Search Ebook here:

The Best Damn Windows Server 2003 Book Period


Author: Debra Littlejohn ShinderThomas W Shinder

Publisher: Syngress

Publish Date: 18th June 2004

ISBN-13: 9780080476070

Pages: 1000

Language: English



In keeping with past trends, full migration to this latest Microsoft Server Operating System will begin in earnest 12 months after its release, in mid-to-late 2004. This book will hit the market just as large enterprises begin the process of moving from Windows 2000 Server to Windows Server 2003. The title says everything you need to know about this book. No other book on the market combines this breadth and depth of coverage with the kind of product expertise and quality standard expected from Syngress. Every aspect of Planning, Installing, Configuring and Troubleshooting a Windows Server 2003 network is distilled and documented, with plenty of examples and illustrations. An unlike its competition, this is a book that was written from the ground up for Windows Server 2003.

Table of Contents

Foreword Chapter 1 Overview of Windows Server 2003 Introduction Windows XP/Server 2003 What’s New in Windows Server 2003? New Features The Windows Server 2003 Family Why Four Different Editions? Members of the Family Licensing Issues Product Activation Installation and Upgrade Issues Common Installation Issues Common Upgrade Issues Windows Server 2003 Planning Tools and Documentation Overview of Network Infrastructure Planning Planning Strategies Using Planning Tools Reviewing Legal and Regulatory Considerations Calculating TCO Developing a Windows Server 2003 Test Network Environment Planning the Test Network Documenting the Planning and Network Design Process Creating the Planning and Design Document Chapter 2 Using Server Management Tools Introduction Recognizing Types of Management Tools Administrative Tools Menu Custom MMC Snap-Ins Command-Line Utilities Wizards Windows Resource Kit The Run As command Managing Your Server Remotely Remote Assistance Using Web Interface for Remote Administration Remote Desktop for Administration Administration Tools Pack (adminpak.msi) Windows Management Instrumentation (WMI) Using Computer Management to Manage a Remote Computer Which Tool To Use? Using Emergency Management Services Managing Printers and Print Queues Using the Graphical Interface Using New Command-Line Tools The Printer Spooler Service The Internet Printing Protocol Using the Graphical Interface Using New Command-Line Utilities Using Wizards to Configure and Manage Your Server Using the Configure Your Server Wizard and Manage Your Server Chapter 3 Planning Server Roles and Server Security Introduction Understanding Server Roles Domain Controllers (Authentication Servers) File and Print Servers DHCP, DNS, and WINS Servers Web Servers Database Servers Mail Servers Certificate Authorities Application Servers and Terminal Servers Planning a Server Security Strategy Choosing the Operating System Identifying Minimum Security Requirements for Your Organization Identifying Configurations to Satisfy Security Requirements Planning Baseline Security Customizing Server Security Securing Servers According to Server Roles Chapter 4 Security Templates and Software Updates Introduction Security Templates Types of Security Templates Network Security Settings Analyzing Baseline Security Applying Security Templates Software Updates Install and Configure Software Update Infrastructure Install and Configure Automatic Client Update Settings Supporting Legacy Clients Testing Software Updates Chapter 5 Managing Physical and Logical Disks Introduction Working with Microsoft Disk Technologies Using Disk Management Tools Using the Disk Management MMC Using the Command-Line Utilities Managing Physical and Logical Disks Managing Basic Disks Managing Dynamic Disks Optimizing Disk Performance Defragmenting Volumes and Partitions Configuring and Monitoring Disk Quotas Implementing RAID Solutions Understanding and Using Remote Storage What is Remote Storage? Storage Levels Relationship of Remote Storage and Removable Storage Setting Up Remote Storage Troubleshooting Disks and Volumes Troubleshooting Basic Disks Troubleshooting Dynamic Volumes Troubleshooting Fragmentation Problems Troubleshooting Disk Quotas Troubleshooting Remote Storage Troubleshooting RAID Chapter 6 Implementing Windows Cluster Services and Network Load Balancing Introduction Making Server Clustering Part of Your High-Availability Plan Terminology and Concepts Cluster Models Server Cluster Deployment Options Server Cluster Administration Recovering from Cluster Node Failure Server Clustering Best Practices Making Network Load Balancing Part of Your High-Availability Plan Terminology and Concepts Relationship of NLB to Clustering Managing NLB Clusters Monitoring NLB NLB Best Practices Chapter 7 Planning, Implementing, and Maintaining a High-Availability Strategy Introduction Understanding Performance Bottlenecks Identifying System Bottlenecks Using the System Monitor Tool to Monitor Servers Using Event Viewer to Monitor Servers Using Service Logs to Monitor Servers Planning a Backup and Recovery Strategy Understanding Windows Backup Using Backup Tools Selecting Backup Media Scheduling Backups Restoring from Backup Planning System Recovery with ASR What Is ASR? How ASR Works Alternatives to ASR Using the ASR Wizard Performing an ASR Restore Planning for Fault Tolerance Network Fault-Tolerance Solutions Internet Fault-Tolerance Solutions Disk Fault-Tolerance Solutions Server Fault-Tolerance Solutions Chapter 8 Monitoring and Troubleshooting Network Activity Introduction Using Network Monitor Installing Network Monitor Basic Configuration Network Monitor Default Settings Configuring Monitoring Filters Configuring Display Filters Interpreting a Trace Monitoring and Troubleshooting Internet Connectivity NAT Logging Name Resolution IP Addressing Monitoring IPSec Connections IPSec Monitor Console Network Monitor Netsh Ipseccmd Netdiag Event Viewer Chapter 9 Active Directory Infrastructure Overview Introduction Introducing Directory Services Terminology and Concepts Understanding How Active Directory Works Directory Structure Overview Sites Domains Domain Trees Forests Organizational Units Active Directory Components Logical vs. Physical Components Using Active Directory Administrative Tools Graphical Administrative Tools/MMCs Command-Line Tools Implementing Active Directory Security and Access Control Access Control in Active Directory Active Directory Authentication Standards and Protocols What’s New in Windows Server 2003 Active Directory? New Features Available Only with Windows Server 2003 Domain/Forest Functionality Chapter 10 Working with User, Group, and Computer Accounts Introduction Understanding Active Directory Security Principal Accounts Security Principals and Security Identifiers Naming Conventions and Limitations Working with Active Directory User Accounts Built-In Domain User Accounts InetOrgPerson Creating User Accounts Managing User Accounts Working with Active Directory Group Accounts Group Types Group Scopes in Active Directory Built-In Group Accounts Creating Group Accounts Managing Group Accounts Working with Active Directory Computer Accounts Creating Computer Accounts Managing Computer Accounts Managing Multiple Accounts Implementing User Principal Name Suffixes Moving Account Objects in Active Directory Troubleshooting Problems with Accounts Chapter 11 Creating User and Group Strategies Introduction Creating a Password Policy for Domain Users Creating an Extensive Defense Model Defining a Password Policy Creating User Authentication Strategies Need for Authentication Single Sign-On Authentication Types Kerberos Secure Sockets Layer/Transport Layer Security NT LAN Manager Digest Authentication Passport Authentication Educating Users Smart Card Authentication Planning a Security Group Strategy Security Group Best Practices Chapter 12 Working with Forests and Domains Introduction Understanding Forest and Domain Functionality The Role of the Forest Domain Trees Forest and Domain Functional Levels Raising the Functional Level of a Domain and Forest Creating the Forest and Domain Structure Deciding When to Create a New DC Installing Domain Controllers Establishing Trust Relationships Restructuring the Forest and Renaming Domains Implementing DNS in the Active Directory Network Environment DNS and Active Directory Namespaces DNS Zones and Active Directory Integration Configuring DNS Servers for Use with Active Directory Securing Your DNS Deployment Chapter 13 Working with Trusts and Organizational Units Introduction Working with Active Directory Trusts Types of Trust Relationships Creating,Verifying, and Removing Trusts Securing Trusts Using SID Filtering Understanding the Role of Container Objects Creating and Managing Organizational Units Planning an OU Structure and Strategy for Your Organization Delegation Requirements Security Group Hierarchy Chapter 14 Working with Active Directory Sites Introduction Understanding the Role of Sites Replication Authentication Distribution of Services Information Relationship of Sites to Other Active Directory Components Relationship of Sites and Domains The Relationship of Sites and Subnets Creating Sites and Site Links Site Planning Site Replication Planning, Creating, and Managing the Replication Topology Configuring Replication between Sites Troubleshooting Replication Failure Chapter 15 Working with Domain Controllers Introduction Planning and Deploying Domain Controllers Understanding Server Roles Function of Domain Controllers Determining the Number of Domain Controllers Using the Active Directory Installation Wizard Creating Additional Domain Controllers Upgrading Domain Controllers to Windows Server 2003 Placing Domain Controllers within Sites Backing Up Domain Controllers Restoring Domain Controllers Managing Operations Masters Chapter 16 Working with Global Catalog Servers and Schema Introduction Working with the Global Catalog and GC Servers Functions of the GC Customizing the GC Using the Schema MMC Snap-In Creating and Managing GC Servers Understanding GC Replication Placing GC Servers within Sites Troubleshooting GC Issues Working with the Active Directory Schema Understanding Schema Components Working with the Schema MMC Snap-In Modifying and Extending the Schema Deactivating Schema Classes and Attributes Troubleshooting Schema Issues Chapter 17 Working with Group Policy in an Active Directory Environment Introduction Understanding Group Policy Terminology and Concepts Group Policy Integration in Active Directory Group Policy Propagation and Replication Planning a Group Policy Strategy Using RSoP Planning Mode Strategy for Configuring the User Environment Strategy for Configuring the Computer Environment Implementing Group Policy The Group Policy Object Editor MMC Creating, Configuring, and Managing GPOs Configuring Application of Group Policy Delegating Administrative Control Verifying Group Policy Performing Group Policy Administrative Tasks Automatically Enrolling User and Computer Certificates Redirecting Folders Configuring User and Computer Security Settings Using Software Restriction Policies Applying Group Policy Best Practices Troubleshooting Group Policy Using RSoP Using gpresult.exe Chapter 18 Deploying Software via Group Policy Introduction Understanding Group Policy Software Installation Terminology and Concepts Group Policy Software Installation Concepts Group Policy Software Installation Components Using Group Policy Software Installation to Deploy Applications Preparing for Group Policy Software Installation Using .zap Setup Files Working with the GPO Editor Opening or Creating a GPO for Software Deployment Assigning and Publishing Applications Configuring Software Installation Properties Upgrading Applications Removing Managed Applications Managing Application Properties Categorizing Applications Adding and Removing Modifications for Application Packages Troubleshooting Software Deployment Verbose Logging Software Installation Diagnostics Tool Chapter 19 Ensuring Active Directory Availability Introduction Understanding Active Directory Availability Issues The Active Directory Database Data Modification to the Active Directory Database The Tombstone and Garbage Collection Processes System State Data Fault Tolerance and Performance Performing Active Directory Maintenance Tasks Defragmenting the Database Moving the Database or Log Files Monitoring the Database Backing Up and Restoring Active Directory Backing Up Active Directory Restoring Active Directory Troubleshooting Active Directory Availability Setting Logging Levels for Additional Detail Using Ntdsutil Command Options Changing the Directory Services Restore Mode Password Chapter 20 Planning, Implementing, and Maintaining a Name Resolution Strategy Introduction Planning for Host Name Resolution Designing a DNS Namespace Planning DNS Server Deployment Planning for Zone Replication Planning for Forwarding DNS/DHCP Interaction Windows Server 2003 DNS Interoperability DNS Security Issues Monitoring DNS Servers Planning for NetBIOS Name Resolution Understanding NETBIOS Naming Planning WINS Server Deployment Planning for WINS Replication WINS Issues Troubleshooting Name Resolution Issues Troubleshooting Host Name Resolution Troubleshooting NetBIOS Name Resolution Chapter 21 Planning, Implementing, and Maintaining the TCP/IP Infrastructure Introduction Understanding Windows 2003 Server Network Protocols What’s New in TCP/IP for Windows Server 2003 Planning an IP Addressing Strategy Analyzing Addressing Requirements Creating a Subnetting Scheme Troubleshooting IP Addressing Transitioning to IPv6 Planning the Network Topology Analyzing Hardware Requirements Planning the Placement of Physical Resources Planning Network Traffic Management Monitoring Network Traffic and Network Devices Determining Bandwidth Requirements Optimizing Network Performance Chapter 22 Planning, Implementing, and Maintaining a Routing Strategy Introduction Understanding IP Routing Basics Evaluating Routing Options Windows Server 2003 As a Router Security Considerations for Routing Analyzing Requirements for Routing Component Simplifying Network Topology to Provide Fewer Attack Points Router-to-Router VPNs Packet Filtering and Firewalls Logging Level Troubleshooting IP Routing Identifying Troubleshooting Tools Common Routing Problems Chapter 23 Planning, Implementing, and Maintaining Internet Protocol Security Introduction Understanding IP Security (IPSec) How IPSec Works IPSec Modes IPSec Protocols IPSec Components IPSec and IPv6 Deploying IPSec Determining Organizational Needs Security Levels Managing IPSec Using the IP Security Policy Management MMC Snap-in Using the netsh Command-line Utility Default IPSec Policies Custom Policies Assigning and Applying Policies in Group Policy Active Directory Based IPSec Policies IPSec Monitoring Troubleshooting IPSec Addressing IPSec Security Considerations Strong Encryption Algorithm (3DES) Firewall Packet Filtering Diffie-Hellman Groups Pre-shared Keys Soft Associations Security and RSoP Chapter 24 Planning, Implementing, and Maintaining a Public Key Infrastructure Introduction Planning a Windows Server 2003 Certificate-Based PKI Understanding Public Key Infrastructure Understanding Digital Certificates Understanding Certification Authorities Implementing Certification Authorities Analyzing Certificate Needs within the Organization Determining Appropriate CA Type(s) Planning Enrollment and Distribution of Certificates Certificate Templates Certificate Requests Auto-Enrollment Deployment Role-Based Administration Implementing Smart Card Authentication in the PKI How Smart Card Authentication Works Deploying Smart Card Logon Using Smart Cards To Log On to Windows Using Smart Cards for Remote Access VPNs Using Smart Cards To Log On to a Terminal Server Chapter 25 Planning, Implementing, Maintaining Routing and Remote Access Introduction Planning the Remote Access Strategy Analyzing Organizational Needs Analyzing User Needs Selecting Remote Access Types To Allow Addressing Dial-In Access Design Considerations Allocating IP Addresses Determining Incoming Port Needs Selecting an Administrative Model Configuring the Windows 2003 Dial-up RRAS Server Configuring RRAS Packet Filters Addressing VPN Design Considerations Selecting VPN Protocols Installing Machine Certificates Configuring Firewall Filters PPP Multilink and Bandwidth Allocation Protocol (BAP) PPP Multilink Protocol BAP Protocols Addressing Wireless Remote Access Design Considerations The 802.11 Wireless Standards Using IAS for Wireless Connections Configuring Remote Access Policies for Wireless Connections Multiple Wireless Access Points Placing CA on VLAN for New Wireless Clients Configuring WAPs as RADIUS Clients Planning Remote Access Security Domain Functional Level Selecting Authentication Methods Selecting the Data Encryption Level Using Callback Security Managed Connections Mandating Operating System/File System Using Smart Cards for Remote Access Configuring Wireless Security Protocols RRAS NAT Services ICMP Router Discovery Creating Remote Access Policies Policies and Profiles Authorizing Remote Access Restricting Remote Access Controlling Remote Connections Troubleshooting Remote Access Client Connections Troubleshooting Remote Access Server Connections Configuring Internet Authentication Services Chapter 26 Managing Web Servers with IIS 6.0 Introduction Installing and Configuring IIS 6.0 Pre-Installation Checklist Installation Methods Installation Best Practices What’s New in IIS 6.0? New Security Features New Reliability Features Other New Features Managing IIS 6.0 Performing Common Management Tasks Managing IIS Security Troubleshooting IIS 6.0 Troubleshooting Content Errors Troubleshooting Connection Errors Troubleshooting Other Errors Using New IIS Command-Line Utilities iisweb.vbs iisvdir.vbs iisftp.vbs iisftpdr.vbs iisback.vbs iiscnfg.vbs Chapter 27 Managing and Troubleshooting Terminal Services Introduction Understanding Windows Terminal Services Terminal Services Components Using Terminal Services Components for Remote Administration Using Remote Assistance Installing and Configuring the Terminal Server Role Using Terminal Services Client Tools Installing and Using the Remote Desktop Connection (RDC) Utility Installing and Using the Remote Desktops MMC Snap-In Installing and Using the Remote Desktop Web Connection Utility Using Terminal Services Administrative Tools Using the Terminal Services Configuration Tool User Account Extensions Using Group Policies to Control Terminal Services Users Using the Terminal Services Command-Line Tools Troubleshooting Terminal Services Not Automatically Logged On “This Initial Program Cannot Be Started” Clipboard Problems License Problems Index