Cover image for Windows Server 2003 Network Administration

Book description

This book is the Windows Server version of the classic TCP/IP Network Administration. Like the book that inspired it, Windows Server 2003 Network Administration provides an overview of the essential TCP/IP protocols, and explains how to properly manage and configure the services based on these protocols. Any skilled network administrator knows that understanding how things work is as important as knowing how things are done. This book is the essential guide to both, containing everything a network administrator needs to exchange information via the Internet, and to build effective reliable networks.

This must-read guide is divided into three distinct sections: fundamental concepts, tutorial, and reference. The first three chapters are a basic discussion of the network protocols and services. This discussion provides the fundamental concepts necessary to understand the rest of the book. The remaining chapters provide a how-to tutorial for planning, installing and configuring various important network services. The book concludes with three appendixes that are technical references for various configuration options. Content specifics include how to:

  • Install, configure, and manage a Microsoft DNS and Windows DHCP server

  • Control remote communications with Microsoft RRAS software

  • Protect hosts with Internet Connection Firewalls

  • Configure Internet and Intranet Web services with IIS

  • Design proper security into your network

  • Troubleshoot the network when problems develop

After you've turned the final page of Windows Server 2003 Network Administration, you'll not only understand how to network, but also why it needs to be done.

Table of Contents

  1. Windows Server 2003 Network Administration
  2. Dedication
  3. Preface
    1. Who Should Read This Book
    2. What’s in This Book
    3. Conventions Used in This Book
    4. Using Code Examples
    5. We’d Like to Hear from You
    6. Safari Enabled
    7. Acknowledgments
  4. 1. Overview of TCP/IP
    1. 1.1. TCP/IP and the Internet
      1. 1.1.1. TCP/IP Features
      2. 1.1.2. Protocol Standards
    2. 1.2. A Data Communications Model
    3. 1.3. TCP/IP Protocol Architecture
    4. 1.4. Network Access Layer
    5. 1.5. Internet Layer
      1. 1.5.1. Internet Protocol
        1. 1.5.1.1. The datagram
        2. 1.5.1.2. Routing datagrams
        3. 1.5.1.3. Fragmenting datagrams
        4. 1.5.1.4. Passing datagrams to the Transport Layer
      2. 1.5.2. Internet Control Message Protocol
      3. 1.5.3. IP Security
    6. 1.6. Transport Layer
      1. 1.6.1. User Datagram Protocol
      2. 1.6.2. Transmission Control Protocol
      3. 1.6.3. Transport Layer Security
    7. 1.7. Application Layer
    8. 1.8. Summary
  5. 2. Delivering the Data
    1. 2.1. Addressing, Routing, and Multiplexing
    2. 2.2. The IP Address
      1. 2.2.1. Address Structure
      2. 2.2.2. Subnets
      3. 2.2.3. The Natural Mask
      4. 2.2.4. CIDR Blocks and Route Aggregation
      5. 2.2.5. Private Network Numbers
      6. 2.2.6. IPv6
        1. 2.2.6.1. The lack of demand for IPv6
    3. 2.3. Internet Routing Architecture
    4. 2.4. The Routing Table
    5. 2.5. Address Resolution
    6. 2.6. Protocols, Ports, and Sockets
      1. 2.6.1. Protocol Numbers
      2. 2.6.2. Port Numbers
      3. 2.6.3. Sockets
    7. 2.7. Summary
  6. 3. Network Services
    1. 3.1. Names and Addresses
    2. 3.2. The HOSTS File
    3. 3.3. LMHOSTS
    4. 3.4. Domain Name System
      1. 3.4.1. The Domain Hierarchy
      2. 3.4.2. Creating Domains and Subdomains
      3. 3.4.3. Domain Names
      4. 3.4.4. DNS Resolver and Server
    5. 3.5. Windows Internet Name Service
      1. 3.5.1. WINS Name Registration and Name Resolution
        1. 3.5.1.1. Registering, renewing, and releasing NetBIOS names
        2. 3.5.1.2. Resolving a NetBIOS name
    6. 3.6. SMB and CIFS
    7. 3.7. Mail Services
      1. 3.7.1. Simple Mail Transfer Protocol
      2. 3.7.2. Post Office Protocol
      3. 3.7.3. Internet Message Access Protocol
      4. 3.7.4. Multipurpose Internet Mail Extensions
    8. 3.8. Dynamic Host Configuration Protocol
      1. 3.8.1. How DHCP Works
    9. 3.9. Dynamic DNS
    10. 3.10. Active Directory Basics
      1. 3.10.1. Active Directory Replication Basics
      2. 3.10.2. Active Directory Database Basics
      3. 3.10.3. Domain Controllers
      4. 3.10.4. Authentication, Authorization, and Trusts
      5. 3.10.5. Group Policy Basics
    11. 3.11. Summary
  7. 4. Basic TCP/IP Configuration
    1. 4.1. Network Device Configuration
      1. 4.1.1. Adapter Configuration
      2. 4.1.2. Installing and Removing Network Components
    2. 4.2. General TCP/IP Configuration
      1. 4.2.1. Manually Defining the IP Address
        1. 4.2.1.1. Selecting an IP address block
      2. 4.2.2. Basic DNS Configuration
    3. 4.3. Adding More Configuration Details
      1. 4.3.1. Adding IP Addresses
      2. 4.3.2. Adding Gateways
      3. 4.3.3. The DNS Tab
      4. 4.3.4. The WINS Tab
      5. 4.3.5. The Options Tab
    4. 4.4. Summary
  8. 5. Managing DHCP Services
    1. 5.1. Basic Microsoft DHCP Concepts
      1. 5.1.1. DHCP Options
      2. 5.1.2. DHCP Scopes
    2. 5.2. Planning for DHCP
      1. 5.2.1. Redundancy Issues
    3. 5.3. Installing the DHCP Server
      1. 5.3.1. Configuring a DHCP Scope
    4. 5.4. Using the DHCP Console
      1. 5.4.1. Adding a Server
      2. 5.4.2. Adding a Scope or a Superscope
      3. 5.4.3. Configuring DHCP Options
      4. 5.4.4. Using Option Classes
        1. 5.4.4.1. Working with user classes
        2. 5.4.4.2. Working with vendor classes
        3. 5.4.4.3. Defining new options and setting defaults
      5. 5.4.5. Creating a Reservation
    5. 5.5. DHCP Server Administration
      1. 5.5.1. Authorizing
      2. 5.5.2. Activating
      3. 5.5.3. Detecting Conflicts
      4. 5.5.4. Selecting the Interface
      5. 5.5.5. Backup and Restore
      6. 5.5.6. Integrating with DNS
      7. 5.5.7. Logging
    6. 5.6. Creating a MADCAP Server
    7. 5.7. Summary
  9. 6. Creating a DNS Server
    1. 6.1. Domains Versus Zones
    2. 6.2. The Microsoft DNS Server
    3. 6.3. Planning a DNS Server Installation
    4. 6.4. Installing the DNS Server
    5. 6.5. Initial Configuration
    6. 6.6. The DNS Files
      1. 6.6.1. The cache.dns File
      2. 6.6.2. The Forward Lookup Zone File
        1. 6.6.2.1. Customizing SOA parameters
        2. 6.6.2.2. Defining a list of name servers
      3. 6.6.3. The Reverse Lookup File
    7. 6.7. The DNS Console
      1. 6.7.1. Defining Records for a Forward Lookup Zone
      2. 6.7.2. Working with Subdomains
        1. 6.7.2.1. Delegating a domain
      3. 6.7.3. Managing a Reverse Lookup Zone
        1. 6.7.3.1. Delegating a reverse zone
      4. 6.7.4. Understanding Stub Zones
      5. 6.7.5. Other Zone Management Features
        1. 6.7.5.1. Managing zone transfers
        2. 6.7.5.2. Configuring DNS Notify
        3. 6.7.5.3. Integrating a zone and WINS
      6. 6.7.6. Server Properties
        1. 6.7.6.1. Advanced tab
        2. 6.7.6.2. Scavenging
        3. 6.7.6.3. Forwarders
        4. 6.7.6.4. Logging and monitoring
    8. 6.8. Using nslookup
    9. 6.9. Summary
  10. 7. Using AD to Support Network Administration
    1. 7.1. Moving from Workgroups to Domain Environments
      1. 7.1.1. Using dcpromo
        1. 7.1.1.1. Creating a forest
        2. 7.1.1.2. Creating a new tree
        3. 7.1.1.3. Adding a child domain
        4. 7.1.1.4. Creating an additional DC
      2. 7.1.2. Confirming DNS Registration of DC Information
      3. 7.1.3. Configuring Sites
        1. 7.1.3.1. Creating, configuring, and modifying sites
      4. 7.1.4. Moving Operations Master Roles
      5. 7.1.5. Back Up AD
    2. 7.2. TCP/IP for AD Transport, Access, and Support
      1. 7.2.1. AD/DNS Dependencies
      2. 7.2.2. How AD Uses DNS
        1. 7.2.2.1. How DCs are located
        2. 7.2.2.2. How site information is used during logon
        3. 7.2.2.3. How DNS is used for AD replication
      3. 7.2.3. Configuring DNS for AD
        1. 7.2.3.1. Configuring the server
        2. 7.2.3.2. Configuring domain records
        3. 7.2.3.3. Configuring DNS delegation
        4. 7.2.3.4. Configuring AD-integrated DNS zones
        5. 7.2.3.5. Configuring and using secure dynamic DNS
      4. 7.2.4. Using Windows Server 2003 AD Application Partitions for DNS Zone Information
        1. 7.2.4.1. Using application partitions
        2. 7.2.4.2. Migrating from Windows 2000 to Windows Server 2003
      5. 7.2.5. Configuring the Windows Time Service
        1. 7.2.5.1. Synchronizing with an external time source
        2. 7.2.5.2. Synchronize with a hardware clock
      6. 7.2.6. Integrating DHCP with AD
      7. 7.2.7. NetBIOS and WINS in an AD Domain
        1. 7.2.7.1. Integrating WINS in a DNS environment
    3. 7.3. Using Group Policy to Manage Network Protocols
      1. 7.3.1. Dependency of Group Policy on DNS
      2. 7.3.2. Managing TCP/IP Configuration Using Group Policy
      3. 7.3.3. Managing DNS Client Configuration Using Group Policy
      4. 7.3.4. Managing the Windows Time Service Using Group Policy
      5. 7.3.5. Managing SNMP Using Group Policy
      6. 7.3.6. Managing WINS, RRAS, and IAS Servers Using Group Policy
    4. 7.4. Summary
  11. 8. Controlling Remote Communications with Microsoft Routing and Remote Access Service
    1. 8.1. Routing Services
      1. 8.1.1. IP Multicast Support
        1. 8.1.1.1. Understanding multicast components
        2. 8.1.1.2. Adding the IGMP services to RRAS
        3. 8.1.1.3. Configuring multicast boundaries
        4. 8.1.1.4. Configuring multicast heartbeats
        5. 8.1.1.5. Querying multicast router information
      2. 8.1.2. Configuring the DHCP Relay Agent
      3. 8.1.3. Configuring RIP Version 2 for IP
        1. 8.1.3.1. Configuring general RIP properties
        2. 8.1.3.2. Configuring Silent RIP mode
        3. 8.1.3.3. Configuring RIP security properties
        4. 8.1.3.4. Configuring RIP neighbors routing properties
        5. 8.1.3.5. Configuring advanced RIP routing properties
      4. 8.1.4. Configuring Open Shortest Path First (OSPF)
        1. 8.1.4.1. Subdividing the network into OSPF areas
        2. 8.1.4.2. Identifying ASBRs
        3. 8.1.4.3. Configuring network type
        4. 8.1.4.4. Identifying virtual links and backbone areas
        5. 8.1.4.5. Configuring security for OSPF
      5. 8.1.5. Network Address Translation (NAT)
        1. 8.1.5.1. Enabling and configuring NAT
        2. 8.1.5.2. Creating and configuring NAT interfaces
        3. 8.1.5.3. Creating a Demand Dial interface for dial-up connections
        4. 8.1.5.4. Adding a default static route
        5. 8.1.5.5. Enabling routing on ports
        6. 8.1.5.6. Securing a NAT server
        7. 8.1.5.7. Allowing inbound connections
      6. 8.1.6. Logging RRAS Routing Events
    2. 8.2. Protocol Filtering (Basic Firewall Services)
    3. 8.3. Remote Access Planning and Deployment
      1. 8.3.1. Hardware Provisioning
      2. 8.3.2. Authentication Choices
      3. 8.3.3. Reversible Encryption
      4. 8.3.4. Data Encryption
        1. 8.3.4.1. Encryption types
        2. 8.3.4.2. Choosing MPPE or IPSec encryption
        3. 8.3.4.3. Encryption strength selection for VPNs
      5. 8.3.5. Choosing a VPN Protocol
        1. 8.3.5.1. PPTP considerations
        2. 8.3.5.2. L2TP/IPSec considerations
        3. 8.3.5.3. IPSec in tunnel mode considerations
      6. 8.3.6. PPP Extensions
      7. 8.3.7. IP Addressing and DHCP Integration
      8. 8.3.8. Domain Functional Level Issues
      9. 8.3.9. The Remote Access Connection Process
      10. 8.3.10. Dial-in User Constraints
      11. 8.3.11. Remote Access Policies
        1. 8.3.11.1. Remote access policy restrictions
        2. 8.3.11.2. Profile constraints
        3. 8.3.11.3. Configuring remote access policies
    4. 8.4. Configuring Dial-up or VPN Access
    5. 8.5. Advanced Virtual Private Network (VPN) Process and Configuration
      1. 8.5.1. Using L2TP/IPSec VPNs with NAT and NAT-T
      2. 8.5.2. Configuring and Using RRAS Demand-Dial VPN
      3. 8.5.3. Configuring Dial-in Properties
      4. 8.5.4. Using a Shared Key for a L2TP/IPSec VPN
      5. 8.5.5. Configuring Firewalls for VPN
    6. 8.6. Configuring Clients to Use Remote Access
    7. 8.7. Configuring Logging and Accounting (Auditing) for Remote Access
    8. 8.8. Summary
  12. 9. Protecting Hosts with Windows Host Firewalls
    1. 9.1. Firewall Basics
    2. 9.2. Internet Connection Sharing
      1. 9.2.1. Enabling ICS
      2. 9.2.2. Enabling Internet Access to Local Services
      3. 9.2.3. Using a Network Bridge with ICS
      4. 9.2.4. Securing ICS
      5. 9.2.5. Managing ICS via Group Policy
    3. 9.3. Windows Firewall
      1. 9.3.1. Internet Connection Firewall (ICF)
      2. 9.3.2. Service Pack Firewall Modifications
        1. 9.3.2.1. Modifications
          1. 9.3.2.1.1. Security Center
          2. 9.3.2.1.2. Startup Security
        2. 9.3.2.2. Modifying firewall behavior using the Windows Firewall INF file and unattend.txt
          1. 9.3.2.2.1. Modifying firewall settings using the Control Panel
          2. 9.3.2.2.2. Modifying alerting and notification using the registry
          3. 9.3.2.2.3. Modifying firewall behavior using Group Policy
          4. 9.3.2.2.4. Modifying firewall behavior using Netsh
          5. 9.3.2.2.5. More modifications
        3. 9.3.2.3. Windows Server 2003 SP1
    4. 9.4. Routing and Remote Access Basic Firewall
    5. 9.5. Protocol Filters
      1. 9.5.1. TCP/IP Filters
      2. 9.5.2. Routing and Remote Access Protocol Filters
      3. 9.5.3. Filtering Using IPSec
    6. 9.6. Which Firewall Services Should You Use?
    7. 9.7. Summary
  13. 10. Centralizing Authentication and Authorization with Internet Authentication Server
    1. 10.1. The RADIUS Protocol
      1. 10.1.1. Authentication, Authorization, and Accounting RADIUS Processes
        1. 10.1.1.1. Authentication
        2. 10.1.1.2. Authorization
        3. 10.1.1.3. Accounting
      2. 10.1.2. RADIUS Messages
    2. 10.2. Installing and Configuring IAS
      1. 10.2.1. Installing IAS
      2. 10.2.2. Configuring IAS for Remote Access
        1. 10.2.2.1. Configuring a connection request policy
        2. 10.2.2.2. Configuring RADIUS clients for the IAS server
        3. 10.2.2.3. Configuring RRAS servers as RADIUS clients
        4. 10.2.2.4. Configuring auditing and logging
          1. 10.2.2.4.1. Log format and creation
          2. 10.2.2.4.2. Log contents
          3. 10.2.2.4.3. SQL server logging
        5. 10.2.2.5. Configuring Remote Access policies
        6. 10.2.2.6. Configuring additional ports
        7. 10.2.2.7. Configuring account lockout
    3. 10.3. Configuring IAS as a RADIUS Proxy
      1. 10.3.1. Configuring a RADIUS Server Group
      2. 10.3.2. Configuring a Connection Request Policy
    4. 10.4. Securing Communications Between RRAS and IAS
      1. 10.4.1. Shared Secret
      2. 10.4.2. Message-Authenticator Attribute
      3. 10.4.3. IPSec
    5. 10.5. Configuring IAS for Use with VLANs
      1. 10.5.1. Creating a Remote Access Policy for VLANs
    6. 10.6. Securing Wireless Access with IAS
      1. 10.6.1. Understanding EAP and PEAP
      2. 10.6.2. Understanding the 802.1x Authentication Process
      3. 10.6.3. Implementing 802.1x Authentication
        1. 10.6.3.1. Configuring IAS to support 802.1x authentication for wireless clients
          1. 10.6.3.1.1. Configuring a Remote Access policy for wireless
        2. 10.6.3.2. Understanding and fulfilling certificate requirements for EAP and PEAP
        3. 10.6.3.3. Using a Windows CA server certificate
        4. 10.6.3.4. Using a third-party certificate
          1. 10.6.3.4.1. Obtaining and installing a Verisign certificate
          2. 10.6.3.4.2. Manually installing the WLAN certificate
          3. 10.6.3.4.3. Verifying the certificate is installed
          4. 10.6.3.4.4. Configuring proxy settings
        5. 10.6.3.5. Configuring the Windows XP wireless client to use 802.1x authentication
      4. 10.6.4. Understanding and Using WPA
    7. 10.7. Using Backup and Restore (Importing IAS Configuration)
    8. 10.8. Providing Load Balancing for Multiple RAS Servers
    9. 10.9. Using IAS to Protect the Network from Bad Computers
      1. 10.9.1. Network Access Quarantine Control
        1. 10.9.1.1. Understanding network access quarantine control
        2. 10.9.1.2. Implementing network access quarantine control
      2. 10.9.2. Network Access Protection
    10. 10.10. Summary
  14. 11. Protecting Network Communications with Internet Protocol Security
    1. 11.1. IPSec Basics
      1. 11.1.1. Security Advantages of IPSec
        1. 11.1.1.1. Blocking, permitting, and securing communications
        2. 11.1.1.2. Defense in depth
        3. 11.1.1.3. IPSec tunnels
        4. 11.1.1.4. Flexibility
      2. 11.1.2. Differences Between AH and ESP
      3. 11.1.3. Process and Procedure
        1. 11.1.3.1. Defining the type of communication
        2. 11.1.3.2. Blocking and permitting
        3. 11.1.3.3. Securing or negotiating
          1. 11.1.3.3.1. Phase I: IKE Mode, or Main Mode
          2. 11.1.3.3.2. Phase II, or Quick Mode
    2. 11.2. Specifics of the Windows Implementation
      1. 11.2.1. The IPSec Policy Agent Service
      2. 11.2.2. The IPSec Driver
      3. 11.2.3. New in Windows Server 2003
        1. 11.2.3.1. Disable default exemptions
        2. 11.2.3.2. IPSec NAT traversal
      4. 11.2.4. Default IPSec Policies
    3. 11.3. Configuring a Windows IPSec Policy
      1. 11.3.1. Reviewing Configuration Requirements
      2. 11.3.2. Using the IPSec Policy Wizard to Create a Policy
        1. 11.3.2.1. Creating an MMC console
        2. 11.3.2.2. Create a blocking rule
      3. 11.3.3. Assigning the Policy
      4. 11.3.4. Testing the Policy
      5. 11.3.5. Creating Additional Rules
        1. 11.3.5.1. Create a permit rule
        2. 11.3.5.2. Changing the permit rule to secure
        3. 11.3.5.3. Creating an IPSec policy on ComputerB
      6. 11.3.6. Setting Up the IPSec Monitor and Testing the Policy
      7. 11.3.7. Writing Policies Using netsh
      8. 11.3.8. Using Group Policy to Implement IPSec
      9. 11.3.9. Monitoring and Troubleshooting IPSec
        1. 11.3.9.1. Using netsh to monitor IPSec
        2. 11.3.9.2. Using the IP Security Monitor to monitor IPSec
    4. 11.4. Extending IPSec Operations
      1. 11.4.1. Use Persistent Policies
      2. 11.4.2. Configure IPSec Driver Modes
        1. 11.4.2.1. Startup mode
        2. 11.4.2.2. Operational mode
        3. 11.4.2.3. Diagnostic mode
    5. 11.5. Designing IPSec Policies to Meet Secure Communications Needs
    6. 11.6. Hardening IPSecurity Policies
      1. 11.6.1. Hardening Authentication
      2. 11.6.2. Hardening Security Methods
    7. 11.7. Summary
  15. 12. Configuring Internet and Intranet Web Services with IIS
    1. 12.1. Server Preparation and IIS Installation
      1. 12.1.1. Install and Prepare Windows Server 2003
        1. 12.1.1.1. Documenting the server configuration
        2. 12.1.1.2. Hardening of dedicated web server services
      2. 12.1.2. Installing IIS
    2. 12.2. Installing and Configuring Web Servers and Sites
      1. 12.2.1. Creating a Web Site
      2. 12.2.2. Managing IIS Permissions
      3. 12.2.3. Configuring User Authentication
      4. 12.2.4. Configuring Web Site Properties
        1. 12.2.4.1. Configuring the IP address used for the server
        2. 12.2.4.2. Configuring access
        3. 12.2.4.3. Setting MIME
        4. 12.2.4.4. Configuring NTFS permissions
        5. 12.2.4.5. Configuring logging
        6. 12.2.4.6. Adding IIS components and services
        7. 12.2.4.7. Enabling and configuring extensions
      5. 12.2.5. Reviewing Web Server Security
      6. 12.2.6. Editing the Metabase
      7. 12.2.7. Using IIS Backup and Recovery
      8. 12.2.8. Configuring SSL
        1. 12.2.8.1. Requesting a certificate
        2. 12.2.8.2. Installing the certificate
        3. 12.2.8.3. Configuring the web site to require SSL
        4. 12.2.8.4. Backing up and restoring certificates
      9. 12.2.9. Configuring FTP
        1. 12.2.9.1. Creating an FTP site
        2. 12.2.9.2. Configuring FTP authentication
    3. 12.3. IIS Mail Services
      1. 12.3.1. Configuring Email Services
      2. 12.3.2. Using a Mail Gateway with the SMTP Virtual Server
      3. 12.3.3. Monitoring SMTP
    4. 12.4. Installing and Running IIS Applications
      1. 12.4.1. Determining Session State Requirements
      2. 12.4.2. Using Web Site and Application Isolation
        1. 12.4.2.1. Isolation by disk and/or subdirectory
        2. 12.4.2.2. Isolation via unique worker processes
        3. 12.4.2.3. Security context and impersonation
      3. 12.4.3. Choosing a Process Isolation Mode
      4. 12.4.4. Managing Application Pools and Worker Processes
        1. 12.4.4.1. Creating and configuring application pools
        2. 12.4.4.2. Monitoring the health of application pools
        3. 12.4.4.3. Recycling worker processes
    5. 12.5. Summary
  16. 13. Network Security Administration
    1. 13.1. Security Administration Framework
    2. 13.2. Windows Security Posture
      1. 13.2.1. Permissions and Privileges
        1. 13.2.1.1. Privileges and permissions not explicitly granted are denied
        2. 13.2.1.2. Deny permissions may or may not override allow
      2. 13.2.2. Anonymous Access and Null Sessions Are Possible
      3. 13.2.3. Administrators Are All-Powerful
      4. 13.2.4. Delegation of Authority
        1. 13.2.4.1. Multiple administrative groups
        2. 13.2.4.2. Granular permissions and rights assignment
        3. 13.2.4.3. Delegation of control
      5. 13.2.5. Role Separation
      6. 13.2.6. Centralized Administration with Group Policy
      7. 13.2.7. Security Templates for Security Configuration
      8. 13.2.8. Domains Are Not Security Boundaries
    3. 13.3. Configuring Advanced Network Security Features
      1. 13.3.1. Storage and Use of EFS-Encrypted Files on Network Servers Using WebDAV
      2. 13.3.2. Integration of Certificate Services into Windows Networking
        1. 13.3.2.1. Configuring domains to use certificate services
        2. 13.3.2.2. Obtaining certificates for DCs and servers
        3. 13.3.2.3. Configuring SMTP transport for AD replication
        4. 13.3.2.4. Securing LDAP communications
      3. 13.3.3. SMB Signing
    4. 13.4. Summary
  17. 14. Troubleshooting TCP/IP
    1. 14.1. Approaching a Problem
      1. 14.1.1. Troubleshooting Hints
    2. 14.2. Diagnostic Tools
    3. 14.3. Testing Basic Connectivity
      1. 14.3.1. The ping Command
      2. 14.3.2. Using portqry
    4. 14.4. Troubleshooting Network Access
      1. 14.4.1. Troubleshooting with the ipconfig Command
      2. 14.4.2. Troubleshooting with the arp Command
        1. 14.4.2.1. ARP problem case study
      3. 14.4.3. Checking the Interface with netstat
        1. 14.4.3.1. Network hardware problems
    5. 14.5. Checking Routing
      1. 14.5.1. Tracing Routes
    6. 14.6. Checking Name Service
      1. 14.6.1. Some Systems Work, Others Don’t
        1. 14.6.1.1. The data is here and the server can’t find it
    7. 14.7. Analyzing Protocol Problems
      1. 14.7.1. Network Monitor
    8. 14.8. Protocol Case Study
    9. 14.9. Summary
  18. A. DHCP Options
  19. B. DHCP Audit Log Identifiers
  20. C. DNS Resource Records
    1. C.1. Basic Resource Records
      1. C.1.1. Start of Authority Record
      2. C.1.2. Name Server Record
      3. C.1.3. Address Record
      4. C.1.4. Mail Exchanger Record
      5. C.1.5. Canonical Name Record
      6. C.1.6. Domain Name Pointer Record
      7. C.1.7. Service Location (SRV)
    2. C.2. Less Commonly Used Resource Records
      1. C.2.1. AFS Database (AFSDB)
      2. C.2.2. ATM Address (ATMA)
      3. C.2.3. Host Information (HINFO)
      4. C.2.4. IPV6 Host (AAAA)
      5. C.2.5. ISDN
      6. C.2.6. Mail Group (MG)
      7. C.2.7. Mailbox (MB)
      8. C.2.8. Mailbox Information (MINFO)
      9. C.2.9. Next Domain (NXT)
      10. C.2.10. Public Key (KEY)
      11. C.2.11. Rename Mailbox (MR)
      12. C.2.12. Responsible Person (RP)
      13. C.2.13. Route Through (RT)
      14. C.2.14. Signature (SIG)
      15. C.2.15. Text (TXT)
      16. C.2.16. Well Known Services (WKS)
      17. C.2.17. X.25
    3. C.3. The Boot File
  21. Index
  22. About the Authors
  23. Colophon
  24. Copyright