Intersite Replication Essentials
While intrasite replication is focused on speed, intersite replication is focused on efficiency. The primary goal of intersite replication is to transfer replication information between sites while making the most efficient use of the available resources. With efficiency as a goal, intersite replication traffic uses designated bridgehead servers and a default configuration that is scheduled rather than automatic, and compressed rather than uncompressed. With designated bridgehead servers, the...
RIS Answer Files
RIS answer files are highly similar to Unattend.txt files, with just a few additional or changed entries. During the RIS image creation processes, default answer files are created for each OS image RISetup creates a default answer file called Ristndrd.sif. RIPrep creates its own answer file named Riprep.sif by default. The easiest way to create an optional answer file Remboot.sif by default for RIS is by using the Setup Manager Wizard Setupmgr.exe in Deploy.cab located in the Support Tools...
Info Stk
The remaining hive files are stored in individual user profile directories with the default name of Ntuser.dat. These files are in fact hive files that are loaded into the Registry and used to set the pointer for the HKEY_CURRENT_USER root key. When no user is logged on to a system, the user profile for the default user is loaded into the Registry. When an actual user logs on, this user's profile is loaded into the Registry. Note The root keys not mentioned are HKEY_CURRENT_CONFIG and...
Configuring User Logon and Logoff Scripts
You can assign logon and logoff scripts as part of a group policy. In this way, all users in a site, domain, or OU run scripts automatically when they log on or log off. To configure a script that should be executed when a user logs on or logs off, complete the following steps 1 For easy management, copy the scripts you want to use to the User Scripts Logon or the User Scripts Logoff folder for the related policy. By default, policies are stored in the SystemRoot Sysvol Domain Policies folder...
Migrating Global Groups
Migrating groups prior to migrating users from one domain to another is a good idea. Global groups are restricted to having members that exist within the current domain. As a result, if you migrate users from a source domain to a destination domain and groups have not yet been migrated, the migrated users cannot be part of a group that is in the source domain. They can be part of a group only in the destination domain thus, they cannot be part of their original group. Once the groups are...
MSR Partitions
An Itanium-based computer must have an MSR partition on every GPT disk. The MSR partition contains additional space that might be needed by the operating system to perform disk operations. For example, when you convert a basic GPT disk to a dynamic GPT disk, the Windows operating system takes 1 MB of the MSR partition space and uses it to create the LDM Metadata partition, which is required for the conversion. The MSR partition is not shown in Disk Management and does not receive a drive letter...
Resetting a Users Domain Password
One of the good things about using domain policy to require users to change their password is that the overall security of the network is improved by doing so. One of the downsides of frequent password changes is that users occasionally forget their password. If this happens, it is easy to fix by doing the following 1 Find the user account whose password you want to reset in Active Directory Users And Computers. 2 Right-click the user account and then select Reset Password. 3 In the Reset...
Rolling Back a Driver
Occasionally, you'll find that an updated driver doesn't work as expected. It could cause problems, such as device failure or system instability. In most cases, this should occur only when you've installed unsigned device drivers as a last resort or beta versions of new drivers that might have improved performance or some other benefit that outweighs their potential to crash the system. However, it can sometimes occur with signed device drivers even those published through Windows Update. If...
Tip Use Locations to access user accounts from other domains
By default, the Select Users dialog box is set to work with users from your logon domain. If you want to add a user account from another domain, click Locations to display the Locations dialog box. Then either select the entire directory or the specific domain in which the account is located, and click OK. Enter the object names to select fexamples Figure 20-13. Type the name of the user account or part of the name, and click Check Names. In the Quota Entries dialog box, there are a couple of...
Locating and Restoring Previous Versions from the Command Line
If you want to restore these versions of the file to another location, you can use the R parameter to specify the folder to which the files should be restored. The syntax is as follows volrest ServerName SharedFolderName FileName r RestorePath where RestorePath is the local or network path to the folder to which you want to restore the file's versions. Consider the following example volrest CorpSvr02 EngData QuarterlyReport.doc r c data Here, you restore previous versions of QuarterlyReport.doc...
Inside Out Elj
Service pack update gotchas You shouldn't update your existing Windows installation share. First, you want to ensure the update is completed successfully before using it, and you might have several service packs that you must apply sequentially before the update is complete. Second, if there are users currently performing installations, you could corrupt their installations or otherwise cause their installations to fail. When you use slipstreaming to install several service packs at once, you...
Using the Regional and Language Options Utility
Regional and Language Options is used to set country-specific standards and formats, as shown in the following screen. In different countries, the unit of measurement, currency, and date formatting can be different. To change the settings, simply select a country or region in the Standards And Formats area. By choosing a region, you choose all the appropriate settings for numbers, currency, dates, and times. Examples of the formatting standards for the selected region are displayed in the...
Service Location SRV Records
Service Location SRV records make it possible to find a server providing a specific service. Active Directory uses SRV records to locate domain controllers, global catalog servers, LDAP servers, and Kerberos servers. SRV records are created automatically. For example, Active Directory creates an SRV record when you promote a domain controller. LDAP servers can add an SRV to indicate they are available to handle LDAP requests in a particular zone. In the forest root zone, SOA, NS, CNAME, and SRV...
Info Wpy
Microsoft Windows Server 2003 Inside Out Repairing the DHCP Database a DHCP databases can become corrupt, especially if they've been in use for a long time. If this happens, you'll see error messages in the system event log that have DHCP Server as the event 5 source and reference JET database errors. A typical error might look like this The JET data base returned the following Error 510. You can use the Jetpack.exe utility to repair the database. First, stop the DHCP Server service by typing...
Enabling Shadow Copying from the Command Line
To enable shadow copying of a volume, you use the ADD SHADOWSTORAGE command. The syntax is as follows vssadmin add shadowstorage for ForVolumeSpec on OnVolumeSpec J2 Here, for ForVolumeSpec is used to specify the local volume for which you are configuring or managing shadow copies and on OnVolumeSpec is used to specify the volume on which the shadow copy data will be stored. vssadmin add shadowstorage for c on d Here, you are configuring the C volume to use shadow copies, and the shadow copy...
Examine the Configuration of the DNS Server
server name version DS container forest name domain name builtin domain partition builtin forest partition last scavenge cycle ForestDnsZones.cpandl.com DomainDnsZones.cpandl.com not since restart 0 DefaultNoRefreshlnterval 168 ServerAddresses Addr Count 1 Addr 0 gt 192.168.1.50 ListenAddresses Table 27-1 summarizes section by section the output from DNSCMD Info. Using DNSCMD Config, you can configure most of these options. The actual subcommand to use is indicated in parentheses in the first...
Creating a Simple or Spanned Volume
You create simple and spanned volumes in much the same way. The difference between the two is that a simple volume uses free space from a single disk to create a volume, while a g. spanned volume is used to combine the disk space on multiple disks to create the appearance o of a single volume. If you later need more space, you can extend either volume type by using Disk Management. Here, you select an area of free space on any available disk and add it to the volume. When you extend a simple...
Viewing the Print Processor and Default Data Type
Every printer has a print processor. The default print processor for Windows systems is Win-print. Other print processors can be installed when you set up a printer. The print processor and the default data type for the processor determine how much processing the printer performs. As discussed previously, the RAW data type is processed on the client and minimally processed on the print server. The EMF data type is sent to the print server for processing. Generally speaking, you do not need to...
Preparing for Print Server Failure
As part of your print services optimization and maintenance process, you should consider how you are going to handle printer and print server failure. Several techniques have been discussed previously for increasing availability and fault tolerance. These techniques include print queue pooling and print clusters as discussed in the section entitled Optimizing Printing Through Queues and Pooling earlier in this chapter. Because these options aren't practical for all environments, you should have...
Tracking and Logging File Share Permissions by Using SrvCheck
SrvCheck is a handy tool for helping you track file share and print share permissions on both local and remote systems. You can use it to display a list of shares and who has access. If you redirect the output of SrvCheck, you can save the share configuration and access information to a file, and this file can become a log that helps you track share permission changes over a. To run SrvCheck, type srvcheck ComputerName, where ComputerName is the domain name or IP address of the computer whose...
Resolve problems with the quorum resource
You can start the Cluster service from the command line as well. This is useful if there are problems with the quorum resource and you want to try to repair them. In this case, stop the Cluster service by selecting File, Stop Cluster Service. Then, at the command line, type clussvc debug fixquorum. Only one node can be started at a time using this approach. The server will start the Cluster service but won't bring any resources online. You can then try to bring the quorum resource online...
Indexing Service
Remote Installation Services RIS Domain controllers and any other computer in the domain that uses these services rely heavily on the change journal. The change journal allows these services to be very efficient at determining when files, folders, and other NTFS objects have been modified. Rather than checking time stamps and registering for file notifications, these services perform direct lookups in the change journal to determine all the modifications made to a set of files. Not only is...
Quick Look Using EventComb
EventComb, shown in Figure 15-13, is a Windows Server 2003 Resource Kit tool used for searching the event logs on multiple systems. If you've installed the Resource Kit as discussed in Chapter 1, Introducing Windows Server 2003, you can start EventComb by typing eventcombmt at the command line. Figure 15-13. EventComb let's you search multiple systems in a domain for events by event ID, source, and search text. Figure 15-13. EventComb let's you search multiple systems in a domain for events by...
Configuring Delegated Authentication
To use delegated authentication, the user account, as well as the service or computer account acting on the user's behalf, must be configured to support delegated authentication. Configuring the Delegated User Account For the user account, you must ensure that the account option Account Is Sensitive And Cannot Be Delegated is not selected, which by default it isn't. If you want to check this option, use Active Directory Users And Computers, as shown in the following screen. Double-click the...
Info Yvs
In the Specify A Printer dialog box, choose a method for finding the network printer as follows Choose Find A Printer In The Directory if you want to search Active Directory for the printer. Choose Connect To This Printer, and type the printer name or browse the network for shared printers just as you'd browse in My Network Places. Choose Connect To A Printer On The Internet if you want to enter the Uniform Resource Locator URL of an Internet printer. When the printer is selected, click OK....
Windows Server 2008 Add Drive Letter To Spanned Drive
r The real value of mount points, however, lies in how they allow you the capability to create 9 the appearance of a single file system from multiple hard disk drives without having to use spanned volumes. Consider the following scenario A department file server has four data drives drive 1, drive 2, drive 3, and drive 4. Rather than mount the drives as D, E, F, and G, you decide it'd be easier for users to work with the drives if they were all mounted as folders of the system drive, C Data....
Windows 2003 Add Printer
When you have computers running classic Mac OS, you might need to use a Windows server as the print server. To do this, you must install Print Services For Macintosh and then configure the print server to communicate with the AppleTalk printer. It is important to note that Print Services For Macintosh isn't available for 64-bit versions of Windows Server 2003. It is also important to note that once you set up a Windows computer as the print server for an AppleTalk printer, the print service can...
Modifying Group Policy Processing
You can modify Group Policy processing by disabling a policy in whole or in part. Disabling a policy is useful if you no longer need a policy but might need to use that policy again in the future. Disabling part of a policy is useful so that the policy applies only to either users or computers but not both. In the Group Policy Management console, you can enable and disable policies partially or entirely by completing the following steps 1 Select the policy in a container to which it is linked...
Disaster Planning
Preparing for a Disaster 1349 Predisaster Preparation Procedures . . 1353 Ask three different people what their idea of a disaster is and you'll probably get three different answers. For most administrators, the term disaster probably means any scenario in which one or more essential system services cannot operate and the prospects for quick recovery are less than hopeful that is, a disaster is something a service reset or system reboot won't fix. To ensure that operations can be restored as...
permcopy SourceServer ShareNamel DestinationServer ShareName
SourceServer is the domain name or IP address of the source computer. This is the computer with the file share whose permissions you want to copy. ShareNamel is the name of the source file share. This is the file share with the permissions you want to copy. DestinationServer is the domain name or IP address of the destination computer. This is the computer to which you are copying file share permissions. ShareName2 is the name of the destination file share. This is the file share whose per- i...
Managing Windows Server
Using the Administration Tools. Using the Control Panel Utilities Using Support Tools 341 Using Resource Kit Tools . . 350 Using the Secondary Logon 366 Systems that run Microsoft Windows Server 2003 are the heart of any Microsoft Windows network. These are the systems that provide the essential services and applications for users and the network as a whole. As an administrator, it is your job to keep these systems running, and to do this, you must understand the administration options...
Examining Domain and Forest Trusts
You can examine existing trusts using Active Directory Domains And Trusts. Click Start, choose Programs or All Programs as appropriate, choose Administrative Tools, and then select Active Directory Domains And Trusts. As shown in the following screen, you see a list of available domains Active Directory Domains and Trusts K - Active Directory Domeins end Trusts There are no items to show in this view. To examine the existing trusts for a domain, right-click the domain entry, and then select...
Managing Disk Quotas After Configuration
Users are notified that they have reached a warning level or quota limit when they access the o volume on which you've configured disk quotas. As an administrator, you'll want to check for quota violations periodically, and there's several ways you can do this. One way is to access Disk Management, right-click the volume that you want to check on, and then select Properties. In the Properties dialog box for the disk, select the Quota tab, and then click the Quota Entries button. You can then...