Order Now!
Windows 7 for XP ProfessionalsUpdating Support Skills from XP to Windows 7by Bink.nu's Raymond Comvalius
There are 140 guest(s) online.
There are 0 member(s) online.
By: Netanel Ben-Shushan, CSA/JNCIA-SSL/MCP/MCSA/MCSE/MCTS/MCITP
Abstract
This article will help you to learn everything that you need to know as a systems administrator (or SysAdmin) about this protocol and what can you do with him.
What's DHCP? And why it's recommended to use it?
Imagine that you're working as a SysAdmin for a large company with 500 desktop computers; you need to set to each desktop computer IP address, subnet mask, default gateway, DNS servers, and other network settings. How could you do that?
If you'll try to perform this task manually you're probably going to waste a lot of time on sitting on each computer 5-10 minutes, beside time, you can for example accidently enter wrong IP address to few clients, or to type the same IP address to few clients too.
In order to solve these "problems" you can use Dynamic Host Configuration Protocol (or DHCP) in your network.
DHCP allows you manage the networks' IP addresses scopes and other TCP/IP settings like DNS, Default Gateway, etc. from central place, this central place called DHCP server. Beside the management, if there's any problem you don't need to run between your clients, you just need to connect to your server and to check the DHCP settings, as I mentioned – the DHCP works from central place, so if there's a problem, it's probably from the server, so you know where to go in case of problem and your saving time.
The DHCP server can provide easily IP addresses to clients automatically so you don't even need to configure and set options in the client side, all you need is to setup DHCP server, configure scope options and some other TCP/IP settings in the server side and that's it. You can provide to your clients IP addresses from the selected range that you've configured and some other TCP/IP options.
Note: DHCP in my opinion can called "The next generation of BOOTP", because the BOOTP came first before the DHCP, and today we're using BOOTP in order to deploy operating systems by booting from the network. Beside this, DHCP was developed in order to support in large networks – something that BOOTP can't provide.
How DHCP works?
Without entering to the related technical information (DORA process) the DHCP client request from the DHCP server IP address for a while, the length of time that the DHCP client can use the dynamic IP address that the DHCP server provided can be called lease, just like the name: lease means that the client "rent" an IP address for a specific time from the DHCP server, if the client want to continue using the specific IP address the client needs to re-assign the address by renew the lease, this will happen before the expiration time of the lease if the client is still in the network.
More in depth, the DHCP service works by using the DORA (Discover, Offer, Request and Acknowledgment) process (you can trace on the whole process using a network monitor utility):
1. DHCPDISCOVER – The client broadcast a DHCPDISCOVER packet in order to locate a DHCP server in the network, in some cases that the DHCP server isn't in the same subnet of the client, you'll need to configure in your network devices (usually routers) a DHCP Relay Agent, in order to transfer the DHCPDISCOVER packet to the DHCP server.
2. DHCPOFFER – The DHCP server broadcast a DHCPOFFER packet to the client which includes an offer to use a unique IP address for the client.
3. DHCPREQUEST – The client broadcast a DHCPREQUEST packet to the DHCP server with an answer, and "asks" from the server to "rent" the unique address that the server offer to her.
4. DHCPACK – The DHCP server broadcast a DHCPACK packet to the client, in this packet the server acknowledge the request from the client to use the IP address, and provide to the client the IP address lease and other details such as DNS servers, default gateway, etc. if the server cannot provide the requested IP address or from some reasons the address is not valid the server sends DHCPNACK packet in stand of DHCPACK, more information about DHCPNACK is under the specific subject – DHCPNACK.
Note: DHCP service uses port 67/UDP in the DHCP server, and 68/UDP at the DHCP clients.
It's recommended to check that your firewall doesn't block these ports in order to able the DHCP server and clients to communicate, and also check that your network devices supports DHCP Relay Agent in case that some of your clients are in different physical subnet.
In some cases you'll notice another DHCP messages like these:
1. DHCPDECLINE – If the client recognizes that the IP address that the DHCP server offer to her in use, the client will generate a new request to another IP address (in the DHCPREQUEST step).
2. DHCPRELEASE – This message is commonly in use when the client "give up" and release IP address.
3. DHCPRENEW – This is the request packet to renew and continue "renting" the IP address lease.
4. DHCPINFORM – The DHCPINFORM is packet that the client send to the DHCP server in order to get more details from the server, for example DHCPINFORM can be send in order to locate another DHCP servers in the network.
DHCPNACK
The DHCPNACK or Negative Acknowledgment is a packet that the server sends if the IP address is not available in stand of DHCPACK (in use on other client for example) or the address is no longer valid. In case of DHCPNACK the client must restart the lease process in order to get an IP address.
DHCP Scopes, Exclude and Reservation
DHCP Scope is a range of IP addresses that you configure in your DHCP server as range of addresses that designed for distribution to the clients.
For example, if you set a scope with a range from 10.0.0.100-10.0.0.200, you can easily provide only from this range IP addresses to your clients.
You can also create more than one scope, but it's recommended to check that your scopes aren't duplicating one with each other's. At the scope creation process you can add some more TCP/IP parameters such as subnet mask, IP addresses lease time, router (default gateway), DNS servers, etc. so when the clients gets the IP addresses they'll get also the other parameters from the scope.
In some cases, you'll need to prevent the client using some addresses, for example if your scope is from 10.0.0.1 up to 10.0.0.100, and your servers using 10.0.0.1-10.0.0.10, you can exclude these IP addresses from the scope and exclude the DHCP to distribute them to the clients, in most of the DHCP servers this option called exclude.
Reservation is a great option if you're planning to provide specific dynamic IP address from the DHCP server to unique DHCP client. If for example in the 10.0.0.1-10.0.0.100 scope you want to provide for specific client a unique address that will be always of the client, you can easily set reservation for the client using a unique identifier – the MAC address, the MAC of Media Access Control is a unique hexadecimal physical address for network adapters.
DHCP & DNS
When you're installing DHCP server you can configure the DHCP server to set DNS updates to any DNS server that support dynamic updates. More information about the combination between DHCP and DNS you can find right here.
Active Directory & DHCP Servers
In Microsoft Windows Server with Active Directory you need to authorize your server in order to work with the DHCP service.
In the past you could install few DHCP servers – as you wish, this action occurs problems like server crashing, etc.
In the new Windows 2000 Server/Server 2003/2008 you must authorize your server in order to start the DHCP server, if there's an authorized DHCP server in the Active Directory environment and a non-authorized server trying to start the DHCP service in order to distribute IP address, the server will failed in this task and the DHCP service in the local computer will stop.
DHCP Relay Agent
DHCP Relay Agent is any kind of host (usually a router or server) that listen to DHCP/BOOTP broadcast from clients on subnets without local DHCP servers.
The DHCP Relay Agent forwards the packets from the clients and the DHCP server that sitting on different physical subnets to each other in order to supply 'connection' between the DHCP Server to the clients, and opposite (from the clients to the server).
In conclusion
Using DHCP service can easily help you as a System/Network Administrator to manage you clients by assigning, tracking and re-assigning IP addresses.
About the author
Netanel Ben-Shushan is an IT Consultant & Trainer from Israel, who works mainly with Microsoft, networking and information security systems. He's the creator of www.ben-shushan.net, a personal website in Hebrew with technical guides and articles. Beside he's website, Netanel is also writing a Hebrew weblog at Microsoft Israel's blogging community.
My name is Crissy House and I am the Windows Server Operations Manager here at Microsoft. I handle a lot of our customer and partner questions and wanted to provide an update on upcoming support lifecycle changes for Windows 2000 Server and Windows Server 2003 and help clarify some misperceptions of a Service Pack 3 for Windows Server 2003. Windows 2000 Server Extended Support for Windows 2000 Server will end on July 13, 2010.
At this time, Windows 2000 Server will no longer be publicly supported. You will be able to continue using "Self-Help Online Support"* Windows Server 2003 and Windows Server 2003 R2 Also on July 13, 2010, Windows Server 2003 and Windows Server 2003 R2 (at a supported service pack level) will move from the Mainstream Support phase to the Extended Support phase. During the Extended Support phase: Microsoft will continue to provide security updates and paid support (Example: Premier and Essential support, per-incident telephone/web support, etc.) Customers will continue to have access to all security updates and Self-Help Online Support options (Example: Knowledge Base articles, online product information etc.) Non-security hotfixes developed during the Extended Support phase will be provided ONLY to customers who enroll in Extended Hotfix Support (EHS).
Please note: If you'd like to enroll in EHS, customers must already have a Premier Support contract. In addition, customers must enroll in EHS within the first 90 days of the Extended Support phase. Program and per fix fees may also apply. Customers with Software Assurance can enroll in EHS at any time. Service Pack 3 for Windows Server 2003 We have received inquiries from our customers and partners on whether or not there will be a need for a Service Pack 3 for Windows Server 2003.
Microsoft will not have a SP3 release for Windows Server 2003. To Summarize... Self-Help Online Support* will be available for Windows 2000 Server after Extended Support before it ends on July 13, 2010. Windows Server 2003 and Windows Server 2003 R2 will begin an extended support phase on July 13, 2010 There will be no Service Pack 3 for Windows Server 2003 *Self-Help Online Support is available throughout a product's lifecycle and for a minimum of 12 months after the product reaches the end of its support. Microsoft online Knowledge Base articles, FAQs, troubleshooting tools, and other resources, are provided to help customers resolve common issues.
Continue At Source
The bug concerns the Server service found in all NT-based Windows OS responsible for communication between computers in a Windows based Network allowing for remote execution of code.
Bink first reported the issue along with a link to the rather small KB article. Since then Microsoft updated the article (several times?) to provide more information to the public. Questions are raised after seeing this additional information.
Hopefully when the systems are patched, we could get a glimpse on how this bug works and how it could be there has been a flaw in a modern and secure system for over 8 years now. More information will be posted as it comes available.
A Scalable Networking Pack (SNP) hotfix rollup package is available for Windows Server 2003. If you are running Windows Server 2003 Service Pack 2 (SP2), this hotfix rollup package resolves the following issues
Download the 32bit 950224 package now.
Download the x64 950224 package now.
This update adds support for the following Advanced Encryption Standard (AES) cipher suites in the Schannel.dll module for Windows Server 2003:
OpenSSL supports several 128-bit and 256 bit AES cipher suites. OpenSSL is used in most open software products in Unix systems. For example, OpenSSL is used in Sendmail, Postfix, Firefox, and Thunderbird. Currently, the only 128-bit cipher suite that is mutually available is RC4. Additionally, there is no 256-bit cipher available.If customers set the high cipher strength option in OpenSSL for their software product, OpenSSL disables all 128-bit ciphers. In this case, Windows systems cannot negotiate by using Transport Layer Security (TLS) because there are no mutually supported cipher suites. Therefore, there is usually an interoperability issue between Microsoft Exchange Server and the Postfix server or there is an interoperability issue between Microsoft Exchange Server and the Sendmail server. The only workaround is to use a weaker cipher and a weaker cipher strength.With this update, you can support 128-bit and 256-bit cipher suites without Cryptography Next Generation (CNG). This update enables you to use a higher cipher strength. This update also fixes the interoperability issue between the Exchange server and the Sendmail server. This update also fixes the interoperability issue between the Exchange server and the Postfix server.
Download At Source
To understand in detail what each configuration item will be evaluating please review the properties of that configuration item in the context of the server role being addressed.
Also:
Microsoft Windows Server 2000 Assessment Configuration Pack for Federal Information Security Management Act (FISMA)
This configuration pack contains configuration items intended to help you establish and validate a desired configuration for your Windows 2000 servers in order to support your Federal Information Security Management Act compliance efforts.
About The Lone ServerOnce I was almost famous. For years, my friends and I were on the front lines: we were the Windows Server 2003 servers that powered Microsoft.com, one of the hottest Web sites in the world. Then, early last summer, everything changed. Quietly, without warning, the new kids took over. Windows Server 2008. Yes, I know, the product’s not even done yet. These were Beta 3 servers, for Pete’s sake. Long way from prime time. But there they were, humming away. No problems. All of ‘em on Windows Server 2008. Except me. The last Windows Server 2003 left at Microsoft.com.
Here’s a video of my life today, it is a longer version (3:14), in case you have as much time to kill as I do:
How can this be?If you’re like me (and I know I am), you probably wonder how a product that’s eight months away from shipping can be handed the responsibility of running something as big and important as the Microsoft corporate portal. Fact is, Windows Server 2008 was lurking around MS.com since back when they still called it Longhorn. Those early bits first took live traffic back in ’05. And since then, WS08 has been everybody’s favorite kid. They called it part of the development team. Said it was a prodigy. Given all the cool little jobs. But then, suddenly, to be given the whole enchilada? All of MS.com? While still in Beta friggin’ 3? Unimaginable, but there it was. My only hope is that some hero will come along and bring me some kind of, I don’t know, redemption. Call me a dreamer. But really, what else can I do? No matter how you cut it, I’m not long for this datacenter. My Life TodayI won’t tell you what I actually do now on Microsoft.com. It’s too embarrassing. Let’s just call it a serious fall from grace. However, I do try to keep busy. In addition to blogging in my new free time, I’ve been visiting some of the Seattle area’s finer drinking establishments (link to video) and updating my Facebook and Linked In pages. I do have time on my hands, so I’d love to hear from you!
Critical Stats:Married: NoAge: 4 yearsHome: Seattle, Washington -- Home of the Seahawks!Processor Cores: QuadMultiProcessor: 4Memory: 16 GBInternal Drives: 8Height: 4UFavorite Restaurant: Building 42 Cafeteria
Microsoft Office SharePoint Server 2007 Service Pack 1 (SP1) and Microsoft Windows SharePoint Services 3.0 Service Pack 1 (SP1) are now available. These service packs include a number of hot fixes across Office SharePoint Server and Windows SharePoint Services, new Stsadm commands for repartitioning databases and renaming host site collections, and updates to documentation that address performance and capacity planning concerns. For more information about what this service pack contains, read the introductory white paper, .
Download and install
Full Story At Source
I attended a technical session this summer by Ronald Beekelaar (a Dutch MVP) about Domain Isolation, he did the demo with some cool configured Virtual machines, controlled by his own written HTA tool. I asked him if he could make it available and now 5 months later it is published on MS Download center. He told me he written a program to make the VHD's smaller. He fitted 5 Virtual Machines in a 256 MB download. I'll ask him how he managed to do that, it is not just about using a parent disk.
DNS name servers that don't forward their requests to other DNS servers, need to know some of the IP addresses of the root name servers in order to find their way to the rest of the information. They either have this knowledge built-in or use an external file containing an initial mapping.
The "L.ROOT-SERVERS.NET" root name server changed its IP address, and hence some updating to the hints could be useful.
Getting an up to date file:
For the record: this isn't an urgent update. Consider it an opportunity to verify your name server software is up to date on patches and perhaps to learn a few interesting bits on how the DNS system works.
Experts say that migrations from Unix to Linux have slowed down because all the low-hanging fruit has now been picked. Linux growth in the U.S. x86 server market has, over the past six quarters, started to falter and reverse its positive course relative to Windows Server and the market as a whole.
The annual rate at which Linux is growing in the x86 server space has fallen from around 53 percent in 2003, when Windows Server growth was in the mid-20 percent range, to a negative 4 percent growth in calendar year 2006, IDC Quarterly Server Tracker figures show.
Over the same time period, Windows has continued to report positive annual growth, outpacing the total growth rate in the x86 market by more than 4 percent in 2006, indicating that Linux has actually lost market share to Windows Server over this time.
The same holds true for worldwide Linux x86 server shipments, which dropped from the huge annual growth rate of about 45 percent is 2003 to growth of less than 10 percent in 2006, the IDC figures show.
One of the biggest reasons for this is that the migrations from Unix to Linux have slowed down markedly.
"We have seen the rate of migration from Unix slow over the past few quarters," IDC analyst Matt Eastwood told eWEEK. "In my view this is because much of the low-hanging fruit has been moved and the applications that remain on Unix are stickier because they are seen as business critical and more political candidates for migration overall."