|
|
 |
|
|
|
Microsoft® Windows® Server 2003 Administrator's Companion
|
|
|
Author |
|
Charlie Russel, Sharon Crawford, and Jason Gerend
|
|
|
Pages |
1632
|
|
Disk |
1 Evaluation CD(s)
|
|
Level |
All Levels
|
|
Published |
04/23/2003
|
|
ISBN |
9780735613676
|
|
ISBN-10 |
0-7356-1367-2
|
|
Price(USD) |
$69.99
To see this book's discounted price, select a reseller below.
|
|
|
|
|
|
|
|
|
Index
Symbols and Numbers
$ (dollar sign character), 682
/delete, AT command, 346
/every:date, AT command, 346
/interactive, AT command, 346
/next:date, AT command, 346
/yes, AT command, 346
\\computername, AT command, 346
<description>, WSH scripts, 361
<example>, WSH scripts, 361
<?job?>, WSH scripts, 361
<job>, WSH scripts, 361
<named>, WSH scripts, 361
<package>, WSH scripts, 361
<runtime>, WSH scripts, 361
<script>, WSH scripts, 362
<?xml?>, WSH scripts, 360
> (redirection symbol), 347
128-bit addresses, 489-90
16-bit applications, 998
32 bit
addresses, 489
application compatibility, 998
applications, 4
scalability and, 14
64 bit
applications, 4
scalability and, 14
A
A (host) records, DNS, 504, 524
abstract classes, 450
abstracts, generating, 1041
access-by-policy, remote access
for mixed-mode domain, 1262-63
for native domains, 1266-67
access-by-user, remote access, 1260-62
access control
defined, 696
FTP sites, 1128
NNTP virtual servers, 1135
object ownership and, 746
permissions, 701-2, 746-48
resources, 745-46
shared resources, 289
SMTP virtual servers, 1141-42
WWW sites, 1111-12
access control entries (ACEs), 25
access control lists. See ACLs (access control lists)
"access denied" error message, 243
Accessibility Options, 71
account domains, NT upgrades, 120
account expiration, user accounts, 269
accounting, RADIUS, 1284
account lockout policy, 185
Account Policies area, Security Templates snap-in, 729
accounts. See user accounts
accounts, Outlook 2002
adding, 887-88
modifying, 888-89
Send/Receive groups, 889-91
sorting incoming mail by, 907
accounts, Outlook Express, 924
Account tab, user account properties, 420
ACEs (access control entries), 25
ACLs (access control lists)
Active Directory objects, 25
filtering GPO scope, 311
NTFS permissions, 290
printers, 214
ACPI (Advanced Configuration and Power Management)
APIC standard and, 116
compatibility problems and, 102-3
device conflicts and, 1441
HAL (hardware abstraction layer) and, 991
support, 992
Active Directory
backing up, 1378
benefits of, 19-20
certificate storage, 710
classes, 365
complete trust model, 130
data model, 24-25
dedicated forest roots, 125-26
DNS zone storage, 483-84
domain controllers, naming, 428-29
domains, 111-12, 429
domain upgrades. See Windows NT domain upgrade
DSA (Directory System Agent), 23-24
Dynamic DNS, 482-83
forest root domains, 112-13
global catalogs, 26-27
GPOs and, 6
installing, 377-79
ISA Server schema, 1183
MMC snap-ins, 373
multiple-master domain model, 126-28
naming contexts, 26
naming formats, 24
NDS synchronization, 814
object auditing, 336-37
OUs (organizational units), 112
Outlook Express support, 924
overview of, 11-12
partitions, 26
printer location tracking, 231-34
printers, searching for, 230-31, 247
publishing deployed software in, 945-46
publishing Dfs roots in, 640-41
publishing printers in, 230
schema, 25
scripts, 352, 352-53
security, 9, 25-26
single-domain model, 123
single-master domain model, 123-25
sites, 112
software deployment, 949
structural domains, 129
terminology, 20-23
trust relationships, 113-15
Active Directory Admins group, 414
Active Directory Client Extensions, 356
Active Directory Domains and Trusts, 395-402
domain functional levels, 396-99
domain management, 402
domain manager, specifying, 401
domain trust relationships, 400-401
forest functional levels, 396-99
functions of, 373
launching, 395
overview of, 395
user principal name suffixes, 401-2
Active Directory Installation Wizard
child domains, adding to existing tree, 386-88
domain controller demotion, 390-93
domain controller identification, 393-94
domain controller replicas, 385-86
domain controller upgrades, 389-90
forest creation, 389
functions of, 373
Global Catalog servers, 394
installation preparation, 375-77
launching, 377-78
overview of, 374
promoting first server. See domain controllers, promoting server to
trees, adding to existing forest, 388-89
Active Directory-integrated zones, 522
Active Directory Migration Tool (ADMT), 11, 118
Active Directory Schema, 443-65
attributes, 447-49
auxiliary classes, 451-52
batch imports/exports, 455
class attributes, 450-51
defined, 23
display specifiers, 452-55
domain naming master, 461-62
functions, 373
implementation, 25
infrastructure master, 464-65
launching, 445-46
Ldifde.exe utility, 455-58
modifying, 446-47
object classes, 449-50
operations master roles, 458-59
overview of, 443
PDC emulator, 459-60
RID master, 462-63
schema master, 460-61
security, 444-45
structural classes, 451-52
upgrade preparation and, 137-38
Active Directory Service Interfaces. See ADSI (Active Directory Service Interfaces)
Active Directory Sites and Services, 431-43
connection objects, 437-39
domain replication, 434-36
functions of, 373
launching, 436
overview of, 431-32
replication objects, 436
server objects, 437-39
site link bridge objects, 442-43
site link configuration, 442-43
site link objects, 441-42
site objects, 433-34, 436-37
subnets objects, 440-41
Active Directory Users and Computers
advanced mode, 404-5
computer objects, 425-26
default objects, 408-10
Delegation of Control Wizard, 342
domain administration, 405
domain user accounts, 271-72
functions of, 373
GPOs, 312-13
group management, 256-59
Active Directory Users and Computers
group objects, 423-25
launching, 402-3
main dialog box, 403
normal mode, 404-5
object control, delegating, 413-17
object display, filtering, 406-7
object management, 427-28
object searches, 407-8
object types, 404
OUs (organizational units), 253-54, 410-13
overview of, 402
publishing printers, 230, 427
publishing shared folders, 427
remote computer management, 426
user account properties, 273-74
user objects, 417-22
user rights, 267-68
ActiveX, 334
adapter card vendors, 1326
Add command, Macfile Volume commands, 873-74
Add Excluded Files dialog box, 1368
Add Hardware Wizard, 162-63
Add Host to Cluster, 596
Add Mirror dialog box, 567
Add New Drive Letter Or Path dialog box, 576
Add Printer Wizard, 204-7, 879
Add Recovery Agent Wizard, 762
Add/Remove Programs
application availability in, 945
application installation, 1013-14
DHCP servers, 497
remote storage, 662
RIS (Remote Installation Services), 977
software, 940
WINS servers, 538-39
Add/Remove Snap-in, 324-25
Add/Remove Window Components, 227
address books, 892-96
configuring, 894-95
Contacts folder, 893
folders configured as, 893-94
Internet Explorer options, 1162
LDAP directories, 895-96
Outlook Express, 925-26
PAB files, 895-96
address database, Network Monitor, 1325
address reservations, DHCP, 502-3
Address Resolution Protocol (ARP), 477
Address tab, user accounts, 419
Add Standard TCP/IP Printer Port Wizard, 208-9
Add Volume Management Wizard, 664-65
ADMIN$, 290
administration
CMAK. See CMAK (Connection Manager Administration Kit)
command line. See command line
FTP sites, 1092
IIS (Internet Information Services), 1070-72, 1097-98
MMC consoles (snap-ins). See MMC (Microsoft Management Console)
remote. See remote administration
remote access, 1260
RIS. See RIS (Remote Installation Services)
Services for UNIX, 830-31
tools, 333
Web sites, 1092
WMI. See WMI (Windows Management Instrumentation)
WTS (Windows Terminal Services), 1016
Administrative Tools folder, 328
Administrative Tools Setup Wizard, 333
Administrator accounts
built-in, 77, 185
security of, 271
administrators
command-line administration, 239
delegated administration, 26
granting and changing permissions, 303
multiple accounts of, 271
NT administrators, 577
passwords, 56, 74, 77, 95-96
Run As feature, 331-33
schema administrators, 444
scripting skills, 334
secondary logon, 330
security and, 185
ADMT (Active Directory Migration Tool), 11, 118
ADSI (Active Directory Service Interfaces)
accessing, 353
multiple directories and, 19
scripts, 352-53, 1071-72
updating, 356
WSH (Windows Script Host) and, 356
adult content rules, Outlook 2002, 919-20
Advanced Attributes dialog box, NTFS (NT file system), 582
Advanced Configuration and Power Management. See ACPI (Advanced Configuration and Power Management)
advanced mode, Active Directory Users and Computers, 404-5
Advanced Options, Windows Server 2003 setup, 71
Advanced Power Management (APM), 116
Advanced Programmed Interrupt Controller (APIC), 116
Advanced RISC Computing (ARC), 1351-52
Advanced Security Settings dialog box, 744, 1420-21
advanced settings
print servers, 226-27
software packages, 951
Advanced TCP/IP Settings dialog box, 169-72
DNS Settings tab, 170-71
IP Settings tab, 169-70
Options tab, 172
WINS Settings tab, 171-72
AH (Authentication Header), 719
alerts, 1308-10
configuring, 1309-10
creating, 1308
file settings, 1304-5
ISA Servers, 1242-43
permissions, 1310
algorithms
cryptography and, 700
digital signatures, 701
hash, 783
aliases, WMIC (Windows Management Instrumentation Command-line), 366
allocation units, 545, 561
American National Standards Institute (ANSI), 197, 822
Analyzing System Security progress window, 736
anonymous access
FTP sites, 1126-28
SMTP virtual servers, 1141
WWW sites, 1113-14
ANSI (American National Standards Institute), 197, 822
answer files
creating, 90-97
headless servers and, 1460-61
RIS operating system images and, 986-88
safeguarding, 56
Windows setup and, 986
anti-replay, IPSec, 717
antivirus software
disabling, 1468
installing, 185
remote storage and, 659
virus protection, 359
API (application programming interface), 998-99
APIC (Advanced Programmed Interrupt Controller), 116
APM (Advanced Power Management), 116
Apple Macintosh. See Macintosh
AppleTalk
configuring, 858
functions of, 854
installing, 855
network numbers, 852
nodes, 852-53
overview of, 851-52
per-share permissions, 868-69
printers, 212-13, 878-80
routing, 856
Application Compatibility Updates, 117, 999
application data, profiles, 281
application layer protocols, 1063
application logs, 1290
application pools, 644-45, 1112
application programming interface (API), 998-99
applications. See software applications
application servers, 121, 176
application settings, WWW sites, 1112
ARC (Advanced RISC Computing), 1351-52
architectural changes, post-NT 4, 109-17
Active Directory, 111-15
domain controllers, 110-11
hardware support, 115-17
server roles, 110-11
software support, 117
architecture, Active Directory
data model, 24-25
DSA (Directory System Agent), 23-24
global catalogs, 26-27
naming contexts, 26
naming formats, 24
partitions, 26
schema, 25
security, 25-26
ARCServe, 1424
ARP (Address Resolution Protocol), 477
arrays, 1211-14
creating, 1212-13
deploying ISA Servers as, 1178
promoting stand-alone servers to, 1213-14
removing servers from, 1214
ASP.NET, 13
ASR (Automated System Recovery), 1346-50
Automated System Recovery Preparation Wizard, 1348
creating, 1346-50
files, 1349-50
information on, 1346
new features, 10
registry, 1425-26
system recovery, 1438-39
asynchronous communication, 1058
Asynchronous Transfer Mode (ATM), 441
AT command, 346-48. See also Task Scheduler
autocompletion on command line, 347-48
parameters, 346-47
switching to Task Scheduler, 347
user account for, 346
ATM (Asynchronous Transfer Mode), 441
AT Service account, 346
ATTRIB, Recovery Console commands, 1434
attributes
adding to classes, 450-51
creating, 447-49
file, 581, 814-15
remote access policies, 1271-72
types, 21
values, 21
auditing
categories, 335
enabling, 336
event logs, 338-42
file system events, 337-38
IAS (Internet Authentication Service), 1280
key events, 338
objects, 336, 767-68
policies for, 336, 766-67
printers, 213
security logs, 768-69
security-related, 185, 702
Audit Policy, 336
Authenticated Users group
Everyone group and, 263
permissions, 298
authentication, 739-45
authorization and, 1259
certificates, 743
defined, 696
Enrollment Agent certificates, 740
FTP sites, 1127-28
hardware-enabled, 698
IAS (Internet Authentication Service) and, 1280
Internet printing, 228-29
IPSec, 717, 759-60
local certificates, 743-44
Macintosh services, 861-63
methods, 8
mutual, 699
network, 697
NTLM (NT LAN Manager) and, 716
proof of identity and, 697
protocols, 697-98
RADIUS and, 1284
remote access and, 1273, 1274
remote access servers and, 745
remote certificates, 742
servers, 715
SFU (Services for UNIX) and, 833
single sign-on, 699
sites, 432
smart cards, 739-42
SMTP virtual servers, 1141
software-based certificates, 741
Windows NT 4 and, 1270
WWW sites, 1114-15
Authentication Header (AH), 719
Authentication Methods dialog box, 1090
Authenticode, IE (Internet Explorer), 1161
authoritative restore, 1380-81
authorization
authentication and, 1259
IAS (Internet Authentication Service) and, 1280
Author Mode, MMC options, 327
autocompletion on command line, 347-48
auto discovery, ISA Servers, 1235-39
autoenrollment, Certificate Services, 793
Automated System Recovery. See ASR (Automated System Recovery)
automatic installation, Windows Server 2003
answer files, 90-97
command-line parameters, 78-81
distribution folders, 83-84
dynamic updates, 81-82
filename conversion, 89-90
hot fixes, 85-86
interaction levels, 98-99
OEM drivers, 88
Plug and Play drivers, 87-88
service packs, 84-85
storage drivers, 88-89
Sysprep clones, 99-100
types of installs, 55
Automatic Updates, 183-84
Automatic Version Synchronization, IE (Internet Explorer), 1157
automation methods, 351-56. See also scripting
Microsoft technologies, 352-53
overview of, 351-52
AutoUpdate clients, 973
auxiliary classes
adding to structural class, 451
defined, 446
object class types, 450
availability
clusters and, 585, 606-7
Dfs (Distributed file system) and, 627-28
DHCP and, 486
improvements to, 5
mission critical, 587-88
printers, 220
RAID levels and, 1396-97
Windows Server 2003 features for, 10-11
B
back-to-back perimeter network, 1179-80
Backup CA command, 787-88
backup domain controllers. See BDCs (backup domain controllers)
Backup Job Information dialog box, 1368-69
backups, 1357-83
active files, 571
backup window, 1360
boot files, 1378
CAs (Certificate Authorities), 787-88
CD-ROM-based, 1359
command line, 1372-75
Dfs database, 641
DHCP database, 511-12
encrypted files and, 1379
Exchange Server, 1379
file-based, 1359
ISA Servers, 1231-33
media rotation, 1362-63
media selection, 1357-58
memory management and, 10
registry, 1424-25
remote storage data, 660-61
removable storage and, 1358
software for, 659
strategy for, 1359
system backups, 1345-46
system state, 1378-79
third party utilities, 1382-83
types of, 1360-62
upgrades and, 134
Backup tab
data back up, 1363
excluding files, 1367-68
file and folder backups, 1364-65
logs, 1366-67
options, 1365-66
running jobs, 1368-70
scheduling jobs, 1370-72
scripts, 1364
storage medium, 1365
Backup utility
Backup tab. See Backup tab
Restore tab. See Restore tab
backup window, 1360
Backup Wizard, 1372
Bandwidth Allocation Protocol (BAP), 1273, 1275
bandwidth throttling, 1109
BAP (Bandwidth Allocation Protocol), 1273, 1275
Baseline Security Analyzer, Microsoft, 184, 726, 769
basic authentication
authentication methods, 1114
FTP sites, 1127-28
SMTP virtual servers, 1141
basic disks, 546
Basic Input Output System. See BIOS (Basic Input Output System)
batch files, 353-54
batch imports/exports, 455
BATCH, Recovery Console commands, 1434
.BAT files, 353
BDCs (backup domain controllers)
multiple-master replication and, 374
NT 4 server roles, 110-11
phased out with Windows 2000, 37
recovery plan and, 133-34
upgrading, 136-37
benchmarking productivity, 49
BIND servers
Active Directory and, 514
as DNS server, 487
troubleshooting, 505
zone transfers, 532
biometric authentication, 698
BIOS (Basic Input Output System)
ACPI, 102-3, 116
password protecting, 726
security, 56
upgrades, 63
.BKF files, 1359
BOOTCFG, Recovery Console commands, 1434
boot disks
creating/downloading, 67
disaster preparation and, 1350-51
startup problems and, 1432-33
boot files, 1378
booting
from CD-ROM, 67
from mirrored partitions, 1436-37
normally following Safe Mode, 1439
Safe Mode, 1431-32
Boot.ini file, 104, 1450-51
boot logs, 1448
boot partition, Windows Server 2003, 375
BOOTP (Boot Protocol), 468, 976
bottlenecks, 1289
Break Mirror command, Disk Management, 570-71
bridges, 477
brownouts, 1390-91
Browsing vs. browsing, 488-89. See also Web browsers
buffers, Network Monitor, 1324-25
built-in groups
domain local, 261-63
global, 263-64
local, 259-61
built-in scripts, 358
built-in WSH objects, 362-63
business needs, identifying, 44-45
C
cache
Indexing Service, 1043-44
RAM and, 182
reverse, 1216
system, 101, 180
Cache Array Routing Protocol (CARP), 1216
cache, ISA Server
overview of, 1176
policies, 1206-9
properties, 1223-27
storage location, 1187-88
Cache Mode, ISA Server, 1186-87
caching-only DNS servers, 536
calendars, Outlook 2002, 913, 918-19
capacity planning
NLB clusters, 598-99
server clusters, 608-9
WTS (Windows Terminal Services), 1008
.CAP files, 1320
CAPICOM, 723
capture, Network Monitor
buffers, 1324-25
Capture window, 1322-24
filters, 1328-30
frames, 1329-30
triggers, 1330-31
CARP (Cache Array Routing Protocol), 1216
CAs (Certificate Authorities)
backing up, 787-88
certificate renewal, 789
chain verification, 708
command line administration, 803-5
cross-root certification, 708
Enterprise CAs, 778-79
hierarchy, 707-8, 800-802
installing, 781-85
obtaining certificates from, 1117-18
overview of, 706
properties, 789
restoring, 788-89
roles, 779-80
securing, 780
stand-alone CAs, 778, 799
starting/stopping, 787
third party CAs, 802
trust relationships, 708
types of, 777
catalogs, Indexing Service
configuring, 1040-41
corrupted, 1056-57
creating, 1039-40
defined, 1034
directories, 1041-42
error messages, 1054-55
Categories tab, Software Installation Properties dialog box, 954
CBC (cipher block chaining), 700
CD (CHDIR), Recovery Console commands, 1434
CDFS (CD-ROM File System), 858
CD-ROMs
as backup media, 1357-59
booting from, 67
operating system images, 984-86
as removable storage, 644
Windows installation CD-ROM, 1029-30
CD-Rs, 1359
CD-RWs, 661, 1359
Central Processing Units. See CPUs (Central Processing Units)
Certificate Authorities. See CAs (Certificate Authorities)
Certificate Request Wizard, 709
certificate revocation lists. See CRLs (certificate revocation lists)
Certificate rules, software restriction policies, 967, 969
certificates
directories, 710
enabling, 751-52
importing/exporting, 750
managing, 748
obtaining, 739, 1117-18
public-key, 705-6
publishers, 774
registering, 709-10
renewing, 712
requesting, 750-51, 799, 801-2
revoking, 711-12
Certificate Services, 773-805
autoenrollment, 793
CA installation, 706, 781-85
CA management, 787-89
CA properties, 789
CA roles, 779-80
CA security, 780
CA types, 778-79
certificate distribution, 796
certificate publishers, 774
certificate renewal, 789
certificate requests, 750
certificate templates, 774-77, 792
Certification Authority snap-in, 786
CRLs (certificate revocation lists), 794-95
CTLs (certificate trust lists), 797-99
database backup, 1378
delegating control, 792
delta CRLs, 795
exit modules, 774, 790-91
permissions, 792
policy modules, 773-74, 789-90
preparing for installation, 781
Security tab, 791
Smart Card Enrollment station, 739
stand-alone CAs, 799
Storage tab, 791
Certificates snap-in
adding, 748
Enrollment Agent certificates, 740
Export command, 749-50
Import command, 750
overview of, 800
recovering files, 765
requesting certificates, 750-51
certificate templates
autoenrollment, 793
defined, 774-75
delegating access, 792
features of, 777
list of, 775-76
permissions, 792
PKI and, 710
certificate trust lists. See CTLs (certificate trust lists)
Certification Authority Backup Wizard, 787
Certification Authority Restore Wizard, 788
Certification Authority service
Backup CA command, 787-88
overview of, 786
Renew CA Certificate command, 789
Restore CA command, 788
Start Service command, 787
Stop Service command, 787
Certification Authority snap-in, 786-89
Certreq tool, 803-4
Certsrv tool, 803
Certutil tool, 804-5
CGI extensions, 1146-47
chain verification, CAs, 708
Challenge Handshake Authentication Protocol (CHAP), 744, 1280
Change commands, 1014-15
Change Drive Letter And Path, Disk Management, 574-75
Change Logon command, 1014
Change Port command, 1014
Change User command, 1014
CHAP (Challenge Handshake Authentication Protocol), 744, 1280
CHDIR (CD), Recovery Console commands, 1434
Check Server Wizard, 979
Check System Compatibility, 58-59
child domains
adding to existing tree, 386-88
defined, 386
pass-through authentication and, 114-15
CHKDSK, Recovery Console commands, 1434
CiDaemon, Indexing Service, 1034
cipher block chaining (CBC), 700
class A networks, 472
class B networks, 473
class C networks, 473
class D networks, 473
class E networks, 473
classes
Active Directory, 450-52
defined, 446
DHCP, 497
WMI (Windows Management Instrumentation), 365, 370
Class Registration database, 1378
clean install
in-place upgrades and, 1437
printers, 203
vs. upgrade, 145
Client for NFS, 836-38
connecting to NFS export, 837
file access permissions, 836
performance settings, 836-37
symbolic links, 837-38
clients
DHCP, 497
e-mail clients, 419
IAS (Internet Authentication Service), 1282
NetWare, 808
NT upgrades and, 136
printing problems and, 241-43, 246
Windows, 4-5, 143-45
WINS, 537
Client Services for NetWare. See CSNW (Client Services for NetWare)
clients, ISA Server. See ISA (Internet Security and Acceleration) Server, clients
clients, Macintosh. See Macintosh clients
clients, RIS. See RIS (Remote Installation Services), clients
cloning computers, Sysprep, 99-100
CLS, Recovery Console commands, 1434
Cluster Administrator
cluster groups, 616-17
cluster resources, 616
server clusters, 609-15
clusters
advantages of, 10-11, 585
availability, 606-7
defined, 585
DHCP servers, 506-7
disaster preparation and, 1345
groups, 616-17
NLB. See NLB (Network Load Balancing) clusters
optimum size, 574
partial failover (load shedding), 607
planning, 588-90
scenarios, 587-88
server. See server clusters
types supported, 1398
virtual server only, 607-8
CMAK (Connection Manager Administration Kit)
Connection Manager service, 1167-68
Connection Point Services, 1169
functions of, 1152, 1165-66
installing, 1166
Internet Explorer v. 6 and, 1166
package deployment, 1169-70
profile selection, 1159
CMAK Wizard, 1167-69
cmd, 347-48
.CMD files, 353
Code Access Security Policy, 967
codes, Macintosh, 850-51
Color Management tab, Printer and Faxes folder, 220
color profiles, printers, 220
COM (Component Object Model), 352, 362
comma-delimited text (.CSV), 1294-95
command, AT command, 347
command line. See also WMIC (Windows Management Instrumentation Command-line)
autocompletion, 347-48
backups, 1372-75
CAs (Certificate Authorities), 803-5
convert command, 571-72
Dfs (Distributed file system), 641
DHCP (Dynamic Host Configuration Protocol), 513
disks, 12, 550-51
leases, DHCP, 513
network management, 6
printers, 239, 243
recently used commands, 347
remote storage, 678
removable storage, 656
scripts, 334
service pack switches, 971
Setup parameters, 78-81
shadow copies, 690
shared folders, 692
tools, 6, 12
UNIX/Linux utilities, 840
command prompt
batch file support and, 354-55
WSH scripts and, 358
commands, Recovery Console, 1434-36
comment frames, Network Monitor, 1326-27
commenting scripts, 362
common language runtime, 967
communication
synchronous vs. asynchronous, 1058
Windows Server 2003 features, 12-13
Compatadmin.exe, 1001
compatibility. See also HCLs (Hardware Compatibility Lists); interoperability
ACPI BIOS problems, 102-3
Application Compatibility Toolkit, 1001
applications, 998-1001
computer names, 165-66
device drivers and, 117
hardware, 58
remote storage, 659-60
security templates, 731-32
system, 58-59
Compatibility Modes, 10, 999
complete trust model, NT domain models, 130
Component Object Model (COM), 352, 362
components
adding/removing, 1010
Group Policy, 307-8
IE (Internet Explorer), 1161-63
IntelliMirror, 941
Macintosh, 860
Network Monitor, 1320
VPNs (virtual private networks), 1254-55
compression
data backup and, 1369
intersite replication and, 436
NTFS volumes/partitions and, 561
Computer Configuration container, GPOs, 967
Computer Management snap-ins
Disk Management, 548-49, 551
Print Spooler, 246
remote management, 158
Removable Storage, 648
Shared Folder, 679-80
tuning performance and memory, 179-82
Computer Name Changes dialog box, 164
computer names
DNS compatible, 165-66
naming conventions, 61-62
NetBIOS compatible, 165-66
setup and, 74
Setup Manager Wizard, 95
computers
Active Directory objects, 425-26
backing up before upgrading, 134
cloning, 99-100
monitoring other, 1302
physical security, 56
preparing for NT upgrade, 141-43
remote, 345, 426
COM+ tab, user account properties, 422
configuration, Windows Server 2003, 155-87
Add Hardware Wizard, 162-63
Device Manager, 158-62
Manage Your Server/Configure Your Server, 174-79
network components, 165-66
network identity, 163-65
NWLink IPX/SPX, 173-74
remote administration, 155-56
security, 184-86
setup problems, 157
storage, 174
TCP/IP. See TCP/IP (Transmission Control Protocol/Internet Protocol)
tuning performance and memory, 179-83
updates, 183-84
Configure Replication Wizard, 639
Configure Routing For Firewall And SecureNAT Clients, 1204-5
Configure Shadow Copies, 686-88
Configure Your Server Wizard, 174-79, 391
configuring first server on network, 177-78
DHCP service, 496-97
DNS servers for medium or large networks, 518-23
DNS servers for small networks, 515-18
DNS service, installing, 514-15
forward lookup zones, 523
scopes, 498-501
server roles and, 174-76
shared folders, 292-93
conflict detection, DHCP, 509-10
Connection Manager Administration Kit. See CMAK (Connection Manager Administration Kit)
Connection Manager service, 1167-68
connection-oriented protocols, 468
Connection Point Services (CPS), 1169
connections
connection objects, 438-39
documenting, 47
Internet connections, 1275
NNTP virtual servers, 1137-38
printing problems and, 241
properties, 1026
slow links, 954-55
SMTP virtual servers, 1141, 1142
timeouts, 1108
Tsadmin.exe, 1018
UNIX, 821-22, 828, 829
connections, dial-up. See dial-up
connections, IAS. See IAS (Internet Authentication Service)
connections, RADIUS. See RADIUS (Remote Authentication Dial-In User Service)
connections, remote. See remote access
connections, virtual. See VPNs (virtual private networks)
Connect To Domain dialog box, 405
consoles, MMC. See MMC (Microsoft Management Console)
Contacts folder
Outlook 2002, 893
Outlook Express, 925
containers, Active Directory, 21
content ratings, WWW sites, 1121
content rules, ISA Servers, 1199
contiguous namespace, 40, 524
Control Panel, 332-33
convert command, 571-72
Convert Disk Wizard, 552-54
Convert to Dynamic Disk, 564-65
cookie profiles, 281
copy backups, 1362
COPY, Recovery Console commands, 1434
corpus, Indexing Service, 1034
counter logs
adding counters to, 1304
creating, 1303-4
file parameters, 1306-8
file settings, 1304-5
overview of, 1303
permissions, 1310
counters
disk activity, 1317-18
memory usage, 1313-14
network activity, 1319
processor activity, 1315-16
System Monitor, 1297-98
CPS (Connection Point Services), 1169
CPUs (Central Processing Units)
adding processors, 1467
capacity planning and, 609
grouping in nodes, 14
Indexing Service and, 1036
monitoring, 1315-17
scheduling, 179
tuning, 1315-16
upgrading, 1315-16
WTS requirements, 1007
CRC (cyclic redundancy check), 1324
Create A New Dfs Link dialog box, 636
Create New Attribute dialog box, 448
creator codes, Macintosh, 850-51, 870-71
Creator/Owner group, printers, 214
CRLs (certificate revocation lists)
changing distribution points, 795
delta CRLs, 795
overview of, 711-12
publishing, 794-95
types of, 712
cross-root certification, CAs (Certificate Authorities), 708
CryptoAPI (Cryptographic Application Programming Interface), 722-23
Cryptographic Application Programming Interface (CryptoAPI), 722-23
Cryptographic service providers (CSPs), 722-23, 740
cryptography. See also encryption
algorithms, 700
keys, 700
standards, 698
Cscript.exe, 334
Cscript Prncfg.vbs, 239
Cscript Prnjobs.vbs, 239
Cscript Prnmngr.vbs, 239
Cscript Prnport.vbs, 239
Cscript Prnqctl.vbs, 239
CSNW (Client Services for NetWare)
configuring, 812
file attributes, 814-15
installing, 810-11
overview of, 807
CSPs (Cryptographic service providers), 722-23, 740
.CSV (comma-delimited text), 1294-95
CTLs (certificate trust lists)
enabling, 1120
GPOs and, 797-99
trust decisions and, 794
Customization Wizard. See Internet Explorer Customization Wizard
custom topology, 633
cyclic redundancy check (CRC), 1324
D
DACLs (discretionary access control lists), 840
daily backups, 1362
DAP (Directory Access Protocol), 19
data
importing/exporting with Registry Editor, 1417
losing during upgrades, 142
database, Active Directory, 382, 383, 484
database, Dfs, 641
database, DHCP, 511-12
database, WINS servers, 542
data confidentiality, 699-700
data forks, Macintosh, 851
datagrams, 468
data integrity, 700-701, 717
data models, 24-25
data protection
data confidentiality, 699-700
data integrity, 700-701
local data, 761-66
overview of, 696
remote storage and, 673-75
data storage
Outlook 2002, 891-92
RAID (redundant array of independent disks) and, 383
registry, 1410
data throughput, 182
data types
printers, 197, 222-23, 244
registry, 1411-12
date/time information, 74
DAT tapes, 661
DCOM (Distributed Component Object Model), 14
dcpromo, 389, 781
DDNS (Dynamic DNS), 482-83
dedicated forest roots, 125-26, 136
default folders, user profiles, 281-82
default forms, Outlook 2002, 909-11
Default FTP sites, 1083
default group policies, 308
default mail program, Outlook 2002, 898-99
default message format, Outlook 2002, 897
default objects, Active Directory, 408-10
default printers, 217-18, 224
Default rule, software restriction policies, 967
default Web site, 1072-73
defragmentation, disk drives, 174, 679
delegate assignments, Outlook 2002, 906-7
Delegate Permissions dialog box, 907
delegating control
Active Directory, 26, 413-17
certificate templates, 792
network administration, 341-43
Outlook folders, 906-7
subdomains, 525-26
Delegation of Control Wizard, 413-17
custom tasks, 415
Permission page, 416
steps in applying, 342-43
tasks to delegate, 413
users and groups, 413-14
DELETE (Del), Recovery Console commands, 1434
delta CRLs, 712, 795
demand-dial interface, VPNs, 1279
demilitarized zones (DMZs), 1179-80
denial-of-service (DoS) attacks, 495
dependency trees, capacity planning, 608-9
deploying CMAK (Connection Manager Administration Kit), 1169-70
deploying IEAK ( Internet Explorer Administration Kit), 1153-54, 1163-64
deploying ISA Servers. See ISA (Internet Security and Acceleration) Server, deploying
deploying printers. See printer deployment
deploying software, 945-46, 949
deploying Windows clients, 4-5
deploying Windows Server 2003, 4-5
deployment planning, Windows Server 2003
current setup, assessing, 46-48
elements of, 43
goal definitions, 49-50
identifying business needs, 44-45
IT department challenges, 44
IT departments, characteristics of successful, 48-49
risk assessment, 50-51
desktop. See also Remote Desktop
profiles of settings, 281
running WSH scripts from, 358
destination sets, 1196-97, 1217-18
Device Configuration dialog box, 73
device drivers
compatibility and, 117
digitally signed, 116
Driver Signing tool, 158
hardware installation and, 9
Microsoft certified, 116
printers, 190, 218-19
print servers, 226
rolling back recently installed, 1441
troubleshooting, 1430, 1468
updating, 159
Device Manager, 158-62
accessing, 158
device properties, 160-61
functions of, 159
overview of, 158
setup problems, 157
startup problems, 1441
troubleshooting devices, 161-62
views, 160
Device Properties dialog box, 160-61
devices. See also hardware
adding with Add Hardware Wizard, 162-63
conflicts, 1441
managing, 159-62
properties, 160-61
removable storage, 644
device settings, printers, 223-24
Device Status box, Device Properties dialog box, 161
dfscmd, 641
Dfs (Distributed file system), 625-41
advantages of, 626-28
clients, 628-29
command-line administration, 641
database backup, 641
domain-based, 629-30
fault tolerance, 1398
file share access, 626
high availability, 627-28
NetBIOS and, 630
overview of, 625-26
replication, 633, 989-91
security, 628
servers, 629
shared folders, 427
stand-alone, 629-30
targets, 631-32
topology, 631-33
tree hierarchy, 632-33
WINS and, 630
Dfs (Distributed file system), links
adding, 635-36
creating link targets, 638-40
Dfs topology and, 631
inter-dfs links, 632
Dfs (Distributed file system), roots
creating, 634-35
creating root targets, 637-38
Dfs topology and, 631
domain-based, 630
not replicating, 638
opening, 634-35
publishing in Active Directory, 640-41
Dfs (Distributed file system), setup
Dfs links, 635-36
Dfs roots, 634-35
overview of, 633
publishing roots in Active Directory, 640-41
replication, 637-38
targets, 636-40
Dfsutil.exe, 641
DHCP (Dynamic Host Configuration Protocol), 494-513
address reservations, 502-3
availability, 486
command line administration, 513
conflict detection, 509-10
database backup, 511-12
dynamic updates, 503-6
installing, 496-97
IP addresses, 496
leases, 501, 513
network design, 494-95
overview of, 484-85
relay agents, 510-11
resources, 603
scopes, 497-501, 508-9
security, 495-96
server clusters, 507-8
Web proxy auto discovery, 1238-39
DHCP (Dynamic Host Configuration Protocol), servers
authorizing, 501
clusters, 507-8
configuring, 176
consolidating, 512
dynamic addresses and, 167-68
dynamic updates, 503-6
hot-backups, 495
IP addresses and, 61
multiple, 485-86, 506-7
network design, 494-95
options, 497
updating, 505-6
Dhcpexim.exe tool, 142
Dialing Location window, modems, 74
dial-in profile. See Edit Dial-In Profile dialog box
Dial-In tab, user accounts, 421
dial-up
clients, 1256-57
ISA Servers, 1203-4
remote access, 1256
Dial-Up Networking
dial-up clients, 1256-57
IP addresses, 1167
overview of, 1251-52
dictionary attacks, 696
differential backups, 1361-62
Diffie-Hellman algorithm, 718
digest authentication, 1114
digital IDs
Outlook 2002, 921
Outlook Express, 931
Digital Signature Algorithm (DSA), 701
digital signatures
data integrity, 700-701
IE (Internet Explorer), 1159
Outlook 2002, 923
Outlook Express, 931
S/MIME, 713
Direct Memory Access (DMA), 174
directories
adding to catalogs, 1041-42
directory services and, 17-19
excluding from catalogs, 1042
FTP sites, 1129-30
SMTP virtual servers, 1140
WWW sites, 1113-16
Directory Access Protocol (DAP), 19
Directory Browsing permissions, 1112
directory-level administration, IIS, 1097-98, 1103-5
Directory Listing Style, FTP sites, 1129
directory security, WWW sites, 1113-16
anonymous access, 1113-14
authentication, 1114-15
domain name restrictions, 1115-16
IP address restrictions, 1115-16
secure communications, 1116-20
Directory Service Protocol (DSP), 19
directory services. See also Active Directory
NDS (Novell Directory Services), 17
needs addressed by, 18
overview of, 17-19
restore mode, 1380
X.500 standard, 19-20
Directory System Agent (DSA), 21, 23-24
DISABLE, Recovery Console commands, 1435
disaster planning, 1337-54
duplicating copies and storage locations, 1342
hard drive failure, 1378
improving by iteration, 1344-45
overview of, 1337-38
resources for, 1339
response planning, 1339-43
risk identification, 1338-39
standard escalation procedures, 1342-43
standard operating procedures, 1340-41
testing responses, 1343-44
disaster preparation
automated system recovery disks, 1346-50
boot disks, 1350-51
fault tolerance, 1345
naming conventions, 1351-52
Recovery Console, 1352
recovery drives, 1354
recovery options, 1353-54
system backups, 1345-46
discretionary access control lists (DACLs), 840
Disk Administrator, 548
disk arrays. See also RAID (redundant array of independent disks)
availability, 1396-97
cost, 1397
fault tolerance, 1395-96
hardware vs. software, 1391-92
hot-spare systems, 1398
hot-swap systems, 1397-98
performance, 1397
RAID levels, 1393-95
disk-based keys, registry, 1412
disk controllers, 1396
Disk Defragmenter, 174, 679
disk drives. See also disk management
controllers, 1396
data storage and, 383
defragmentation, 174, 679
DHCP design and, 495
disk controllers, 1396
drive failure in mirrored volume, 568-69
drive letters, 574-75
dynamic disks, 564-65
formatting, 572-74
logical drives, 561-63
monitoring, 1317-18
partitioning, 70, 72-73
removable, 72
terminology, 545-47
disk management. See also NTFS (NT file system)
adding mirrors, 567-68
adding new hard drive, 552-54
adding partitions, 551-52
breaking mirrors, 570-71
changing drive letters, 574-75
command line, 550-51
converting from FAT to NTFS, 571-72
converting to dynamic disks, 564-65
creating dynamic disks, 550
creating logical drives, 561-63
creating partitions, 558-60
creating volumes, 554-57
deleting logical drives, 563-64
deleting partitions, 563-64
deleting volumes, 563-64
drive failure in mirrored volume, 568-69
extending volumes, 565-66
file system formats, 560-61
formatting disks, 572-74
functions of, 174
mounting volumes, 557-58, 575-76
RAID (redundant array of independent disks), 547-49
remote management, 550
removing mirrors, 569-70
troubleshooting setup problems, 157
Disk Management snap-in
accessing, 551
Add Mirror, 567
Add New Drive Letter Or Path, 576
Break Mirror, 570-71
Change Drive Letter And Path, 574-75
Convert Disk Wizard, 552-54
Convert to Dynamic Disk, 564-65
Extend Volume Wizard, 565-66
Format, 573
interface, 548-49
New Partition Wizard, 558-60, 561-63
New Volume Wizard, 554-57
Reactivate Disk, 569
Remove Mirror dialog box, 570
disk mirroring, 63
DISKPART command, Recovery Console commands, 174, 550-51, 1435
disk partitions. See partitions
disk quotas
avoiding individual, 580
enabling, 577-78
exporting/importing, 580
overview, 577
reports, 581
setting, 578-79
disk striping, 1035, 1059
display filters, Network Monitor, 1331-34
display options, System Monitor, 1298-99
display settings, Setup Manager Wizard, 94
display specifiers, Active Directory Schema, 452-55
distinguished names (DNs), Active Directory, 22-23
Distributed Component Object Model (DCOM), 14
distribution folders, 83-84
distribution groups, 249, 251, 424
DLLs
filters, 1034, 1109-10
FrontPage Server Extensions and, 1093-94
repackaging and, 944
DLT tapes, 661
DMA (Direct Memory Access), 174
DMZs (demilitarized zones), 1179-80
DNs (distinguished names), Active Directory, 22-23
DNS (Domain Name System)
Active Directory and, 11
Active Directory domains and, 111
child domains and, 387
computer names, 165-66
domain name providers, 480-81
domain namespace, 479
Dynamic DNS, 482-83
host names, 61
installing, 514-15
LDAP and, 484
name resolution, 480
namespace, 23, 34-36
NT upgrade and, 120, 130-31
resource records, 376
reverse lookups, 481-82
root domains, 479
suffixes, 170-71
trees and, 389
Web proxy auto discovery, 1237
zone storage, 483-84
DNS (Domain Name System) servers
Active Directory and, 375-76
BIND versions, 376
caching-only, 536
configuring, 176
delegating control, 524-26
DNS forwarders, 534-35
Dynamic Updates and, 384, 532-33
interoperability, 532
IP addresses for, 168
large/medium networks, 518-23
on-site, 377
resource records, 526-29
root hints, 535-36
secondary DNS servers, 519
small networks, 515-18
subdomains, 524-26
WINS resolution, 533
zones, 523-24
zone transfers, 530-31
DNS Settings tab, Advanced TCP/IP Settings dialog box, 170-71
DnsUpdateProxy group, 505-6
documents
fail to print, 242-43
printing incorrectly, 242
print sequence, 195-96
stuck, 246
transferring between printers, 237
WWW sites, 1113
Domain Admins group, 261, 341-42, 414
domain based Dfs, 629-30
domain controllers
authentication, 1270
configuring, 176
currently accessed, 446
demoting, 390-93
Global Catalog server and, 179
identification of, 393-94
location and number of, 120
renaming, 428-29
replicas, 385-86
upgrading, 389-90
Windows 2000, 37, 110-11
Windows NT, 110-11
Windows Server 2003, 37, 133, 138-39
domain controllers, promoting servers to, 377-85
Active Directory database and logs, 383
Active Directory files, 382
Active Directory Installation Wizard, 377-78
DNS configuration, 384
domain creation, 379-80
domain name, 380-82
finishing installation, 384-85
options, 378-79
permissions, 384
preparation for, 375-77
domain local groups
built-in, 261-63
group types, 255
scope of, 250-51, 258, 423
domain models, Windows NT
complete trust, 130
dedicated forest roots, 125-26
DNS names, 130-31
multiple-master, 126-28
overview of, 120
single-domain, 123
single-master, 123-25
structural domains in Active Directory, 129
types of, 120
domain names
creating, 380-82
domain namespace and, 479
network information and, 61
planning, 29-33
providers, 480-81
restrictions for WWW sites, 1115-16
domain naming master
defined, 458
seizing, 462
transferring, 461-62
domain replication, Active Directory Sites and Services, 434-36
domains
administration, 405
boundary decisions, 431
creating, 379-80
domain manager, 401
forest structure, 38-39
functional levels, 149-51, 396-99
joining, 76
managing, 402
membership, 164
multiple, 40-41
name resolution, 33-36
OUs (organizational units) and, 39-40, 252-53
preparing for domain controllers, 139
preparing for upgrades, 140
security guidelines, 39
Setup Manager Wizard, 96
SMTP virtual servers, 1145-46
top-level, 523
tree structure, 38
trust relationships, 115, 400-401
domain upgrades. See Windows NT domain upgrade
domain user accounts, 271-72
Domain Users group, 261
DOS. See MS-DOS
DoS (denial-of-service) attacks, 495
DOSKEY, 348
down time, 1465
driveletter$, 290
drive letters
changing, 574-75
for new partitions, 560
for new volumes, 556
drive partitions. See partitions
Driver Signing tool, 158
Driver tab, Device Properties dialog box, 161
DSA (Digital Signature Algorithm), 701
DSA (Directory System Agent), 21, 23-24
DS Client Pack, 119
DSP (Directory Service Protocol), 19
dual-booting, 64-66
considerations for, 64
non-NT operating systems, 66
shadow copies and, 688
Windows NT, 64-65
duplexing, 568
DVDs, 661
dynamic addresses, 167-68
dynamic disks
converting to, 564-65
creating, 550
defined, 546
Dynamic DNS (DDNS), 482-83
Dynamic Host Configuration Protocol. See DHCP (Dynamic Host Configuration Protocol)
dynamic rekeying, 717
dynamic updates
DHCP, 503-6
DNS, 384, 521, 532-33
update shares, 81-82
dynamic volumes, 575
E
EAP (Extensible Authentication Protocol), 745, 1280
Edit Alias dialog box, 1081-82
Edit Dial-In Profile dialog box, 1271-72
authentication methods, 1273
BAP setting, 1273
dial-in constraints, 1272-73
IP address policies, 1273
multilink settings, 1273
Edit Rule dialog box, 911
EFI (Extensible Firmware Interface), 1455
EFS (Encrypting File System)
data confidentiality, 700
data protection, 699
decrypting files and folders, 763-64
dual-booting and, 64
encrypting files and folders, 762-63
recovering files, 764-66
sharing encrypted files and folders, 764
e-mail. See Outlook 2002; Outlook Express
E-Mail Accounts dialog box, 887
e-mail accounts, Outlook 2002
adding, 887-88
modifying, 888-89
Send/Receive groups, 889-91
sorting incoming mail by, 907
e-mail accounts, Outlook Express, 924
e-mail clients, 419
Emergency Management Services. See EMS (Emergency Management Services)
emergency preparedness. See disaster planning
emergency repair disk (ERD), 1346, 1423
EMF (enhanced metafile), 197, 222-23, 244
EMS (Emergency Management Services), 1452-65
availability and reliability and, 10
enabling after Windows installation, 1462
enabling during Windows upgrade, 1461
firmware configuration, 1457
hardware requirements, 1454-55
headless server and, 1457-60
overview of, 1452-54
SAC and, 1463-65
setting up, 1456-57
software requirements, 1454-55
terminal concentrators and, 1456
Enable Quota Management, 578
ENABLE, Recovery Console commands, 1435
Encapsulating Security Payload (ESP), 719
encrypted files, 1379
Encrypting File System. See EFS (Encrypting File System)
encryption
algorithms, 700
best practices, 763-64
indexing encrypted documents, 1042
NTFS (NT file system) and, 581-83
Outlook 2002 security and, 921
public-key vs. symmetric-key, 704-5
remote access policies, 1274
S/MIME, 713
WEP (wired equivalent privacy), 496
end-to-end, 468
end user license agreement (EULA), 93-94
enhanced metafile (EMF), 197, 222-23, 244
Enrollment Agent certificate, 740
Enterprise Admins group, 414
enterprise CAs, 708, 778-79, 789-90
enterprise initialization, ISA Servers, 1183-84
enterprise policies, ISA Servers, 1192-93
enterprise root CA, 779
enterprise subordinate CA, 779
Environment tab, user accounts, 421
ERD (emergency repair disk), 1346, 1423
Error icon, 1082
error messages
"File Not Found," 1050
HTTP error messages, 1122-23
"No Documents Matched the Query," 1054-55
print devices, 243
setup and, 76
ESP (Encapsulating Security Payload), 719
Ethernet, 852
EtherTalk, 852
EULA (end user license agreement), 93-94
event description, Event Viewer, 1293-94
event headers, Event Viewer, 1291-93
Event Log area, Security Templates snap-in, 729
event logs
accessing, 329
archiving, 340-42, 1294-95
filtering, 339-40
halting computer when log is full, 341
reviewing, 157
searching, 339
size settings, 340-42
types of, 1290-91
viewing, 338
viewing remotely, 1295
Event Properties dialog box, 1294
Event Viewer
accessing event logs, 329
Alert folder, 1243
archiving event logs, 341, 1294-95
event descriptions, 1293-94
event headers, 1291-93
event log size settings, 340
event log types, 1290-91
reviewing event logs, 157
troubleshooting system problems, 1440
viewing event logs remotely, 1295
Everyone group
assigning permissions, 298
printer permissions, 214, 747
security risks of, 263, 292
share permissions, 289
.EVT (event log), 1294. See also event logs
Exchange Server
applying rules to public folders, 911-12
backups, 1379
default forms, 909-11
default views, 909
delegate assignments, 906-7
as e-mail server, 1068
folder permissions, 907-8
folder synchronization, 904-6
moderated folders, 912-13
offline folder access, 902-4
public folders, 909
USENET and, 1130
excluding files, from backups, 1367-68
exclusions, IP addresses, 496
execute mode, WTS servers, 1012-13
Execute, UNIX permissions, 819
exit modules, Certificate Services, 774, 790-91
EXIT, Recovery Console commands, 1435
EXPAND, Recovery Console commands, 1435
expiration policies
NNTP, 1133
WWW sites, 1121
explicit permissions
explicit allow permissions, 1262, 1263, 1267
explicit deny permissions, 1262, 1263, 1267
overview of, 299
explicit trusts, 400-401
Expression dialog box, Network Monitor, 1332-34
extended partitions, 545, 559, 561-63
extended volumes, 546
Extend Volume Wizard, Disk Management, 565-66
Extensible Authentication Protocol (EAP), 745, 1280
Extensible Firmware Interface (EFI), 1455
external namespaces, 34-36
F
F6, installing mass storage drivers, 88-89
F7, accessing recently used commands, 347
failover/failback
partial failover (load shedding), 607
server clusters, 605-6
FAT 16/32
Active Directory and, 375
conversion to NTFS, 571-72
Dfs support, 629
eliminating for greater security, 185
formatting, 560, 573-74
home folders and, 279
Indexing Service security and, 1042
mounted volumes and, 558, 575
NTFS vs. FAT, 60
permissions, 292
share permissions, 290
fault tolerance
availability and, 10
clusters, 599, 1398-99
Dfs (Distributed file system), 1398
DHCP design and, 494
disaster preparation and, 1345
disk arrays. See disk arrays
metrics, 1385-86
power supplies and, 1387-92
RAID levels, 1395-96
favorites
IE (Internet Explorer), 1160
storing in profiles, 281
FAX$, 291
Fax Service Administration, 13
Fax Service Manager, 932-33
fax server properties, 934-35
sending/receiving faxes, 932-34
Fax services, 932-36
properties, 934-35
sending/receiving faxes, 933-34
setting up, 932
sharing, 935
Fibre Channel drives, 383, 600
File and Printer Sharing, 182
file associations, Macintosh, 870-71
file attributes, CSNW (Client Services for NetWare), 814-15
file extensions
indexing files with unknown extensions, 1040
Mac OS X, 850
PKCS #7, 714
software package defaults, 952-53
UNIX, 818
file-level administration, IIS, 1097-98, 1105
file-level security, 684
file names
converting short to long, 89-90
MS-DOS, 294
"File Not Found" errors, 1050
file parameters, Performance Logs and Alerts, 1306-8
file replication service (FRS), 122, 633
files
Active Directory, 382
ASR (Automated System Recovery), 1349-50
attributes, 581
autocompletion, 347
backing up, 571, 1364-65
backups to, 1359
compression, 581
decryption, 763-64
encryption, 581, 762-63
indexing, 1040, 1048-49
permissions assignments, 301
restoring from backups, 1375-76
sharing. See shared files
special permissions, 298, 301-3
UNIX, 818-19
File Server for Macintosh. See FSM (File Server for Macintosh)
File Server Management snap-in
Configure Shadow Copies, 686-90
disconnecting users from folder sharing, 683
ending folder sharing, 682
limiting folder sharing connections, 683-84
publishing shared folders in Active Directory, 685
share permissions, 684-85
sharing folders, 679-81
file servers
configuring, 176
home folders, 279
file services, SFU (Services for UNIX), 828, 832-33
File Signature Verification utility, 1448-49
File System area, Security Templates snap-in, 729
file systems. See also FAT 16/32; NTFS (NT file system)
auditing, 337-38
formats, 560-61
NTFS vs. FAT, 60
removable storage, 646
shared resources, 292
supporting Windows Server 2003, 12
UNIX, 823-24
filter action, IPSec, 753, 757-59
Filter Options dialog box, 406
filters
Active Directory objects, 406-7
DLLs and, 1034
e-mail, 919-20
event logs, 339-40
Indexing Service, 1035
IPSec, 753, 757-59
Network Monitor capture filters, 1328-30
Network Monitor display filters, 1331-34
PPTP, 1277
Find command, Registry Editor, 1415-16
Find Custom Search dialog box, 407
FindFast, Microsoft Office, 659
Find People feature, Outlook Express, 924
Find Users, Contacts, And Groups dialog box, 407-8
Firewall Mode, ISA Server, 1186-87
firewalls
IP addresses, 474
IPv.6 and, 491
ISA Server, 1201-3, 1235-36, 1239-40
Firewire (IEEE 1394), 161, 192, 201, 205
firmware configuration, EMS, 1457
FIXBOOT, Recovery Console commands, 1435
FIXMBR, Recovery Console commands, 1435
Flexible Single Master Operations (FSMOs), 444
floppy disks, 56, 726
folder backups, 1364-65
folder compression, 561
folder redirection, 314-18
canceling, 318
by group membership, 317
Group Policy, 307
to one location, 315-16
overview of, 314-15
folders. See also files
decrypting, 763-64
encrypting, 762-64
permissions, 185, 300-301
sharing. See shared folders
special permissions, 297, 301-3
folders, Outlook 2002
applying rules to public folders, 911-12
moderated folders, 912-13
permissions, 907-8
public folders, 909
synchronization, 904-6
fonts, language support and, 245
forests
Active Directory domains and, 111-12
adding trees to, 388-89
boundary decisions, 431
complete trust model, 130
creating, 389
dedicated forest roots, 125-26
designing domain structure, 38-39
functional levels, 147-49, 396-99
multiple domains and, 41
multiple-master domain model, 126-28
as namespace type, 30-31
root domains, 112-13
single-domain model, 123
single-master domain model, 123-25
structural domains and, 129
upgrading functional levels, 152
forks, Macintosh, 851
FORMAT, Recovery Console commands, 1435
formats
changing, 897
file system, 560-61
logs, 1108
formatting
disks, 174
partitions, 174, 572-74
volumes, 557, 572-74
forms
libraries, 901-2
print servers, 225-26
Forms Manager, 910
forms, Outlook 2002, 899-902
customizing, 899-901
defaults, 909-11
storing and publishing, 899-901
Forms tab, Print Server Properties dialog box, 225
forwarders, DNS, 534-35
forward lookup zones
A (host) records and, 524
creating, 523
PTR records and, 482
updating, 503
FQDNs (fully qualified domain names), 482
frames, Network Monitor, 1320, 1329-30
Frame Viewer window, Network Monitor, 1321-22
Free/Busy service, Microsoft Office, 916
free media pool, 644, 675
FrontPage Server Extensions, 1093-94
FRS (file replication service), 122, 633
F-Secure SSH, 822
FSM (File Server for Macintosh)
creating MAVs, 865-66
creator codes, 870-71
functions of, 854
installing, 859-60
options, 863-65
permissions, 866-68
sending messages to connected users, 871
type codes, 870-71
volume security, 869
FSMOs (Flexible Single Master Operations), 444
Ftonline tool, 142
FTP (File Transfer Protocol), 821-22
commands, 1067
sessions, 1066-67
support, 8
UNIX and, 821-22
FTP service
Default FTP sites, 1083
FTP Site Creation Wizard, 1084-85
other FTP sites, 1083
testing FTP sites, 1085-86
virtual directories, 1086-87
FTP Site Creation Wizard, 1084-85
FTP sites, 1123-30
access control, 1128
administering, 1092
anonymous access, 1126-28
authentication, 1127-28
creating, 1084-85
default sites, 1083
directory properties, 1129-30
home directory, 1128-29
identifying, 1125
individual site properties, 1124-25
Internet Explorer and, 1086
messages, 1128
other, 1083
sessions, 1125-26
testing, 1085-86
Full Control privilege, sessions, 1019, 1023
full CRLs, 712
full mesh topology, 633
fully qualified domain names (FQDNs), 482
fully qualified printer names, 198
functional levels
domain, 149-51, 396-98
forest, 147-49, 396-98
switching, 151-52, 398-99
G
Gateway for NFS, UNIX, 838
gateways
IP addresses for, 474
overview of, 476-77
GC (Global Catalog)
Active Directory and, 408
functions of, 394
global and domain local groups in, 251
overview of, 26-27
GC (Global Catalog) servers
demoting, 391
domain controllers, 179
intersite replication, 133
setting up, 394
general properties. See also properties
devices, 160-61
groups, 424
NNTP virtual servers, 1134
SMTP virtual servers, 1140
software installation, 950
user accounts, 419-22
generators, power outages and, 1391-92
Generic Application resource, server clusters, 604-5
Generic Script resource, server clusters, 605
Generic Service resource, server clusters, 605
geographical naming convention, 32-33
Getting Started Wizard, 1190-92, 1209
GID (group identity), UNIX, 833
global groups
built-in, 263-64
permissions, 298
scope of, 250, 258, 424
strategy for, 255
globally unique identifiers (GUID), 21, 995-97
GNU LGPL (GNU Library General Public License), 826
goal definitions
cluster planning, 588-89
deployment planning, 49-50
GPCs (Group Policy Containers), 308
GPMC (Group Policy Management Console), 949
GPOs (Group Policy Objects)
adding software packages to, 957-58
associating with Active Directory objects, 6
creating, 312-13
CTLs and, 797-99
deploying software, 940
group policy settings, 306
modifying software, 963-65
OUs and, 411
overview of, 307-8
planning software deployment, 949
redeploying software, 965-66
removing software, 965-66
scope, 311-12
service packs and, 972
software properties, 959-61
software restriction policies, 967
troubleshooting with, 1443
trusted certificates and, 796
upgrading software, 961-63
GPTs (Group Policy Templates), 308
graphical tools, WMI, 367-70
Windows Management Instrumentation Tester, 368-69
WMI control, 367-69
WMI Object Browser, 369-70
graphs, 1311
Graph view, System Monitor, 1299
group identity (GID), UNIX, 833
Group Policy. See also RSoP (Resultant Set of Policy); Software Installation and Maintenance
applying, 309
Audit Policy, 336
components, 307-8
folder redirection, 314-18
GPO creation, 312-13
GPO links, 411
GPO scope, 311-12
group configuration, 6
Group Policy Editor, 313-14
order of implementation, 309-10
order of inheritance, 309
overriding inheritance, 310-11
overview of, 306
refreshing, 314
RIS client settings, 983-84
snap-in, 231
startup problems, 1443
user configuration, 6
Windows NT/Windows Server 2003, 306-7
Group Policy Containers (GPCs), 308
Group Policy Editor
defined, 306
disabling branch of a GPO, 313-14
overview of, 313
Slow Link Detection policy setting, 955-56
Software Installation snap-in, 947
Group Policy Management Console (GPMC), 949
Group Policy Templates (GPTs), 308
group priorities, printers, 221
group privileges, UNIX, 820-21
groups
adding users to, 257-58, 418
built-in domain local, 261-63
built-in global, 263-64
built-in local, 259-61
cluster, 602, 616-17
configuring, 424-25
creating, 256, 423-24
delegating control to, 414
deleting, 257
domain local, 255
global, 255
local groups, 258-59
logon rights, 265
naming conventions, 254
overview of, 249-50
permissions, 298
privileges, 265-67
properties, 424-25
remote access permissions, 1263-65, 1267-69
scopes, 250-51, 258
types of, 249
universal, 255
user rights, 264, 267-68
group scope
assigning, 250-51
changing, 258
defined, 249
GPOs and, 311-12
GUID partition table, 12
GUIDs (globally unique identifiers), 21, 995-97
Next
Last Updated: May 15, 2003
|
