Michael J. Dargan

Dr. Barbara Safford

Library Automation and Networks

10 July 2003

Device Demonstration:  Networking at the Waterloo Public Library

 

Tour

Day Two

Day Three

Cost Estimate

Resources

 

July 10, 2003

Waterloo Public Library  Network Orientation Tour

Schedule:

1                    Meet in Information Area and prepare for tour 1:30-2:45

2                    Tour Operational Network

3                    Tour Demonstration Network

4                    Enter library-science domain

5                    Map drive to file server software

6                    Connect to network printer

7                    Install Public Browser locally

8                    Connect to server installation of Public Browser

9                    Edit pwb.ini 

10                Create multiple pwb.ini files and multiple browsers

11                Install and configure Fortres

12                Install and configure DeepFreeze

13                Create new user

14                Create group

15                Reset password

16                Create new share

17                View proxy logs

18                Run log analyzer

19                Find TCP/IP IP address, gateway, DNS, WINS

20                See if another network device is active with ping and trace route

21                Configure wireless AP for WEP and MAC filter

22                Create and share printer

23                Install network Card

24                Create and demonstrate user profiles

 

Tour:

 

Two Networks:  Operational and Demonstration

 

Operational Network

 

Information Area

 

The WPL public Internet area uses two Pharos products to manage use: 

Signup provides self-service reservations and time management for patrons wishing to use the Internet stations. Library card barcode number is ID and password is first three characters of last name.  This information is extracted once a week from UNISTAR, imported into an Excel spreadsheet for formatting, then loaded into the SQL2000 database of the Signup V2 program.  This could be done via a Patron API for about $13,500.  Patrons may use an open PC or make a reservation and be queued if all stations are full.  Patrons are limited to 5 sessions for a total of 1 hour each day.

UNIPrint provides self-service printing and cost-recovery.  Patrons send a print job, are prompted for a username and password to control their job.  When they wish to recover their work, they proceed to the Print-Release station where they select their job, insert their money, and release the document from the queue to the JetDirect equipped HP5M LaserJet printer.  Each of these products is controlled by the patron_server, a Windows NT4 Server housed in the server room.

Ethernet service in the Info Area is provided by Cat 5 cabling from 10/100 autosensing hubs and switched hubs.  The hubs are cascaded from a switched hub in the basement server room.  That switch connects to a Cisco 2500 router which gets and analog signal from an Osicom CSU/DSU.  The CSU/DSU then connects to an ICN provided demarc.  The Internet connection to the WPL is then complete.  The Information Area also provides 4 public access PCs equipped with Microsoft Office 2000 Pro.  These machines print to the same printer as do the UNIprint machines, but do not yet have access to the print cost recovery system.

Access to the Innovative Interfaces Incorporated library management system is provided by WebOPAC, Telnet, and via Millennium applications.  The WebOPACs are Windows 9x machines running Public Browser 2.4 over Microsoft Internet Explorer 6.1 and secured with a combination of BIOS controls, Fortres, and Deepfreeze.  The computer connects to via a SILO managed ICN T1 Internet connection to the WPL UNISTAR scope. 

 

Youth Department

 

The WPL Youth Department has 7 public access computers and 4 staff machines.  The primary public uses are Internet access and games.  Staff members use their machines for access to the WebOPAC as well as for UNISTAR access.  They print to a JetDirect equipped HP5M LaserJet which acts as a backup printer for the public Internet area.  In the very near future, the 4 iMacs will be replaced by 4 Bill and Melinda Gates Foundation PCs.  These machines will provide educational games for the Youth Department and office application support to the public access word processors in the Information Area.  They also have a Dell notebook PC with a wireless Internet (not ethernet) access.  This computer is used to support the summer Rollicking Rides and Reads bookmobile program.

 

Circulation Department

 

The Circulation Department includes a 3M3610 Self-Check machine.  This device allows patrons to complete checkout transactions without help.  About 35 percent of the WPL circulation transactions go through the self-check.  The conventional circulation stations use PCs equipped with barcode readers which allows the Millennium Circulation software application to manage circulation transactions on UNISTAR.

 

Technical Services

 

The Technical Services Department is where library resources enter and leave the library’s holdings.  The cataloging and acquisitions are managed by staff members who use the Internet to connect to OCLC (for MARC records) and to UNISTAR for updating the catalog.

 

Server Room

 

The server room contains, from left to right, the NT 4 Server which runs the Pharos system, two Linux machines for training and secure file transfer, the firewall, DMZ and WAN hubs, the RAID equipped NT 4 Server PDC, an Axis Storepoint CD-ROM server, a 24 port switch, an NT 4 Server BDC with TBU and an Apache caching proxy server.  The outbound traffic on for this device can be seen within the firewall from http://207.28.235.252/Report.html.  This report is generated from the server access logs by Analog 2.32.  On the floor are several APC UPSs. 

 

Webserver

 

On the third floor is the Windows 2000 Server equipped with an IIS5 webserver.  This machine provides hosting for the WPL, the City of Waterloo, the Young Arena, the Friends of the Cedar Falls Public Library and the Ruth Suckow Memorial Society.  Traffic reports for these devices are compiled weekly and are published on the Internet.

 

Demonstration Network

 

The areas covered thus far are on the operational network.  Down the hall and past NEILSA is the room which houses the demonstration servers which will be used for the class activities.  The products that we’ll use include a Windows 98 workstation, a Windows NT 4 Server BDC, a Windows NT 4 Server PDC, a Linksys 54G Wireless AP, an Avertec notebook PC with a Linksys wireless PC card.  The BDC has an Apache caching proxy server equipped with Analog.  The PDC is ready to accept new users who need file and application services.  It also contains most, if not all of the software that we will be installing in the Learning Center.

 

Questions? 

 

Break

 

                        Reconvene in Learning Center for Part II of Day One

 

Work in either pairs or groups of three.

 

Enter library-science domain

Perform exercise with your partner.  Ask Amy or Mike for help.  If you finish early, help others.

A:  Right click network neighborhood

B:  Left click “properties”

C:  Left click “identification”

D:  Change “workgroup” to library-science

E:  Left click “configuration”

F:  Left click “Client for Microsoft Networks”

G:  Left click “properties”

H:  Select “Log on to Windows NT Domain”

I:  Edit Windows NT Domain to read:  library-science

J:  Click “ok” twice, allow files to install

K:  Select Restart

L:  Login as public/info

Map drive to file server

Perform exercise with your partner.  Ask Amy or Mike for help.  If you finish early, help others.

A:  Open network neighborhood

B:  Open safford (if safford is not visible, go to start|find|computer and search for safford

C:  Right click “software”

D:  Left click “map network drive”

E:  Map S:

Install Public Browser

Perform exercise with your partner.  Ask Amy or Mike for help.  If you finish early, help others.

A:  Open S: drive

B:  Open Public Browser folder

C:  Double click setup.exe

D:  Complete installation using defaults

UNC Connection to pwb.exe

Perform exercise with your partner.  Ask Amy or Mike for help.  If you finish early, help others.

A:  Open Network Neighborhood

B:  Open safford

C:  Open pwb folder

D:  Right click pwb.exe

E:  Left click “Create Shortcut”

F:  If prompted to “Create Shortcut on Desktop” do so; if not, right click, drag to desktop, and copy.

 

Day Two:

 

July 15.

 

Questions?  Show and Tell?

 

The computers should all have the following environment:

 

Domain = library-science

Workgroup = library-science

Drive S:  is mapped to \\safford\software

Public Web Browser 2.4 is installed locally

A “Shortcut to Public Web Browser” is on each desktop and is UNC mapped to \\safford\pwb\pwb.exe

 

Today we are going to do some activities in the lab as well as on the server.  Due to the fact that we have limited access to the server, some partners will go to the server room and do their tasks while others remain in the lab to do their tasks.  We hope to have Amy in the server room.  However, I’ve arranged remote access to the servers from the Learning Center.  This access will do in a pinch, but we prefer to be at the “console.”

 

I propose that we talk our way through the printer, trouble shooting, PWB, and server administration sections.  Then, 1/3 of us goes to server room with Amy to cover the server administration stuff.  The other 2/3s stay in learning center working on troubleshooting and pwb installation.  As pairs complete their tasks we can then rotate.

 

Non-Server tasks

May be performed in Learning Center.

Attach to printer print server for LC
  1. Login to LC (Learning Center) PC as public:info
  2. Doubleclick Network Neighborhood
  3. Browse (if necessary, click library-science, then safford) until the printer “learning-center” appears
  4. Doubleclick the learning-center printer and allow to install
  5. Print test page when prompted.
  6. If printer does not respond, troubleshoot
  7. If printer works, congrats, close printer window

Find local IP address and TCP/IP settings
  1. Click start | run
  2. In the “run” box, type winipcfg<enter>
  3. If “PPP adapter” appears, click the drop down window and choose the adapter with “ethernet” in the title
  4. Click “more info”
  5. Note the following items:

·        Hostname:

·        DNS servers:

·        Adapter address: MAC

·        IP address:

·        Subnet mask:

·        Default gateway:

·        DHCP server:

·        Primary WINS:

·        Secondary WINS:

Use ping to see if another network device is accessible
  1. Click start | run
  2. In the “run” line type command<enter>
  3. Hold down the <alt> key and then strike <enter>
  4. The prompt should be c:\windows\desktop, if not, type cd c:\windows\desktop<enter>
  5. Type ping unistar.uni.edu<enter>
  6. Ping the following addresses:
    • mingo.info-science.uiowa.edu
    • www.uiowa.edu
    • 207.28.235.253
    • fat.fingers.org
    • www.yahoo.com
    • 207.28.235.129
  1. Note your reactions.
  2. Now, try the same sites, but append >[different-filename.txt] to the command
  3. Example:  ping unistar.uni.edu>unistar.txt
  4. After you’ve done several (you won’t see much), type exit<enter> to leave the dark place.
  5. You should see your *.txt files on the desktop.  Doubleclick them and see what’s inside

Finding a failure point with tracert

1.      Click start | run

2.      In the “run” line type command<enter>

3.      Hold down the <alt> key and then strike <enter>

4.      The prompt should be c:\windows\desktop, if not, type cd c:\windows\desktop<enter>

5.      Type tracert unistar.uni.edu<enter>

7.      Run tracert on the following addresses:

·        mingo.info-science.uiowa.edu

·        www.uiowa.edu

·        207.28.235.253

·        mike.likes.doughnuts.com

·        www.yahoo.com

·        207.28.235.129

8.      Now, try the same sites, but append >[different-filename.txt] to the command

9.      Example:  tracert unistar.uni.edu>unistar.txt

10.  After you’ve done several (you won’t see much), type exit<enter> to leave the dark place.

11.  You should see your *.txt files on the desktop.  Doubleclick them and see what’s inside

12.              Why would you care about saving these files?

 

Server based PWB

1.      Install locally so that *.dlls are in place

2.      Run from server to centralize configuration and maintenance

3.      Don’t worry about security as we build it

4.      Lock it down later

Learn about Public Browser:  What features would we want to customize?  Why?
  1. Open network neighborhood and browse safford\pwb for PWBv2.rtf
  2. Open  PWBv2.rtf and spend 10-20 minutes reading and discussing (I’ll print a few)

 

Pay particular attention to the: Running PWB from a server: section and the 

\\Server\Share\Folder\PWB /INI=\\Server\Share\Folder\Other.INI line. 

 

Create a custom browser by editing an *.ini file and pointing your shortcut at it.
  1. Note position of your LC computer.  The one closest to the door is 1, then 2, 3, 4, 5, and 6 ending by the ADA machine
  2. Open network neighborhood and browse safford to \pwb\ini-files
  3. Note that there are files pwb#.ini (pwb1.ini, pwb2.ini, etc.)
  4. Open the ini file that corresponds to your station by doubleclicking it.  (If asked to “choose application,” scroll down to “notepad.exe” and choose it.)
  5. Edit the First things to change in the INI file: first.  Try hard to come up with an odd homepage
  6. Enable the license by finding the RegistrationNumber=  and changing it to RegistrationNumber=[ask mike]

Make a copy of the shortcut.
  1. There should be a “shortcut to Public Browser” on your desktop.  Right click, choose, copy, then paste to desktop
  2. Change name to PublicBrowser# with the # being the number of your station.  Example:  Station 3 would have a shortcut named PublicBrowser3 on the desktop.

Test your custom ini file by pointing at it.
  1. Right click the new shortcut and left click properties
  2. The shortcut path should be similar to:  \\safford\pwb\pwb.exe
  3. Change it to \\safford\pwb\pwb.exe /INI=\\safford\pwb\ini-files\pwb#.ini with the # being the number of your workstation.  For example, Station 3 would have the shortcut properties \\safford\pwb\pwb.exe /INI=\\safford\pwb\ini-files\pwb3.ini
  4. Test your customized ini file by double clicking it; you should see the homepage entered two steps back. 
  5. If you were successful, boast loudly and help your less skillful colleagues to reach their custom ini file.
  6. If you were not successful, use your troubleshooting skills to lay blame.
  7. Change other settings and see how the browser behavior changes.
  8. See if you can point your custom browser at the caching proxy on \\herb

Server Administration Tasks
  1. Add user with rights to own folder on server
  2. Reset user password
  3. Create share
  4. Limit access to share
  5. Backup server

Add user
  1. Proceed with Amy to third floor workroom
  2. Choose the PDC (the big one on the floor)
  3. Log in as administrator:info
  4. Click start | run | administrator tools | user manager for domains
  5. Click user | new user
  6. Username = [your first name]-[first initial of last name]  For example, Mike Dargan would be mike-d.  If Michael Joseph Dawson needed a username it would be mike-jd
  7. Password = info
  8. User profile path = \\safford\profiles\%username%
  9. Leave logon script blank
  10. Home directory:  connect z: to \\safford\users\%username%
  11. Click add | close

Test new user
  1. Go to workstation on desk
  2. Long to library-science domain using your new username and password
  3. Browse the z: drive (My Computer | Z: | users
  4. Try to open the folder with your username; what happens?
  5. Try to open the folder with someone else’s username; what happens?
  6. If you can’t log on, or don’t have access, try to troubleshoot with Amy or me

Create share
  1. Go to the PDC (AKA safford)
  2. Logon as administrator
  3. Browse to d: (My computer | d:) and open it
  4. Right click in white space, left click new | folder
  5. Name it with your last name
  6. Right click your folder
  7. left click sharing and click the “share” radio button
  8. Give it a share name (why not leave it as default?  E.g., mike-d?)

Set permissions
  1. Right click your shared folder
  2. Left click properties
  3. Left click security | permissions
  4. Give the group “everyone” “read” only rights
  5. Add yourself and administrator with “full control”

Test your work

I.  Log on to library-science from workstation using public:info

  1. Browse network to your share:
  2. Network Neighborhood | safford | [your share]
  3. Try to open it.   If it does not open, good work; if it does, troubleshoot your share settings

II.  Log on to library-science using your own username

  1. Browse network to your share
  2. Try to open it.  If it does open for you, and not public, good work; if it does, try to troubleshoot your share settings.

Backup/Restore beginnings
  1. Proceed to the upstairs workroom and sit at the PDC (the one with the box of tapes on top)
  2. Note the card that says tape #7 is the most recent backup
  3. Press button on front of tape drive and let tape eject.  Lights will flash for as long as two minutes before ejection
  4. Insert tape #8 being careful to have the label facing out and right side up
  5. Pretend that you would write tape #8 and the date on the card.

Run Backup
  1. Start | run | programs | administrative tools | backupSelect C: and D: but not the network drives (too big and slow!)
  2. Select “backup local registry”
  3. Add a description (e.g., library-science pdc and local registry)
  4. Click “ok”
  5. When prompted to overwrite click contents “ok”
  6. After watching the files backup for a few minutes abort the backup
  7. Exit backup

Practice Restore:  Delete something
  1. Browse to C:\ of backup server (PDC or safford—take your pick)
  2. Delete c:\english  (right click, left click delete)

Put correct tape in
  1. Press button on tape drive and allow tape #8 to eject (may take several minutes)
  2. Remove tape #8
  3. Insert tape #7

Run backup to restore (counter-intuitive, but yes)
  1. Start | run | programs | administrative tools | backup
  2. Maximize the “tape” window
  3. Doubleclick the wplwloo or c: drive
  4. Wait several minutes for the tape catalog to be read (note message on screen)
  5. When file tree appears, select the English folder in the right pane
  6. Click “restore” and “replace file permissions” (not restore local registry) click “ok”
  7. Allow restore process to proceed.  When you see “The operation was successfully completed” click “ok.”
  8. Click “operations” and “exit” to exit.

Check your work
  1. Double click “shortcut to backup.log” (on desktop)
  2. Use the search feature to search for “restore”
  3. Scroll down and examine messages

Purge backup log
  1. While viewing backup.log, click edit | select all | delete
  2. Once text is cleared, click file | exit and yes.
  3. When advised that empty file cannot be saved, click “ok.”
  4. Leave #7 in drive and proceed to your next task.

Wireless AP

The Linksys documentation for this is excellent and we’ve printed a couple of copies.  Amy will shepherd you through the process

Install Wireless AP

Configure WEP (Wired Equivalent Privacy)

Configure MAC (Media Access Control) Filtering

Next session:

Desktop and system security

Locking down network shares

Pointing at the proxy

Analyzing proxy logs for traffic

??

 

Day Three

 

July 17, 2003

 

Today we will try to complete the July 15 tasks and then those that follow.  If it appears that you will not have time to complete everything, pick those tasks which most interest you.

 

At 3:15 let’s stop wherever we happen to be and return to the Learning Center.  I propose that each pair give their reactions to this unit.  What did you like?  What did you dislike?  What do you wish you could have done?  Is any of this at all useful?

 

Use Proxy to track Internet use
  1. Edit your ini file to point at the Apache proxy running on //herb
  2. Do some surfing
  3. Identify your machine’s IP address
  4. Go upstairs to server room
  5. Run Analog & view Report.html
  6. Inspect Apache logs

Edit ini file
  1. Browse to your station’s ini file:  network neighborhood | safford | pwb | ini-files | pwb#.ini (# = your station number)
  2. Open pwb#.ini and go to the [proxy] are and make the following changes:
  3. [Proxy]
  4. UseCustom=True
  5. ProxyEnable=True
  6. ProxyServer=207.28.235.196:80

Surf

Hit about a dozen different sites

Identify your machine’s IP

Start | run | winipcfg<enter>

Server Room

Go upstairs and down the hall

Run Analog
  1. On the BDC (herb) doubleclick analog shortcut and wait for dark place to go away.
  2. View report and see analysis of the total volume of traffic as well as incidence.

Examine logs
  1. At \\herb, open Apache logs.  Start | Program Files | Apache HTTPD server | review server log files | review access log
  2. The log may take a few moments to open.  When it does search for your machine’s IP address.
  3. If you seriously wanted to track someone’s surfing, you could import the log into an Excel spreadsheet and sort by machine and either time or site.

Install Spybot S&D

 
  1. Browse to \\safford\software\spybot
  2. Doubleclick the spybotsd12.exe file and install.
  3. Agree to the license and accept all defaults
  4. Restart if required

Use Spybot S&D
  1. Doubleclick the Spybot Search and Destroy icon on desktop
  2. Choose “English”
  3. Select “update”
  4. Select “search for updates”
  5. Select “download updates” and wait for download to complete
  6. Select “check for problems” and wait (maybe 10 minutes)
  7. Select “fix problems”
  8. Select “immunize”

For fun, examine the “excludes” file to see what you’re stopping!

Popup Killer

 
  1. Browse to \\safford\software\popup_killer
  2. Doubleclick powi.exe
  3. Agree to license and accept all defaults but don’t register
  4. Start | Programs | Analog | Pow

Run Popup Killer
  1. If Pow is running, icon will be on taskbar
  2. Browse till you hit a popup add
  3. See if you can use popup to add it to the kill list
  4. Try to remove a url from the kill list

Fortres

Fortres Controls access to the operating system, programs not on the desktop, and to settings.  Currently, Fortres is installed on all lab machines but is disabled.  Enable it, try to change the settings (e.g., printer, background, screensaver, etc.) and see what happens. 

Enable Fortres
  1. Hold down the <ctrl><shift> and strike <esc>
  2. Password is cindy99
  3. File | Windows disable “window”
  4. Uncheck “disable windows security”
  5. Test your work:  try to run solitaire and change settings.

Disable Fortres
  1. Hold down the <ctrl><shift> and strike <esc>
  2. Password is cindy99
  3. File | Windows disable “window”
  4. Check the “disable windows security”
  5. Test your work:  Try to run solitaire and change settings

DeepFreeze

DeepFreeze allows access to the entire computer, but prevents permanent change.  It is already installed, but disabled (note the blinking ice cube in the lower right hand corner of the screen).  For this activity, enable security, restart, delete something, change the desktop background, and see if your changes remain.

DeepFreeze enable
  1. Hold down <ctrl><shift><alt> and strike F6. 
  2. The password is info
  3. Change boot state to “frozen”
  4. Close DeepFreeze
  5. Restart

Test your work
  1. Note that the red X is no longer blinking over the ice cube in the lower right hand corner of the screen.
  2. If the X is blinking, STOP!  Contact Mike or Amy for help.  Ask why your PC isn’t frozen.
  3. If the X is not blinking, change the background, delete some icons, add other icons.
  4. Restart
  5. Note your reactions.

 

Meet in Learning Center at 3:15 to debrief.

 

Client/Server Classroom Estimate 

 

Hardware and Software for 24 station Classroom

Component

Vendor

Cost

Quantity

Total

Comment

Cat 5 awg

Belkin

 $     94.68

1

 $        94.68

1000'

Crimper

Belkin

 $     32.48

1

 $        32.48

Multi-tool

RJ45 plugs

Belkin

 $     26.03

1

 $        26.03

100 Pack

Switch

Linksys

 $   192.95

2

 $      385.90

16 port

Firewall

Sonicwall

 $   677.17

1

 $      677.17

50 client/VPN

Router

Cisco

 $   886.94

1

 $      886.94

1720 csu/dsu

Server

Dell

 $1,928.00

1

 $   1,928.00

PE400SC, UPS, TBU

W2Kserver

www.needsoftware.com

 $1,957.21

1

 $   1,957.21

Includes 25 CALs

Workstations

Dell

 $   930.00

25

 $ 23,250.00

GX60 with 15" FPD

Surge Protectors

Belkin

 $     10.64

25

 $      266.00

Surgemaster 6

AV

Norton

 $   869.00

1

 $      869.00

25 pack

DeepFreeze

Faronics

 $     25.00

16.6

 $      415.00

licenses

DeepFreeze

Faronics

 $     24.95

1

 $        24.95

media

Fortres 101

Fortres Grand

 $   525.00

1

 $      525.00

100 pack

Central Control

Fortres Grand

 $   400.00

1

 $      400.00

Building license

Color Printer

HP

 $1,762.68

1

 $   1,762.68

2500n

 

 

 

 

 $ 33,501.04

 

 

Networking Resources

 

Analog

AnalogX

Apache

DeepFreeze

Fortres Grande Corporation

Freshmeat

Implementation and administration of Windows NT in libraries

K-12 Linux

LTSP for Libraries:  HOWTO

OpenOffice

Public Library Software and Computers: Linux

Slashdot

Spybot Search and Destroy\

Tucows

Web4Lib Electronic Discussion

Home

17 July 2003