FREE ESSAY ON NT SERVER

NT SERVER

NT Server 4.0 study notes
How do you move a PDC or a BDC to a new domain? Change the Domain Name
System Policy Editor will allow you to restrict logon times - true or false? False
What is the correct syntax to start a program such as Network Monitor with a low priority
start /low netmon
A local group is located in each computers account database 
Why would you run Win16 apps in a separate NTVDMS? To allow a Win16 app to interoperate
with other apps in a separate memory space
Will it minimize memory used No
Will you be able to run Win16 apps which rely on shared memory to exchange data No
If you have multiple Mac subnets attached to multiple Nics and only one subnet can see
the server, what is wrong? You need to enable routing in the AppleTalk Protocol config
dialog box
What files are required for a boot disk on a machine with SCSI drives with their bios
enabled NTLDR NTDETECT.COMBOOT.INI
When do you need the NTBOOTDD.SYS file? If your SCSI controller does not have it's BIOS
enabled?
When will the BOOTSECT.DOS file be required? When you need to boot into another OS on
your system, such as MS-DOS or Win95
What is the proper syntax for sending a print job to a TCP/IP printer on a Unix host? Lpr
-S [IP address of Unix Host] -P [Printer Name] [filename] Both S and P are capitalized
What is the Directory Replication Service Interval? Interval at which the export computer
checks for changes to the replicated directories
Do Shares use forward slash or backslash in the pathname? Backslash, same as DOS
commands
Do Internet names use forward slash or backslash in the path? Forward slash - (as per
Unix)
What is the first step you should take when one disk in a mirror set fails Break the
mirror
What is the name of the application which examines memory dump files, extracts info and
writes the info to a text log? Dumpexam
What can you do if you suspect a bottleneck because too many Win95 clients are trying to
access the same policy file? Use Policy Editor to enable load balancing on the Win95
clients
What two files are required in the Winnt.exe command line in order to setup multiple
machines, including applications without physically being at the client computer?
UNATTEND.txt and the file name of the .UDF
What switch calls the UDF? /U
If you have Administrator Services loaded on a Win95 client can you manage the DHCP
Server on your PDC? No - the DHCP service can only be managed locally
Which method of licensing is the default when you install a new copy of NT Server 4? What
is the other method? Per Server - other is Per Seat
What types of networks is the default licensing option good for Small networks or
internet attached machines
Why would you switch from the default licensing option? As you add servers, each client
would need a separate license for each server they attach to. Per Seat licensing allows
the client to connect to as many Servers as necessary?
Are Sparc Ultra RISC machines supported by NT Server 4.0 No
Are PA RISC machines supported by NT Server 4.0 No
What does the OSLOADER.EXE program do? On a RISC machine it replaces the functions of
NTLDR, NTDETECT.COM and BOOTSECT.DOS on a PC
What do you use to configure IIS? Internet Service Manager Program
What TCP/IP protocols are supported by IIS FTP, HTTP and Gopher
Is there any user data on the ERD No
Which versions or types of Netware servers require that you specify a Default Tree and
Context? Those not using Bindery Emulation - Netware 4.x
Which versions or types of Netware servers require that you specify a Preferred Server?
Netware 3.x or those using Bindery Emulation
What is an NDS tree? Netware equivalent of a Domain
What is the default frame type used by NT Server 4.0 802.2
Which versions of Netware use 802.3 frames pre 3.12 (1+2=3 802.3) 3.12 actually uses
802.2 frame types - industry standard
What is the role of a Member Server (stand alone server) database server, communications,
resource server etc - do not authenticate users
Where do you add display adapter drivers In the Display applet in Control Panel
Where do you change the Mouse Pointer Icons? In the Mouse applet in Contol Panel
What partition are the WinNT files on? Boot Partition
What partition are the boot files on? System Partition
How do you convert a FAT partition to an NTFS partition? If it is empty - reformat using
Disk Administrator If it has files on it use the CONVERT.exe program from a DOS prompt.
Is Migration Tool for Netware part of GSNW Yes
How do you add an NT machine to the domain Add it in Server Manager, then boot it into
network
What does cacls.exe do? Command line application to set permissions on a remote share.
How do you configure an alert in Performance Monitor to send a message? Check Send
Network Message and add the correct name to the Net Name field.
What all can you automatically configure for clients when you are running the DHCP
service NetBios Name resolution DNS ServerWins ServerIP address
What steps are necessary to renew an account which has expired Set a new expiry date in
the future (you can also select newer expires
Where is the best place for a paging file On a partition other than the boot partition -
unless you have no choice (eg. Never put it on a stripe set with parity)
What protocols can RAS be configured to use for dial out or dial in TCP/IP, NetBeui,
NWLink
What protocols can be used with RAS autodial TCP/IP and NetBeui
Error! Unknown switch argument.
HOME | WIN 2000 | NT 4.0 | INFO | LINKS | BOARDS | CAREERS | BOOKS | COMPTIA | CONTACT 
NT SERVER STUDY GUIDE
CONTENTS
INSTALLATION AND CONFIGURATION
NTFS VS FAT
UPS
RAID
REGISTRY
USER ACCOUNTS
SYSTEM SECURITY POLICIES
SHARING
PRINTING
NETWORK CONNECTIONS
BROWSING
MANAGING DOMAINS
WORKING WITH NETWARE
OPTIMIZATION AND TUNING
RAS
RECOVERY AND TROUBLESHOOTING
STUDY GUIDES BY OTHERS
ONLINE TESTS
INSTALLATION
--GENERAL INFO--
You can't very well use NT until you get it installed, right? In order to install NT,
your machine must meet the following requirements:
? 16mb Ram 
? VGA video card 
? 486-DX33 or better 
? 125mb free disk space 
? CD-ROM unless this will be a network installation 
There are a couple of different options for setup. If you are upgrading from an earlier
version of NT, then you will use WINNT32.EXE. If you are upgrading from DOS or Win95 then
you will use WINNT.EXE. At this point installation will begin and should be pretty self
explanatory until you get to the upgrade or fresh install option. If you are upgrading
your server from a previous version, then you will probably want to select upgrade as it
will preserve your user accts and all directory and share info. This will save you the
huge pain in the ass of setting all of this up all over again. Fresh install should be
self-explanatory.
The next step of note is selecting the partition that NT will install onto. This option
will allow you to delete partitions as well, but don't be a dumbass and delete any vital
ones. Next you will be asked how you would like this partition to be formatted. Your
options wil be something like: 
? Format to a FAT system 
? format to an NTFS system 
? leave it as is 
? Convert a FAT partition to NTFS 
? Convert an HPFS/HPFS386 partition to NTFS(This is for a LAN Manager upgrade only) 
The differences between the file systems will be discussed later, so read on!
Next, setup will run a version of CHKDSK and then you will be prompted to select a
directory to install the NT files into. The recommended directory is \WINNT. After all of
this you will reboot and the more windows style set up will begin. The next step of note
is to designate whether the machine will be a PDC, BDC or Server. It is important to
select this correctly the first time as you can't go back and change it later. The first
NT Server that you install will be a PDC. Microsoft recommends 1 BDC for every 2000
users. More than this can cause unneccesary network traffic.
--UNATTENDED INSTALLATIONS--
Now who has time to sit with the NT machine for 45 minutes to an hour. That kind of time
cuts into cocktail time, which is why Micro$oft provided options for unattended
installations. With a little configuring beforehand, NT will do the whole installation
for you and you can take off for drinks with your friends. In order for this to work, you
need a script known as an answer file that provides instructions to the setup program.
This script can be handwritten in a text editor such as notepad or use the utility
supplied with NT called Setup Manager.
Listed below are the various command switches that can be used during installation.
SWITCH PURPOSE
/B Bypasses the creation of startup disks
/S Sourcepath. Choose location of a source file - multiple locations will speed up
installation.
/F Speed up install by not verifying files
/U Denotes unattended setup mode and points to an answer file location. Must use with /s
to specify source file location.
/T Destination. Specifies installation location of temp files used during installation.
/C Bypasses checking for free space when creating boot disks. Can speed up install.
/OX Creates the setup disks from CD-ROM or network location. Replaces damaged boot
disks.
/I Specify an inf file. Default file is DOSNET.INF.
--NETWORK INSTALLATIONS--
Another installation option is to install over the network which requires that you find a
way to point the computer to an I386 directory somewhere on your network. Here is how it
is done. First, you will need to have a shared I386 directory. Next, you need to make a
boot disk from DOS or Win 95/98. Then go to an NT Server and go to Network Client
Administrator, which is located in the Administrative Tools section of your start menu.
From here you can create a network startup disk. 
UNINTERRUPTIBLE POWER SUPPLY(UPS)
A UPS is designed to protect your servers from power surges and spikes, voltage
variations and power outages. Any one of these things can damage data, cause network
problems or even destroy your server. NT Server is designed to receive information from
the UPS via its serial port and act on it. Here are the messages that it can receive: 
? POWER FAILED: This signal goes from the UPS to the server. This alerts the server that
power has failed and it is now running on battery power. 
? BATTERY LOW: Some UPS will inform the server that it the UPS is running low on battery
power. 
? REMOTE UPS SHUTDOWN: If NT detects that it is getting a crappy electrical signal from
the UPS it will send a message to it to shutdown and charge itself. While in this state
the UPS will continue to forward power to NT, but will not provide any of it's other
services.
Once the UPS is installed, it can be configured in the UPS control panel. Workstations
that have the messenger service installed will receive broadcast messages when the power
fails or when it comes back up. This gives workers a chance to save what they are working
and gracefully shutdown. 
NTFS VS FAT
--GENERAL INFORMATION--
When using NT it is a good idea to use NTFS partitions, at least on the partitions that
contain your data. One of the advantages of the FAT file system is the system that DOS
uses. On an NTFS partition, you can't boot from a DOS boot disk - this is one of the
security features of NTFS. Additionally, a floppy disk cannot be formatted as NTFS. For
this reason it might not be a bad idea to have a small partition formatted FAT so that
you can boot into DOS for recovery purposes. FAT partitions can be defragmented while
NTFS cannot. An NTFS partition cannot be converted to FAT without erasing the disk and
reformating. Files moved from a FAT partition to an NTFS partition will retain their
filenames and attributes. 
--FEATURES OF NTFS--
NTFS partitions provide the following features: 
? Supports upper and lower case letters in names. 
? Allows permissions to be set on files and directories 
? Supports Unicode in file names. 
? Forks in files. 
? File and directory names up to 254 characters in length. 
? Ability to access sequential access files over .5mb faster. 
? Faster access to all random access files. 
? Long file name conversion to the 8+3 convention. 
? Support for Appletalk and the ability to share Mac Volumes. 
? Disk space is used more effeciently. 
RAID
--GENERAL INFORMATION--
In order to understand how RAID works it is first best to understand the following
concepts regarding hard disk configurations.
? PARTITIONS -- A partition is a portion of a physical hard disk. A partition can be
primary or extended 
? PRIMARY PARTITION -- This is a bootable partition. One primary partition can be made
active. 
? EXTENDED PARTITION -- An extended partition is made from the free space on a hard disk
and can be broken down into smaller logical drives. There can only be one of these per
hard disk. 
? LOGICAL DRIVE -- These are a primary partition or portions of an extended partition
that are assigned a drive letter. 
? VOLUME SET -- This is a disk or part of a disk that is combined with space from the
same or another disk to create one larger volume. This volume can be formatted and
assigned a drive letter like a logical drive, but can span more than one hard disk. A
volume set can be extended without starting over, however to make it smaller, the set
must be deleted and re-created. 
? DISK ADMINISTRATOR -- This utility is found in the administrative tools section of NT
4. This is the tool that controls the configuration of the hard disks on an NT 4 system.
You can create partitions, volume sets, logical drives, format disks, etc. 
--RAID LEVEL 0 - DISK STRIPING WITHOUT PARITY--
Disk striping will distribute data across 2-32 hard disks. This provides the fastest
read/write performance as the system can access the data from more than one place. This
level of RAID does not provide any redundancy. This means that if one of the disks fails
you lose all of the data and have to delete the stripe set and start over once the bad
disk is replaced. System and boot partitions cannot be included in a stripe set.
--RAID LEVEL 1 - DISK MIRRORING--
Disk mirroring writes exact copies of data to more than one disk. Each disk or partition
of a disk will contain the exact same data. If one hard disk fails, the data still exists
on the other disk. This level of RAID also increases disk read performance as it can pull
the data off of both disks. Disk mirroring on NT Server also uses disk duplexing whereby
each disk has it's own disk controller. This provides redundancy in the case of a
controller failure. To recover from a failure, the new drive must be installed and then
in Disk Administrator break the mirror and re-establish it.
--RAID LEVEL 5 - DISK STRIPING WITH PARITY--
Very similar to RAID level 0, however, parity information is written to each of the 3-32
disks in the array. If one of the disks fails, the data can be reconstructed by
installing a working hard disk and using Disk Adminstrator. The parity information will
be used to reconstruct the data that was lost when that drunk employee peed in your
computer case. If more than one disk fails then you are screwed and will spend your
weekend fixing this *censored*. RAID 5 offers increased disk read speeds, but slower
write speeds because it has to write the parity info. System and boot PARTITIONS cannot
be included in a stripe set. To recover from a failure, you must select the regenerate
option in Disk Administrator. 
REGISTRY
--GENERAL INFORMATION--
Ok...Now we're getting into the meat! Maybe you have been sitting around with a bunch of
computer geek wannabes who are throwing the word registry around in every sentence so
that they sound smart and wondered what the hell they are talking about. After this you
will be able to do that too. The registry is a big-ass hierarchical database that stores
all of NT's settings. It can be accessed by running regedt32.exe or regedit which has a
few new features. Below are the 5 subtrees and the information that each controls.
SUBTREE DESCRIPTION
hkey_local_machine This subtree contains most of the information that you will use. It
holds information about hardware, systems and programs running on the machine.
hkey_classes_root Stores file associations such as which application should be used to
open files based on the extension. It also contains the OLE registration database and
also provides redundancy as all of its info is found in the hkey_local_machine subtree.
hkey_users Holds 2 user profiles. One is a default used for settings when nobody is
logged in and the other is for a user that is already known to the system.
hkey_current_user This subtree contains the user profile for whoever is currently logged
in to the server.
hkey_current_config Contains information about the hardware configuration that was used
during boot.
Each subtree contains keys and within most of the keys are subkeys. Once you browse deep
enough you will get to the final subkey. When this is opened, the first line you see will
be the value entry. The value entry will contain 3 parts called name, data type(5 types)
and value.
Most of the registry(the static items) are contained in hive files which are located in 2
places. Machine hive files are located in \WINNT\SYSTEM32\CONFIG and user files are
located in \WINNT\PROFILES.
The registry editors will allow you to remotely edit the registry of another computer.
The registry can be backed up and restored in the event that mistakes are made. 
USER ACCOUNTS
--GENERAL INFO--
One of the most important tools in NT is the User Manager for Domains on the PDC. On
non-PDC servers and workstations, it is called User Manager. The difference is that User
Manager creates and maintains accounts that are only applicable for that machine, while
User Manager for Domains creates domain accounts that can be used on any machine that
participates in the domain.
When user accounts are added or edited, changes are made to a SAM file. User Manager for
Domains changes the SAM file on the PDC while User Manager changes the SAM file that is
local to the machine that it exists on. When a new acct is created it is assigned a
unique Security Identifier(SID).
--GROUPS--
Using user groups is a way to greatly simplify account administration, especially on
larger networks. If you place a group of users into a group, you only have to change
permissions for the group and it applies to all of the users in the group. There are 2
kinds of groups, global and local. Local groups are local to the NT machine. For fun
let's say that your company just hired some rod named Rod. He will be the adminstrator
for the network so he will need administrative rights on all 1000 NT workstation and
server computers. He would have to be given administrative rights on all 1000 computers
if we were using local groups, which is a whole lot of work and overtime for Rod. That is
why NT also has global groups which can only be created on a domain controller. Once this
is done, Rod will be seen as the administrator for the whole domain. NT comes with a set
of pre-installed local groups listed in the tables below:
GROUP DESCRIPTION
Administrators Most powerful group so that they can manage the configuration of the
domain.
Server Operators Have necessary rights to manage domain servers.
Account Operators This group has rights to manage user accounts.
Print Operators Responsible for managing printers.
Backup Operators Have rights to control backup and restoration functions
Users Have minimal rights on the NT servers, but do have some rights on their local
workstations.
Guests Very limited abilities. No rights on NT server.
Replicator Supports directory replication functions.
GROUP RIGHTS
Administrators ? log on locally ? Take ownership of files ? Access computers from network
? Create and manage user accts ? Create and manage global groups ? Manage auditing and
the security log ? Shutdown or remotely shutdown the system ? Assign user rights ? lock
system ? Bypass server lock ? Format server hard disk ? Change the time ? Backup files
and directories ? Keep a local profile ? Create and remove shares ? Create common groups
Server Operators ? Log on locally ? Lock server and bypass lock ? Change time ? Format
hard drive ? Shutdown or remotely shutdown the system ? Backup files and directories ?
Keep a local profile ? Restore files and directories ? Create and remove shares ? Create
common groups
Account Operators ? Log on locally ? Create and manage user accounts, local and global
groups ? Shutdown the system ? Keep a local profile
Print Operators ? Log on locally ? Keep a local profile ? Shutdown the system ? Create
and remove printer shares 
Backup Operators ? Log on locally ? Keep a local profile ? Shutdown the system ? Backup
files and directories ? Restore files and directories
Users ? Create and manage local groups(only if user has permissions to log on locally at
server or has access to user manager for domains.
Guests ? None
And now for the global groups. There are 3 global groups which can only be created on a
domain controller.
GROUP DESCRIPTION
Domain Admins By default this group can administer the servers(also from trusted domains)
and any NT Workstation logged into the domain.
Domain Users By default, this group is a member of the Users local groups for for the
domain and NT Workstations in the domain.
Domain Guests If given permissions by the domain admin, this group permits guest accounts
to access resources across domains.
SYSTEM SECURITY POLICIES
--GENERAL INFO--
In order to understand system policies, you need to understand the difference between
rights and permissions. Rights give a user or group the ability to perform a certain
task, such as the ability to create user accounts. Permissions give access to specific
objects like files and directories. Rights are determined by the administrator, whereas
permissions are determined by the owner of the object being accessed. Generally rights
carry more weight than permissions. NT allows new groups and users to be created with a
customized set of rights.
--EVENT AUDITING--
NT allows auditing to be enabled which allows security information to be stored in a
security log. The table below should sum it up. 
EVENT DESCRIPTION
File and object access Tracks jobs sent to printers and access to files or directories.
Logon and logoff Keeps track of logging on and off activity as well as connections to
servers.
Process tracking Tracks the running and quitting of programs.
Restart, shutdown and system Self-explanatory
Security policy changes Audits any changes made to user rights, trust relationships and
the auditing process itself.
Use of user rights Displays when a particular right is used.
User and group management Notes any alterations of user accounts or groups.
--PROFILES--
A user profile is a bunch of configuration settings that comprise a users desktop. There
are several different ways that these can be configured and each is listed below.
LOCAL 
? LOCAL PROFILE - Each user creates and maintains there own profile. 
? PRECONFIGURED LOCAL PROFILES - Users have local profiles that are partially or entirely
preconfigured by the admin. 
? PRECONFIGURED DEFAULT USER PROFILE - Users have local profiles, but admin uses a
template for new users. This can be modified by user. 
NETWORK 
? ROAMING PROFILES - A path is created to the users profile and is maintained on the
server. Users can alter this profile. 
? PRECONFIGURED ROAMING PROFILE - A path is added to users account info and a
preconfigured version is stored on the server. 
? NETWORK DEFAULT USER PROFILE - A default user profile that is stored in the netlogon
shared directory. Users will be able to change this profile. 
? MANDATORY PROFILE - A path is made to the users profile and a preconfigured profile is
copied to that path. The user may not modify this profile. 
The %systemroot%/profiles directory contains profiles for every user that has ever logged
in to the NT box. Each user's profile contains the following folders: Application data,
desktop, favorites, personal, sendto and start menu. Any setting that is not a part of
the desktop settings is stored in the NTUSER.DAT file. This file can be altered by
editing the registry in the HKEY_CURRENT_USER subtree. Most changes that you would want
to make can also be done in the control panels. 
SHARING
--GENERAL INFO--
Sharing is a bitch in NT so strap yourself down and I will try to explain as best I can.
There are 3 ways to create a share:
1) Explorer
2) My Computer
3) NET SHARE command at a DOS prompt
Lets talk about sharing a directory. First of all, NT comes with default shares if the
server service is running. All root directories of partitions, Netlogon and CDROM drives
have default shares. These shares can only be accesed by admins. For others to access
these resources, a new share must be made by a member of the Administrators or Server
Operators groups. A single file cannot be shared under NT, it must be a directory. Share
names can be up to 12 characters long, but it is recommended to keep them under 8 as DOS
redirectors can't handle anything longer. Spaces are allowed, but if the share name has a
space in it you will have to enclose the name in quotations in order to access it. If you
wish to hide a share so that it does not show up on the browse list, all you have to do
is add a $ sign at the end of it(eg. isuck$). If a share is hidden then you can only
access it from a DOS prompt or via the map network drive option in explorer. When a share
is created, you have the option of specifying permissions(see below) for the share and
the maximum number of users that can access it at one time. The NT Resource kit contains
a program called Server Manager that can be installed on an NT Workstation or Win9x
computer and will allow you to create shares remotely so you don't have to get off of
your lazy ass and walk over to the server. 
When you create a share, you have the ability to assign permissions to it so that crazy
Joe with the wandering eye doesn't get in and start erasing files. There are 3 of sets
share-level permissions:
1) Share-level
2) File-level
3) Directory-level
Now more in depth on each of these-
--SHARE-LEVEL PERMISSIONS--
When assigning permissions to a share, the users and or group/s that are given access to
a share is defined by the access control list or ACL. For example, lets say that you have
a company called Smack City...You can assign a certain level of permission to the
Processing group such as read only and full control to the refining group. Or you can
specify by user or both groups and users. It is very flexible and can also be very
complicated.
Here are the different types of share-level permission.
No access Can't get in or access at all
Read View files and subdirectories. Execute applications. No changes can be made.
Change Includes read permissions and the ability to add, delete or change files or
subdirectories
Full Control Includes change permissions and the ability to change permissions(NTFS only)
and take ownership(NTFS only)
If you are a member of multiple groups and different permissions are assigned to each
group, your permissions will be for whichever group gives you the greater permissions
unless one of your groups is given no access. No access would override any other
permissions for any other group of which you are a member.
--FILE AND DIRECTORY PERMISSIONS--
Lets say you have an NT workstation with 3 users that share it. NT will allow you to
create shares that permissions can be assigned to the other users of the same workstation
to prevent or limit their ability to access the other users' files or directories. This
type of security occurs at the local file system. File and directory permissions apply to
NTFS permissions only.
The following permissions can be applied to directories: 
? No access 
? List 
? Read 
? Add and Read 
? Change 
? Full control 
? Special directory access 
? Special file access 
The following permissions can be applied to files: 
? No access 
? Read 
? Change 
? Full control 
? Special access 
Permission Description
No access Directory: Can't view or change directory or directory permissions.File: Can't
view or change file or file permissions.
Read Directory: Users can view files and their attributes inside directories. User can
browse through directory.File: Users can open or execute the file and view the file's
attributes and and permissions.
Add Directory: Can add files to a directory but can't access files put into that
directory.File: N/A
Add and read Directory: Users can open/execute and add files in the directory. Can't
change or delete filesFile: When a directory is Add and read, the files in that directory
are read only. Add and read cannot be applied directly to files.
List Directory: User can view files and view file and directory permissions. Can
open/execute files.File: N/A
Change Directory: Able to make new files and directories, change or delete files,
open/execute files. Can't change permissions.File: View, change and delete files. Can't
change permissions.
Full Control Directory: All of the permissions included with change and the ability to
change permissions and take ownership of files.File: Same as change permissions, but can
also change permissions and take ownership of files.
Special access Directory and file: Create custom permissions using NT's 6 basic
permissions which are read, write, execute, take ownership, change permissions and
delete.
In order to access data over the network, you must have share-level and file and
directory-level permissions. Share-level and file and directory-level permissions can be
used in conjunction with each other. NOTE: New files will take on the permissions of the
directory that they are created in by default.
--OWNERSHIP--
Files have owners who have administrative rights to a particular object. This permission
is not stored in an ACL file and is typically given to the creator of that object. NT
includes this feature so that users can administer their own machines and supply
resources for their own stuff. An admin would be dirty pissed if he/she had to make every
little change for a user because they didn't have permission to. So, when a user creates
an new file, for example, they are the owner of that file and can do whatever the hell
they want with it. Now let's say that you are the admin at a company and you want to find
out why Billy the slacker is getting no work done. You access his hard drive and you find
a folder called nudie pics and you try to open it and get denied. You can then take
ownership of the file and then add yourself to the ACL as you have administrative
permission to do so. You then kick Billy's ass out and say to yourself, Ahhh, its good to
be the king! 
PRINTING
--DON'T BE A DICKHEAD--
This section will discuss network printing and the like. This section hits close to home
as I used to do tech-support for a printer manufacturer. I would like to first make a
plug to all of you future admins. Don't be a *censored*head! Just because a printer won't
print doesn't mean that the printer is the problem. Do your homework and trouble-shooting
before calling the printer manufacturer and blaming them for having a crappy printer. I
will give you an example of what I am talking about. I was dealing with a PC support
person for the Cleveland Cavaliers. I got an email stating that the printer has never
worked since the day that they got it and has cost them thousands of dollars in down-time
and he wanted to know what we planned on doing about it. I asked him what the problem was
and he said, It doesn't print jobs sometimes. Well, that is certainly helpful - I know
exactly what your problem is... you are a retard, I though to myself. This guy had done 0
troubleshooting and really had no problem desription. So, I gave him a list of things to
check(not sure if he ever did) and told him to CALL me. So, a month later I get an email
from him and he tells me that he has checked everything and still having the same problem
and said that he was 100% sure that it was the network card. After arguing in vain with
him I told him that I would send a new network card and when it didn't fix the problem he
could CALL me with a decent problem description. A month later he emails me again and
tells me that it is still happening and they are losing thousands of dollars per day and
blah blah blah. I basically emailed him back and told him that I wouldn't work with him
anymore because he was an idiot and sucked at his job and sucked as a human being. Then
his boss emailed me and we got in touch with each other and had it fixed in 1 hour as it
turned out to be a simple timeout setting. Moral of the story? Don't be that guy(or
girl).
--INSTALLATION AND CONFIGURATION--
Ok, got that off of my chest. Network printing has a couple advantages over a parallel or
serial connection. The most obvious reason is that a network connection allows multiple
users easily share the same printer and allows for permissions to be set for that device.
It will typically be faster to connect to printer via ethernet than a parallel
connection. How much faster depends on a variety of variables including, printer
processor speed, computer processor speed, network traffic, data format, etc. In order to
put a printer on a network, you will typically need a print server. During driver
installation on an NT server, you will want to select local printer if this NT box will
be the print server. The clients, on the other hand would select network printer and
browse to the printer or enter the UNC path to it. When installing on the print server
you have to select shared and give it a share name(under 12 characters) in order for
clients to be able to use the print queue. When you select shared you have the option of
specifying the operating systems that will be sharing the printer. If you select any of
these you will need to supply drivers for those operating systems. If you are accessing a
shared printer from an NT workstation, you do not have to load the drivers. The
workstation will pull them off of the server during installation. NT allows you to pool
your printers so that your job will print on the first available printer. This only works
if you have more than one identical printer with an equal amount of memory in each.
Once your drivers are all installed, you need to worry about spool settings. By default,
an NT server will spool print jobs so that the client computer is freed up so that the
user can continue with their work. This is called background printing. There may be
occasions where you will not want to spool the jobs to the server - maybe you have a
crappy server that can't handle the workload or for trouble-shooting reasons. In these
situations, you can change the scheduling to print directly to the printer. 
--PRINTER PERMISSIONS--
Printer permissions are only slightly different than NT's regular permissions. The table
below should explain it.
Permission Description
No access Can't print or do anything else.
Print Can print, pause, resume, delete and restart their own documents only.
Manage Documents Have print permissions for all documents(not just their own). Can also
control document settings.
Full access Have manage document permissions and can also change printing order and
change the printer's permissions and properties.
In addition to permissions, priorities for print jobs can be set. For example, If you are
the president of a company and you feel that your documents are more important than the
secretaries', then on the server you can creat 2 printer objects and assign a different
print priority to each so that your documents come out first.
Like other things in NT, a printer can be audited by enabling file and object access
auditing in the user manager. Then in the printer properties, you can select the users
and/or groups that you would like audited.
--PRINTER CONNECTION PROBLEMS--
I may include more info here than is needed for the test, but after working for a printer
company I found that most people are pretty ignorant about printers. Even Administrators
would call and would be completely clueless as to where to start. Having said that, I
will start off with the famous can't print problem. Please note that the following
discussion focuses on TCP/IP printer connections, whereas on the exams Microsoft will be
referring to HP printers using the DLC protocol. 
? No matter what the problem is, whether it be print quality or connection related, print
an internal page. Most printers have some sort of startup or configuration page that it
will print and this page may also have the printers network settings on it. This will
verify that the printer is working properly. 
? Treat the printer just like you would a computer that is not participating on the
network properly. I.E. if it is a TCP/IP printer, try to ping it. If the printer uses a
jet direct box with IP, ping the box. If this doesn't work make sure that you can ping
another device on the network. 
? Check your network settings. Make sure that someone hasn't fiddled with the printers
settings and that the printer's and computers IP settings are correct. 
? Make sure that everything is plugged in correctly even if you are sure that it is.
Don't be cocky, you don't want to be that guy that calls techsupport and they help you
determine that the printer isn't connected. Believe me it happens. I have also seen a
case where an ethernet cable was chewed up by rats, so take a good look at it. One of the
best ways to test cabling, is to take the drop in question and connect it to another
printer or computer. Can you ping the new device? If not then you probably have a cable
problem. 
? If you were able to ping it, then see if you can print from the server. If not, then do
the following: Make sure that NT is pointing at the correct port. Verify that the correct
driver is installed(you may need to consult your printer manufacturer to find out which
is the correct one). Reinstall the driver. 
? If you were able to print from the server just fine, then try to narrow down whether it
is just one client or several or all that are unable to print. This is where it starts to
get tricky and you have to do your homework. If only a certain group of users can't
print, it may be a routing problem. If it is all, then something probably isn't set up
correctly on the server. If it is just one user that can't print, then it is probably a
driver problem(assuming that they can access the rest of the net.). 
? If for some reason a document gets stuck in the spooler, restart the spooler service. 
This is, of course, isn't even the tip of the iceberg but these are the basics. The main
point is that when troubleshooting anything, try to narrow it down first. You probably
won't figure it out on your first try - use the process of elimination. 
NETWORK CONNECTIONS
--CONNECTING A DOS WORKSTATION TO NT--
DOS is the most complicated one to connect to NT because it has no built-in networking
support. There are several different ways to do this and we will look at each.
The first way is to use NT's NCA(Network Client Administrator). The NCA setup will ask
for your Network card type, protocol info, etc and will then create a file on a floppy
that you would use as a boot disk on the DOS client after modifying the protocol.ini
file. This will provide enough network support to connect to the NT server. Then a batch
file will be run that will install the Microsoft Network Client 3 for DOS.
There is an easier way to set up the Microsoft Network client 3 for DOS that bypasses
using NCA. Browse to the clients directory and look in the msclients subdirectory. In
here, you will find a disk1 and a disk2 directory. Copy each of these to a separate
floppy disk. Now all you have to do is install disk one into the DOS client, switch to
the A drive and type setup. This will run the installation program and ans should be
pretty straight forward from there.
When you first try to logon, you will get a message that your password has expired so you
will have to change it using the following command: net password /domain:(your
domain)(username)(old password)(new password). You will probably get an error message,
but the password has been changed and should work when you try to logon again.
--GETTING AROUND THE NETWORK WITH DOS--
To browse the network, use the net view command without the quotes. To view shared
resources on a particular server, use net view \\(server name). To connect to a shared
resource, use net use (drive letter): \\(server name)\(resource). If you need to map to
drive letters higher that E, then you will have to edit your config.sys file and add
LASTDRIVE=(whatever you want the last drive letter to be). To use a printer type net use
(port such as lpt1:)\\(server)\(printer share name). To disconnect a network connection
type net use /delete.
--CONNECTING WINDOWS FOR WORKGROUPS TO NT NETWORKS--
During installation of Windows for Workgroup you will install the network card. If it was
not done at this time or you installed a new network card, then go to the Network Group
and run the network setup program. Once the network card is setup and you have logged
into the domain, you can browse shared network resources and servers. To do this, open
file manager and click disk and then connect network drive and you will see the browse
list. Working with printers is similar except you open Printer Manager and click Printer
and then Connect Network Printer.
--CONNECTING WINDOWS 95/98 TO NT NETWORKS--
Like Windows for Workgroups you will have the option of setting up network support during
Windows installation. But again let's pretend that it didn't happen that way or that you
are adding a new network card. To set this up, all you have to do is go to the networking
control panel, click the configuration tab, select add and you will see choices of
client, adapter, protocol and service. Select adapter. Select your adapter type or go to
have disk if you wish to install 3rd party drivers. IPX and NetBeui protocols will
automatically be installed. Clicking on the add or remove buttons from the configuration
tab to add or remove protocols.
In order to enable the workstation to log into the domain, you will need to go to the
properties of Client for Microsoft Networks. In this dialog box, you will need to select
log on to Windows NT domain and enter the domain name. Once finished with all of this you
will have to reboot and will then be able to log in. Like NT. Windows 95/98 uses the
Network Neighborhood interface to browse the network.
--WINDOWS TERMINAL SERVER--
What the hell is it? It is similar to a centralized network - remember that from
networking essentials? Essentially, the network would have 1 or more terminal servers and
the rest of the computers would be almost like dumb terminals which are also known as
thin clients. Thin clients can be any crappy old computer that you have laying around
which is one of the attractions to this type of set up - hardware savings, although you
have to have enough beefed up servers to support them. This is not the only advantage
however, you also save on support as Winterm can be configured to run all of the
applications on the servers. This means that if there is a problem, odds are good that it
is occurring at the server which makes for easy and centralized support. Installation of
the Terminal Server is very similar to an NT installation. Once installed, you will
notice some differences in the administrative tools from NT 4.0 as it will now include
the following: 
? Terminal Server Client Creator -- Will create floppies for Client installation on the
workstations. 
? Terminal Server Administration -- The Big Brother application that allows you to view
what the clients are running, disconnect them and view protocol information. 
? Terminal Server License Manager -- Allows you to add or subtract client licenses that
you must pay for. 
? Terminal Server Connection Configuration -- Used to configure the RDP protocol, set
security and a bunch of other stuff.
In order to set this up for a workstation, the Windows Terminal Client must be installed.
On the server side, you will need to select either Remote Desktop Protocol(RDP) or
MetaFrame. MetaFrame is faster as it only sends the changed information from the client
as opposed to RDP which will resend the whole desktop if a user deletes a file from it,
for example.
--MACINTOSH CONNECTION TO NT NETWORKS--
NT offers Services for Macintosh to allow MACs to access shared resources as well as
provide other services including: 
? Support for appletalk protocols without the need for a gateway. 
? MAC filename attribute support. 
? Support for Appleshare protocol 
? Allows MAC users to access non-PostScript printers without the need to convert
documents. 
? Ability to map extensions for PC files which allows MAC apps to recognize PC file
extensions. 
? Allows PC users to access Laserwriter printers without the need to convert documents. 
? Allows for 255 simultaneous appletalk sessions per NT server. 
So how do you set this all up? On the server side, you need to install services for
Macintosh which requires an NTFS partition. If there are routers on the network, they
will need to be configured to route the Appletalk protocol or NT server can be set up to
perform this function. If you will be using NT as the router, you will need to specify
the zones and the network range. Each number in the network range will support up to 256
devices per network segment. After rebooting, the NT server should show up in the chooser
on the MACs and a Microsoft UAM Volume will appear on the NTFS partition. Now MAC volumes
can be created using server manager. Finally, you will need to set your permissions for
the MAC volumes. Following are the MAC permissions: 
Permission Description
See Files Like NT's read permission. Permits the everyone, a primary group or everyone to
view files in the MAC volume.
See Folders Same as see file permissions except it applies to folders within the MAC
volume.
Make Changes Similar to NT's change permissions. Permission to view, add and delete files
or folders. Can also save changes.
Replace permission on subdirectories Whatever permissions are set and copies them to all
of the folders within the MAC volume or a folder within the volume.
Cannot remove, rename or delete. Users can't rename, remove or delete a MAC volume or a
folder within it.
Not much setup needs to be done on the MAC side unless you would like to maintain NT's C2
security and allow for encrypted passwords. The software for this is included with NT
server and would need to be installed on every participating MAC client. 
You are now ready to move files back and forth, except you will undoubtedly run into
problems. Obviously, Macs and PCs use different file systems and this also means that
they won't recognize each others file types without some configuration. For DOS
extensions, you will need to use file manager to change the extension mappings for ones
that aren't correctly configured. If an application isn't listed then you will need to
get to the type and creator codes for the files it supports. On the Mac you will probably
need a 3rd party converter application like Maclink. Many applications have cross
platform versions available. 
If you would like to find out more about how Appletalk works, click here to read our
tutorial. 
BROWSING
--GENERAL--
The browsing service allows one to view what recources are available on your network. In
order for this to work, at least one computer has to be the Master Browser that is
responsible for maintaining a browse list. Keep in mind that every computer on the
network is either a master browser, backup browser, potential browser or not
participating. There are several rules that govern who becomes the master browser as
follows: 
? Each subnet on a tcp/ip network must have its own master browser. 
? As long as a PDC is up and running, it will be the master browser and any BDCs will be
backups. This can be changed by editing a couple of registry keys, however. 
? There will be 1 backup browser for every 15 computers on the network. 
? If the master browser cannot be reached, then an election is held to determine the most
suitable candidate. Priority is based on the type of computer(NT Server then NT
Workstation then Win95 then ETC) 
MANAGING DOMAINS
--BACKGROUND--
Whenever you log in to an NT Server, a session is created. Server Manager is a very
important tool for managing your domain as it allows you to: 
? Synchronize a PDC's security database with the BDCs. 
? Setup directory replication 
? Add and remove NT machines from your domain. 
? Create and remove shares 
? Change an NT server from BDC to PDC or vice versa 
? View users with open sessions on a particular machine 
? View how long the user has been using a particular resource 
? The resources being accessed during the session 
? View all non-hidden computers on the network 
? View Macfiles 
? Send messages or alerts to clients(for Win 95/98 must have Winpopup running) Allows you
to configure the services on your other NT servers. 
Remote administration will only work on other NT Servers, NT workstations or LAN Manager
2.x and will only include current data. If you want to view statistics over a period of
time then you will need to set up Performance Monitor or use the set statistics server
from a command prompt. Server Manager also gives you the ability to disconnect users from
a server, however, certain things must be in place in order for it to work. When a user
logs on to a server, the server verifies the users login information with a domain
controller and a Security Access Token(SAT) is created that allows the user to reaccess a
share. If you disconnect the user, the next time they attempt to access a particular
share the server will look at the SAT and let them back in and the user will never even
know that they had been given the boot. Instead, change the users permissions to no
access and then boot them. Then the server will have to query a domain controller to
create a new SAT and the domain controller will report to the server that the user
doesn't have access to that share.
Next, I want to mention the system shares that Server Manager allows you to view. They
are as follows: 
Share What is it?
ADMIN$ This share is used for the remote administration of a server.
NETLOGON You will only see this one on domain controllers. It is used by the net logon
service, which keeps your PDCs and BDCs synchronized. It is responsible for handling
login attempts.
REPL$ Used when NT server is acting as an replication export server.
IPC$ Shares the named pipes that are used for the creation of sessions between apps. Used
during remote administration or viewing shared resources.
PRINT$ The share for printers
driveletter$ This is the root directory for a storage device on an NT server.
--DIRECTORY REPLICATION--
Server Manager is also used to set up replication. Directory replication is used to
export directories to another NT server or Workstation such as the exportation of login
scripts from a PDC to a BDC, for example. This is useful for server load balancing and
redundancy. Only NT servers can export, NT servers, NT workstations and OS/2 LAN Managers
can import. Replication occurs in the followin manner: Let's say that you have a domain
called crap. Crap has a server called poop that is configured as an exporter to the crap
domain. You also have 3 NT workstations that have the directory replicator service
running and are configured as importers. Once the service has been configure a directory
at C:\winnt\system32\REPL\EXPORT will be created. Directories that are to be exported
will go in subdirectories that you create within the C:\winnt\system32\REPL\EXPORT
directory. Once everything is configured on the importer, a directory called
C:\winnt\SYSTEM32\REPL\IMPORT will be created. This is where the directories will be
copied to. Then, run server manager and click the replication button to set up the rest.
Note that the importers and exporters must support the same file system. You also must
make sure that the Directory Replication service is started in the services control
panel. 
WORKING WITH NETWARE
--BACKGROUND--
Unfortunately, most networks will be a mix of network operating systems which makes the
process of everything working together a little more complicated. The big one that you
have to wory about in real life and in the exam is Netware, so really know this section.
The 2 basic Netware situations that you will need to worry about for this exam are: NT
Server on a Netware network and Netware on an NT Server network.
--CONNECTION OPTIONS--
? NWLink is a routable transport protocol that imitates Netware's IPX/SPX protocol and is
all that is necessary to allow NT to run applications from a Netware server, but does not
allow file and print sharing. After this is installed you will now have multiple
protocols bound to your ethernet card(if you didn't already). To improve your network
performance change the binding order so that the most frequently used protocol is first.

? File and Print Services for Netware(FPNW) is add on software that allows Netware
clients to access an NT Server. The NWLink protocol must be installed for this method to
work. 
? Client Services for Netware(CSNW) allows NT workstations file and print sharing access
to a Netware server. The NWLink protocol will automatically be installed with CSNW. 
? Gateway Services for Netware(GSNW) creates a gateway that allows NT clients to access a
Netware network via an NT Server without having to install any clent software. GSNW will
also allow you to run many Novell commands from a command prompt. NWLink is required and
will be installed automatically when GSNW is installed. You must create a group called
NTGATEWAY on the Netware server and then map a drive on the NT Server for the clients to
access. The account used for the gateway must be a member of the NTGATEWAY group and have
appropriate permissions for the resources on the Netware server. Only the NTGATEWAY
account is necessary to allow all users to access Netware resources. Accessing a Netware
server via a gateway will be slower than connecting directly. Go here for our new
whitepaper dedicated to Gateway Services For Netware with installation instructions. 
? Netware Client Software is Novell's solution to the whole mess and substitutes ODI(what
Netware uses) based network drivers for the NDIS ones that come with NT. This would be
used if you were connecting a few NT workstations or Win 95/98 machines to a Netware
network and did not want to use CSNW. This situation doesn't really apply to this exam,
but I included it just in case. 
--FRAME TYPES--
Once you have all of this figured out, you then need to worry about the frame type. If
mismatched frame types are used then communication will not happen. By default, NWLink
and GSNW will only allow you to connect to Netware 3.12, 4.1, 4.11, which use Ethernet
802.2 frame type. Auto-detection should work fine in this situation as NWLink also uses
802.2. Auto-detect is only capable of selecting one frame type so to connect to NetWare
3.11 or lower, you need to use manual configuration and select both frame types as these
lower versions of Netware use the Ethernet 802.3 frame type.
--MIGRATION TOOL--
NT has a file called NWCONV.EXE that is designed to aid in the event that you are moving
away from a Novell based network to an NT network. You must first set up GSNW as
described above. After running the conversion, you need to make sure that all of the
Netware workstations have the SMB redirectors installed so that they will be able to
access the NT server. 
OPTIMIZATION AND TUNING
--PERFORMANCE MONITOR--
Performance Monitor uses counters not only allows you to view statistics on a local NT
Server, but on others located on the network as well. Perfmon allows you to locate
trouble areas and bottlenecks on your NT Server. The main sources of these bottlenecks
are the network card and drivers, CPU, memory and the disk subsystem. These problems will
vary depending on whether your server is a file server or an application server. Perfmon
gives you several ways to handle your statistics as follows: 
? Report - view statistics. 
? Chart - good for finding problems over a period of time. 
? Log - used to view data over a period of time. 
? Alerts - Alerts can be configured so that you are notified when a particular counter
has passed a benchmark that you have set. The results can only be sent to one user. 
Following are how to tell where the problem is: 
? DISK - If the %disk time is over 90% or the disk queue length is over 2, then there is
a problem with either the disk or the controller. You must type DISKPERF -Y at a command
prompt to enable disk performance counters. 
? NETWORK CARD - Use the network/%network utilization counter. You won't be able to use
this unless you have the Network Monitor Agent installed and running. If this value is
over 30% then the network card is the problem. As previously mentioned, make sure that
you bind your most used protocols first. 
? CPU - Check the %processor time. If it is running above 80% then there is a problem. To
get TCP/IP statistics you will need to have SNMP running. 
? MEMORY - The pages/sec counter should be less than 20. The available bytes should be
more than 4mb and committed bytes should not exceed the amount of physical memory
installed in the computer. You will also want to use Performance Monitor to keep an eye
on your paging file(virtual memory) by using the %usage and %usage peak counters.
Microsoft recommends that the paging file is set to a value equal to the amount of RAM
+12. So if you had 32mb of RAM, your initial paging file size would be 44, but using
Perfmon and viewing the %usage and %usage peak counters is the best way to tell whether
it is cutting the mustard.
--MISC--
The Event Viewer is a configurable tool that keeps track of what happens on your server
and tracks 3 categories of information: System, Security and Application. The system log
will contain information about drivers and services that fail to start. The security log
will keep track of events that you enable in auditing. The Application log keeps track of
application errors and processes.
Task manager allows you to list and stop running programs, start programs, view CPU and
memory usage, view running processes and change their priority. 
REMOTE ACCESS SERVICE(RAS)
--GENERAL--
RAS is basically NT's dial up networking service that allows NT to dial out to other
computers and to receive calls as well. On the client side it is called Dial Up
Networking(DUN) which is not as robust as RAS. Essentially, RAS turns your
dial-up-communications into a network card. In NT 4.0 a new software layer called TAPI
has been added which allows software vendors to not have to provide support and worry
about the type of modem being used. TAPI handles this for them. RAS supports the SLIP and
PPP dialup protocols. PPP is most commonly used as it allows for dynamic addressing. RAS
supports modem, frame relay, direct serial, x.25 and ISDN connections. Additionally, RAS
has an option for multilink PPP that allows for connections to automatically be pooled.
By default RAS uses the NetBeui protocol but can also use TCP/IP and IPX/SPX. TCP/IP must
be used with programs that use Winsock. An LMHOSTS file on a RAS client can speed up
NetBios name resolution.
--LOGIN AUTHENTICATION--
RAS provides several different authentication possibilities as follows: 
? Allow any authentication including clear text -- Allows for a variety of password
authentication protocols including PAP. This is a good option if you have a variety of
RAS client types. 
? Require encrypted authentication -- Will allow any password authentication except for
PAP. 
? Require Microsoft encrypted authentication -- This will use CHAP(Challenge Handshake
Authentication Protocol) or MSCHAP and means that only Microsoft clients will be able to
attach. 
? Require data encryption -- Will require all data to be encrypted 
By default nobody is able to dial in to the RAS server. These permissions have to be set
in the Remote Access Service Administrator. Once this is done, there is a callback
security option that must be set. Callback security can be set so that the RAS server
will call back a user trying to login to verify that their phone number matches their
login ID and password. Not only does it provide security, but it can also save customers
money if they are dialing in long distance. There are 3 possible options: 
? No call back -- Default option that provides no added security. 
? Set by caller -- Once the user is validated, RAS will then call the user back. Provides
no additional security. 
? Preset to -- This optio