Systems that run Microsoft Windows Server 2003 are the heart of any Microsoft Windows network. These are the systems that provide the essential services and applications for users and the network as a whole. As an administrator, it is your job to keep these systems running, and to do this, you must understand the administration options available and put them to the best use possible. Your front-line defense in managing systems running Windows Server 2003 is the administration and support tools discussed in this chapter.
To run most of the administration tools, you must have Administrator privileges, and if these aren't included with your current account, you must log on using an account that has these privileges. One way to do this without having to log off and log back on is to use the secondary logon so that you can run tools as an administrator.
Any explanation of how to manage Windows Server 2003 systems must involve the administration and support tools that are included with the operating system. These are the tools you will use every day, so you might as will learn a bit more about them. Many other tools that might come in handy are found in the Windows Server 2003 Support Tools and Resource Kit.
Most administration tools are found on the Administrative Tools menu and can be run by clicking Start, pointing to Programs or All Programs, and then selecting Administrative Tools. As Table 12-1 shows, dozens of administration tools are available for working with Windows Server 2003. The tool you use depends on what you want to do and sometimes on how much control you want over the aspect of the operating system you are seeking to manage. Several tools, including Configure Your Server, Manage Your Server, and Computer Management, are discussed later in this section. Other tools are discussed later in this chapter or in other appropriate chapters of this book.
Table 12-1. Tools for Administration
Administrative Tool | Description |
|---|---|
Active Directory Domains and Trusts | Used to manage trust relationships between domains. |
Active Directory Sites and Services | Used to create sites and to manage the replication of Active Directory information. |
Active Directory Users and Computers | Used to manage users, groups, contacts, computers, organizational units (OUs), and other objects in the Active Directory directory service. |
Application Server | Used to manage the Microsoft .NET Framework, Microsof Internet Information Services (IIS), and Component Services. This is a special console added for convenience. |
Certification Authority | Used to create and manage server certificates for servers and users on the network. Certificates are used to support Public Key Infrastructure (PKI) encryption and authentication. |
Cluster Administrator | Used to manage the Cluster service available with Windows Server 2003, Enterprise Edition and Datacenter Edition. Clustering allows groups of computers to work together, providing failover support and additional processing capacity. |
Component Services | Used to configure and manage COM+ applications. It also lets you manage events and services. |
Computer Management | Used to manage services, devices, disks, and the system hardware configuration. It is also used to access other system tools. |
Configure Your Server | Used to manage server roles. |
Connection Manager Administration Kit | Used to configure and customize Connection Manager. |
Data Sources (ODBC) | Used to configure and manage Open Database Connectivity (ODBC) data sources and drivers. |
DHCP | Used to configure and manage the Dynamic Host Configuration Protocol (DHCP) service. |
Distributed File System | Used to create and manage distributed file systems that connect shared folders from different computers. |
DNS | Used to configure and manage the Domain Name System (DNS) service, which can be integrated with Active Directory. |
Domain Controller Security Policy | Used to view and modify security policy for a domain controller. |
Domain Security Policy | Used to view and modify the security policy for a domain. |
Event Viewer | Used to view the system event logs and manage event log configurations. |
Filer Server Management | Used to manage file shares and disks. This is a special console added for convenience. |
Internet Authentication Service | Used to manage authentication, authorization, and accounting (AAA) of remote Internet users. |
IIS Manager | Used to configure and manage Internet services, which include Web, File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and Network News Transport Protocol (NNTP). |
IP Address Management | Used to manage DHCP, Windows Internet Naming Service (WINS), and DNS. This is a special console added for convenience. |
Licensing | Used to manage client access licenses for server products. |
Manage Your Server | Used to manage server roles that have been configured on a system. |
Microsoft .NET Framework 1.1 Configuration | Used to manage the configuration of the .NET Framework, which is used with application servers. |
Microsoft .NET Framework 1.1 Configuration and Wizards | Used to install and configure the .NET Framework. |
Performance | Used to monitor system performance, create performance tracking logs, and define performance alerts. |
Remote Desktops | Used to configure remote connections and view remote desktop sessions. |
Remote Storage | Used to manage the Remote Storage service, which automatically transfers data from infrequently used files to tape libraries. |
Routing and Remote Access | Used to configure and manage the Routing and Remote Access service, which controls routing interfaces, dynamic Internet Protocol (IP) routing, and remote access. |
Server Extensions Administrator | Used to manage server extensions, such as the Microsoft Office FrontPage Server extensions. |
Services | Used to manage the startup and configuration of Windows services. |
Terminal Services Configuration | Used to manage Terminal Services protocol configurations and server settings. |
Terminal Services Licensing | Used to manage client access licensing for Terminal Services. |
Terminal Services Manager | Used to manage and monitor Terminal Services users, sessions, and processes. |
WINS | Used to manage WINS. This service resolves NetBIOS names to IP addresses and is used with computers running versions earlier than Microsoft Windows 2000. |
As with Windows 2000, Windows Server 2003 provides the Configure Your Server Wizard to help you configure servers to handle specific roles. For example, you might want to configure a server as a domain controller, a file server, or a print server, and rather than configuring these options by hand, you can use the wizard to help you.
The Configure Your Server Wizard is in the Administrative Tools folder. Click Start, point to Programs or All Programs, click Administrative Tools, and then click Configure Your Server. When the wizard starts, click Next, and then read about the preliminary tasks (as shown in the screen on the following page) that should be performed prior to using the wizard to configure roles. Basically, you should ensure the server has a network card and is connected to the network, and also that you have the Windows Server 2003 distribution CD-ROM or can access the setup files over the network.
When you click Next again, Windows Server 2003 gathers information about the server's current roles, then displays a list of available server roles, and specifies whether they're configured, as shown in the following screen. You can then add or remove roles. If a role isn't configured and you want to add the role, select the role in the Server Role column, click Next, and then follow the prompts. If a role is configured and you want to remove it, select the role in the Server Role column, and then click Next. Read any warnings displayed, and then follow the prompts to remove the role.
You'll find it pretty easy to configure the basic roles by following the prompts. Each role is covered in depth in other chapters of the book as well. Once a role is installed, you can manage it by using Manage Your Server, which is discussed in the next section.
Manage Your Server provides a central interface for managing the roles that you've configured on a server. Any role that you add by using the Configure Your Server Wizard or the standard tools is available for management, and you can also launch Configure Your Server from within this tool by clicking the Add Or Remove A Role link.
As Figure 12-1 shows, Manage Your Server lists the current roles that are configured along with quick access links for related management tools. You can use the arrow icons to the left of the role name to shrink or expand the role information provided. In the upper-right corner, you will find quick access links to Administrative Tools, Windows Update, the System Properties dialog box, Help And Support, and more under the headings Tools And Updates and See Also.
Computer Management provides tools for managing local and remote systems. The tools available through the console tree provide the core functionality and are divided into the following three categories as shown in the accompanying screen:
The Computer Management System Tools are designed to manage systems and view system information. The available system tools are these:
Event Viewer Used to view the event logs on the selected computer. Event logs are covered in Chapter 15.
Shared Folders Used to manage the properties of shared folders as well as sessions for users working with shared folders and the files the users are working with. Managing shared folders is covered in Chapter 21.
Local Users And Groups Used to manage local users and local user groups on the currently selected computer. Local users and local user groups aren't a part of Active Directory and are managed instead through the Local Users And Groups view. Domain controllers don't have local users or groups, and because of this there isn't a Local Users And Groups view. Local users and groups are discussed in Chapter 37.
Performance Logs And Alerts Used to monitor system performance and create logs based on performance parameters. You can also use this tool to alert users of adverse performance conditions. For more information on performance logs and alerts, see the section entitled "Performance Logging".
Device Manager Used as a central location for checking the status of any device installed on a computer and for updating the associated device drivers. You can also use it to troubleshoot device problems. Managing devices is covered in Chapter 13.
The Computer Management Storage tools display drive information and provide access to drive management tools. The available storage tools are as follows:
Removable Storage Used to manage removable media devices and tape libraries. It can also help you track work queues and operator requests related to removable media devices. Removable Storage is discussed further in Chapter 23.
Disk Defragmenter Used to correct drive fragmentation problems by locating and combining fragmented files. Defragmenting disks is discussed in the section entitled "Defragmenting Disks".
Disk Management Used to manage hard disks and the way they are partitioned. You can also use it to manage volume sets and redundant array of independent disks (RAID) arrays. Disk Management replaces the Disk Administrator utility in Microsoft Windows NT 4 and is discussed in the section entitled "Configuring Storage".
The Computer Management Services And Applications tools help you manage services and applications installed on the server. Any application or service-related task that can be performed in a separate tool can be performed through the Services And Applications node as well. For example, if the currently selected system has DHCP installed, you can manage DHCP through the server Applications And Services node. You could also use the DHCP tool in the Administrative Tools folder, and either way, you can perform the same tasks.
When Computer Management is selected in the console tree, you can easily connect to other computers, send console messages, and export information lists. By default, Computer Management works with the local system. To connect to a different computer, right-click the root node (labeled Computer Management) in the console tree, and then select Connect To Another Computer on the shortcut menu. In the Select Computer dialog box, which is shown in the following screen, choose Another Computer, and then type the fully qualified name of the computer you want to work with, such as corpsvr01.microsoft.com, where corpsvr01 is the computer name and microsoft.com is the domain name. If you don't know the computer name, click Browse to search for the computer you want to work with.
Console messages are sent to all users logged onto or connected to the system you are currently working with in Computer Management. These messages appear in a dialog box that the user must click to close and can contain whatever text you want to pass along to users working with a system. You send a console message by right-clicking the Computer Management entry in the console tree, selecting All Tasks, and then choosing Send Console Message. This displays the Send Console Message dialog box.
In the Send Console Message dialog box (shown in the following screen), type the text of the message in the Message area. In the Recipients area, you should see the name of the computer to which you're currently connected. If you want to send a message to users of this system, click Send. Otherwise, use the Add button to add recipient computers or the Remove button to delete a selected recipient. Then, when you're ready to send the message, click Send.
Note
Windows systems must be running the Messenger service to send and receive console messages. This means the service must be configured and enabled not only on the server you are using, but the user computers as well.
The Export List feature allows you to save textual information displayed in the right pane to a tab-delimited or comma-delimited text file. One of the best uses for this feature is when you want to save detailed information on all the services running on a system. To do this, rightclick Services in Computer Management, and then from the shortcut menu select Export List. In the Export List dialog box (shown in the following screen), use the Save In selection list to choose the save location, and then enter a name for the export file. Next, use the Save As Type selection list to set the formatting of the export file.
You can separate columns of information with tabs or commas and save as American Standard Code for Information Interchange (ASCII) text or Unicode text. In most cases, you'll want to use ASCII text. Finish the export process by clicking Save. You now have a detailed list of the service configuration for the computer and could use this as a baseline if you are trying to troubleshoot service-related issues in the future.