ICS, DHCP, Active Directory, Domain v.s. Workgroup, RRAS, NAT, Dynamic IP v.s. Static & Which work together... and why?

[Conundrum]

Hopefully this will become a really long thread with people sharing their knowledge of these topics. I'm interested in altering my current home network and have been looking into this further. Currently everything works smoothly with ICS running on one of my Win2k boxes. I found out real quick that a dynamic IP doesn't work with NAT. I actually had it working, but I had to put in my ISP's DNS server directly... and some things wouldn't work right with it.

I decided to stick with ICS. Working with just a simple workgroup...

I was thinking about going ahead and setting up a domain. Getting active directory going... maybe even seeing if I could get my hands on Exchange Server just to test it out. Get a better idea of how to set up GPOs, OUs, Site links if I can create REALLY small sites.

Stuff like that... and I know there are a ton of people out there who might not feel as though they have enough equipment and/or the knowledge necessary to undertake something like this. So I'd just like to see what people would recommend, what's possible, and simply what information everyone might have to provide the Anandtech community that has a growing interest in networking and Windows networks... what you can, and cannot do. What works best...

Thanks to anyone who takes the time to reply..

 

[Scarpozzi]

I'm kind of confused of the question here. If you setup a domain that doesn't have much to do with the internet. It just allows you to administer the computers. I would stick with the workgroup setup and probably keep everything like it is unless you decide to switch to a domain if you install Exchange server. Also, since this sounds like a home network, I would advise that you keep your ISP's DNS server entered in manually anyhow. Most of the time your gateway will be set as your DNS and then you will simply use your Gateway's DNS address...this can cause slower speed when trying to contact your DNS server (mainly if your computer running ICS is in sleep mode, running slow, etc). If you can move away from ICS, I would definitely recommend it. It may be working, but it may prove to leave your network open to hack-attacks since it doesn't really prove to be an effective firewall. If you don't have ZoneAlarm or a similar program running, I'd get one. You may already have been attacked and not known it...especially if you're on broadband. (do some virus scans) Good luck with everything...

 

[Conundrum]

Part of the domain suggestion was in setting up Active Directory with IIS running and setting up accounts with groups to make it easy to admin anyone that I want to give access to FTP services.

There are a lot of other ideas I was thinking about possibly doing. Primarily they would be more in the realm of activities that could help me in the future to better understand the ins and outs of certain processes. I've never made an answer file for unattended installations or tried to set a script up to run hot fixes during installation from a folder on the server. Simply setting up a domain... testing out primary and secondary servers. Trying an active directory integrated zone.. finding out the differences and just plain playing around with the configuration and becoming more familiar with it in use. Instead of just reading about all of these things and then doing a brain dump on them once I pass the certifications, etc...

It would help a lot I think, when it comes to actually applying all of the concepts you've come to learn. Reading about them and actually getting used to common problems associated with installing/configuring would be very beneficial. Help to prepare you for potential questions you could run across in a job interview. Etc..... or just help you with questions that you might run into for some certification exam.

 

[Woodchuck2000]

I would sincerely recommend setting up a domain to play with if you have the spare hardware floating around. I'm studying for an MCSE, and having 3 computers running win2k (1 server, 2 workstation) is invaluable for trying out concepts.

If you have any specific questions, dont hesitate to ask

 

[lorlabnew]

I had setup about 6+ machines in the past for similar reason; to learn MS networking when studying for NT4 exams. My home based small domain was based on NT 4.0 Server (which I still like a lot), and everything worked fine that way, incl. Exchange 5.5 running locally.

When I decided to do the same with Win2K, it turned out to be a bit more complicated; in order to get "real world" experience, it would definitely be good to have 2nd level domain registered and ready to use with DNS stuff and such. I didn't experiment more with Win2k for this reason... also, I didn't feel like buying Win2k server with licences just for practice purpose (since I didn't really like to use copy from work); also how my cable ISP would handle this was a bit questionable...

 

[dbx]

If you want people to access your ftp or IIS from outside of your LAN (ie the internet) you will have to ditch ICS and use NAT. And be sure to patch your IIS server asap.

 

[Conundrum]

Thanks for the feedback people. I'm going to be setting up a local domain today. I've got 8 computers ranging from a Pentium 100 with 32 megs of RAM up my server that's a Gateway 6400 server. The 6400 server I bought a second PIII-933 for finally when I found a great deal on it. I might possibly search for another 9.1 gig U160 HD to make the server Raid-0. I imagine the performance will be greatly improved if I find a great deal on one.

Wish me luck.. I'm giving everyone a thumbs up for the learning curve. Time to see if all my "paper certifications" can actually benefit me in the practical application of what I was tested for and should know.

 

[Conundrum]

<< If you want people to access your ftp or IIS from outside of your LAN (ie the internet) you will have to ditch ICS and use NAT. And be sure to patch your IIS server asap. >>



Question though... in ditching ICS and using NAT.

Keep in mind I have a dynamically assigned IP. That's kind of a problem if you want to get the IP from my ISP and lease out IPs to my internal LAN from my experience. Is there a way around that???