COVID-19 Update: We are currently shipping orders daily. However, due to transit disruptions in some geographies, deliveries may be delayed. To provide all customers with timely access to content, we are offering 50% off Science and Technology Print & eBook bundle options. Terms & conditions.
The Best Damn Windows Server 2003 Book Period - 1st Edition - ISBN: 9781931836128, 9780080476070

The Best Damn Windows Server 2003 Book Period

1st Edition

Authors: Debra Littlejohn Shinder Thomas W Shinder
Paperback ISBN: 9781931836128
eBook ISBN: 9780080476070
Imprint: Syngress
Published Date: 18th June 2004
Page Count: 1000
Sales tax will be calculated at check-out Price includes VAT/GST
Price includes VAT/GST

Institutional Subscription

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.


In keeping with past trends, full migration to this latest Microsoft Server Operating System will begin in earnest 12 months after its release, in mid-to-late 2004. This book will hit the market just as large enterprises begin the process of moving from Windows 2000 Server to Windows Server 2003. The title says everything you need to know about this book. No other book on the market combines this breadth and depth of coverage with the kind of product expertise and quality standard expected from Syngress. Every aspect of Planning, Installing, Configuring and Troubleshooting a Windows Server 2003 network is distilled and documented, with plenty of examples and illustrations. An unlike its competition, this is a book that was written from the ground up for Windows Server 2003.

Key Features

  • Everything a System Administrator will ever need to know about running a Windows Server 2003 network.

  • This is the book that meets the needs of today's Windows Server 2003 professional.

  • Every aspect of Planning, Installing, Configuring and Troubleshooting a Windows Server 2003 network is distilled and documented, with plenty of examples and illustrations.


Systems engineers Technical support engineers Systems analysts Network analysts Technical consultants

Table of Contents


Chapter 1 Overview of Windows Server 2003


Windows XP/Server 2003

What’s New in Windows Server 2003?

New Features

The Windows Server 2003 Family

Why Four Different Editions?

Members of the Family

Licensing Issues

Product Activation

Installation and Upgrade Issues

Common Installation Issues

Common Upgrade Issues

Windows Server 2003 Planning Tools and Documentation

Overview of Network Infrastructure Planning

Planning Strategies

Using Planning Tools

Reviewing Legal and Regulatory Considerations

Calculating TCO

Developing a Windows Server 2003 Test Network Environment

Planning the Test Network

Documenting the Planning and Network Design Process

Creating the Planning and Design Document

Chapter 2 Using Server Management Tools


Recognizing Types of Management Tools

Administrative Tools Menu

Custom MMC Snap-Ins

Command-Line Utilities


Windows Resource Kit

The Run As command

Managing Your Server Remotely

Remote Assistance

Using Web Interface for Remote Administration

Remote Desktop for Administration

Administration Tools Pack (adminpak.msi)

Windows Management Instrumentation (WMI)

Using Computer Management to Manage a Remote Computer

Which Tool To Use?

Using Emergency Management Services

Managing Printers and Print Queues

Using the Graphical Interface

Using New Command-Line Tools

The Printer Spooler Service

The Internet Printing Protocol

Using the Graphical Interface

Using New Command-Line Utilities

Using Wizards to Configure and Manage Your Server

Using the Configure Your Server Wizard and Manage Your Server

Chapter 3 Planning Server Roles and Server Security


Understanding Server Roles

Domain Controllers (Authentication Servers)

File and Print Servers

DHCP, DNS, and WINS Servers

Web Servers

Database Servers

Mail Servers

Certificate Authorities

Application Servers and Terminal Servers

Planning a Server Security Strategy

Choosing the Operating System

Identifying Minimum Security Requirements for Your Organization

Identifying Configurations to Satisfy Security Requirements

Planning Baseline Security

Customizing Server Security

Securing Servers According to Server Roles

Chapter 4 Security Templates and Software Updates


Security Templates

Types of Security Templates

Network Security Settings

Analyzing Baseline Security

Applying Security Templates

Software Updates

Install and Configure Software Update Infrastructure

Install and Configure Automatic Client Update Settings

Supporting Legacy Clients

Testing Software Updates

Chapter 5 Managing Physical and Logical Disks


Working with Microsoft Disk Technologies

Using Disk Management Tools

Using the Disk Management MMC

Using the Command-Line Utilities

Managing Physical and Logical Disks

Managing Basic Disks

Managing Dynamic Disks

Optimizing Disk Performance

Defragmenting Volumes and Partitions

Configuring and Monitoring Disk Quotas

Implementing RAID Solutions

Understanding and Using Remote Storage

What is Remote Storage?

Storage Levels

Relationship of Remote Storage and Removable Storage

Setting Up Remote Storage

Troubleshooting Disks and Volumes

Troubleshooting Basic Disks

Troubleshooting Dynamic Volumes

Troubleshooting Fragmentation Problems

Troubleshooting Disk Quotas

Troubleshooting Remote Storage

Troubleshooting RAID

Chapter 6 Implementing Windows Cluster Services and Network Load Balancing


Making Server Clustering Part of Your High-Availability Plan

Terminology and Concepts

Cluster Models

Server Cluster Deployment Options

Server Cluster Administration

Recovering from Cluster Node Failure

Server Clustering Best Practices

Making Network Load Balancing Part of Your High-Availability Plan

Terminology and Concepts

Relationship of NLB to Clustering

Managing NLB Clusters

Monitoring NLB

NLB Best Practices

Chapter 7 Planning, Implementing, and Maintaining a High-Availability Strategy


Understanding Performance Bottlenecks

Identifying System Bottlenecks

Using the System Monitor Tool to Monitor Servers

Using Event Viewer to Monitor Servers

Using Service Logs to Monitor Servers

Planning a Backup and Recovery Strategy

Understanding Windows Backup

Using Backup Tools

Selecting Backup Media

Scheduling Backups

Restoring from Backup

Planning System Recovery with ASR

What Is ASR?

How ASR Works

Alternatives to ASR

Using the ASR Wizard

Performing an ASR Restore

Planning for Fault Tolerance

Network Fault-Tolerance Solutions

Internet Fault-Tolerance Solutions

Disk Fault-Tolerance Solutions

Server Fault-Tolerance Solutions

Chapter 8 Monitoring and Troubleshooting Network Activity


Using Network Monitor

Installing Network Monitor

Basic Configuration

Network Monitor Default Settings

Configuring Monitoring Filters

Configuring Display Filters

Interpreting a Trace

Monitoring and Troubleshooting Internet Connectivity

NAT Logging

Name Resolution

IP Addressing

Monitoring IPSec Connections

IPSec Monitor Console

Network Monitor




Event Viewer

Chapter 9 Active Directory Infrastructure Overview


Introducing Directory Services

Terminology and Concepts

Understanding How Active Directory Works

Directory Structure Overview



Domain Trees


Organizational Units

Active Directory Components

Logical vs. Physical Components

Using Active Directory Administrative Tools

Graphical Administrative Tools/MMCs

Command-Line Tools

Implementing Active Directory Security and Access Control

Access Control in Active Directory

Active Directory Authentication

Standards and Protocols

What’s New in Windows Server 2003 Active Directory?

New Features Available Only with Windows Server 2003 Domain/Forest Functionality

Chapter 10 Working with User, Group, and Computer Accounts


Understanding Active Directory Security Principal Accounts

Security Principals and Security Identifiers

Naming Conventions and Limitations

Working with Active Directory User Accounts

Built-In Domain User Accounts


Creating User Accounts

Managing User Accounts

Working with Active Directory Group Accounts

Group Types

Group Scopes in Active Directory

Built-In Group Accounts

Creating Group Accounts

Managing Group Accounts

Working with Active Directory Computer Accounts

Creating Computer Accounts

Managing Computer Accounts

Managing Multiple Accounts

Implementing User Principal Name Suffixes

Moving Account Objects in Active Directory

Troubleshooting Problems with Accounts

Chapter 11 Creating User and Group Strategies


Creating a Password Policy for Domain Users

Creating an Extensive Defense Model

Defining a Password Policy

Creating User Authentication Strategies

Need for Authentication

Single Sign-On

Authentication Types


Secure Sockets Layer/Transport Layer Security

NT LAN Manager

Digest Authentication

Passport Authentication

Educating Users

Smart Card Authentication

Planning a Security Group Strategy

Security Group Best Practices

Chapter 12 Working with Forests and Domains


Understanding Forest and Domain Functionality

The Role of the Forest

Domain Trees

Forest and Domain Functional Levels

Raising the Functional Level of a Domain and Forest

Creating the Forest and Domain Structure

Deciding When to Create a New DC

Installing Domain Controllers

Establishing Trust Relationships

Restructuring the Forest and Renaming Domains

Implementing DNS in the Active Directory Network Environment

DNS and Active Directory Namespaces

DNS Zones and Active Directory Integration

Configuring DNS Servers for Use with Active Directory

Securing Your DNS Deployment

Chapter 13 Working with Trusts and Organizational Units


Working with Active Directory Trusts

Types of Trust Relationships

Creating,Verifying, and Removing Trusts

Securing Trusts Using SID Filtering

Understanding the Role of Container Objects

Creating and Managing Organizational Units

Planning an OU Structure and Strategy for Your Organization

Delegation Requirements

Security Group Hierarchy

Chapter 14 Working with Active Directory Sites


Understanding the Role of Sites



Distribution of Services Information

Relationship of Sites to Other Active Directory Components

Relationship of Sites and Domains

The Relationship of Sites and Subnets

Creating Sites and Site Links

Site Planning

Site Replication

Planning, Creating, and Managing the Replication Topology

Configuring Replication between Sites

Troubleshooting Replication Failure

Chapter 15 Working with Domain Controllers


Planning and Deploying Domain Controllers

Understanding Server Roles

Function of Domain Controllers

Determining the Number of Domain Controllers

Using the Active Directory Installation Wizard

Creating Additional Domain Controllers

Upgrading Domain Controllers to Windows Server 2003

Placing Domain Controllers within Sites

Backing Up Domain Controllers

Restoring Domain Controllers

Managing Operations Masters

Chapter 16 Working with Global Catalog Servers and Schema


Working with the Global Catalog and GC Servers

Functions of the GC

Customizing the GC Using the Schema MMC Snap-In

Creating and Managing GC Servers

Understanding GC Replication

Placing GC Servers within Sites

Troubleshooting GC Issues

Working with the Active Directory Schema

Understanding Schema Components

Working with the Schema MMC Snap-In

Modifying and Extending the Schema

Deactivating Schema Classes and Attributes

Troubleshooting Schema Issues

Chapter 17 Working with Group Policy in an Active Directory Environment


Understanding Group Policy

Terminology and Concepts

Group Policy Integration in Active Directory

Group Policy Propagation and Replication

Planning a Group Policy Strategy

Using RSoP Planning Mode

Strategy for Configuring the User Environment

Strategy for Configuring the Computer Environment

Implementing Group Policy

The Group Policy Object Editor MMC

Creating, Configuring, and Managing GPOs

Configuring Application of Group Policy

Delegating Administrative Control

Verifying Group Policy

Performing Group Policy Administrative Tasks

Automatically Enrolling User and Computer Certificates

Redirecting Folders

Configuring User and Computer Security Settings

Using Software Restriction Policies

Applying Group Policy Best Practices

Troubleshooting Group Policy

Using RSoP

Using gpresult.exe

Chapter 18 Deploying Software via Group Policy


Understanding Group Policy Software Installation Terminology and Concepts

Group Policy Software Installation Concepts

Group Policy Software Installation Components

Using Group Policy Software Installation to Deploy Applications

Preparing for Group Policy Software Installation

Using .zap Setup Files

Working with the GPO Editor

Opening or Creating a GPO for Software Deployment

Assigning and Publishing Applications

Configuring Software Installation Properties

Upgrading Applications

Removing Managed Applications

Managing Application Properties

Categorizing Applications

Adding and Removing Modifications for Application Packages

Troubleshooting Software Deployment

Verbose Logging

Software Installation Diagnostics Tool

Chapter 19 Ensuring Active Directory Availability


Understanding Active Directory Availability Issues

The Active Directory Database

Data Modification to the Active Directory Database

The Tombstone and Garbage Collection Processes

System State Data

Fault Tolerance and Performance

Performing Active Directory Maintenance Tasks

Defragmenting the Database

Moving the Database or Log Files

Monitoring the Database

Backing Up and Restoring Active Directory

Backing Up Active Directory

Restoring Active Directory

Troubleshooting Active Directory Availability

Setting Logging Levels for Additional Detail

Using Ntdsutil Command Options

Changing the Directory Services Restore Mode Password

Chapter 20 Planning, Implementing, and Maintaining a Name Resolution Strategy


Planning for Host Name Resolution

Designing a DNS Namespace

Planning DNS Server Deployment

Planning for Zone Replication

Planning for Forwarding

DNS/DHCP Interaction

Windows Server 2003 DNS Interoperability

DNS Security Issues

Monitoring DNS Servers

Planning for NetBIOS Name Resolution

Understanding NETBIOS Naming

Planning WINS Server Deployment

Planning for WINS Replication

WINS Issues

Troubleshooting Name Resolution Issues

Troubleshooting Host Name Resolution

Troubleshooting NetBIOS Name Resolution

Chapter 21 Planning, Implementing, and Maintaining the TCP/IP Infrastructure


Understanding Windows 2003 Server Network Protocols

What’s New in TCP/IP for Windows Server 2003

Planning an IP Addressing Strategy

Analyzing Addressing Requirements

Creating a Subnetting Scheme

Troubleshooting IP Addressing

Transitioning to IPv6

Planning the Network Topology

Analyzing Hardware Requirements

Planning the Placement of Physical Resources

Planning Network Traffic Management

Monitoring Network Traffic and Network Devices

Determining Bandwidth Requirements

Optimizing Network Performance

Chapter 22 Planning, Implementing, and Maintaining a Routing Strategy


Understanding IP Routing Basics

Evaluating Routing Options

Windows Server 2003 As a Router

Security Considerations for Routing

Analyzing Requirements for Routing Component

Simplifying Network Topology to Provide Fewer Attack Points

Router-to-Router VPNs

Packet Filtering and Firewalls

Logging Level

Troubleshooting IP Routing

Identifying Troubleshooting Tools

Common Routing Problems

Chapter 23 Planning, Implementing, and Maintaining Internet Protocol Security


Understanding IP Security (IPSec)

How IPSec Works

IPSec Modes

IPSec Protocols

IPSec Components

IPSec and IPv6

Deploying IPSec

Determining Organizational Needs

Security Levels

Managing IPSec

Using the IP Security Policy Management MMC Snap-in

Using the netsh Command-line Utility

Default IPSec Policies

Custom Policies

Assigning and Applying Policies in Group Policy

Active Directory Based IPSec Policies

IPSec Monitoring

Troubleshooting IPSec

Addressing IPSec Security Considerations

Strong Encryption Algorithm (3DES)

Firewall Packet Filtering

Diffie-Hellman Groups

Pre-shared Keys

Soft Associations

Security and RSoP

Chapter 24 Planning, Implementing, and Maintaining a Public Key Infrastructure


Planning a Windows Server 2003 Certificate-Based PKI

Understanding Public Key Infrastructure

Understanding Digital Certificates

Understanding Certification Authorities

Implementing Certification Authorities

Analyzing Certificate Needs within the Organization

Determining Appropriate CA Type(s)

Planning Enrollment and Distribution of Certificates

Certificate Templates

Certificate Requests

Auto-Enrollment Deployment

Role-Based Administration

Implementing Smart Card Authentication in the PKI

How Smart Card Authentication Works

Deploying Smart Card Logon

Using Smart Cards To Log On to Windows

Using Smart Cards for Remote Access VPNs

Using Smart Cards To Log On to a Terminal Server

Chapter 25 Planning, Implementing, Maintaining Routing and Remote Access


Planning the Remote Access Strategy

Analyzing Organizational Needs

Analyzing User Needs

Selecting Remote Access Types To Allow

Addressing Dial-In Access Design Considerations

Allocating IP Addresses

Determining Incoming Port Needs

Selecting an Administrative Model

Configuring the Windows 2003 Dial-up RRAS Server

Configuring RRAS Packet Filters

Addressing VPN Design Considerations

Selecting VPN Protocols

Installing Machine Certificates

Configuring Firewall Filters

PPP Multilink and Bandwidth Allocation Protocol (BAP)

PPP Multilink Protocol

BAP Protocols

Addressing Wireless Remote Access Design Considerations

The 802.11 Wireless Standards

Using IAS for Wireless Connections

Configuring Remote Access Policies for Wireless Connections

Multiple Wireless Access Points

Placing CA on VLAN for New Wireless Clients

Configuring WAPs as RADIUS Clients

Planning Remote Access Security

Domain Functional Level

Selecting Authentication Methods

Selecting the Data Encryption Level

Using Callback Security

Managed Connections

Mandating Operating System/File System

Using Smart Cards for Remote Access

Configuring Wireless Security Protocols

RRAS NAT Services

ICMP Router Discovery

Creating Remote Access Policies

Policies and Profiles

Authorizing Remote Access

Restricting Remote Access

Controlling Remote Connections

Troubleshooting Remote Access Client Connections

Troubleshooting Remote Access Server Connections

Configuring Internet Authentication Services

Chapter 26 Managing Web Servers with IIS 6.0


Installing and Configuring IIS 6.0

Pre-Installation Checklist

Installation Methods

Installation Best Practices

What’s New in IIS 6.0?

New Security Features

New Reliability Features

Other New Features

Managing IIS 6.0

Performing Common Management Tasks

Managing IIS Security

Troubleshooting IIS 6.0

Troubleshooting Content Errors

Troubleshooting Connection Errors

Troubleshooting Other Errors

Using New IIS Command-Line Utilities







Chapter 27 Managing and Troubleshooting Terminal Services


Understanding Windows Terminal Services

Terminal Services Components

Using Terminal Services Components for Remote Administration

Using Remote Assistance

Installing and Configuring the Terminal Server Role

Using Terminal Services Client Tools

Installing and Using the Remote Desktop Connection (RDC) Utility

Installing and Using the Remote Desktops MMC Snap-In

Installing and Using the Remote Desktop Web Connection Utility

Using Terminal Services Administrative Tools

Using the Terminal Services Configuration Tool

User Account Extensions

Using Group Policies to Control Terminal Services Users

Using the Terminal Services Command-Line Tools

Troubleshooting Terminal Services

Not Automatically Logged On

“This Initial Program Cannot Be Started”

Clipboard Problems

License Problems



No. of pages:
© Syngress 2004
18th June 2004
Paperback ISBN:
eBook ISBN:

About the Authors

Debra Littlejohn Shinder

Debra Littlejohn Shinder is a technology consultant, trainer and writer who has authored a number of books on computer operating systems, networking, and client and server security over the last fourteen years. These include Scene of the Cybercrime: Computer Forensics Handbook, published by Syngress, and Computer Networking Essentials, published by Cisco Press. She is co-author, with her husband, Dr. Thomas Shinder, of the best-selling Configuring ISA Server 2000, Configuring ISA Server 2004, and ISA Server and Beyond.

Deb has been a tech editor, developmental editor and contributor on over 20 additional books on networking and security subjects, as well as study guides for Microsoft's MCSE exams, CompTIA's Security+ exam and TruSecure’s ICSA certification. She formerly edited the Element K Inside Windows Server Security journal. She authored a weekly column for TechRepublic’s Windows blog, called Microsoft Insights and a monthly column on Cybercrime, and is a regular contributor to their Security blog, Smart Phones blog and other TR blogs. She is the lead author on and, and her articles have appeared in print magazines such as Windows IT Pro (formerly Windows & .NET) Magazine. She has authored training material, corporate whitepapers, marketing material, webinars and product documentation for Microsoft Corporation, Intel, Hewlett-Packard, DigitalThink, GFI Software, Sunbelt Software, CNET and other technology companies.

Deb specializes in security issues, cybercrime/computer forensics and Microsoft server products; she has been awarded Microsoft’s Most Valuable Professional (MVP) status in Enterprise Security for eight years in a row. A former police officer and police academy instructor, she has taught many courses at Eastfield College in Mesquite, TX and sits on the board of the Criminal Justice Training Center there. She is a fourth generation Texan and lives and works in the Dallas-Fort Worth area.

Affiliations and Expertise

MCSE, Technology consultant, trainer, and writer

Thomas W Shinder

Dr. Tom Shinder is a 17 year veteran of the IT industry. Prior to entering IT, Dr. Tom graduated from the University of Illinois College of Medicine with a Doctor of Medicine and was a practicing neurologist with special interests in epilepsy and multiple sclerosis. Dr. Tom began his career in IT as a consultant, and has worked with many large companies, including Fina Oil, Microsoft, IBM, HP, Dell and many others. He started his writing career toward the end of the 1990s and has published over 30 books on Windows, Windows Networking, Windows Security and ISA Server/TMG, UAG and Microsoft DirectAccess. For over a decade, ISA Server and TMG were Tom’s passions, and he ran the popular web site, in addition to writing 8 books on ISA/TMG. Tom joined Microsoft in December of 2009 as a member of the UAG DirectAccess team and started the popular “Edge Man” blog that covered UAG DirectAccess. He is currently a Principal Knowledge Engineer in the Server and Cloud Division Information Experience Group Solution’s Team and his primary focus now is private cloud – with special interests in private cloud infrastructure and security.

Affiliations and Expertise

Member of Microsoft’s ISA Server Beta Team and Microsoft MVP for ISA Server, Dallas, TX, U.S.A.

Ratings and Reviews