Transcript Windows 2000 Server Administration Parts 1-3

Microsoft Windows Overview
Tyronne Nash
Perry Holloway
William Wright
Overview
Evolution of Windows
DOS extensions
GUI front-end styles
Operating system
Server platforms
File systems
Overview (cont)
Windows 2000 design goals
Windows 2000 basic install
Windows 2000 Registry
Sources for some of the historical information and images:
http://www.microsoft.com/windows/winhistorydesktop.mspx
http://toastytech.com/guis
1985
Windows 1.0
Extension to DOS
GUI front end
Added use of mouse
Task manager
Used underlying DOS
Windows 1.0
1987
Windows 2.x
Windows /386
Overlapping Windows
VGA
DDE
Used underlying DOS
Theme used: “MS Eye Bleeder”
1990
Windows 3.x (WIN3.x)
32 bit processing
File Manager
Print Manager
Presentation Manager
Modular Virtual device drivers (VxDs)
Use of extended memory
Used underlying DOS
1993
Windows for Workgroups 3.11 (WFW)
Native networking support
RAS
Used underlying DOS
1993
Windows NT 3.1 (WINNT)
Windows Advanced Server 3.1
Designed to be application server
Client /server
Microsoft Mail
Network management
(Security, Sever management)
1993
Windows NT Workstation 3.5 (WINNT WS)
Open GL
Long file names
1994
Windows NT server 3.5
(based on NT Server 3.1)
1995
WINNT 3.51
Minor server upgrade release
Windows 95 (WIN95)
Integrated 32 bit TCP/IP stack
Plug and Play (PnP)
Attempt to add security
WIN95
Security ??
Multiple logons
Use of ESC key will bypass login process
Policy editor (POLEDIT)
Note: this not well documented
Still able to drop to DOS and the machine is yours
1996
WINNT WS 4.0
Added the W95 interface
WIN95 OEM Service Release 2 (OSR2)
FAT32 introduced
Bugfix
1996
WINNT 4.0
Full 32 bit OS
Look and feel of WIN95
1997
NT Server Enterprise Edition (EE)
Scaled up server for corporate clients with large networks
1998
NT Server Terminal Server (TS)
The NT product line was renamed to Windows 2000
Windows 98
USB support
1999
WIN98 Second Edition (SE)
Fixed must of the bugs in WIN98
Networking support for home users
2000
Windows Millennium Edition (WIN ME)
System Restore
Windows 2000 Professional W2K Pro)
Based on NT code
2000 (cont)
USB Firewire
Added support for Kerberos protocol
NTFS 5.0
Encrypting file system (EFS)
2001
Windows XP Professional
WINNT and WIN9X derivatives combined into one
code base
Windows XP Home
Easier networking
No Domain authentication
File systems
FAT12 and FAT16 (FAT)
FAT
FAT started with DOS
Max size 32MB
Can be read by all Windows operating systems
File systems (cont)
FAT32
Started with WIN95 OSR2
Max size 2 terabytes
Supported size is much less
Can be read by all WIN9X, WIN ME, W2K and WIN XP
File systems
NTFS
Max size can more than 2TB
NTFS 5.0 supports EFS
Can be read by W2K, WIN XP, maybe WINNT 4.0 SP4
Window 2000 Design Goals
Windows NT
Compatibility
Reliability
Extensibility
Scalability
Distributability
Certifiability
Windows 2000
Internet Standardization
Ease of Administration
Scalability
Security
Performance
Reliability
Internet Standardization
Was a new focus because of the growth of the internet
Increased support for the open Standards
Networking is improved ( added new Microsoft Management Console (MCC)
administrative interfaces) (TCP/IP network services have been improved and
updated)
Support for the Layer 2 Tunneling Protocol (L2TP) (industry standard Internet
protocol used for building Virtual Private Networks (VPN)) (Builds secure tunnels
across internetworks) (can Leverage public key certificates and IP Security)
Supports IP Security, Kerberos, and PKI (public key infrastructure)
Most important addition is the Active Directory
Supports Lightweight Directory Access Protocol (LDAP) – Specifies the way
clients and servers exchange directory information
Ease of Administration
Has Support for many Items
Improved management infrastructure
Microsoft Management Console
Windows Management
Active Directory and Group Policy
Component Object Model
Windows Driver Model
Plug and Play and Advanced Configuration and Power Interface
Quality of Service
Ease of Administration – Cont.
Total Cost of Ownership
IntelliMirror
User Document Management
User Setting Management
Software installation
Remote Installation Services
Group Policy
Scalability
One that will run on many hardware environments
Provides multi-platform support through its layered, microkernel architecture and
use of the Hardware Abstraction Layer (HAL)
Two different security models – the workgroup and domain models
Security
Built in support for certification authorities and smart cards, as well as the
standards-based Kerberos authentication protocol
Active Directory – Cornerstone – its granular access control, inheritance, and
delegation of administrative tasks gives you the flexibility to secure resources without
compromising you network’s purpose
Key Improvements
Security Configuration Editor (SCE)
Security Configuration Manager (SCM)
Windows 2000 Authentication
Public Key Cryptography
Performance
Microsoft distributed file system (Dfs) allows shares to be mirrored between file
servers and enables clients to automatically choose the closest server
Reliability
Error and exception handling – uses structured exception handling for
capturing error conditions and responding uniformly.
Component Redundancy – provides reliability by providing redundant systems
that protect the computer when a single component fails
IntelliMirror – users will never lose access to their most critical network
documents, application, and desktop settings because of this
Installing Window 2000
Step One
Make sure that your system meets all the System requirement
Device are in the Hardware Compatibility List
Pentium 166 or greater with 64 MB of memory
At least 650 MB of hard drive space
Step Two
Insert the Window 2000 CD into the CD-ROM and run the WINNT or
WINNT32 program from the disk
Or simply reboot the machine if it is capable of booting from the CD_ROM
Step Three
Windows 2000 Setup
It tells you what it believes you have on the system such as: type of
PC, Video Card, Keyboard, Mouse, etc
It sets you video card to the VGA mode. It is a good idea to keep
this until the installation is complete so to avoid loading the wrong video
card, and thus having to start over.
Step Four
Disk Partition
At this point of the installation it will ask you to tell it what partition on the
harddrive to install it on
Disk Partition - Cont
Import to choose the correct partition especially if it is going on a
dual boot machine
It is a good Idea to know what kind of partition to use. NTFS or
FAT32. NTFS is more secure and allows file-level security. Its downfall
is that it cannot use DOS Based, low-level utilities to read or manipulate
the drive. If you have these issue one resolution is when you partition the
drive to make a small FAT32 Partition
Step Four
Ask you to personalize your copy with your name and company name. This is
optional
Step Five
Ask you to pick the Licensing option you are going to use when installing Windows
Server 2000
Per Seat
Per Server
It requires you to make the decision however it will allow you to change it one
time
Step Six
It next ask to create the Emergency Repair Disk
Gives windows enough information to bring up your system based on the last
time you updated the disk
Stores the critical system configuration files needed to recover Window 2000
Needs to be updated regularly – Start + Programs + Accessories + System
Tools + Backup
Good idea to do every time you make major changes
Step Seven
Network Setup
During the network setup Window 2000 will do the following
Connecting to the network – it will ask you if the computer will participate on
a network or Wired to the network
Network Setup – Cont
Installing the Network Card
Installing Protocols - It automatically assumes you want NetBeui,
TCP/IP, and IPX/SPX
Step Eight
Service Installation
Internet Information Server
Gateway Services for Novell
DNS and DHCP Server
Remote Access Service (RAS)
TCP/IP and SNMP
Step Nine
Security
Need to tell the machine is joining a workgroup or domain
Windows 2000 server and workstations must be granted access to join a
domain
Very secure machine – It needs to validate all other machines in the
network.
Step Ten
Setting the Time Zone and Rebooting
Registry
2000 Registry – Was created to improve the configuration mess
Windows 2000 Tries to improve on the configuration mess with the Registry
It is one big, central, secure database containing all the configuration information
about the server, its applications, and its users
Describes the hardware configuration, installed system and application software,
user and group account security, desktop settings and profiles, file association, and
applications supporting object Linking and Embedding (OLE)
Can be modified by the configuration tools in control panel, the windows 2000 setup
applet, Active Directory Users and computers, third-party configuration tools, and soft
ware installation procedures
A Database containing configuration data for application, hardware, and device
drivers, as well as data on network protocols and adapter card settings.
Changing the Registry
Can be do by Administrative tools directory, applications within Control Panel, or
by opening up Registry Editor and Manually changing fields values
It is a good idea to save your registry before you make any changes manually
so that you can reverse it at anytime if something goes wrong.
This can be do by going to start, run and typing regedt32.
Benefits to the Administrator
Collects all configuration information while accommodating the data and storage
needs of system components
Allows discretionary access control to local and remote configuration data. Can be
protected by Access Control List (ACL)
Records and preserves security and desktop information on an individual basis.
Use it to determine all the hardware components installed on a local or remote system,
the BIOS revision levels for motherboards and video adapters, the numbers and types of
SCSI adapters, the devices installed on each adapter, and IRQ and base address and DMA
channel assignments for specific components
Contains the Following Types of configuration information
AUTOEXEC.BAT,CONFIG.SYS,
WIN.INI,
SYSTEM.INE,
CONTROL.INI, LANMAN.INI, PROTOCOL.INI and miscellaneous INI files
Device Driver Data
Network Protocols and Network Adapters
Component and Application that use the Registry
Setup
Hardware Detector
Windows 2000 Kernel
Device Drivers
Administrative tools
HKEY_LOCAL_MACHINE
This is where the system stores hardware, software, and security information
Hardware and operating system data such as bus type, system memory, device
drivers, and startup control data
Five main KEYS
HKEY_LOCAL_MACHINE\HARDWARE
Describes the physical hardware in the computer, the way that device drivers use the
hardware, and mappings and related data that link kernel mode drivers with various user
mode code
All information in it is volatile, meaning that the settings are recomputed each time
the system is started and then discarded when the system is shut down
Description Key – describes the actual computer hardware – the make of the
motherboard, type of video adapter, SCSI adapters, serial ports. Parallel ports, sound
cards, network adapters, and so on
Device Map Key – contains miscellaneous data in formats specific to particular
classes of drivers
Resource Map Key – describes which device drivers claim specific hardware
resources
HKEY_LOCAL_MACHINE\SAM
HKEY_LOCAL_MACHINE\SECURITY
Has no visible information – the point to set security policies such as specific user
rights, as well as information for user and group accounts and for the domains in Window
2000 Server
HKEY_LOCAL_MACHINE\SOFTWARE –
Contains data about software installed on the local computer, along with miscellaneous
configuration data
HKEY_LOCAL_MACHINE\SYSTEM
Controls system startup, device driver loading, W2K services, and operating system
behavior
Describes bootable and nonbootable configuration in a group of ControlSets, where each
ControlSet represents a unique configuration
HKEY_CLASSES_ROOT
Contains information on file associations and data required to support
Microsoft’s Object Linking and Embedding technology
Provides information on filename-extension association and OLE that can be
used by Windows shell application and OLE applications
HKEY_USERS
Information about active users
Includes Profiles on any user who has local access to the system, including
environment variables, personal program groups, desktop settings, network
connections, printers, and application preferences
It contains a default profile for user that have never logged on
Security ID for other users
HKEY_CURRENT_USER
Contains the user profile for the person currently logged onto the machine
User’s profile groups, desktop settings, printers, application preferences, and
network connections
HKEY_CURRENT_CONFIG
Contains
the
configuration
configuration you booted with
information
for
the
particular
hardware
Event Viewer
Events are significant occurrences in the
operating system (power interruption, hard
drive out of free space)
Viewed with Event Viewer
Three main types of event logs
Application – e.g., database query malformed
Security – e.g., all attempted logins
System – e.g., modem failure
Logging Information
Logs are stored in
\SystemRoot\SYSTEM32\CONFIG
Events can be filtered by many criteria
Three types of log entries:
Information – Successful events, failed events or
both
Warning – Irregular event that doesn’t affect system
Error – A failed event or network error
Security Events
Enabled in Group Policy Editor
Logon and logoff
File and object (applications) access (including
attempts at accessing restricted files)
User and group management
Security policy changes
Restart, shutdown
Process tracking – enable only when
absolutely necessary!
Sample Error Event
Encrypting File System (EFS)
Allows encryption of files and directors to
be transparent to user and applications
Deters “back door” methods of accessing
NTFS partitions via boot disks or other
operating systems
Brief Summary of Inner Workings
Each file has a randomly generated number
called the File Encryption Key (FEK)
FEK used to encrypt file with DESX
User’s public RSA key encrypts FEK
Encrypted FEK appended to end of file
Private RSA keys can be stored on smart
cards or disk (not recommended)
W2K Command Line Magic
Start -> Run -> CMD
Command buffer accessible by pressing up and down
arrows
Auto complete directories by pressing TAB
Surround files or directories with spaces in doublequotation marks (e.g., “My Documents”)
Commands can be used in batch files or login scripts
“Help” command displays list of all W2K commands,
“command-name /?” displays help for specific
command
ipconfig
Displays IP and ARP (Address Resolution
Protocol) information
Renews, releases DHCP IP licenses
Works on devices similar to Linux’s eth0 but
without obfuscated names, e.g., “Ethernet 3COM”
or “Local Area Connection 1”; wildcards * and ?
Accepted
Works on all interfaces to the computer (serial,
parallel)
arp
Displays the ARP table on the machine
If connectivity problems exist between two
machines, running arp on both machines
and comparing the MAC (unique 6x16-bit
addressed stored in network interface card)
values for the two machines might gives
clues as to why the two machines can’t see
one another
nbtstat and netstat
Displays network usage statistics including
bytes received and sent, errors
Displays list of ports open and what
connections to and from the machine exist
nbtstat gives statistics for connections using
NetBios over TCP/IP (a.k.a. NBT)
netstat gives statistics from a network
adapter on a local or remote machine
route
Views and modifies the route table
If a better route is known by a network
administrator between two hosts, the admin
can add this route to the route table.
ping
Ping, or Packet InterNet Gopher, is a
TCP/IP utility
Sends a message to a specified host, waits
for a reply
Useful for checking if a host can be
accessed and the latency between two hosts
tracert – the funnest command of all
Displays the route a packet will take when
transferring from your machine to the
specified IP
Displays latency/ping at each step along the
route
Useful for determining network bottlenecks
between key servers
net
accounts – modifies password restrictions, synchronizes user accounts database
computer – adds or deletes computers from a domain
config – views and allows certain modifications to how a computer behaves on the
network (e.g., max users connected)
continue – restarts a paused service
file – find out if a specified file is open and who is using the file
name – sends a message to the specified computer on the network
pause – pauses a service
print – gets a list of jobs current printing, deletes a specified job
session – displays information about connections between a W2K server and a client,
disconnect a specified machine from the server
share – shares files, directories over the network
start – displays list of available services to run, starts the specified service
statistics – displays statistics about clients connected to a server
time – synchronizes the clock to a specified machine’s clock
use – maps network drives
user – adds, edits and deletes user accounts
view – displays a list of network resources
Beyond Windows XP
Fleetwood Mac or Microsoft?
Stevie Nicks