Mission Critical Windows 2000 Server Administration

Mission Critical Windows 2000 Server Administration

1st Edition - September 27, 2000

Write a review

  • Author: Syngress
  • eBook ISBN: 9780080479484

Purchase options

Purchase options
DRM-free (PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


Announcing the "Mission Critical" series from Syngress Media - providing crucial coverage of the topics necessary for IT professionals to perform and succeed on the job. Mission Critical Windows 2000 Server Administration cuts to the chase and provides system administrators with the most important features of the operating system. There's no "hand-holding", no basic definitions of functions, no step-by-step guidelines - just high-level coverage of the critical components of Windows 2000 that system administrators must know.

Key Features

  • Hot topic - since the launch of Windows 2000 in February - there is an increased demand for a high-level book
  • Comes with free membership to Solutions@Syngress.com, which provides readers with regular updates, articles, white papers, and bug alerts
  • Offers high-level coverage of the following topics: Active Directory, remote installation and deployment, security, network services, Microsoft Management Console and administration

Table of Contents

  • Chapter 1: Introduction to Windows 2000 Server


    What's New in Windows 2000 Server?

    Why Should I Use the Active Directory?

    Change and Configuration Management

    Windows 2000 Security

    Windows 2000 Network Services

    Managing and Supporting Windows 2000 Server

    What's Not New in Windows 2000 Server?

    Core Architecture

    Application Support

    User Interface

    Client Support

    Windows 2000 Challenges



    Chapter 2: Active Directory—The Heart of Windows 2000 Server


    Mission-Critical Active Directory Concepts

    Where Active Directory Fits in the Overall Windows 2000 Architecture

    Active Directory Concepts

    Developing a Naming Strategy

    Active Directory's Integration with DNS

    Naming Conventions

    Virtual Containers

    Designing Active Directory Domains

    Forest Plan

    Domain Plan Including DNS Strategy

    Organizational Unit Strategy

    Organizational Unit Structure

    Site Topology



    Chapter 3: Migrating to Windows 2000 Server


    Server Migration Strategies

    Primary Domain Controllers (PDCs)

    Backup Domain Controllers (BDCs)

    Member Servers

    Upgrading with the Windows 2000 Setup Wizard

    Installing Active Directory Services

    Interim Mixed Domains

    Mixed Mode

    Native Mode

    Migrating Components

    Using Organizational Units (OUs) to Create a Hierarchical Structure

    User Accounts

    Machine Accounts

    Nested Groups

    Global Groups

    Delegating Administrative Authority

    Insert into the Replication Topology

    Migrating from Novell Directory Services

    Upgrade Clients to Windows 2000 Professional



    Chapter 4: Implementing Domains, Trees and Forests


    Implementing a Domain

    Installing the First Domain in Active Directory

    Integrating DNS into the Active Directory

    Creating Organizational Units

    Managing Objects in Active Directory

    Role-Based Administration

    Object-Based Access Control

    Building Trees and Forests

    Forest Characteristics

    Planning a Forest Structure

    The Domain Tree Structure

    Adding a Child Domain

    Sizing the Active Directory Store

    Managing the Forest



    Chapter 5: Planning and Implementing Active Directory Sites


    The Function of Sites in Active Directory


    Replicated Active Directory Components

    Domain Partitions

    Global Catalog

    Schema and Configuration Containers

    Configuring Site Replication Components

    Creating Site Objects

    Creating Connection Objects

    Creating Site Links

    Creating Site Link Bridges

    Replication Protocols

    Replication in Active Directory

    Replication Topology

    Planning a Site Structure

    Placing Domain Controllers

    Where to Place Global Catalog Servers

    Implementing a Site Structure in Active Directory

    Replication Utilities

    Replication Monitor (REPLMON)

    Replication Administrator (REPADMIN)


    Understanding Time Synchronization in Active Directory



    Chapter 6: Advanced Active Directory


    Interfacing with Active Directory



    Windows Sockets


    Exchange Server Active Directory Connector

    Synchronizing with the Novell Directory Service

    Microsoft's Metadirectory

    VIA Architecture

    Implementing a Disaster Recovery Plan

    Modeling Sites with Disaster Recovery in Mind

    The Active Directory Database File Structure


    Creating an Emergency Repair Disk

    Recovering a Failed Domain Controller

    Authoritative Restore of Deleted Objects

    Startup Options

    The Recovery Console

    For Experts

    PDC Emulation and Native Mode

    How Active Directory Prevents Unnecessary Replication

    How an LDAP Query Accesses Active Directory

    Renaming Domains

    Add a Server to Two Different Sites Simultaneously

    Removing Phantom Objects

    Phantom Domains

    Transferring FSMO Roles

    Troubleshooting Tips

    Avoiding Errors When Migrating a Domain

    Remote Procedure Call (RPC) Errors



    Chapter 7: Configuring IntelliMirror


    What Is IntelliMirror?

    Configuring Group Policies

    How Group Policies Are Applied

    Group Policy Information Storage

    Group Policy Settings

    Designing a Group Policy Strategy

    Implementing Group Policy Strategies

    Delegating Control of Group Policy

    Troubleshooting Group Policies

    Policy Does Not Execute

    Policy Executes in the Wrong Way

    Logging On Takes a Long Time



    Group Strategy

    Viewing Security Features in Active Directory Users and Computers

    Domain Security Console

    Security Templates

    Object Protection

    Access Control Lists (ACLs)

    Access Control Entries (ACEs)

    Security Descriptor

    Security Identifier (SID)



    Chapter 8: Managing Settings, Software, and User Data with IntelliMirror


    Deploying Software with Group Policies

    Assigning Software

    Publishing Software

    Enhancements within Add/Remove Programs

    Packaging an Application

    Creating Distribution Points

    Targeting Software and Using the Software

    Managing Software with Group Policies

    Upgrading Software

    Removing Software

    Redeploying Software

    Software Installation Options

    Group Policy Settings

    Application Deployment Walkthrough

    Deployment Methods

    Managing User and Computer Settings

    Using Administrative Templates

    Assigning Registry-Based Policies

    Creating Custom Administrative Templates

    Adding Administrative Templates

    Using Scripts

    Assigning Script Policies to Users and Computers

    Folder Redirection



    Chapter 9: Managing Users and Groups


    Setting Up User Accounts

    Defining an Acceptable Use Policy

    Requirements for New User Accounts

    Default User Account Settings

    Logon Mechanics

    Creating User Accounts

    Setting Account Policies

    Modifying Properties for User Accounts

    Managing User Accounts

    Deleting User Accounts

    Resetting Passwords

    Disabling an Account

    Enabling an Account

    Other Active Directory Users and Computers Functions

    Using Groups to Organize User Accounts

    Group Types

    Group Scope

    Implementing Groups

    Creating a Group

    Assigning Users to a Group

    Configuring Group Settings

    Managing Groups

    Implementing Local Groups

    Preparing to Create Local Groups

    Creating a Local Group

    Implementing Built-in Groups

    Built-In Group Behavior

    Groups—Best Practices

    Administering User Accounts

    User Profiles Overview

    Contents of a User Profile

    Settings Saved in a User Profile

    Local User Profiles

    Roaming User Profiles

    Creating Home Directories

    Home Directories and My Documents

    Creating Home Directories

    Advanced Techniques

    Creating Multiple User Accounts

    Importing Users from Novell Directory Services (NDS)



    Chapter 10: Managing File and Print Resources


    Windows 2000 Data Storage

    Understanding Disk Types

    Understanding Windows 2000 File Systems

    Configuration Options for Windows 2000 Storage

    Administering NTFS Resources

    How NTFS Permissions Are Applied

    NTFS Folder Permissions

    NTFS File Permissions

    Managing NTFS Permissions

    Special Access Permissions

    Changing NTFS Permissions

    Copying and Moving Files and Folders

    Administering Shared Resources

    Securing Network Resources

    Creating Shared Folders

    Administering Printers

    Planning the Print Environment

    Creating the Print Environment

    Managing Printer Permissions

    Managing Printers

    Managing Documents in a Print Queue

    Administering Printers by Using a Web Browser



    Chapter 11: Inside Windows 2000 TCP/IP


    A TCP/IP Primer

    IP Address Classes and Subnets

    Subnets and Routing

    The OSI Model

    Seven Layers of the Networking World

    The TCP/IP Protocol Suite

    TCP/IP Core Protocols

    TCP/IP Applications

    Windows TCP/IP

    Windows 2000 TCP/IP Stack Enhancements

    NetBT and WINS




    Using TCP/IP Utilities













    Using Windows 2000 Monitoring Tools

    Basic Monitoring Guidelines

    Performance Logs and Alerts

    Network Monitor



    Chapter 12: Managing Windows 2000 DHCP Server


    DHCP Overview

    The Process of Obtaining a Lease

    DHCP Negative Acknowledgment (DHCPNACK)

    Integration of DHCP with DNS

    What Are Leases?

    Leasing Strategy

    Operating without a DHCP Server

    Automatic Client Configuration

    Manual IP Addresses

    Design of a DHCP Configuration

    Placement of Servers

    Using DHCP Routers or DHCP Relay Agents

    RRAS Integration

    Configuring a DHCP Server

    DHCP Scopes

    Configuring Leases

    DHCP Options

    BOOTP/DCHP Relay Agent

    Vendor-Specific Options

    User Class Options

    BOOTP Tables


    Managing DHCP Servers

    Enhanced Monitoring and Statistical Reporting for Authorizing DHCP Servers

    Deploying DHCP

    Best Practices

    Optimizing Lease Management Practices

    Determining the Number of DHCP Servers to Use

    Fault-Tolerant Planning

    Router Support Required

    DHCP Walkthroughs

    Installing a DHCP Server

    Creating Leases

    Troubleshooting DHCP

    The DHCP Database

    Multiple Clients Fail to Obtain IP Addresses

    Duplicate Addresses



    Chapter 13: Managing Windows 2000 DNS Server


    Understanding DNS

    Domain Namespace

    Host and Domain Names


    Understanding Name Resolution

    Recursive Queries

    Iterative Queries

    Looking Up an Address from a Name

    Looking Up a Name from an Address

    Active Directory and DNS Integration

    Using Active Directory to Replicate and Integration with DHCP

    Registration of Server in DNS Using the SRV Record

    Installing DNS Server Service

    DNS Server Roles and Security Topology

    Configuring DNS Services

    Creating Forward Lookup Zones

    Creating Reverse Lookup Zone

    Record Type

    Manually Adding Records

    Configuring the DNS Client


    Using DHCP

    DNS Walkthroughs

    Installation of a DNS Server

    Creating a Forward Lookup Zone

    Testing the DNS Server



    Chapter 14: Managing Windows 2000 WINS Server


    WINS Functional Description

    NetBIOS Name Resolution

    What Does WINS Do?

    Broadcasting vs. WINS

    LMHosts vs. WINS

    NetBIOS Name Registration Request

    NetBIOS Name Release

    NetBIOS Name Query Request

    WINS Configuration

    Configuring Static Entries

    Connecting WINS Servers through Replication

    Designing a Network of Multiple WINS Servers

    Backing Up WINS Databases

    New Features in Windows 2000 WINS

    Persistent Connections

    Manual Tombstoning

    Improved Management Tools

    Higher Performance

    Enhanced Filtering and Record Searching

    Dynamic Record Deletion and Multiselect

    Increased Fault Tolerance

    Dynamic Reregistration

    WINS Walkthrough

    Installing and Configuring a WINS Server



    Chapter 15: Windows 2000 Security Services


    Windows 2000 Security Infrastructure

    Authentication Protocols

    Encryption Technologies

    Security Configuration Tool Set

    Secure Authentication Using Kerberos

    Basic Concepts

    Kerberos and Windows 2000

    Using the Security Configuration Tool Set

    Security Configuration Tool Set Overview

    Configuring Security

    System Services Security

    Analyzing Security

    Group Policy Integration

    Using the Tools

    Encrypted File System

    How EFS Works

    User Operations

    File Encryption

    Decrypting a File

    Cipher Utility

    Directory Encryption

    Recovery Operations



    Chapter 16: Securing TCP/IP Connections


    Secure Sockets Layer

    Overview of SSL

    Symmetric and Asymmetric Encryption

    Digital Certificates

    Certificate Authorities

    SSL Implementation

    Secure Communications over Virtual Private Networks

    Tunneling Basics

    How Tunneling Works

    Security Issues Pertaining to VPNs

    Common VPN Implementations

    Tunneling Protocols and the Basic Tunneling Requirements

    Windows 2000 Tunneling Protocols

    Using PPTP with Windows 2000

    Using L2TP with Windows 2000

    Interoperability with Non-Microsoft VPN Clients

    IPSec for Windows 2000

    Overview of IPSec Cryptographic Services

    IPSec Security Services

    Security Associations and IPSec Key Management Procedure

    Deploying IPSec

    Building Security Policies with Customized IPSec Consoles

    Flexible Security Policies

    Flexible Negotiation Policies


    Creating a Security Policy



    Chapter 17: Connecting Windows 2000 Server


    Connecting to the Internet with Windows 2000 Server

    Internet Connection Sharing (ICS)

    ICS and TCP/IP

    Private Network Addresses vs. Public Addresses

    Using Internet Connection Sharing

    Network Address Translation (NAT)

    How NAT Differs from ICS

    What Is NAT?

    A NAT Example

    Accessing Other Computers' Printers and Comparison of ICS, NAT, and Windows Routing


    Comparison of Features

    Establishing VPNs over the Internet

    PPTP and L2TP

    VPN Solutions

    Creating a VPN Router

    Connecting a VPN Client

    Tunneling Non-TCP/IP Protocols

    Dial-up Access

    Configuring RAS

    Security Concerns

    Outsourcing Dial-Up Access





Product details

  • No. of pages: 560
  • Language: English
  • Copyright: © Syngress 2000
  • Published: September 27, 2000
  • Imprint: Syngress
  • eBook ISBN: 9780080479484

About the Author


Ratings and Reviews

Write a review

There are currently no reviews for "Mission Critical Windows 2000 Server Administration"