- Microsoft® Windows Server™ 2003 Inside Out
- SPECIAL OFFER: Upgrade this ebook with O’Reilly
- A Note Regarding Supplemental Files
- Acknowledgments
- We'd Like to Hear from You!
- About the CD
- Conventions and Features Used in this Book
- About the Author
- 1. Windows Server 2003 Overview and Planning
- 1. Introducing Windows Server 2003
- What's New in Windows Server 2003
- 64-Bit Computing
- .NET Technologies
- Windows XP and Windows Server 2003
- Windows XP Editions
- Increased Support for Standards
- Interface and Tool Improvements
- Active Directory Improvements
- Domains Can Be Renamed
- Active Directory Can Replicate Selectively
- Active Directory–Integrated DNS Zones Can Forward Conditionally
- Active Directory Schema Objects Can Be Deleted
- Active Directory and Global Catalog Are Optimized
- Active Directory Can Compress and Route Selectively
- Forest-to-Forest Trusts
- Active Directory Migration Made Easier
- Group Policy Improvements
- Management and Administration Extras
- Security Advances
- Reliability and Maintenance Enhancements
- 2. Planning for Windows Server 2003
- Overview of Planning
- Identifying Your Organizational Teams
- Assessing Project Goals
- Analyzing the Existing Network
- Defining Objectives and Scope
- Defining the New Network Environment
- Selecting a Software Licensing Program
- Final Considerations for Planning and Deployment
- 1. Introducing Windows Server 2003
- 2. Windows Server 2003 Installation
- 3. Preparing for the Installation and Getting Started
- 4. Managing Interactive Installations
- 5. Managing Unattended Installations
- 6. Using Remote Installation Services
- Introduction to RIS
- Installing RIS
- Configuring RIS Clients
- Preparing RIS-Based Installations
- Using RIS for Automated Installations
- Working with Sysprep
- 3. Windows Server 2003 Upgrades and Migrations
- 7. Preparing for Upgrades and Migration
- 8. Upgrading to Windows Server 2003
- General Considerations for Upgrades
- Upgrading from Windows 2000
- Upgrading from Windows NT 4
- 9. Migrating to Windows Server 2003
- Selecting the Migration Tools
- ADMT
- General Considerations for Migrations
- Determining the Approach to Migration
- Preparing for Migration
- Migrating Security Principals
- Performing the Migration: An Overview
- Migrating Group Accounts
- Migrating User Accounts
- Migrating Passwords
- Migrating the Computers
- Merging Groups during Migration
- Migrating Domain Trusts
- Migrating Service Accounts
- Security Translation
- Generating Migration Reports
- 4. Managing Windows Server 2003 Systems
- 10. Configuring Windows Server 2003
- 11. Windows Server 2003 MMC Administration
- 12. Managing Windows Server 2003
- Using the Administration Tools
- Using the Control Panel Utilities
- Using the Add Hardware Utility
- Using the Add or Remove Programs Utility
- Using the Date and Time Utility
- Using the Display Utility
- Using the Folder Options Utility
- Using the Licensing Utility
- Using the Network Connections Utility
- Using the Regional and Language Options Utility
- Using the Scheduled Tasks Utility
- Using the System Utility
- Using Support Tools
- Using Resource Kit Tools
- Using the Secondary Logon
- 13. Managing and Troubleshooting Hardware
- 14. Managing the Registry
- 15. Performance Monitoring and Tuning
- 16. Comprehensive Performance Analysis and Logging
- 5. Managing Windows Server 2003 Storage and File Systems
- 17. Planning for High Availability
- 18. Preparing and Deploying Server Clusters
- 19. Storage Management
- Essential Storage Technologies
- Configuring Storage
- Managing MBR Disk Partitions on Basic Disks
- Managing GPT Disk Partitions on Basic Disks
- Managing Volumes on Dynamic Disks
- Creating a Simple or Spanned Volume
- Extending a Simple or Spanned Volume
- Recovering a Failed Simple or Spanned Disk
- Moving Dynamic Disks
- Configuring RAID 1: Disk Mirroring
- Mirroring Boot and System Volumes
- Configuring RAID 5: Disk Striping with Parity
- Breaking or Removing a Mirrored Set
- Resolving Problems with Mirrored Sets
- Repairing a Mirrored System Volume to Enable Boot
- Resolving Problems with RAID-5 Sets
- 20. Managing Windows Server 2003 File Systems
- 21. File Sharing and Security
- File Sharing Essentials
- Creating and Publishing Shared Folders
- Managing Share Permissions
- Managing File and Folder Permissions
- Managing File Shares After Configuration
- Sharing Files on the Web
- Auditing File and Folder Access
- 22. Using Volume Shadow Copy
- 23. Using Removable Media
- Introducing Removable Media
- Managing Media Libraries and Media
- Inserting Media into a Library
- Ejecting Media from a Library
- Mounting and Dismounting Media in Libraries
- Enabling and Disabling Media
- Enabling and Disabling Drives
- Cleaning Drives
- Working with Library Doors and Ports
- Configuring Library Inventory
- Starting Library Inventory
- Changing Library Media Types
- Enabling and Disabling Libraries
- Managing Media Pools
- Managing Work Queues, Requests, and Security
- Using the Work Queue
- Troubleshooting Waiting Operations
- Changing Mount Operations
- Controlling When Operations Are Deleted
- Using the Operator Requests Queue
- Notifying Operators of Requests
- Completing or Refusing Requests
- Controlling When Requests Are Deleted
- Setting Access Permissions for Removable Storage
- 6. Managing Windows Server 2003 Networking and Print Services
- 24. Managing TCP/IP Networking
- Understanding IP Addressing
- Special IP Addressing Rules
- Using Subnets and Subnet Masks
- Getting and Using IP Addresses
- Understanding Name Resolution
- Configuring TCP/IP Networking
- 25. Managing DHCP
- DHCP Essentials
- DHCP Security Considerations
- Planning DHCP Implementations
- Setting Up DHCP Servers
- Configuring TCP/IP Options
- Levels of Options and Their Uses
- Options Used by Windows Clients
- Using Userand Vendor-Specific TCP/IP Options
- Settings Options for All Clients
- Settings Options for Routing and Remote Access Clients Only
- Setting Add-On Options for Directly Connected Clients
- Defining Classes to Get Different Option Sets
- Advanced DHCP Configuration and Maintenance
- Setting Up DHCP Relay Agents
- 26. Architecting DNS Infrastructure
- 27. Implementing and Managing DNS
- 28. Implementing and Maintaining WINS
- 29. Installing and Maintaining Print Services
- Understanding Windows Server 2003 Print Services
- Print Services Changes for Windows Server 2003
- Upgrading Windows NT 4 Print Servers to Windows Server 2003
- Migrating Print Servers from One System to Another
- Planning for Printer Deployments and Consolidation
- Setting Up Printers
- Managing Printer Permissions
- Managing Print Server Properties
- Managing Printer Properties
- Setting General Properties, Printing Preferences, and Document Defaults
- Setting Overlays and Watermarks for Documents
- Installing and Updating Print Drivers on Clients
- Configuring Printer Sharing and Publishing
- Optimizing Printing Through Queues and Pooling
- Configuring Print Spooling
- Viewing the Print Processor and Default Data Type
- Configuring Separator Pages
- Configuring Color Profiles
- Managing Print Jobs
- Printer Maintenance and Troubleshooting
- 30. Using Remote Desktop for Administration
- 31. Deploying Terminal Services
- Using Terminal Services
- Designing the Terminal Services Infrastructure
- Setting Up Terminal Services
- Using the Terminal Services Configuration Tool
- Using the Terminal Services Manager
- Managing Terminal Services from the Command Line
- Other Useful Terminal Services Commands
- Configuring Terminal Services Per-User Settings
- 24. Managing TCP/IP Networking
- 7. Managing Active Directory and Security
- 32. Active Directory Architecture
- 33. Designing and Managing the Domain Environment
- Design Considerations for Active Directory Replication
- Design Considerations for Active Directory Search and Global Catalogs
- Design Considerations for Compatibility
- Design Considerations for Active Directory Authentication and Trusts
- Universal Groups and Authentication
- NTLM and Kerberos Authentication
- Authentication and Trusts Across Domain Boundaries
- Authentication and Trusts Across Forest Boundaries
- Examining Domain and Forest Trusts
- Establishing External, Shortcut, Realm, and Cross-Forest Trusts
- Verifying and Troubleshooting Trusts
- Delegating Authentication
- Design Considerations for Active Directory Operations Masters
- Operations Master Roles
- Using, Locating, and Transferring the Schema Master Role
- Using, Locating, and Transferring the Domain Naming Master Role
- Using, Locating, and Transferring the Relative ID Master Role
- Using, Locating, and Transferring the PDC Emulator Role
- Using, Locating, and Transferring the Infrastructure Master Role
- 34. Organizing Active Directory
- 35. Configuring Active Directory Sites and Replication
- 36. Implementing Active Directory
- Preinstallation Considerations for Active Directory
- Installing Active Directory
- Uninstalling Active Directory
- Creating and Managing Organizational Units (OUs)
- Delegating Administration of Domains and OUs
- 37. Managing Users, Groups, and Computers
- Managing Domain User Accounts
- Managing User Profiles
- Managing User Data
- Maintaining User Accounts
- Managing Groups
- Managing Computer Accounts
- 38. Managing Group Policy
- Understanding Group Policy
- Implementing Group Policy
- Working with Local Group Policy
- Working with the Group Policy Object Editor
- Working with the Group Policy Management Console
- Installing and Running the Group Policy Management Console
- Using the Group Policy Management Console
- Accessing Forests, Domains, and Sites in Group Policy Management Console
- Creating and Linking a New GPO in Group Policy Management Console
- Editing an Existing GPO in the Group Policy Management Console
- Linking to an Existing GPO in the Group Policy Management Console
- Deleting an Existing GPO in the Group Policy Management Console
- Managing Group Policy Inheritance and Processing
- Using Scripts in Group Policy
- Applying Group Policy Through Security Templates
- Maintaining and Troubleshooting Group Policy
- 39. Active Directory Site Administration
- 8. Windows Server 2003 Disaster Planning and Recovery
- Index to Troubleshooting Topics
- Index
- SPECIAL OFFER: Upgrade this ebook with O’Reilly
Although IP addressing works well for computer-to-computer communications, it doesn't work so well when you and I want to access resources. Could you imagine having to remember the IP address of every computer that you work with? That would be difficult, and it would make working with computers on networks a chore. This is why computers are assigned names. Names are easier to remember than numbers—at least for most people.
When a computer has a name, you can type that name rather than its IP address to access it. This name resolution doesn't happen automatically. In the background, a computer process translates the computer name you type into an IP address that computers can understand. On Windows networks, computer names are handled and resolved using one of two naming systems:
Domain Name System (DNS)
Windows Internet Naming Service (WINS)
DNS is the primary name system. WINS is maintained for backward support and compatibility with pre–Microsoft Windows 2000 computers.
DNS provides a distributed database that enables computer names to be resolved to their corresponding IP addresses. When working with DNS, it is important to understand what is meant by the terms "host name," "domain name," "fully qualified domain name," and "name resolution."
A host name identifies an individual host in DNS. Ordinarily, you might call this a computer name. The difference, however, is that there is an actual record in the DNS database called a host record that corresponds to the computer name and details how the computer name is used on the network. Host names can be assigned by administrators and other members of the organization.
A domain name identifies a network in DNS. Domain names follow a specific naming scheme that is organized in a tree-like structure. Periods (dots) are used to separate the name components or levels within the domain name.
The first level of the tree is where you'll find the top-level domains. Top-level domains describe the kinds of networks that are within their domain. For example, the .edu top-level domain is for educational domains, the .gov top-level domain is for U.S. government domains, and .com is for commercial domains. As you can see, these top-level domains are organized by category. There are also top-level domains organized geographically, such as .ca for Canada and .uk for United Kingdom.
The second level of the tree is where you'll find parent domains. Parent domains are the primary domain names of organizations. For example, City Power & Light's domain name is cpandl.com. The domain name cpandl.com identifies a specific network in the .com domain. No parent domain can be used on the public Internet without being reserved and registered. Name registrars, such as Network Solutions, charge a fee for this service.
Additional levels of the tree belong to individual hosts or subsequent levels in the organization's domain structure. These subsequent levels are referred to as child domains. For example, City Power & Light might have Tech, Support, and Sales child domains, which are named tech.cpandl.com, support.cpandl.com, and sales.cpandl.com, respectively.
Tip
Connect the network to the Internet
If your organization's network must be connected to the Internet, you should obtain a public domain name from a name registrar or use a similar service as provided by an ISP. Because many domain names have already been taken, you should have several previously agreed upon alternative names in mind when you go to register. After you obtain a domain name, you must configure DNS hosting for that domain. You do this by specifying the addresses of two or more DNS servers that will handle DNS services for this domain. Typically, these DNS servers belong to your ISP.
All hosts on a TCP/IP network have what is called a fully qualified domain name (FQDN). The FQDN combines the host name and the domain name and serves to uniquely identify the host. For a host named CPL05 in the cpandl.com domain, the FQDN would be cpl05.cpandl.com. For a host named CORPSVR17 in the tech.cpandl.com domain, the FQDN would be corpsvr17.tech.cpandl.com.
Name resolution is the process by which host names are resolved to IP addresses and vice versa. When a TCP/IP application wants to communicate with another host on a network, it needs the IP address of that host. Typically, the application knows only the name of the host it is looking for, so it has to resolve that name to an IP address.
To do this, the application first looks in its local DNS cache of names that it has previously looked up. If the name is in this cache, the IP address is found without having to look else-where and the application can connect to the remote host. If the name isn't in the cache, the application must ask the network's DNS server or servers to help resolve the name. These servers perform a similar lookup. If the name is in their database or cache, the IP address for the name is returned. Otherwise, the DNS server has to request this information from another DNS server.
That's the way it works—the simplified version at least. Most of the time, a TCP/IP application has the host name and needs to find the corresponding IP address. Occasionally, a TCP/IP application will have an IP address and needs the corresponding host name. To do this, the application must perform a reverse lookup, so instead of requesting an IP address, the application requests a host name using the IP address.
The application first looks in its local cache of information that has been previously looked up. If the IP address is in this cache, the name is found without having to look elsewhere and the application can perform whichever tasks are necessary. If the IP address isn't in the cache, the application must ask the network's DNS server or servers to help resolve the IP address. These servers perform a similar lookup. If the IP address is in their reverse lookup database or cache, the name for the IP address is returned. Otherwise, the DNS server has to request this information from another DNS server.
WINS is another name resolution service provided by Windows Server 2003. Under WINS, computers have NetBIOS names. WINS provides a similar service for NetBIOS names as DNS provides for DNS host names. That is to say, WINS provides the necessary services for mapping NetBIOS names to IP addresses for hosts running NetBIOS over TCP/IP.
NetBIOS is an interface developed to allow applications to perform basic network operations, such as sending data, connecting to remote hosts, and accessing network resources. NetBIOS is used by earlier versions of Windows, including Windows 95, Windows 98, and Windows NT, to identify and locate computers on the network.
NetBIOS computer names can be up to 15 characters long. They must be unique on the network and can be looked up on a server called a WINS server. WINS supports both forward lookups (NetBIOS computer name to IP address) and reverse lookups (IP address to NetBIOS computer name).
Your organization must set up WINS only if you are using Windows 95, Windows 98, Windows NT, or applications that rely on NetBIOS over TCP/IP. If you are currently using WINS, you can eliminate the need for this service by moving workstations and servers to Windows 2000 or a later version of Windows.
-
No Comment