Download presentation
Presentation is loading. Please wait.
1
70-270, 70-290 MCSE/MCSA Guide to Installing and Managing Microsoft Windows XP Professional and Windows Server 2003 Chapter One Introduction to Windows and Networking
2
Guide to MCSE 70-270, 70-2902 Objectives Differentiate between the editions of Windows XP Professional Differentiate between the editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Explain Windows Server 2003 Active Directory concepts Install Active Directory on a domain controller
3
Guide to MCSE 70-270, 70-2903 The Microsoft Networking Family Collection of operating systems (OSs) –Work directly with hardware to provide environment in which other software operates Server: Computer that hosts resources for use by other systems on network Client: Typically systems on workers’ desks Application programming interface (API): Provides set of software routines enabling an application to access operating services on local and network computers
4
Guide to MCSE 70-270, 70-2904 Common Features in Windows XP and Windows Server 2003 Multiple Processors: –Multiprocessing: Capable of supporting multiple CPUs Multiple applications can run simultaneously Multitasking: Computer processes multiple tasks simultaneously –Preemptive multitasking: Windows maintains strict control over how long execution threads can take possession of CPU –Cooperative multitasking: Individual applications take control over CPU for as long as they like
5
Guide to MCSE 70-270, 70-2905 Common Features in Windows XP and Windows Server 2003 (continued) Multithreading: Individual tasks within a process space can operate more or less independently as threads –Thread: Minimal unit of code in an application or system that can be scheduled for execution –CPU can run only single thread at a time Process of switching between active threads is so fast that system appears to run programs simultaneously
6
Guide to MCSE 70-270, 70-2906 Common Features in Windows XP and Windows Server 2003 (continued) File Systems: Used to format volumes and partitions on hard drives –File allocation table (FAT): File system originally used by DOS –FAT32: Enhancement of FAT16 file system developed for Windows 95 OSR2 and included in Windows 98 –New Technology File System (NTFS): High- performance, secure, object-oriented file system first introduced in Windows NT NTFS version 5 preferred file system for Windows Server 2003 and Windows XP
7
Guide to MCSE 70-270, 70-2907 Windows XP Windows XP Professional: Ideal client OS for connecting to and interacting with a Windows 2000 Server or Windows Server 2003 domain Windows XP 64-Bit Edition: Specialized version of Windows XP Professional designed for the 64-bit Itanium 2 processor from Intel Windows XP Media Center Edition: Designed specifically for computers that serve as multimedia operation centers
8
Guide to MCSE 70-270, 70-2908 Windows XP (continued) Table 1-1: Windows XP Professional system requirements
9
Guide to MCSE 70-270, 70-2909 Windows XP (continued) Windows XP Tablet PC Edition: Designed specifically for use on tablet PCs –Improved speech and pen capabilities Windows XP Home Edition: Designed for standalone home use –Basically same as Windows XP Professional but does not support several business-level features
10
Guide to MCSE 70-270, 70-29010 Windows Server 2003 Editions: Standard Edition Designed to meet everyday needs of small to large businesses –Or to function as departmental server in larger environments –File and print services, secure Internet connectivity, and centralized management of network resources Supports up to four processors in symmetric multiprocessing (SMP) system Up to 4GB of RAM Lacks support for Itanium platform and clustering
11
Guide to MCSE 70-270, 70-29011 Windows Server 2003 Editions: Standard Edition (continued) Table 1-2: Windows Server 2003, Standard Edition, system requirements and feature support
12
Guide to MCSE 70-270, 70-29012 Windows Server 2003 Editions: Enterprise Edition Designed to meet needs of organizations that support higher-end applications –Up to eight processors –Provides clustering capabilities for up to eight nodes Link multiple systems so that they function as one –Non-Uniform Memory Access (NUMA) support for SMP computers –Supports Microsoft Metadirectory Services (MMS) –Includes Windows System Resource Manager (WSRM)
13
Guide to MCSE 70-270, 70-29013 Windows Server 2003 Editions: Enterprise Edition (continued) Table 1-3: Windows Server 2003, Enterprise Edition, system requirements and feature support
14
Guide to MCSE 70-270, 70-29014 Windows Server 2003 Editions: Datacenter Edition Designed for environments with mission-critical applications, very large databases, transaction- processing systems, and information access requiring highest possible degree of availability –Supports between 8 and 32 processors Can be obtained only from original equipment manufacturers (OEMs)
15
Guide to MCSE 70-270, 70-29015 Windows Server 2003 Editions: Datacenter Edition (continued) Table 1-4: Windows Server 2003, Datacenter Edition, system requirements and feature support
16
Guide to MCSE 70-270, 70-29016 Windows Server 2003 Editions: Web Edition Designed for hosting and deploying Web services and related applications –Supports up to two processors –Specifically optimized to run IIS 6.0 –Can’t be configured as a domain controller
17
Guide to MCSE 70-270, 70-29017 Windows Server 2003 Editions: Web Edition (continued) Table 1-5: Windows Server 2003, Web Edition, system requirements and feature support
18
Guide to MCSE 70-270, 70-29018 Activity 1-1: Determining the Windows Server 2003 Edition Installed on a Server Objective: Determine the edition of Windows Server 2003 installed on your server –Use System Properties dialog box
19
Guide to MCSE 70-270, 70-29019 Windows Networking Concepts Overview Two security models used in Windows network environments: –Workgroup model: Used by smaller organizations –Domain model: Used by larger organizations Three possible roles for Windows Server: –Standalone server –Member server –Domain controller
20
Guide to MCSE 70-270, 70-29020 Workgroups Logical group of computers characterized by decentralized security and administration model Security Accounts Manager (SAM) database: Used to perform authentication Users need unique user account configured on each workstation they log on to Should be used in networks with 10 or fewer client systems Does not explicitly require a server
21
Guide to MCSE 70-270, 70-29021 Workgroups (continued) Figure 1-2: The workgroup model
22
Guide to MCSE 70-270, 70-29022 Domains Logical group of computers characterized by centralized authentication and administration User, group, and computer accounts stored in centralized directory database –Active Directory –Domain controller: Computer(s) storing database –Users authenticated through domain controller Highly recommended in environments with more than 10 users or workstation Requires at least one server to be configured as domain controller
23
Guide to MCSE 70-270, 70-29023 Domains (continued) Figure 1-4: The domain model
24
Guide to MCSE 70-270, 70-29024 Domain Controllers Windows Server system configured to store copy of directory database Service user authentication requests or queries about domain objects –Primary domain controllers (PDCs) or backup domain controllers (BDCs) One PDC per domain –Holds master copy of domain database objects Servers promoted to role of domain controller using Active Directory Installation Wizard or Configure Your Server Wizard
25
Guide to MCSE 70-270, 70-29025 Member Servers Systems that have an account in a domain but not configured as domain controller –Used for wide variety of functions Including file, print, and application services –Commonly host network services e.g., Domain Name Service (DNS) and Routing and Remote Access Service (RRAS)
26
Guide to MCSE 70-270, 70-29026 Activity 1-2: Determining the Domain or Workgroup Membership of a Windows Server 2003 System Objective: Determine the domain or workgroup membership of a Windows Server 2003 system –Use System Properties dialog box
27
Guide to MCSE 70-270, 70-29027 Computer Accounts Computers running Windows NT, Windows 2000, Windows XP, or Windows Server 2003 assigned computer accounts as part of joining a domain –Provides method for authenticating computers that are members of a domain and auditing access to network resources In Active Directory, computer accounts represented as computer objects –Can be viewed using administrative tools Such as Active Directory Users and Computers
28
Guide to MCSE 70-270, 70-29028 Introduction to Windows Server 2003 Active Directory Directory service: Provides central means of storing, managing, and accessing information about network objects belonging to domain(s) Active Directory: Native directory service included with Windows Server 2003 –Central point for storing, organizing, managing, and controlling network objects –Single point of administration of objects and Active Directory published resources –Logon and authentication services for users –Delegation of administration
29
Guide to MCSE 70-270, 70-29029 Active Directory Time Synchronization When change transaction made to an Active Directory domain controller, it is time stamped and sent to other domain controllers –Domain controllers must synchronize internal clocks Network Time Protocol (NTP)
30
Guide to MCSE 70-270, 70-29030 Domain Name Services Active Directory uses Domain Name Service (DNS) to maintain domain-naming structures and locate network resources –Active Directory names must follow standard DNS naming conventions
31
Guide to MCSE 70-270, 70-29031 Active Directory Objects Object: Represents network resources –i.e., users, groups, computers, and printers When object created in Active Directory, attributes assigned to supply information about object Can perform search of specific attributes related to objects
32
Guide to MCSE 70-270, 70-29032 Active Directory Objects (continued) Figure 1-6: Creating a new user object
33
Guide to MCSE 70-270, 70-29033 Active Directory Schema Defines objects and attributes for entire Active Directory structure –One schema for an Active Directory implementation Replicated among all domain controllers on network Consists of two main definitions: –Object classes: Types of objects able to be created –Attributes: Describe the object Created and stored separately in schema Can be used with multiple object classes
34
Guide to MCSE 70-270, 70-29034 Active Directory Logical Structure and Components Logical components that make up an Active Directory structure: –Domains and organizational units –Trees and forests –Global catalog
35
Guide to MCSE 70-270, 70-29035 Domains and Organizational Units Organizational unit (OU): Logical container for organizing objects in a single domain –Store users, groups, computers, and other OUs –Easier to locate and manage Active Directory objects –Ability to apply group policy settings to define more advanced features –Ability to delegate administrative control over OUs
36
Guide to MCSE 70-270, 70-29036 Domains and Organizational Units (continued) Figure 1-8: An Active Directory domain and OU structure
37
Guide to MCSE 70-270, 70-29037 Trees and Forests May need multiple domains within network Forest root domain: First Active Directory domain created in an organization –When multiple domains needed, connected to forest root to form single tree or multiple trees Tree: Hierarchical collection of domains –Share contiguous DNS namespace Transitive trust: All trusted domains implicitly trust one another Forest: Collection of trees that do not share contiguous DNS naming structure
38
Guide to MCSE 70-270, 70-29038 Trees and Forests (continued) Figure 1-9: The Dovercorp.net domain tree
39
Guide to MCSE 70-270, 70-29039 Trees and Forests (continued) Figure 1-10: Creating an Active Directory forest
40
Guide to MCSE 70-270, 70-29040 Global Catalog Index and partial replica of objects and attributes most often used throughout the Active Directory structure Used primarily to: –Enable users to find Active Directory information –Provide universal group membership information for logging on to network –Supply authentication services when users from other domains log on with User Principal Name (UPN) –Respond to directory lookup requests
41
Guide to MCSE 70-270, 70-29041 Active Directory Communication Standards Lightweight Directory Access Protocol (LDAP): Used to query or update Active Directory database directly –Follows specific naming convention Distinguished name: Unique for every object –Domain component (DC) –Common name (CN) Relative distinguished name (RDN): Portion of DN that uniquely identifies the object in the container
42
Guide to MCSE 70-270, 70-29042 Active Directory Physical Structure Relates to actual connectivity of physical network –Must ensure that modifications to Active Directory database replicated quickly between domain controllers –Must design topology so that replication doesn’t saturate available network bandwidth Active Directory site: Combination of one or more Internet Protocol (IP) subnets linked by high-speed connection Site link: Configurable object –Represents connection between sites
43
Guide to MCSE 70-270, 70-29043 Active Directory Physical Structure (continued) Figure 1-11: The site structure of Dovercorp.net
44
Guide to MCSE 70-270, 70-29044 Setting Up Active Directory: Plan the Domain Structure Define domains needed –Reasons for implementing multiple domains: Delegation of administrative tasks Geographical location Security High number of objects When a Windows Server 2003 computer promoted to domain controller, given options to add server to existing domain or to create new domain
45
Guide to MCSE 70-270, 70-29045 Setting Up Active Directory: Plan the Domain Structure (continued) Figure 1-12: Options for creating a new domain
46
Guide to MCSE 70-270, 70-29046 Setting Up Active Directory: Plan the Namespace Active Directory uses hierarchical domain-based name structure to locate network computers Active Directory uses NetBIOS names for backward compatibility with older systems –NetBIOS names not based on hierarchical system of domains Public namespace: Allows users to access network resources from any location Private namespace: Contained only on internal DNS servers
47
Guide to MCSE 70-270, 70-29047 Setting Up Active Directory: Plan the Namespace (continued) Figure 1-13: Configure TCP/IP settings for an Active Directory domain controller
48
Guide to MCSE 70-270, 70-29048 Activity 1-3: Configuring TCP/IP on a Windows Server 2003 Computer Objective: Configure the IP address of DNS on a Windows Server 2003 computer –Via network connections properties
49
Guide to MCSE 70-270, 70-29049 Installing Active Directory Installation of Active Directory performed by promoting one or more servers to domain controllers –Should select most capable server as first domain controller –Servers to be promoted should be assigned fixed IP addresses and appropriate names Promotion involves using Dcpromo to install Active Directory service on computer
50
Guide to MCSE 70-270, 70-29050 Activity 1-4: Installing Active Directory Objective: Use Dcpromo to install Active Directory and DNS on your Windows Server 2003 computer –Promoting first server on network to a domain controller installs Active Directory service on the selected server and creates the Active Directory forest root for the network
51
Guide to MCSE 70-270, 70-29051 Summary Windows Server 2003 and Windows XP Professional offer a distinct operating environment The Windows XP family of operating systems is available in several editions Windows Server 2003 is available in four editions A workgroup model is characterized by decentralized authentication and administration A domain model provides centralized authentication and administration
52
Guide to MCSE 70-270, 70-29052 Summary (continued) Active Directory is the native directory service for Windows Server 2003 operating systems The logical components of Active Directory include domains, organizational units, trees, forests, and the global catalog The physical components of Active Directory include domain controllers and sites The process of promoting a Windows Server 2003 system to a domain controller involves using Dcpromo to install Active Directory services on the server
53
Guide to MCSE 70-270, 70-29053 Summary (continued) Although Active Directory uses both DNS and NetBIOS to name domains, DNS is the primary naming system Before promoting a server to an Active Directory domain controller, you should plan the domain and namespace structure and identify the DNS server to be used
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.