Step 1. Designing a Secure Network and Active Directory Infrastructure While designing the infrastructure, follow the guidelines outlined below: Assume the college Head Office as well as the three campuses are all connected via high speed links and can be treated as being part of one local area network. Use TCP/IP for your network protocol and assume the network is protected from The Internet by a firewall with network address translation so that you can use network addresses from any of the private IP address ranges. Your network will only require a single network segment at this time, but choose a private address that will allow for future expansion of the LAN that might include multiple network segments. The network should be managed centrally as a whole to ensure certain general security requirements are met. These requirements include the mandatory use of user passwords for all user accounts in the college. At Head Office, these passwords must be a minimum of 10 characters in length, they must meet complexity requirements, be stored using reversible encryption, and must be changed at least every 30 days to unique new passwords that different than the previous 12 passwords for every user. For users at the three campuses, passwords must be a minimum of 8 characters in length, they dont need to meet complexity requirements, but they must be changed at least every 60 days to unique passwords that are different from the previous 6 passwords for every user. A user account anywhere in the college (at Head Office or at one of the campuses) must be locked out for 2 hours if an invalid password is used 3 times within 30 minutes in an attempt to logon to that account. For additional security, all user account management such as successful or failed account creation, modification or deletion, as well as any failed logon attempts should be detected and recorded. All the above requirements should be implemented networkwide and must always take precedence in case there is any conflicting configuration performed. Create the appropriate policies in order to accomplish the above mentioned task Head Office, as well as each of the college campuses should have its own network administrators with full control over their portions of the network with the exception of the mandatory requirements administered centrally as outlined above. To minimize the workload of the college campus network administrators, there should also be additional network administrators for each faculty in each college, but those administrators should only be capable of creating, deleting and managing user accounts as well as resetting user passwords in their respective areas. Design a DNS and Active Directory structure for the network in the most efficient way, limiting the Active Directory to the simplest structure that will meet the requirements outlined above. Draw your design in the space provided below and have it approved by your instructor before proceeding.

You are not limited to the following space provided. It is encouraged to represent a detailed and very informative Active Directory design structure. Ask your instructor for specifics and any other detail that will help make your design complete

Step 2. Implementing the Network and Active Directory Infrastructure Once the design is approved by your instructor, obtain the necessary hardware and software, and implement the Active Directory infrastructure, including the creation of all of the OUs that are required to meet the design. Every Windows Server 2003 you install must be updated with the latest service pack. Name of domain controller: Dom1 IPv4 Address: 10.0.0.10 SN Mask 255.255.255.0 Create appropriate users and groups for the Secure Network College organization and make sure the objects exist below the appropriate OUs. They should include a president, vicepresidents, marketing, accounting, human resources, curriculum development and network administrators at Head Office and at the college campus level there should be campus directors, admission reps, instructors, financial administrators, employment specialists, network administrators and office administrators. Additionally, create separate groups for instructors in each faculty (Business, IT, Skilled Trades and Health Care) as well as separate groups for Programming and Networking instructors within the IT faculty. Create at least two users for each group you create and give them appropriate user names, e.g. there can be a project manager and a developer in curriculum development. Complete all of the steps to provide local administrative management permissions to the administrative users for each faculty. When assigning administrative privileges, keep in mind that the particular users who are given the role of administering a portion of the network may change over time and therefore provide for a simple way of switching administrators who will be in charge of a particular college faculty. (Hint: grant permission to groups rather than users) Please note that you only need to populate one firstlevel organisational unit and its subsequent child containers. You do not need to create objects for other containers. The creation of the complete OU structure is sufficient. Fill in the table below with the groups you created and their members:

Groups	Members

Step 3 : Install and Configure the SharePoint Server deployment It is critical that the following two steps be completed before continuing any further in the deployment and configuration: 1. On the domain controller install SQL server (versions 2005 or 2008 use the same installation sources as you did in the SharePoint project previously completed) 2. Join a member server to your domain and launch the installation of SharePoint 2007 SP3 Install and configure SharePoint 2007 on the member server Name of member server : SHP1 Adresse IP : 10.0.0.15 Mask : 255.255.255.0 Proceed to the installation of a complete version of SharePoint 2007 Name of SQL server : Dom1 Database : as per default Service account : SHP_ADMIN_SVC Follow up with the complete installation of all related services on the SHP1 server. Refer to the SharePoint project previously completed for the Shared services center The following step requires the implementation of a server farm. The web application which will store / host the site must have its own unique service account. The site in question must contain (other than what is provided by default) the following elements on the welcome page: A documents library for the students A documents library for the instructors The libraries in question must be present in the form of WebPart and located on the welcome page. As this page is accessed the students should not be able to view the instructors document library (WebPart) and conversely, when the instructors access the welcome page they should not be able to view the student`s document library (WebPart). HINT: Use the audience targeting in the shared services center. Consider the import of user profiles and properties. A publication site available to all students and employees must be created and deployed. This is a site that will be tasked / required to publish public information, it will have an anonymous access. Since it is publically available and accessed by many it must be loadbalanced to help improve access time and response. To help in this regard a second SharePoint server must be installed. o Member server name: SHP2 o Adresse IPv4 : 10.0.0.20 o Subnet mask : 255.255.255.0 In a new web application, create a publication portal which will respond to the following o Site name : Extranet o Access : Anonymous o DNS (round robin)