Imperial Navy Command

NETWORK INFRASTRUCTURE BETA RELEASE

By Lord Admiral Williams J. Saraiva | Navy Commanding Officer | September 13, 2013

PAGE 1

IP Scheme
This is a testing network that will be implemented within all fleets once all the components are throuly tested. It was assigned to be tested one network 172.16.80.0/22 which was then subnet into 4096 subnets in which we will only use 172.16.80.0 and 172.16.80.16 with the mask of 255.255.255.240 or /28.

Router 1
The first router was setup using windows server 2008 RC2 using RRAS role with two dedicated interfaces. Public with the 172.16.0.120/24 IP scheme pointing to 172.16.0.1 gateway and 205.205.205.205 DNS HQ with the 172.16.80.1/28 with no gateway but DNS pointing to 172.16.80.2 which will be brought online later on in this documentation.

RRAS had a static route setup to Destination 172.16.80.16, Mask 255.255.255.240 and HQ interface of 172.16.80.4 which will be the next router being setup in this network.

DC
A single domain controller was set up in this network, it has all of its roles since he is the only one at the moment. The DC server it is also the DNS server for this network. Important things to know are: Inc.mil is the domain Network password is Pa11word Main admin is default (Administrator) HQ interface setup with the 172.16.80.2/28 IP scheme pointing to 172.16.80.1 gateway and 205.205.205.205 for DNS which changed to 172.0.0.1 when DNS was setup and 205.205.205.205 became a forwarder. FQDN DC.inc.mil

PAGE 2

Router 2
The Second router was setup using windows server 2008 RC2 using RRAS role with two dedicated interfaces. HQ with the 172.16.80.4/28 IP scheme pointing to 172.16.80.1 gateway and 172.16.80.2 for DNS Field with the 172.16.80.17/28 with no gateway but DNS pointing to 172.16.80.2

DHCP
DHCP was setup with the following configuration: HQ interface with the 172.16.80.3/28 IP scheme pointing to 172.16.80.1 gateway and 172.16.80.2 for DNS Scope of valid IPs 172.16.80.18-172.16.80.30/28 with gateway pointing to 172.16.80.17 and DNS to 172.16.80.2 FQDN DHCP.inc.mil A DHCP was then setup on router 2 with the following configuration:

PAGE 3

WDS
A WDS server was setup on the DHCP server as it is often recommended because of its easy integration. You just have to make sure that the Do not listen on port 67 and Configure DHCP option 60 checkboxes are checked in the wizard. Note: If the WDS is to be configured on a separate server, you will not check the above checkboxes and option 60 will need to be created. This is done by going to server options on the DHCP MMC click add and Set name to PXEClient > Data type to String > code to 060, just 60 will not work, it needs to be 060.

You will have a chance to set where your installation/boot files will be stored in the very beginning, since this is the only extra files being stored here we will map it to the default path of c:\remoteinstall I chose not to get the .Wims through the wizard so I selected to add images later. So, to add them of the wizard you will go into the boot folder on the WDC MMC first to add the boot image. Which will be located on the windows 7 CD under the sources folder and it is called boot.wim

To add the images will be much of the same procedure except that the file under the Windows CD sources folder is called images.wim and you will have a chance to setup an images group to keep images you add separated that you get to name it in the beginning of the wizard. We used Windows 7 as our group name.

PAGE 4

To test if everything works you will need to set up a client with windows already installed and check if the DHCP is working properly first under the Field subnet. Since ours worked, we proceeded to do a client install and set it to boot through the network interface rather than the hard drive and I was successful.

DFS1 and DFS2

DFS was setup on both the DFS1 and the DFS2 servers after they joined the domain. The procedure involved creating the 2 shares we needed for this network so each server was added a brand new hard disk called Data under the D drive and these became the following shares, DFS1\redirection (on DFS1 server target D:\Redirection) DFS1\profiles (on DFS1 server target D:\profiles) DFS2\redirection (on DFS2 server target D:\Redirection) DFS2\profiles (on DFS2 server target D:\profiles)

We then added both DFS1 and two though a name server called \\inc.mil\users and made the above folders as targets though the users under full mesh setup for replication making them fault tolerant.

PAGE 5

In the wizard do not forget to change the NTFS permissions to allow the users to write to these targets as we will need for roaming profiles and folder redirection that is coming up next.

Roaming Profiles
After creating our users and groups under the Officers OU we will select all officers and right click and go into properties, the select the profiles tab and create a path for everyone at once.

Folder redirection and Mapped Drive.

The following were done using group policy and made in a way that the user can only see his own folders and not everyone else.

PAGE 6

First we redirected the folders:

Note that Music, Pictures, and Videos follow that Document s target as well

Then we Mapped the Drive M: using the following GPO

PAGE 7