.3 DESCRIPTION OF PROJECT AND TASKS You work as an IT system integrator for SMBs. The hosting company hostserv want to provide several hosted services to their customers. Your job is to setup the infrastructure for hostserv you have already get a list with the major tasks.
hostserv has two hosting offers. First they offer E-Mail hosting for their customers. As second service they give the customers the possibility to move their workers on the terminal server and use it as remote workstation.
Youll find additional information as attachment.
1.4 QUICK SPECIFICATIONS
Internet
NETWORK
Cisco Router2800 Series
Router
TRUN
K 8
02.1
Q
FE0/0
FE0/1
System Functions:- 802.1Q- Routing- NAT- ACL
Cisco Catalyst 2900 Series
Switch
System Functions:- vlan- telnet
Client
Windows 7
System Functions:- VPN Client
Windows Hostmachine
System Functions:- AD- DNS
Windows Server 2008 R2
Debian 7 Server
System Functions:- Mail Server- RAID- DHCP- VPN Server
Virtual Linux Server
System Functions:- VMWare Host
Virtual Windows Server
Windows Hostmachine
System Functions:- Join Domain- Map Drive
Windows 7 Client
-
LKS Nasional 2015 IT Network Systems Administration Modul 1 4/4
1.5 PART 1 Working Tasks Windows Virtual Server Note: Please use the default configuration if you are not given the details.
Install and Setup Server with the Windows Server 2008 R2 Operating System with the settings specified in the appendix
Install the services o Configure Active Directory
Enable Roaming Profile and store the user profiles at \\hostsrv1\profiles\username
Create for every user (not administrator account!) a home folder stored at \\hostsrv1\homes\username and ensure that that is mapped to Z: at each logon automatically
Create Active Directory Users Create an OU that is named user You will find a file called LKS2015-M1_TP1_USERS.csv with names,
roles and units of all workers in desktop computer Host machine; use this file as a basis for automating the creation of all user accounts. Be aware that all information, located in the Excel file, regarding any user must be present on accounts created.
Create departments share folders on \\hostsrv1\workers and \\hostsrv1\managers and map the respective folder to Y: at logon depending on the security group (Workers; Managers) the user is in. Users should not be allowed to access other department share. (Info? Look at the provided Excel-sheet!)
Set the passwords of all users listed in the CSV file to Jakarta2012.
o DNS Create a reverse zone for the inside IP range Create subdomain www and mail in the zone host.com to IP Address
Linux Server (hostsrv2) ( www.host.com IP Address hostsrv2 ) ( mail.host.com IP Address hostsrv2 )
Make sure that DNS requests to zone host.com from internet are answered with host public IPs and those from inside network with inside IPs. If you have problems with this configuration, we are doing functionality check on this, so you can find your own way to solve this!
-
5/10 LKS Nasional 2015 IT Network Systems Administration Modul 1
Working tasks Linux Virtual Server Install and Set up server with the Debian 7 operating system with the settings specified
in the appendix. Ensure that all components are correctly installed (Dont install Graphical User Interface (GUI) such as KDE, GNME, etc) o use the following partitions layout:
/ 8GB /var 5GB swap 2GB Setup RAID 5 over 3 disks with 5GB each. Mount the volume at /home
o In VMware, use bridged networking, custom, map to vmnet1 (top NIC on host)
Install the services o Postfix
Create users and mailboxes for all users listed in the file LKS2015-M1_TP1_USERS.csv
Ensure that users have access to the mail server via: web access, POP3 and IMAP.
Web access should be available under http://mail.host.com/webmail
Mails should be stored in the home partition o DHCP Server
Range: 172.16.1.130 172.16.1.254 Gateway: 172.16.1.129 DNS: 172.16.1.2
o VPN install and configure OpenVPN create the user vpnuser01 with password Serpong2015. VPN Clients should be able to access all resources on the internal
network.
-
LKS Nasional 2015 IT Network Systems Administration Modul 1 6/4
1.6 PART 2 Working Tasks Network Note: Please use the default configuration if you are not given the details.
o SWICTH Access Switch using telnet with IP Address 192.168.1.99 via Port 24 (ensure the port 24
connect to NIC onboard). Telnet password and enable password is Cisco. Configure port vlan
Port Vlan 1 4 Trunk 5 8 vlan linux (vlan 20)
9 12 vlan win (vlan 10) 13 - 16 vlan services (vlan 30) 17 - 20 vlan client (vlan 100)
Configure vlan 30 with IP Address 172.16.1.126/26 Join switch management into VLAN services Hostsw1 configuration
o Use port 1 for connection to the router fa0/1 o Use port 5 for Linux server o Use port 9 for Windows server o Use port 12 for VLAN services o Use port 17 for VLAN client
o ROUTER Router configuration:
o Configure Fa0/0 with IP Address 143.25.1.1/25 o Configure Fa0/1 with 802.1Q:
Fa0/1.10 with IP Address 172.16.1.1/27 Fa0/1.20 with IP Address 172.16.1.33/27 Fa0/1.30 with IP Address 172.16.1.65/26 Fa0/1.100 with IP Address 172.16.1.129/25
o Enable DHCP relay for VLAN client o Enable DHCP server on Fa0/0
Range: 143.25.1.100-143.25.1.254 Apply appropriate DHCP Scope options
Note: You can set up StatiIP Address using to above.
o NAT/PAT Configure PAT for internal hosts Configure static NAT for outside connections: Static NAT to hostsrv1 from ip-address 143.25.1.2 Static NAT to hostsrv2 from ip-address 143.25.1.34
-
7/10 LKS Nasional 2015 IT Network Systems Administration Modul 1
o ACL Restrict access to Linux Server from outside only to the services: MAIL
(POP, SMTP) HTTP and VPN Restrict access to Windows Server from outside on to the services:
HTTPS and DNS Deny all other traffic from outside to all inside networks
-
LKS Nasional 2015 IT Network Systems Administration Modul 1 8/4
1.7 PART 3 Working Tasks Notebook Note: Use the default configuration if you are not given the details.
Install notebook with the Windows 7 Operating system with the settings specified in the appendix
Connect the notebook to the internet Configure it as an OpenVPN client Connect the notebook to the switch vlan client Join the notebook to the domain Configure Outlook for send and receive E-mails with Mailuser01 and Mailuser02. The
email address for each user should be from the mail column in the csv file, e.g. Mailuser01 should be using [email protected] and Mailuser02 should be using [email protected].
-
9/10 LKS Nasional 2015 IT Network Systems Administration Modul 1
2 APPENDIX 2.1 Specifications 2.1.1 WINDOWS SERVER SPECIFICATIONS Computer name: hostsrv1
DNS domain: host.com
User name: Administrator
Administrator password: Serpong2015
IP address: 172.16.1.2
Domain NetBIOS Name: HOST
Active directory recovery Password: #Serpong2015
Virtual network card bridged to: vmnet0 (On-board NIC)
2.1.2 DOMAIN GROUPLIST Groupname: Members:
MailUsers All users with name beginning with MailUsers
Workers mailuser11-19
Managers mailuser1-10
2.1.3 LINUX SERVER SPECIFICATIONS Computer name: hostsrv2
Root password: Serpong2015
Default User name: competitor
Default User password: Serpong2015
Domain name: host.com
IP address: 172.16.1.34
Virtual network card bridged to: vmnet1 (LAN Card)
2.1.4 NETWORK SPECIFICATIONS VLAN win (ID: 10) 172.16.1.0/27
VLAN linux (ID: 20) 172.16.1.32/27
VLAN services (ID: 30) 172.16.1.64/26
VLAN client (ID: 100) 172.16.1.128/25
Internet 143.25.1.0/24
2.1.5 NOTEBOOK SPECIFICATIONS Organization: Hostsrv
Computer name: notebook01
Domain: host.com
User name: Competitor
Password: Serpong2015
IP address dhcp
-
LKS Nasional 2015 IT Network Systems Administration Modul 1 10/4
2.1.6 NETWORK DIAGRAM
Internet
NETWORK
Cisco Router2800 Series
Router
TRUN
K 8
02.1
Q
FE0/0
FE0/1
System Functions:- 802.1Q- Routing- NAT- ACL
Cisco Catalyst 2900 Series
Switch
System Functions:- vlan- telnet
Client
Windows 7
System Functions:- VPN Client
Windows Hostmachine
System Functions:- AD- DNS
Windows Server 2008 R2
Debian 7 Server
System Functions:- Mail Server- RAID- DHCP- VPN Server
Virtual Linux Server
System Functions:- VMWare Host
Virtual Windows Server
Windows Hostmachine
System Functions:- Join Domain- Map Drive
Windows 7 Client
1. EXAM1.1 CONTENTS1.2 INTRODUCTION1.3 DESCRIPTION OF PROJECT AND TASKS1.4 QUICK SPECIFICATIONS1.5 PART 1Working tasks Linux Virtual Server
1.6 PART 21.7 PART 3
2 APPENDIX2.1 Specifications2.1.1 WINDOWS SERVER SPECIFICATIONS2.1.2 DOMAIN GROUPLIST2.1.3 LINUX SERVER SPECIFICATIONS2.1.4 NETWORK SPECIFICATIONS2.1.5 NOTEBOOK SPECIFICATIONS2.1.6 NETWORK DIAGRAM