You are previewing Microsoft® Windows Server™ 2003 Administrator's Companion, 2nd Edition.
O'Reilly logo
Microsoft® Windows Server™ 2003 Administrator's Companion, 2nd Edition

Book Description

Get the ideal one-volume guide for the IT professional who administers Windows Server 2003. Now fully updated for Windows Server 2003 with Service Pack 1 (SP1) and Windows Server 2003 R2, this ADMINISTRATOR’S COMPANION offers up-to-date information on core system administration topics for Microsoft Windows®, including Microsoft Active Directory® directory service, security issues, disaster planning and recovery, and interoperability with Novell NetWare and UNIX. It includes all-new sections on SP1 security updates and new features for R2. Featuring easy-to-use procedures and handy workarounds, this book provides ready answers, practical solutions, and clear procedures for on-the-job results.

Table of Contents

  1. Microsoft® Windows Server™ 2003 Administrator’s Companion, Second Edition
  2. Dedication
  3. A Note Regarding Supplemental Files
  4. Acknowledgments
  5. Introduction
    1. Meet the Family
    2. New in Windows Server 2003
    3. How to Use this Book
    4. What’s in the Book
    5. What’s on the CD?
    6. Talk to Us
  6. System Requirements
  7. I. Preparation
    1. 1. Overview of Windows Server 2003
      1. Versions of Windows Server 2003
      2. Deploying Windows Server 2003 and Windows Clients
      3. Network Management
        1. Printer Management
        2. Group Policy
        3. IntelliMirror
        4. Terminal Services
      4. Interoperability
      5. System and Network Security
      6. Availability and Reliability
      7. Active Directory
      8. Storage and File System Support
      9. Communications
      10. Internet Services and .NET Application Services
      11. Scalability
      12. The Need for Planning
      13. Summary
    2. 2. Introducing Directory Services
      1. Understanding Directory Services
      2. Active Directory in Microsoft Windows Server 2003
        1. Terminology and Concepts in Active Directory
          1. Namespace and Name Resolution
          2. Attribute
          3. Object
          4. Container
          5. Tree and Subtree
          6. Distinguished Name
          7. Schema
      3. The Active Directory Architecture
        1. The Directory System Agent
        2. Naming Formats
        3. The Data Model
        4. Schema Implementation
        5. The Security Model
        6. Delegation and Inheritance
        7. Naming Contexts and Partitions
        8. The Global Catalog
      4. Summary
    3. 3. Planning Namespace and Domains
      1. Analyzing Naming Convention Needs
        1. Trees and Forests
          1. Trees
          2. Forests
        2. Defining a Naming Convention
          1. The Organizational Naming Convention
          2. The Geographical Naming Convention
          3. Mixed Naming Conventions
        3. Determining Name Resolution
          1. Using the Same Internal and External Namespaces
          2. Using Different Internal and External Namespaces
      2. Planning a Domain Structure
        1. Domains vs. Organizational Units
          1. Domains
          2. Organizational Units
        2. Designing a Domain Structure
          1. Designing a Single Domain Tree Structure
          2. Designing a Multiple Domain Tree Structure
        3. Domain Security Guidelines
        4. Creating Organizational Units
      3. Planning Multiple Domains
        1. Planning a Contiguous Namespace
        2. Determining the Need for a Multi-Tree Forest
        3. Creating the Forest
      4. Summary
    4. 4. Planning Deployment
      1. How Information Technology Functions
      2. Identifying Business Needs
        1. Getting Specific
        2. Seeing into the Future
      3. Assessing Current Systems
        1. Documenting the Network
          1. The Organizational and Physical Infrastructure
          2. Traffic Patterns
          3. Network Addresses
          4. Operating System Connectivity
          5. External Connectivity
          6. Existing Network Operating Systems
          7. Existing Applications and Services
      4. Making a Roadmap
        1. Defining Goals
        2. Assessing Risk
      5. Summary
  8. II. Installation and Configuration
    1. 5. Getting Started
      1. Designing a Deployment Environment
        1. Choosing an Installation Method
          1. Choosing a Setup-Based Installation Method
          2. Choosing an Image-Based Installation Method
        2. Choosing a Preinstallation Environment
        3. Choosing a Software Update Solution
        4. Choosing an Application Deployment Solution
        5. Understanding Licensing and Product Activation
          1. Licensing Modes
          2. Product Activation
        6. Designing a Test Lab
        7. Planning Server Configurations
          1. Planning Server Roles
          2. Assessing System Requirements
          3. Planning Partitions
          4. Planning Server Security
        8. Creating Your Deployment Plan
      2. Creating Your Deployment Environment
        1. Using Setup Manager
        2. Using Unattended Setup with Windows Server 2003 R2
        3. Creating and Modifying a Distribution Share
          1. Creating a Distribution Share
          2. Applying Service Packs to a Distribution Share
          3. Installing Software Updates with an Answer File
          4. Installing Plug and Play Drivers in the Distribution Share
          5. Installing OEM Drivers in Remote Installation Preparation Images
          6. Installing Mass Storage Drivers
          7. Converting Short Filenames Back to Long Filenames
        4. Using Sysprep with Disk Imaging
      3. Installing Windows
        1. Preparing the System
        2. Performing a Manual Installation of Windows
        3. Initiating Windows Setup Using an Answer File
        4. Initiating Setup Using Command-Line Parameters
      4. Troubleshooting Installations
        1. Setup Freezes or Locks Up
        2. Setup Stops During File Copying
        3. Previous Operating System Will Not Boot
          1. Changing the Default Operating System and Boot Times
          2. Restoring the MBR of the Previous Operating System
      5. Summary
    2. 6. Upgrading to Windows Server 2003
      1. Architectural Changes Since Windows NT 4.0
        1. Domain Controllers and Server Roles
          1. Server Roles in Windows NT 4.0
          2. Server Roles in Windows 2000 and Windows Server 2003
        2. Active Directory
          1. Active Directory Domains
          2. Sites and Organizational Units
          3. Forest Root Domains
          4. Trust Relationships
            1. Trust Relationships in Windows NT 4.0
            2. Trust Relationships in Active Directory
        3. Hardware Support
        4. Software Support
      2. Planning a Windows NT Domain Upgrade
        1. Choosing Whether to Upgrade or Migrate
        2. Documenting the Existing Network
          1. The Existing Domain Model
          2. Existing Trust Relationships
          3. Account Domains and Resource Domains
          4. DNS Namespaces
          5. Server Software and Compatibility Issues
        3. Planning the Active Directory Forest
          1. Designing the Active Directory Domain Structure
            1. Single-Domain Model
            2. Single-Master–Domain Model
            3. Multiple-Master–Domain Model
            4. Complete-Trust Model
          2. Choosing DNS Names
          3. Planning the Site Topology
        4. Making a Recovery Plan
          1. Make Sure All Domains Have at Least One BDC
          2. Back Up Each Computer Before Upgrading
          3. Synchronize All BDCs with the PDC
          4. Take a BDC Offline for Backup
          5. Relax
        5. Developing an Upgrade Strategy
          1. Upgrading or Replacing Windows NT RAS Servers
          2. Making Sure the PDC Is Sufficiently Powerful
          3. Creating the Dedicated Forest Root Domain Before Upgrading the PDC
          4. Upgrading or Retiring Any Incompatible Clients and Servers
          5. Upgrading the PDC First
          6. Upgrading or Replacing the BDCs Quickly
          7. Upgrading Member Servers and Clients Independently
          8. Scheduling the Domain Upgrade Appropriately
          9. Creating a Testing Criteria
      3. Preparing Domains and Computers
        1. Reviewing Server Upgrade Requirements
        2. Preparing Windows NT Domains
        3. Preparing the Computers
      4. Updating the Active Directory Schema
        1. Testing Active Directory Functionality in Active Directory Domains
        2. Updating the Active Directory Forest Schema
        3. Verifying the Forest Schema Update
        4. Updating the Active Directory Domain Schema
      5. Upgrading Clients to Windows XP
      6. Upgrading Servers to the Windows Server 2003 Family
        1. Installing Windows Server 2003 R2
        2. Upgrading a Server to Windows Server 2003
      7. Switching Forest and Domain Functional Levels
        1. Choosing a Forest Functional Level
        2. Choosing a Domain Functional Level
        3. Switching Functional Levels
      8. Summary
    3. 7. Configuring a New Installation
      1. Installing Updates
      2. Enabling Remote Administration
      3. Checking for Setup Problems
      4. Configuring Devices
        1. Using Device Manager
          1. Working with Device Manager
          2. Working with Device Properties
          3. Troubleshooting Devices
        2. Configuring Storage
      5. Configuring Networking Settings
        1. Changing Your Network Identity
        2. Configuring Network Components
        3. Configuring TCP/IP
          1. Using Dynamic Addressing
          2. Using Static Addressing
          3. Setting Advanced TCP/IP Options
            1. Configuring IP Settings
            2. Configuring DNS Settings
            3. Configuring WINS Settings
            4. Configuring TCP/IP Options
      6. Setting Up Server Roles
      7. Securing Windows
      8. Summary
    4. 8. Installing and Managing Printers
      1. Planning Printer Deployment
        1. Establishing Printer Naming Conventions
        2. Creating Location-Naming Conventions
        3. Enabling Printer Location Tracking
        4. Choosing Whether to Upgrade or Migrate Print Servers
      2. Installing Printers
      3. Managing Printers and Print Servers
        1. Using the Print Management Console
          1. Creating Filtered Printers Folders
          2. Deploying Printer Connections
        2. Managing Print Jobs from Windows
        3. Managing Printers from a Web Browser
        4. Managing Printers from a Command Line
      4. Changing Printer Options
        1. Setting Security Options
        2. Changing Printer Availability and Group Priorities
        3. Specifying a Separator Page
        4. Changing Spool Settings
      5. Managing Printer Drivers
        1. Managing Printer Drivers
        2. Creating Printer Pools and Changing Port Settings
      6. Printer Maintenance and Troubleshooting
        1. Optimizing Print Server Performance
        2. Preparing for Print Server Failure
        3. Printing from the Client Machine Experiencing the Problem
          1. Document Prints Incorrectly
          2. Document Fails to Print
          3. Printing from Some Applications Fails
        4. Checking the Print Server Status
        5. Checking the Printer
        6. Deleting Stuck Documents
        7. Troubleshooting Printer Location Tracking
          1. Clients Cannot Locate Some Printers in Active Directory
          2. Naming Scheme Needs to Be Changed
      7. Summary
    5. 9. Managing Users and Groups
      1. Understanding Groups
        1. Assigning Group Scopes
          1. Global Scope
          2. Domain Local Scope
          3. Universal Scope
      2. Planning Organizational Units
        1. Creating Organizational Units
        2. Moving Organizational Units
        3. Deleting Organizational Units
      3. Planning a Group Strategy
        1. Determining Group Names
        2. Using Global and Domain Local Groups
        3. Using Universal Groups
      4. Implementing the Group Strategy
        1. Creating Groups
        2. Deleting Groups
        3. Adding Users to a Group
          1. Changing the Group Scope
          2. Creating Local Groups
      5. Managing Built-In Groups and User Rights
        1. Built-In Local Groups
        2. Built-In Domain Local Groups
        3. Built-In Global Groups
        4. Defining User Rights
          1. Assigning User Rights to a Group
          2. Assigning Rights Locally
      6. Creating User Accounts
        1. Naming User Accounts
        2. Account Options
        3. Passwords
        4. Creating a Domain User Account
        5. Creating a Local User Account
        6. Setting User Account Properties
        7. Testing User Accounts
      7. Managing User Accounts
        1. Finding a User Account
        2. Disabling and Enabling a User Account
        3. Deleting a User Account
        4. Moving a User Account
        5. Renaming a User Account
        6. Resetting a User’s Password
        7. Unlocking a User Account
      8. Using Home Folders
        1. Creating Home Folders on a Server
        2. Providing Home Folders to Users
      9. Maintaining User Profiles
        1. Local Profiles
        2. Roaming Profiles
          1. Setting Up Roaming Profiles
          2. Creating Customized Roaming Profiles
          3. Using Mandatory Profiles
        3. Assigning a Logon Script to a User Profile
      10. Summary
    6. 10. Managing File Resources
      1. Sharing File Resources
        1. Shared Folders
        2. NFS Shared Folders
        3. Active Directory Shared Folders
        4. DFS Folders
      2. Share Permissions vs. File Permissions
        1. Share Permissions
        2. File Permissions
      3. NTFS Permissions
        1. What Permissions Mean
        2. How Permissions Work
        3. Considering Inheritance
        4. Configuring Folder Permissions
        5. Assigning Permissions to Files
        6. Configuring Special Permissions
        7. Ownership and How It Works
      4. Shared Folders
        1. Using the File Server Management Snap-In
        2. Creating a Shared Folder
        3. Removing a Folder Share
        4. Disconnecting Users
        5. Limiting Simultaneous Connections
        6. Special Shares
        7. The Command Line—Net Share
      5. NFS Shared Folders
        1. Initial Configuration
          1. Specify a User Name Mapping Server
          2. Windows Firewall Configuration
        2. Creating an NFS Share
        3. Deleting or Modifying an NFS Share
      6. Publishing Shares in Active Directory
      7. Summary
    7. 11. Administering Group Policy
      1. Components of Group Policy
        1. Group Policy Objects
          1. Group Policy Templates
          2. Group Policy Containers
        2. Default Group Policies
      2. Managing Group Policies
        1. Order of Implementation
        2. Order of Inheritance
        3. Overriding Inheritance
          1. Enforcing a GPO Link in GPMC
          2. Setting No Override
          3. Setting Block Inheritance in GPMC
          4. Blocking Inheritance on Computers Without GPMC
      3. Creating a Group Policy Object
        1. Creating a GPO in GPMC
        2. Creating a GPO on a Computer Without GPMC
        3. Inside the Group Policy Object Editor
      4. Managing Group Policy Links
        1. Linking a GPO Using GPMC
        2. Linking a GPO Without GPMC
      5. Setting the Scope of Group Policy Objects
        1. Using GPMC to Set the Scope for a GPO
        2. Setting the GPO Scope Without GPMC
      6. Delegating Permissions on GPOs
        1. Delegating Group Policy Using GPMC
          1. Delegating Permission to Create
          2. Delegating Permission to Link
          3. Delegating Permission to Edit, Delete, or Modify Security
        2. Delegating Group Policy Without GPMC
          1. Delegating Permission to Create
          2. Delegating Permission to Link, Edit, Delete, or Modify Security
        3. Disabling a Branch of a GPO
          1. Disabling a Node Using GPMC
          2. Disabling a Node without GPMC
      7. Refreshing Group Policy
      8. Backing Up a Group Policy Object
      9. Restoring a Group Policy Object
      10. Using Group Policy for Folder Redirection
        1. Redirecting to One Location
        2. Redirecting by Group Membership
        3. Removing Redirection
      11. Using Resultant Set of Policy (RSoP)
        1. Running an RSoP Query
        2. A Planning RSoP
        3. A Logging RSoP
      12. Summary
  9. III. Network Administration
    1. 12. Managing Daily Operations
      1. Using the Microsoft Management Console
        1. Convenience Consoles
        2. Creating an MMC-Based Console with Snap-Ins
          1. Customizing the Layout of a Console
          2. Setting Options for a Console File
          3. Modifying Console Files
          4. Distributing and Using Consoles
          5. Using MMC for Remote Administration
      2. Using the Secondary Logon
        1. Opening Programs Using Run As
        2. Making Shortcuts to Run As
        3. Using Runas for Printers or Control Panel
      3. Administrative Tools
        1. Installing Administrative Tools Locally
        2. Making Administrative Tools Available Remotely
      4. Support Tools
      5. Automating Chores with Scripts
      6. Auditing Events
        1. Audit Settings for Objects
        2. Viewing Event Logs
        3. Searching Event Logs
        4. Filtering Event Logs
        5. Setting the Size of Event Logs
        6. Archiving Event Logs
      7. Delegating Control
      8. Using Task Scheduler
        1. Changing a Schedule
        2. Tracking Task Scheduler
        3. Viewing Tasks on a Remote Computer
      9. Using the AT Command
      10. Using cron
      11. Summary
    2. 13. Using Scripts for Consistent Administration
      1. Scripting on Windows Server 2003
        1. Windows Server 2003 Scripting Infrastructure
          1. Command Shell
          2. Active Scripting
          3. COM Interfaces
        2. Extending the Infrastructure
        3. What’s New in Windows Server 2003 Scripting
          1. The Windows Command Shell—Cmd.exe
          2. Windows Scripting Host
          3. Distributed COM
          4. ADSI and WMI
      2. Scripting Practices
        1. Think from the Command Prompt
        2. Write WSH Scripts as Console Tools
        3. Credentials and Scripting
          1. Use RunAs and Scheduled Tasks
          2. Avoid Specifying Passwords on the Command Line
          3. Use Obfuscated Password Entry
        4. Path Management Practices
          1. How Command Discovery Works
          2. Making Changes to the Shell Working Directory
          3. Use Fully Qualified Command Paths
          4. Monitor the %PATHEXT% Variable
          5. Add a Tools Directory to Your Path
        5. Input and Output Handling
          1. WSH: Use Text Streams for Input and Output
          2. Limit MsgBox Use
          3. WScript.Echo: Flexible but Suppressed in Batch Mode
          4. Use the WScript.Shell LogEvent for Critical Information Logging
        6. Use Good Error Management
          1. Use VBScript’s On Error Resume Next Carefully
          2. Console Scripts Should Handle Most Errors as Normal Events
          3. Return Error Information to the Shell
          4. Log Errors in Noninteractive Scripts
        7. WMI Scripting Issues
          1. Use Scriptomatic to Explore WMI
          2. Use WMIC for Interactive Exploration and One-Shot WMI Calls
          3. Avoid Authentication and Impersonation Settings
        8. Translating Script Languages
          1. Creating and Getting
          2. VBScript
          3. JScript
          4. Perl
        9. Noninteractive Scripts: Remote and Scheduled Use
      3. The Future of Windows Scripting
      4. Summary
    3. 14. Installing and Configuring Active Directory
      1. Using the Active Directory Installation Wizard
        1. Preparing for Installation
          1. NTFS
          2. DNS Server
        2. Promoting Your First Server to a Domain Controller
          1. Launching the Active Directory Installation Wizard
          2. Creating a New Domain
          3. Specifying Domain Names
        3. Choosing Installation Options
          1. Creating Additional (Replica) Domain Controllers
          2. Creating a Child Domain in an Existing Tree
          3. Creating a New Tree in an Existing Forest
          4. Creating a New Forest
        4. Upgrading Windows NT 4 Domain Controllers
        5. Demoting a Domain Controller
        6. Changing a Domain Controller Identification
        7. Setting a Global Catalog Server
      2. Using Active Directory Domains and Trusts
        1. Launching Active Directory Domains and Trusts
        2. Domain and Forest Functionality
          1. Changing the Domain Functionality Levels
          2. Changing the Forest Functionality Levels
        3. Managing Domain Trust Relationships
        4. Specifying the Domain Manager
        5. Configuring User Principal Name Suffixes for a Forest
        6. Managing Domains
      3. Using Active Directory Users and Computers
        1. Launching Active Directory Users and Computers
        2. Viewing Active Directory Objects
          1. Active Directory Object Types
          2. Normal Mode vs. Advanced Mode
          3. Changing the Domain
          4. Using Filters to Simplify the Display
          5. Finding Objects
          6. Default Active Directory Objects
        3. Creating an Organizational Unit
        4. Configuring OU Objects
        5. Delegating Object Control
        6. Creating a User Object
          1. Using the Command Line to Add a User
        7. Configuring User Objects
          1. The General Tab
          2. The Address Tab
          3. The Account Tab
          4. The Profile Tab
          5. The Telephones Tab
          6. The Organization Tab
          7. The Member Of Tab
          8. The Dial-In Tab
          9. The Environment Tab
          10. The Sessions Tab
          11. The Remote Control Tab
          12. The Terminal Services Profile Tab
          13. The COM+ Tab
          14. The Published Certificates Tab
          15. The Object Tab
          16. The Security Tab
        8. Creating a Group
        9. Configuring Group Objects
          1. The General Tab
          2. The Members Tab
          3. The Member Of Tab
          4. The Managed By Tab
          5. The Object Tab
          6. The Security Tab
        10. Creating a Computer Object
        11. Configuring Computer Objects
        12. Using Remote Computer Management
        13. Publishing a Shared Folder
        14. Publishing a Printer
        15. Moving, Renaming, and Deleting Objects
      4. Renaming a Domain Controller or a Whole Domain
        1. Renaming a Domain Controller
        2. Renaming Domains
      5. Using Active Directory Federation Services
      6. Summary
    4. 15. Managing Active Directory
      1. Using Active Directory Sites and Services
        1. Defining Site Objects
          1. Subnet Objects
          2. Server Objects
        2. Understanding Domain Replication
          1. Intrasite Replication
          2. Intersite Replication
        3. Launching Sites and Services
          1. Viewing Replication Objects
          2. Creating Site Objects
          3. Creating Server and Connection Objects
          4. Creating Subnet Objects
          5. Creating Site Link Objects
          6. Configuring Site Links
          7. Creating Site Link Bridge Objects
      2. Using Active Directory Schema
        1. Examining Schema Security
          1. Schema Administrator Permissions
          2. Flexible Single-Master Operations
          3. Read-Only Schema Access
        2. Launching Active Directory Schema
        3. Modifying the Schema
          1. Creating Attributes
          2. Creating Object Classes
          3. Adding Attributes to a Class
          4. Adding an Auxiliary Class to a Structural Class
        4. Modifying Display Specifiers
        5. Performing Batch Importing and Exporting
        6. Using the Ldifde.exe Utility
          1. Exporting Objects
          2. Importing Objects
          3. Modifying Objects
        7. Understanding Operations Master Roles
          1. Primary Domain Controller Emulator
            1. Transferring the PDC Emulator
            2. Seizing the PDC Emulator
          2. Schema Master
            1. Transferring the Schema Master
            2. Seizing the Schema Master
          3. Domain Naming Master
            1. Transferring the Domain Naming Master
            2. Seizing the Domain Naming Master
          4. Relative Identifier Master
            1. Transferring the RID Master
            2. Seizing the RID Master
          5. Infrastructure Master
            1. Transferring the Infrastructure Master
            2. Seizing the Infrastructure Master
      3. Summary
    5. 16. Understanding TCP/IP
      1. The TCP/IP Protocol Suite
        1. Internet Protocol
        2. Transmission Control Protocol
        3. User Datagram Protocol
        4. Windows Sockets
        5. NetBIOS
        6. Requests for Comments
      2. IP Addresses and What They Mean
        1. Class A Networks
        2. Class B Networks
        3. Class C Networks
        4. Class D and Class E Addresses
      3. Routers and Subnets
        1. What Is a Subnet?
        2. Gateways and Routers
        3. Address Resolution and Routing Protocols
      4. Name Resolution
        1. The Domain Name System
          1. The Domain Namespace
          2. Top Level Domains
          3. How Names Are Resolved into Addresses
          4. Reverse Lookups
          5. Dynamic DNS and Active Directory Integration
          6. Zone Storage and Active Directory
          7. Lightweight Directory Access Protocol
        2. Dynamic Host Configuration Protocol
          1. How DHCP Works
          2. Using Multiple DHCP Servers
        3. Windows Internet Name Service
          1. Single Domain Across a Subnet Boundary
          2. Multiple Domains Within a Subnet Boundary
          3. Multiple Domains Across a Subnet Boundary
      5. IP Version 6
      6. Summary
    6. 17. Administering TCP/IP
      1. Using DHCP
        1. Designing DHCP Networks
          1. DHCP Security Considerations
          2. Plan the IP Address Range and Exclusions
        2. Installing the DHCP Service
        3. Creating a New Scope
        4. Authorizing the DHCP Server and Activating Scopes
        5. Adding Address Reservations
        6. Enabling Dynamic Updates to a DNS Server for Earlier Clients
        7. Using Multiple DHCP Servers for Redundancy
          1. Splitting the Address Space Between Two Servers
          2. Setting Up a DHCP Server Cluster
        8. Other DHCP Functions
          1. Modifying Scopes
          2. Enabling Server-Based Conflict Detection
        9. Setting Up a DHCP Relay Agent
        10. Backing Up and Restoring the DHCP Database
        11. Using Ipconfig to Release, Renew, or Verify a Lease
        12. DHCP Command-Line Administration
      2. Using DNS Server
        1. Installing DNS
        2. Using the Configure A DNS Server Wizard
          1. Setting Up a DNS Server
        3. Creating Zones
        4. Creating Subdomains and Delegating Authority
        5. Adding Resource Records
        6. Configuring Zone Transfers
        7. Interoperating with Other DNS Servers
        8. Enabling WINS Resolution
        9. Setting Up a Forwarder
        10. Updating Root Hints
        11. Setting Up a Caching-Only DNS Server
      3. Setting Up a WINS Server
        1. Determining Whether You Need WINS
        2. Configuring the Server to Prepare for WINS
        3. Installing WINS
        4. Adding Replication Partners
        5. Miscellaneous WINS Functions
        6. Compacting the WINS Database
      4. Summary
    7. 18. Implementing Disk Management
      1. Understanding Disk Terminology
      2. Overview of Disk Management
        1. Disk Administration Enhancements
        2. Remote Management
        3. Dynamic Disks
        4. Command Line
      3. Disk Management Tasks
        1. Adding a Partition or Volume
          1. Adding a New Disk Using the Initialize And Convert Disk Wizard
          2. Creating a Volume
          3. Creating a Partition
          4. Creating Logical Drives in an Extended Partition
          5. Deleting a Partition, Volume, or Logical Drive
        2. Converting a Disk to a Dynamic Disk
        3. Extending a Volume
        4. Adding a Mirror
          1. Drive Failure in a Mirrored Volume
          2. Removing a Mirror
          3. Breaking a Mirror
        5. Converting a Volume or Partition from FAT to NTFS
        6. Formatting a Partition or Volume
        7. Changing a Drive Letter
        8. Mounting a Volume
      4. NTFS
        1. Encrypting on the File System Level
        2. Disk Quotas, File Screening, and Shadow Copies
      5. Summary
    8. 19. Using Clusters
      1. What Is a Cluster?
        1. Network Load Balancing Clusters
        2. Server Clusters
      2. Cluster Scenarios
        1. Intranet or Internet Functionality
        2. Terminal Services
        3. Mission-Critical Availability
      3. Requirements and Planning
        1. Identifying and Addressing Goals
        2. Identifying a Solution
        3. Identifying and Addressing Risks
        4. Making Checklists
      4. Network Load Balancing Clusters
        1. NLB Concepts
        2. Choosing an NLB Cluster Model
          1. Single Network Adapter in Unicast Mode
          2. Single Network Adapter in Multicast Mode
          3. Multiple Network Adapters in Unicast Mode
          4. Multiple Network Adapters in Multicast Mode
        3. Creating an NLB Cluster
          1. New NLB Cluster
          2. Adding a Node to an NLB Cluster
          3. Removing a Host from an NLB Cluster
        4. Planning the Capacity of an NLB Cluster
        5. Providing Fault Tolerance
        6. Optimizing an NLB Cluster
      5. Server Clusters
        1. Server Cluster Concepts
          1. Networks (Interconnects)
          2. Nodes
          3. Groups
          4. Resources
        2. Types of Resources
          1. Physical Disk
          2. DHCP and WINS
          3. Print Spooler
          4. File Share
          5. Internet Protocol Address and Network Name
          6. Local Quorum
          7. Majority Node Set
          8. Generic Application
          9. Generic Script
          10. Generic Service
          11. Volume Shadow Copy Service Task
        3. Defining Failover and Failback
        4. Configuring a Server Cluster
          1. High Availability with Load Balancing
          2. Maximum Availability Without Load Balancing
          3. Partial Failover (Load Shedding)
          4. Virtual Server Only
        5. Planning the Capacity of a Server Cluster
        6. Creating a Server Cluster
          1. New Server Cluster
          2. Creating a Clustered Resource
            1. New Cluster Group
            2. New Physical Disk Resource
            3. New IP Address Resource
            4. New Network Name Resource
            5. New File Share Resource
      6. Compute Clusters
      7. Summary
    9. 20. Managing Storage
      1. Using File Server Resource Manager
        1. Setting Global Options
        2. Scheduling Storage Reports
        3. Using Quota Management
          1. Quota Concepts
          2. Creating Quotas and Auto Apply Quotas
          3. Viewing and Managing Quotas
          4. Creating and Editing Quota Templates
        4. Screening Files
          1. Creating File Screens
          2. Creating Exceptions
          3. Creating and Editing File Screen Templates
          4. Working with File Groups
      2. Using Disk Quotas
        1. Enabling Disk Quotas
        2. Setting Quota Entries for Users
        3. Exporting and Importing Disk Quotas
        4. Creating Quota Reports
      3. Distributed File System
        1. What’s New in DFS for Windows Server 2003 R2
        2. Concepts and Terminology
          1. Namespace Roots
          2. Folders
          3. Targets
          4. DFS Replication
        3. Requirements
          1. DFS Clients
          2. DFS Servers
          3. Using DFS Without NetBIOS or WINS
        4. Installing DFS Management and DFS Replication
        5. DFS Namespaces
          1. Creating or Opening a Namespace Root
          2. Adding Namespace Servers
          3. Adding DFS Folders
          4. Changing Advanced Settings
            1. Changing Namespace Referral Settings
            2. Overriding Referral Settings on Individual Folders
            3. Delegating Management Permissions
            4. Changing Namespace Polling Settings
          5. Backing Up and Restoring the DFS Folder Targets
        6. DFS Replication
          1. Creating a Replication Group
            1. Replicating a DFS Folder
            2. Creating a Branch Office Replication Group
            3. Creating a Multipurpose Replication Group
          2. Managing Replication Groups
      4. Overview of Storage Manager For SANs
        1. Concepts and Terminology
        2. Installing Storage Manager For SANs
        3. Using the Storage Manager For SANs Console
        4. Managing Server Connections
        5. Managing iSCSI Targets
        6. Managing iSCSI Security
        7. Logging On to iSCSI Targets
        8. Creating and Deploying Logical Units (LUNs)
        9. Extending a LUN
      5. Removable Storage
        1. Concepts and Terminology
          1. Removable Devices and Libraries
          2. Media Pools
          3. Removable Storage Media Identification
          4. Media States
            1. Physical States
            2. Side States
        2. Use and Management
          1. Managing Libraries
            1. Inventorying Libraries
            2. Setting Door and Inject/Eject Port Timeouts
            3. Enabling and Disabling Individual Drives in a Library
            4. Cleaning Libraries
          2. Managing Media Pools
            1. Creating Media Pools
            2. Deleting Media Pools
          3. Managing Physical Media
            1. Injecting and Ejecting Media
            2. Mounting and Dismounting Media
          4. Using the Work Queue
          5. Working with Operator Requests
      6. Remote Storage
        1. Concepts and System Requirements
          1. Overview
          2. Program Compatibility
          3. Data Safety
          4. System Requirements
        2. Setup and Configuration
          1. Setting Up Remote Storage
          2. Setting Up Additional Volumes with Remote Storage
          3. Changing Include/Exclude Rules
          4. Disabling Remote Storage for a Managed Volume
          5. Performing Tasks Manually
          6. Setting Recall Limits
        3. Data Recovery and Protection
          1. Understanding Data Protection Strategies
            1. Single Drive Strategies
            2. Multiple Drive Strategies
          2. Working with Media Copies
          3. Recovering from Disaster
      7. Summary
  10. IV. Security
    1. 21. Planning for Security
      1. Security Basics
        1. Authentication
          1. Proof of Identity
          2. Authentication Protocols
          3. Hardware-Enabled Authentication
          4. Mutual Authentication
          5. Single Sign-On
        2. Data Protection
          1. Data Confidentiality
          2. Data Integrity
        3. Access Control
        4. Auditing
        5. Nonrepudiation
      2. Smart Cards
      3. Public-Key Infrastructures
        1. Public-Key Encryption vs. Symmetric-Key Encryption
        2. Public-Key Certificates and Private Keys
        3. Certificate Authorities
        4. Root and Subordinate Certificate Authorities
          1. Chain Verification and Trust
          2. Cross-Root Certification
        5. Certificate Registration
        6. Certificate Directories
        7. Certificate Templates
        8. Certificate Revocation
        9. Certificate Renewal
        10. Full CRLs and Delta CRLs
      4. Security-Enabled Protocols
        1. Secure Multipurpose Internet Mail Extensions
          1. Signed Messages
          2. Encrypted Messages
          3. Other Content Types
        2. Kerberos Version 5
        3. Windows NT LAN Manager
        4. Secure Sockets Layer
        5. Internet Protocol Security
          1. IPSec Policy Management
          2. How IPSec Works
      5. Virtual Private Networks
        1. Remote Access VPNs
        2. Router-to-Router VPNs
      6. Windows Rights Management Services
      7. Security Modules
        1. Cryptographic Application Programming Interface
        2. Cryptographic Service Providers
        3. CAPICOM
        4. Data Protection API
      8. Summary
    2. 22. Implementing Security
      1. The Security Configuration Wizard
        1. Installing the Wizard
        2. Using the Wizard
        3. Deploying the Policy
      2. Using Templates to Implement Security Policies
        1. Examining Template Policies
        2. Using Predefined Templates
          1. Secure Security Templates
          2. Highly Secure Security Templates
          3. Compatible Security Template
          4. Out-of-the-Box Security Templates
          5. Modifying a Predefined Template
        3. Defining New Templates
        4. Applying Templates
      3. Using Security Configuration and Analysis
        1. Opening a Security Database
        2. Importing and Exporting Templates
        3. Analyzing Security and Viewing the Results
        4. Configuring Security
      4. Using Windows Firewall
      5. Enabling Authentication
        1. Obtaining Smart Cards and Certificates
          1. Setting Up an Enrollment Agent
          2. Programming Smart Cards
          3. Obtaining Software-Based Certificates
        2. Logging On with Smart Cards
        3. Enabling Remote Certificate or Smart Card Authentication
          1. Authentication with Certificate on Smart Card
          2. Authentication with Certificate Stored on Local Computer
        4. Configuring Authentication for a Remote Access Server
      6. Implementing Access Control
        1. Establishing Ownership
        2. Assigning Permissions
      7. Managing Certificates
        1. Exporting Certificates and Private Keys
        2. Importing Certificates
        3. Requesting Certificates
        4. Enabling Certificates for Specific Purposes
      8. Using Internet Protocol Security Policies
        1. Defining IPSec Policies
        2. Using Predefined IPSec Policies
        3. Creating an IPSec Policy
        4. Editing an IPSec Policy
          1. IP Filter List
          2. Filter Action
          3. Authentication Methods
          4. Tunnel Setting
          5. Connection Type
        5. Assigning IPSec Policies
      9. Securing Local Data
        1. Creating a Recovery Policy
        2. Encrypting Files and Folders
        3. Decrypting Files and Folders
        4. Sharing Encrypted Files and Folders
        5. Recovering Files
      10. Auditing
        1. Establishing an Audit Policy
        2. Auditing Access to Objects
        3. Viewing the Security Log
          1. Manipulating the Security Log
          2. Security Log Maintenance
      11. Using Microsoft Baseline Security Analyzer
      12. What to Do When Hacked
      13. Summary
    3. 23. Patch Management
      1. Why It’s Important
      2. The Patching Cycle
        1. Assess
        2. Identify
        3. Evaluate and Plan
        4. Deploy
        5. Repeat
      3. Deployment Testing
        1. Test Network Deployment
        2. Beta User Deployment
        3. Full Deployment
      4. Obtaining Updates
        1. Automatic Updates
        2. Windows Server Update Services
          1. Installation
          2. Prerequisites
          3. Basic Configuration
        3. Systems Management Server 2003
      5. Third-Party Products
      6. Summary
    4. 24. Using Microsoft Certificate Services
      1. More Vocabulary
        1. Policy Modules
        2. Exit Modules
        3. Certificate Publishers
        4. Certificate Templates
        5. Certificate Authority Types
          1. Enterprise CA
          2. Standalone CA
      2. Preinstallation
        1. Understanding Certificate Authority Roles
          1. Enterprise Root CA
          2. Enterprise Subordinate CA
          3. Standalone Root CA
          4. Standalone Subordinate CA
        2. Preparing for Installation
      3. Installation and Configuration
      4. The Certification Authority Snap-In
        1. Managing the Certification Authority Service
          1. Starting and Stopping the CA
          2. Backing Up the CA
          3. Restoring the CA
          4. Renewing the CA Certificate
        2. Configuring the CA’s Properties
          1. The Policy Module Tab
          2. The Exit Module Tab
          3. The Storage Tab
          4. The Security Tab
        3. Working with Certificate Templates
          1. Setting Security Permissions and Delegate Access
          2. Enabling Autoenrollment
        4. Managing Revocation and Trust
          1. Publishing CRLs
          2. Delta CRLs
          3. Changing CRL Distribution Points
          4. Controlling Which Trusted Certificates Are Distributed
          5. Managing Certificate Trust Lists for a Group Policy Object
        5. Managing Standalone CAs
          1. Setting the Default Action for New Requests
          2. Changing Certificate Request Status
      5. The Certificates Snap-In
      6. CAs Linked into a Hierarchy
        1. Requesting a Certificate if Your Root CA Is Online
        2. Requesting a Certificate if Your Root CA Is Offline
      7. Command-Line Utilities
        1. The Certsrv Tool
        2. The Certreq Tool
        3. The Certutil Tool
      8. Summary
    5. 25. Connection Services
      1. How Dial-Up Remote Access Works
      2. Understanding Virtual Private Networks
        1. How VPNs Work
        2. Components of a VPN
      3. Common Configurations for Remote Access Servers
      4. Configuring a Server for Dial-Up Clients
      5. Configuring a NAT Server
      6. Setting Remote Access Policies
      7. Understanding the Default Policy
      8. Choosing an Administrative Model for Remote Access Policies
        1. Administering Access by User
        2. Granting Access by User
        3. Administering Access by Policy for a Mixed-Mode Domain
        4. Granting or Denying Access by Group Membership for a Mixed Domain
        5. Administering Access by Policy for a Native Domain
        6. Granting or Denying Access by Group Membership for a Native Domain
      9. Configuring a Remote Access Policy
        1. Specifying Conditions of Remote Access Policies
        2. Configuring Profiles in Remote Access Policies
          1. Specifying Dial-In Constraints
          2. Specifying IP Address Policies
          3. Enabling Multilink and the Bandwidth Allocation Protocol
          4. Specifying Authentication Methods
          5. Specifying an Encryption Method
          6. Setting Advanced Attributes
      10. Configuring a Remote Access Server
      11. Configuring a Virtual Private Network
        1. Configuring the Internet Connection
        2. Configuring the Remote Access Server as a Router
        3. Configuring PPTP Ports
        4. Configuring PPTP Filters
        5. Elements of a Router-to-Router VPN Connection
          1. VPN Clients
          2. VPN Servers
          3. LAN and Remote Access Protocols
          4. Tunneling Protocols
          5. Demand-Dial Interfaces
          6. User Accounts
          7. Static Routes or Routing Protocols
          8. Security Options
        6. Adding a Demand-Dial Interface
        7. Setting Up Static Routes and Routing Protocols
      12. Using the Internet Authentication Service
      13. Installing and Configuring IAS
        1. Installing IAS
        2. Configuring IAS
        3. Configuring Clients for IAS
      14. Using RADIUS for Multiple Remote Access Servers
        1. Configuring a Remote Server for RADIUS Authentication
        2. Configuring the Remote Server for RADIUS Accounting
        3. Configuring the IAS Server for RADIUS
      15. Using the RADIUS Proxy
      16. Summary
    6. 26. Implementing Wireless Security
      1. Understanding 802.11 Protocols
        1. 802.11
        2. 802.11a
        3. 802.11b
        4. 802.11g
        5. 802.11h
        6. 802.11i
        7. 802.11e
        8. 802.11n
      2. Encryption and Authentication
        1. WPA and WPA2
          1. Data Encryption
          2. Data Integrity
          3. User Authentication
        2. WPA2
      3. Deployment Scenarios
        1. Enterprise Deployment with 802.1X
          1. Guest Access
          2. Managed Clients
          3. Unauthorized Wireless Access Points
        2. Small and Medium Business Deployment with WPA
          1. Guest Access
          2. Managed Clients
          3. Unauthorized Wireless Access Points
      4. Summary
  11. V. Support Services and Features
    1. 27. Interoperability
      1. UNIX Interoperability
        1. Permissions and Security Concepts
        2. A UNIX File Listing
        3. Symbolic Links
        4. Privilege Levels
        5. Basic Connectivity
          1. File Transfer Protocol
          2. Telnet
        6. File Systems
          1. The Network File System
          2. Server Message Block
        7. Printing
        8. Microsoft Services for NFS
          1. Configuring User Name Mapping
          2. Connecting to an NFS Share
          3. Configuring Client for NFS
          4. Creating an NFS Share
          5. Configuring Server for NFS
        9. UNIX Identity Management Services
        10. Windows Subsystem for UNIX-Based Applications
      2. Macintosh Interoperability
      3. Novell Netware Interoperability
      4. Summary
    2. 28. Managing Software
      1. Using the Group Policy Software Installation Extension
      2. Finding the Right Mix of Services
        1. Natively Authored Windows Installer Packages
        2. Zap Files
        3. Repackaged Applications
          1. Deciding Whether to Publish or Assign Applications
          2. Updating Applications Deployed via Group Policy
      3. Setting Up the Group Policy Software Installation Extension
        1. Creating a Software Distribution Point
        2. Creating a GPO for Application Deployment
        3. Configuring the Group Policy Software Installation Extension
          1. Setting Software Installation Options
          2. Changing Software Installation Behavior over Slow Links
      4. Working with Packages
        1. Adding a Package to a Group Policy
        2. Changing Application Properties
        3. Applying Package Upgrades
        4. Applying Package Modifications
        5. Removing and Redeploying Packages
      5. Using Software Restriction Policies
        1. How Software Restriction Policies Work
        2. Creating Software Restriction Policies
      6. Remote Installation Services
        1. How RIS Works
        2. RIS Requirements and System Recommendations
        3. Installing RIS
        4. Administering RIS
          1. Changing RIS Settings
          2. Changing Client Group Policy Settings
          3. Managing Operating System Images
            1. Adding CD-Based Images
            2. Adding a Windows Server 2003 R2 Image
            3. Adding Unattended Answer Files to Existing Images
            4. Setting Permissions for Images
            5. Changing Image Properties
          4. Adding RIS Tools
          5. Using Remote Installation Preparation
        5. Performing User Installations
          1. Prestaging a Client
          2. Creating a Remote Boot Disk
          3. Performing a Remote Operating System Installation
      7. Summary
    3. 29. Application Compatibility and Virtual Server
      1. Virtual Server Overview
      2. Installing Virtual Server
        1. Installing Internet Information Services for Virtual Server
        2. Performing the Installation
      3. Configuring Virtual Server
        1. Configuring Virtual Networks
          1. Configuring the Internal Network
          2. Configuring External Networks
        2. Configuring Server Properties
          1. Enabling Virtual Machine Remote Control
          2. Setting Search Paths
      4. Creating Virtual Machines
        1. Initial Configuration of a Virtual Machine
          1. Configuring CD/DVD
          2. Starting the Virtual Machine for the First Time
          3. Installing an Operating System
          4. Installing SCSI Shunt Driver
        2. Using Virtual Machine Remote Control
        3. Configuring Virtual Machines
          1. Configuring Running Virtual Machines
          2. Configuring Stopped Virtual Machines
        4. Installing Virtual Machine Additions
      5. Administering Virtual Server
      6. Alternatives to Virtual Server
        1. Virtual PC
        2. VMWare
      7. Summary
    4. 30. Deploying Terminal Services
      1. Concepts
        1. Remote Access
        2. Central Management
      2. Requirements
        1. RAM
        2. CPU
        3. Network Utilization
        4. Capacity Planning
      3. Installation
        1. Enabling Remote Desktop for Administration Mode
        2. Installing Programs
          1. Install Mode vs. Execute Mode
            1. Using Add/Remove Programs to Install Applications
          2. The Change Command
            1. Using the Change Command to Install an Application
      4. Administration
        1. Terminal Services Manager
          1. Overview
          2. Finding Servers
          3. Making Connections
          4. Managing Connections
            1. Disconnecting Sessions
            2. Resetting Sessions
            3. Logging Off a Session
            4. Viewing Processes and Other Information About a Session
            5. Managing User Sessions
            6. Sending a Message to a Session
            7. Controlling a Session
            8. Connecting to a Session
        2. Terminal Services Configuration
          1. Connection Properties
        3. Terminal Services Licensing
        4. Installing Terminal Server Licensing
          1. To Install Terminal Services
          2. To Activate the License Server
          3. To Install Windows Terminal Server Client Access Licenses
        5. Remote Desktop Client
      5. Summary
    5. 31. Using the Indexing Service
      1. Understanding the Indexing Service
        1. Defining Terms
        2. How Indexing Works
      2. Planning Your Indexing Service
        1. Merging Indexes
          1. Setting the Time to Start a Master Merge
          2. Manually Merging Indexes
        2. Setting Up an Indexing Console
      3. Creating and Configuring Catalogs
        1. Creating a Catalog
        2. Configuring a Catalog
        3. Including or Excluding a Directory
        4. Configuring the Property Cache
        5. Adding a Property
        6. Running a Scan of the Index
      4. Registry Entries for the Indexing Service
      5. Querying the Index
        1. Creating Query Forms
        2. Indexing a New Site
      6. Examining Performance
        1. Modifying the Indexing Service’s Performance
        2. Using Performance Monitor
      7. Troubleshooting the Indexing Service
        1. No Documents Matched the Query
        2. PDF Files Aren’t Indexed
        3. Query Produces Inconsistent Results
        4. Catalog Is Reportedly Corrupted
        5. Indexing Is Slow and Some Documents Aren’t Indexed
      8. Summary
  12. VI. Internet Servers and Services
    1. 32. Basics of Internet Information Services
      1. Protocols Supported
        1. HTTP
        2. FTP
        3. SMTP
        4. NNTP
        5. Other Protocols
      2. Administration Tools
        1. Adding the Application Server Role
        2. Internet Information Services
        3. Remote Administration
        4. Administration Scripts
      3. The WWW Publishing Service
        1. The Default Web Site
        2. Connecting to a Web Site
        3. Other Web Sites
          1. Using the Web Site Creation Wizard
          2. Testing the New Web Site
        4. Virtual Directories
          1. Local Virtual Directories vs. Remote Virtual Directories
          2. The Virtual Directory Creation Wizard
          3. Web Sharing
          4. Virtual Directories, Physical Directories, and Icons
      4. The FTP Publishing Service
        1. The Default FTP Site
        2. Other FTP Sites
          1. Using the FTP Site Creation Wizard
          2. Testing the New FTP Site
        3. Virtual Directories
          1. Using the Virtual Directory Creation Wizard
          2. Testing the New Virtual Directory
      5. Basic Administrative Tasks
        1. Configuring Permissions
          1. Understanding IIS 6 Security
          2. Setting Permissions
        2. Stopping, Starting, and Pausing IIS Services
        3. Using FrontPage Server Extensions
      6. Summary
    2. 33. Advanced Internet Information Services
      1. Server-Level Administration
        1. Connecting to an IIS Server
        2. Creating Configuration Backups
          1. Backing Up a Server Configuration
          2. Restoring a Server Configuration
        3. Configuring Server Properties
          1. Editing the Metabase
          2. Metabase History
      2. Site-Level Administration
      3. Directory-Level Administration
      4. File-Level Administration
      5. Managing WWW Sites
        1. Web Site Tab
          1. Web Site Identification
          2. Configuring Multiple IP Addresses on the Server’s Network Card
          3. Configuring Only One IP Address for the Server’s Network Card
          4. Configuring One IP Address and Leaving the TCP Port Set to Default
          5. Connections
          6. IIS Logging
        2. Performance Tab
        3. ISAPI Filters Tab
        4. Home Directory Tab
          1. Home Directory
          2. Access Permissions
          3. Application Settings
        5. Documents Tab
        6. Directory Security Tab
          1. Anonymous Access and Authentication Control
          2. IP Address and Domain Name Restrictions
          3. Secure Communications
        7. HTTP Headers Tab
          1. Content Expiration
          2. Custom HTTP Headers
          3. Content Rating
          4. MIME Types
        8. Custom Errors Tab
      6. Managing FTP Sites
        1. Server-Wide FTP Properties
        2. Configuring Individual FTP Site Properties
          1. FTP Site Tab
            1. Identification
            2. Current Sessions
          2. Security Accounts Tab
          3. Messages Tab
          4. Home Directory Tab
            1. Access Permissions
            2. Directory Listing Style
          5. Directory Security Tab
        3. Configuring FTP Directory Properties
      7. Managing NNTP Virtual Servers
        1. What NNTP Service Does
        2. NNTP Service Wizards
          1. New NNTP Virtual Server Wizard
          2. New Virtual Directory Wizard
          3. New Expiration Policy Wizard
          4. New Newsgroup Wizard
        3. Configuring the Default NNTP Virtual Server
          1. The General Tab
          2. Access Tab
          3. Settings Tab
          4. Security Tab
          5. Managing Newsgroups
        4. Connecting to the Default NNTP Virtual Server
        5. Displaying NNTP Sessions
        6. Rebuilding an NNTP Virtual Server
      8. Managing SMTP Virtual Servers
        1. What SMTP Service Does
        2. SMTP Directories
        3. Configuring the Default SMTP Virtual Server
          1. General Tab
            1. Identification
            2. Connections
            3. IIS Logging
          2. Access Tab
            1. Access Control
            2. Secure Communication
            3. Connection Control
            4. Relay Restrictions
          3. Messages Tab
          4. Delivery Tab
          5. LDAP Routing Tab
          6. Security Tab
        4. SMTP Domains
        5. The New Domain Wizard
      9. Web Service Extensions
      10. Remote Administration
        1. Administration Web Site
        2. Enabling Remote Administration
        3. Testing Remote Administration
      11. Summary
    3. 34. Internet Security and Acceleration Server 2004
      1. Concepts
        1. Network Address Translation
        2. Packet Filtering and Application Layer Filtering
        3. Caching
        4. Client Types
      2. Installation and Configuration
        1. System Requirements
        2. Installation
        3. Securing Your ISA 2004 Server
        4. Initial Configuration of ISA Server 2004
          1. Defining Your ISA 2004 Network Topology
          2. Create Firewall Policy Rules
          3. Define Caching Rules
      3. Additional Configuration Tasks
        1. Define VPN Access
        2. Setup Monitoring
        3. Publishing Servers (Reverse Proxy)
        4. Additional Configuration
          1. The Toolbox
          2. Defining Network Entities
          3. Defining Users
      4. ISA Firewall Client
      5. Import, Export, Backup, and Restore
      6. Summary
  13. VII. Tuning, Maintenance, and Repair
    1. 35. Performance Monitoring and Tuning
      1. Documenting the Network, Policies, and Procedures
        1. Documenting the Network
        2. Evaluating Policies and Procedures
      2. Selecting a Monitoring Method
        1. Determining How Often to Monitor
        2. Monitoring Memory Usage
        3. Monitoring Processor Activity
        4. Monitoring Disk Activity
        5. Monitoring Network Activity
      3. Using Event Viewer
        1. Event Log Files
        2. Components of an Event
          1. The Event Header
          2. The Event Description
        3. Viewing an Event Log on Another Computer
        4. Changing Event Log Settings
        5. Archiving an Event Log
      4. Using the Microsoft Windows Server 2003 Performance Advisor
        1. Overview
        2. Recording and Viewing Data
        3. Monitoring Multiple Servers
      5. Using System Monitor
        1. Adding Counters
        2. Matching Counters to Graph Lines
        3. Modifying the Display
          1. Choosing the Sampling Interval
          2. Changing Grid Lines and Graph Scales
      6. Performance Logs and Alerts
        1. Creating Counter and Trace Logs
        2. Saving Log and Alert File Settings
        3. Using Alerts
      7. Using Network Monitor
        1. Capturing Frames
        2. Viewing the Capture Window
        3. Viewing the Frame Viewer Window
        4. Configuring and Customizing Network Monitor
          1. Modifying the Capture Buffer
          2. Editing the Address Database
          3. Adding a Comment Frame to a Capture
          4. Printing Captured Frames
        5. Designing a Capture Filter
          1. Specifying Capture Filter Protocols
          2. Specifying Address Pairs
          3. Defining Pattern Matches
        6. Designing a Display Filter
        7. Setting a Capture Trigger
      8. Memory and Network Tuning
        1. Changing File System Cache Settings
        2. Optimizing the Page File
        3. Tuning Network Performance
      9. Summary
    2. 36. Disaster Planning
      1. Planning for Disaster
        1. Identifying the Risks
        2. Identifying the Resources
        3. Developing the Responses
          1. Standard Operating Procedures
          2. Standard Escalation Procedures
        4. Testing the Responses
        5. Iterating
      2. Preparing for a Disaster
        1. Setting Up a Fault-Tolerant System
        2. Backing Up the System
        3. Creating Automated System Recovery Disks
        4. Creating a Boot Disk
        5. Installing the Recovery Console
        6. Specifying Recovery Options
        7. Creating and Using a Recovery Drive
      3. Summary
    3. 37. Using Backup
      1. Selecting a Backup Medium
        1. Using Removable Storage
        2. Backing Up to Files
        3. Using CD-ROMs
      2. Developing a Backup Strategy
        1. The Backup Window
        2. Backup Types
          1. Normal Backup
          2. Incremental Backup
          3. Differential Backup
          4. Daily Backup
          5. Copy Backup
        3. Media Rotation
      3. Backing Up Data
        1. Using Windows Server 2003 Backup
          1. Creating Selection Scripts
          2. Accessing Files and Folders for Backup
          3. Selecting the Storage Medium
          4. Configuring Backup Options
          5. Logging Backups
          6. Excluding Files
          7. Running a Job
          8. Scheduling a Job
        2. Using the Windows Server 2003 Backup Wizard
        3. Executing Jobs from the Command Line
      4. Restoring Data
        1. Selecting Files to Be Restored
        2. Selecting Destinations for Restored Files
        3. Setting Restore Options
      5. Planning for Failure
        1. Backing Up the System State
      6. Handling Backup and Restore Problems
        1. Backing Up Exchange Servers
        2. Backing Up Encrypted Files
        3. Restoring the System State
          1. Directory Services Restore Mode
          2. Authoritative Restore
          3. Ntdsutil
        4. Preserving NTFS Permissions
      7. Third-Party Backup Utilities
      8. Summary
    4. 38. Planning Fault Tolerance and Avoidance
      1. Mean Time to Failure and Mean Time to Recover
      2. Protecting the Power Supply
        1. Local Power Supply Failure
        2. Voltage Variations
          1. Spikes
          2. Surges
          3. Sags
          4. Brownouts
        3. Short-Term Power Outages
        4. Long-Term Power Outages
      3. Disk Arrays
        1. Hardware vs. Software
        2. RAID Levels for Fault Tolerance
          1. Intended Use
          2. Fault Tolerance
          3. Availability
          4. Performance
          5. Cost
        3. Hot-Swap and Hot-Spare Disk Systems
      4. Distributed File System
      5. Clustering
        1. Network Load Balancing
        2. Server Clusters
      6. Summary
    5. 39. Using the Registry
      1. Introducing the Registry
      2. The Origins of the Registry
      3. What Registry Data Is Used For
      4. Understanding the Registry’s Structure
        1. The Root Keys
        2. Major Subkeys
          1. HKLM\HARDWARE
          2. HKLM\SAM
          3. HKLM\SECURITY
          4. HKLM\SOFTWARE
          5. HKLM\Software\Wow6432Node
          6. HKLM\SYSTEM\CurrentControlSet
          7. HKLM\SYSTEM\MountedDevices
        3. How Data Is Stored
          1. Useful Data Types
          2. Volatile Keys
          3. Disk-Based Keys
          4. Where Data Goes on Disk
      5. Using the Registry Editors
        1. A Whirlwind Tour of the Registry Editor
          1. Searching for Keys and Values
          2. Editing Value Contents
          3. Adding and Removing Keys and Values
          4. Importing and Exporting Registry Data
          5. Loading and Unloading Hives
          6. Connecting to a Remote Machine’s Registry
          7. Renaming Keys and Values
          8. Managing Security on Registry Keys
        2. A Whirlwind Tour of Reg
      6. Backing Up and Restoring the Registry
        1. Choosing a Backup Method
          1. Backup Utility
          2. Third-Party Products
          3. Do-It-Yourself Backups
        2. Backing Up the Registry
          1. Using the Backup Utility
          2. Automated System Recovery
      7. Summary
    6. 40. Troubleshooting and Recovery
      1. Triaging the Situation
      2. Performing a System Recovery
        1. Identifying Possible Causes
        2. Using the Last Known Good Configuration
        3. Using Safe Mode
        4. Using a Boot Disk to Recover the System
        5. Booting from Mirrored Boot Partitions
        6. Performing an In-Place Upgrade
        7. Using the Automated System Recovery Process
      3. Fixing the Underlying Problem
        1. Rolling Back Recently Installed Drivers
        2. Using Help And Support to Gather Basic Information
        3. Using System Information to Gather Advanced Information
        4. Checking Services
        5. Using the System Configuration Utility
        6. Using the System File Checker
        7. Restoring from a Backup
        8. Reinstalling Windows
      4. Emergency Management Services and Headless Servers
        1. EMS Overview
        2. Hardware and Software Requirements
        3. Setting Up EMS
          1. Configuring the Firmware for EMS
          2. Manually Installing Windows on a Headless Server
          3. Installing Windows Using RIS on a Headless Server
          4. Installing Windows Using an Answer File on a Headless Server
          5. Enabling EMS during Windows Upgrades
          6. Enabling EMS after Setup
        4. Using EMS for Out-of-Band Administration
      5. Miscellaneous Challenges
        1. Using the Shutdown Event Tracker
        2. Adding a Processor to the System
        3. Troubleshooting Shutdown Problems
        4. Uninstalling Windows
      6. Summary
  14. VIII. Appendixes
    1. A. Interface Changes from Windows 2000 Server
    2. B. Interface Changes from Windows NT 4
      1. Clipboard Viewer
      2. Compression Agent
      3. Computers Near Me
      4. Devices
      5. Dial-Up Networking
      6. Disk Administrator
      7. Find
      8. MS-DOS Prompt
      9. My Briefcase
      10. My Documents
      11. Network Neighborhood
      12. Personalized Menus
      13. Start Menu
      14. System Information
      15. TCP/IP
      16. User Manager
      17. User Manager for Domains
      18. View Options
      19. Windows NT Explorer
    3. C. Optional Components
      1. Accessories and Utilities
        1. Accessibility Wizard
        2. Accessories
        3. Communications
        4. Active Directory Services
        5. Application Server
      2. Certificate Services
      3. Distributed File System (DFS)
      4. E-mail Services
      5. Fax Services
      6. Indexing Service
      7. Internet Explorer Enhanced Security Configuration
      8. Management and Monitoring Tools
      9. Microsoft .NET Framework 2.0
      10. Networking Services
      11. Other Network File and Print Services
      12. Remote Installation Services
      13. Remote Storage
      14. Security Configuration Wizard
      15. Subsystem for UNIX-Based Applications
      16. Terminal Server
      17. Terminal Server Licensing
      18. UDDI Services
      19. Update Root Certificates
      20. Windows Media Services
      21. Windows SharePoint Services
    4. D. Using the Microsoft Windows Server 2003 Recovery Console
      1. Recovery Console Limitations
      2. Starting the Recovery Console
      3. Using Recovery Console Commands
    5. E. Using the Microsoft Windows Server 2003 Support Tools
  15. Glossary
  16. F. About the Authors
  17. G. Microsoft Press Support Information
  18. H. Additional Windows (R2) Resources for Administrators
  19. I. Additional SQL Server Resources for Administrators
  20. Index
  21. About the Authors
  22. Copyright