Transcript Chapter One

Chapter Eight
Network Operating
Systems and Windows
2000-Based Networking
Objectives
Discuss the functions and features of a networking
operating system
Define the requirements for a Windows 2000
network environment
Describe how a Windows 2000 server fits into an
enterprise-wide network
Objectives
Perform a simple Windows 2000
Server installation
Manage simple user, group, and rights
parameters in Windows 2000 Server
Understand how Windows 2000
Server integrates with other popular
network operating systems
Introduction to Network Operating
Systems
Selecting a network operating system




Is it compatible with existing infrastructure?
Will it provide the security required by the
network’s resources?
Can the technical staff manage it effectively?
Will existing applications run smoothly on it?
Introduction to Network Operating
Systems
Selecting a network operating system
(cont.)




Will it accommodate future growth (that is, is it
scalable)?
Does it support additional services the
network’s users require?
How much does it cost?
What type of support can be expected from
the manufacturer?
Network Operating Systems
and Servers
How many clients will connect to the
server?
What kind of applications will run on the
server?
How much storage space will each user
need?
How much down time is acceptable?
What can the organization afford?
Network Operating System
Services and Features
Client support





Creating client accounts and enabling them to
connect to the network
Managing client accounts
Enabling clients to share resources
Managing client access to shared resources
Enabling clients to communicate with other
clients
Client/Server Communication
Redirector

Service that runs on a client workstation and
determines whether the client’s request
should be handled by the client or the server
Authentication

Process whereby a network operating system
verifies that a client’s user name and
password are valid and allows the client to log
onto the network
Client/Server Communication
Figure 8-1: A client connecting to a network operating system
Client/Server Communication
Middleware

Software that sits between the client and
server in a 3-tier architecture
Thin client

Type of software that enables a client to
accomplish functions over a network while
utilizing little of the client workstation’s
resources and, instead, relying on the server
to carry the processing burden
Client/Server Communication
Figure 8-2: Middleware between clients and a server
Users and Groups
To more easily manage network access, you can
combine users with similar needs and
restrictions into groups
Table 8-1: Providing security through groups
Directories
Directory

List that organizes resources and associates
them with other properties, or characteristics
Object

Representation of a thing or person
associated with the network
Attributes

Properties associated with an object
Directories
Containers

Logically defined receptacles that serve only
to assemble similar objects
Account

The record of a user that contains all of his or
her properties
Tree

Logical representation of multiple, hierarchical
levels in a directory
Directories
Figure 8-3: A directory tree
Directories
Figure 8-4: Two possible tree for the same organization
File System
An operating system’s method of organizing,
managing, and accessing its files through
logical structures and software routines
Be careful not to confuse file systems with
directories


A file system interacts with the operating system
A directory organizes files so that a user can find
them on a hard disk
FAT (File Allocation Table)
FAT (File Allocation Table)

Original PC file system designed in the 1970s
to support floppy disks and, later, hard disks
FAT16

File system designed for use with early DOSand Windows-based computers
FAT32

Enhanced version of FAT16 that
accommodates the use of longer filenames
and smaller allocation units on a disk
Significant FAT16
Characteristics
Partitions or files cannot exceed 2 GB
(when used with Windows 2000 file
system, cannot exceed 4 GB)
Uses 16-bit fields to store file size
information
Without additional utilities, supports only
filenames with maximum of eight
characters in the name and three in the
extension
Significant FAT16
Characteristics
Characterizes files on a disk as Read, Write,
System, Hidden, or Archive
A FAT16 drive stores data in noncontiguous
blocks and uses links between fragments to
ensure that data belonging to the same file, for
example, can be pieced together when the file is
requested by the operating system
Because of its low overhead, it can write data to
a hard disk very quickly
Significant FAT32
Characteristics
Uses 28-bit fields to store file size information
Supports long filenames
Theoretically supports partitions up to 2
Terabytes in size
Partitions can be easily resized without
damaging data
Provides greater security than FAT16
Supported by Windows 9x, Windows Me, and
Windows 2000
HPFS
High-Performance File System
File system originally designed for IBM’s
OS/2 operating system
Offers greater reliability and efficiency than
FAT
Supports extended attributes
Sharing Applications
One significant advantage of the client/server
relationship is the ability to share resources
Shared applications are often stored on a file
server specifically designed to run applications
For some applications, you can purchase a site
license

For a fixed price, a site license allows any number of
users on one location to legally access that
application
Sharing Printers
Figure 8-5: Shared printers on a network
Sharing Printers
All NOSs can:







Create an object that identifies printer to rest of
network
Assign printer a unique name
Install drivers associated with printer
Modify printer attributes
Establish or limit access to printer
Remotely test and monitor functionality
Update and maintain printer drivers
Sharing Printers
Figure 8-6: NetWare printer identification screen
Sharing Printers
Printer queue

Logical
representati
on of
printer’s
input and
output
Figure 8-7: Client issuing a job to a networked printer
Managing System Resources:
Memory
Physical memory

Refers to (RAM) chips installed on computer’s system
board that provide dedicated memory to that machine
Virtual memory


Logically carved out of space on hard disk and added
to physical memory
Stored on hard disk as a page file (or swap file)
Paging

Process of moving pages between RAM and into a
page file on disk
Managing System Resources:
Multitasking
Multitasking

Ability of a processor to perform many
different operations in a brief period of time
Preemptive multitasking


Type of multitasking supported by NetWare,
UNIX, and Windows 2000
Performs one task at a time
Managing System Resources:
Multiprocessing
Process

Routine of sequential instructions that runs
until it has achieved its goal
Thread

Self-contained, well-defined task within a
process
Multiprocessing

Support and use of multiple processors to
handle multiple threads
Managing System Resources:
Multiprocessing
Symmetric multiprocessing

Splits all operations equally among two or
more processors
Asymmetric multiprocessing

Assigns each subtask to a specific processor
Introduction to Windows 2000
Server
Windows 2000 Server serves as a redesign and
enhancement of Windows NT Server

Windows NT was a popular NOS known for its intuitive
graphical user interface (GUI)
Windows 2000 Server carries on many of the
advantages of Windows NT Server, plus provides
additional features and capabilities (see next slide)
Windows 2000 Advanced Server offers same
benefits and features as Windows 2000 Server, but
adds support for clustering
Some Benefits of Windows
2000 Server NOS
Advanced system of organizing and managing
network objects, called Active Directory
Multiple, integrated Web services with easy to use
administrator interface
Support for great deal of RAM and multiple
processors
Support for multiple, modern protocols and security
standards
Excellent integration with other NOSs
Simple, centralized management of multiple clients
Flexible, customizable network management interface
Why Choose Windows 2000
Server?
Windows 2000 Server is a popular NOS
because it addresses most of a network
administrator’s needs very well
Its customizable graphical administrative
interface called, the Microsoft
Management Console (MMC), makes
Windows 2000 Server a simple operating
system to manage
Windows 2000 Server
Hardware
Important resource for determining what kind of Windows 2000
hardware to purchase is Microsoft’s Hardware Compatibility
List (HCL)
Table 8-2: Minimum hardware requirements for Windows 2000 Server
Windows 2000 Server Memory
Model
Figure 8-8: Viewing virtual memory
Windows 2000 File Systems
In addition to FAT, FAT32, and HPFS file
systems, Windows 2000 Server supports other
file systems, including:

CDFS (CD-ROM File System)
Used to read from and write to a CD-ROM disk

Universal Disk Format (UDF)
Another file system used on CD-ROM and DVD media

NTFS (New Technology File System)
Developed for Windows NT platform
With release of Windows 2000, Microsoft updated NTFS to
version 5
NTFS Features
Filenames can be maximum of 256
characters long
Stores file size information in 64-bit fields
Files or partitions can be as large as 16
exabytes
Required for Macintosh connectivity
NTFS Features
Incorporates sophisticated, customizable
compression routines
Keeps a log of file system activity to facilitate
recovery if a system crash occurs
Required for encryption and advanced access
security for files, user accounts, and processes
Improves fault tolerance through RAID and
system file redundancy
Microsoft Management Console
(MMC)
Tools added
to MMC
interface
are known
as snap-
ins
Figure 8-9: MMC Window
Active Directory
Schema

Set of
definitions of
kinds of objects
and information
associated with
those objects
that the Active
Directory
database can
contain
Figure 8-10: Active Directory and a simple user schema
Active Directory
Active Directory’s schema may contain
two types of definitions:

Classes
Also known as object classes
Identifies what type of objects can specified in
Active Directory

Attributes
Property associated with an object
Workgroups
Group of interconnected computers that share each
other’s resources without relying on a central server
Figure 8-11: A Windows workgroup network
Domains
Group of
users,
servers, and
other
resources that
share a
database of
account and
security
information
Figure 8-12: Multiple domains in one organization
Domains
Domain controller

Windows 2000 server that contains a replica
of the Active Directory
Member server

Does not hold directory information and,
therefore, cannot authenticate users
Replication

Process of copying Active Directory data to
multiple domain controllers
Domains
Figure 8-13: A Windows 2000 domain model network
Organizational Units
Container within
an NOS
directory used
to group objects
with similar
characteristics
or privileges
Figure 8-14: A tree with multiple domains and OUs
Trees and Forests
Domain tree



Group of hierarchically arranged domains that
share a common namespace in Windows 2000
Active Directory
At base of Active Directory tree is the root domain
From root domain, child domains branch out to
separate objects with the same policies
Forest

Collection of one or more domain trees
Trust Relationships
Relationship between two domains in
which one domain allows another domain
to authenticate its users
Active Directory supports two types of trust
relationships:


Two-way transitive trust
Explicit one-way transitive trust
Two-Way Transitive Trust
Security relationship
between domains in
same domain tree
in which one
domain grants
every other domain
in the tree access to
its resources and, in
turn, that domain
can access other
domains’ resources
Figure 8-15: Two-way trusts between domains in a tree
Explicit One-Way Transitive
Trust
Type of trust
relationship in
which two
domains that
belong to
different NOS
directory trees
are configured
to trust each
other
Figure 8-16: Explicit one-way trust between domains in different trees
Naming Conventions
Namespace

Refers to complete database of hierarchical names
used to map IP addresses to their hosts’ names
Each object on a Windows 2000 network can
have three different names:



Distinguished name (DN)
Relative distinguished name (RDN)
User principal name (UPN)
When creating a user account, user’s login name is added to
a UPN suffix
Naming Conventions
Figure 8-17: Distinguished name and relative distinguished name
Naming Conventions
Naming conventions used by Windows 2000
follow those specified in the Lightweight
Directory Access Protocol (LDAP)

LDAP is a protocol for accessing network
directories
In addition to a DN, RDN, and UPN, each
object has a globally unique identifier
(GUID)
Planning for Installation:
Preinstallation Decisions
How many, how large, and what kind of
partitions will the server requires?
What type of file system will the server
use?
What will the server’s name be?
Which protocols and network services
should the server use?
What will the Administrator password be?
Planning for Installation:
Preinstallation Decisions
Should the network use domains or
workgroups, and, if so, what will they be
called?
Will the server support additional
services?
Which licensing mode should I choose?


Per server
Per seat
How can I remember all of this
information?
Planning for Installation
Be prepared to:






Read and accept the license agreement
Identify your organization
Provide your registration key
Select the appropriate time and date
Specify display settings
Identify and supply drivers for hardware
components
Planning for Installation:
Windows NT Upgrade
Considerations
Back up the existing Windows NT server
On Windows NT network including multiple
servers and domain controllers, upgrade the
Windows NT PDC to a Windows 2000
domain controller first
Be certain to select “Upgrade to Windows
2000 (Recommended)” option on the first
setup screen
Planning for Installation:
Windows NT Upgrade
Considerations
If upgrading Windows NT PDC to Windows 2000
domain controller, indicate that you want to start
a new domain or forest during the Active
Directory Setup Wizard
After all Windows NT servers on network are
upgraded to Windows 2000 Server, convert
domains to native mode
Carefully follow upgrade instructions
Installing and Configuring a
Windows 2000 Server
Figure 8-18: Beginning with setup options
Installing and Configuring a
Windows 2000 Server
Figure 8-19: Selecting Windows 2000 components
Installing and Configuring a
Windows 2000 Server
Figure 8-20: Installing Components window
Initial Configuration
After completing the Windows 2000 Server
installation, the server is not yet ready to
support clients on a network
First, the software must be configured

For instance, to assign it a place in the
domain
Establishing Users, Groups, and
Rights
The Guest account is a predefined user account
with limited privileges that allows a user to log onto
the computer
The Administrator account is a predefined user
account that has the most extensive privileges for
resources both on the computer and on the domain
it controls
A local account only has rights on the server they
are logged onto
A domain account has rights throughout the
domain
Establishing Users, Groups, and
Rights
Figure 8-21: User account password properties
Establishing Users, Groups, and
Rights
A domain local group is one that allows its
members access to resources within a single
domain
A global group allows its members access to
resources within a single domain
A universal group is one that allows its
members to access resources across multiple
domains and forests
Establishing Users, Groups, and
Rights
Figure 8-22: Creating a group
Establishing Users, Groups, and
Rights
Figure 8-23:
The Program
Files Properties
dialog box
Internetworking with Other Network
Operating Systems
Gateway Services for NetWare (GSNW)

Acts as a translator between the Windows 2000 and
NetWare client redirector services
Client Services for NetWare (CSNW)

Can be installed on Windows 2000 clients to enable
them to access NetWare servers
Directory Services Migration Tool (DSMIGRATE)

Enables network administrators to migrate accounts,
files, and permissions from a NetWare NDS directory
to the Windows 2000 Active Server Directory
Chapter Summary
Network operating systems are entirely software-based
and can run on a number of different hardware platforms
and network topologies
A redirector is inherent in both the network operating
system and the client operating system
When a client attempts to log on, the network operating
system receives the client’s request for service and tries
to match the user name and password with the name
and password in its user database
Users with similar needs and restrictions are collected in
groups to more easily manage their access and
privileges
Chapter Summary
A directory is an NOS’s method of organizing and
managing objects
A file system is an operating system’s method of
organizing, managing, and accessing its files through
logical structures and software routines
In order for clients to share a server application, the
network administrator must assign user rights to the
directories where the application’s files are installed
NetWare, UNIX, and Windows 2000 Server perform
preemptive multitasking
Multiprocessing splits tasks among multiple processors
to expedite the completion of any single instruction
Chapter Summary
Windows 2000 supports any type of topology or
protocol you are likely to run on a LAN
Windows 2000 Server’s memory model assigns
each process its own 32-bit memory area
The description of object types, or classes, and
their required and optional attributes that are
stored in Active Directory is known as a schema
Domains define a group of systems and
resources that share common security and
management policies
Chapter Summary
When multiple domain controllers are used, a
change to the database contained on one
domain controller is copied to the databases on
other domain controllers so that their databases
are identical
To collect domains into logical groups, Windows
2000 Server uses a domain tree
Each tree, domain, container, and object has a
unique name that becomes part of the
namespace