Presentation8 - University Of Worcester
Download
Report
Transcript Presentation8 - University Of Worcester
COMP2122
Network
Operating Systems
Richard Henson
University of Worcester
November 2010
Week 8: More on
Windows NT/2000/XP/etc…
Objectives:
Explain how Windows 2000 & DOS became XP
(client) & 2003 (server)
Explain why user and system settings need to be
controlled on networked machines
Explain the role of the registry in NT series
configuration, usability, and security
Select appropriate software tools for sharing data
and resources between NT series and Netware
networks
Select appropriate software tools for
system/network monitoring and troubleshooting
Platforms for
Operating Systems
Intel platform survived threats from RISC
architecture…
alpha platform never that popular
rights to alpha chip bought by Intel
Success of XP on Intel at client end
suppressed predicted (and expected)
popularity of Linux on Intel platform
Apple platform had a chance to emerge and
develop a good range of apps
success of i-player & i-phone
Microsoft’s disastrous (mis)launch of Vista!
“Recent” Developments:
Integration of Windows & NT
Continued success of Intel platform:
thanks to successful integration of good features
of DOS/Windows with NT produced a hybrid
operating system:
» low level stability and reliability of NT
» popular user interface of Windows
Client end (late 2001)
2000 professional -> XP professional
» addition of a new (GDI+) interface
» XP home a partly diabled version of XP Professional
“Recent” developments:
Windows 2003
2000 server -> 2003 server
developments took a little longer…
Noteworthy extra features:
GDI+ interface
Enhanced active directory
Group policy management console
BIOS Developments
Earlier motherboards had a single chip
containing the BIOS on ROM and a writeable
CMOS area
the command line interface invoked was 16-bit
More recent motherboards use EFI
(Extensible Firmware Interface)
uses a 32-bit command line
only really exploited with Windows 7…
Hard Disk Interface
Developments
Until about 2004, two main choices:
IDE (integrated disk environment)
» desktop, two hard disk supported per interface
SCSI (small computer system interface)
» server, up to seven supported per interface
» extra wide SCSI supports many more…
New, faster SATA interface popular from
2004:
alternative to IDE & SCSI
not initially supported by Windows 2003 Server…
More about booting
to an Intel platform
BIOS should “point” to selected medium
that medium needs to have “a bootable
partition”
different media prepared in different ways
» hard disk still the conventional boot medium
could have a number of partitions
» boot medium must contain a “boot loader”
contains “master boot record” (MBR)
points to the partition contain the operating system
» CDs & USBs only have one partition
MBR still needs to include a path to operating system files
Partitions, Hard Disks and
Calling Operating Systems
MBR must be on the first (C:) partition
Possible to have different operating systems
on the same hard disk…
varieties of Windows
varieties of Unix…
BUT…
Master Boot Record systems different on Unix and
Windows
still possible to have ONE Unix partition…
Rapid Boot-up with
Windows 7 (1)
Huge improvements in time to logon
screen…
32-bit colour animation appears at an early
stage
» driven by the CPU (& using EFI)
graphics card not yet initiated…
meanwhile, operating system's kernel and
critical device drivers are loading into
memory in the background…
Rapid Boot-up with
Windows 7 (2)
Early stage of boot process is i/o bound:
loading the kernel
device driver files
other system component files
Dimensions of the boot animation
limited to a small region of the screen
avoid i/o delay loading animation images
during the early stage of boot…
Rapid Boot-up with
Windows 7 (3)
Changes to the boot “architecture”
Windows 7 animation happens as the process
moves along
» contrast with Vista, where the pear animation comes only
after the boot sequence is complete…
fewer transitions in graphics mode during
initialisation of the graphics subsystem and
Windows shell
» again, c.f. Vista, where screen flashes black a few times..
Sound plays BEFORE user login starts…
More on Network Logon
Rapid local boot is fine…
but most organisational computers are on
networks…
“Policies”: Controlling User
and System Settings
Essential part of any network administrator’s
job!
could be 100s or 1000s of systems, & users
System settings often a major issue
different types of system need different settings
system settings for a given computer may need to
be changed for particular users e.g. to change
screen refresh rate for epileptics
User settings more a matter of convenience
mandatory profiles - all same desktop settings!
roaming profiles - desktop settings preserved
between user sessions
Storage of Settings:
The Windows Registry
First made available to simplify configuration
in Windows 95
effectively replaced all settings in:
» CONFIG.SYS (DOS system), AUTOEXEC.BAT (DOS
user)
» SYSTEM.INI (Windows system) and WIN.INI (Windows
user)
Principles later extended in Windows NT v4
to allow system and user settings to be
configured for computers within a network
What is The Registry?
A hierarchical store of system and user
settings
Five basic subtrees:
HKEY_LOCAL_MACHINE : local computer info.
Does not change no matter which user is logged on
HKEY_USERS : default user settings
HKEY_CURRENT_USER : current user settings
HKEY_CLASSES_ROOT : software config data
HKEY_CURRENT_CONFIG : “active” hardware
profile
Each subtree contains one or more subkeys
Location of the Windows Registry
In a subfolder…
c:\windows\system32\config
Six files (no extensions):
Software
System – hardware settings
Sam, Security
» not viewable through regedt32
Default – default user
Sysdiff – HKEY USERS subkeys
Also to be considered: ntuser.dat
» user settings that override default user
Emergency Recovery if
Registry lost or badly damaged
Backup registry files created during text-based
part of windows installation
also stored in:
» c:\windows\system32\config
» have .sav suffix
only updated if “R” option is chosen during a
windows recovery/reinstall
Another NEVER UPDATED backup is saved to
C:\windows\repair
contains no user and software settings
reboots back to the point:
» “Windows is now setting up”
Backing up the Registry
Much forgotten… an oversight that may later
be much regretted!!!
can copy to tape, USB stick CD/DVD, or disk
rarely more than 100 Mb
Two options;
Use third-party backup tool
» e.g http://www.acronis.co.uk
Use windows “backup”
» not recommended by experts!
» but already there & does work!
» to copy the registry if this tool is chosen, a “system state”
backup option should be selected
Editing Registry Settings
Contents should not be changed manually
unless you really know what you are doing!!!
Special command line tools available for
editing individual system settings:
REGEDT32 is used to edit registry settings on
Windows NT systems
Registry data that is loaded into memory can
also be overwritten by data:
from local profiles
downloaded across the network…
System Policy File
A collection of registry settings downloaded
from the domain controller during logon
Can apply different system settings to a
computer, depending on the user or group
logging on
Can overwrite:
local machine registry settings
current user registry settings
Should therefore only be used by those who
know what they are doing!!!
System Policy File
Saved as NTCONFIG.POL
Normally held on Domain Controllers
read by local machine during logon procedure
provides desktop settings, and therefore used to
control aspects of appearance of the desktop
Different NTCONFIG.POL settings can be
applied according to:
User
Group
Computer
Users with roaming profiles additionally save
desktop settings to their profile folders
Active Directory
Microsoft equivalent of Novell’s NDS (Network
Directory Structure)
An LDAP network-wide directory service for
providing paths to files and services
Available from Windows 2000 onwards
of limited use on networks with NT v4 clients
All domain controllers contribute to, share, and
are part of the Active Directory system
data on network resources, services & users all
stored in a single file
» ntds.dit
tools available for AD system management
» e.g. ntdsutil
Structure of
Active Directory
A hierarchical
system of
organisational
data objects
i.e. domains
A Tree can be
» a single
domain
» group of
domains
Domain Trees & Forests
Domain objects divide into organisational
units (OUs)
Microsoft recommend using OUs in preference to
domains for imposing structure for admin
purposes
» an OU could contain several domains
» logically linked together through “trusts”
“Forest” contains data needed to connect all
objects in the tree, and connect different trees
trees can also be logically linked together through
“trusts”
Active Directory and DNS
DNS is the Internet-based system for
naming computers that participate in the
Internet
In Active directory, each domain in the
tree has a unique DNS identity
and therefore a unique IP address
can cause confusion when setting up
domain structure!!
Redirector
(Workstation Service)
Implemented as a file system driver
intercepts if local file system cannot find the file or
service, and sends it out to active directory to locate the
data object
Communicates with transport protocols & lower
layers via Transport Driver Interface (TDI)
TDI allows independence of networking
components along OSI lines between layers 2, 3
&4
Redirector
(Workstation Service)
Adherence to OSI layers makes it possible to
independently add or remove:
transport protocols (layers 3 & 4)
network cards (layers 1 & 2)
without reconfiguring the whole system
Completely transparent in its interception of
i/o calls
esp. important when applications are being used
Server Service
Like the redirector:
implemented as a file system driver
communicates with lower layers via TDI
Supplies the network connections
requested by the redirector
Receives requests via adapter card
drivers, transport protocol (e.g. TCP/IP),
and TDI
Running Client-Server
Applications
Client process and Server process essential
to provide a mechanism for:
pipes to link processes that need bi-directional
communication
mailslots to link processes only requiring onedirectional communication
running Winsock to manage the communicational
channel
RPCs (Remote Procedure Calls) allowing
distributed applications to make calls to
procedures anywhere on the network
File and Print Sharing
Shared resource access requires use of
redirector
server service…
Multiple UNC Provider allows connection to a
resource on any computer that supports UNC
Universal Naming Convention) names
Files \\server\shared folder[\sub-folder]\filename)
Printers \\server\shared printer
Multiple Provider Router supports multiple
redirectors
Microsoft TCP/IP stack
Differs from UNIX TCP/IP (e.g. no FTP, SMTP
or Telnet)
DNS is available as a network service
Application layer components:
Windows sockets - to interface with sockets-based
applications
NetBT - to interface with NetBIOS applications
SNMP, TCP, UDP, IP as with Unix protocol
stack
Configuring
Windows 2000 Protocols
Requires local administrator access!!
1. Need to find to “Local Area
Connection”:
either through Control Panel/Network &Dial
up connections
or by right-clicking on Network Places and
choosing Properties
2. Right click on Local Area
connection…
Configuring Windows 2000
Protocols - continued
Upper box (greyed) allows configuration
of NDIS compatible network card
drivers – operating at OSI levels 1 & 2
Lower box (scroll down) allows
installation/configuration of protocols:
Microsoft TCP/IP (levels 3 & 4)
NWlink IPX/SPX compatible (3 & 4)
NetBEUI (level 3 only)
Windows 2000
TCP/IP Configuration
Locate and double-click TCP/IP
If DHCP (dynamic host configuration
protocol) is running, IP addressing is
dealt with automatically by the DHCP
server
Otherwise, three IP addresses need to
be added:
Local static machine IP address
Subnet mask
Default gateway
TCP/IP Configuration
Local machine IP address
DHCP protocol can automatically assign IP
addresses from a Windows 2000 server machine
running DHCP server
Alternatively, a static IP address can be keyed in
manually
Subnet mask:
normally 255.255.255.0 for small networks
255.255.x.0 for larger networks
» x -> 0 as the network gets larger
Default gateway is the IP address of the LANInternet interface computer…
Windows TCP/IP utilities
Located in the system32 directory
Not available from the GUI
Only accessible via the NT prompt (Ping
(packet internet groper):
FTP
Telnet
Finger (retrieval of system information from a
computer running TCP/IP & finger
ARP (displays local IP addresses according to
equivalent MAC or “physical” addresses)
ipconfig (displays local IP configuration)
tracert (checks route to a remote IP address)
NWlink (Microsoft 32-bit
version of IPX/SPX)
Microsoft’s implementation of Novell’s
IPX/SPX protocol
Only needed if a Windows network
needs connectivity with a Novell network
enables devices on an NT network to
communicate with Novell servers
Uses Winsock as application protocol to
complete the stack
NWlink (Microsoft 32-bit
IPX/SPX)
IPX works with MAC addresses
protocol therefore needs to be configured for frame
type:
double-click on IPX/SPX in protocols tag
type in correct IEEE frame type for the
corresponding Netware Server:
» e.g. 802.2, 802.3, 802.5, 802.11
Automatic configuration:
only one frame type supported
Manual configuration:
several frame types possible
unique IPX number included for each
Network Bindings
Binding is about linking network components
at the different OSI levels together to enable
communication
With NT, this is about linking the redirector &
server service with the transport protocol and
(via NDIS) adapter card drivers
Binding is done automatically when:
there is a change of protocol, or protocol settings
different network adapter drivers are installed
existing adapter card settings are altered
Connectivity with Netware
networks
A number of available (nwlink) services:
Client Service for NetWare (CSNW)
» allows NT/2000 clients to access file & print services on
a Netware server
Gateway Service for Netware (GSNW)
» Allows NT/2000 servers to access file & print services &
can be used as a migration path from a Netware Server
to NT
File and Print Services for Netware
» Allows an NT/2000 server to function as a Netware file &
print server
Netware Migration Tool
» Allows users, groups, volumes, folders, files, to be
transferred to an NT/2000 server with existing security
intact
WINS (Windows Internet
Names Service)
Client-server protocol
Manages a dynamic database of IP addresses
and local network (NetBIOS) names
Used on Windows TCP/IP networks to enable
computer devices to communicate using IP
Clients request IP addresses for particular
NetBIOS names
WINS server provides that information
Alternative system: LMHosts – static database
Terminal Services
Allows any PC running a version of
Windows to remotely run an NT series
server
uses a copy of the server’s desktop on the
client machine
Client tools must be installed first, but the
link can run with very little bandwidth
Therefore possible to remotely manage a
server thousands of miles away using a
phone connection…
Remote Access Service
RAS also allows access to an NT network
through routes such as:
PSTN
X25
ISDN
Uses PPP (Point to Point protocol)
Also supports use of PPP Multilink protocol,
which allows a combination of
communications links and multiple links to be
used
Remote Access Service
Also provides capability for VPNs (Virtual
Private Networks) using secure Internet
access
using PPTP (point-point tunnelling protocol)
Standard username/password authentication
still required for all remote logins
Can be used as a Gateway for NetBIOS
names or (using IPX) to remotely gain access
to Novell Netware services
RAS & Secure Remote Login
To login remotely, user must have a valid
username/password and RAS dial-in
permission
RAS can use “call back” security:
Server receives a remote request for access
Server makes a note of the telephone number
Server calls the remote client back, guaranteeing
that the connection is made from a trusted site
Login information is encrypted by default
All remote connections can be audited
Internet Information Server (IIS)
Microsoft’s Web Server
can also provide ftp or smtp publishing service
Purpose:
make html pages available:
» as a local www service
» across the network as an Intranet
» across trusted external users/domains as an Extranet
run server-scripts in communication with client
browsers
Sets up its own directory structure for
developing Intranets, Extranets, etc.
Access to any IIS service can be restricted
using username/password security
Internet Information Server
Can allow anonymous remote login:
Uses a “guest” account – access only to files that
make up the Intranet
Anonymous login prevents trying to hack in
through guessing passwords of existing users
Provides the software connectivity for a
server-side interface that can connect clientserver Internet applications such as ASPs
(Active Server Pages) to online databases
Troubleshooting Resources
Task Manager
Applications tab just gives the name and status of
each application that is loaded into memory
Processes tab:
»
»
»
»
all system processes
Memory usage of each
% CPU time for each
Total CPU time since boot up
Performance tab
» Total no. of threads, processes, handles running
» % CPU usage
Kernel mode
User mode
» Physical memory available/usage
» Virtual memory available/usage
Troubleshooting Resources
Event viewer
System events recorded into “event log” files
» Three with NT: system, auditing, application
» Customisable with 2000
New files daily, old ones archived by default
Three types of events:
» Information
» Warning
» Error
More information for each event obtained by
double-clicking
Wise to check events regularly, and sort out
potential problems before they become real
ones…
Troubleshooting Resources
NT Diagnostics
Hardware & operating system data from registry
Performance Monitor
Can monitor many aspects of system performance
Either display current data graphically, in real-time
or log data at regular intervals to get a longer term
picture
Troubleshooting Resources
Network Monitor (NT)
System Monitor (2000)
Captures, filters, or analyses frames or packets sent over the
network
Alerts
Notify administrator when a particular threshold value has
been reached
System Recovery
If a fatal error occurs:
» a dump of system memory is made, and can be used for
identifying the cause of the problem
» alerts are sent to users
» system is restarted automatically