e6341d99ec03e2dc36018c1a205a1830.ppt
- Количество слайдов: 104
Arifjan IMO Basic Technical Training An Introduction to Basic Computer Concepts and IMO Trouble Ticket Procedures
228 th Signal Company Helpdesk Instructors SGT Nichole Brown (Bldg# 209 Help Desk) n Mike Davis (Bldg# 506 Help Desk)
228 th Signal Company Helpdesk n n NCOIC Bldg# 209/506 SSG Hill, Antwaun A DSN: 430 -2090 antwaun. hill@arifjan. arcent. army. mil Bldg# 506 ITT Lead Claude Mc. Kenzie DSN: 430 -6007 mckenziec@arifjan. arcent. army. mil
IMO Information n n IMO Duties and Responsibilities Necessary Documentation IMO-System Administrator Accounts IMO Assistance
IMO Duties and Responsibilities n n Users must adhere to all Army Regulations Per (AR 25 -2) Inform Help Desk of issues Attend all IMO meetings Maintain primary responsibility for IAVA compliance of all machines Failure to maintain IAVA compliance may result in the removal of the machines.
Necessary Documentation n Valid IMO Appointment Orders K: DOIM_IMOsFormsIMO Appointment OrdersIMO ORDERS-Blank. doc n Computer User Security Training (IA Awareness Training) HTTPS: //ia. gordon. army. mil NIPR User Agreement K: DOIM_IMOsFormsNIPR User Agreement. doc n
System Administrator Accounts n Per AR 25 -2 and DOD 850. 1: Every IMO will have two separate accounts n n SA (system administrator) account Unprivileged user account NOTE: You must have a complete IMO packet & go to the Help Desk to obtain your SA account following training
SHIFT + RIGHT CLICK
Login with SA account to conduct administrative work
Maintenance OU/Trial Script n n n Limited to CAC Logon issues This is ONLY a temporary move limited to 7 days. A utility is in the testing phase which will replace the Maintenance OU
IMO Assistance n IMO Tools Website n Imotools. arifjan. arcent. army. mil n n BOOKMARK THIS SITE!!! Bldg# 506 Helpdesk (SIPR/NIPR) n 430 -6007 n 24 hrs 7 days a week Bldg# 209 Helpdesk (NIPR only) n 430 -2090 Mon – Sat 0700 -1900 (closed Thursday mornings for SGT’s Time Training)
Course Overview n Basic Computer Terms n First Time Logon Procedures n n Group Logons Foreign National Accounts CAC/PKI Email accounts n n n Limitation Policies User Exchange Account Group Mailbox or 2 nd mailbox Personal Folders Group Mailbox/Distro Lists Forwarding
Course Overview n n n Password reset procedures K: Drive & Local Admin permissions Baseline Requirements VMPS Adding Machines & Printers to the domain
Course Overview Basic Network Troubleshooting n n n n n Obtaining a MAC Address Ping Test User Login Issues Tips Switches (Bldg 505/506) Phone Lines How to input Remedy Tickets PROPERLY Spillage procedures Questions
Basic Computer Terms n n n IMO – Information Management Officer NIPRnet/SIPRnet – (Non-Secure Internet Protocol Routed Network/Secure Internet Protocol Routed Network) TCP/IP – (Transmission Control Protocol/Internet Protocol ) The basic protocol of the Internet
Basic Computer Terms (cont) n n n Network – 2 or more computers linked together to share information Domain - A group of computers and devices on a network that are administered as a unit with common rules and procedures MAC Address – Media Access Control. Also known as the physical address. Example: 00 -11 AB-0 F-2 B-F 3
First Time Logon Procedures q q q After initial login, every user will be required to change their password. Passwords must be at least 12 characters, must contain two capital letter, two number, and two special character. They must not be related to the username. Suggestion: Windows now supports spaces in addition to characters. Write a sentence “I once had 3 puppies”
Group Logons n NOT ALLOWED NO EXCEPTIONS § No tracking capabilities n Security Violation n No accountability n AR 25 -2 Violation n CENTCOM Violation n DOD Violation
Foreign National Accounts n Foreign Nationals require additional training and testing to be issued a NIPR account n Must be accompanied by IMO/Supervisor to BLDG 209 Helpdesk n Documentation Needed: n n NIPR Account Request Form K: DOIM_IMOsFormsForeign National Request Form Review Test Slides & Take Test (with score of minimum 80%) n Initial and sign User Agreement Form
CAC Card Logon n Three Step Process n Submit Remedy Ticket n Submit Workbook to helpdesk n CAC Logon Registration
Submit Remedy n Submit a Remedy ticket to have an account created.
Submit Workbook Send completed workbook to Help Desk Mailbox (help desk arifjan) K: DOIM_IMOsUser_Object_Naming_and_PKI_Certificate _Data_Tracking_Workbook_v 1 -9
CAC Logon Registration n Upon account creation, IMO is notified with instructions on provisioning for Smart Card Logon (SCL) using their Common Access Card (CAC) They have 48 hours to comply 8 -24 hours after registering, the user’s card is ready for CAC logon
CAC Logon Registration Your users must follow these steps, in order, to complete the account provisioning so they can logon with their CAC: n n With CAC card in the smart card reader, click the link to access the Automated Name Provisioning Tool (ANPT) https: //dhuba 0 kwtn 004. kuwait. swa. ds. army. mil/ Prompt for your username/password n n USERNAME: kuwait{logon} (If you copy and paste this entry be sure to remove any leading or trailing spaces!) PASSWORD: {personal domain logon password}
Password procedures n OWA still requires a logon & password https: //webmail. kuwait. swa. army. mil
Changing Password n Passwords still need to be changed every 90 days User can change password via Webmail or on an exempt machine, so long as they know the original password n Password resets are to be done at the Help Desk n n n Passwords cannot be reset over the telephone! DO NOT GIVE OUT YOUR PASSWORD TO ANYONE FOR ANY REASON!!
Changing CAC Pin Number n n In order to change a CAC card pin number, the user must know the original pin Only 55 th PSB/1 Perscom Machines Bldg 505/506 can reset a pin
Computer Requirements for CAC Logon n n n Windows 2000 Professional SP 4 or Windows XP Professional SP 2 Computer in the exempt OU so user can login with new account Middleware installed: Litronic Net. Sign version 5. 5. 128 or greater OCSP client installed: Tumbleweed Desktop Validator 4. 9. 0. 101 A Smart Card reader must be installed Card. Guard should NOT be installed
Common CAC Login Issues n Unable to login User must know their pin n Check NUMS LOCK n Try to login on different computer n User must have registered their CAC Card n User must have the proper certificates n
CAC Certificates n n View the user’s CAC to ensure all required certificates are present and contain the correct data. 3 Certificates n n n Identification - your information for logon purposes E-Mail Encryption - makes emails available for only the parties specified E-Mail Digital Signing - notifies the receiver that the message is a true message from you
CAC Certificates Use Litronic Net. Sign to view user’s certificates
Email Limitations Policy n Reason: Limited resources on the exchange servers n General officers (O-7 or above) = unlimited storage n O-6 s/O-5 s in Command positions/Deputies Forward/Battle n This is not an automatic upgrade and must be requested by the IMO at the time the account is created Captain/GS-15 Civilian DOD employees and contractors Warning at 90 MB. No sending at 95 MB. Boxes completely closed at 100 MB.
Email Limitations Policy n n O-5 and GS-14 Warning at 40 MB No sending at 45 MB Mailbox closed at 50 MB All others Warning at 30 MB No Sending at 35 MB Mailbox closed at 40 MB n To re-open a mailbox that has reached its limits, delete the unneeded email or move the email into the user’s personal folders n It is highly recommended that all users use personal folders!!!
Establishing an Email Account
Establishing an Email Account
Establishing an Email Account
Establishing an Email Account
Establishing an Email Account Outlook
Establishing an Email Account
Establishing an Email Account Select Email Accounts
Adding a Group Mailbox or 2 nd Mailbox n With the email open, go to TOOLS -> Email Accounts
Adding a Group Mailbox or 2 nd Mailbox
Adding a Group Mailbox or 2 nd Mailbox ARFJB 1 KWTN 003
Adding a Group Mailbox or 2 nd Mailbox
Adding a Group Mailbox or 2 nd Mailbox n n n Click the add button In the following box, enter in the EXACT name of the mailbox you wish to add The mailbox will appear in your mail folders listing on the left hand side of your outlook
Adding a Group Mailbox or 2 nd Mailbox
Establishing an Email Account Select Email Accounts
Creating Personal Folders n. With the email open, go to TOOLS - > Email Accounts
Creating Personal Folders
Creating Personal Folders
Creating Personal Folders
Creating Personal Folders
Group Mailboxes/Distro Lists n n Group mailboxes multiple users can access, and all the email resides in a single location Distro lists collection of email addresses that all get the same copy of a single email
Forwarding Email n n n Email forwarding must be set up at the server level if email is to be forwarded while a user is not logged in Can only forward to. mil email addresses such as AKO email or email at another base No. com. net. org email accounts 2 types of forwarding n n Forwarding a copy; This causes a copy of the message to be kept in the users email box as well as a copy being sent to the forwarding recipient (Takes up space) Forwarding without a copy; All new messages are forwarded directly to the forwarding recipient and no copy is left behind
K: (shared drive) n n IMOs may request access to any folder on the K: Drive that is under their AO Full Control will not be given out to anyone on the SIPR side Always turn in the exact path when requesting permissions to a folder Always request the exact type of permissions such as Read, Write, and Modify n n n Read lets you only have the ability to read the contents of a folder Write allows you to write NEW files only Modify allows you to write data to existing files
Baseline Requirements n n Baselining - Reinstalling operating system, req. programs and security patches n Any machine that is coming from another network must be baselined before being placed on this network NO EXCEPTIONS Baseline Application Tool (. BAT) disk n (. BAT) disk or DISA Gold Disk is released usually once a month n Becomes a security concern if the. BAT and Gold disks are not run
Cisco’s VMPS n n n VMPS = Virtual Lan or VLAN Management Policy Server Uses MAC address filtering Separates the different zones for tracking and security, allows for better IP management
VMPS
Adding Machines to the Domain Info needed on remedy ticket n n MAC address also known as physical address or hardware address. (Network) Location Zone, Building, Bay, Tent, Pad for proper VLAN assignment. (Network) Computer name using the ARIFJAN naming convention. Ex: (ARFJWKNCFLCC 01) (Domain) Exact OU for placement in Active Directory (Domain) Example: CFLCC/C 4
Adding Machines to the Domain remedy ticket example n n n Please add the following NIPR computer to the Network & Domain: Name: ARFJWKNXXXX MAC: 00 -01 -B 0 -C 1 -12 Physical Location of the computer: Zone 2, Bldg 505, Bay 5, C 1 OU: CFLCCC 1 IMO: SFC Doe, John 430 -0000
Adding Machines to the Domain n Right Click on My Computer, Select Properties
Adding Machines to the Domain n Chose the Computer Name Tab, Select Network Identification
Adding Machines to the Domain Kuwait
Joining Machines to the Domain n Following the computer naming conventions… Change the Computer Name to N-XXXX-XXX (the N stands for NIPR). Also click into the Domain Radio button. Type in Kuwait. Enter in YOUR Arifjan userid. Your userid has IMO rights to join machines to the Domain. “Welcome to the Kuwait Domain” window will popup. Click Ok and allow the machine to reboot.
Setting up Printer IMOSubmit ticket to add MAC addresses and Valid Hostname into VMPS. Networks. Adds the MAC to VMPS. IMOEnsures printer is set to DHCP and that printer connected to the network. Print a configuration page and submit it to the Helpdesk. IP must start with 10. 234. 126. x or 10. 234. 127. x
Setting up Printer Networks. Configures the printer via the web browser Adds the printer to the Print Server Prints a test page to confirm with the IMO that the printer is working. Closes the ticket. **Printers must remain powered on until the ticket has been closed** NOTE: Printers do not get added to Active Directory, and therefore need not go to Systems or ADPE
Printer Troubleshooting n n Is it plugged in? Is the network cable plugged in? Unplug/replug. Power off the printer for at least 15 minutes. Submit a remedy ticket, print out a print configuration page and take it to the 228 th Helpdesk.
Basic Network Troubleshooting n n n Is it plugged in properly? (No joke) Is there a link light on the back of the computer? If you plug in the faulty computer to another network cable that is known to be working, does it still work?
Basic Network Troubleshooting n n n Have you Rebooted? 90% of all Windows problems can be fixed with a hard reboot. (Power off/Leave off for five minutes/Power back on) Even if your users say they have rebooted, make them reboot again anyway.
Basic Network Troubleshooting n n n Check VMPS from IMOtools (http: //imotools. arifjan. arcent. army. mil/) Is the machine active? Go to command prompt and conduct ping testing
Obtaining a MAC address n Start button -> Run -> CMD and click OK. This brings up a DOS window n IPCONFIG – A Windows system program that displays IP connection information n IPCONFIG /ALL displays all connection information for all Network Interface Cards attached to that computer n To obtain the MAC, type the above command then look for the Physical Address
Obtaining a MAC Address • Click on the Start Button • Click on the Run button • Type into the open line CMD and click OK
Obtaining a MAC Address
Obtaining a MAC Address
Obtaining a MAC Address
Ping Test Ping 10. 234. 59. 1 to test if your network card is functional
Useful Tips n n n Use a label maker and place serial number, computer name, and MAC address on monitor if your computers don’t move Create a smartbook of common problems you encounter…you will see them again Have a cheat sheet with the DNS appends, gateways, wins server, and DNS servers
Switches n n Only CISCO 2950 or 3550 switches are allowed on this network. All other switches/hubs/routers are not allowed. No exceptions! When do you need to buy a switch? n n When you have run out of available ports in the wall. 228 th Signal Company will not supply switches to units. They only do new installs.
Phones n New Request n n T-Drop number and the exact location of the phone. Adding new services n Through a Remedy Ticket. A Memorandum is required to get 99/312/314 access. Original must be dropped off at the 228 th Signal Company Helpdesk. n No more “Class A” lines. You must request the country you wish to have access too. n 228 th Signal Company does not supply telephone handsets/receivers.
Remedy Ticket Procedures n n Remedy Web interface can only be accessed through the IMO Tools website. Remedy can only be accessed here at Arifjan, not at other camps and/or bases. Click on the Remedy link and it should bring you to a login page. Please see Help Desk Personnel for the logon and password. Nothing goes in authentication. NOTE: If Remedy does not start correctly, or the login button is ‘grayed out’, install the Java Runtime Environment on the S: drive
REQUESTER INFORMATION
SHORT DESCRIPTION
Remedy Ticket Procedures n Priority Assignments n 012 (DEFAULT ASSIGNMENT) n 6 -12 days n 05 n 2 -4 days n 02 n 2 -24 hours Note: Exceptions must be submitted to Help Desk. Department TM is approving authority.
Remedy Ticket Procedures n Creating a NIPR Account requires a Remedy ticket & Workbook n Most of the required information needed for each new account request is contained in completed workbook n We still require the user’s OU, phone # and the DEROS date
Remedy Ticket Procedures n Submit workbook for attachment to Help Desk mailbox HELPDESKARIFJAN@ARIFJAN. ARCENT. ARMY. MIL n Title workbook with Remedy ticket number
Remedy Ticket Procedures n SIPR Accounts require the same information as a NIPR account, except that they also require a S-2 security clearance verification form n n Only authorized security managers can sign off on the S-2 form. Go to the Helpdesk in 506 for a list, or email us at helpdeskarifjan@arifjan. arcent. army. mil Help Desk personnel will input the Remedy ticket for you for SIPR requests NOTE: SIPR accounts do not currently require a workbook. However, more than 5 account requests require a ROBO form attachment found at K: DOIM_IMOsFormsROBO
Remedy Ticket Procedures n Deleting accounts. n n (If you supplied a DEROS date at initial creation, skip this procedure. ) Accounts are Disabled for 45 days/Deleted at 60 n n Exact name of person to delete (include rank and MI if common name) Forwarded email address until account is officially deleted ROBO spreadsheet with ONLY those users that had accounts Execute date not to exceed 15 days prior to execution
Remedy Ticket Procedures n Add Users to Distro lists n n n Specify NIPR or SIPR Exact Name of Distro list Exact Name of Users (Last name, First name) If the name is common, please specify additional identity information (IE, Rank, Unit, & MI) Add users to Group Mailboxes n n n Specify NIPR or SIPR Exact name of the mailbox Exact USER name of the users needing access
Remedy Ticket Procedures n Forwarding email to AKO (or other. mil address) Exact address to forward to n Tell us if you want email delivered to both addresses n End date, if applicable n
Remedy Ticket Procedures n Creating Organizational Units n n n Exact name of OU Specify NIPR or SIPR Usernames that need to be added Higher headquarters unit name Add users to OUs n n n Specify NIPR or SIPR Exact name of OU Exact usernames
Remedy Ticket Procedures n Creating a new folder on the K: Drive Exact name of the folder requested n Exact path where you would like the folder created n Owner n Usernames that need access n Folder Permissions (R/W/M) n Please use OU permissions wherever possible n
Remedy Ticket Procedures n Site Survey. n n n Exact Location of site to be surveyed Requested time and date POC, Alternate POC, with Cell numbers as well as DSN NOTE: Site surveys are used to evaluate the cost of installing new network/phone lines in a location that does not already have network/phone lines installed Add a machine to the Domain n Computer Name (Note: Computer must conform to the Arifjan naming convention) MAC address, physical address If this is a SIPR add, please include the Port #
Remedy Ticket Procedures n All Phone Requests n n n n n Phone Number, if exists or known T-Jack # Physical Location of the phone A WORKING number for the POC If DSN is requested, list all country codes that access is needed for If local commercial access is needed, specify “ 99” access Specify if voice mail is needed Specify if “Call Pick-up” is needed (*74) Remember to specify all your needs for a phone, nothing will be added unless specifically requested Note: There is no international commercial access at this time
Remedy Ticket Procedures n File restore request. Exact name of file/folder needed. n Specify NIPR or SIPR. n Exact path to the file/folder. n Last known good date. n Mailbox restores are only done for O-6 Officers or higher. Reason; Must rebuild a separate server. n
Remedy Ticket Procedures n Ticket submission Tips With specific machines, include the MAC & Computer Name. n Include an alternate POC, who is fully briefed on the problem, to speed up processing time should you be unavailable. n Short Description field in Remedy only allows 255 characters, if more is needed use the Work Perform Diary. Be sure to annotate that in the Short Desc. n
Remedy Ticket Procedures n Ticket submission Tips (continued) Always include location information if you are expecting a visit from a technician. n When in doubt, call us!! We will be happy to advise. n Too much information is always better than too little! n
Spillage Issues n n n What is a Spillage? n A spillage is when Classified data is transmitted over a Unclassified network No SIPR system information should be placed onto NIPR at any time If you suspect a Spillage has happened n n Contact your Security Manager Call the Help Desk n n Help Desk personnel call RCERT & submit an RCERT ticket Help Desk personnel notify 228 th Chain Of Command
Spillage Issues n If a spillage is verified, our higher HQ will notify the Systems and Network Administrators and instruct them on what action to take. Those actions can include: n Exchange servers being brought down to purge the classified data n Print servers brought down n Local Computers wiped n Punitive action against person or persons responsible
Current Issues
Further Reference K: DOIM_IMOs_IMO ClassArifjan IMO Basic Technical Training. ppt
QUESTIONS?
e6341d99ec03e2dc36018c1a205a1830.ppt