book

Learning Windows Server 2003

Name: Learning Windows Server 2003
Author: Jonathan Hassell
ISBN: 9780596006242

by Jonathan Hassell

December 2004

Beginner

672 pages

20h 38m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Learning Windows Server 2003
Preface
Audience
Organization and Structure
Conventions Used in This Book
Using Code Examples
We’d Like to Hear from You
Acknowledgments
1. Introducing Windows Server 2003
Changes in This ReleaseSecurityPerformance and ScalabilityManagement Tool EnhancementsTrans-Forest Active Directory TrustsRemote Office Domain Controller Creation ImprovementsReplication ControlDomain RenamingVolume Shadow Copies and Shadow Copy RestoreTerminal Services and Remote AdministrationThe .NET FrameworkIIS 6Command-Line IntegrationDNS ImprovementsLicensing
Windows Server 2003 Editions
Hardware Requirements

Assessing the Release
2. Installation and Deployment
Preparing to Install Windows Server 2003
Choosing Windows Components
Partitioning Disks and Allotting Disk SpaceAssigning LicensesJoining Domains Versus Joining Workgroups
Installing Windows Server 2003
Understanding Product Activation
Upgrading Previous and Existing Installations
Upgrading Windows NTEvaluating NT-based Windows Server 2003 interoperability issuesUpgrading Windows 2000 Server
Troubleshooting an Installation
Starting OverUsing the Recovery ConsoleSetting up the Recovery ConsoleWorking with the Recovery Console
Running an Unattended Installation
Using ScriptsConstructing unattended setup scriptsPrivatizing the dynamic update processUnderstanding and creating UDF filesUsing RISRIS limitationsActivating an RIS serverDeploying an image to a clientSlipstreaming service packsUsing the OEM option for further customizationDeploying a System Image: RIPrep and SysprepSysprep: the system preparation tool
3. File and Print Services
New File and Print Server Features
Setting Up File Sharing Services
Creating a Share ManuallyDefault SharesPublishing Shares to Active DirectoryUsing Shares from the Command-Line
NTFS File and Folder Permissions
Standard and Special PermissionsSetting PermissionsInheritance and OwnershipDetermining Effective PermissionsAuditing
Limiting Use of Disk Space with Quotas
Setting Default QuotasManaging Quotas from the Command-LineConfiguring Individual Quota Entries
Using Offline Files and Folders
Enabling Offline FilesCommand-Line FunctionsPoints to Remember
Using Shadow Copies
Enabling Shadow CopiesAltering the Shadow Copy ScheduleManaging Shadow Copies from the command-line
Backing Up Your Machines
Using Backup from the GUIThe Command-Line: NTBACKUPSample Command-Line Scenarios
Using the Encrypting File System
Encrypting Files and FoldersRecovering Encrypted ObjectsProtecting User Certificate Integrity
The Distributed File System
Adding a Dfs Root and LinkAdding Dfs Links and TargetsThe Basics of Dfs ReplicationManaging Dfs SystemsConnecting to different rootsChecking Dfs node statusRemoving child nodesDowning replica members
Understanding Print Sharing Services
Internet PrintingSetting Up Print SharingCustom Printing ConfigurationsControlling the print spooler serviceConfiguring default printer settingsChoosing a separator pageAdding printer drivers for other operating systemsPublishing shared printers into Active DirectorySetting up alternate/restricted printing timesControlling print priority between groupsUsing PostScript and PCLRetaining all print jobsConfiguring printing to multiple physical printersAdding color profilesTracking the location of printersAdvanced command-line printing features
4. Domain Name System
Nuts and Bolts
Zones Versus Domains
Zone FilesForward and Reverse Lookup Zones
Resource Records
Host (A) RecordsCanonical Name (CNAME) RecordsMail Exchanger (MX) RecordsNameserver (NS) RecordsStart of Authority (SOA) RecordsPointer (PTR) RecordsService (SRV) Records
Using Primary and Secondary Nameservers
Full and Incremental Zone Transfers
Building a Nameserver
Enabling Incremental TransfersCreating a Forward Lookup ZoneEntering A Records into a ZoneControlling Round-Robin BalancingEntering and Editing SOA RecordsCreating and Editing NS RecordsCreating and Editing CNAME RecordsCreating and Editing MX RecordsGenerating a Reverse Lookup ZoneCreating and Editing PTR RecordsConfiguring a Secondary NameserverUpgrading a Secondary Nameserver to PrimaryManually Editing Zone FilesControlling the Zone Transfer Process
Subdomains and Delegation
Delegating a DomainCreating the Subdomain
Dynamic DNS
ScavengingPreventing Dynamic DNS Registration
Active Directory-Integrated Zones
Replication Among Domain Controllers
Forwarding
SlavingConditional Forwarding
The Split DNS Architecture
Stub ZonesSecurity Considerations
Backup and Recovery
Next Steps
5. Active Directory
Active Directory Objects and ConceptsDomainsOrganizational UnitsSitesGroupsNestingTreesForestsNew to Windows Server 2003: transitive forest root trustsThe dedicated forest root modelShared Folders and PrintersContactsGlobal Catalog
Building an Active Directory Structure
The First DomainUsing Active Directory ToolsAdding Another Domain Controller to a DomainAdding Another DomainManaging Users and GroupsCreating users and groupsPerforming common administrative tasksUsing LDAP to create usersDelegation
Understanding Operations Master Roles
Schema MasterDomain Naming MasterRID MasterPDC EmulatorInfrastructure MasterTransferring and Seizing Roles Manually
Understanding Directory Replication
Within a Site: Loops and MeshesTime SynchronizationReplication TopologiesHandling Update ConflictsUpdate Sequence NumbersBreaking the loop: originating USNs and UTD vectorsManaging Replication Using REPADMINRunning the KCCViewing up-to-date vectorsViewing replication partnersViewing highest USNsPressing the “Big Red Button”Among Sites: Spanning Trees and Site LinksSite links
Migrating to Active Directory in Windows Server 2003
Moving from Windows NT DomainsItems to consider before migratingMigration strategiesPerforming the moveMoving domains to Active DirectoryMoving from Windows 2000 ServerAbout forest and domain functional levelsPreparing existing forests and domainsRaising the forest and domain functional levelsTips for a smooth upgrade
Active Directory Maintenance
Offline Defragmenting of NTDS DatabaseCleaning Directory Metadata
Conclusion
6. Group Policy and IntelliMirror
An Introduction to Group PolicyA Comparison: Group Policies and System Policies
Group Policy Implementation
Creating and Editing Group Policy ObjectsAdministrative templatesDisabling portions of policiesRefreshing policiesPolicy enforcement over slow network connectionsThe Scope of Group Policy ObjectsInheritance and OverridingResultant Set of Policy
Group Policy Management Tools
Group Policy Management ConsoleSearching for GPOsBacking up, copying, importing, and exporting GPOs using the GPMCManaging GP across multiple forestsUsing RSoP planning mode with the GPMCUsing RSoP logging mode with the GPMCWMI filtersDelegating administration of GPs
Local Group Policy
Security TemplatesCreating a Custom Security TemplateCompiling the Security Database
Domain Group Policy
Security SettingsRestricted groupsFilesystem and registry policyIntelliMirror: Software InstallationPackaging softwareAn example deploymentDeployment propertiesRedeploying and removing softwareDeploying service packs using GPIntelliMirror: Folder RedirectionRedirecting folders based on group membershipRemoving a redirection policySoftware Restriction PoliciesScripts
Deployment Considerations
Troubleshooting Group Policy
Resolving DNS ProblemsAnalyzing InheritanceGPO Distribution and SynchronizationGetting More Detailed LogsIdentifying Client Side Extension GUIDsLocating GPT Files on Domain Controllers
Conclusion
7. Windows Security and Patch Management
Understanding Security ConsiderationsPrinciples of Server Security
Creating and Enforcing Security Policies
Using Security Policy TemplatesCreating a custom security templateImporting a template into a GPOSecurity Configuration and AnalysisCreating and using template databases with SCAScanning system securityCorrecting system securityMicrosoft Baseline Security AnalyzerUsing the MBSA
Locking Down Windows
Password RequirementsAccount Lockout PoliciesLocal OptionsAnonymous accessShutdown without logonAutomatic logoffDigitally signing communicationRequiring the three-keystroke salute at logonLast username displayPassword expiration promptNetwork Options Via GPViewing the default domain policyViewing the default domain controller security policiesViewing a domain controller’s effective security policyFinal words: organizing policy layout
Using Auditing and the Event Log
Recommended Items to AuditEvent LogsThe Event Viewer
About Software Update Services
Using SUS: On the Server SideSynchronizing and approving contentPushing out the Automated Updates clientConfiguring the Automatic Updates client from a server perspectiveUsing SUS: On the Client SideUpdate download and installationMonitoring the client-side systemCommon Problems and Workarounds
8. Internet Information Services
IIS Architecture
IIS Components
The Web ServerThe FTP ServerThe SMTP Server and POP3 ServerThe NNTP Server
What’s New in IIS 6
Installing IIS
IIS Management Console
Managing Web Services
Creating a SiteAdjusting Server-wide Site PropertiesHosting Multiple Sites on One Physical MachineAdjusting Individual Site PropertiesWeb SitePerformanceISAPI FiltersHome DirectoryDocumentsDirectory SecurityHTTP HeadersCustom ErrorsVirtual DirectoriesFrontPage Server ExtensionsUsing Application PoolsRecyclingPerformanceHealthIdentityCreating a new application poolUsing the Web Services Extensions Node
File Transfer Protocol Services
Creating FTP SitesMaster FTP Site PropertiesIndividual FTP Site PropertiesFTP SiteSecurity AccountsMessagesHome DirectoryDirectory SecurityVirtual FTP DirectoriesFTP User IsolationIntegrating Active Directory into user isolation
SMTP Services
Creating a New SMTP Virtual ServerSMTP PropertiesGeneralAccessMessagesDeliveryLDAP RoutingSecurityDelivering for Multiple Internet Domains
The POP3 Server
Installing the POP3 ServerPOP3 PropertiesCreating Domains and Mailboxes
Network News Services
Creating a Newsgroup ServerModifying NNTP Server PropertiesGeneralAccessSettingsSecurityVirtual NNTP DirectoriesModifying news directory propertiesCreating Newsgroups and HierarchiesArticle Expiration
Backing Up Your IIS Configuration
Automating IIS Administration
iisresetiiswebiisvdiriisappiisftpiisftpdrwinpopRemote Administration
Securing it All
Enable IIS Only if You Use ItQuery All IIS Machines for Their Update LevelKeep IIS UpdatedUsing Windows UpdateUsing network-based hotfix installationUse Both IIS and NTFS SecurityEvaluate the Indexing ServiceKill Unused PortsDelete Default DirectoriesThe Ins and Outs of ISAPI
9. .NET Framework
What Is .NET?LanguageLibrariesToolsRuntime
What’s New in .NET
Application Types
XML-Based Configuration
Configuration TypesSecurity PolicySettingsConfiguration ScopesEnterpriseMachineUserApplication
Security
Role-Based Security
Assemblies
Private AssembliesStrong-Named Assemblies
Deployment Models
XCopy DeploymentNo-Touch DeploymentWindows Installer
Diagnostics
Debugging and TracingPerformance CountersFramework countersCustom countersEvent Logs
Management Tools
GUI ToolsThe .NET Framework Configuration MMCThe .NET Framework Wizards toolCommand-Line Tools
Reference
10. Windows Terminal Services
The Remote Desktop Protocol
Requirements for Terminal Services
CPU RequirementsAmount of RAMNetwork Interface CardDisk Space
Adding the Terminal Server Role
Enabling Remote Desktop
On the User’s Side
Using the RDP ClientGeneralDisplayLocal ResourcesProgramsExperienceConfiguring a User’s Environment
Installing an Application
Configuring Terminal Services Licensing
Terminal Services Administration
Terminal Services ManagerConnecting to a sessionDisconnecting a sessionLogging off a sessionResetting a sessionViewing session informationSending a message to a userTaking control of a sessionTerminal Services ConfigurationCreating a new connectionCapping Terminal Services connectionsEncryption levelsRemote control permissionsConnecting to drives and printersSession device mappingDefault Terminal Services permissionsEnsuring RPC-based security
Command-Line Management
11. Communications and Networking
Dynamic Host Configuration ProtocolHow It WorksInstalling a DHCP ServerCreating a New DHCP ScopeAuthorizing a DHCP ServerReservationsUnderstanding ClassesSuperscopesConflict DetectionDHCP Implications for DNS
Virtual Private Networks
How It WorksConfiguring the Routing and Remote Access ServerGranting access to usersAuthentication and Encryption Methods
IP Security
How IPSec Policies WorkDeconstructing an IPSec policyCreating an IPSec PolicyIPSec Caveats
Network Access Quarantine Control
How It WorksA Step-by-Step Overview of NAQCDeploying NAQCCreating quarantined resourcesWriting the baselining scriptInstalling the listening componentsCreating a quarantined connection profileDistributing the profile to remote usersConfiguring the quarantine policyCreating exceptions to the rule
Conclusion
12. Clustering Technologies
Network Load-Balancing ClustersNLB TerminologyNLB Operation Styles and ModesSingle card in each server in unicast modeMultiple cards in each server in unicast modeSingle card in each server in multicast modeMultiple cards in each server in multicast modePort RulesCreating an NLB ClusterAdding Other Nodes to the ClusterRemoving Nodes from the ClusterPerformance Optimization
True Server Clusters
Cluster TerminologyTypes of ResourcesPlanning a Cluster SetupCreating a True Server ClusterAdding a Node to an Existing ClusterCreating a New Cluster GroupAdding a Resource to a GroupUsing the Cluster Application WizardConfiguring Failover and FailbackFailoverFailback
Conclusion
13. Other Windows Server 2003 Services
The Indexing ServiceHow the Indexing Service WorksPerformance ConsiderationsCommon Administrative TasksAdministering a catalogCreating a catalogConfiguring a catalogSelecting a directory and locationThe property cacheInitiating scansIndexing new web sitesIndexing PDF filesControlling mergesRunning and configuring queriesAdjusting performance optionsConfiguring performance within the Indexing ServiceMonitoring performance using the Performance Monitor
The Microsoft Message Queue
Communications with MSMQMSMQ AdministrationInstalling MSMQFinding an MSMQ serverSetting a maximum message sizeEnabling and disabling journalsLimiting journal sizeFinding a queueDeleting a queueViewing the properties of a messageDeleting all messagesCreating routing linksConfiguring routing linksCreating foreign sitesIssues with MSMQ and FirewallsMore Resources
Feature Packs and Add-Ons
Active Directory Application ModeAutomated Deployment ServicesDSML Services for WindowsIdentity Integration Feature PackRemote Control Add-On for Active Directory Users and ComputersWindows Rights Management ServicesMicrosoft Services for NetWare 5.03aWindows SharePoint ServicesWindows System Resource Manager
A. The Future of Windows Server 2003
Service Pack 1The Security Configuration WizardInstalling the SCWCreating a security policy with the SCW
Windows Server 2003 “R2”
Index
Colophon

Content preview from Learning Windows Server 2003

Chapter 1. Introducing Windows Server 2003

It all started with Windows NT, Microsoft’s first serious entry into the network server market. Versions 3.1 and 3.5 of Windows NT didn’t garner very much attention in a NetWare-dominated world because they were sluggish and refused to play well with others. Along came Win000dows NT 4.0, which used the new Windows 95 interface (revolutionary only to those who didn’t recognize Apple’s Macintosh OS user interface) to put a friendlier face on some simple yet fundamental architectural improvements. With Version 4.0, larger organizations saw that Microsoft was serious about entering the enterprise computing market, even if the product currently being offered still was limited in scalability and availability. For one, Microsoft made concessions to NetWare users, giving them an easy way to integrate with a new NT network. The company also included a revised security feature set, including finely grained permissions and domains, which signified Microsoft considered enterprise computing an important part of Windows.

After a record six and one-half service packs, NT 4.0 is considered by some to be the most stable operating system ever to come out of Redmond. However, despite that, most administrators with Unix experience required an OS more credible in an enterprise environment—one that could compare to the enormous Unix machines that penetrated that market long ago and had unquestionably occupied it ever since. It wasn’t until February 2000, when ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Windows Server 2008: The Definitive Guide

Publisher Resources

ISBN: 0596006241Catalog Page Errata

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Learning Windows Server 2003

by Jonathan Hassell

Chapter 1. Introducing Windows Server 2003

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.