Managing Shares with the Shared Folders Utility
Shared Folders is a computer management utility for creating and managing shared folders on the computer. The Shared Folders window displays all of the shares that have been created on the computer, the user sessions that are open on each share, and the files that are currently open, listed by user. To access Shared Folders, select Administrative Tools gt Computer Management, expand System Tools, and then expand Shared Folders. In the following sections you will learn how to use the Shared...
Installing Windows Server as a Domain Controller
For the exercises to work properly, you should make sure that the computer that will act as your server meets the list of requirements specified in Table 1.2. Your server should have a network card installed, and it should have at least a 2.5GB drive that is configured with the minimum space requirements and partitions. Other exercises in this book assume that your server is configured as follows 2GB about 2000MB C primary partition with the NTFS file system 500MB of free space you will create...
Recovering from a Mirrored Volume Failure 1
1. Power down your computer and remove the data cable from the second drive that you configured in the mirrored volume set. 3. In the Disk Management utility, right-click the failed mirrored volume marked as Failed Redundancy and choose Remove Mirror. 4. In the Remove Mirror dialog box, select the disk that will be removed from the mirrored volume and click the Remove Mirror button. 5. In the next dialog box, click Yes to confirm that you want to remove the mirror. 6. Power down your computer...
Key Counters to Track for Memory Management
The following are the three most important counters for monitoring memory Memory gt Available Mbytes Measures the amount of physical memory that is available to run processes on the computer. If this number is less than 4MB, you should add more memory. Memory gt Pages Sec added to System Monitor by default Shows the number of times that the requested information was not in memory and the request had to be retrieved from disk. This counter's value should be below 10. For optimal performance,...
Adding Active Directory Organization Information
The Organization tab, shown in Figure 3.14, allows you to provide information about the user's role in your organization. You can enter the user's title, department, company, and manager. You can also view or add any users and contacts who directly report to the selected user account through the Direct Reports field. FIGURE 3.14 The Organization tab of the Active Directory user Properties dialog box I MMil FIGURE 3.14 The Organization tab of the Active Directory user Properties dialog box I...
The Boot Sequence
When the pre-boot sequence is completed, the boot sequence begins. Ntldr switches the CPU to protected mode, which is used by Windows Server 2003, and starts the appropriate file systems. The contents of the Boot.ini file are read and the information is used to build the initial boot menu selections. When Windows Server 2003 is selected, Ntdetect.com gathers the computer's basic hardware configuration data and passes the collected information back to Ntldr. The system also checks to see if more...
FIGURE The User Profiles dialog box
User profiles store settings for your desktop and other information related to your user account. You can create a different profile on each computer you usej or you can select a roaming profile that is the same on every computer you use. User profiles store settings for your desktop and other information related to your user account. You can create a different profile on each computer you usej or you can select a roaming profile that is the same on every computer you use. To create new user...
Using Windows Update
Windows Update is available through the Microsoft website and is used to provide the most current files for the Windows operating systems. Examples of updates include security fixes, critical updates, updated help files, and updated drivers. Sometimes the updates that are installed require that the computer be restarted before the update can take effect. In this event, Windows Update uses a technology called chained installation. With chained installation, all updates that require a computer...
Configuring Print Server Advanced Properties
The Advanced tab of the Print Server Properties dialog box, shown in Figure 7.21, allows you to configure the spool file, spooler event logging, and notifications about remote documents. You can set these The spool file or hard disk location where the print files wait until they can be serviced by the print device by default, the print spool folder is located in the Windir system32 spool PRINTERS folder Whether Error, Warning, and Information events are logged in Event Viewer Event Viewer is...
Disk Duplexing
Another advantage of mirrored volumes is enhanced disk-read performance, because the drive head closest to the sector being read is accessed for the operation. However, there is some reduction in disk-write performance, because one disk controller needs to write to two separate drives. To improve write performance and also increase your system's fault tolerance, you can use a variation of mirroring called duplexing. In duplexing, you add another disk controller, which is also illustrated in...
Viewing Volume and Local Disk Properties
On a dynamic disk, you manage volume properties. On a basic disk, you manage local disk properties. Volumes and local disks perform the same function, and the options discussed in the following sections apply to both. The examples are based on a dynamic disk using a simple volume. If you are using basic storage, you will view the local disk properties rather than the volume properties. To view the properties of a volume, right-click the volume in the upper half of the Disk Management main...
Configuring Dialin Properties
Using the Dial-in tab, as shown in Figure 3.16, you configure the user's remote-access permissions for dial-in or VPN connections. The options that can be configured include Remote Access Permission Dial-in Or VPN . Here, you can set Allow Access, Deny Access, or Control Access Through Remote Access Policy this last choice is available only if the domain is in native mode . Verify Caller ID this option is not available if the Active Directory is configured to support a mixed-mode configuration...
Viewing Hardware Information
The Hardware tab of the volume Properties dialog box, shown in Figure 4.10, lists the hardware associated with the disk drives that are recognized by the Windows Server 2003 operating system. The bottom half of the dialog box shows the properties of the device highlighted in the top half of the dialog box. For more details about a hardware item, highlight it and click the Properties button in the lower-right corner of the dialog box. This brings up a Properties dialog box for the item. Figure...
FIGURE The Computer Name tab of the System Properties dialog box
System Restore Automatic Updates Remote General Computer Name Hardware Advanced T Jg Windows uses the following information to identify your computer Hp on the network. For example Kitchen Computer or Mary's Computer. To use the Network Identification Wizard to join a i NetW0 kiD l domain and create a local user account, click Network l- gt To rename this computer or join a domain, click Change. Change l 4. The Computer Name Changes dialog box will appear, as shown in Figure 3.25. This dialog...
Initial Startup and the Boot Manager Phase
When the POST is complete, the boot manager, which is a part of the EFI, specifies which EFI drivers should be used, the EFI tool set that will be available to the user, and the EFI startup options that should be displayed. Depending on your Itanium-based system, the boot manager features will vary, and you should check the manufacturer's documentation for managing options such as performing system recovery tasks, restoring the boot manager startup window, and updating system firmware. When...
Configuring NTFS Permissions
1. Using the Active Directory Users And Computers utility, create two users Marilyn and Dan. See Chapter 3, Managing Users, Groups, and Computers, for details on using the Active Directory Users And Computers utility. Deselect the User Must Change Password At Next Logon option. 2. Using the Active Directory Users And Computers utility, create four global security groups Accounting, Execs, Sales, and Temps. Add Marilyn to the Accounting and Execs groups, and add Dan to the Sales and Temps...
Managing Log Files
Over time, your log files will grow, and you will need to decide how to manage them. You can clear a log file for a fresh start. You may want to save the existing log file before you clear it, to keep that log file available for future reference or further analysis. To clear all log file events, right-click the log you wish to clear and choose Clear All Events from the pop-up menu. Then specify whether or not you want to save the log before it is cleared. If you just want to save an existing...
Support for Unix Clients
Unix clients send print jobs to printers via the Line Printer Remote LPR utility. This utility is installed on Unix clients and allows them to print files to computers that are running the Line Printer Daemon LPD service. Windows Server 2003 allows a Unix client to send print jobs to Windows Server 2003 printers if the following options have been configured 1. The appropriate print driver must be available to the Unix client for the print device that the client will attach to. This is loaded at...
FIGURE The Active Directory group Properties dialog box
General Members Member Of Managed By Accounting Group name pre-Windows 2000 Accounting Description E-mail Group name pre-Windows 2000 Accounting Description E-mail This dialog box has four tabs with options for managing the group The General tab allows you to view and change the pre-Windows 2000 group name, the description, and the e-mail address. You can view the group scope and change group scope and group type. You can also add notes for the group. The Members tab, shown in Figure 3.19,...
Print Permission Assignment
Usually, you can accept the default print permissions, but you might need to modify them for special situations. For example, if your company bought an expensive color laser printer for the marketing department, you probably wouldn't want to allow general access to that printer. In this case, you would deselect the Allow checkbox for the Everyone group, add the Marketing group to the Security tab list, and then allow the Marketing group the Print permission. To add print permissions, take the...
The Hardware Compatibility List HCL
Along with meeting the minimum requirements, your hardware should appear on the Hardware Compatibility List HCL . The HCL is an extensive list of computers and peripheral hardware that have been tested with the Windows Server 2003 operating system. The Windows Server 2003 operating system requires control of the hardware for stability, efficiency, and security. The hardware and supported drivers on the HCL have been put through rigorous tests. If you call Microsoft for support, the first thing...
Monitoring Print Queue Status
You can monitor print queue status through the System Monitor utility. System Monitor is used to track performance-related counters for many computer objects. You monitor print queue status through the System Monitor utility using the following process 1. Select Start gt Administrative Tools gt Performance. 2. The Performance dialog box will appear and the System Monitor utility will be selected by default, as shown in Figure 7.22. 3. Click the Add button which looks like a Plus sign to access...
Managing Basic Storage
The Disk Management utility offers limited support for managing basic storage. You can create, delete, and format partitions on basic drives. The process for creating, deleting, and formatting partitions is very similar to the process used to create, delete, and format volumes with dynamic storage. You also can delete volume sets and stripe sets that were created through Windows NT. Most other disk-management tasks require that you upgrade your drive to dynamic disks. The upgrade process was...
FIGURE The Terminal Server Licensing window
9. The Terminal Server License Activation Wizard will start. Click the Next button. 10. The Connection Method dialog box appears, as shown in Figure 8.20. You can choose to connect to the Microsoft Clearinghouse by one of three methods Automatic, Web Browser, or Telephone. In this example, we will connect by telephone. Select the Telephone option and click the Next button. FIGURE 8.20 Connection Method dialog box FIGURE 8.20 Connection Method dialog box 11. The Country Region Selection dialog...
Dsquery
You use the Dsquery command-line utility to query the Active Directory for objects that meet specified criteria. Each Dsquery command has a unique set of parameters based on the Active Directory object that is being modified. The objects that can be modified through the Dsquery command are
System Monitor Security Groups
In order to use System Monitor, you must be a member of one of the following groups The Performance Log Users and Performance Monitor Users groups are new security groups in Windows Server 2003, so we will look at them here Performance Log Users A security group that allows members to manage performance-related counters through System Monitor, or logs and alerts through Performance Logs And Alerts, on a local server or on a remote computer without having to be a member of the Administrators or...
H
hard disk drive A mass-storage device that reads and writes digital information magnetically on disks that spin under moving heads. Hard disk drives are precisely aligned and should not be removed, except for maintenance. They are an inexpensive way to store gigabytes of computer data permanently. Hard disk drives also store the applications and user data installed on a computer. Hardware Abstraction Layer HAL A Windows Server 2003 service that provides basic input output services such as...
Using Take Ownership
1. Using the Active Directory Users And Computers utility, create a user named Aaron. See Chapter 3 for details on using the Active Directory Users And Computers utility. Deselect the User Must Change Password at Next Logon option. 2. Log on as Aaron and select Start gt My Computer. 3. Open the D drive and select File gt New gt Folder and name the new folder Aaron's Data. 4. Create a text file called Secret.txt in D Aaron's Data. 5. Right-click Aaron's Data, select Properties, and click the...
Using DMA
Direct Memory Access DMA enables a device to transfer data directly to RAM by only using the processor during the transfer period. The result is a faster and more direct method of data transfer. This method was especially useful in older PCs, enabling the DMA channel to transfer data in the background, thus freeing the processor to tend to other duties. During a DMA cycle the CPU is placed in a hold state. This means that the CPU can execute internal instructions only and the external bus is...
Determining Hardware Requirements
You will need a computer that can handle the Terminal Services loads for your Terminal Services server. The requirements for Terminal Services clients are minimal. The hardware requirements for a Terminal Services server depend on how many clients will be connecting concurrently and the usage requirements of the clients. The following are some guidelines A Terminal Services server requires at least a Pentium processor and 128MB RAM 256MB RAM to perform adequately . You should also provide an...
Using System Monitor
The System Monitor utility Figure 9.1 is used to collect and measure the real-time performance data for a local or remote computer on the network. Through System Monitor, you can view current data or data from a log file. When you view current data, you are monitoring real-time activity. When you view data from a log file, you are importing a log file from a previous session. System Monitor enables you to do the following tasks Collect data from your local computer or remote computers on the...
Configuration for the SUS Clients
There are two methods for configuring SUS clients. The method you use is dependent on whether your network uses Active Directory. In a non-enterprise network not running Active Directory , you would configure Automatic Updates through Control Panel using the same process that was defined in the Using Automatic Updates section of this chapter. Each client's Registry would then be edited to reflect the location of the server that will provide the Automatic Updates. Within an enterprise network,...
Answers to Review Questions Aut
1. C. Eventquery is used to query one or more event logs for specific events or event properties. You can use a filter with the query to include or exclude information such as event type, the user who generated the event, or the category of the event. In this case, Eventquery could be used to query event types based on Success Audit or Failure Audit. 2. C, E. If you need to restore System State data on a domain controller, you must restart your computer with the advanced startup option...
Using Folder and File Auditing
If you have configured a partition or volume as NTFS, you can take advantage of an additional security feature called auditing. Auditing allows you to track the success or failure of folder and file access. In order to use auditing, two options must be configured Configure the computer to enable auditing for object access. Configure the events that you want to audit on the specific NTFS folder or file. After you configure auditing, you view the results through the Event Viewer utility's...
Monitoring Disk Quotas
If you implement disk quotas, you will want to monitor disk quotas on a regular basis. Monitoring allows you to check the disk usage by all the users who own files on the volume with the quotas applied. It is especially important to monitor quotas if you have specified that disk space should be denied to users who exceeded their quota limit. Otherwise, some users may not be able to get their work done. For example, suppose that you have set a limit for all users on a specific volume. Your boss...
Managing Local Access
The two common types of file systems used by local partitions are FAT which includes FAT16 and FAT32 and NTFS. FAT partitions do not support local security NTFS partitions do support local security. This means that if the file system on the partition that users access is configured as a FAT partition, you cannot specify any security for the file system once a user has logged on. However, if the partition is NTFS, you can specify the access level each user has to specific folders and files on...
Creating a DRA
In order to be designated as a DRA, a user must have a certificate that will be used to access encrypted files. To create a certificate for the user who will be the DRA, you should log on as that user, and execute the following command Cipher R filename You will then be asked to type in the password to protect your .pfx, followed by a request to retype the password. The R switch is used to generate two files, one with a .pfx extension and one with a .cer extension. The .pfx file is used for...
Monitoring and Optimizing the Processes Subsystem
If you suspect that an application or process is consuming a large share of resources, you can monitor specific processes through the Process performance object. For example, suppose that you are running an application called abc.exe and you want to track how much of the processor's time is spent servicing this application and how many bytes of the page file are allocated to this application. In the following sections you will learn about the key counters to track for the processes subsystem...
Separator Page FileDescription
pcl.sep Used to send a separator page on a dual-language HP printer after switching the printer to PCL Printer Control Language , which is a common printing standard TABLE 7.2 Separator Page Files continued TABLE 7.2 Separator Page Files continued Does not send a separator page, but switches the computer to Used by PostScript printers to send a separator page Same as sysprint.sep, but with support for Japanese In Exercise 7.3, you will configure some advanced printer properties. This exercise...
Understanding the Windows Server Boot Process
When you are diagnosing a server error, you first need to determine whether the error is occurring when Windows Server 2003 is loading, when Windows Server 2003 is running, or when Windows Server 2003 is shutting down. Some of the problems that cause system failure are related to the Windows Server 2003 boot process. The boot process starts when you turn on your computer and ends when you log on to Windows Server 2003. There are many reasons why you might have startup failures. Some errors can...
BuiltIn Users Created in Active Directory
On a Windows Server 2003 domain, the Active Directory Users And Computers utility has a container called Users, which contains two built-in user accounts Administrator and Guest. Each of the built-in accounts has rights and permissions automatically assigned. The Administrator account is created locally when you install a Windows Server 2003 member server or in the Active Directory when you install a Windows Server 2003 computer as the first server in the Active Directory domain. Administrator...
Print Processor
Print processors are used to specify whether Windows Server 2003 needs to do additional processing to print jobs, and if so, receives and alters the print job based on the data type so that the print job prints properly. The WinPrint print processor is installed and used by Windows Server 2003 by default. The WinPrint print processor supports several data types. By default, almost all Windows-based applications use the EMF enhanced metafile standard to send jobs to the printer. The EMF standard...
Reviewing the Itanium Boot Process
If you are using an Itanium-based computer for Windows Server 2003, the following boot process would be used 2. Initial startup and the boot manager phase 4. Device drivers and service initialization phase 6. Plug and Play device detection phase The Itanium boot process phases that differ from those occurring with x86-based systems are covered in the following sections. The process for loading device drivers and service initialization, and the process for Plug and Play device detection, is...
Printer Priority
Priority is another option that you might configure if you have multiple printers that use a single print device. When you set priority, you specify how jobs are directed to the print device. For example, you might use this option when two groups share a printer and you need to control the priority in which print jobs are serviced by the print device. In the Advanced tab of the printer Properties dialog box, you can set the priority value to a number from 1 to 99, with 1 as the lowest priority...
Managing Users Groups and Computers
MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER V Manage local, roaming, and mandatory user profiles. V Create and manage computer accounts in an Active Directory environment. Identify and modify the scope of a group. Find domain groups in which a user is a member. Create and modify groups by using the Active Directory Users and Computers Microsoft Management Console MMC snap-in. Create and modify groups by using automation. V Create and manage user accounts. Create and modify user accounts...
FIGURE The Delegation tab of the computer Properties dialog box
Delegation is a security-sensitive operation, which allows services to act on behalf of another user. f Do not trust this computer for delegation C Trust this computer for delegation to any service Kerberos only f Trust this computer for delegation to specified services only Use Kerberos only r Use any authentication protocol Services to which this account can present delegated credentials Service Type User or Computer Location The Location tab of a computer's properties, as shown in Figure...
Using the Licensing
To access the Licensing utility, select Start gt Administrative Tools gt Licensing. This brings up the Licensing utility shown in Figure 1.23. If you click the Server Browser tab, then expand your domain and your server, you will see an entry called Windows Server. Double-clicking Windows Server accesses the Choose Licensing Mode dialog box, as shown in Figure 1.24. This allows you to specify whether you will manage enterprise licensing through Per Server mode or Per Device or Per User mode....
Description Dsd
Enable Quota Management Specifies whether quota management is enabled for the volume. Deny Disk Space To Users Exceeding The Quota Limit Specifies that users who exceed their disk quota will not be able to override their disk allocation. Those users will receive out of disk space error messages. Select The Default Quota Limit For New Users On This Volume Allows you to define quota limits for new users. Options include not limiting disk space, limiting disk space, and specifying warning levels....
PostInstallation Product Activation
Product activation is Microsoft's way of reducing software piracy. Unless you have a volume corporate license for Windows Server 2003 or are using a 64-bit version of Windows Server 2003 which does not use product activation , you will need to perform post-installation activation. This can be done online or through a telephone call. After Windows Server 2003 is installed, you will have 14 days to activate the license. After the 14-day grace period expires, you will not be able to restart...
Using the Disk Management Utility
The Disk Management utility is a graphical tool for managing disks and volumes within the Windows Server 2003 environment. In order to have full permissions to use the Disk Management utility, you should be logged on with Administrative privileges. To access the utility, select Start gt Administrative Tools gt Computer Management. Expand the Storage folder to see the Disk Management utility. The Disk Management utility's opening window is shown in Figure 4.6. You can also access the Disk...