Modul 1 integration island

Modul 1 integration island

• 1.
  1/10LKS Nasional 2015– IT Network Systems Administration – Modul 1 MODUL 1 – Integration Island IT Network Systems Administration LKS Nasional Serpong, 7-13 Juni 2015
• 2.
  LKS Nasional 2015– IT Network Systems Administration – Modul 12/4 Overview 1 EXAM ............................................................................................................................................... 3 1.1 CONTENTS ............................................................................................................................... 3 1.2 INTRODUCTION ....................................................................................................................... 3 1.3 DESCRIPTION OF PROJECT AND TASKS.................................................................................... 3 1.4 QUICK SPECIFICATIONS ........................................................................................................... 3 1.5 PART 1...................................................................................................................................... 4 Working Tasks Windows Virtual Server........................................................................................... 4 Working tasks Linux Virtual Server.................................................................................................. 5 1.6 PART 2...................................................................................................................................... 6 Working Tasks Network................................................................................................................... 6 1.7 PART 3...................................................................................................................................... 8 Working Tasks Notebook................................................................................................................. 8 2 APPENDIX......................................................................................................................................... 9 2.1 Specifications........................................................................................................................... 9 2.1.1 WINDOWS SERVER SPECIFICATIONS ............................................................................... 9 2.1.2 DOMAIN GROUPLIST ....................................................................................................... 9 2.1.3 LINUX SERVER SPECIFICATIONS....................................................................................... 9 2.1.4 NETWORK SPECIFICATIONS............................................................................................. 9 2.1.5 NOTEBOOK SPECIFICATIONS ........................................................................................... 9 2.1.6 NETWORK DIAGRAM..................................................................................................... 10
• 3.
  3/10LKS Nasional 2015– IT Network Systems Administration – Modul 1 1. EXAM 1.1 CONTENTS This Test Project proposal consists of the following document/file: 1. Modul 1 – Integration Island.docx 1.2 INTRODUCTION The competition has a fixed start and finish time. You must decide how to best divide your time. 1.3 DESCRIPTION OF PROJECT AND TASKS You work as an IT system integrator for SMBs. The hosting company “hostserv” want to provide several hosted services to their customers. Your job is to setup the infrastructure for “hostserv” you have already get a list with the major tasks. “hostserv” has two hosting offers. First they offer E-Mail hosting for their customers. As second service they give the customers the possibility to move their workers on the terminal server and use it as remote workstation. You’ll find additional information as attachment. 1.4 QUICK SPECIFICATIONS Internet NETWORK Cisco Router2800 Series Router TRUNK802.1Q FE0/0 FE0/1 System Functions: - 802.1Q - Routing - NAT - ACL Cisco Catalyst 2900 Series Switch System Functions: - vlan - telnet Client Windows 7 System Functions: - VPN Client Windows Hostmachine System Functions: - AD - DNS Windows Server 2008 R2 Debian 7 Server System Functions: - Mail Server - RAID - DHCP - VPN Server Virtual Linux Server System Functions: - VMWare Host Virtual Windows Server Windows Hostmachine System Functions: - Join Domain - Map Drive Windows 7 Client
• 4.
  LKS Nasional 2015– IT Network Systems Administration – Modul 14/4 1.5 PART 1 Working Tasks Windows Virtual Server Note: Please use the default configuration if you are not given the details. • Install and Setup Server with the Windows Server 2008 R2 Operating System with the settings specified in the appendix • Install the services o Configure Active Directory  Enable Roaming Profile and store the user profiles at hostsrv1profilesusername  Create for every user (not administrator account!) a home folder stored at hostsrv1homesusername and ensure that that is mapped to Z: at each logon automatically  Create Active Directory Users • Create an OU that is named “user” • You will find a file called LKS2015-M1_TP1_USERS.csv with names, roles and units of all workers in desktop computer Host machine; use this file as a basis for automating the creation of all user accounts. Be aware that all information, located in the Excel file, regarding any user must be present on accounts created.  Create departments share folders on hostsrv1workers and hostsrv1managers and map the respective folder to Y: at logon depending on the security group (Workers; Managers) the user is in. Users should not be allowed to access other department share. (Info? Look at the provided Excel-sheet!)  Set the passwords of all users listed in the CSV file to Jakarta2012. o DNS  Create a reverse zone for the inside IP range  Create subdomain www and mail in the zone “host.com” to IP Address Linux Server (hostsrv2) ( www.host.com <-----> IP Address hostsrv2 ) ( mail.host.com <-----> IP Address hostsrv2 )  Make sure that DNS requests to zone host.com from internet are answered with host public IPs and those from inside network with inside IPs. If you have problems with this configuration, we are doing functionality check on this, so you can find your own way to solve this!
• 5.
  5/10LKS Nasional 2015– IT Network Systems Administration – Modul 1 Working tasks Linux Virtual Server • Install and Set up server with the Debian 7 operating system with the settings specified in the appendix. Ensure that all components are correctly installed (Don’t install Graphical User Interface (GUI) such as KDE, GNME, etc) o use the following partitions layout:  / 8GB  /var 5GB  swap 2GB  Setup RAID 5 over 3 disks with 5GB each. Mount the volume at /home o In VMware, use bridged networking, custom, map to vmnet1 (top NIC on host) • Install the services o Postfix  Create users and mailboxes for all users listed in the file LKS2015-M1_TP1_USERS.csv  Ensure that users have access to the mail server via: web access, POP3 and IMAP. • Web access should be available under http://mail.host.com/webmail  Mails should be stored in the home partition o DHCP Server  Range: 172.16.1.130 – 172.16.1.254  Gateway: 172.16.1.129  DNS: 172.16.1.2 o VPN  install and configure OpenVPN  create the user vpnuser01 with password “Serpong2015”.  VPN Clients should be able to access all resources on the internal network.
• 6.
  LKS Nasional 2015– IT Network Systems Administration – Modul 16/4 1.6 PART 2 Working Tasks Network Note: Please use the default configuration if you are not given the details. o SWICTH • Access Switch using telnet with IP Address 192.168.1.99 via Port 24 (ensure the port 24 connect to NIC onboard). Telnet password and enable password is “Cisco”. • Configure port vlan Port Vlan 1 – 4 Trunk 5 – 8 vlan linux (vlan 20) 9 – 12 vlan win (vlan 10) 13 - 16 vlan services (vlan 30) 17 - 20 vlan client (vlan 100) • Configure vlan 30 with IP Address 172.16.1.126/26 • Join switch management into VLAN “services” • Hostsw1 configuration o Use port 1 for connection to the router fa0/1 o Use port 5 for Linux server o Use port 9 for Windows server o Use port 12 for VLAN “services” o Use port 17 for VLAN “client” o ROUTER • Router configuration: o Configure Fa0/0 with IP Address 143.25.1.1/25 o Configure Fa0/1 with 802.1Q:  Fa0/1.10 with IP Address 172.16.1.1/27  Fa0/1.20 with IP Address 172.16.1.33/27  Fa0/1.30 with IP Address 172.16.1.65/26  Fa0/1.100 with IP Address 172.16.1.129/25 o Enable DHCP relay for VLAN “client” o Enable DHCP server on Fa0/0  Range: 143.25.1.100-143.25.1.254  Apply appropriate DHCP Scope options Note: You can set up StatiIP Address using to above. o NAT/PAT  Configure PAT for internal hosts  Configure static NAT for outside connections:  Static NAT to hostsrv1 from ip-address 143.25.1.2  Static NAT to hostsrv2 from ip-address 143.25.1.34
• 7.
  7/10LKS Nasional 2015– IT Network Systems Administration – Modul 1 o ACL  Restrict access to Linux Server from outside only to the services: MAIL (POP, SMTP) HTTP and VPN  Restrict access to Windows Server from outside on to the services: HTTPS and DNS  Deny all other traffic from outside to all inside networks
• 8.
  LKS Nasional 2015– IT Network Systems Administration – Modul 18/4 1.7 PART 3 Working Tasks Notebook Note: Use the default configuration if you are not given the details. • Install notebook with the Windows 7 Operating system with the settings specified in the appendix • Connect the notebook to the internet • Configure it as an OpenVPN client • Connect the notebook to the switch vlan client • Join the notebook to the domain • Configure Outlook for send and receive E-mails with Mailuser01 and Mailuser02. The email address for each user should be from the ‘mail’ column in the csv file, e.g. Mailuser01 should be using [email protected] and Mailuser02 should be using [email protected].
• 9.
  9/10LKS Nasional 2015– IT Network Systems Administration – Modul 1 2 APPENDIX 2.1 Specifications 2.1.1 WINDOWS SERVER SPECIFICATIONS Computer name: hostsrv1 DNS domain: host.com User name: Administrator Administrator password: Serpong2015 IP address: 172.16.1.2 Domain NetBIOS Name: HOST Active directory recovery Password: #Serpong2015 Virtual network card bridged to: vmnet0 (On-board NIC) 2.1.2 DOMAIN GROUPLIST Groupname: Members: MailUsers All users with name beginning with “MailUsers” Workers mailuser11-19 Managers mailuser1-10 2.1.3 LINUX SERVER SPECIFICATIONS Computer name: hostsrv2 Root password: Serpong2015 Default User name: competitor Default User password: Serpong2015 Domain name: host.com IP address: 172.16.1.34 Virtual network card bridged to: vmnet1 (LAN Card) 2.1.4 NETWORK SPECIFICATIONS VLAN win (ID: 10) 172.16.1.0/27 VLAN linux (ID: 20) 172.16.1.32/27 VLAN services (ID: 30) 172.16.1.64/26 VLAN client (ID: 100) 172.16.1.128/25 Internet 143.25.1.0/24 2.1.5 NOTEBOOK SPECIFICATIONS Organization: Hostsrv Computer name: notebook01 Domain: host.com User name: Competitor Password: Serpong2015 IP address dhcp
• 10.
  LKS Nasional 2015– IT Network Systems Administration – Modul 1 10/4 2.1.6 NETWORK DIAGRAM Internet NETWORK Cisco Router2800 Series Router TRUNK802.1Q FE0/0 FE0/1 System Functions: - 802.1Q - Routing - NAT - ACL Cisco Catalyst 2900 Series Switch System Functions: - vlan - telnet Client Windows 7 System Functions: - VPN Client Windows Hostmachine System Functions: - AD - DNS Windows Server 2008 R2 Debian 7 Server System Functions: - Mail Server - RAID - DHCP - VPN Server Virtual Linux Server System Functions: - VMWare Host Virtual Windows Server Windows Hostmachine System Functions: - Join Domain - Map Drive Windows 7 Client