book

Windows Server Cookbook

Name: Windows Server Cookbook
Author: Robbie Allen
ISBN: 9780596552602

by Robbie Allen

March 2005

Intermediate to advanced

698 pages

19h 13m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Windows Server Cookbook
Dedication
Foreword
Preface
Who Should Read This BookWhat’s in This BookConventions Used in This BookUsing Code ExamplesSafari EnabledWe’d Like to Hear from YouAcknowledgments
1. Introduction
1.1. Approach to the Book1.2. Where to Find the Tools1.3. Running Tools with Alternate Credentials1.4. A Brief Word on Windows Scripting1.5. Getting the Most Out of Your Scripts1.6. Where to Find More Information
2. System Configuration
Introduction2.1. Activating Windows Server 20032.2. Configuring Automatic Updates2.3. Disabling Windows Update2.4. Installing or Uninstalling a Windows Component2.5. Installing an Application or Service Pack via Group Policy2.6. Viewing System Properties2.7. Setting the System Time, Date, and Time Zone2.8. Setting the Name of a Server2.9. Joining a Server to a Domain2.10. Testing and Resetting the Secure Channel2.11. Viewing and Setting Environment Variables2.12. Configuring Page Files2.13. Putting System Information on the Desktop2.14. Configuring System Startup Options2.15. Configuring System Failure Options2.16. Viewing System Uptime2.17. Disabling the Manage/Configure Your Server Screen2.18. Disabling Shutdown Tracker2.19. Restarting or Shutting Down a Server
3. Disks, Drives, and Volumes
Introduction3.1. Viewing the Disk, Drive, and Volume Layout3.2. Converting a Basic Disk to Dynamic3.3. Enabling Disk Performance Statistics3.4. Formatting a Volume3.5. Setting the Drive Letter of a Volume3.6. Setting the Label of a Volume3.7. Cleaning Up a Volume3.8. Defragmenting a Volume3.9. Compressing a Volume3.10. Checking a Volume for Errors3.11. Making a Disk or Volume Read-Only3.12. Mapping a Network Drive3.13. Creating a Virtual Drive to Another Drive or Folder3.14. Finding Large Files and Folders on a Volume3.15. Enabling Disk Quotas3.16. Configuring a Disk Quota for a User3.17. Viewing Disk Quota Usage
4. Files, Folders, and Shares
Introduction4.1. Creating and Deleting a File4.2. Creating and Deleting a Folder4.3. Undeleting a File4.4. Securely Deleting a File4.5. Viewing the Properties of a File or Folder4.6. Creating a Shortcut4.7. Creating a Link or Junction Point4.8. Creating a Program Alias4.9. Searching for Files or Folders4.10. Copying, Moving, or Renaming a File or Folder4.11. Comparing Files or Folders4.12. Hiding a File or Folder4.13. Making a File or Folder Read-Only4.14. Compressing a File or Folder4.15. Encrypting a File or Folder4.16. Replacing a File That Is in Use4.17. Taking Ownership of a File or Folder4.18. Finding Who Last Opened or Modified a File4.19. Finding Open Files4.20. Finding the Process That Has a File Open4.21. Viewing File Activity4.22. Performing an Action on Several Files at Once4.23. Creating and Deleting Shares4.24. Viewing Shares4.25. Restricting Access to a Share4.26. Enabling Web Sharing4.27. Publishing a Share in Active Directory
5. Running and Scheduling Tasks
Introduction5.1. Running a Task with Alternate Credentials5.2. Running a Task on a Remote Server5.3. Running a Task When a User Logs On5.4. Running a Task via a Login Script5.5. Running a Task via Group Policy5.6. Listing Automatic Tasks5.7. Scheduling a Task5.8. Deleting a Scheduled Task5.9. Listing the Scheduled Tasks
6. Processes
Introduction6.1. Setting the Priority of a Process6.2. Suspending a Process6.3. Killing a Process6.4. Viewing the Running Processes6.5. Searching Processes6.6. Finding the Services Run from a Process6.7. Viewing the Properties of a Process6.8. Viewing the Performance Statistics of a Process6.9. Viewing the DLLs Being Used by a Process6.10. Viewing the APIs Called by a Process6.11. Viewing the Handles a Process Has Open6.12. Viewing the Network Ports a Process Has Open6.13. Script: Process Doctor6.14. Script: Process Terminator

7. Services
Introduction7.1. Starting and Stopping a Service7.2. Running Any Program or Script as a Service7.3. Removing a Service7.4. Setting the Service Startup Type7.5. Setting the Service Account and Password7.6. Performing an Action Automatically When a Service Fails7.7. Viewing the List of Services7.8. Searching Services7.9. Finding the Process a Service Is Running From7.10. Viewing the Antecedent and Dependent Services for a Service7.11. Viewing the Service Load Order7.12. Viewing the Startup History of a Service7.13. Granting the Permission to Manage One or More Services7.14. Script: Robust Service Restart7.15. Script: Service Monitor
8. Event Logs
Introduction8.1. Creating an Event8.2. Viewing Events8.3. Creating a New Event Log8.4. Viewing the Size of an Event Log8.5. Setting the Maximum Size of an Event Log8.6. Setting the Event Log Retention Policy8.7. Clearing the Events in an Event Log8.8. Restricting Access to an Event Log8.9. Searching an Event Log on a Server8.10. Searching the Event Logs on Multiple Servers8.11. Archiving an Event Log8.12. Finding More Information About an Event8.13. Triggering an Action When an Event Occurs8.14. Script: Event Watcher
9. Registry
Introduction9.1. Creating and Deleting a Key9.2. Setting a Value9.3. Setting Keys or Values Using Group Policy9.4. Exporting Registry Files9.5. Importing Registry Files9.6. Searching the Registry9.7. Comparing the Registry9.8. Restricting Access to the Registry9.9. Backing Up and Restoring the Registry9.10. Creating a Registry Link9.11. Setting the Maximum Registry Size9.12. Monitoring Registry Activity9.13. Viewing Processes That Have a Registry Key Open
10. Network Configuration
Introduction10.1. Viewing the Network Configuration10.2. Disabling a Connection10.3. Configuring an IP Address10.4. Renewing or Releasing a DHCP IP Address10.5. Configuring DNS Settings10.6. Registering DNS Records or Flushing the DNS Cache10.7. Finding a Computer’s Active Directory Site10.8. Managing Routes10.9. Viewing the Open Ports and Connections10.10. Troubleshooting Network Connectivity Problems10.11. Viewing Network Traffic10.12. Configuring TCP/IP Filtering10.13. Measuring Link Speed and Latency Between Two Hosts10.14. Installing the IPv6 Stack
11. Security Best Practices
Introduction11.1. Analyzing Your Security Configuration11.2. Enabling Auditing11.3. Renaming the Administrator and Guest Accounts11.4. Disabling or Removing Unused Accounts, Services, and Software11.5. Enabling Screensaver Locking11.6. Disabling Storage of the LM Password Hash11.7. Requiring Strong Passwords11.8. Getting Notified of New Security Vulnerabilities11.9. Script: Mass Admin Password Changer
12. Internet Information Services 6.0
Introduction12.1. Installing IIS12.2. Stopping and Starting IIS12.3. Creating Web Sites12.4. Hosting Multiple Web Sites12.5. Creating Virtual Directories12.6. Configuring Web Permissions12.7. Configuring IP Address and Domain Name Restrictions12.8. Configuring Web Site Authentication12.9. Obtaining and Installing SSL Certificates12.10. Enabling SSL on a Web Site12.11. Backing Up SSL Certificates12.12. Configuring Web Site QoS Settings12.13. Configuring Web Site Logging12.14. Configuring Web Site Redirection12.15. Enabling Direct Metabase Editing12.16. Backing Up and Restoring the Metabase12.17. Exporting and Importing the Metabase12.18. Enabling Dynamic Content12.19. Creating Application Pools12.20. Configuring Application Pool Identities12.21. Creating Applications12.22. Isolating Applications into Pools12.23. Configuring Application Pool Recycling12.24. Creating FTP Sites12.25. Configuring FTP Authentication12.26. Configuring FTP User Isolation
13. Domain Name System (DNS)
Introduction13.1. Installing the DNS Server13.2. Starting and Stopping the DNS Server13.3. Modifying DNS Server Configuration13.4. Creating a Zone13.5. Viewing a DNS Server’s Zones13.6. Converting a Zone to an Active Directory-Integrated Zone13.7. Moving Active Directory-Integrated Zones into an Application Partition13.8. Creating a Stub Zone13.9. Configuring Conditional Forwarding13.10. Configuring Zone Transfer13.11. Creating and Deleting Resource Records13.12. Querying Resource Records13.13. Scavenging Old Resource Records13.14. Clearing the DNS Cache13.15. Enabling DNS Server Debug Logging13.16. Viewing DNS Server Utilization Statistics13.17. Preventing Cache Pollution on DNS Servers13.18. Preventing Windows Clients from Attempting Dynamic Updates13.19. Script: DNS Server Configuration Checker
14. DHCP Server
Introduction14.1. Installing DHCP Server14.2. Authorizing a DHCP Server14.3. Configuring Server Options14.4. Enabling Address Conflict Detection14.5. Creating a Scope14.6. Creating a Superscope14.7. Activating or Deactivating a Scope14.8. Configuring Scope Options14.9. Enabling Dynamic DNS Updates from the DHCP Server14.10. Managing the Leases for a Scope14.11. Creating a Reservation14.12. Enabling DHCP Audit Logging14.13. Modifying the DHCP Database and Audit Log Paths14.14. Backing Up the DHCP Database14.15. Restoring the DHCP Database14.16. Importing and Exporting DHCP Server Configuration14.17. Viewing DHCP Utilization Statistics14.18. Finding the DHCP Servers on a Subnet14.19. Running DHCP Server on a Domain Controller
15. Active Directory
Introduction15.1. Creating a New Active Directory Forest15.2. Promoting a Domain Controller from Media15.3. Uninstalling Active Directory15.4. Upgrading from Windows 2000 to Windows Server 200315.5. Raising the Functional Level15.6. Backing Up Active Directory15.7. Restoring Active Directory15.8. Searching for Objects in a Domain15.9. Creating an Object15.10. Modifying an Object15.11. Moving an Object15.12. Moving an Object to a Different Domain15.13. Renaming an Object15.14. Deleting an Object15.15. Exporting and Importing Objects Using LDIF or CSV15.16. Finding the Closest Domain Controller15.17. Enabling and Disabling the Global Catalog15.18. Finding the FSMO Role Holders15.19. Transferring or Seizing a FSMO Role15.20. Creating and Removing a Trust15.21. Viewing the Trusts for a Domain15.22. Verifying and Resetting Trusts15.23. Enabling Diagnostics Logging15.24. Script: Displaying the Structure of a Forest
16. Domain User, Group, and Computer Accounts
Introduction16.1. Creating a User Account16.2. Creating a Large Number of Users16.3. Modifying an Attribute for Several Users at Once16.4. Unlocking a User16.5. Troubleshooting Account Lockout Problems16.6. Viewing and Modifying the Account Lockout and Password Policies16.7. Enabling and Disabling a User Account16.8. Setting a User’s Password16.9. Setting a User’s Account Options16.10. Setting a User’s Profile Attributes16.11. Finding a User’s Last Logon Time16.12. Creating a Group Account16.13. Viewing the Members of a Group16.14. Viewing a User’s Group Membership16.15. Adding and Removing Members of a Group16.16. Changing the Scope or Type of a Group16.17. Creating a Computer Account16.18. Joining a Computer to a Domain16.19. Renaming a Computer16.20. Resetting a Computer Account
17. Exchange Server 2003
Introduction17.1. Preparing Active Directory for Exchange17.2. Installing the First Exchange Server17.3. Installing Additional Exchange Servers17.4. Installing an Exchange Service Pack17.5. Creating Unattended Installation Files for Exchange and Exchange Service Pack17.6. Installing Exchange Management Tools17.7. Delegating Exchange for the First Time17.8. Stopping and Starting Exchange Server17.9. Mail-Enabling a User17.10. Mail-Disabling a User17.11. Mailbox-Enabling a User17.12. Deleting a User’s Mailbox17.13. Purging a Deleted Mailbox17.14. Reconnecting a Deleted Mailbox17.15. Enumerating Disconnected Mailboxes17.16. Moving a Mailbox17.17. Viewing Mailbox Sizes and Message Counts17.18. Mail-Enabling a Contact17.19. Mail-Disabling a Contact17.20. Creating a Mail-Enabled Distribution List17.21. Creating a Query-Based Distribution List17.22. Creating an Address List17.23. Creating a Recipient Policy17.24. Creating a Storage Group17.25. Creating a Mailbox Store17.26. Listing Domain Controllers and Global Catalog Servers Used by an Exchange Server17.27. Mounting and Dismounting Mailbox Stores
A. Introduction to WSH
A.1. How to Write ScriptsA.2. WSH 2.0 Versus 5.6
B. Introduction to WMI
B.1. Referencing an ObjectB.2. Enumerating Objects of a Particular ClassB.3. Searching with WQLB.4. Authentication with WMI
C. Introduction to ADSI
C.1. Objects and InterfacesC.2. Namespaces, ProgIDs, and ADsPathsC.3. Retrieving Objects
D. List of Default Environment Variables
E. List of Default Processes
F. List of Default Services
Index
About the Author
Colophon
Copyright

Content preview from Windows Server Cookbook

Chapter 16. Domain User, Group, and Computer Accounts

Introduction

The three most common types of objects you’ll need to manage in an Active Directory forest include users, groups, and computers. You’ll need to create user objects to represent the employees, customers, or students in your environment. It is important to understand how to properly configure and automate the management of user objects so you can cut down on much of the day-to-day tasks required to support these objects.

A group is a simple concept that has been used in many different types of systems over the years. In generic terms, a group is just a collection of things. Groups are used most frequently in a security context whereby you set up a group of users and apply certain permissions or rights to that group. Using a group is much easier when applying security than using individual users because you have to apply the security only once instead of once per user.

In Active Directory, groups are flexible objects that can contain virtually any other type of object as a member. Active Directory groups can be used for many different purposes including controlling access to resources, defining a filter for the application of group policies, and as an email distribution list.

The scope and type of a group defines how the group can be used in a forest. The type of a group can be either security or distribution. Security groups can be used to restrict access to resources whereas distribution groups can be used only as a ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Windows Server 2019 Cookbook - Second Edition

Publisher Resources

ISBN: 0596006330Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Windows Server Cookbook

by Robbie Allen

Chapter 16. Domain User, Group, and Computer Accounts

Introduction

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.