Showing posts with label MCP 70-270. Show all posts
Showing posts with label MCP 70-270. Show all posts

Saturday, August 1, 2009

restoring data by using the restore wizard

  1. select start - programs - accessories - system tools - backup
  2. in the backup dialog box, click the restore wizard button
  3. the restore wizard starts, click next
  4. in the what to restore screen, select the check boxes next to the drives, files, or folders you want to restore. click next.

scheduling a backup

  1. select start - programs - accessories - system tools - backup
  2. in the backup dialog box, click schedule jobs tab
  3. the schedule jobs tab appears, notice that no jobs appear yet on the schedule. if you have already schedule jobs, you can view them on this schedule. to add a job to the schedule, click add job
  4. the backup wizard starts. follow the instructions presented on screen to schedule one or more periodic backups.
  5. once you have schedule one or more backups, these jobs appear on the schedule jobs tab, close backup.

perform a backup by using the backup wizard

  1. select start - programs - accessories - system tools - backup
  2. the backup dialog box appears, notice the three buttons in this dialog box: backup wizard, restore wizard, and emergency repair disk. click button next to backup wizard.
  3. the backup wizard starts, click next

selecting the type of backup operation

the backup utility provides five types of backup operations that define what data is backed up, such as only those files that have changed since the last backup.

some backup types use backup markers also known as archive attributes, which mark file as having changed. when file changes, an attribute is set on the file that indicates that the file has changed since the last backup. when you backup the file, this clears or resets the attributes.

Normal

during a normal backup, all selected files and folders are backed up. a normal backup does not rely on markers to determine which files to backup. during a normal backup any existing marks are cleared and each file is marked as having been backed up. normal backups spped up the restore process because the backup files are the most current and you do not need to restore multiple backup jobs.

Copy

during a copy backup, all selected files and folders are backed up. it neither looks for no clears markers. if you do not want to clear markers and effect other backup types, use a copy backup, for example use a copy backup between a normal and an incremental backup to create an archival snapshot of network data.

Incremental

during incremental backup, only selected files and folders that have a marker are backed up, and then the backup clears markers. because an incremental backup clears markers, if you did two consecutive incremental backups on a file and nothing changed in the file, the file would not be backed up the second time.

Differential

during a differential backup, only selected files and folders that have a marker are backed up, but the backup does not clear markers. because a differential backup does not clear markers, if you did two consecutive differential backups on a file and nothing changed in the file, the entire file would be backed up each time.

Daily

during a daily backup, all selected files and folders that have changed during the day are backed up. this backup neither looks for nor clears markers. if you want to backup all files and folders that change during the day, use daily backup.

System state data

system state data includes various critical operating system files, folders and databases. for all windows 2003 computers, system state data includes the operating system boot files, the registry, and the COM+ class registration database. on a windows 2003 server computer that has certificate services installed, system state data also includes the certificate serivces database.

finally on a windows 2003 server that is a domain controller, system state data also includes the active directory data store and the contents of the SYSVOL folder.

The archive attribute

the archive attribute is a marker that the operating system automatically assigns to all files and folders when they are first installed created. depending on the backup type, backup programs remove the archive attribute from a file or folder to indicate that the file or folder has been backed up. if a file or folder is modified after it is backed up, the operating system reassigns the archive attribute to it.

Using backup to perform a backup

windows 2003 ships with a backup program called backup. backup is a basic tape backup program that gives you full capability to backup and restore a windows 2003 computer, including user data on local and network drives, and system state data on the local computer.

introducing the backup utility in windows xp

windows xp professional provides backup or restore wizard, which allows you to easily backup data. to access the backup or restore wizard, on the start menu, point to all programs, point to accessories, point to system tools, and then click backup.alternatively on the start menu you can click run and type ntbackup and then click ok. you can use the backup or restore wizard to backup data manually or to shedule unattended backup jobs on a regular basis. you can backup data to a file or to a tape. files can be stored on hard disks, removable disks (such as Iomega Zip and Jaz drives), and recordable compact disks and optical drives.

after open backup and restore wizard page, click next. the backup or restore page allows you to specify whether you want to backup files and settings or restore files and settings.

to successfully backup and restore data on a computer running windows xp professional, you must have appropriate permissions and user rights, as described below.

  • all users can backup their own files and folders. they can also backup files for which they have the read, read and execute, modify, or full control permission.
  • all users can restore files and folders for which they have the write, modify, or full control permission.
  • members of the administrators and backup operators groups can backup and restore all files (regardless of the assigned permissions) by default.members of these groups have the backup files and directories and restore files and directories user rights.

Friday, July 31, 2009

changing the location of the spool folder

the spool folder is used by the windows 2003 print spooler service as a temporary storage are for print jobs waiting to be sent to a print device. the default location for the spool folder is
systemroot\system32\spool\printers.

configuring printer permissions

printer permissions are specially allowed or denied to individual users and groups. by default, the print permissions is allowed to the everyone group. user and group printer permission are additive, and typically the least restrictive combination of printer permissions applies.

an exception oto this rule occurs when a user or group is specifically denied a printer permission. if a user is denied a printer permission, or any group the user is a member of is denied printer permission, then the suer is denied that printer permission. a denied permission always overrides a corresponding allowed permission.

printer permissions are set on a printer-by-printer basis. these permissions apply both when the printer is accessed over the network and when the printer is accessed from the local computer.

printer permissions, descriptions and functionality

print - a user with this permission can connect to the printer and send print jobs to the printer. by default the print permissions is assigned to the everyone group.

manage document - a user with this permission can pause, resume, restart and delete print jobs sent to the printer, by default members of the creator owner group are assigned the management documents printer permissions. this enables users who create print jobs to manage their own print jobs.

manage printers - a user with this permission can perform all tasks included in the print permissions. in addition, the user can pause, restart, and share the printer, can change spooler settings, can assign printer permissions (including the manage documents permission) and can change the printer's properties.

setting printer priorities

another technique you can use to help manage the flow of print jobs on your windows 2003 network is setting printer priorities. when more than one printer sends print jobs to the same print device , setting printer priorities may be useful.

if two printers are configured to use the same print device, and you configure one of these printers to have a higher priority than the other printer.then all print jobs from the higher priority printer will be sent to the print device before any print jobs from the lower priority printer are sent.

the highest printer priority is 99, and the lowest printer priority is 1. all printers have a priority of 1 by default.

scheduling printers

scheduling printers is a technique you can use to help manage the flow of print jobs on your windows 2003 network. scheduling a printer means assigning the hours a specific print device available for use by a specific printer.

when scheduling a printer the hours of availability apply only to the print device, not to the printer. this means that users can print to the printer at any time during the day. and the printer then spools the jobs to the hard disk. however the print jobs are sent to the print device only during the print device's hours of availability.

so why should you want to schedule a printer? well, suppose that you are the administrator for a small network that has 20 windows computers. the owner of the company recently brought a laser print device for network printing, and doesn't want to spend any more money on print devices. one of the employees occasionally generates a print jobs that is 500 to 600 pages long. this report ties up the one available print device for a long time, frustrating other employees. the large reports are for archival and reference purposes, and are not needed immediately.

you solve the problem by scheduling printers. first you create second printer that prints to the laser print device.the you schedule the new printer so that it only sends print jobs to the print devices during non business hours. you instruct the employee who creates the large print jobs to use the new printer for large print jobs. the result is that the employee can generates large print jobs at any time without inconveniencing other employees. the large print jobs are spooled to the hard disk, and then sent to the print device during non business hours.

configuring printer pools

when a printer has a multiple ports (and multiple print devices) assigned to it, this is called a printer pool. users print to a single printer, and the printer load balances its print jobs between the print devices assigned to it.

a printer pool is a useful tool when both of the following criteria met
  • all print devices assigned to the printer use the same print device driver. (usually this means that identical print devices are used)
  • all print devices assigned to the printer pool are located physically close to each other.

managing printing

printing terminology

printer

a printer is the software interface between the windows 2003 operating system and the device that produces the printed output.windows 2003 calls a printer as a combination of a print queue (or print spooler) plus a driver for the device that produces printed output.

print device

in windows 2003 the term print device (or printing device) refers to the physical device that produces printed output - what is more commenly referred to as a " printer "

auditing and connecting to printers

there are two types of printers you can add
  • local printers
  • network printers
adding a printer on a remote computer
  • start windows explorer (select start - programms - accessories - windows - explorer)
  • in the left pane, click the + next to my network places. click the + next to entire network. click the + next to microsoft windows network. click the + next to the domain or workgroup that contains the computer on which you want to add a printer. click the + next tothe computer on which you want to add a printer.highlight the printers folder.
  • the contents of the printers folder on the remote computer appear in the right pane. to start the add printer wizard on the remote computer, double click add printer. follow the instruction presented earlier in this chapter to add a printer.
connecting to internet printers

an internet printer is a printer that is published (made available) on a web server for the purpose of making the printer available to client computers on the internet, client computers on your company's intranet or both.

you can access internet printers on a windows 2003 computer at http://server_name /printers

Tuesday, July 14, 2009

testing a TCP/IP configuration

after configuring TCP/IP and restarting the computer, you should use ipconfig and ping command prompts tools to test the configuration and connections to other TCP/IP hosts and networks. such testing helps ensure that TCP/IP is functioning properly.

using ipconfig

you use the ipconfig tool to verify the TCP/IP configuration parameters on a host. this helps to determine whether the configuration is initialized or if a duplicate IP address exists. use the ipconfig tool with the /all switch to verify configuration information.

using ping

the ping tool is a diagnose tool that you can use to test TCP/IP configurations and diagnose connection failures. after you have verified the TCP/IP configuration, use the ping tool to determine whether a particular TCP/IP host is available and funtional. to test connectivity use the ping tool with the following syntax in command prompt:
  1. first go to the command prompt.
  2. then type ipconfig or ipconfig /all and press enter.
  3. then type ping 127.0.0.1 (loopback address) to check loopback working properly.
  4. then use ping ip address of the computer (eg: ping 192.168.0.10) to check NIC (network interface card) working properly.
  5. then use ping command to ip address of default gateway (router) to check connectivity to gateway.
  6. then use ping address of the remote host (this can be pc in the network or internet) to check network working properly.

using automatic private ip addressing (APIPA)

the windows xp professional implementation of TCP/IP supports automatic assignment of IP address for simple LAN -based network configurations. this addressing mechanism is an extension of dynamic IP address assignment for LAN adaptors, enabling configuration of IP address without using static IP address assignment or installing the DCHP service. automatic private IP addressing is enabled by default in windows xp professional so that home users and small business users can create a funtioning, single subnet, TCP/IP based network without having to configure the TCP/IP protocol manually or set up a DHCP server.

the process for the automatic private IP addressing feature
  • windows xp professional TCP/IP attempts to find a DHCP server on the attached network to obtain a dynamically assigned IP adrress.
  • in the absence of a DHCP server during startup (for example, if the server is down for maintanance or repairs) the client cannot obtain an IP address.
  • automatic private IP addressing generates an IP address in the form of 169.254.x.y (where x.y is the client,s unique identifier) and a subnet mask of 255.255.0.0 .

obtaining an ip address automatically

if a server running the DHCP service is available on the network, it can automatically assign TCP/IP configuration information to the DCHP client, you can configure any clients running windows xp professional, windows 95, and windows 98 to obtain TCP/IP configuration information automatically from the DHCP service. this can simplify administration and ensure correct configuration information.

you can use the DHCP service to provide clients with TCP/IP configuration information automatically. however you must configure a computer as a DHCP client before it can interact with the DHCP service.

using a static IP address

by default client computers, for example those running windows xp professional, windows 2000, windows ME, windows NT, microsoft windows 98, or microsoft windows 95 obtain TCP/IP configuration information automatically from the DHCP service. however even in DHCP enabled environment you should assign a static IP address to selected network computers. for example, the computer running DHCP service cannot be a DHCP client, so it must have a static IP address. if the DHCP service is not available you can also configure TCP/IP to use static IP address. for each network adaptor card that uses TCP/IP in a computer, you can configure an IP address, subnet mask and default gateway.

understanding ip addresses

each IP address consists of a network ID and a host ID. the network ID, also known as the network address, identifies the systems that are located on the same physical network. all computers in the same physical network must have the same network ID, and the network ID must be unique to the internetwork. the host ID, also known as the host address, identifies each TCP/IP host within a network.

IP addresses are logical 32-bit numbers that are broken down into four 8 bit fields known as octets. microsoft TCP/IP supports class A, B and C addresses. the class addresses define which bits are used for network ID and which bits are used for the host ID.

Class A

the first network ID is 1.0.0.0 and the last is 126.0.0.0 , this allows for 126 networks and 16,777,214 hosts per network. the class A adress 127.x.x.x is reserved for loopback testing and interprocess communications on the local computer. for class A addresses, the network ID is laways the first octet in the address and the host ID is the last three octets.

Class B

the first network ID is 128.0.0.0 and the last is 191.255.0.0 , this allows for 16,384 networks and 65,534 hosts per network. for class B addresses the network ID is always the first two octets in the address and host ID is the last two octets.

Class C

the first network ID is 192.0.0.0 and the last is 223.255.255.0 , this allows for 2,097,152 networks and 254 hosts per network. for class C addresses, the network ID is always the first three octets in the address and the host ID is the last octet.

options for configuring a static TCP/IP address

IP address - a logical 32-bit address that identifies a TCP/IP host. each network adpter card in a computer running TCP/IP require a unique IP address, such as 192.168.0.108 , each address has two parts: a network ID, which identifies all hosts on the same physical network, and a host ID which identifies a host on the network. in this example the network ID is 192.168.0 and the host ID is 108.

subnet mask - subnets divide a large network into multiple physical networks connected with routers.a subnet mask blocks out part of the IP address so that TCP/IP can distinguish the network ID from the host ID. when TCP/IP hosts try to communicate, the subnet mask determine whether the destination host is on a local or remote network. to communicate on a local network, computers must have the same subnet mask.

default gateway - the intermediate device on a local network that stores network ID,s of other networks in the enterprise or internet. to communicate with a host on another network, configure an IP address for the default gateway. TCP/IP sends packets for remote networks to the default gateway (if no other route is configured) which then forwards the packets to other gateways until the packet is delivered to a gateway connected to specified destination.

Saturday, July 11, 2009

understanding local groups

a local group is a collection of user accounts on a computer. use local groups to assign permissions to resources residing on the computer on which the local group is created. windows xp professional creates local groups in the local security database.

preparing to use local groups

guidelines for using local groups include the following
  • use local groups on computers that do not belong to a domain
you can use local groups only on the computer on which you create them. although local groups are available on member servers and domain computers running windows 2000 server, do not use local groups on computers that are part of a domain. using local groups on domain computers prevents you from centralizing group administration. local groups do not appear in the active directory service, and you must administer them separately for each computers.
  • you can assign permissions to local groups to access only the resources on the computer on which you create the local groups.
note - you cannot create local groups on domain controllers because domain controllers cannot have a security database that is independent of the database in active directory.

membership rules for local groups include following
  • local groups can contain local user accounts from the computer on which you create the local groups.
  • local groups cannot belong to any other group.

understanding groups

a group is a collection of user accounts. groups simplify administration by allowing you to assign permissions and rights to a group of users rather than to each user account individually.
  • groups are collection of user accounts
  • members receive permissions given to groups
  • users can be members of multiple groups
  • groups can be members of other groups
permissions control what users can do with a resource such as a folder, file or printer. when you assign permissions, you allow users to gain access to a resource and you define the type of access that they have. fro example, if several users need to read the same file, you can add their user accounts to a group and then give the group permission to read file. rights allow users to perform system tasks, such as changing the time on a computer and backing up or restoring files.

password requirenments

to protect access to the computer, every user account should have a password. consider the following guidelines for passwords.
  • always assign a password to the administrator account to prevent unauthorized access to the account.
  • determine whether the administrator or the users will control passwords. you can assign unique passwords to user accounts and prevent users from changing them, or you can allow users to enter their own passwords the first time they log on. in most cases users should control their passwords.
  • use passwords that are hard to guess. for example avoid using passwords with an obvious association, such as a family members name.
  • passwords can contain up to 128 characters, a minimum length of 8 characters is recommend.
  • include both uppercase and lowercase letters (unlike user names, user passwords are case sensitive) numerals and the valid non-alphanumeric characters.

naming conventions

a naming convention is an organizations established standard for identified users in the domain. following a consistent naming convention helps administrators and users remember logon names. it also makes it easier for administrators to locate specific user accounts to add them to groups or perform account administration.

naming convention guidelines
  • create unique user logon names - local user account names must be unique on the computer on which you create the local account. user logon names for domain user accounts must be unique to the directory.
  • use a maximum of 20 characters -user account names can contain up to 20 uppercase or lowercase characters. the field accepts more than 20 characters, but windows xp professional recognizes only the first 20
  • remember that user logon names are not case sensitive - you can use combination of special and alphanumeric characters to establish unique user accounts. user logon names are not case sensitive, but windows xp professional preserves the case for display purposes.
  • avoid characters that are not valid -the following characters are not valid: " / \ [ ] : ; | - , + * ? < >
  • accommodate employees with duplicate names - if two users have the same name, you could create a user logon name consisting of the first name, the last initial and additional letters from the last name to differentiate the users. for example if two user are named john evans, you could create one user account logon as johne and the other as johnev. you could also number each user logon name-for example, johne 1 and johne 2.
  • identify the type of employee - some organizations prefer to identify temporary employees in their user accounts. you could add a T and a dash front of the users logon name (T-johne) or use parenthecs at the end- for example, johne(temp)
  • rename the administrator and guest built-in user accounts - you should rename the administrator and guest accounts to provide greater security.